Welcome to the Official BlackBerry® Support Community Forums. This is your resource to discuss support topics with your peers, and learn from each other. New to the forum? Please visit the ‘Getting Started’ link below.
All New Topics | All New Posts
inside custom component

Java Development

Reply
Topic Options
sanika_sudhalkar
Contributor
sanika_sudhalkar
Posts: 22
Registered: 09-14-2010
Accepted Solution

Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-09-2012 01:21 AM

I am currently writing code to communicate with the Embedded Secure Element on my Blackberry 9900 phone. I have received the NFCR and RESE signing keys, which are required for the same, and have signed my application with the keys. However, while signing, in the list of modules required to be signed, I am not able to see the RESE module, and when I run the signed application on the device, and try to access

 

    String conStr = "apdu:1;target=a0.00.00.00.03.00.00.00";
            connection = (APDUConnection) Connector.open(conStr);

 

I get the following exception:

 

java.lang.SecurityException

Error Message: JSR 177 access is not permitted because of missing RESE signature class

 

Please advise on what my next step should be, and if there's another way in which I need to use the RESE keys.

Report Inappropriate Content
Message 1 of 15 (242 Views)
Reply
0 Likes
Please use plain text.
 
sanika_sudhalkar
Contributor
sanika_sudhalkar
Posts: 22
Registered: 09-14-2010

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-09-2012 01:27 AM

P.S. When I open the sigtool.db, I am able to see all the 5 signing key modules, i.e. RBB, RESE, RRT, RCRand NFCR

Report Inappropriate Content
Message 2 of 15 (239 Views)
Reply
0 Likes
Please use plain text.
 
BlackBerry Development Advisor
BlackBerry Development Advisor
mwoolley
Posts: 112
Registered: 06-25-2010
My Carrier: Vodafone

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-09-2012 02:23 AM

Hi

 

You need the RESE signature to execute against the EMBEDDED secure element but there's a catch. The Eclipse eJDE cannot tell that RESE is required since essentially the same API is used for EMBEDDED vs SIM. Consequently after building your cod file you need to manually sign it by launching the SignatureTool.jar tool from within:

     <your eclipse folder>\ plugins\net.rim.ejde\vmTools

The signing tool "knows" what signatures to apply based on the contents of the .csl file in your \deliverables\standard\7.x.x directory

So before signing, you have to manually edit the file and add the following line:

52455345=RESE

Then try to sign the cod with the signing tool. Don't rebuild before signing and after editing the csl as the csl is generated by the build process and so your manually applied change will be lost.




Report Inappropriate Content
Message 3 of 15 (229 Views)
Reply
0 Likes
Please use plain text.
 
sanika_sudhalkar
Contributor
sanika_sudhalkar
Posts: 22
Registered: 09-14-2010

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-09-2012 03:08 AM

Thanks a lot! The signing works now.

 

Even after signing with RESE, however, I am getting the same exception

 

java.lang.SecurityException

Error Message: JSR 177 access is not permitted because of missing RESE signature class

 

My code is:

 

secureElement = seManager
                        .getSecureElement(SecureElement.EMBEDDED);

String conStr = "apdu:1;target=a0.00.00.00.03.00.00.00";
            connection = (APDUConnection) Connector.open(conStr);

Report Inappropriate Content
Message 4 of 15 (222 Views)
Reply
0 Likes
Please use plain text.
 
BlackBerry Development Advisor
BlackBerry Development Advisor
mwoolley
Posts: 112
Registered: 06-25-2010
My Carrier: Vodafone

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-09-2012 03:51 AM

I think you need to check the sequence of steps carefully. Eclipse will regenerate and overwrite the call file every time it builds so you will lose your manually added entry. So the steps are:

1. Build
2. Edit call file
3. Sign with signature tool

Could you double check please?
Report Inappropriate Content
Message 5 of 15 (218 Views)
Reply
0 Likes
Please use plain text.
 
BlackBerry Development Advisor
BlackBerry Development Advisor
mwoolley
Posts: 112
Registered: 06-25-2010
My Carrier: Vodafone

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-09-2012 03:55 AM

Step 2 should read csl file of course
Report Inappropriate Content
Message 6 of 15 (217 Views)
Reply
0 Likes
Please use plain text.
 
sanika_sudhalkar
Contributor
sanika_sudhalkar
Posts: 22
Registered: 09-14-2010

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-09-2012 04:03 AM

Yes. I followed the following steps in the BlackBerry eclipse plugin 1.3

 

  1. 1. Blackberry -> Sign with signature tool, on my application. here, I saw that the application had been signed for all the 4 signing keys other than RESE
  2. I added the line in the .csl file in the delieverables->7.0.0 folder
  3. I re-did the first step. Here, I saw that the application which was previously signed for the 4 keys, got signed for an additional RESE key.
  4. After this, I loaded the application on my device using BlackBerry->Load Application on Device

After doing all this, I still got the same security exception. I hope the card manager applet ID I am using is not the issue here.

Report Inappropriate Content
Message 7 of 15 (214 Views)
Reply
0 Likes
Please use plain text.
 
BlackBerry Development Advisor
BlackBerry Development Advisor
mwoolley
Posts: 112
Registered: 06-25-2010
My Carrier: Vodafone

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-09-2012 08:28 AM

Hi

 

could you send me your signed cod file please? You can do this via a private message here in the forums or via email if you prefer. I'm in touch with your partners so you should be able to obtain my email address.

 

Thanks

Report Inappropriate Content
Message 8 of 15 (203 Views)
Reply
0 Likes
Please use plain text.
 
Baji
New Contributor
Baji
Posts: 5
Registered: 09-05-2011

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-14-2012 10:27 PM

Can I know how to get this RESE key?

When I registered with the RIM to get Device keys, I got only 3 keys which do not include RESE key.

Report Inappropriate Content
Message 9 of 15 (167 Views)
Reply
0 Likes
Please use plain text.
 
sanika_sudhalkar
Contributor
sanika_sudhalkar
Posts: 22
Registered: 09-14-2010

Re: Security Exception for RESE keys, despite having them installed in the sigtool.

Options

02-15-2012 01:24 AM

The procedure has been provided in the following thread:

 

http://supportforums.blackberry.com/t5/Java-Development/How-to-Access-NFC-Secure-Element/m-p/1358647...

Report Inappropriate Content
Message 10 of 15 (156 Views)
Reply
0 Likes
Please use plain text.