使用UICC运营商特权证书签署应用 [英] Sign App with UICC Carrier Privileges Certificates

问题描述

我正在阅读有关此链接的信息.具有运营商特权的应用程序.

I was reading information on this link in regards to signing an application with carrier privileges.

我知道如何使用用于生产版本的密钥库对应用程序进行签名，但是如何将UICC证书添加到我的应用程序中以使其获得运营商特权?

I am aware of how to sign an application using a keystore for production releases, but how do I add UICC certificates to my app so it gets carrier privileges?

我的主要目标是能够调用 TelephonyManager 函数，例如:

My main goal is to be able to call TelephonyManager functions like:

iccOpenLogicalChannel
iccCloseLogicalChannel
iccTransmitApduLogicalChannel
iccTransmitApduBasicChannel

这是调用上述函数之一时得到的堆栈跟踪:

This is the stack trace I get when calling one of the above functions:

E/AndroidRuntime: FATAL EXCEPTION: main
E/AndroidRuntime: Process: com.xxxx, PID: 2668
E/AndroidRuntime: java.lang.SecurityException: No modify permission or carrier privilege.
E/AndroidRuntime:     at android.os.Parcel.readException(Parcel.java:1599)
E/AndroidRuntime:     at android.os.Parcel.readException(Parcel.java:1552)
E/AndroidRuntime:     at com.android.internal.telephony.ITelephony$Stub$Proxy.iccOpenLogicalChannel(ITelephony.java:2966)
E/AndroidRuntime:     at android.telephony.TelephonyManager.iccOpenLogicalChannel(TelephonyManager.java:2914)
E/AndroidRuntime:     at android.view.View.performClick(View.java:5198)
E/AndroidRuntime:     at android.view.View$PerformClick.run(View.java:21147)
E/AndroidRuntime:     at android.os.Handler.handleCallback(Handler.java:739)
E/AndroidRuntime:     at android.os.Handler.dispatchMessage(Handler.java:95)
E/AndroidRuntime:     at android.os.Looper.loop(Looper.java:148)
E/AndroidRuntime:     at android.app.ActivityThread.main(ActivityThread.java:5417)
E/AndroidRuntime:     at java.lang.reflect.Method.invoke(Native Method)
E/AndroidRuntime:     at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:726)
E/AndroidRuntime:     at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:616)

提前谢谢！

推荐答案

您应该问自己的问题实际上是一个不同的问题:如何将我的应用程序签名密钥的证书获取到UICC? em>有了它，实际的签名过程便与任何其他密钥库都没有什么不同.

The question that you should ask yourself is actually a different one: How do I get the certificate for my app signing key into the UICC? Once you have that, the actual signing process is no different than with any other keystore.

因此，您将拥有一个密钥库，其中包含签名密钥对和该密钥的证书.该证书可以是自签名证书(通常是Android应用程序签名密钥的情况)，也可以是UICC所有者向您颁发的证书(MNO/运营商).在第一种情况下，您需要说服UICC所有者将自签名证书添加到UICC上的访问控制列表(/应用程序)中.在第二种情况下，运营商通常会包含与颁发给您的UICC证书相对应的根证书.

So, you would have a keystore containing your signing key pair and a certificate for that key. The certificate could either be a self-signed certificate (that's typically the case for Android app signing keys) or a certificate issued to you by the UICC owner (MNO/carrier). In the first case, you would need to convince the UICC owner to add that self-signed certificate to the access control list(/application) on your UICC. In the second case, the carrier would typically include the root certificate corresponding to the certificate issued to you to the UICC.

然后您可以使用该密钥库对应用进行签名(就像平时一样).

You could then use that keystore to sign an app (just as you usually do).

这篇关于使用UICC运营商特权证书签署应用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！