System and method for code signing

US 8,452,970 B2
Filed: 09/02/2010
Issued: 05/28/2013
Est. Priority Date: 09/29/2005
Status: Active Grant

First Claim

Patent Images

1. A method of signing code, the method performed at a code signing device, the method comprising:

creating a key pair, the key pair comprising a private key and a public key;

storing the private key of the key pair;

deploying the public key of the key pair;

registering an entity, wherein an account record for the entity is created, andwherein credit card information associated with the entity is validated;

receiving, at the code signing device, a code signing request from the entity to sign a software application or hash thereof using the private key of the key pair, wherein the private key is associated with a sensitive application programming interface provided on a mobile device, the software application programmed to access the sensitive application programming interface when the software application is run on the mobile device;

digitally signing the software application or hash thereof, wherein a digital signature is generated using the private key; and

returning the digital signature in response to the code signing request;

wherein the code signing request comprises a second digital signature associated with the entity, and wherein the method further comprises successfully verifying the second digital signature before the digitally signing the software application or hash thereof.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for code signing. The entities may be software application developers or other individuals or entities that wish to have applications digitally signed. Signing of the applications may be required in order to enable the applications to access sensitive APIs and associated resources of a computing device when the applications are executed on the computing device.

117 Citations

27 Claims

1. A method of signing code, the method performed at a code signing device, the method comprising:
- creating a key pair, the key pair comprising a private key and a public key;
  
  storing the private key of the key pair;
  
  deploying the public key of the key pair;
  
  registering an entity, wherein an account record for the entity is created, andwherein credit card information associated with the entity is validated;
  
  receiving, at the code signing device, a code signing request from the entity to sign a software application or hash thereof using the private key of the key pair, wherein the private key is associated with a sensitive application programming interface provided on a mobile device, the software application programmed to access the sensitive application programming interface when the software application is run on the mobile device;
  
  digitally signing the software application or hash thereof, wherein a digital signature is generated using the private key; and
  
  returning the digital signature in response to the code signing request;
  
  wherein the code signing request comprises a second digital signature associated with the entity, and wherein the method further comprises successfully verifying the second digital signature before the digitally signing the software application or hash thereof.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the public key is associated with the sensitive application programming interface provided on the mobile device.
  - 3. The method of claim 1, further comprising retrieving a second public key associated with the entity, and using the second public key to verify the second digital signature associated with the entity.
  - 4. The method of claim 1, further comprising sending an e-mail notification to the entity subsequent to the registering.
  - 5. The method of claim 1, further comprising maintaining a record of a number of allowable signing requests for the entity, verifying that there are allowable signing requests remaining, and updating the number of allowable signing requests, wherein the digitally signing the software application or hash thereof is performed after successfully verifying that there are allowable signing requests remaining.
  - 6. The method of claim 1, further comprising verifying that the entity is registered, wherein the digitally signing the software application or hash thereof is performed after successfully verifying that the entity is registered.
  - 7. The method of claim 1, further comprising verifying that an account of the entity is not expired, wherein the digitally signing the software application or hash thereof is performed after successfully verifying that the account of the entity is not expired.
  - 8. The method of claim 1, further comprising receiving input, in a user interface, to facilitate management of the account record.
  - 9. The method of claim 1, wherein the entity is a software application developer.

10. A code signing device configured to sign code, the code signing device comprising:
- a processor; and
  
  a memory;
  
  wherein the processor is configured to;
  
  create a key pair, the key pair comprising a private key and a public key;
  
  store the private key of the key pair;
  
  deploy the public key of the key pair;
  
  register an entity, wherein an account record for the entity is created, andwherein credit card information associated with the entity is validated;
  
  receive, at the code signing device, a code signing request from the entity to sign a software application or hash thereof using the private key of the key pair, wherein the private key is associated with a sensitive application programming interface provided on a mobile device, the software application programmed to access the sensitive application programming interface when the software application is run on the mobile device;
  
  digitally sign the software application or hash thereof, wherein a digital signature is generated using the private key; and
  
  return the digital signature in response to the code signing request;
  
  wherein the code signing request comprises a second digital signature associated with the entity, and wherein the processor is configured to successfully verify the second digital signature before digitally signing the software application or hash thereof.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The code signing device of claim 10, wherein the public key is associated with the sensitive application programming interface provided on the mobile device.
  - 12. The code signing device of claim 10, wherein the processor is configured to retrieve a second public key associated with the entity, and use the second public key to verify the second digital signature associated with the entity.
  - 13. The code signing device of claim 10, wherein the processor is configured to send an e-mail notification to the entity subsequent to registering the entity.
  - 14. The code signing device of claim 10, wherein the processor is configured to maintain a record of a number of allowable signing requests for the entity, verify that there are allowable signing requests remaining, and update the number of allowable signing requests, wherein the software application or hash thereof is digitally signed after successfully verifying that there are allowable signing requests remaining.
  - 15. The code signing device of claim 10, wherein the processor is configured to verify that the entity is registered, wherein the software application or hash thereof is digitally signed after successfully verifying that the entity is registered.
  - 16. The code signing device of claim 10, wherein the processor is configured to verify that an account of the entity is not expired, wherein the software application or hash thereof is digitally signed after successfully verifying that the account of the entity is not expired.
  - 17. The code signing device of claim 10, wherein the processor is configured to receive input, in a user interface, to facilitate management of the account record.
  - 18. The code signing device of claim 10, wherein the entity is a software application developer.

19. A computer-readable device comprising instructions, which when executed by a processor of a code signing device, causes a method of signing code to be performed at the code signing device, the method comprising:
- creating a key pair, the key pair comprising a private key and a public key;
  
  storing the private key of the key pair;
  
  deploying the public key of the key pair;
  
  registering an entity, wherein an account record for the entity is created, and wherein credit card information associated with the entity is validated;
  
  receiving, at the code signing device, a code signing request from the entity to sign a software application or hash thereof using the private key of the key pair, wherein the private key is associated with a sensitive application programming interface provided on a mobile device, the software application programmed to access the sensitive application programming interface when the software application is run on the mobile device;
  
  digitally signing the software application or hash thereof, wherein a digital signature is generated using the private key; and
  
  returning the digital signature in response to the code signing request;
  
  wherein the code signing request comprises a second digital signature associated with the entity, and wherein the method further comprises successfully verifying the second digital signature before the digitally signing the software application or hash thereof.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The computer-readable device of claim 19, wherein the public key is associated with the sensitive application programming interface provided on the mobile device.
  - 21. The computer-readable device of claim 19, the method further comprising retrieving a second public key associated with the entity, and using the second public key to verify the second digital signature associated with the entity.
  - 22. The computer-readable device of claim 19, the method further comprising sending an e-mail notification to the entity subsequent to the registering.
  - 23. The computer-readable device of claim 19, the method further comprising maintaining a record of a number of allowable signing requests for the entity, verifying that there are allowable signing requests remaining, and updating the number of allowable signing requests, wherein the digitally signing the software application or hash thereof is performed after successfully verifying that there are allowable signing requests remaining.
  - 24. The computer-readable device of claim 19, the method further comprising verifying that the entity is registered, wherein the digitally signing the software application or hash thereof is performed after successfully verifying that the entity is registered.
  - 25. The computer-readable device of claim 19, the method further comprising verifying that an account of the entity is not expired, wherein the digitally signing the software application or hash thereof is performed after successfully verifying that the account of the entity is not expired.
  - 26. The computer-readable device of claim 19, the method further comprising receiving input, in a user interface, to facilitate management of the account record.
  - 27. The computer-readable device of claim 19, wherein the entity is a software application developer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Little, Herbert Anthony, Adams, Neil Patrick, Kirkup, Michael Grant, Tapuska, David Francis
Primary Examiner(s)
ARMOUCHE, HADI S

Application Number

US12/874,325
Publication Number

US 20100332848A1
Time in Patent Office

999 Days
Field of Search

713/150, 713/155, 713/156, 713/168, 713/171, 713/175, 713/176, 713/189, 380/44, 726 2- 7, 726 16- 21, 726/27, 726/29
US Class Current

713/176
CPC Class Codes

G06F 21/629   to features or functions of...

H04L 2209/80   Wireless network architectu...

H04L 63/166   at the transport layer

H04L 9/3215   using a plurality of channe...

H04L 9/3226   using a predetermined code,...

H04L 9/3247   involving digital signatures

H04W 12/10   Integrity

H04W 12/35   Protecting application or s...

System and method for code signing

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

117 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for code signing

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

117 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links