Motorola maxx V6 MIDlet Suites, Creating the Signing Certificate, Inserting Certificates into JAD

Java ME Developer Guide

Chapter 8 - MIDP 2.0 Security Model

MIDlet Suites

Attributes defined within the manifest of the JAR are protected by the signature. At- tributes defined within the JAD are not protected or secured. Attributes that appear in the manifest (JAR file) will not be overridden by a different value in the JAD for all trusted MIDlets. If a MIDlet suite is to be trusted, the value in the JAD will equal the value of the corresponding attribute in the manifest (JAR file), if not, the MIDlet suite will not be installed.

The attributes MIDlet-Permissions (-OPT) are ignored for unsigned MIDlet suites. The untrusted domain policy is consistently applied to the untrusted applications. It is legal for these attributes to exist only in JAD, only in the manifest, or in both loca- tions. If these attributes are in both the JAD and the manifest, they will be identical. If the permissions requested in the HAD are different than those requested in the manifest, the installation must be rejected.

Methods:

1.MIDlet.getAppProperty will return the attribute value from the manifest (JAR) if one id defined. If an attribute value is not defined, the attribute value will return from the application descriptor (JAD) if present.

8.14Creating the Signing Certificate

The signer of the certificate will be made aware of the authorization policy for the handset and contact the appropriate certificate authority. The signer can then send its distinguished name (DN) and public key in the form of a certificate request to the certificate authority used by the handset. The CA will create a x.509 (version 3) cer- tificate and return to the signer. If multiple CAs are used, all signer certificates in the JAD will have the same public key.

8.15 Inserting Certificates into JAD

DRAFT - Subject to Change [59/201]