01-14-2011 06:04 PM
I'm having a lot of trouble trying to encrypt some login information that I want to store in the PersistentStore. I've tried following this article:
But the first thing it asks you to do is get a .KEY file from the BlackBerry "Private Key Administration" tool. When I run that tool it doesn't allow me to enter any information, it just shows me what looks like a public key dialog, with an Email, Change Password and Exit buttons. Where's the .KEY file? It's not in the stated file location:
C:\Program Files\Research In Motion\BlackBerry Password Based Code Signing Authority\data
I see an "ID" field with a four letter key ID, but when I use that in my app I get a null result from CodeSigningKey.get(moduleHandle, "XXXX").
My application has .csi files for signing the code to allow it to run on a real phone, which does work, I just can't seem to generate a .key file for persistence use.
Any help would be greatly appreciated!
Solved! Go to Solution.
01-15-2011 05:51 AM
When you install the CodeSigningAuthority and create your signing key file, you need to include that in any project that you want to be able to use that key. You can only get the key if it is included in the project. This also adds the key as a required signer when using the signing tool.
01-15-2011 11:25 AM
OK, I'm starting to understand this whole thing a bit better I think. Say I want to encrypt a password and store it in the persistent store so that only my app can decode it, a lot like this article:
The above article doesn't mention it, but do I need to run some kind of signing server, the "Web Signer", that is used to sign my app along with the .CSI keys that I got from BlackBerry? When I run the Web Signer tool "Check Status of Service" is states "The WebSigner service is not installed".
If I need to be running a web server, is my app going to be requesting a key or using that server somehow to encrypt the persistent data? Do I need to run this server constantly so that when my app is in the field it can request encryption from it? I just don't understand how giving the app just the public key allows it to encrypt and decrypt. Doesn't that require a public key and a private key?
I just don't understand how I can include a .KEY file when one isn't generated by the Private Key Administration tool on my machine. It also asks for an SMTP server to email the key to a "client", but when I attempt to use my normal mail server it fails. Another assumption I have is that this SMTP server is somehow related to the WebServer that is not able to run on my machine.
I think I'll try to uninstall that whole mess and see if I can get it reinstalled and run the web server that seems to come along with it.
I'm running Win7-64bit and a lot of the RIM tools seem to have a problem with that.
Thanks again for any advice!
01-16-2011 02:17 AM
You do not need a web server if you are going to be the only developing with your api or on your app. The web server is for use if you want to distribute a 3rd party api for other users to use. They would need to request signatures from your web service in that case.
When you intall the signing server and setup the info in the signing autority it should create a folder called data that has the key file that you generated.
When you include the key file your project is encrypted with the private key and the public key is stored in the cod file. You use the CodeSigningKey to request the public key, but this can only be done by an app also signed by your private key.
01-16-2011 01:47 PM
Got it. It required an uninstall / reinstall in order to work. I'm not sure why, but previously it had a data directory but had nothing in it and wouldn't put anything in it. After the reinstall it created the data directory and put the .key file and I was able to continue on with the steps and sign my app with my private key.
Thanks very much for helping, I didn't know if I needed a web server or not and was concerned it that it might not work with Win7 64-bit.