Application signing is the process of digitally signing executables,
scripts, and content of an application to confirm the application author
and guarantee that the application has not been altered or corrupted
since it was signed. The process employs the use of a cryptographic hash
to validate authenticity and integrity.
Tizen requires that all applications are digitally signed with a proper
signing key and certificate before they can be installed.
Through application signing, Tizen achieves the following goals:
All Tizen applications must have at least 2 signatures:
Figure: Signature type
Tizen API privileges represent the ability to use a certain set of
sensitive APIs and secure system resources. The privileges are
categorized into 3 levels according to their security and privacy level:
For an application to use a privileged API, the distributor signature
must be generated from a certificate (and its signing key) with a proper
privilege level. If an application has a distributor signature generated
from a partner level certificate (and its signing key), the application
can use only public and partner level APIs.
The following table shows the relationship between the certificate (and
signing key) privilege level and the API privilege level.
Table: API levels allowed in specific certificate privilege levels
|Certificate privilege level||Public level API||Partner level API||Platform level API|
|Public level||Allowed||Not allowed||Not allowed|
|Partner level||Allowed||Allowed||Not allowed|
You can sign your application with your own author signing key and a
testing distributor signing key in Tizen Studio. With those, you can
install and test the application on your test device and an emulator.
When the application is submitted to a store after development, the
store removes the testing distributor signature and adds the store
distributor signature for the application release. Normal applications
are signed with the public level distributor signing key in the store.
Some applications granted from a device vendor are allowed to be signed
with the partner level distributor signing key. Signing with the
platform level distributor key is permitted only for the internal
application of a device vendor or Tizen.
The following figure illustrates the signature and certificate flow.
Figure: Signature flow
The testing distributor certificate and its signing key with the public
level are preloaded in Tizen Studio. The author certificate and its
signing key can also be created in Tizen Studio. For more
information, see Working with the Certificate
A device vendor can disallow unauthorized applications to be installed
on its devices to protect its devices from viruses and malwares. Samsung
also disallows unauthorized applications to be installed on its Tizen
devices. In such cases, you must get an author certificate and a
distributor certificate from the device vendor. For more information,
see Issuing a Tizen Certificate and Running Applications in Commercial
The application signing scheme of Tizen follows the specification of the
XML Digital Signatures for Widgets specified by
The following figure shows the signature file structure.
Figure: Signature file structure