Embedding certifications in executable files for network transmission
First Claim
1. In a local computer system, a method of digitally signing an executable file for distribution over a network from the local computer system to a remote computer system by performing a calculation on contents of the executable file at the local computer system, wherein the executable file is of an executable file format defining a plurality of fields, wherein at least one field has a value modifiable to add a new section elsewhere in the executable file and is designated in the calculation at the local computer system as excluded when performing the calculation to generate a digital signature for the executable file, the method comprising:
- generating the digital signature for the executable file at the local computer system by performing the calculation on at least one of the plurality of fields, excluding the field having a value modifiable to add a new section elsewhere in the executable file and designated in the calculation at the local computer system as excluded when performing the calculation to generate a digital signature for the executable file out of the fields from the calculation;
adding a new section to the executable file at the local computer system by modifying the value of the field having a value modifiable to add a new section elsewhere in the executable file and designated in the calculation at the local computer system as excluded when performing the calculation to generate a digital signature for the executable file; and
at the local computer system, placing the digital signature in the new section to embed the digital signature in the executable file.
2 Assignments
0 Petitions
Accused Products
Abstract
A certification or signature is incorporated in a computer program, an executable file, or code to assure its authenticity and integrity, particularly for receiving it over an open computer network like the Internet. The executable file may be of any executable form, including an executable or portable executable .exe file format, a .cab cabinet file format, an .ocx object control format, or a Java class file. The certification includes a keyed source confirmation with a secure representation of the executable file. In an embodiment, the certification is referenced in a header of the executable file, the reference including a pointer to the keyed source confirmation and an indication of the size of the keyed source confirmation.
423 Citations
28 Claims
-
1. In a local computer system, a method of digitally signing an executable file for distribution over a network from the local computer system to a remote computer system by performing a calculation on contents of the executable file at the local computer system, wherein the executable file is of an executable file format defining a plurality of fields, wherein at least one field has a value modifiable to add a new section elsewhere in the executable file and is designated in the calculation at the local computer system as excluded when performing the calculation to generate a digital signature for the executable file, the method comprising:
-
generating the digital signature for the executable file at the local computer system by performing the calculation on at least one of the plurality of fields, excluding the field having a value modifiable to add a new section elsewhere in the executable file and designated in the calculation at the local computer system as excluded when performing the calculation to generate a digital signature for the executable file out of the fields from the calculation;
adding a new section to the executable file at the local computer system by modifying the value of the field having a value modifiable to add a new section elsewhere in the executable file and designated in the calculation at the local computer system as excluded when performing the calculation to generate a digital signature for the executable file; and
at the local computer system, placing the digital signature in the new section to embed the digital signature in the executable file. - View Dependent Claims (2, 3, 4, 18, 19, 26, 28)
the executable file comprises an attributes-count field, the attributes-count field indicative of how many attributes are in the executable file; the designated field having a value modifiable to add a new section elsewhere in the executable file is the attributes-count field;
said adding increments the attributes-count field to add a new attribute to the executable file, wherein the new section comprises the new attribute; and
said placing places the digital signature into the new attribute of the executable file.
-
-
4. The method of claim 1 wherein said generating calculates a hash for the executable file, excluding the designated field having a value modifiable to add a new section elsewhere in the executable file from the hash.
-
18. The method of claim 1 further comprising:
labeling the new section with an identifier recognized at the remote computer system as a section to be excluded at the remote computer system from calculations verifying the embedded digital signature.
-
19. The method of claim 3 wherein the executable file is of a file format for Java class files.
-
26. The method of claim 4 wherein said generating further excludes information for localizing the executable file from the hash.
-
28. The method of claim 1 wherein said generating produces a hash for the executable file, wherein the executable file is published by a publisher and certified by a certification agency, wherein the publisher has a publisher'"'"'s private key and a publisher'"'"'s public key corresponding to the publisher'"'"'s private key and the certification agency has an agency'"'"'s private key and an agency'"'"'s public key corresponding to the agency'"'"'s private key, the method further comprising:
-
generating a publisher'"'"'s digital certificate comprising the hash encrypted with the publisher'"'"'s private key;
generating an agency'"'"'s digital certificate comprising the publisher'"'"'s public key encrypted with the agency'"'"'s private key;
wherein the hash can be retrieved from the publisher'"'"'s digital certificate by decrypting the encrypted publisher'"'"'s public key with the agency'"'"'s public key and decrypting the encrypted hash with the decrypted publisher'"'"'s public key.
-
-
5. In a local computer system, a method of digitally signing an executable file for distribution over a network from the local computer system to a remote computer system by performing a calculation on contents of the executable file at the local computer system, wherein the executable file is of an executable file format defining a header having a plurality of fields and accommodating modification of a value of a header field in the header to add a new section to the executable file, wherein the header field is designated in the calculation at the local computer system as excluded when performing the calculation to generate a digital signature for the executable file, the method comprising:
-
generating the digital signature for the executable file at the local computer system by performing the calculation on at least a portion of the executable file outside the header and at least a portion of the header, excluding the designated header field out of the fields in the header from the calculation;
adding a new section to the executable file at the local computer system by modifying the value of the designated header field; and
at the local computer system, placing the digital signature in the section to embed the digital signature in the executable file;
wherein the generating step calculates a hash for the executable file, excluding the designated header field from the hash;
wherein the generating step further excludes information for localizing the executable file from the hash.
-
-
6. In a local computer system, a method of digitally signing an executable file for distribution over a network from the local computer system to a remote computer system by performing a calculation on contents of the executable file at the local computer system, wherein the executable file is of an executable file format defining a header having a plurality of fields and accommodating modification of a value of a header field in the header to add a new section to the executable file, wherein the header field is designated in the calculation at the local computer system as excluded when performing the calculation to generate a digital signature for the executable file, the method comprising:
-
generating the digital signature for the executable file at the local computer system by performing the calculation on at least a portion of the executable file outside the header and at least a portion of the header, excluding the designated header field out of the fields in the header from the calculation;
adding a new section to the executable file at the local computer system by modifying the value of the designated header field; and
at the local computer system, placing the digital signature in the section to embed the digital signature in the executable file;
wherein the generating step calculates a hash for the executable file, excluding the designated header field from the hash;
wherein the generating step further excludes information for debugging the executable file from the hash.
-
-
7. In a computer system, a method of digitally signing an executable file comprising a plurality of constants in a constant pool, a constant-pool-count field indicating how many constants are in the constant pool and incrementable to add a new constant to the constant pool, a plurality of attribute-info fields, and an attributes-count field indicating how many attribute-info fields are in the file and incrementable to add a new attribute-info field, the method comprising:
-
generating a hash for the file, excluding from the hash the constant-pool-count field incrementable to add a new constant to the constant pool and the attributes-count field incrementable to add a new attribute-info field, including in the hash at least one of the attribute-info fields and at least one of the constants in the constant pool;
encrypting the hash to form part of a digital signature;
adding a new attribute-info field labeled as a digital signature to the attribute-info fields by performing the steps;
(a) incrementing the constant-pool-count field incrementable to add a new constant to the constant pool, wherein the constant-pool-count field is excluded from the hash;
(b) placing a constant indicative of a digital signature in the constant pool;
(c) incrementing the attributes-count field incrementable to add a new attribute-info field, wherein the attributes-count field is excluded from the hash; and
(d) storing a reference to the constant indicative of a digital signature in the new attribute-info field added by incrementing the constant-pool-count field; and
placing the digital signature in the new attribute-info field added by incrementing the attributes-count to embed the digital signature in the executable file. - View Dependent Claims (8, 20, 27)
labeling the new attribute-info field with an attribute name recognized at a remote computer system as an attribute to be excluded from calculations verifying the embedded digital signature at the remote computer system.
-
-
27. The method of claim 7 wherein said generating further excludes information for localizing the executable file from the hash for the file.
-
9. In a first computer system, a method of confirming a digital signature embedded in an executable file, wherein the executable file comprises a plurality of elements, and a number-of-elements field, the number-of-elements field indicative of how many elements are in the file, wherein one of the elements serves as a digital signature for the executable file, the method comprising:
-
generating calculated identifying information by performing a calculation on a set of fields and elements in the executable file, excluding the number-of-elements field and the element serving as the digital signature from the calculation, including in the calculation at least one of the plurality of elements;
extracting, from the digital signature, provided identifying information having been generated by performing the calculation on a same set of fields and elements in the executable file at a second computer system, wherein the calculation performed at the second computer system excluded the number-of-elements field and the element serving as the digital signature from the calculation and included in the calculation at least one of the plurality of elements; and
comparing the provided identifying information with the calculated identifying information to determine whether the digital signature is valid. - View Dependent Claims (10, 11, 12, 13)
the generating step calculates a hash for the file, excluding the number-of-elements field and the element serving as the digital signature from the hash; - and
the comparing step determines the digital signature is valid if the provided identifying information and the calculated identifying information are identical.
-
-
12. The method of claim 11 wherein the file further comprises an encrypted hash and an encrypted publisher key, the method further comprising:
-
decrypting the encrypted publisher key with a remotely-available agency key to provide an unencrypted publisher key;
decrypting the encrypted hash with the unencrypted publisher key to provide an unencrypted hash serving as the provided identifying information.
-
-
13. The method of claim 11 wherein
the file is of the Common Object File Format and comprises a CertificateTable field and a certificate table; -
the elements are certificates in the file referenced by the certificate table;
the certificate table is of a size indicated by the CertificateTable field;
the number-of-elements field is in the CertificateTable field;
the element serving as the digital signature is a certificate referenced by the certificate table; and
the generating step further excludes the certificate table from the hash.
-
-
14. In a first computer system, a method of confirming a digital signature embedded in an executable file, wherein the executable file comprises a header comprising a plurality of fields, a plurality of elements, and a number-of-elements field in the header, the number-of-elements field indicative of how many elements are in the file, wherein one of the elements serves as a digital signature, the method comprising:
-
generating calculated identifying information by performing a calculation on a portion of the executable file, excluding the number-of-elements field and the element serving as the digital signature from the calculation, including in the calculation at least one field from the header;
extracting, from the digital signature, provided identifying information having been generated by performing the calculation on the portion of the executable file at a second computer system; and
comparing the provided identifying information with the calculated identifying information to determine whether the digital signature is valid;
wherein the generating step calculates a hash for the file, excluding the number-of-elements field and the element serving as the digital signature from the hash; and
the comparing step determines the digital signature is valid if the provided identifying information and the calculated identifying information are identical;
wherein the file is of the Common Object File Format and comprises a CertificateTable field and a certificate table;
the elements are certificates in the file referenced by the certificate table;
the certificate table is of a size indicated by the CertificateTable field;
the number-of-elements field is in the CertificateTable field;
the element serving as the digital signature is a certificate referenced by the certificate table; and
the generating step further excludes the certificate table from the hash;
wherein the file comprises a resource table; and
the generating step further excludes the resource table from the hash.
-
-
15. In a computer system, a method of confirming a digital signature embedded in a file of a Java class file format, wherein the file comprises a plurality of constants in a constant pool, a constant-pool-count field, the constant-pool-count field indicative of how many constants are in the constant pool and incrementable to add a new constant to the constant pool, a plurality of fields defining a set of attributes, and an attributes-count field, the attributes-count field indicative of how many attributes are in the file and incrementable to add a new attribute to the set of attributes, wherein one of the attributes in the set of attributes serves as a digital signature and one of the constants in the constant pool is a constant labeling a digital signature, the method comprising:
-
extracting a first hash from the attribute serving as a digital signature;
calculating a second hash for the file, excluding the constant labeling a digital signature, the constant-pool-count field incrementable to add a new constant to the constant pool, the attribute serving as a digital signature, and the attributes-count field incrementable to add a new attribute to the set to the set of attributes from the second hash, including at least one of the attributes in the set of attributes in the second hash; and
comparing the first hash and the second hash to determine if the first hash is identical to the second hash, thereby determining whether the file has been modified since it was signed with the digital signature. - View Dependent Claims (16, 21, 22, 23)
decrypting an encrypted key residing in the file to generate an decrypted key; and
decrypting an encrypted hash residing in the file with the decrypted key to provide the first hash.
-
-
21. The method of claim 15 wherein the calculating step calculates the second hash for the file using a one pass technique, visiting each field in the file and included in the second hash exactly once to calculate the second hash.
-
22. The method of claim 15 wherein the calculating step further includes in the second hash the attributes-count field decremented by one and the constant-pool-count field decremented by one.
-
23. The method of claim 15 further comprising:
determining whether the file contains a signature;
wherein the calculating step further includes in the second hash the attributes-count field decremented by one and the constant-pool-count field decremented by one when it is determined that the file contains a signature.
-
17. A method of distributing an executable file, wherein the executable file comprises a plurality of elements and a number-of-elements field indicative of how many elements are in the file and incrementable to add a new element to the file, the method comprising:
-
at a first computer, performing the steps;
(a) generating a digital signature for the executable file by calculating a first hash for the executable file, excluding the number-of-elements field incrementable to add a new element to the file from the first hash, and including at least one of the plurality of elements in the first hash;
(b) adding a digital signature element to the executable file by incrementing the number-of-elements field incrementable to add a new element to the file, wherein the number-of-elements field was excluded when generating the digital signature for the executable file; and
(c) placing the digital signature in the digital signature element added by incrementing the number-of-elements field to embed the digital signature in the executable file; and
at a second computer, performing the steps;
(d) calculating a second hash for the executable file, excluding the number-of-elements field and the digital signature element from the second hash, and including the at least one of the plurality of elements in the second hash;
(e) extracting the first hash from the digital signature element; and
(f) comparing the first hash with the second hash to determine whether the executable file was modified after the digital signature was embedded therein.
-
-
24. In a computer system, a method of performing hash calculations to generate a hash value for a file to ensure hash invariance irrespective of the presence of a signature in the file, wherein the file comprises a plurality of fields and a set of a plurality of elements, at least one of the fields tracking how many elements are in the set and incrementable to add an element to the set of a plurality of elements, the method comprising:
-
to generate the hash value for the file, performing a hashing function on at least one of the plurality of fields during hash calculations;
to generate the hash value for the file, performing a hashing function on at least one of elements in the set of a plurality of elements during hash calculations;
when generating the hash value for the file, excluding from hash calculations the at least one of the fields tracking how many elements are in the set and incrementable to add an element to the set of a plurality of elements; and
when generating the hash value for the file, excluding from hash calculations an element in the set of a plurality of elements tagged as a digital signature element, if any. - View Dependent Claims (25)
the file is of a Java class format comprising a constant pool; the at least one of the fields tracking how many elements are in the set and incrementable to add an element to the set of a plurality of elements is an attributes-count field; and
the element in the set of a plurality of elements tagged as a digital signature element, if any, is tagged using a constant in the constant pool.
-
Specification