US 12,229,267 B2
Management of local signing of software packages using a trusted execution environment
Axel Simon, Farnborough (GB); and Michael Hingston McLaughlin Bursell, Farnborough (GB)
Assigned to Red Hat, Inc., Raleigh, NC (US)
Filed by Red Hat, Inc., Raleigh, NC (US)
Filed on Mar. 5, 2021, as Appl. No. 17/193,463.
Prior Publication US 2022/0284100 A1, Sep. 8, 2022
Int. Cl. G06F 21/57 (2013.01); G06F 8/41 (2018.01); G06F 8/61 (2018.01); H04L 9/08 (2006.01); H04L 9/14 (2006.01); H04L 9/32 (2006.01); H04L 9/40 (2022.01)
CPC G06F 21/57 (2013.01) [G06F 8/44 (2013.01); G06F 8/61 (2013.01); H04L 9/0819 (2013.01); H04L 9/14 (2013.01); H04L 9/3236 (2013.01); H04L 9/3247 (2013.01); H04L 63/04 (2013.01); G06F 2221/033 (2013.01); G06F 2221/2149 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, by a software build process executing in a trusted execution environment (TEE) of a first computer system, software source code from a second computer system;
generating, by the software build process, a software package by:
obtaining environment parameters of the first computer system, wherein the environment parameters of the first computer system indicate operating system and network configurations of the first computer system; and
building the software package from the software source code in view of the environment parameters of the first computer system to tailor the software package to the first computer system;
receiving, from the second computer system, a signing key associated with the second computer system;
signing the software package using the signing key associated with the second computer system; and
deploying the signed software package on the first computer system.