Wednesday, March 26, 2008
Tuesday, March 25, 2008
How to open SMS editor on self signed application?
If you like to open a SMS Editor with some pre-inserted text from youe Symbian.C++ Application then you can use
CSendUi::CreateAndSendMessageL().
Note: this api requitres DRM capabilty some how. [may be it can be used for sending DMD protected MMS]
But problem is you have can't Self Sign with this application.
The work around is you have to use
RSendAsMessage::LaunchEditorAndCloseL()
If you like to open a SMS Editor with some pre-inserted text from youe Symbian.C++ Application then you can use
CSendUi::CreateAndSendMessageL().
Note: this api requitres DRM capabilty some how. [may be it can be used for sending DMD protected MMS]
But problem is you have can't Self Sign with this application.
The work around is you have to use
RSendAsMessage::LaunchEditorAndCloseL()
Monday, March 24, 2008
Getting Country Code and Operator name.
class CNetwork : public CActive
{
public:
CNetwork(CTelephony* aTelephony);
void ConstructL();
~CNetwork();
public: // New functions
void StartL(TTimeIntervalMicroSeconds32 aDelay);
void Stop();
private: // From CActive
void RunL();
void DoCancel();
public:
CTelephony* iTelephony; // telephony object we own
CTelephony::TNetworkInfoV1 iV1;
CTelephony::TNetworkInfoV1Pckg iPkg;
TTimeIntervalMicroSeconds32 iDelay;//get network interval
TNetworkInfo iNetworkInfo;
};
CNetwork::CNetwork(CTelephony* aTelephony) : CActive(EPriorityStandard)
,iTelephony(aTelephony), iPkg(iV1)
{}
void CNetwork::ConstructL()
{
CActiveScheduler::Add(this);
}
CNetwork::~CNetwork()
{
Cancel(); // Cancel any request, if outstanding
}
void CNetwork::DoCancel()
{
iTelephony->CancelAsync(CTelephony::EGetCurrentNetworkInfoCancel);
}
void CNetwork::StartL(TTimeIntervalMicroSeconds32 aDelay)
{
Stop();
iStatus=KRequestPending;
iTelephony->GetCurrentNetworkInfo(iStatus, iPkg);
SetActive();
}
void CNetwork::Stop()
{
Cancel();
}
void CNetwork::RunL()
{
if(iStatus == KErrNone)
{
TNetworkInfo tempNetworkInfo;
TBuf<30>strTemp;
strTemp = iPkg().iCountryCode;
CAknInformationNote* note = new (ELeave) CAknInformationNote();
note->ExecuteLD(strTemp);
}
}
Thursday, March 20, 2008
Create a self-signed sisx using OpenSSL
If you want to create a self-signed certificate with validity periods other than 1 year, or with additional information about yourself, you can use a tool such as Open SSL to create it, rather than the standard MakeKeys utility that comes with the SDK.
1. Download OpenSSL for your OS. [In my case windows so i will use "Shining Light Productions" - > (Win32 OpenSSL v0.9.8g Light). here
2. Install on your platform. (I assume that you installed on c:\OpenSSL)
3. Open a Command line and change directory to c:\OpenSSL\. [cd c:\OpenSSL\]
4. Run command "bin\openssl genrsa 1024 >selfsigned.key"
5. Run command "bin\openssl req -new -x509 -nodes -sha1 -days 3650 -key selfsigned.key >selfsigned.cer"
6. Fill in the information when assked for it.
7. copy selfsigned.key and selfsigned.cer to your sis folder.
8. change your path to sis folder.
9. Run Command "signsis -s my_unsigned_sis.sis my_singed_sis.sisx selfsigned.cer selfsigned.key"
10. Now you can use my_singed_sis.sisx to install on any symbian v3 device.
If you want to create a self-signed certificate with validity periods other than 1 year, or with additional information about yourself, you can use a tool such as Open SSL to create it, rather than the standard MakeKeys utility that comes with the SDK.
1. Download OpenSSL for your OS. [In my case windows so i will use "Shining Light Productions" - > (Win32 OpenSSL v0.9.8g Light). here
2. Install on your platform. (I assume that you installed on c:\OpenSSL)
3. Open a Command line and change directory to c:\OpenSSL\. [cd c:\OpenSSL\]
4. Run command "bin\openssl genrsa 1024 >selfsigned.key"
5. Run command "bin\openssl req -new -x509 -nodes -sha1 -days 3650 -key selfsigned.key >selfsigned.cer"
6. Fill in the information when assked for it.
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:SG
State or Province Name (full name) [Some-State]:Singapore
Locality Name (eg, city) []:Singapore
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Company
Organizational Unit Name (eg, section) []:Mobile Div
Common Name (eg, YOUR name) []:Sunil Kumar
Email Address []:skumar.mobiledev@gmail.com
7. copy selfsigned.key and selfsigned.cer to your sis folder.
8. change your path to sis folder.
9. Run Command "signsis -s my_unsigned_sis.sis my_singed_sis.sisx selfsigned.cer selfsigned.key"
10. Now you can use my_singed_sis.sisx to install on any symbian v3 device.
Wednesday, March 19, 2008
Signing With Open Signed - A Tutorial...
A lot of people have been howling about the way Symbian Signed is going and criticising the change in system. As of now, nobody without a Publisher ID can create developer certificates and instead users are forced to use the new Online System. Open Signed has some positives and even more negatives although signing files capable of being signed (applications which are using unprotected UID range) is easier now and even need an account is not needed anymore. A lot of great freeware thus currently cannot be signed that way.
Bery from the SymbianWebBlog has wriiten a complete guide on how to sign files using that system. He is using “GenialSis 2.0? for the purpose. So if you are looking to sign any of these LandscapePro, RockNScroll, ShakeMe, Gnubox, FlipSilent, ShakeLock, LargeTime, Audio Cube, Autolock, Callfilter, Calsync, CuteKeys, EmTube, Themes Laucher and so on jump over for the complete how to.
Read More ...
Try getting "GenialSis 2.0" from authers Site. here.
A lot of people have been howling about the way Symbian Signed is going and criticising the change in system. As of now, nobody without a Publisher ID can create developer certificates and instead users are forced to use the new Online System. Open Signed has some positives and even more negatives although signing files capable of being signed (applications which are using unprotected UID range) is easier now and even need an account is not needed anymore. A lot of great freeware thus currently cannot be signed that way.
Bery from the SymbianWebBlog has wriiten a complete guide on how to sign files using that system. He is using “GenialSis 2.0? for the purpose. So if you are looking to sign any of these LandscapePro, RockNScroll, ShakeMe, Gnubox, FlipSilent, ShakeLock, LargeTime, Audio Cube, Autolock, Callfilter, Calsync, CuteKeys, EmTube, Themes Laucher and so on jump over for the complete how to.
Read More ...
Try getting "GenialSis 2.0" from authers Site. here.
Tuesday, March 18, 2008
Capabilities grouped by Signing procedure ...
1. Self-Signing (Basic capabilities)
* LocalServices
* UserEnvironment
* NetworkServices
* ReadUserData
* WriteUserData
2. Express Signing (Extended capabilities)
* Location
* SwEvent
* SurroundingsDD
* ProtServ
* PowerMgmt
* ReadDeviceData
* WriteDeviceData
* TrustedUI
3. Certified Signed (Extended capabilities)
* NetworkControl
* MultimediaDD
* CommDD
* DiskAdmin
4. OEM + Certified Signed (Manufacturer-approved capabilities)
* AllFiles
* DRM
* TCB
1. Self-Signing (Basic capabilities)
* LocalServices
* UserEnvironment
* NetworkServices
* ReadUserData
* WriteUserData
2. Express Signing (Extended capabilities)
* Location
* SwEvent
* SurroundingsDD
* ProtServ
* PowerMgmt
* ReadDeviceData
* WriteDeviceData
* TrustedUI
3. Certified Signed (Extended capabilities)
* NetworkControl
* MultimediaDD
* CommDD
* DiskAdmin
4. OEM + Certified Signed (Manufacturer-approved capabilities)
* AllFiles
* DRM
* TCB
How to sign applications for free?
Note: This is only applicable to Symbian v3 onwards.
If you are a freeware developer, you may want to be able to develop your own stuff for your device (or No IMEI restriction) for free. You don't want to buy a Publisher ID, nor would you pay for any external testing or signing.
Then here are the steps...
To make a S60 3rd Ed (Symbian OS v9) application you have to:
1. Write you application (use UID from the unprotected range, 0xe0000000 - 0xefffffff ) on Windows PC/ Linux / Mac.
2. Try to use Symbian APIs that require only user granted capabilites. [LocalServices, UserEnvironment, NetworkServices, ReadUserData, WriteUserData ]
3. Test it on Symbian EMULATOR that comes with SDK.
4. make a SIS (use makesis)
5. make your own certificate and key. (use keygen)
6. sign it (the SIS file). (use signsis)
7. transfer it to device usign PC Suit or Bluetooth.
Note: If you are using APIs that are Non-user granted capabilites, then you have to get a Publisher ID and havet opay for signing and/or testing.
Note: This is only applicable to Symbian v3 onwards.
If you are a freeware developer, you may want to be able to develop your own stuff for your device (or No IMEI restriction) for free. You don't want to buy a Publisher ID, nor would you pay for any external testing or signing.
Then here are the steps...
To make a S60 3rd Ed (Symbian OS v9) application you have to:
1. Write you application (use UID from the unprotected range, 0xe0000000 - 0xefffffff ) on Windows PC/ Linux / Mac.
2. Try to use Symbian APIs that require only user granted capabilites. [LocalServices, UserEnvironment, NetworkServices, ReadUserData, WriteUserData ]
3. Test it on Symbian EMULATOR that comes with SDK.
4. make a SIS (use makesis)
5. make your own certificate and key. (use keygen)
6. sign it (the SIS file). (use signsis)
7. transfer it to device usign PC Suit or Bluetooth.
Note: If you are using APIs that are Non-user granted capabilites, then you have to get a Publisher ID and havet opay for signing and/or testing.
Monday, March 17, 2008
Signed Online vs Developer Certificate Q&A
1.1 Why did you suddenly turn off the ability to download Developer Certificates without a Publisher ID?.
Current plans and approach were announced in consultation with the developer community in September 2007 and implementation has been phased in since that time.
Many non-developers have been accessing the site through unapproved tools; hence it may have appeared sudden to these users as these unapproved tools would have stopped working and any documentation provided may not have been updated.
1.2 My friends have certificates which are still valid for their phone, why can't I get one?
In September 2007, we announced that we would provide an alternate solution to Developer Certificates using Open Signed Online, which is now in beta (since February 2008). Test applications can now be signed more simply without the need to acquire a Developer Certificate.
1.3 My phone was broken and returned and my certificate does not work, why can't I get a new one?
Open Signed Online will work for developing applications on your new phone. Developer Certificates are not necessary.
1.4 I paid money for my phone and should be able to install whatever software I want, why are you stopping me?
There are 10,000+ applications available, where developers have followed the correct release and deployment process, such that they can be installed on your phone without requiring you (the end-user) to use Symbian Signed service.
This is approach is in line with agreed mobile industry recommendations.
Symbian Signed is provided for development and testing purposes only. The policy of what an end-user can install on their phone, without Symbian Signed, is determined by your device manufacturer, via the concept of “User-Grantable Capabilities” configured by the manufacturer on shipment.
A small number of developers are forcing end-users to go through a process intended for developers only.
1.5 Why can I not get a certificate to sign Freeware, there is no other way to install Freeware?
Contact your freeware developer and request him/her to re-release the application such that Developer Certificates are not required.
a) Approx 60% of APIs do not require any Capabilities and applications using only those APIs do not need to use Symbian Signed services.
b) The Capabilities; LocalServices, Location*, NetworkServices,ReadUserData ,UserEnvironment, WriteUserData: are user-grantable on the device. Applications using these Capabilities are not required to be Symbian Signed; an end-user can grant the permissions on their device. This allows people to do application development with a large amount of functionality for interesting apps. At least 25% of commercial apps are released without needing to use any Symbian Signed services.
c) The Capabilities; PowerMgmt, Location*, ProtServ, ReadDeviceData, SurroundingsDD, SwEvent, TrustedUI, WriteDeviceData: are grantable by Open Signed Online, as well as all the user grantable permissions described in (2) .There is a requirement (as requested by the developer community) that you must own the application’s UID, or you may use a test UID (i.e. in the range 0xE0000000 to 0xEFFFFFFF). This protects the integrity of UID allocation process and prevents developers signing applications with UIDs which have been reserved by other developers.
Note: Location* depends on device type
1.6 I donated money to Freeware providers for their software and now I cannot install it because my phone has changed, why are you stopping me doing this?
Contact your freeware developer (especially if they are accepting money) and request him/her to be responsible and release the application appropriately as most other developers have done; i.e. Express Sign the applications to assure end users that the application comes from a trusted source and meets the recommended minimum quality level as detailed in the Symbian Signed Test Criteria.
1.7 Why is Symbian trying to make me pay $200 to get developer certificates, they are just trying to make more money?
Symbian does not receive any money for a Publisher ID. Publisher IDs are available from TC Trustcenter and meet industry-agreed identity requirements for tracing the origin of an application.
Publisher IDs are required to release applications to end-users in the mass market; developers using Express Signed and Certified Signed only need to obtain a Publisher ID once.
1.8 I bought my phone specifically so that I can install applications like RotateMe, why can I no longer get a Developer Certificate?
A beta UIQ version of RotateMe is being successfully signed via Open Signed Online the correct appropriate manner.
1.9 Why does Open Signed Online not work with Freeware applications?
There are 1000s of applications (including freeware) being successfully signed using Open Signed Online. Please contact the developer and encourage them to release their application in the correct manner.
1.10 The Freeware route through Symbian does not work, how else can I distribute my Freeware application?
There are already 1000s of applications (including freeware) being successfully signed using Open Signed Online?
Once tested and as your freeware application becomes more popular, please consider going through Express Signed; it provides more trust to end users and Open Signed has a finite capacity which may have to be limited if it is over-used.
1.11 Why is there all this security on Symbian OS, why can’t my phone just be completely open like others’ mobile phones?
Symbian Signed’s approach to security is in line with mobile industry recommendations http://www.omtp.org/ProductProfile/ . All open mobile phones shipping in mass market volumes are required to have some degree of trust and quality to protect mass market consumers’ from damage caused by poor applications.
Symbian Signed aims to allow developers to sign an application once to deploy globally, without needing to be concerned by other stakeholders controlling the channel for deployment to a device.
It is important that on behalf of mass market consumers, developers meet the requirements of Symbian Signed Services to provide trust and quality to deploy applications to 100s-of-millions of devices.
1.12 I am not a developer I just own a phone, why do you keep saying you are thinking about developers?
Symbian Signed is provided as a tool for developers to develop and release trusted applications for Symbian OS. The expectation is that developers should provide trusted and high quality applications to end users by ensuring their applications meet the Symbian Signed Test Criteria (using Express Signed and Certified Signed).
Unfortunately a small number of developers are encouraging end-users to access Symbian Signed themselves rather than release applications in the correct manner.
Device Manufacturers implement “User-Grantable Capabilites” on your device which determine what can be installed on your device without being Symbian Signed. As such many applications (and most certainly end-users) do not need to be aware of Symbian Signed.
By installing an application that has been signed only with a Developer Certificate, you have no guarantee of origin and you put your device at increased risk of damage through a poorly performing application.
1.13 I just want to sign the “Hello World” application that I have developed using Carbide to run on my Nokia phone.
You should not need to use any Symbian Signed services to do this successfully. Check the documentation on Forum Nokia’s web site via the following link:
http://wiki.forum.nokia.com/index.php/Carbide.vs_Creating_and_deploying_projects_on_hardware
1.14 Why do you only allow developers with a Publisher ID to acquire a Developer Certificates?
This allows traceability to and accountability of the company responsible for signing (including Developer Certificates).
1.15 I would like to purchase a Publisher ID, but I was told that only professional developers are able to get them. Is that right, or can anyone purchase such a certificate ?
In compliance with industry recommendations (e.g. http://www.omtp.org/ProductProfile/) for Signing Schemes, a Class 3 Publisher ID is obtainable from TC Trustcenter.
An Authorised Entity MUST be validated by either of the following:
- Confirmation of articles of incorporation or
- Registration with 3rd party databases (e.g. Dun and Bradstreet, German Handelsregister)
- Or equivalent
Class 3 certificates establish a level of trust that meets high standards for commercial needs. Any organizational data contained in a certificate is confirmed on the basis of the company memorandum (or similar documents) or documents signed by authorized employees.
Class 3 certificates state, in addition to the checks required that
1. A natural person be responsible for the certificate has been identified on the basis of his official identity card or passport.
2. Personal data contained in the certificate matches with that in the identity card or passport. “
1.16 I want to purchase a publisher ID, but before I do, I have some questions: how many IMEIs can I enter when creating a .csr file?.
Open Signed Offline using a Publisher ID allows a Developer Certificate to be created with up to 1000 IMEIs
1.17 How many certificates can I generate per day on www.symbiansigned.com if I use a publisher ID? Are there any other limits when I have a publisher ID?
There are daily limits in place to ensure fair usage. The limits are subject to change and are in line with reasonable development scenarios; i.e. a small number each day.
1.18 Will Developer Certificates be available for users without a Publisher ID again? if not,why?
Open Signed Online grants the same functionality as Developer Certificates, allows fair usage and has an easier to use interface with no registration/login required.
1.19 What is the UID Range for Open Signed Online?
Open Signed Online allows SIS files to be signed where
- UIDs are in the Test Range (0xE0000000 to 0xEFFFFFFF) OR
- UIDs where the email address of the submitter matches the email address of the UID owner for the Protected Range (0x20000000 - 0x2FFFFFFF) and Unprotected Range (0xA0000000 - 0xAFFFFFFF)
1.20 I tried out the Open Signed Online beta now, with an application with an UID from the unprotected range (0xa000112c). Despite this, I got this error message:
“FAILURE: Submitted .sis file uses a UID that is not allocated to the account holder matching this email address (0xa000112c)”
Open Signed Online allows SIS files to be signed where
- UIDs are in the Test Range (0xE0000000 to 0xEFFFFFFF) OR
- UIDs where the email address of the submitter matches the email address of the UID owner for the Protected Range (0x20000000 - 0x2FFFFFFF) and Unprotected Range (0xA0000000 - 0xAFFFFFFF)
1.21 Aren’t packages with UIDs from this range intended to be signable by anyone?
The approach that has been implemented was at the request of developers to ensure they retain control over how their UIDs were used. Current recommendations are
- Protected Range (0x20000000 - 02AFFFFFFF): Only to be used in Open Signed by the owner of the UID and required for Express Signed and Certified Signed.
- Unprotected Range (0xA0000000 - 0xAFFFFFFF): Only to be used in Open Signed by the owner of the UID, cannot be used in Express Signed and Certified Signed.
1.22 Do I need to register an account on symbiansigned.com to use Open Signed Online?
Registration/Login is not required to use Open Signed Online.
However if you need to use UIDs in the Protected (0x20000000 - 0x2FFFFFFF) and Unprotected Range (0xA0000000 - 0xAFFFFFFF)your submission email address must match the email address of the UID owner.
1.23 What is the Size limitation on files submitted for signing?
- Open Signed Offline: No effective limit, done locally on your development machine
- Open Signed Online: 4Mb
- Express Signed: 40Mb
- Certified Signed: 40Mb
1.1 Why did you suddenly turn off the ability to download Developer Certificates without a Publisher ID?.
Current plans and approach were announced in consultation with the developer community in September 2007 and implementation has been phased in since that time.
Many non-developers have been accessing the site through unapproved tools; hence it may have appeared sudden to these users as these unapproved tools would have stopped working and any documentation provided may not have been updated.
1.2 My friends have certificates which are still valid for their phone, why can't I get one?
In September 2007, we announced that we would provide an alternate solution to Developer Certificates using Open Signed Online, which is now in beta (since February 2008). Test applications can now be signed more simply without the need to acquire a Developer Certificate.
1.3 My phone was broken and returned and my certificate does not work, why can't I get a new one?
Open Signed Online will work for developing applications on your new phone. Developer Certificates are not necessary.
1.4 I paid money for my phone and should be able to install whatever software I want, why are you stopping me?
There are 10,000+ applications available, where developers have followed the correct release and deployment process, such that they can be installed on your phone without requiring you (the end-user) to use Symbian Signed service.
This is approach is in line with agreed mobile industry recommendations.
Symbian Signed is provided for development and testing purposes only. The policy of what an end-user can install on their phone, without Symbian Signed, is determined by your device manufacturer, via the concept of “User-Grantable Capabilities” configured by the manufacturer on shipment.
A small number of developers are forcing end-users to go through a process intended for developers only.
1.5 Why can I not get a certificate to sign Freeware, there is no other way to install Freeware?
Contact your freeware developer and request him/her to re-release the application such that Developer Certificates are not required.
a) Approx 60% of APIs do not require any Capabilities and applications using only those APIs do not need to use Symbian Signed services.
b) The Capabilities; LocalServices, Location*, NetworkServices,ReadUserData ,UserEnvironment, WriteUserData: are user-grantable on the device. Applications using these Capabilities are not required to be Symbian Signed; an end-user can grant the permissions on their device. This allows people to do application development with a large amount of functionality for interesting apps. At least 25% of commercial apps are released without needing to use any Symbian Signed services.
c) The Capabilities; PowerMgmt, Location*, ProtServ, ReadDeviceData, SurroundingsDD, SwEvent, TrustedUI, WriteDeviceData: are grantable by Open Signed Online, as well as all the user grantable permissions described in (2) .There is a requirement (as requested by the developer community) that you must own the application’s UID, or you may use a test UID (i.e. in the range 0xE0000000 to 0xEFFFFFFF). This protects the integrity of UID allocation process and prevents developers signing applications with UIDs which have been reserved by other developers.
Note: Location* depends on device type
1.6 I donated money to Freeware providers for their software and now I cannot install it because my phone has changed, why are you stopping me doing this?
Contact your freeware developer (especially if they are accepting money) and request him/her to be responsible and release the application appropriately as most other developers have done; i.e. Express Sign the applications to assure end users that the application comes from a trusted source and meets the recommended minimum quality level as detailed in the Symbian Signed Test Criteria.
1.7 Why is Symbian trying to make me pay $200 to get developer certificates, they are just trying to make more money?
Symbian does not receive any money for a Publisher ID. Publisher IDs are available from TC Trustcenter and meet industry-agreed identity requirements for tracing the origin of an application.
Publisher IDs are required to release applications to end-users in the mass market; developers using Express Signed and Certified Signed only need to obtain a Publisher ID once.
1.8 I bought my phone specifically so that I can install applications like RotateMe, why can I no longer get a Developer Certificate?
A beta UIQ version of RotateMe is being successfully signed via Open Signed Online the correct appropriate manner.
1.9 Why does Open Signed Online not work with Freeware applications?
There are 1000s of applications (including freeware) being successfully signed using Open Signed Online. Please contact the developer and encourage them to release their application in the correct manner.
1.10 The Freeware route through Symbian does not work, how else can I distribute my Freeware application?
There are already 1000s of applications (including freeware) being successfully signed using Open Signed Online?
Once tested and as your freeware application becomes more popular, please consider going through Express Signed; it provides more trust to end users and Open Signed has a finite capacity which may have to be limited if it is over-used.
1.11 Why is there all this security on Symbian OS, why can’t my phone just be completely open like others’ mobile phones?
Symbian Signed’s approach to security is in line with mobile industry recommendations http://www.omtp.org/ProductProfile/ . All open mobile phones shipping in mass market volumes are required to have some degree of trust and quality to protect mass market consumers’ from damage caused by poor applications.
Symbian Signed aims to allow developers to sign an application once to deploy globally, without needing to be concerned by other stakeholders controlling the channel for deployment to a device.
It is important that on behalf of mass market consumers, developers meet the requirements of Symbian Signed Services to provide trust and quality to deploy applications to 100s-of-millions of devices.
1.12 I am not a developer I just own a phone, why do you keep saying you are thinking about developers?
Symbian Signed is provided as a tool for developers to develop and release trusted applications for Symbian OS. The expectation is that developers should provide trusted and high quality applications to end users by ensuring their applications meet the Symbian Signed Test Criteria (using Express Signed and Certified Signed).
Unfortunately a small number of developers are encouraging end-users to access Symbian Signed themselves rather than release applications in the correct manner.
Device Manufacturers implement “User-Grantable Capabilites” on your device which determine what can be installed on your device without being Symbian Signed. As such many applications (and most certainly end-users) do not need to be aware of Symbian Signed.
By installing an application that has been signed only with a Developer Certificate, you have no guarantee of origin and you put your device at increased risk of damage through a poorly performing application.
1.13 I just want to sign the “Hello World” application that I have developed using Carbide to run on my Nokia phone.
You should not need to use any Symbian Signed services to do this successfully. Check the documentation on Forum Nokia’s web site via the following link:
http://wiki.forum.nokia.com/index.php/Carbide.vs_Creating_and_deploying_projects_on_hardware
1.14 Why do you only allow developers with a Publisher ID to acquire a Developer Certificates?
This allows traceability to and accountability of the company responsible for signing (including Developer Certificates).
1.15 I would like to purchase a Publisher ID, but I was told that only professional developers are able to get them. Is that right, or can anyone purchase such a certificate ?
In compliance with industry recommendations (e.g. http://www.omtp.org/ProductProfile/) for Signing Schemes, a Class 3 Publisher ID is obtainable from TC Trustcenter.
An Authorised Entity MUST be validated by either of the following:
- Confirmation of articles of incorporation or
- Registration with 3rd party databases (e.g. Dun and Bradstreet, German Handelsregister)
- Or equivalent
Class 3 certificates establish a level of trust that meets high standards for commercial needs. Any organizational data contained in a certificate is confirmed on the basis of the company memorandum (or similar documents) or documents signed by authorized employees.
Class 3 certificates state, in addition to the checks required that
1. A natural person be responsible for the certificate has been identified on the basis of his official identity card or passport.
2. Personal data contained in the certificate matches with that in the identity card or passport. “
1.16 I want to purchase a publisher ID, but before I do, I have some questions: how many IMEIs can I enter when creating a .csr file?.
Open Signed Offline using a Publisher ID allows a Developer Certificate to be created with up to 1000 IMEIs
1.17 How many certificates can I generate per day on www.symbiansigned.com if I use a publisher ID? Are there any other limits when I have a publisher ID?
There are daily limits in place to ensure fair usage. The limits are subject to change and are in line with reasonable development scenarios; i.e. a small number each day.
1.18 Will Developer Certificates be available for users without a Publisher ID again? if not,why?
Open Signed Online grants the same functionality as Developer Certificates, allows fair usage and has an easier to use interface with no registration/login required.
1.19 What is the UID Range for Open Signed Online?
Open Signed Online allows SIS files to be signed where
- UIDs are in the Test Range (0xE0000000 to 0xEFFFFFFF) OR
- UIDs where the email address of the submitter matches the email address of the UID owner for the Protected Range (0x20000000 - 0x2FFFFFFF) and Unprotected Range (0xA0000000 - 0xAFFFFFFF)
1.20 I tried out the Open Signed Online beta now, with an application with an UID from the unprotected range (0xa000112c). Despite this, I got this error message:
“FAILURE: Submitted .sis file uses a UID that is not allocated to the account holder matching this email address (0xa000112c)”
Open Signed Online allows SIS files to be signed where
- UIDs are in the Test Range (0xE0000000 to 0xEFFFFFFF) OR
- UIDs where the email address of the submitter matches the email address of the UID owner for the Protected Range (0x20000000 - 0x2FFFFFFF) and Unprotected Range (0xA0000000 - 0xAFFFFFFF)
1.21 Aren’t packages with UIDs from this range intended to be signable by anyone?
The approach that has been implemented was at the request of developers to ensure they retain control over how their UIDs were used. Current recommendations are
- Protected Range (0x20000000 - 02AFFFFFFF): Only to be used in Open Signed by the owner of the UID and required for Express Signed and Certified Signed.
- Unprotected Range (0xA0000000 - 0xAFFFFFFF): Only to be used in Open Signed by the owner of the UID, cannot be used in Express Signed and Certified Signed.
1.22 Do I need to register an account on symbiansigned.com to use Open Signed Online?
Registration/Login is not required to use Open Signed Online.
However if you need to use UIDs in the Protected (0x20000000 - 0x2FFFFFFF) and Unprotected Range (0xA0000000 - 0xAFFFFFFF)your submission email address must match the email address of the UID owner.
1.23 What is the Size limitation on files submitted for signing?
- Open Signed Offline: No effective limit, done locally on your development machine
- Open Signed Online: 4Mb
- Express Signed: 40Mb
- Certified Signed: 40Mb
Saturday, March 15, 2008
Tuesday, March 04, 2008
Symbian Dev Certs without Publisher ID
Well, Symbian has taken away the facility to create dev certs without a publisher ID. (For Time being)
This means people can’t sign and use many of the freeware applications currently available. Symbian intend to introduce the new Open Signed process soon but until then there are lots of unhappy and confused people.
No need to panic it will be back soon and it will get better then what was in past.
From symbian Docs..
Sunday, March 02, 2008
Open Signed Online starts next Week
I think most of us hardcore Symbian users will have noticed that Symbian Signed was offline for all the ordinary people without a publisher ID.
A real shame, just now when unsigned great applications like “RockNScroll” are being published and people can’t use it because of the nerving signing process.
Signing has been introduced by Symbian to raise security, but the current result is more than disappointing. The basic idea doesn’t seem bad, but signing should at least be possible EVERYTIME.
It’s clear that this is not the case. The current offline state is no exception. Symbian Signed had quite much failures in the past. This keeps not only developers away from developing for Symbian, also newbies are not able to use great 3rd party software.
Although we don’t know anything about Symbian Signed is working at the problems for ordinary users, Symbian Signed has finally announced today an overworked signing service for developers without a publisher ID:
We will commence roll-out the Beta version of Open Signed Online at the beginning of next week.
As demand is currently higher than the PKI signing capacity, you may experience some restrictions on availability. We are in the process of adding new PKI signing hardware to the signing service to increase signing capacity (but this will take several weeks to configure)As outlined below there is a maximum number of requests that we can service each hour which limits the number of users that can request at one time.Open Signed Online Beta will be available next week with the following restrictions:
- • The Open Signed Online process is fully described here
- • During initial stages of the Open Signed Online beta, the service may only be available from
0900-1500
GMT (UK time) Monday-Friday. - • Until capacity is increased with additional servers, there is a maximum number of requests that can be serviced each hour, if there is excessive demand (which is expected), some users may find Open Signed Online beta is not available.
- • As for any beta, there may be issues that impact the performance and/or functionality of the service. Such problems may result in the service being taken off-line at short notice and/or for extended periods.
- • Note: Open Signed Online does not allow you to sign a SIS that uses a UID from the “Protected Range”, unless the email address you use for Open Signed Online MATCHES the email address of the account which owns/created the UID.
- • If you attempt to sign the same SIS file in rapid succession, the service you receive will proportionally slow down. This is to provide fair access to all.
- • Installation of the signed SIS file will be restricted to a single IMEI (i.e. mobile phone) that you enter and valid for 36 months.
- • SIS files that have been Open Signed will present a notification upon installation that the SIS file is intended for development purposes only.
- • SIS files can be signed for all Platform Security Capabilities except CommDD, MultimediaDD, NetworkControl, DiskAdmin, DRM, AllFiles, TCB.
Let’s hope that the new Open Signed service will win over even more developers for Symbian. And Symbian Signed should work on the signing problems for normal people…
More information: http://www.symbiansigned.com/app/page
Subscribe to:
Posts (Atom)
![Forum Nokia Champion [2007-2008][2008-2009][2009-2010]](https://champion.forum.nokia.com/static/pics/logo_fn_champion.gif){kind=logo}
