Not Applicable
1. Field of the Invention
Broadly this invention relates to software and programming and more particularly relates to the field of using commercial debuggers for tamper-resistant software modules.
2. Description of the Related Art
Programs or the sequences of instructions suitable for processing for computer hardware continue to grow larger and become more complicated. Advancements in both processor speeds and storage capacity have almost doubled every two years. Most programs are written in human readable formats using a text editor. Examples of programming languages include C/C++, Fortran, Basic, Ada, Cobol, Basic, Pascal and assemblers. Source code is compiled into object code, sometimes referred to the xe2x80x9cbeforexe2x80x9d and xe2x80x9cafterxe2x80x9d versions of a computer program. The object code file contains a sequence of instructions that the processor can understand but that is difficult for a human to read or modify. For this reason and because even debugged programs often need some later enhancement, the source code is the most permanent form of the program.
A text editor is a computer programs that lets a user enter, change, store, and usually print text. Text editors can be used to enter program language source code. Typically, a text editor provides an xe2x80x9cemptyxe2x80x9d display screen (or xe2x80x9cscrollable pagexe2x80x9d) with a fixed-line length and visible line numbers. A developer can then fill the lines in with text, line by line. Special command line lets you move to a new page, scroll forward or backward, make global changes in the program, save the program, and perform other actions. After saving a program, the developer can then print it or display it. Before printing or displaying it, you may be able to format it for some specific output device or class of output device. A popular text editor in IBM""s large or mainframe computers is called XEDIT. In UNIX systems, the two most commonly used text editors are Emacs and vi. In personal computer systems, wordprocessors are more common than text editors. However, there are variations of mainframe and UNIX text editors that are provided for use on personal computers. An example is KEDIT, which is basically XEDIT for Windows.
Once the source code is written with a text editor, the source code is compiled into object code. In some system the object code is linked to a relocatable address space with other object modules.
Almost without exception, most very early version of programs has errors or xe2x80x9cbugsxe2x80x9d and the developer is faced with the task of debugging. The process of debugging starts with the locating and fixing or bypassing bugs (errors) in computer program code or the engineering. To debug a program is to start with a problem, isolate the source of the problem, and then fix it. A developer of a program that does not know how to fix the problem may learn enough about the problem to be able to avoid it until it is permanently fixed. When someone says they""ve debugged a program or xe2x80x9cworked the bugs outxe2x80x9d of a program, they imply that they fixed it so that the bugs no longer exist.
Debugging is a necessary process in almost any new software or hardware development process, whether a commercial product or an enterprise or personal application program. For complex products, debugging is done as the result of the unit test for the smallest unit of a system, again at component test when parts are brought together, again at system test when the product is used with other existing products, and again during customer beta testing, when users try the product out in a real world situation. Because most computer programs and many programmed hardware devices contain thousands of lines of code, almost any new product is likely to contain a few bugs. Invariably, the bugs in the functions that get most use are found and fixed first. An early version of a program that has lots of bugs is referred to as xe2x80x9cbuggy.xe2x80x9d
Debugging tools help identify coding errors at various development stages. FIG. 1 is a block diagram of at software development GUI 108 with an application in both source 106 and object 102 form running on a computer hardware platform 102. Some programming language packages include a facility for checking the code for errors as it is being written. A class of symbolic debuggers such as Microsoft Visual C++, IBM""s Visual Age, Delphi Compilers and other debuggers exist that enable developer to step through their source code as the code is being executed. Developers can watch variables, set breakpoints and modify the contents of processor registers.
There exists a class of programs that are caller xe2x80x9csecurexe2x80x9d or xe2x80x9ctamper-resistant.xe2x80x9d A tamper resistant program module is a module which is written in an environment to deter the unauthorized access to program module. Such xe2x80x9ctamper-resistantxe2x80x9d modules are used where sensitive steps are performed during programming execution. One example of the use of xe2x80x9ctamper-resistantxe2x80x9d programs is the decoding of security keys in a private-public key or symmetric key environment or the processing of any sensitive information such as financial information.
Tamper-resistant software technology is a method to deter unauthorized entry into a computer software application by a hacker. Typically a hacker wants to understand and/or modify the software to remove the restrictions on the usage. In practicality, no computer program exists that cannot be hacked; that is why tamper-resistant software is not called xe2x80x9ctamper-proof.xe2x80x9d But the amount of effort required to hack a tamper-resistance protected application usually deters most hackers because the effort is not worth the possible gain.
One type of tamper-resistant software technology is from IBM. One product this code was introduced is in the IBM think pad model 770 laptop computer. Here, the tamper-resistant software was used to protect the DVD movie player in the computer. Digital Content Provider(s) such as Hollywood studios, concerned about the advent of digital movies and the ease at which perfect copies can be made, have insisted that movies on DVD disc(s) contain copy protection mechanisms. IBM""s tamper-resistant software made it difficult to circumvent these copy protection mechanisms. This is a very typical application for tamper-resistant software; the software is used to enforce rules on the usage of some protected type of sensitive information content.
IBM""s tamper-resistant software puts several types of obstacles in the path of the attacker. First, it contains techniques to defeat, or at least reduce the effectiveness of, the standard software tools that the hacker uses: debuggers and dissassemblers. Second it contains self-integrity checking, so that single modifications, or even small handfuls of modifications, will be detected and cause incorrect operation. Finally, it contains obfuscating to mislead hackers regarding its true operation. The latter technique is largely ad hoc, but the first two build upon well-known tools in cryptography: encryption and digital signatures.
The use of tamper-resistant software although very useful, makes the use of debugging tools nonfunctional in finding errors in applications that call tamper-resistant modules. The debugging of applications that call tamper-resistance modules without the use of symbolic debuggers is extremely difficult. Accordingly, a need exists for a method to enable developers of applications that use tamper-resistant applications to step through API calls to tamper-resistant modules from a calling program and receive any status sent that are sent back from the API to the debugger.
According to one aspect of the invention, a method to debug application interface calls made to a tamper-resistant software module is disclosed. The method includes using a client-server socket connection to communicate through an intermediate software module with an intermediate function call. An application being symbolically debugged with a function call into the tamper-resistant software module is handled by the intermediate software module so that the intermediate function call returns through to the client-server socket connection any status from the function call in the tamper-resistant software module. The present invention works with any programming code written for a tamper-resistant environment where the provider of the tamper-resistant environment does not provide access to the function call in the tamper-resistant environment and does not allow the user provided code to execute within the tamper-resistant environment. Further, the present invention enables a software developer to understand the program flow of his/her application by running the symbolic debugger. When the application is not being debugged the client-server socket connection and the intermediate code is not loaded and the call to a function into the tamper-resistant module from the application is handled directly.
In an alternate embodiment, a computer readable medium and system is disclosed that corresponds to the method above.