Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
Developer
Posts: 36
Registered: ‎11-19-2008
My Device: Blackberry 9000 - Bold
Accepted Solution

Public Keys on Code Modules

Greetings,

 

I would like to know how one can extract the public keys of modules already installed on the BlackBerry.

 

I know there is the CodeSignigKey.getPublicKey() method which is what I assume you would be able to extract the public key from.  I do the following:

 

 

...
int handle = CodeModuleManager.getModuleHandle("Argle");
byte[] pubKey = CodeSigningKey.get(handle,CodeSigningKey.RRT_SIGNER_ID).getPublicKey();
...

 

 

My assumptions are that every single program (considering third party apps) will need to have an RRT signature.  This is what you do when you sign your apps (three signatures RRT, RBB, RCR). 

 

What I do not understand is this:

 

Is CodeSigningKey.RRT_SIGNER_ID the signer id for RIM's Key pair and thus is this the reason I always get a null public key for third party apps?

 

Are public keys embedded in modules or can they be extracted from modules?

 

Thanks,

Sheran

 

Chirashi Security
BlackBerry Development Advisor
Posts: 15,016
Registered: ‎07-09-2008
My Device: BlackBerry Passport

Re: Public Keys on Code Modules

The CodeSigningKey is typically used to protect objects stored in the PersistentStore or RuntimeStore.  However, protecting them with one of the RIM keys does not offer any real protection since any applications could be signed with this key.  If you are looking to do this, you should issue yourself your own unique key using the BlackBerry Signing Authority Software.  You can find more information here:

 

How to - Protect persistent objects from access by unauthorized applications

http://www.blackberry.com/knowledgecenterpublic/livelink.exe/fetch/2000/348583/800332/1295814/How_to...

Mark Sohm
BlackBerry Development Advisor

Please refrain from posting new questions in solved threads.
Problem solved? Click the Accept As Solution button.
Found a bug? Report it using Issue Tracker
Developer
Posts: 36
Registered: ‎11-19-2008
My Device: Blackberry 9000 - Bold

Re: Public Keys on Code Modules

Okay, I was incorrect in assuming that the CodeSigningKey would allow me to extract the public key of the developer that signed the module.  Thanks for clearing that up.

Chirashi Security