Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
Trusted Contributor
KraKra
Posts: 224
Registered: ‎08-11-2010
My Device: Not Specified

Re: Any way to get the Blackberry "OS" to re-compute a module hash or signature?

> Then the app tries to install net_rim_cldc.

> Does this mean that during the boot sequence, the hash/signature of every module that is needed to complete the boot and get the core apps running is re-computed?

 

My understanding is that any module can access "private" OS methods only if it signed by RIM. I suppose that OS launcher verifies the signature of the first "boot" module before it calls it, after that any other module which is not signed by RIM can only use the public APIs.

 

FYI there are hundreds of variants of net_rim_cldc.cod signed by RIM (for different OS builds and devices). Some people even prepare their own hybrid OSes by combining .cod files from different official OS builds. But all those .cod files can be used only because they are signed by RIM.

 

> Note that a customer who is very concerned about security may not want to trust any claims

> RIM may make about not having malicious insiders, not having undocumented API behavior 

 

I'd say that this user should not use RIM products or make a deal with them and get a copy of the source code.

On the other hand, source code is not enough, he need to also prepare his own build tools (he cannot trust RIM's build tools), need to sign the cod files with his own private keys, need to prepare a special hardware which validates the cod files against his own key and so on. 

 


Trusted Contributor
KraKra
Posts: 224
Registered: ‎08-11-2010
My Device: Not Specified

Re: Any way to get the Blackberry "OS" to re-compute a module hash or signature?

> there may be some things about the OS or environment

 

You can check the hashes of all the OS modules, they are always identical for the same binary. 

Of course, if user upgrades the OS, core modules will get new hashes. 

Developer
simon_hain
Posts: 16,282
Registered: ‎07-29-2008
My Device: Z10 LE, Z30, Passport

Re: Any way to get the Blackberry "OS" to re-compute a module hash or signature?

Usually security concerns are satisfied by different certification processes. And if Obama can continue to use his BB...

In any case, this is quite far from being a developer topic. All developers are limited to the published API, there is no known way to change something on OS level.
----------------------------------------------------------
feel free to press the like button on the right side to thank the user that helped you.
please mark posts as solved if you found a solution.
@SimonHain on twitter