symbian 1 Introduction 1.1 Purpose and Scope forcontaining files.the SIS file can contain a files for deplo influence the installation e.g.device specific installations,language-specific installations,and user- selectable optional components. theinstallaiontore that the pak mtsntybeornli can succee 2 SIS File Format 2.1 Overview ormation in the Sls file is split up two separate parts.The first part is the m e s contains all the actual file o b rder t copying the files to the device. 2.1.1 Note on Reservation of SIS Field Values Please note that Symbian reserves the right to extend the set of applicable values relating to defined SIS fields,for example,fields employing bit-indicators such as TInstalFlags. -outside t mbian OS.This may mean,therefore,that packages will fail to install. 2.2 Integrity TealeseoemtauRPoginsaialoaacaeaiceenem2beaerae8e9eeaeahe The SIS file for device. In order sup g.of vo phase only e me data of the SIS file ad The file data,and therefore the integrity of the entire is file is protected by the signed meta-data.This a being insta whilst using an untrusted component to perform any necessary decompression. Separate checksums for each of the meta-data and the file data are present in the SiS file to enable corrupt SiS files to be detected at the beginning of the installation process.These checksums are optiona. www.symbian.com3 1 Introduction 1.1 Purpose and Scope This document describes the newly restructured and redesigned SIS file format, which is introduced to complement the Symbian OS v9.1 release of Software Install. SIS files are used as the primary means of packaging files for deployment to a device, and are interpreted accordingly by the native software installer. As well as simply containing files, the SIS file can contain conditional statements which influence the installation e.g. device specific installations, language-specific installations, and user￾selectable optional components. Symbian OS v9.1 delivers new security features to the device, so operations which were previously possible via software install may now no-longer be possible. In addition, the device-side native installer is now policing the installation to ensure that the package meets certain security criteria before installation can succeed. 2 SIS File Format 2.1 Overview The information in the SIS file is split up into two separate parts. The first part is the meta-data, describing the files that need to be installed. The second part of the SIS file contains all the actual file data. This enables software installation to be split into two phases, a decision and an installation phase. During the decision phase, the SIS file is examined and security checks are carried out in order to verify the install. The installation phase is only carried out if the verification is successful and is the process of copying the files to the device. 2.1.1 Note on Reservation of SIS Field Values Please note that Symbian reserves the right to extend the set of applicable values relating to defined SIS fields, for example, fields employing bit-indicators such as TInstallFlags. The generation of unspecified values – outside the context of the supported MakeSIS and/or SignSIS tools is therefore likely to cause compatibility problems with later versions of Symbian OS. This may mean, therefore, that packages will fail to install. 2.2 Integrity The SIS file format supports signatures and certificates to enable a package to be signed. These signatures are verified during installation, and can also be re-verified after the package is installed on the device. In order to support the processing of the SIS file in two phases, only the meta-data of the SIS file is signed. The metadata contains hashes for each file in the package, in order to ensure the integrity of the file data, and therefore the integrity of the entire SIS file is protected by the signed meta-data. This means that during the installation phase software install can verify the hash against the one included in the signed meta-data for each file being installed, whilst using an untrusted component to perform any necessary decompression. Separate checksums for each of the meta-data and the file data are present in the SIS file to enable corrupt SIS files to be detected at the beginning of the installation process. These checksums are optional