Verifying The Signer Certificate - Motorola MOTORAZR maxx V6 Developer's Manual

Java me developer guide

Hide thumbs Also See for MOTORAZR maxx V6:

Manual (103 pages)

Service manual (50 pages)

User manual (35 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

page of 201

/ 201
Contents
Table of Contents
Bookmarks

Table of Contents

Java ME Developer Guide

Chapter 8 - MIDP 2.0 Security Model

When a MIDlet suite is downloaded, the handset will check the JAD attribute MIDlet-

Jar-RSA-SHA1. If this attribute is present, the JAR will be authenticated by verifying

the signer certificates and JAR signature as described. MIDlet suites with application

descriptors that do not have the attributes previously stated will be installed and in-

voked as untrusted. For additional information, refer to the MIDP 2.0 specification.

8.18 Verifying the Signer Certificate

The signer certificate will be found in the application descriptor of the MIDlet suite.

The process for verifying a Signer Certificate is outlined in the steps below:

1. Get the certification path for the signer certificate from the JAD

attributes MIDlet-Certificate-1<m>, where <m> starts at 1 and is

incremented by 1 until there is no attribute with this name. The value of

each attribute is a base64 encoded certificate that will need to be

decoded and parsed.

2. Validate the certification path using the basic validation process as

described in RFC2459 using the protection domains as the source of the

protection domain root certificates.

3. Bind the MIDlet suite to the corresponding protection domain that

contains the protection domain root certificate that validated the first

chain from signer to root.

4. Begin installation of MIDlet suite.

5. If attribute MIDlet-Certificate-<n>-<m> with <n> is greater than 1 are

present and full certification path could not be established after verifying

MIDlet-Certificate-<1>-<m> certificates, then repeat step 1 through 3

for the value <n> greater by 1 than the previous value.

Table 17 describes actions performed upon completion of signer certificate verifica-

tion:

Result

Attempted to validate <n> paths. No

public keys of the issuer for the certific-

ate can be found, or none of the certific-

ate paths can be validated.

More than one full certification path is es-

tablished and validated.

Only one certification path established

DRAFT - Subject to Change

Action

Authentication fails, JAR installation is not

allowed.

Implementation proceeds with the signa-

ture verification using the first success-

fully verified certificate path for authen-

tication and authorization.

implementation proceeds with the signa-

[61/201]

Table of Contents

Verifying The Signer Certificate - Motorola MOTORAZR maxx V6 Developer's Manual

8.18 Verifying the Signer Certificate

Related Manuals for Motorola MOTORAZR maxx V6

Related Content for Motorola MOTORAZR maxx V6

Table of Contents