Code signing system and method

摘要

A code signing system and method is provided. The code signing system operates in conjunction with a signed software application having a digital signature and includes an application platform, an application programming interface (API), and a virtual machine. The API is configured to link the software application with the application platform. The virtual machine verifies the authenticity of the digital signature in order to control access to the API by the software application.

主权项

1. A method of controlling access to a plurality of sensitive application programming interfaces (APIs) and at least one non-sensitive API on a device by an application signed with a private key of a private key-public key pair, the method comprising:
verifying, by a processor of the device, a digital signature of the application using a public key, the application including the digital signature generated using the private key and the private key not being accessible to the device; after successfully verifying the digital signature of the application using the public key, allowing the application to access a first sensitive API, the first sensitive API being associated with the public key, and the allowing the application to access the first sensitive API being further based on receiving user input regarding whether to grant the application access to the first sensitive API; restricting the application from accessing a second sensitive API, the second sensitive API not being associated with the public key; and allowing the application to access the at least one non-sensitive API.