Source authentication of a software product
First Claim
Patent Images
1. A method for authenticating source code, the method comprising:
- extracting, by one or more processors, source code having at least one source file having at least one reserved field;
generating, by a key generator, a compound key comprising the at least one source file, a hash function run on the at least one source file, and a file size of the at least one source file;
building, by one or more processors, a set of files, based on the source code from the at least one source file;
injecting, by one or more processors, a generated value based on the compound key into each file of the built set of files either as metadata or as an entry in the at least one source file;
comparing, by a key validation tool, the compound key and the generated value to determine if said compound key is equivalent to said generated value;
producing, by one or more processors, a final product, wherein the final product comprises;
the key validation tool and the generated compound key;
determining, by one or more processors, whether there is a difference between the compound key and the generated value; and
in response to determining that there is not a difference between the compound key and the value, loading the final product to a repository.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide systems and methods for authenticating the source code of a software end product. The method includes generating a compound key, which is composed of a set of unique keys generated from a source file. A set of files are separately build based on a received source code, and a key generated and embedded into the files at the time of the build. A validation tool is used to compare the values of the generated compound key to the values of the embedded key to determine if the values match.
-
Citations
11 Claims
-
1. A method for authenticating source code, the method comprising:
-
extracting, by one or more processors, source code having at least one source file having at least one reserved field; generating, by a key generator, a compound key comprising the at least one source file, a hash function run on the at least one source file, and a file size of the at least one source file; building, by one or more processors, a set of files, based on the source code from the at least one source file; injecting, by one or more processors, a generated value based on the compound key into each file of the built set of files either as metadata or as an entry in the at least one source file; comparing, by a key validation tool, the compound key and the generated value to determine if said compound key is equivalent to said generated value; producing, by one or more processors, a final product, wherein the final product comprises;
the key validation tool and the generated compound key;determining, by one or more processors, whether there is a difference between the compound key and the generated value; and in response to determining that there is not a difference between the compound key and the value, loading the final product to a repository. - View Dependent Claims (2, 3, 4)
-
-
5. A computer program product for authenticating source code, the computer program product comprising:
-
a computer readable storage medium and program instructions stored on the computer readable storage medium, the program instructions comprising; program instructions to extract source code having at least one source file having at least one reserved field; program instructions to generate a compound key comprising the at least one source file, a hash function run on the at least one source file, and a file size of the at least one source file; program instructions to build a set of files, based on the source code from the at least one source file; program instructions to inject a generated value based on the compound key into each file of the built set of files either as metadata or as an entry in the at least one source file; program instructions to compare the compound key and the value to determine if said compound key is equivalent to said generated value; program instructions to produce a final product, wherein the final product comprises;
a key validation tool and the generated compound key;program instructions to determine whether there is a difference between the compound key and the generated value; and program instructions to, in response to determining that there is not a difference between the compound key and the value, load the final product to a repository. - View Dependent Claims (6, 7, 8)
-
-
9. A system for authenticating source code, the system comprising:
-
one or more computer processors; one or more computer readable storage media; program instructions to extract source code having at least one source file having at least one reserved field; program instructions to generate a compound key comprising the at least one source file, a hash function run on the at least one source file, and a file size of the at least one source file; program instructions to build a set of files, based on the source code from the at least one source file; program instructions to inject a generated value based on the compound key into each file of the built set of files either as metadata or as an entry in the at least one source file; program instructions to compare the compound key and the value to determine if said compound key is equivalent to said generated value; program instructions to produce a final product, wherein the final product comprises;
a key validation tool and the generated compound key;program instructions to determine whether there is a difference between the compound key and the generated value; and program instructions to, in response to determining that there is not a difference between the compound key and the value, load the final product to a repository. - View Dependent Claims (10, 11)
-
Specification