Skip to main content

Changelist 8809

3 replies [Last post]
khendry
Offline
Joined: 2004-08-13

I’m trying to sort out an issue being observed with application loading for a vendor. As part of that investigation I’ve come across a change made back in June so that a signed application with a storage priority of 0 will still be downloaded. In the submission comment you indicate that this is required by the specification. I’m a little rusty in digging such things out of the specs and have so far not found this section in the specification that states this to be the case. Can you please point me to that section? Was there some ECN that added this recently? Or is this just something that was missing the RI from the start?

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
greg80303
Offline
Joined: 2008-07-03

OCAP1.1.3 Section 11.2.1.7:

----
In case that a signed application is not stored in application storage, all files described in all hash files of the application SHALL be downloaded via HTTP protocol, cached in the host, and authenticated prior to launching. Authentication of files on a remote HTTP server is not allowed.
----

In the RI, we just go ahead and store the application anyway, but with a storage_priority of "-1" (an implementation-specific value, not a spec-legal value). This storage priority is given to signed, non-stored apps signaled via OC and HTTP. If application storage is full, and an application with storage_priority > 0 is signaled, these apps will be the first to be deleted. Additionally, upon reboot and re-initialization of the app storage database, all apps with storage_priority < 0 will be deleted.

G

amirn
Offline
Joined: 2009-05-06

Does this over-wright the fact the stack may disable Authentication (i.e use NoAuthenticationManager)?

Is there a way to skip/disable that in a development environment?

Thanks.

greg80303
Offline
Joined: 2008-07-03

There is no way to disable this functionality. The act of determining whether or not an application "is supposed to be signed" (determined by the AppID) is independent of the act of determining whether of not the application "is correctly signed by certs that chain to a known root" (determined by the registered AuthManager ). The former case is what we use to determine whether or not an HTTP app should be downloaded.

We would need a pretty compelling reason to add logic to disable this functionality for testing purposes.

G