Post-signing modification of software
First Claim
1. A computer program product having a non-transitory computer-readable storage medium having computer program instructions recorded thereon for making a post-signing modification to a digitally-signed software application to be downloaded by a user onto a computer, the computer program instructions comprising instructions for:
- digitally signing an executable file having a header describing sections of the executable file and an executable section where executable code is stored, the digital signing forming a signature section with certification data appended to an end of the executable section;
following the digital signing of the executable file, extending a length of the signature section appended to the end of the executable section of the digitally-signed software application to form a storage section after an end of the signature section;
adjusting the header to indicate a size of the storage section appended at the end of the executable file;
providing the digitally-signed software application with the storage section to the user requesting the software application for installation on the computer; and
during the providing of the software application to the user, inserting post-signing data specific to the user and the computer into the storage section without invalidating the digital signature and without requiring the file to be re-signed after insertion of the post-signing data.
2 Assignments
0 Petitions
Accused Products
Abstract
A technique for making post-signing modifications to a digitally-signed software application without invalidating the signature can be used to enhance a user experience when downloading the software application. An extension module extends the length of a signature section at the end of an executable file for the digitally-signed software application to form a storage section. A header adjustment module adjusts the header to indicate size of the storage section appended at the end of the executable file. A data insertion module inserts post-signing data into the storage section, and the validity of the digital signature is maintained without requiring the file to be re-signed after insertion of the post-signing data. Thus, a software vendor can add into the software user-specific data after the file has been signed, while still maintaining the signature'"'"'s validity, so the software can be downloaded with minimal interruption to the user.
-
Citations
20 Claims
-
1. A computer program product having a non-transitory computer-readable storage medium having computer program instructions recorded thereon for making a post-signing modification to a digitally-signed software application to be downloaded by a user onto a computer, the computer program instructions comprising instructions for:
-
digitally signing an executable file having a header describing sections of the executable file and an executable section where executable code is stored, the digital signing forming a signature section with certification data appended to an end of the executable section; following the digital signing of the executable file, extending a length of the signature section appended to the end of the executable section of the digitally-signed software application to form a storage section after an end of the signature section; adjusting the header to indicate a size of the storage section appended at the end of the executable file; providing the digitally-signed software application with the storage section to the user requesting the software application for installation on the computer; and during the providing of the software application to the user, inserting post-signing data specific to the user and the computer into the storage section without invalidating the digital signature and without requiring the file to be re-signed after insertion of the post-signing data. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of making a post-signing modification to a digitally-signed software application to be downloaded by a user onto a computer, the method comprising:
-
digitally signing, by a computer system, an executable file having a header describing sections of the executable file and an executable section where executable code is stored, the digital signing forming a signature section with certification data appended to an end of the executable section; following the digital signing of the executable file, extending, by the computer system, a length of the signature section appended to the end of the executable section of the digitally-signed software application to form a storage section after an end of the signature section; adjusting, by the computer system, the header to indicate a size of the storage section appended at the end of the executable file; providing, by the computer system, the digitally-signed software application with the storage section to the user requesting the software application for installation on the computer; and during the providing of the software application to the user, inserting, by the computer system, post-signing data specific to the user and the computer into the storage section without invalidating the digital signature and without requiring the file to be re-signed after insertion of the post-signing data. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer system for making a post-signing modification to a digitally-signed software application to be downloaded by a user onto a computer, the system comprising:
-
a non-transitory computer-readable storage medium storing executable software modules comprising; a file creation module for digitally signing an executable file having a header describing sections of the executable file and an executable section where executable code is stored, the digital signing forming a signature section with certification data appended to an end of the executable section; an extension module for, following the digital signing of the executable file, extending a length of the signature section appended to the end of the executable section of the digitally-signed software application to form a storage section after an end of the signature section; a header adjustment module for adjusting the header to indicate a size of the storage section appended at the end of the executable file; a data insertion module for; providing the digitally-signed software application with the storage section to the user requesting the software application for installation on the computer; and during the providing of the software application to the user, inserting post-signing data specific to the user and the computer into the storage section without invalidating the digital signature and without requiring the file to be re-signed after insertion of the post-signing data; and a processor configured to execute the software modules stored by the non-transitory computer-readable storage medium. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A computer system for making a post-signing modification to a digitally-signed software application to be downloaded by a user onto a computer, the system comprising:
-
a non-transitory computer-readable storage medium storing executable software means comprising; means for digitally signing an executable file having a header describing sections of the executable file and an executable section where executable code is stored, the digital signing forming a signature section with certification data appended to an end of the executable section; following the digital signing of the executable file, means for extending a length of the signature section appended to the end of the executable section of the digitally-signed software application to form a storage section after an end of the signature section; means for adjusting the header to indicate a size of the storage section appended at the end of the executable file;
means for providing the digitally-signed software application with the storage section to the user requesting the software application for installation on the computer;during the providing of the software application to the user, means for inserting post-signing data specific to the user and the computer into the storage section without invalidating the digital signature and without requiring the file to be re-signed after insertion of the post-signing data; and a processor configured to execute the software means stored by the non-transitory computer-readable storage medium.
-
Specification