How to protect application copyright information on Symbian
This article explains a method to check at runtime that your application copyright information, as defined in the application PKG file, has not been modified (by hackers etc.).
Article Metadata
Code Example
Tested with
Compatibility
Platform Security
Article
Contents |
Introduction
As a developer / publisher you always worry that your application SIS(X) file will be distributed illegally, and that your copyright information will be removed or modified (this can be done quite easily by unpacking your file using tools like SISContents and then repackaging it).
This article shows how you can query the package file information at runtime and confirm that it matches the values expected. This information can then be used to disable the app or to use other methods to encourage purchase of a legal version.
Prerequisites
Unzip the following files over your SDK: File:SISRregistryClient Libraries.zip
These are obtained from the Symbian^3 open source code (Symbian PDK 3.0.4)
Source code
MMP File - required libraries
LIBRARY sisregistryclient.lib
.h fiile - required headers
#include <sisregistrysession.h>
#include <sisregistryentry.h>
Call the function ValidPkgL() when your application starts to check whether your installed application information found in the PKG file is original or altered.
TBool CAppUi::ValidPkgL()
{
TBool ValidPKG = ETrue;
Swi::RSisRegistrySession iSisRegSession;
if (KErrNone != iSisRegSession.Connect() )
{
return ValidPKG;
}
CleanupClosePushL( iSisRegSession );
RPointerArray< HBufC > packageFiles;
CleanupClosePushL( packageFiles );
//Add here you application UID to access your installed application PKG file.
const TUid packageId = TUid::Uid(0x00000000);
Swi::RSisRegistryEntry packageEntry;
if( KErrNone == packageEntry.Open( iSisRegSession, packageId ) )
{
CleanupClosePushL( packageEntry );
if(packageEntry.PackageNameL()->Alloc()->Des() != _L("Add here your application name as in your project PKG file, to check its validity."))
{
ValidPKG = EFalse;
}
if(packageEntry.UniqueVendorNameL()->Alloc()->Des() != _L("Add here the vendor name as in your project PKG file, to check its validity."))
{
ValidPKG = EFalse;
}
if(packageEntry.LocalizedVendorNameL()->Alloc()->Des() != _L("Add here the localized vendor name as in your project PKG file, to check its validity."))
{
ValidPKG = EFalse;
}
// Add here the application UID as in your project PKG file, to check its validity.
if(packageEntry.UidL() != TUid::Uid(0x00000000))
{
ValidPKG = EFalse;
}
// Add here your application version numbers as in your project PKG file.
if(packageEntry.VersionL().iMajor != 1 || packageEntry.VersionL().iMinor != 0 || packageEntry.VersionL().iBuild != 0)
{
ValidPKG = EFalse;
}
packageEntry.FilesL( packageFiles );
// Add here the number of the files to be installed by your original (*.Sis/x) file, to avoid other hackers adding new files to get installed during the installation process.
// For example (Application.exe - Application.rss - Application_reg.rss - Application_aif.mif - Application.mbm - etc.)
if(packageFiles.Count() != 5)
{
ValidPKG = EFalse;
}
// You can also go through each file name that are being (As it should be ) installed by your application file, and check its validity.
for( TInt pf = 0; pf < packageFiles.Count(); ++pf )
{
// packageFiles[pf]->Alloc()->Des()
}
packageFiles.ResetAndDestroy();
CleanupStack::PopAndDestroy( &packageEntry );
}
CleanupStack::PopAndDestroy( &packageFiles );
CleanupStack::PopAndDestroy( &iSisRegSession );
return ValidPKG;
}
Summary
This code above helps you to guarantee / save your application copyrights information from being altered by others in a very simple and effective way. In addition you can also use the code mentioned above to access other applications information exist in their PKG file, just as when you access these information via the built-in system application (Application Manager - Installations).
