0

I have an app that has been signed with a signkey of the vendor. This app was actually outsourced. So now, I want to rebuild the binary with my signkey without changing the version number. Is this possible?

Summarizing, I want to change the signkey of an already built blackberry app (having only the binaries with me).

Pramod Setlur
  • 811
  • 1
  • 15
  • 27
  • Why don't you want to change the version number? Normally, you should change the version number with every new update of a software project. It can be the **minor** version number if you like (e.g. from 3.0 to 3.0.1). And, if you don't have the source, how are you ever going to do anything with this app? I don't quite understand what you want to do, or why. – Nate Sep 16 '13 at 07:27
  • I agree with Nate's questions. But anyway, is this for BB10 or BB7? As I understand it, for BB10 what you are trying to do is not possible, you will have to change the version number. Moreover, for BB10 if you have the app on BB World, your new app with a different signer may be treated as a different app. In other works, if the outsourced version is on BB World, you may not be able to update it with a new differently signed version. – Peter Strange Sep 16 '13 at 10:59
  • Nope we can't change the version number. It's because its an app that we have outsourced. And we don't want the developer's signkey to be used for the app. And the reason for not having the source code is obvious that they would not want to share the source code with us. I hope you got it as to why. And it is for BB7. http://www.myhowto.org/java/j2me/68-removing-signatures-from-blackberry-applications-and-re-signing-them/ I found the above link somewhat relevant. – Pramod Setlur Sep 17 '13 at 08:33
  • I personally would not attempt to remove a signature on a signed application. Re your out-sourcing company not giving you the code, my experience is that clients who outsource development actually own the code that they have paid for, so isn't it yours? – Peter Strange Sep 17 '13 at 13:23

1 Answers1

1

AFAIK, it is not possible to remove and rebuild an application with a different signing key - the signing key is used by BB to identify the author so removing and re-signing would create problems with rogue apps. But that is only my opinion.

What it is possible to do, is to sign an unsigned application with any key you like.

As a developer, I actually have signing keys that are used by clients so that I sign their apps using their key. So this is one option that you can use, supply the outsourcing company with your keys.

The other option is to get unsigned applications from the developer. These will run on the Simulators, but not on a device. Then you can sign and publish. I am guessing this would be your preferred option.

The problem comes if you already have an application out there that has been signed using your developer's keys. By out there, I mean on BlackBerry World.

Assuming you can get an unsigned version with a higher version number to that on BB World, that you then sign, the implications are:

  • For a BB7 and earlier - none, sign and submit it should work OK
  • For BB10 and later - you will have to add a new application

If you can only get an unsigned version with the same version number, then the implications are:

  • For a BB7 and earlier - lie when you submit your app and give it a higher number
  • for BB10 - you will have to submit a new application, so the version number is not relevant

Assuming you can only get a signed version, then, I think you are out of luck.

Just my opinion...

Peter Strange
  • 2,640
  • 11
  • 11