Secured distribution of software updates
First Claim
Patent Images
1. A method comprising:
- downloading manifest data for an update into a client device, the manifest data comprising a plurality of attributes for the update including a location where the update is stored;
determining whether the manifest data is valid by validating a signature of the manifest data stored in the manifest data;
based on the manifest data being valid, downloading, separately from the downloading of the manifest data, the update to software from the location determined from the validated manifest data and based on a determination using the manifest data that the update is applicable;
validating a signature of the update to the software stored in the manifest data after the downloading of the update;
storing the update into a machine-readable medium;
revalidating the signature of the update to the software after the storing and prior to installation of the update to the software; and
installing, using one or more processors, the update to the software on the client device, in response to a determination that the signature of the update is validated after receipt and revalidated prior to installation.
2 Assignments
0 Petitions
Accused Products
Abstract
In some embodiments, a system includes a signature server comprising a signature unit to receive an update to a software application. The signature server also includes a first machine-readable medium to store a mapping between an identification of the software application and an address of a location of a private key. The system includes a cryptographic device coupled to an external port of the signature server. The cryptographic device includes a second machine-readable medium to store the private key. The cryptographic device also includes a cryptographic unit to generate a signature of the update based on the private key.
-
Citations
24 Claims
-
1. A method comprising:
-
downloading manifest data for an update into a client device, the manifest data comprising a plurality of attributes for the update including a location where the update is stored; determining whether the manifest data is valid by validating a signature of the manifest data stored in the manifest data; based on the manifest data being valid, downloading, separately from the downloading of the manifest data, the update to software from the location determined from the validated manifest data and based on a determination using the manifest data that the update is applicable; validating a signature of the update to the software stored in the manifest data after the downloading of the update; storing the update into a machine-readable medium; revalidating the signature of the update to the software after the storing and prior to installation of the update to the software; and installing, using one or more processors, the update to the software on the client device, in response to a determination that the signature of the update is validated after receipt and revalidated prior to installation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 15)
-
-
9. A non-transitory machine-readable medium including instructions, which when executed by at least one processor of a machine, causes the machine to perform operations comprising:
-
downloading manifest data for an update to a software application, the manifest data comprising a plurality of attributes for the update including a location where the update is stored; validating a signature of the manifest data stored in the manifest data; performing the following operations, in response to a determination that the signature of the manifest data is valid, downloading, separately from the downloading of the manifest data, the update from the location determined from the validated manifest data into a machine-readable medium of the machine; validating a signature of the update after receipt of the update, the signature of the update being stored in the manifest data; performing the following operations, in response to a determination that the signature of the update is valid, storing the update into a protected machine-readable medium of the machine; revalidating the signature of the update after storing the update and prior to installation of the update; and installing the update on the machine. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
16. A method comprising:
-
receiving a binary of an update to an application into a signature server; receiving an identification of the application into the signature server; mapping, using at least one processor, the identification of the application to an address within a cryptographic device that is coupled to an external port of the signature server; generating, within a cryptographic device, a hash across the binary, using a private key that is stored in the cryptographic device and associated with the application; and outputting manifest data for the binary for subsequent downloading of the binary and manifest data into one or more client devices, the manifest data comprising the hash and a location where the update is stored, the downloading of the binary being performed separately from the downloading of the manifest data from the location determined from the manifest data after the manifest data is validated using a signature of the manifest data stored in the manifest data. - View Dependent Claims (17, 18)
-
-
19. A system comprising:
-
a signature server comprising, a signature unit to receive an update to a software application; a first machine-readable medium to store a mapping between an identification of the software application and an address of a location of a private key; a cryptographic device coupled to an external port of the signature server, the cryptographic device comprising, a second machine-readable medium to store the private key; and a cryptographic unit to generate a signature of the update based on the private key, the signature of the update being stored within manifest data and being used to validate the update after downloading of the update and used to revalidate the update after the update is stored and prior to installation of the update. - View Dependent Claims (20, 21)
-
-
22. An apparatus comprising:
-
a non-transitory machine-readable medium to store an update to a software application; and an update unit to transmit the update over a network to a signature server, the update unit to receive a signature of the update, a size of the update and a version of the update that is derived from a timestamp of an operation performed by the signature server on the update, the update unit to generate manifest data for the update, the manifest data comprising a signature for the manifest data, the signature of the update, a location where the update is stored, the size of the update, the version of the update, and an identification of the software application, the update unit to upload the update and manifest data to an update server, the upload of the update being performed separately from the upload of the manifest data using the location of the manifest data after the manifest data is validated using a signature of the manifest data stored in the manifest data. - View Dependent Claims (23, 24)
-
Specification