Wiley.Developing.Software.for.Symbian.OS.2nd.Edition.Dec.2007 (779887), страница 47
Текст из файла (страница 47)
When a SymbianSigned application is installed, the installer sees that the application’sdigital signature chains to the Symbian Signed root stored on the device,and therefore recognizes the application as being Symbian Signed andgrants it all the capabilities specified in its MMP file(s).Figure 7.3 A Rejected Installation: Capabilities Are Not Authorized By A Valid Signature.APPLICATION SIGNING IN SYMBIAN237If the application’s root certificate does not match the Symbian Signedroot, and your application has extended or manufacturing capabilitiesspecified in its MMP file(s), the installer will abort the install and displaya message similar to the one in Figure 7.3.The message in Figure 7.3 can vary between phone manufacturers.Installation errors related to signingI have pointed out a few examples of installation errors that can occurrelated to application signing. Other situations that can cause errors wheninstalling are:–If you are installing an unsigned application and the phone requires itto be signed (e.g., ‘Certificate error.
Contact the Application Supplier’is displayed on a Nokia S60 device).–If the certificate you signed the application with has expired.–If the application is signed with a developer certificate, but you havenot specified the device for the certificate (this will be discussedmore when we describe developer certificates). On S60 phones, themessage will read ‘Unable to Install. Constrained by Certificate’.–If the application’s UID is in the protected range, yet the applicationis self-signed. On S60 phones, you will see the message ‘Unable toinstall a protected application from an untrusted supplier’.–If the application installation tried to copy files to another application’sprivate area (i.e., \private\<SID> where <SID> is the application’sSID – see section 7.4.8 for more details). On S60, the message willsimply read ‘Unable to install’.–If the UID of the application you are trying to install is used by anotherapplication already installed on the phone. On S60, the message willbe ‘Update error’.These messages will vary between phone manufacturers.UIDs, SIDs, and application signingIn Chapter 5 we discussed how all executables are uniquely identified bya UID3 and showed how to reserve these unique identifiers from Symbian.UIDs are divided into a protected range and an unprotected range.
Theprotected range is from 0x00000000–0x7ffffff, the unprotectedrange is from 0x80000000–0xffffffff. Applications must have aUID in the protected range for them to be Symbian Signed, otherwisethey will not be approved. If your application is not Symbian Signed, thenit must use a UID in the unprotected range, otherwise the install fails.238PLATFORM SECURITY AND SYMBIAN SIGNEDAn SID also specifies a unique ID for an executable, but the SID is usedto form your application’s private directory name. Refer to section 7.4.8for details on how this is done. You can specify an SID by adding theSECUREID keyword to an MMP file. Symbian recommends that you useyour UID3 as your SID, which is the default if the MMP does not have aSECUREID line.7.6 Getting Your Application Symbian SignedIf your application uses extended or manufacturer capabilities, you mustgo through the Symbian Signed process, and get your application SymbianSigned before it can be installed and run by users.
Or, if you don’t usethose capabilities, but you prefer that the user never has to be askedfor authorization to perform operations, then the application should beSymbian Signed.It is also worth noting that, depending on how you intend to distributeor sell your application, some channels may require an application tobe Symbian Signed before they even consider it for distribution via theirsales channels. Application robustness, quality, and identification of theorigin of the application are the primary drivers of this demand.An application that is Symbian Signed is also allowed to display the‘For Symbian OS’ logo, as shown in Figure 7.4.Symbian provides the website http://www.symbiansigned.com toguide you through the Symbian Signed process and to submit yourapplication for approval and the actual signing. This site requires youto register.
Once you’ve done so, you have access to a wealth ofinformation including documentation and tools. The Symbian DeveloperNetwork also has a discussion forum for issues related to Symbian Signed,at http://developer.symbian.com/forum/forum.jspa?forumID=2.The basic idea of the Symbian Signed process is that if your applicationpasses a suite of tests to ensure that your application uses its capabilitiesresponsibly, and if it is a well-behaved application in general, then it willbe approved and signed.
Symbian documents these tests in the SymbianSigned test criteria document, which is available on the Symbian Signedwebsite.Figure 7.4 The Official Logo for an Application Approved by Symbian SignedGETTING YOUR APPLICATION SYMBIAN SIGNED2397.6.1 Test CriteriaIt is necessary to pass the Symbian Signed Test Criteria before yourapplication can be Symbian Signed through the ‘Tested Signed’ process.You’ll need to understand the criteria carefully since they also drivefunctionality and you may need to add code to your application if thesupport needed to pass the tests is not already there.There are a number of test tools available on the Symbian Signedwebsite for use to test that your application complies with the criteria.
Byensuring you pass these tests before you try and use the Symbian Signedprocess itself, you will minimize the risk of your application failing andhaving to be retested. However, Symbian also recognizes that there aresome extenuating situations that can prevent some tests from being fullymet, so it specifies a list of approved exceptions that can be taken for thetests and has a waiver process in place where the exceptions cannot beapplied.The application test criteria include all of the following:•Programs must avoid DLL name clashes and must have reasonablestartup time behavior, including progress indication; they must createfiles only in allowed locations and uninstall cleanly and completely,and reinstall successfully; it must be possible to see and terminate theapplication from the task list.•UIDs must be legal and proper and owned by the submitting individual, the SIS file well formed, including correct and consistentversioning, and access to platform/manufacturer granted capabilities(more on this below) must be properly approved, as must any testwaivers; any Publisher ID (where appropriate) must be valid.•Programs must meet their function specifications (i.e., do what theysay they do); must not interfere with system applications such asPhone, Clock, and Contacts.
They must not interfere with systemevents, including alarms and high-load events like camera or phonedevice initialization or VoIP calls, nor with message or call transmission, including sending and receiving SMS and MMS messages, andnotifying users of incoming calls.•Programs must survive stress tests including handling exceptionalevents like OOM (out of memory) or power down while running, aswell as rapid and repeated task switching.•Programs must behave well with respect to privacy and billable events;must successfully backup and restore data (where appropriate); mustdemonstrate scalable UI compliance.240PLATFORM SECURITY AND SYMBIAN SIGNED7.6.2 Symbian Signed Process OptionsThe outcome of the signing process is an application SIS file to whichSymbian’s ‘root’ digital signature has been appended in the form of acertificate, and which has in turn incorporated the digital signature ofthe developer, thus ‘binding’ the developer’s identity to the application.(Or, in the case of the freeware and Publisher Certifier routes to signing,binding the publisher’s identity to the application.)At install time, the application certificate is verified against the Symbianroot certificate.
This validation and display of the certificate forms anessential part of the security architecture.There are three principle signing routes to consider; any one of themwill get you up and running with the Symbian Signed process; all resultin software which has been signed with the Symbian root certificate; andbetween them, they should provide an acceptable route to market foreveryone.Freeware signingSymbian provides a zero-cost route to signing; it’s free, it’s open toanyone; its two requirements are that (1) your application is sound, inother words that it meets the test criteria, and (2) your application reallyis free to its users.There is nothing to stop you, now or later, creating alternative non-freeversions of your software; however, any version of your software signedin this way really must be free.If you want to give your software away, this route enables you to doso, and it will cost you nothing.
It is an excellent way for small developersworking in the ‘hobbyist’ tradition to bypass both the cost and most ofthe red-tape of the signing process, and get freeware out to their users.(That tradition is a long and noble one, by the way, as anyone who caresto trace the history of Symbian OS back to its origins in Psion days canattest.)How does it work? Zip up your application SIS file, PKG file andplain text user manual, and submit.
No Publisher ID is required; yourapplication will be tested, and if it passes, it will be signed with thehosting test house signature and Symbian root.At the time of writing (Q2 2007), the test/sign/release cycle for freewareis hosted through Cellmania. Details of how to find out more can be foundin the References section.Publisher certifier signingNot free, but a lower-cost option for commercial hobbyists and the oneperson ISV. The essential requirement is that your application meets thetest criteria.GETTING YOUR APPLICATION SYMBIAN SIGNED241How does it work? The publisher/aggregator provides the test andsigning service, typically for a fee, and provides the channel to market,typically for a commission on sales.
No Publisher ID is required; yourapplication will be signed with the publisher signature and Symbian root.7.6.3 Test House CertificationThe process to get your application signed via a test house is as follows:1. Get a Publisher ID from TC TrustCenter (if you do not already haveone).2. Sign your application with the Publisher ID.3. Submit your application through http://www.symbiansigned.com,selecting a third-party test house.4. Handle any problems found by the test house.5.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
