DEV Community

HarmonyOS
HarmonyOS

Posted on

Profile File Parsing and bundleName Validation Methods

#harmonyos #profilefile #bundlename #bundlevalidation

Read the original article:Profile File Parsing and bundleName Validation Methods

Requirement Description

Can the bundleName be parsed from the HarmonyOS Profile file, and can the Profile file and bundleName be verified for matching?

Background Knowledge

  • For signing HAP packages in the pipeline, please refer to the HAP signing process.

  • For HAP package signing tools, please refer to the application package signing tools.

  • Profile File:
    The Profile file (in.p7b format) is a core configuration file used in HarmonyOS application development for signature verification and device permission management. It contains the application's digital certificate, package name (bundleName), and permission list, ensuring the application has not been tampered with.

  • bundleName:
    The bundleName (package name) is the unique identifier for a HarmonyOS application, used for system-level identification. It follows the reverse domain name format (e.g., com.example.app), allowing only lowercase letters, numbers, and dots (.), and must not start or end with a dot. The length should not exceed 255 characters. Duplicate bundleNames are not allowed on the same device or in the app market, as they may cause installation conflicts or distribution failures.

Implementation Steps

  • Directly parse the Profile file to obtain the bundleName:

Use the hap-sign-tool.jar tool to parse the Profile file via the command line, extract the JSON data, and then locate the bundleName field:

The command line code is as follows:

  java -jar hap-sign-tool.jar verify-profile -inFile your_profile.p7b
Enter fullscreen mode Exit fullscreen mode

Code Snippet / Configuration 

"signingConfigs": {
  "release": {
    "bundleName": "com.example.app",
    "profile": "path/to/profile.p7b"
  }
}
Enter fullscreen mode Exit fullscreen mode

  • Verify the matching of the Profile file with the bundleName:

    • Automatic verification through the packaging process: During the build process, the HarmonyOS toolchain automatically compares the bundleName in app.json5 with the value in the Profile file. If there is a conflict, it triggers a compilation error.
    • Static code analysis: Obtain the current application's bundleName through code (e.g., AbilitySlice.getBundleName()) and manually compare it with the parsed results from the Profile.
    • Check the consistency of the signing configuration file:

    Confirm in build-profile.json5 whether the bundleName matches the definition in the Profile file. If they do not match, it will result in packaging failure (e.g., hvigor ERROR prompt). Example configuration:

    "signingConfigs": {
  "release": {
    "bundleName": "com.example.app",
    "profile": "path/to/profile.p7b"
  }
}

Limitations or Considerations

This example supports API Version 17 Release and later versions.
This example supports HarmonyOS 5.1.0 Release SDK and later versions.
This example requires DevEco Studio 5.1.1 Release or later for compilation and running. Verification Method

Written by Taskhyn Maksim

Top comments (0)