MIDlet jar signing (a tutorial)
http://www.spindriftpages.net/pebble/dave/2005/06/20/1119275880301.html
I needed to sign a MIDlet and deploy it on a Nokia Series 60 phone (i.e. 6630, 6680 etc) so the user doesn't constantly get security alerts. I figured (hoped?) this might be a fairly simple task since any useful application is likely to need access to restricted functionality. It turns out I was very, very wrong. There is virtually no information on how to sign and deploy an application on the web. Anyway here are the steps I took to get to et my MIDlet signed and installed!
Get required software
1. Get and install the Java SDK (JDK) from Sun (you should already have this)
2. Get and install the Java Wireless Toolkit (WTK) also from Sun
3. Optionally get and install Ant and Antenna to allow you to automate your build
Create and import a certificate
1. You need to use keytool (from the JDK)
2. I used the following command keytool -genkey -alias {myalias} -keyalg RSA -validity 365
3. This will prompt you for a keystore password, enter your keystore password (if you have an existing keystore) or the one you want to use if you don't have one yet
4. Fill in all the prompts about location/company name etc
5. Run keytool -list to see your new certificate
6. Next you must export the certificate so you can import it to your phone
7. Run keytool -export -alias {myalias} -file mycertificate.crt
8. Import the certificate into your phone, in Windows XP SP2 I could do this by right clicking the file and selecting "Send to Bluetooth Device"
Build and package the application
1. Use javac to build your MIDlet paying special attention to your classpath and bootclasspath options (otherwise preverification will fail). I also set target to 1.1 and source to 1.3
2. Generate your JAD file the critical attributes in the JAD are MIDlet-Jar-URL, MIDlet-Jar-Size, MIDlet-Permissions we also included MIDlet-Icon, MicroEdition-Configuration, MicroEdition-Profile, MIDlet-Name, MIDlet-Push-1, MIDlet-Icon, MIDlet-Descriptionn and MIDlet-Version
3. Generate the MANIFEST.MF file based on your JAD, you must remove MIDlet-Jar-Size and MIDlet-Jar-URL
4. Both these tasks can be completed using the wtkJad Antenna task
5. Package and preverify the app using the wtkPackage Antenna Task you must set the classpath and bootclasspath properties correctly otherwise Preverification will fail
Sign the application
1. Sign the Application using jarsigner
2. Run jarsigner -keystore {mykeystore} -storepass (mypassword} {myjar} {myalias}
3. Now you have a signed jar you need to update the MIDlet-Jar-Size in your JAD
4. Now add the certificate to the JAD using JadTool.jar from the WTK
5. Run java -jar JadTool.jar -addcert -alias {myalias} -storepass {mypassword} -keystore {mykeystore} -inputjad {myinputjad} -outputjad {myoutputjad}
6. Now add the signature to the JAD again using JadTool.jar
7. Run java -jar JadTool.jar -addjarsig -alias {myalias} -jarfile {myjar} -storepass {mypassword} -keypass {mypassword} -keystore {mykeystore} -inputjad {myinputjad} -outputjad {myoutputjad}
8. You can now deploy this to a webserver with the MIME types set correctly and download it to your phone and it will be a trusted 3rd party application
Tags : jar, signing, nokia, midlets, technology