×

System and computer readable medium for verifying access to signed ELF objects

  • US 8,312,431 B1
  • Filed: 09/19/2005
  • Issued: 11/13/2012
  • Est. Priority Date: 09/17/2004
  • Status: Active Grant
First Claim
Patent Images

1. A computer system for verifying an Executable and Linking File (ELF) object, comprising:

  • a processor;

    a memory;

    a storage device; and

    software instructions stored in the memory for enabling the computer system under control of the processor, to;

    receive a request to verify an ELF object from a first client;

    obtain the ELF object from the first clientextract, from the ELF object, an ELF signature and an ELF signer name associated with the ELF signature;

    obtain, using the ELF signer name, an ELF certificate issued by a certificate authority;

    verify the ELF certificate using a public key associated with the certificate authority;

    determine, using the ELF certificate, that the ELF signature associated with the ELF object is valid;

    determine that the ELF certificate comprises a usage restriction associated with the ELF object;

    obtain a first activation file from the first client;

    extract, from the first activation file, a first activation file signature and a first activation file signer name associated with the first activation file signature;

    obtain an first activation file certificate using the first activation file signer name;

    determine, using the first activation file certificate, that the first activation file signature is not valid;

    instruct the first client to enforce the usage restriction of the ELF object in response to the determination that the first activation file signature is not valid;

    obtain a second activation file from a second client;

    extract, from the second activation file, a second activation file signature and a second activation file signer name associated with the second activation file signature,obtain an second activation file certificate using the second activation file signer name;

    determine, using the second activation file certificate, that the second activation file signature is valid; and

    instruct the second client to override the usage restriction of the ELF object using the second activation file in response to the determination that the second activation file signature is valid.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×