If the device can verify the authenticity and integrity of the MIDlet
suite and assign it to a protection domain, the MIDlet suite is said to be
trusted. A trusted MIDlet suite will have its requested permissions granted
according to its protection domain. For example, if the javax.microedition.io.Connector.http permission
was requested and the protection domain has set the permission as allowed,
no user confirmation will be needed to open an HTTP connection.
Do not confuse the concept of trusted MIDlet suite with the trusted protection domain. Each trusted MIDlet suite is assigned to a particular protection domain depending on the authorization mechanism.
To sign your MIDlet you will need a code-signing certificate conforming to the X.509 Public-Key Infrastructure (PKI) specification. The device will use a set of root certificates to validate the MIDlet suite's certificate. Among them it is expected to find the manufacturer's root certificate and well-known CA's root certificates. Depending on the CA's policy, the certificate can include any number of intermediate certificates that should also be included in the MIDlet.
All the certificates used to sign the MIDlet are to be included in the
suite's JAD file using the MIDlet-Certificate-<n>-<m> attributes. Besides
the certificates, the SHA1 digest of the JAR file signed with the suite's
certificates is stored in the JAD file on the MIDlet-Jar-RSA-SHA1 attribute.
The process of verifying whether a MIDlet suite is trusted is done when
the suite is downloaded or installed. The application manager checks the JAD
file and if it contains a MIDlet-Jar-RSA-SHA1 attribute,
it will initiate the authentication and authorization procedures.
During the authentication, it reads the chain of certificates in the JAD file written in the attributes MIDlet-Certificate-<n>-<m> (where n and m are numbers indicating the certificate chain), and tries to validate the certificate with one of the root certificates.
If the certificate chain can be validated to a root certificate, the
device will extract the public key from the MIDlet's suite certificate and
use it to decrypt the MIDlet-Jar-RSA-SHA1 attribute.
The resulting value will be the SHA1 digest of the MIDlet JAR. The MIDP implementation
will then calculate the same digest value from the JAR file.
If both digests are equal, the MIDlet suite is authenticated and it will be allocated to the protection domain assigned to the root certificate. If one or more requested permissions on the MIDlet-Permissions attribute are not in the protection domain, the installation will not be allowed to continue. On the other hand, if some of the requested MIDlet-Permissions-Opt are not in the protection domain, the installation can proceed.