Method for validating a signed program prior to execution time or an unsigned program at execution time
First Claim
Patent Images
1. A method for validating a program, comprising the steps of:
- (a) determining whether a valid digital signature is associated with the program prior to loading the program, (b) if the valid digital signature is associated with the program, then setting a flag to indicate that the program is valid;
(c) if the valid digital signature is not associated with the program, then determining whether the program is valid when the program is executed by checking input parameters to all instructions of the program; and
(d) if the valid digital signature is associated with the program, then executing the program at run time without checking the input parameters to all instructions of the program.
2 Assignments
0 Petitions
Accused Products
Abstract
Validating a signed program prior to execution time or an unsigned program at execution time. A program is validated by checking the input parameters to the instructions of the program to prevent errors associated with executing an instruction using an invalid input parameter. Both signed programs and unsigned programs are accommodated. A signed program is validated during the signing process, whereas an unsigned program is validated at execution time.
-
Citations
15 Claims
-
1. A method for validating a program, comprising the steps of:
-
(a) determining whether a valid digital signature is associated with the program prior to loading the program, (b) if the valid digital signature is associated with the program, then setting a flag to indicate that the program is valid;
(c) if the valid digital signature is not associated with the program, then determining whether the program is valid when the program is executed by checking input parameters to all instructions of the program; and
(d) if the valid digital signature is associated with the program, then executing the program at run time without checking the input parameters to all instructions of the program. - View Dependent Claims (2, 3)
prior to executing the program using a selected input, checking whether the flag is set;
if the flag is set, then determining whether the selected input is within the range of inputs; and
if the selected input is within the range of inputs, then executing the program without further validation.
-
-
3. The method of claim 1, wherein the valid digital signature is associated with the program if the program is valid for a range of inputs to the program, further comprising the steps of:
-
prior to executing the program using a selected input, checking whether the flag is set;
if the flag is set, then determining whether the selected input is within the range of inputs; and
if the selected input is not within the range of inputs, then determining whether the program is valid for the selected input when the program is executed by (a) determining a set of input parameters to an instruction of the program;
(b) checking the validity of the set of input parameters to the instruction;
(c) if the set of input parameters is valid, then executing the instruction;
(d) otherwise, terminating execution of the program; and
(e) repeating steps (a)-(d) for subsequent sets of input parameters to subsequent instructions of the program.
-
-
4. A method for associating a digital signature with a font file containing a program that includes a plurality of hints, comprising the steps of:
-
(a) checking the font file to check structural components of the font file;
(b) checking the font file to check all input parameters to the hints of the program for a predetermined size range of glyphs;
(c) if the structural components and the input parameters to the hints of the program for the predetermined size range are valid, then associating the digital signature with the font file, so that the digital signature is checked when the font file is subsequently loaded to determine whether the font file is valid for the predetermined size range of glyphs; and
(d) if the structural components and the input parameters to the hints of the program are not valid, then not associating the digital signature with the font file. - View Dependent Claims (5, 6, 7)
if the digital signature is valid, then setting a flag to indicate that the font file is valid for the predetermined size range of glyphs.
-
-
6. The method of claim 4, wherein the digital signature is valid, and wherein step (c) further comprises:
-
prior to rendering a glyph at a selected size using the font file, determining whether the selected size of the glyph is within the predetermined size range; and
if the selected size is within the predetermined size range, then rendering the glyph using the font file without further validation of the input parameters to the hints for the selected size.
-
-
7. The method of claim 4, wherein the digital signature is valid, and wherein step (c) further comprises:
-
prior to rendering a glyph at a selected size using the font file, determining whether the selected size of the glyph is within the predetermined size range; and
if the selected size is not within the predetermined size range, then determining whether the program is valid for the selected size by;
(a) determining a set of input parameters to a first hint of the program;
(b) checking the validity of the set of input parameters to the first hint;
(c) if the set of input parameters is valid, then executing the first hint;
(d) otherwise, terminating execution of the program; and
(e) repeating steps (a)-(d) for subsequent sets of input parameters to subsequent hints of the program.
-
-
8. A method for validating a signed program prior to execution time and an unsigned program at execution time, wherein the signed program is signed with a digital signature if the signed program is valid for a predetermined range of inputs to the signed program, comprising the steps of:
-
for the signed program;
prior to execution time, determining whether a selected input is within the range of inputs;
if the selected input is within the range of inputs, then executing the signed program using the selected input; and
if the selected input is not within the range of inputs, then determining whether all input parameters are valid for all instructions of the signed program during run time; and
for the unsigned program;
at execution time, determining whether the unsigned program is valid for the selected input by checking all input parameters to all instructions of the unsigned program for the selected input to the unsigned program. - View Dependent Claims (9, 10, 11)
for the signed program, if the selected input is not within the range of inputs, then determining whether the signed program is valid for the selected input.
-
-
10. The method of claim 9, wherein the step of determining whether the signed program is valid for the selected input comprises:
-
(a) determining a set of input parameters to an instruction of the program based upon the selected input;
(b) checking the validity of the set of input parameters to the instruction;
(c) if the set of input parameters is valid, then executing the instruction;
(d) otherwise, terminating execution of the signed program prior to execution of the instruction; and
(e) repeating steps (a)-(d) for subsequent sets of input parameters to subsequent instructions of the signed program.
-
-
11. The method of claim 8, further comprising the steps of:
-
in response to a request to load the signed program, determining whether the digital signature is valid; and
if the digital signature is valid, then setting a flag to indicate that the signed program is valid.
-
-
12. A computer-readable medium having computer-executable instructions comprising the steps of:
-
prior to executing a program using a selected input, determining whether the program was previously validated over a range of program inputs by checking whether a valid digital signature is associated with the program;
if a valid digital signature is associated with the program, then executing the program at run time without checking the input parameters to all instructions of the program;
if the program was previously validated, then determining whether the selected input is within the range of program inputs;
if the selected input is within the range of program inputs, then executing the program using the selected input without further validation; and
if the program was not previously validated, then determining whether the program is valid for the selected input when the program is executed. - View Dependent Claims (13, 14, 15)
(a) determining a set of input parameters to an instruction of the program based upon the selected input;
(b) checking the validity of the set of input parameters to the instruction;
(c) if the set of input parameters is valid, then executing the instruction;
(d) otherwise, terminating execution of the signed program prior to execution of the instruction; and
(e) repeating steps (a)-(d) for subsequent sets of input parameters to subsequent instructions of the program.
-
-
15. The computer-readable medium of claim 12, wherein the program includes instructions, further comprising the steps of:
-
if the selected input is not within the range of program inputs, then determining whether the program is valid for the selected input by (a) determining a set of input parameters to an instruction of the program based upon the selected input;
(b) checking the validity of the set of input parameters for the instruction;
(c) if the set of input parameters is valid, then executing the instruction;
(d) otherwise, terminating execution of the signed program prior to execution of the instruction; and
(e) repeating steps (a)-(d) for subsequent sets of input parameters to subsequent instructions of the program.
-
Specification