BUNDLE PACKAGE SIGNING

US 20140359605A1
Filed: 05/30/2013
Published: 12/04/2014
Est. Priority Date: 05/30/2013
Status: Abandoned Application

First Claim

Patent Images

1. A method for digitally signing a bundle package, comprising:

performing a first digital signature operation for a bundle package associated with an application, the bundle package comprising a first app package and a first resource package, the first digital signature operation comprising;

digitally signing the first app package with a first app package signature utilizing a digital signing certificate to create a signed first app package;

digitally signing the first resource package with a first resource package signature utilizing the digital signing certificate to create a signed first resource package; and

creating a signed bundle package signed with a bundle package signature utilizing the digital signing certificate, a set of signature properties shared by the first app package signature, the first resource package signature, and the bundle package signature.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One or more techniques and/or systems are provided for generating a bundle package, digitally signing the bundle package, selectively disturbing the bundle package, and/or indexing one or more resource packages retrieved from the bundle package. That is, a bundle package (e.g., an application or game bundle package) comprises one or more app packages comprising application code configured to execute on various computing environments (e.g., operating systems, processors, etc.). The bundle package may comprise one or more resource packages comprising supplemental data used to provide optional user experience functionality for the application (e.g., French language support, high resolution textures, a gaming pad support, etc.). In this way, a client device may selectively download portions of the bundle package that may be relevant, which may mitigate download bandwidth, storage space, or resources otherwise used to obtain unnecessary portions of the bundle package (e.g., a tablet device may merely download low resolution textures).

46 Citations

View as Search Results

20 Claims

1. A method for digitally signing a bundle package, comprising:
- performing a first digital signature operation for a bundle package associated with an application, the bundle package comprising a first app package and a first resource package, the first digital signature operation comprising;
  
  digitally signing the first app package with a first app package signature utilizing a digital signing certificate to create a signed first app package;
  
  digitally signing the first resource package with a first resource package signature utilizing the digital signing certificate to create a signed first resource package; and
  
  creating a signed bundle package signed with a bundle package signature utilizing the digital signing certificate, a set of signature properties shared by the first app package signature, the first resource package signature, and the bundle package signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, the first digital signature operation corresponding to a single signing operation utilizing the digital signing certificate.
  - 3. The method of claim 1, the set of signature properties comprising at least one of:
    - a digital signing certificate owner;
      
      a chain certification of authority;
      
      a key usage;
      
      a signature validation date;
      
      a signature encryption strength;
      
      ora signature timestamp.
  - 4. The method of claim 1, the performing a first digital signature operation comprising:
    - extracting the first app package and the first resource package from the bundle package as an extracted first app package and an extracted first resource package;
      
      digitally signing the extracted first app package as a signed extracted first app package; and
      
      digitally signing the extracted first resource package as a signed extracted first resource package.
  - 5. The method of claim 4, comprising:
    - returning the signed extracted first app package to the bundle package as the signed first app package;
      
      returning the signed extracted first resource package to the bundle package as the signed first resource package; and
      
      signing the bundle package to create the signed bundle package.
  - 6. The method of claim 4, comprising:
    - creating a new bundle package utilizing the signed extracted first app package as the signed first app package and the signed extracted first resource package as the signed first resource package; and
      
      signing the new bundle package utilizing the bundle package signature to create the signed bundle package.
  - 7. The method of claim 1, the digitally signing the first app package comprising:
    - signing the first app package in-place while the first app package is comprised within the bundle package.
  - 8. The method of claim 1, the digitally signing the first resource package comprising:
    - signing the first resource package in-place while the first resource package is comprised within the bundle package.
  - 9. The method of claim 1, bundle package comprising one or more app packages and one or more resource packages, and the performing a first digital signature operation comprising:
    - sequentially signing the one or more app packages and the one or more resource packages using the digital signing certificate.
  - 10. The method of claim 1, bundle package comprising one or more app packages and one or more resource packages, and the performing a first digital signature operation comprising at least one of:
    - signing the first app package and the first resource package in parallel using the digital signing certificate;
      
      signing the first app package and a second app package in parallel using the digital signing certificate;
      
      orsigning the first resource package and a second resource package in parallel using the digital signing certificate.
  - 11. The method of claim 1, the signed bundle package comprising one or more signed app packages signed using the digital signing certificate, the one or more signed app packages comprising application code for the application;
    - the signed bundle package comprising one or more signed resource packages signed using the digital signing certificate, the one or more signed resource packages comprising supplemental code configured to provide optional user experience functionality for the application.
  - 12. The method of claim 11, the one or more signed resource packages comprising the signed first resource package and a signed second resource package, the signed first resource package corresponding to at least one of first language user experience data, first resolution data, first screen scale data, or first multimedia application programming interface (API) version data;
    - the signed second resource package corresponding to at least one of second language user experience data, second resolution data, second screen scale data, or second multimedia API version data.
  - 13. The method of claim 11, comprising:
    - exposing the signed bundle package for download through an app marketplace, the one or more signed resource packages exposed as optional downloads for the application.
  - 14. The method of claim 1, the signed bundle package comprising a signed second resource package, and the method comprising:
    - receiving a bundle acquisition request from a client device, the bundle acquisition request specifying the signed first app package and the signed first resource package; and
      
      selectively providing the signed first app package and the signed first resource package, but not the signed second resource package, to the client device for signature validation and installation of the application.

15. A system for digitally signing a bundle package, comprising:
- a digital signature component configured to;
  
  perform a first digital signature operation for a bundle package associated with an application, the bundle package comprising a first app package and a first resource package, the first digital signature operation comprising;
  
  digitally signing the first app package with a first app package signature utilizing a digital signing certificate to create a signed first app package;
  
  digitally signing the first resource package with a first resource package signature utilizing the digital signing certificate to create a signed first resource package; and
  
  creating a signed bundle package signed with a bundle package signature utilizing the digital signing certificate, a set of signature properties shared by the first app package signature, the first resource package signature, and the bundle package signature.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The system of claim 15, the digital signature component configured to:
    - sign the first app package in-place while the first app package is comprised within the bundle package; and
      
      sign the first resource package in-place while the first resource package is comprised within the bundle package.
  - 17. The system of claim 15, the digital signature component configured to:
    - extract the first app package and the first resource package from the bundle package as an extracted first app package and an extracted first resource package;
      
      digitally sign the extracted first app package as a signed extracted first app package;
      
      digitally sign the extracted first resource package as a signed extracted first resource package;
      
      return the signed extracted first app package to the bundle package as the signed first app package;
      
      return the signed extracted first resource package to the bundle package as the signed first resource package; and
      
      sign the bundle package to create the signed bundle package.
  - 18. The system of claim 15, the digital signature component configured to:
    - extract the first app package and the first resource package from the bundle package as an extracted first app package and an extracted first resource package;
      
      digitally sign the extracted first app package as a signed extracted first app package;
      
      digitally sign the extracted first resource package as a signed extracted first resource package;
      
      create a new bundle package utilizing the signed extracted first app package as the signed first app package and the signed extracted first resource package as the signed first resource package; and
      
      sign the new bundle package utilizing the bundle package signature to create the signed bundle package.
  - 19. The system of claim 15, the signed bundle package comprising a signed second resource package, and the system comprising:
    - an app distribution component configured to;
      
      receive a bundle acquisition request from a client device, the bundle acquisition request specifying the signed first app package and the signed first resource package; and
      
      selectively provide the signed first app package and the signed first resource package, but not the signed second resource package, to the client device for signature validation and installation of the application.

20. A computer readable medium comprising instructions which when executed at least in part via a processing unit perform a method for digitally signing a bundle package, comprising:
- performing a first digital signature operation for a bundle package associated with an application, the bundle package comprising a first app package and a first resource package, the first digital signature operation comprising;
  
  digitally signing the first app package with a first app package signature utilizing a digital signing certificate to create a signed first app package;
  
  digitally signing the first resource package with a first resource package signature utilizing the digital signing certificate to create a signed first resource package; and
  
  creating a signed bundle package signed with a bundle package signature utilizing the digital signing certificate, a set of signature properties shared by the first app package signature, the first resource package signature, and the bundle package signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Leet, Simon, Sheth, Sarjana, O'Brien, Patrick T. Jr., Davis, Jack Roger

Application Number

US13/905,554
Publication Number

US 20140359605A1
Time in Patent Office

Days
Field of Search
US Class Current

717/178
CPC Class Codes

G06F 21/10 Protecting distributed prog...

G06F 8/61 Installation

BUNDLE PACKAGE SIGNING

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

46 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

BUNDLE PACKAGE SIGNING

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others