Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Java Development

Reply
Contributor
Posts: 22
Registered: ‎09-14-2010
My Device: Not Specified
Accepted Solution

Security Exception for RESE keys, despite having them installed in the sigtool.

I am currently writing code to communicate with the Embedded Secure Element on my Blackberry 9900 phone. I have received the NFCR and RESE signing keys, which are required for the same, and have signed my application with the keys. However, while signing, in the list of modules required to be signed, I am not able to see the RESE module, and when I run the signed application on the device, and try to access

 

    String conStr = "apdu:1;target=a0.00.00.00.03.00.00.00";
            connection = (APDUConnection) Connector.open(conStr);

 

I get the following exception:

 

java.lang.SecurityException

Error Message: JSR 177 access is not permitted because of missing RESE signature class

 

Please advise on what my next step should be, and if there's another way in which I need to use the RESE keys.

Contributor
Posts: 22
Registered: ‎09-14-2010
My Device: Not Specified

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

P.S. When I open the sigtool.db, I am able to see all the 5 signing key modules, i.e. RBB, RESE, RRT, RCRand NFCR

Retired
Posts: 571
Registered: ‎06-25-2010
My Device: Z10
My Carrier: Vodafone

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Hi

 

You need the RESE signature to execute against the EMBEDDED secure element but there's a catch. The Eclipse eJDE cannot tell that RESE is required since essentially the same API is used for EMBEDDED vs SIM. Consequently after building your cod file you need to manually sign it by launching the SignatureTool.jar tool from within:

     <your eclipse folder>\ plugins\net.rim.ejde\vmTools

The signing tool "knows" what signatures to apply based on the contents of the .csl file in your \deliverables\standard\7.x.x directory

So before signing, you have to manually edit the file and add the following line:

52455345=RESE

Then try to sign the cod with the signing tool. Don't rebuild before signing and after editing the csl as the csl is generated by the build process and so your manually applied change will be lost.




--------------------------------------------------------------------------------------------
Feel free to press the like button on the right side if you liked my attempts to help :-)
And please mark posts as solved if you think I found the solution or set you on its path. Thanks!
Follow me on Twitter: @mdwrim
Contributor
Posts: 22
Registered: ‎09-14-2010
My Device: Not Specified

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Thanks a lot! The signing works now.

 

Even after signing with RESE, however, I am getting the same exception

 

java.lang.SecurityException

Error Message: JSR 177 access is not permitted because of missing RESE signature class

 

My code is:

 

secureElement = seManager
                        .getSecureElement(SecureElement.EMBEDDED);

String conStr = "apdu:1;target=a0.00.00.00.03.00.00.00";
            connection = (APDUConnection) Connector.open(conStr);

Retired
Posts: 571
Registered: ‎06-25-2010
My Device: Z10
My Carrier: Vodafone

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

I think you need to check the sequence of steps carefully. Eclipse will regenerate and overwrite the call file every time it builds so you will lose your manually added entry. So the steps are:

1. Build
2. Edit call file
3. Sign with signature tool

Could you double check please?
--------------------------------------------------------------------------------------------
Feel free to press the like button on the right side if you liked my attempts to help :-)
And please mark posts as solved if you think I found the solution or set you on its path. Thanks!
Follow me on Twitter: @mdwrim
Retired
Posts: 571
Registered: ‎06-25-2010
My Device: Z10
My Carrier: Vodafone

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Step 2 should read csl file of course
--------------------------------------------------------------------------------------------
Feel free to press the like button on the right side if you liked my attempts to help :-)
And please mark posts as solved if you think I found the solution or set you on its path. Thanks!
Follow me on Twitter: @mdwrim
Contributor
Posts: 22
Registered: ‎09-14-2010
My Device: Not Specified

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Yes. I followed the following steps in the BlackBerry eclipse plugin 1.3

 

  1. 1. Blackberry -> Sign with signature tool, on my application. here, I saw that the application had been signed for all the 4 signing keys other than RESE
  2. I added the line in the .csl file in the delieverables->7.0.0 folder
  3. I re-did the first step. Here, I saw that the application which was previously signed for the 4 keys, got signed for an additional RESE key.
  4. After this, I loaded the application on my device using BlackBerry->Load Application on Device

After doing all this, I still got the same security exception. I hope the card manager applet ID I am using is not the issue here.

Retired
Posts: 571
Registered: ‎06-25-2010
My Device: Z10
My Carrier: Vodafone

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Hi

 

could you send me your signed cod file please? You can do this via a private message here in the forums or via email if you prefer. I'm in touch with your partners so you should be able to obtain my email address.

 

Thanks

--------------------------------------------------------------------------------------------
Feel free to press the like button on the right side if you liked my attempts to help :-)
And please mark posts as solved if you think I found the solution or set you on its path. Thanks!
Follow me on Twitter: @mdwrim
New Contributor
Posts: 5
Registered: ‎09-05-2011
My Device: BB 9700

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Can I know how to get this RESE key?

When I registered with the RIM to get Device keys, I got only 3 keys which do not include RESE key.

Contributor
Posts: 22
Registered: ‎09-14-2010
My Device: Not Specified

Re: Security Exception for RESE keys, despite having them installed in the sigtool.