Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Adobe AIR Development

Reply
Developer
tensioncore
Posts: 323
Registered: ‎12-13-2010
My Device: Bold 9900/Z10 Special Edition
My Carrier: Rogers

HOWTO: Sign your Applications from CMD

[ Edited ]

So for starters, lets make sure you have your SDK folder in the Windows PATH, that way you can open a Command prompt anywhere on your computer and you can use the blackberry-airpackager and blackberry-signer batch files...

Please be sure to finish your application, and DO NOT USE the files with debugging information, please use finished, production-ready applications and code.

Edit your ActionScript project to include in Compiling options this:

-locale en_US -debug=false


If you are uncomfortable editing your PATH, then simply open a CMD window (preferably under an Administrator Account - or right click it and click "Run as Administrator") and the type the following command to more the Command window to your working directory:

cd C:\Program Files (x86)\Adobe\Adobe Flash Builder Burrito\sdks\blackberry-tablet-sdk-0.9.3\bin

 (if your SDK is somewhere else, then change the above path Accordingly)

Now another notice, is that these code examples assume that you have your BAR files and any other files you need in the SAME working directory as we are using as noted above.

----RECOMMENDATION---- If you want to package a lot of images via the command line, then add all your images into a sub-directory of the folder where you are running these commands from and in your Command line you can simply call the subdirectory in place of listing all of the images by name - example:

blackberry-airpackager -package <MyApp>.bar <MyApp-app>.xml <MyApp>.swf blackberry-tablet.xml <my_icon>.png images

----NOTE---- where it says "images" use the name of your folder containing your images

---- NOTICE ---- About using passwords: The Code Signing form from Blackberry's website explicitly says you can only use lowercase letters in your password (if you use uppercase anywhere in the password, then it was AUTOMATICALLY case-changed to lowercase)

What this means, is that when you type your password in <Password (NOTE: LOWERCASE) from online Signed key registration> - that this password must be lowercase.

---- NOTICE ---- regarding the code samples which containt "-alias author" - YOU DO NOT need to change anything with this, it is part of the command

---- NOTICE ---- Regarding the letters "RDK" in any commands. THESE must stay as typed, and not changed just as with the "-alias" part

---- NOTICE ---- Regarding the step <REGISTER WITH RIM> - This is only required THE VERY FIRST TIME YOU USE YOUR PLAYBOOK SIGNING KEYS, and never again. It is to establish as trusted relationship between RIM's servers and your PC - UPON successfull registration with RIM you will recieve an email confirming this newly established trust.

---- NOTICE ---- Regarding your publisher/business name. This property MUST MATCH in every aspect of your process (from the Application blackberry-tablet.xml file, to your Vendor account with RIM, your application for Signing keys, and finally the commands we are going to use in this HOWTO)

---- FAQ ---- Making your CSK puts a file named barsigner.csk into this folder: C:\Users\Youraccount\AppData\Local\Research In Motion\ (in Windows 7 anwyays...)

---- FAQ ---- When your application is successfully signed the .BAR files contents will contain a folder named META-INF with the following files in it: MANIFEST.MF, AUTHOR.EC, AUTHOR.SF, RDK.EC and RDK.SF

Firstly, of course is packaging your app:

blackberry-airpackager -package YOURAPP.bar YOUR-app.xml blackberry-tablet.xml YOURAPP.swf blackberry-tablet-icon.png ANYEXTRAIMAGES.png YOURSPLASH.png

 

    Now to Sign your app:
 
    1st step CMD cd into BB SDK directory (or have this dir in your PATH)
    2nd step - copy CSJ files into \bin (I PUT ALL MY FILES TOGETHER FOR SAKE OF SHORTER COMMAND LINES)


    <MAKE A CSK FILE>

blackberry-signer -csksetup -cskpass -storepass <password>

 

    <REGISTER WITH RIM>

blackberry-signer -register -csjpin <Password (NOTE: LOWERCASE) from online Signed key registration> -cskpass <Password from CSK step> client-RDK-WHATEVERYOURNUMBERIS.csj


    <MAKE CERTIFICATE>

blackberry-keytool -genkeypair -keystore NAMEOFCERT.p12 -storepass <new-password-forthis-store> -dname "cn=<NAME OF YOUR COMPANY -must be the same in your app and your online vendor account>" -alias author

 

 

Please Note Also note that the option "-alias author" is not optional, this has to be part of your command exactly as it is in this example code....and not changed.

    <Double signing - first step>

blackberry-signer -verbose -cskpass <CSK PASSWORD FROM FIRST STEP> -keystore YOURCERT.p12 -storepass <YOUR STORE PASSWORD> <YOUR BAR FILE> RDK


    <Double Signing - second Step>

blackberry-signer -keystore YOURCERT.p12 -storepass <YOUR STORE PASSWORD> <YOUR RIM-SIGNED BAR FILE> author

 


PLEASE NOTE: you must copy these exactly (REPLACE ALL CAPITALS AND < BRAKETED > TEXT WITH YOUR OWN, or else the commands WILL FAIL, and you'll likely get flamed)

Thanks guys for helping this topic develop, and again, please let me know if I missed anything!

CEO/Lead Developer - Tensioncore™ Design Studios
http://tncr.ws/ - ShortenThis!™ for Blackberry Playbook | ShortenThis!™ for BlackBerry® 10
The Periodical Toe A highly informative Table of Elements
DrawThis! A fun drawing app for the BlackBerry® PlayBook™!
http://www.tensioncore.com/ - Tensioncore™ Web Hosting
Please use plain text.
Developer
smiley
Posts: 1,417
Registered: ‎07-14-2008
My Device: Z10
My Carrier: Fido

Re: HOWTO: Sign your Applications from CMD

is this step also required?

 

<Double signing - first step>

 

or just need

 

<Double signing - second step>

Please use plain text.
Developer
tensioncore
Posts: 323
Registered: ‎12-13-2010
My Device: Bold 9900/Z10 Special Edition
My Carrier: Rogers

Re: HOWTO: Sign your Applications from CMD

You NEED to double sign your app, once from RIM and once with your own certificate.
CEO/Lead Developer - Tensioncore™ Design Studios
http://tncr.ws/ - ShortenThis!™ for Blackberry Playbook | ShortenThis!™ for BlackBerry® 10
The Periodical Toe A highly informative Table of Elements
DrawThis! A fun drawing app for the BlackBerry® PlayBook™!
http://www.tensioncore.com/ - Tensioncore™ Web Hosting
Please use plain text.
Developer
smiley
Posts: 1,417
Registered: ‎07-14-2008
My Device: Z10
My Carrier: Fido

Re: HOWTO: Sign your Applications from CMD

ok. thanks.  I got this error msg when signing the first step

 

Response = Signature Response
Confirm = null
Error = Code signing request failed because Package-Author in Manifest is not set to [company name].

 

what is that?

 

 

Please use plain text.
Developer
JRab
Posts: 2,462
Registered: ‎11-04-2010
My Device: Bold 9700

Re: HOWTO: Sign your Applications from CMD

[ Edited ]

No idea, but from the looks of it check your -app.xml blackberry-tablet.xml descriptor file. check the author tag and the publisher tags and see if they match the company name you put into both your signing key stuff and on the webform online when you requested the keys.

J. Rab (Blog) (Twitter)
--
1. If you liked my post or found it useful please click on the thumbs up and provide a Like!
2. If my post solved your problem please click on the Accept as Solution button. Much appreciated!

Approved Apps: OnTrack | ssShots | Hangman
Please use plain text.
Developer
tensioncore
Posts: 323
Registered: ‎12-13-2010
My Device: Bold 9900/Z10 Special Edition
My Carrier: Rogers

Re: HOWTO: Sign your Applications from CMD

[ Edited ]
Your blackberry-tablet.xml has a < publisher > field < / publisher >
This needs to match your Company name in your Vendor account as well as the P12 certificate you made during this process
CEO/Lead Developer - Tensioncore™ Design Studios
http://tncr.ws/ - ShortenThis!™ for Blackberry Playbook | ShortenThis!™ for BlackBerry® 10
The Periodical Toe A highly informative Table of Elements
DrawThis! A fun drawing app for the BlackBerry® PlayBook™!
http://www.tensioncore.com/ - Tensioncore™ Web Hosting
Please use plain text.
Developer
peter9477
Posts: 6,473
Registered: ‎12-08-2010
My Device: PlayBook, Z10
My Carrier: none

Re: HOWTO: Sign your Applications from CMD

Thanks, tensioncore!  A nice recipe that worked for me too, after correcting a few mistakes on my part.  Here are some comments to expand on the above or clarify things.

 

1. The <MAKE A CSK FILE> step just stores a hash of the password (i.e. securely) in a barsigner.csk file.  On Windows 7 it's in the %LOCALAPPDATA%\Research In Motion" folder (where LOCALAPPDATA is an environment variable you can look at by typing the SET command).

 

2. In <MAKE CERTIFICATE>, the NAMEOFCERT part is any name you want... this is a file that will be created in your current directory to store information about passwords, keys, etc.  Also note that the option "-alias author" apparently is exactly as typed.  You don't replace "author" with your own name, for example.  If you get this error message from the next step, you've probably screwed this up as I did at first:

 

barsigner error: developer certificate and private key not found in keystore or store password not supplied 

 

3. In <Double signing - first step>, likewise, the "RDK" text is exactly that.  This is the step that will actually contact the RIM signing server and sign your app, so you'll see a bunch of digital signature stuff fly past (because of the "-verbose" option), following which it will modify your .bar file in-place to add two files in the META-INF/ folder: RDK.EC and RDK.SF, and to modify the MANIFEST.MF file.  What's going back and forth should be purely digital-signature hash stuff, not the actual contents of your .bar file, so your intellectual property should be safe, if I understand correctly.

 

4. The last step also modifies the .bar file, this time merely adding files AUTHOR.EC and AUTHOR.SF.  (Anyone know what those are for?)

 

 

By the way, can anyone confirm that with this whole process, other than the initial <REGISTER WITH RIM> step, none of it stores any info at RIM other than perhaps some log entries?  

 

The main point of that question is to understand whether you can sign away repeatedly, to your heart's content, without any risk that you're either using up some quota of signing attempts, filling up a hard drive, or permanently recording some digital signature against a particular version of your app?

 

I get the impression that the REGISTER step is a once-only deal, but the signing step can be done repeatedly without any lasting effect other than a locally modified BAR file which you could delete and build again at will.


Peter Hansen -- (BB10 and dev-related blog posts at http://peterhansen.ca.)
Author of White Noise and Battery Guru for BB10 and for PlayBook | Get more from your battery!
Please use plain text.
Developer
smiley
Posts: 1,417
Registered: ‎07-14-2008
My Device: Z10
My Carrier: Fido

Re: HOWTO: Sign your Applications from CMD

 


tensioncore wrote:
Your blackberry-tablet.xml has a < publisher > field < / publisher >
This needs to match your Company name in your Vendor account as well as the P12 certificate you made during this process

 

Now I'm getting anger.  I dont see < publisher > field < / publisher > in the xml file but i do see

 

<publisherID></publisherID>

 

when i add the company name and then run the app in FB it errors.

 

error 105: application.publisherID contains an invalid value
Error: AIR validation failed

 

 

 

Please use plain text.
Developer
JRab
Posts: 2,462
Registered: ‎11-04-2010
My Device: Bold 9700

Re: HOWTO: Sign your Applications from CMD

i dont think thats the one. there is a publisher field in the blackberry-tablet.xml file. more details can be found in this thread:

 

http://supportforums.blackberry.com/t5/Tablet-OS-SDK-for-Adobe-AIR/blackberry-tablet-xml-structure/m...

J. Rab (Blog) (Twitter)
--
1. If you liked my post or found it useful please click on the thumbs up and provide a Like!
2. If my post solved your problem please click on the Accept as Solution button. Much appreciated!

Approved Apps: OnTrack | ssShots | Hangman
Please use plain text.
Developer
peter9477
Posts: 6,473
Registered: ‎12-08-2010
My Device: PlayBook, Z10
My Carrier: none

Re: HOWTO: Sign your Applications from CMD

I should note I've also now found after signing (or perhaps it was just the registration step) that there's a file in the same place as my barsigner.csk file called "barsigner.db".

 

That means there are as many as three files that you'd need to back up if you wanted to migrate your signing authority from one machine to another:

 

 

  • barsigner.csk
  • barsigner.db
  • WHATEVERYOUCALLEDIT.p12

 

I think the .db file is not critical, given what the content looks like.  Anyone?


Peter Hansen -- (BB10 and dev-related blog posts at http://peterhansen.ca.)
Author of White Noise and Battery Guru for BB10 and for PlayBook | Get more from your battery!
Please use plain text.