The third edition of S60 has greatly improved the security, and has stricter regulations on the third-party software installed and running in the system.
Some operations involving mobile phone software and hardware security/personal information security are particularly restricted (for example, the automatic startup of mobile phone is one of the restricted functions, mainly to prevent malicious software). In order to realize these "specially restricted" functions, the application must obtain a "signature". In other words, someone should be responsible for the safety of this operation! A program without any signature cannot be installed and run.
2. Where should I put the certificate?
In fact, certificates are not simply placed in any folder. Certificates are used to sign software that needs to be "signed". Certificates are not used directly, but packaged into sis software through a special program. The role of a certificate is only to give the program certain permissions. Don't lose the certificate you got, because a certificate is valid for 6 months and you can sign a lot of software. If the certificate expires, you can apply for a new certificate, or you can adjust the time of the mobile phone before installation. Just adjust the time to the validity period of the certificate.
Usually downloaded mobile phone software has a signed version and an unsigned version. For unsigned software, we can apply for a certificate to make software for our machine, make the key file of our mobile phone through the sign tool provided by Saipan, and then write the software to be installed, and then the software can only be installed in your mobile phone.
In short, the certificate mechanism is a measure to solve security problems, and its functions are mainly two points: 1. Prove the legitimacy of the software. 2。 Allow the software to start itself.
When we say signature, we generally mean the user's personal signature:
Strictly speaking, this should belong to the "developer signature". Because Symbian provides a kind of "development certificate" for software developers, the original intention is to let software developers do software testing. This "development certificate" is associated with the IMEI code of the machine used for testing. The software signed with this certificate can only be used on the machine corresponding to the IMEI code, not on other machines. Our so-called "self-signature" is actually in this way. To put it bluntly, you said you were developing software, you provided the IMEI code of your tester, and Symbian issued you a "development certificate". You use this certificate to sign your Test Software. You are responsible for your "development behavior"! That's all. In addition, the development certificate is valid for half a year from the date of issuance, but within the validity period of the certificate, there is no limit on the use time after the program is signed and installed.
Imei = international mobile equipment identity = international mobile equipment identity card. This is similar to your "resident ID card". This thing belongs to the privacy scope. Symbian will not directly input this information on the website to protect users' privacy.
Frequently asked questions:
There are many softwares that need certificates. If I have a certificate,
So can all the software that needs a certificate to be installed be used?
Or does each software need a different certificate?
Can a certificate be used by more than one person?
Answer: Each mobile phone needs a different certificate, which has nothing to do with the software. Corresponding to the IMEI number of each mobile phone, one certificate is used by one mobile phone. You have a certificate, so you need a certificate to install the software, and you can use it after signing it. One certificate is used by one mobile phone, and other mobile phones are invalid.
Why "sign"?
The third edition of S60 has greatly improved the security, and has stricter regulations on the third-party software installed and running in the system.
Some operations involving mobile phone software and hardware security/personal information security are particularly restricted (such as automatic startup of mobile phone startup).
Is one of the restricted functions). In order to realize these "specially restricted" functions, the application must obtain a "signature". In other words, there must be
People will be responsible for the safety of this operation! A program without any signature cannot be installed and run.
Signature: It refers to writing specific tag information in a specific field of an application, indicating that the software has passed the audit of the signer.
The signer is responsible for the security of the software. Among them, there are three kinds of signatures:
1.Symbian signature.
Which is the official signature of Symbian mobile phone operating system. Software that has passed Symbian security certification will get Symbian.
Sign. This software has the highest security level. Can be installed/run normally on the mobile phone/and can realize all the functions provided by the software.
Obtaining Symbian signature requires the software author to deal directly with Symbian officials. For various reasons,
Not all software authors have the ability to obtain this certification.
2. Signature of the author.
The author of the software signed his name when he released the software. This kind of software can be installed and run on your mobile phone (you may encounter a security warning and you can skip it). But those "specially restricted" functions cannot be realized. If a software doesn't involve this function at all, it is entirely possible for the software author to sign it himself. Another possibility is that although some functions of the software are within the scope of "special restrictions", they are not the main functions. The software author may also release an "author's signature version", which can normally use most functions, but will lose some specific functions. For example, there is such a version of the "incoming call" software that almost all functions can be used, but it can't be started automatically.
3. User signature.
Strictly speaking, this should belong to the "developer signature". Because Symbian provides a kind of "development certificate" for software developers, the original intention is to let software developers do software testing. This "development certificate" is associated with the IMEI code of the machine used for testing. The software signed with this certificate can only be used on the machine corresponding to the IMEI code, not on other machines.
Our so-called "self-signature" is actually in this way. To put it bluntly, you said you were developing software, you provided the IMEI code of your tester, and Symbian issued you a "development certificate". You use this certificate to sign your Test Software. You are responsible for your "development behavior"! That's all. In addition, the development certificate is valid for half a year from the date of issuance. However, within the validity period of the certificate, there is no limit on the use time of the signed program.