Summary of the invention
In view of this, the purpose of the embodiment of the invention is to provide a kind of storage card, can realize the mobile terminal digital television business, realizes separation between machine and card, saves cost.
Another purpose of the embodiment of the invention is to provide a kind of method of storage card realization condition reception, can realize the mobile terminal digital television business, saves cost.
For achieving the above object, the technical scheme of the embodiment of the invention specifically is achieved in that
A kind of storage card, described storage card comprises: storage card control unit, condition receiving element, memory cell, and memory card interface, wherein,
The storage card control unit is used for the control store card and carries out data transmit-receive and carry out protocol analysis, memory cell managed, and the co-ordination of each unit in the storage card;
Memory card interface is used to receive the data from the outside, and stores in the memory cell under the control of storage card control unit; The data of described outside comprise first information stream, second information flow and scramble information;
The condition receiving element, under the control of storage card control unit, obtain first information stream, second information flow and scramble information, and portable terminal has professional rights of using to scramble information under judging according to second information flow, obtain the corresponding service key according to second information flow, utilize this business cipher key ciphertext control word deciphering in the first information stream and acquisition plaintext control word; Under the control of control word, scramble information is carried out descrambling to obtain the required business data flow of mobile phone users.
Described condition receiving element comprises: control of authority module, business cipher key extraction module, control word extraction module, descrambling module, document management module and key management module, wherein,
The control of authority module, the condition of user terminals stored support in advance receives professional pairing service identification when identical in service identification in second information flow that receives and the document management module, send authentication to the business cipher key extraction module and successfully notify, and second information flow is sent to the business cipher key extraction module; When service identification that receives and storage inequality, the condition that withdraws from current triggering receives professional;
The business cipher key extraction module, receiving authentication successfully notifies, and according to key seed ID number in second information flow that receives, when in key management module, having this key seed ID corresponding service key, from key management module, extract the corresponding service key ID number according to this key seed, and the business cipher key that extracts is sent to the control word extraction module; When the key seed ID in second information flow number changes, corresponding service key ID number in the updated stored card;
The control word extraction module, obtain first information stream from the authority control module, and from first information stream, obtain the ciphertext control word, be used to this ciphertext control word is decrypted from the business cipher key of business cipher key extraction module, obtain expressly control word, and send to descrambling module;
Descrambling module is used for obtaining scrambled data from memory cell under the control of storage card control unit, and is used to the plaintext control word from the control word extraction module, and scrambled data is carried out descrambling, and the data behind the descrambling are sent to terminal by memory card interface.
The agreement of described memory card interface is numeric security storage card or MMC universal interface standard agreement.
By data wire, request sends data-signal, is ready to reception/transmission data-signal, asks the reception data-signal to be connected with the data latching clock signal between described storage card control unit and the condition receiving element.
Described descrambling module is the module that is independent of outside the storage card.
Described descrambling module is positioned at the security algorithm chip.
The method that a kind of storage card realization condition receives, trigger condition receives professional, and this method may further comprise the steps:
A. receive business datum according to condition and judge whether to have the authority that the condition of using current triggering receives business, if any entering step B; Otherwise withdraw from this flow process;
B. the condition that judges whether current triggering receives professional corresponding service key, if having, enters step C; Otherwise withdraw from this flow process;
C. utilize the corresponding service key that the ciphertext control word is decrypted and obtain expressly control word, and utilize the plaintext control word that obtains that scramble information is carried out descrambling with acquisition condition reception business datum.
The method of judging in the described steps A is: if described condition receives store in the service identification that carries in second information flow in the business datum and the storage card identical, then described storage card has authority to use the condition of current triggering to receive business.
Determination methods among the described step B is: utilize key seed ID number in second information flow in the described condition reception business datum, whether have this key seed ID corresponding service key in the inquiry storage card.
As seen from the above technical solution, the embodiment of the invention is passed through the part of condition receiving element as storage card, realized that finishing condition at portable terminal by common store card such as SD/MMC receives, having reached the mobile terminal digital television business carries out the condition of separation between machine and card and receives, make things convenient for carrying out of mobile terminal digital television business, greatly reduced the improvement cost of portable terminal such as mobile phone.
Embodiment
For making purpose of the present invention, technical scheme and advantage clearer, below with reference to the accompanying drawing preferred embodiment that develops simultaneously, the present invention is described in more detail.
Fig. 1 is the composition structural representation of storage card of the present invention, and as shown in Figure 1, storage card of the present invention mainly comprises: storage card control unit 100, condition receiving element 101, memory cell 102, and memory card interface 103.Wherein,
Storage card control unit 100 is used for control store card 103 and carries out data transmit-receive and carry out protocol analysis, memory cell 102 managed, and the co-ordination of each unit in the storage card.
Memory card interface 103: be used to receive data from the outside, the data that need store such as the user, first information stream, second information flow and the scramble information etc. relevant with digital stream such as audio frequency and video such as digital TV signal, and under the control of storage card control unit 100, store in the memory cell 102.The agreement of memory card interface 103 can be numeric security storage card (SD card)/universal interface standard agreements such as MMC, but is not limited to any interface mode.
Wherein, first information stream mainly comprises Entitlement Control Message (Entitlement Control Messages): as ciphertext control word, temporal information etc.;
Second information flow mainly comprises Entitlement Management Message (Entitlement Management Messages): as service identification, key seed ID number, temporal information etc.;
Scramble information is exactly by the video/audio signal of scrambling such as digital TV signal.
Memory cell 102: being used to store the data that send to storage card, can be FLASH, EEPROM, ROM etc.
Condition receiving element 101: be used for data flow such as scramble information such as audio frequency and video are carried out descrambling, and user management, wherein user management comprises functions such as control of authority and key management.Under the control of storage card control unit 100, obtain first information stream, second information flow and scramble information, and after portable terminal has professional rights of using to scramble information under judging according to second information flow, obtain the corresponding service key according to second information flow again, utilize this business cipher key to ciphertext control word deciphering in the first information stream and acquisition plaintext control word, last under the control of control word, scramble information is carried out descrambling to obtain the required business data flow of mobile phone users.
The condition that whether needs to carry out receives, and is chosen by terminal by the user, after the user makes a choice, can trigger the processing that 100 pairs of conditions of storage card control unit receive.The processing of choosing and trigger 100 pairs of conditions receptions of storage card control unit that receives about condition belongs to existing known technology, repeats no more here.What the present invention emphasized is, with the part of condition receiving element as storage card, like this, realized the condition reception at portable terminal by common store card such as SD/MMC, realized that the mobile terminal digital television business carries out the condition of separation between machine and card and receive, make things convenient for carrying out of mobile terminal digital television business, greatly reduced the improvement cost of portable terminal such as mobile phone.
Need to prove that storage card shown in Figure 1 is formed structure and only related to and the relevant unit of condition reception, other existing already present unit does not show in Fig. 1.
Fig. 2 is the composition structural representation of condition receiving element of the present invention, specifically describes the operation principle of condition receiving element below.As shown in Figure 2, condition receiving element 101 comprises: control of authority module 1011, business cipher key extraction module 1012, control word extraction module 1013, descrambling module 1014, document management module 1015 and key management module 1016.After the user had triggered condition reception business, the work of respectively forming module in the condition receiving element comprised:
Control of authority module 1011, be used to obtain first information stream, second information flow, and according to the service identification in second information flow, and the condition of user terminals stored support in advance in the document management module 1015 receives professional pairing service identification, judge whether this storage card has the condition of using current triggering and receive professional authority, if the service identification that receives is identical with storage, then send authentication and successfully notify, and second information flow is sent to business cipher key extraction module 1012 to business cipher key extraction module 1012; If service identification that receives and storage is inequality, the condition that then withdraws from current triggering receives business, as showing lack of competence use current business etc. by terminal to the user.
Here, first information stream, obtaining of second information flow is under the control of storage card control unit 100, send control of authority module 1011 after from memory cell 102, obtaining to, the method of specifically obtaining is a lot, belongs to those skilled in the art's conventional techniques means, no longer describes in detail here.
Business cipher key extraction module 1012, receiving authentication successfully notifies, and according to key seed ID number in second information flow that receives, whether there is this key seed ID corresponding service key in the query key administration module 1017, if exist, then from key management module 1016, extract the corresponding service key ID number, and the business cipher key that extracts is sent to control word extraction module 1013 according to this key seed.When the key seed ID in second information flow number changes, corresponding service key ID number in the updated stored card.Here explanation is known as key seed ID in storage card and is business cipher key ID number.
Need to prove, in key management module 1016, store the one-to-one relationship with business cipher key in advance key seed ID number.
Control word extraction module 1013, obtain first information stream from authority control module 1011, and from first information stream, obtain the ciphertext control word, be used to this ciphertext control word is decrypted from the business cipher key of business cipher key extraction module 1012, obtain expressly control word, and send to descrambling module 1015.
Descrambling module 1014, under the control of storage card control unit 100, from memory cell 102, obtain scrambled data, and be used to plaintext control word from control word extraction module 1013, scrambled data is carried out descrambling, at last the data behind the descrambling are sent to terminal by memory card interface 105.The specific implementation of descrambling belongs to technology as well known to those skilled in the art, is not emphasis of the present invention, repeats no more here.
Need to prove that descrambling module 1014 can be a part of storage card, as shown in Figure 2, because descrambling is finished in storage card, all keys do not go out storage card, and the fail safe that has improved condition receiving system has reduced the performance cost of portable terminal simultaneously;
Descrambling module 1014 also can be to be independent of outside the storage card, as in the security algorithm chip, because in the security algorithm chip CPU is arranged, so can further improve the descrambling speed of terminal.When descrambling module 1014 is arranged in the security algorithm chip, under the control of storage card control unit 100, from memory cell 102, obtain scrambled data, obtain expressly control word from control word extraction module 1013, and scrambled data and plaintext control word are sent to the security algorithm chip by memory card interface 105.
Descrambling module carries out scramble process after receiving data, and the data behind the descrambling send to terminal by memory card interface 105.Descrambling Algorithms can adopt the anti-cryptographic algorithm of front-end processor to realize, belongs to prior art, no longer describes in detail here.
Fig. 3 is the flow chart that realization condition of the present invention receives, and when the user chose alternative condition reception business by terminal after, the triggering storage card received condition and handles, and mainly may further comprise the steps:
Step 300: judge whether to have the condition of using current triggering and receive professional authority, if any entering step 301; Otherwise enter step 304.
The user is by after the terminal alternative condition reception business, the condition that storage card can receive from the outside receives business datum, the data that need store such as the user, first information stream, second information flow and the scramble information etc. relevant with digital stream such as audio frequency and video such as digital TV signal, wherein, first information stream mainly comprises Entitlement Control Message: as ciphertext control word, temporal information etc.; Second information flow mainly comprises Entitlement Management Message: as service identification, key seed ID number, temporal information etc.; Scramble information is exactly by the video/audio signal of scrambling such as digital TV signal.
If that stores in the service identification that carries in second information flow that receives and the storage card is identical, it is professional to show that then this storage card has authority to use the condition of current triggering to receive.
Step 301: the condition that judges whether current triggering receives professional corresponding service key, if having, enters step 302; Otherwise enter step 304.
According to key seed ID number in second information flow that receives, inquiry whether have in the storage card this key seed ID number for business cipher key, judge that then the condition with current triggering receives professional corresponding service key if having.When the key seed ID in second information flow number changes, corresponding service key ID number in the updated stored card.
Step 302: utilize the corresponding service key that the ciphertext control word is decrypted and obtain expressly control word.
Described ciphertext control word is carried in the first information stream.The method of deciphering in this step is a lot, as existing AES CTR and AES ECB etc., no longer describes in detail here.
Step 303: utilize the plaintext control word that obtains that scramble information is carried out descrambling and receive business datum with the acquisition condition.
The specific implementation of descrambling belongs to technology as well known to those skilled in the art, is not emphasis of the present invention, repeats no more here.
Step 304: withdraw from this flow process.
The condition reception operational approach that withdraws from current triggering is a lot, as showing lack of competence use current business etc. by terminal to the user.
Fig. 4 is that condition interface unit of the present invention is connected the embodiment schematic diagram with the memory card interface unit, as shown in Figure 4, between condition interface unit and the memory card interface unit by 8 data lines (DB0~DB8), and four control signals are promptly asked to send data-signal (nInIntQ), are ready to receptions/transmissions data-signal (nInReady/nOutReady), are asked reception data-signal (nOutIntQ) and data latching clock signal (nLE).As shown in table 1 from the function of each control signal of condition receiving element:
Control signal |
I/O |
Function declaration |
Using method |
Be ready to received signal (nInReady) |
Output |
Input buffer state flag bit in the condition receiving element; Constitute a pair of handshake with nInIntQ |
During nInReady=1, input buffer is busy, does not receive data; During nInReady=0, input buffer can receive data. |
Request sends data-signal (nInIntQ) |
Input |
To condition receiving element input data request signal; Constitute a pair of handshake with nInReady |
As it is effective to be set to low level |
Be ready to send data-signal (nOutReady) |
Output |
Output buffer state flag bit in the condition receiving element; Constitute a pair of handshake with nOutIntQ |
During nOutReady=1, free of data can be exported in the output buffer; During nOutReady=0, there are data to export in the output buffer. |
Request receives data-signal (nOutIntQ) |
Input |
From condition receiving element outputting data signals; Constitute a pair of handshake with nOutReady |
As it is effective to be set to low level |
Data latching clock signal (nLE) |
Input |
I/O data latching clock |
NInReady=0, when nInIntQ=0 and nLE=0, DB0~DB8 data are latched by the condition receiving element; NOutReady=0, when nOutIntQ=0 and nLE=0, DB0~DB8 dateout. |
DB<7:0 〉 |
Two-way |
BDB Bi-directional Data Bus |
NInReady=0, when nInIntQ=0 and nLE=0, DB0~DB8 is an input state; NOutReady=0, when nOutIntQ=0 and nLE=0, DB0~DB8 is an output state; Other is a high-impedance state |
Specifically describe the process of carrying out data interaction between condition receiving element and the storage control unit below.
Fig. 5 a is the sequential chart of storage card control unit of the present invention to condition receiving element transmission data, and process of transmitting is roughly as follows:
Behind the storage card control unit power-on self-test, send the nInIntQ low pulse signal to the condition receiving element, request sends data; After the condition receiving element is ready to, return the nInReady low pulse signal to the storage card control unit, both sides shake hands successfully; The sequential that the storage card control unit produce to send data be the nLE signal to the condition receiving element, and send data to the condition receiving element by this sequential.
Receive in the process of data at the condition receiving element,, need not to wait for as long as nInReady=0 can write data; The pulsewidth of nLE is not less than 2ns, 1ns before the nLE rising edge, and the data on DB0~DB8 must be stablized.Behind the nLE rising edge, the data on DB0~DB8 keep 1ns at least.
Fig. 5 b is that the storage card control unit receives the sequential chart from the data of condition receiving element, and receiving course is roughly as follows:
The storage card control unit sends the low pulse of nOutIntQ, waits for the data after the condition of acceptance receiving element is handled; After the condition receiving element is ready to, return the nOutReady low pulse signal to the storage card control unit, both sides shake hands successfully; It is that the nLE signal is given the condition receiving element that the storage card control unit produces the sequential that receives data, and receives data by this sequential.
NOutReady=0 sends in the process of data at the condition receiving element, as long as can read in data and need not to wait for; The pulsewidth of nLE is not less than 2ns, and within the 1ns, the data on DB0~DB8 can be stablized effectively behind the nLE trailing edge, and behind the nLE rising edge within the 1ns, DB0~DB8 is ternary.
Fig. 5 a and Fig. 5 b are the embodiment that storage card control unit and condition receiving element are realized a kind of bus mode of transfer of data, also can adopt existing bus, transmit as I2C, SPI etc., do not limit here.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention, all any modifications of being made within the spirit and principles in the present invention, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.