ELECTRONIC DEVICES, INFORMATION PRODUCTS, PROCESSES OF MANUFACTURE AND APPARATUS FOR ENABLING CODE DECRYPTION IN A SECURE MODE USING DECRYPTION WRAPPERS AND KEY PROGRAMMING APPLICATIONS, AND OTHER STRUCTURES
First Claim
1. An electronic device comprising:
- a non-volatile store holding a plurality of encrypted sub-applications, and application-specific identifications to respectively identify the encrypted sub-applications, and at least one wrapper having a representation of code to call a function and supply a said application-specific identification to the called function to determine a storage location and access the storage location for contents and to call for decryption of the encrypted sub-application using the contents of the storage location as a key; and
a processor coupled to said non-volatile store and operable to access the representation of code and execute the code.
1 Assignment
0 Petitions
Accused Products
Abstract
An electronic device (1640) includes a non-volatile store (1620) holding a plurality of encrypted sub-applications (SubApp n), and application-specific identifications (ASIDs) to respectively identify the encrypted sub-applications (SubApp n), and at least one wrapper having a representation of code to call (2220) a function (KPPA2) and supply a said application-specific identification (ASID) to the called function (KPPA2) to determine a storage location (UU) and access (2250) the storage location (UU) for contents and to call (2260) for decryption of the encrypted sub-application (SubApp n) using the contents of the storage location (UU) as a key; and a processor (1660) coupled to said non-volatile store (1620) and operable to access the representation of code and execute the code (2220, 2260). Various electronic devices, information products, processes of manufacture, and apparatus are disclosed and claimed.
71 Citations
25 Claims
-
1. An electronic device comprising:
-
a non-volatile store holding a plurality of encrypted sub-applications, and application-specific identifications to respectively identify the encrypted sub-applications, and at least one wrapper having a representation of code to call a function and supply a said application-specific identification to the called function to determine a storage location and access the storage location for contents and to call for decryption of the encrypted sub-application using the contents of the storage location as a key; and a processor coupled to said non-volatile store and operable to access the representation of code and execute the code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A process of manufacturing an electronic device including a non-volatile storage coupled with a processor chip that has a stored chip-specific key and a volatile on-chip secure memory, the process of manufacturing comprising:
-
loading the volatile on-chip secure memory with a key programming application and with a first encrypted form of a first key encrypted by a second key; operating the processor chip by the key programming application in a secure mode to decrypt the first encrypted form of the first key to recover the first key itself inside the processor chip, generate a second encrypted form of the first key so that the first key is encrypted by the chip-specific key inside the processor chip, and store the second encrypted form of the first key in non-volatile form somewhere in the electronic device; and providing a key retrieval application in non-volatile form somewhere in the electronic device to call for decrypting the second encrypted form of the first key at run-time. - View Dependent Claims (10, 11, 13)
-
-
12. The process claimed in 9 wherein the loading includes loading initialization instructions for accessing the secure mode and executing the initialization instructions on the processor chip to load the key programming application into the volatile on-chip secure memory.
-
14. An information product comprising:
-
a plurality of encrypted sub-applications; application-specific identifications to respectively identify the encrypted sub-applications; and at least one wrapper having a representation of code to call a function and supply a said application-specific identification to the called function to determine a decryption key and to call for decryption of the encrypted sub-application using the decryption key. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A process of manufacturing an information product, the process comprising:
-
providing application code; dividing the application code into the a plurality of sub-applications; encrypting the sub-applications with at least one key; adding a plurality of sub-application wrappers and identifications corresponding to the encrypted sub-applications respectively; and signing as a whole the sub-applications, the wrappers, and the identifications all together. - View Dependent Claims (20)
-
-
21. An apparatus for processing a unit of an electronic device having a processor chip and for use with an encrypted application encrypted with a first key, the apparatus comprising:
-
a control processor; an interface coupled to said control processor; and a storage coupled to said control processor and storing a key programming application including instruction code to operate the processor chip to cryptographically process the first key, said control processor operable to deliver the key programming application from said storage into the processor chip via said interface. - View Dependent Claims (22, 23, 24, 25)
-
Specification