CN109583189A - Firmware method for secure loading, device, computer equipment and storage medium - Google Patents
Firmware method for secure loading, device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN109583189A CN109583189A CN201811524830.9A CN201811524830A CN109583189A CN 109583189 A CN109583189 A CN 109583189A CN 201811524830 A CN201811524830 A CN 201811524830A CN 109583189 A CN109583189 A CN 109583189A
- Authority
- CN
- China
- Prior art keywords
- rivest
- shamir
- adelman
- public key
- multicore
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to firmware method for secure loading, device, computer equipment and storage medium, this method includes encrypting to multicore load engineering, to obtain ciphertext image file;In firmware loads, ciphertext image file is obtained;Obtain code key;Ciphertext image file is decrypted using code key, to obtain rivest, shamir, adelman public key abstract, multicore load engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature to be verified;Judge whether rivest, shamir, adelman public key abstract to be verified meets preset requirement;If so, decryption rivest, shamir, adelman digital signature, to obtain the first multicore load engineering abstract;Hash algorithm processing is carried out to multicore load engineering, to obtain the second multicore load engineering abstract;Judge whether two multicore load engineering abstracts are consistent;If so, operation multicore loads engineering.The present invention realizes safety when improving load, solves the problems, such as that solid-state hard disk controller is easy to be cracked, and prevents controller from running forbidden code.
Description
Technical field
The present invention relates to solid state hard disks, more specifically refer to firmware method for secure loading, device, computer equipment and deposit
Storage media.
Background technique
The process of solid state hard disk loading firmware is that chip one powers at present, and what is run first in solid-state hard disk controller is embedding
Enter portion within the microcontroller and be used for the code that chip works normally, which loads plaintext first from nonvolatile flash memory chip
Multicore loads engineering, and multicore loads engineering operation.Solid-state hard disk controller loading multi-core loads engineering, all in the form of plaintext
Load, using such loading method, controller is easy to be cracked, and to run illegal code, security performance is lower.
Therefore, it is necessary to design a kind of new method, safety when improving load is realized, solve solid-state hard disk controller
It is easy the problem of being cracked, prevents controller from running forbidden code.
Summary of the invention
It is an object of the invention to overcome the deficiencies of existing technologies, firmware method for secure loading, device, computer are provided and set
Standby and storage medium.
To achieve the above object, the invention adopts the following technical scheme: firmware method for secure loading, comprising:
Multicore load engineering is encrypted, to obtain ciphertext image file;
In firmware loads, ciphertext image file is obtained;
Obtain the code key for decrypting the ciphertext image file;
Ciphertext image file is decrypted using code key, is made a summary with obtaining rivest, shamir, adelman public key to be verified, is more
Core loads engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
Judge whether the rivest, shamir, adelman public key abstract to be verified meets preset requirement;
If so, using rivest, shamir, adelman public key decryptions rivest, shamir, adelman digital signature, to obtain more than first
Core loads engineering abstract;
Hash algorithm processing is carried out to multicore load engineering, to obtain the second multicore load engineering abstract;
Judge whether the first multicore load engineering abstract and second multicore load engineering abstract are consistent;
If so, operation multicore load engineering is with loading firmware.
Its further technical solution are as follows: it is described that multicore load engineering is encrypted, to obtain ciphertext image file,
Include:
It obtains multicore and loads project file;
Hash processing is carried out to multicore load project file, to obtain the second multicore load engineering abstract;
Obtain rivest, shamir, adelman private key, rivest, shamir, adelman public key and Advanced Encryption Standard code key;
Using rivest, shamir, adelman private key to the load engineering abstract encryption of the second multicore, to generate rivest, shamir, adelman
Digital signature;
It is calculated using Advanced Encryption Standard secret key pair multicore load engineering, rivest, shamir, adelman public key and asymmetric encryption
The binary file of method digital signature composition carries out Advanced Encryption Standard encryption, to generate ciphertext image file.
Its further technical solution are as follows: described to load engineering, asymmetric encryption using Advanced Encryption Standard secret key pair multicore
The binary file of algorithm public key and rivest, shamir, adelman digital signature composition carries out Advanced Encryption Standard encryption, to generate
After ciphertext image file, further includes:
Ciphertext image file is write in nonvolatile flash memory chip;
Advanced Encryption Standard code key is write in the disposable programmable memory of insertion in the microcontroller;
Hash processing is carried out to rivest, shamir, adelman public key, generates standard rivest, shamir, adelman public key abstract;
Standard rivest, shamir, adelman public key is made a summary, the disposable programmable memory of insertion in the microcontroller is written
In.
Its further technical solution are as follows: described to obtain the code key for decrypting the ciphertext image file, comprising:
Advanced Encryption Standard code key is obtained from the disposable programmable memory;
Standard rivest, shamir, adelman public key abstract is obtained from the disposable programmable memory.
Its further technical solution are as follows: it is described that ciphertext image file is decrypted using code key, it is to be verified non-to obtain
Symmetric encipherment algorithm public key abstract, multicore load engineering, rivest, shamir, adelman public key and rivest, shamir, adelman number label
Name, comprising:
Advanced Encryption Standard decryption is done using Advanced Encryption Standard secret key pair ciphertext image file, multicore is generated and loads work
The clear text file of journey, rivest, shamir, adelman public key, rivest, shamir, adelman digital signature composition, to obtain multicore load work
Journey, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
Hash processing is carried out to rivest, shamir, adelman public key, to generate rivest, shamir, adelman public key abstract to be verified.
Its further technical solution are as follows: described to judge whether the rivest, shamir, adelman public key to be verified abstract meets pre-
If it is required that, comprising:
Judge that the rivest, shamir, adelman public key abstract to be verified is made a summary with the standard rivest, shamir, adelman public key
It is whether consistent;
If so, rivest, shamir, adelman public key abstract to be verified meets preset requirement;
If it is not, then rivest, shamir, adelman public key abstract to be verified does not meet preset requirement.
Its further technical solution are as follows: judgement the first multicore load engineering abstract is loaded with second multicore
After whether engineering abstract is consistent, further includes:
If it is not, then showing code load failure, code download function is jumped to.
The present invention also provides firmwares to be safely loaded with device, comprising:
Encryption unit, for multicore load engineering to be encrypted, to obtain ciphertext image file;
Image file acquiring unit, for obtaining ciphertext image file in firmware loads;
Code key acquiring unit, for obtaining the code key for decrypting the ciphertext image file;
First decryption unit, for ciphertext image file to be decrypted using code key, with obtain it is to be verified it is asymmetric plus
Close algorithm public key abstract, multicore load engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
First judging unit, for judging whether the rivest, shamir, adelman public key abstract to be verified meets default want
It asks;
Second decryption unit is used for if so, using rivest, shamir, adelman public key decryptions rivest, shamir, adelman number
Signature, to obtain the first multicore load engineering abstract;
Hash processing unit, for carrying out hash algorithm processing to multicore load engineering, to obtain the second multicore load work
Journey abstract;
Second judgment unit, for judging that the first multicore load engineering abstract and second multicore load engineering are plucked
It is whether consistent;
Running unit is used for if so, operation multicore load engineering is with loading firmware.
The present invention also provides a kind of computer equipments, which is characterized in that the computer equipment includes memory and place
Device is managed, is stored with computer program on the memory, the processor realizes above-mentioned side when executing the computer program
Method.
The present invention also provides a kind of storage mediums, which is characterized in that the storage medium is stored with computer program, institute
Above-mentioned method can be realized by stating when computer program is executed by processor.
Compared with the prior art, the invention has the advantages that: the present invention is by using Advanced Encryption Standardalgorithm and non-right
Claim Encryption Algorithm and Hash Processing Algorithm, multicore load engineering is encrypted, and combine Advanced Encryption Standardalgorithm
Code key, rivest, shamir, adelman public key and private key, in loading firmware, needed to ciphertext with forming ciphertext image file
Image file is decrypted, and is carrying out twice judgment step, only public in Advanced Encryption Standard code key, rivest, shamir, adelman
In the case that key, rivest, shamir, adelman private key and multicore load engineering are all satisfied requirement, firmware loads are just carried out, realization mentions
Safety when height load, solves the problems, such as that solid-state hard disk controller is easy to be cracked, and prevents controller from running forbidden code.
The invention will be further described in the following with reference to the drawings and specific embodiments.
Detailed description of the invention
Technical solution in order to illustrate the embodiments of the present invention more clearly, below will be to needed in embodiment description
Attached drawing is briefly described, it should be apparent that, drawings in the following description are some embodiments of the invention, general for this field
For logical technical staff, without creative efforts, it is also possible to obtain other drawings based on these drawings.
Fig. 1 is the application scenarios schematic diagram of firmware method for secure loading provided in an embodiment of the present invention;
Fig. 2 is the flow diagram of firmware method for secure loading provided in an embodiment of the present invention;
Fig. 3 is the sub-process schematic diagram of firmware method for secure loading provided in an embodiment of the present invention;
Fig. 4 is the sub-process schematic diagram of firmware method for secure loading provided in an embodiment of the present invention;
Fig. 5 is the sub-process schematic diagram of firmware method for secure loading provided in an embodiment of the present invention;
Fig. 6 is the sub-process schematic diagram of firmware method for secure loading provided in an embodiment of the present invention;
Fig. 7 is the schematic block diagram that firmware provided in an embodiment of the present invention is safely loaded with device;
Fig. 8 is the schematic block diagram of computer equipment provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are some of the embodiments of the present invention, instead of all the embodiments.Based on this hair
Embodiment in bright, every other implementation obtained by those of ordinary skill in the art without making creative efforts
Example, shall fall within the protection scope of the present invention.
It should be appreciated that ought use in this specification and in the appended claims, term " includes " and "comprising" instruction
Described feature, entirety, step, operation, the presence of element and/or component, but one or more of the other feature, whole is not precluded
Body, step, operation, the presence or addition of element, component and/or its set.
It is also understood that mesh of the term used in this description of the invention merely for the sake of description specific embodiment
And be not intended to limit the present invention.As description of the invention and it is used in the attached claims, unless on
Other situations are hereafter clearly indicated, otherwise " one " of singular, "one" and "the" are intended to include plural form.
It will be further appreciated that the term "and/or" used in description of the invention and the appended claims is
Refer to any combination and all possible combinations of one or more of associated item listed, and including these combinations.
Fig. 1 and Fig. 2 are please referred to, Fig. 1 is that the application scenarios of firmware method for secure loading provided in an embodiment of the present invention are illustrated
Figure.Fig. 2 is the schematic flow chart of firmware method for secure loading provided in an embodiment of the present invention.Firmware method for secure loading fortune
For terminal and in the equipment with solid state hard disk, production ciphertext image file is made by terminal, mainly passes through strapping tool
Realize, and by after production ciphertext image file and association key be stored in solid state hard disk, when by solid state hard disk loading firmware
It is used after being decrypted.
Fig. 2 is the flow diagram of firmware method for secure loading provided in an embodiment of the present invention.As shown in Fig. 2, this method
Include the following steps S110 to S150.
S110, multicore load engineering is encrypted, to obtain ciphertext image file.
In the present embodiment, ciphertext image file is to carry out Advanced Encryption Standard and asymmetric encryption to multicore load engineering
Two kinds of enciphering and deciphering algorithms of algorithm digital signature are encrypted, and to image file that formation is encrypted after relevant cipher key combinations.
In one embodiment, as shown in figure 3, above-mentioned step S110 may include step S111~S119.
S111, multicore load project file is obtained.
In the present embodiment, multicore first being obtained from solid state hard disk and loading project file, it is main which loads project file
For used in loading firmware.
S112, Hash processing is carried out to multicore load project file, to obtain the second multicore load engineering abstract.
In the present embodiment, the second above-mentioned multicore load engineering abstract refers to that multicore load project file carries out at Hash
The abstract of the cryptographic Hash of the record this document obtained after reason.
Using hash algorithm to multicore load project file handle, specifically using hash function to file at
Reason forms the second multicore load engineering abstract to obtain the cryptographic Hash of this document.
S113, rivest, shamir, adelman private key, rivest, shamir, adelman public key and Advanced Encryption Standard code key are obtained.
In the present embodiment, it is encrypted using rivest, shamir, adelman and Advanced Encryption Standardalgorithm, to improve
The safety of entire loading procedure, so that controller is not easy to be cracked.
S114, the second multicore load engineering abstract is encrypted using rivest, shamir, adelman private key, to generate asymmetric add
Close algorithm digital signature.
In the present embodiment, it is specifically encrypted using the RSA rivest, shamir, adelman private key, and is solved by public key
It is close, to achieve the effect that asymmetric encryption, and then improve the safety of entire ciphering process.
S115, Advanced Encryption Standard secret key pair multicore load engineering, rivest, shamir, adelman public key and asymmetric are used
The binary file of Encryption Algorithm digital signature composition carries out Advanced Encryption Standard encryption, to generate ciphertext image file.
Specifically encrypted, AES using AES (Advanced Encryption Standard, Advanced Encryption Standard)
Encrypted data chunk block length is necessary for 128 bits, and Advanced Encryption Standard code key length can be 128 bits, 192 bits, 256
Any one (if when data block and code key curtailment, meeting polishing) in bit.AES encryption has the repetition and change much taken turns
It changes.Substantially steps are as follows: code key extension;Initial wheel;It repeats to take turns, each round includes: that byte replaces, row shifts, column are obscured, take turns again
Key is added;Final wheel, final wheel are obscured without column, are added and are replaced with another round key.Wherein, byte replaces being by non-
Each byte is substituted for corresponding byte with the mode of look-up table by linear replacement function.Row displacement is will be every in matrix
A row carries out circulating displacement, such as positive row displacement and the displacement of reverse row.Column are obscured each in order to be sufficiently mixed in matrix
The operation of a straight trip, the step mix four bytes of each column using linear transformation, for example positive nematic is obscured and inversely arranged
Obscure.Round key addition is that each of matrix byte all does XOR operation with the next round code key;Each sub-key is given birth to by key
It is generated at scheme.
Using AES to multicore load engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature group
At binary file carry out Advanced Encryption Standard encryption, can be further improved the safety of entire ciphertext image file.
S116, ciphertext image file is write in nonvolatile flash memory chip.
In the present embodiment, ciphertext image file is written in nonvolatile flash memory chip, in order to which controller loads this article
Rear loading firmware is decrypted in part.
S117, Advanced Encryption Standard code key is write in the disposable programmable memory of insertion in the microcontroller;
S118, Hash processing is carried out to rivest, shamir, adelman public key, generates standard rivest, shamir, adelman public key abstract;
S119, the One Time Programmable of write-in insertion in the microcontroller that standard rivest, shamir, adelman public key is made a summary are deposited
In reservoir.
The code key of Advanced Encryption Standardalgorithm writes in the disposable programmable memory of the controller of solid state hard disk, non-right
Claim the private key of Encryption Algorithm to be saved by the secret personnel that mirror image makes, that is, is stored in holder terminal hand, it is asymmetric to add
Close algorithm public key and multicore load engineering, rivest, shamir, adelman digital signature are packaged with, that is, after using AES encryption, under
It is loaded onto nonvolatile flash memory chip, three big key elements is deposited in into different positions, only possess this three simultaneously, it just can be with
Decryption, and it is safely loaded with firmware.
S120, in firmware loads, obtain ciphertext image file.
In the present embodiment, it first will be embedded in microcontroller for the code configuration of chip normal work non-volatile
The loading mode of flash chip, chip power on, and run the code, by the code, read from nonvolatile flash memory chip by more
Core loads the ciphertext mirror by AES encryption that engineering, rivest, shamir, adelman public key, rivest, shamir, adelman digital signature form
As file.
S130, the code key for decrypting the ciphertext image file is obtained.
In the present embodiment, above-mentioned code key includes that Advanced Encryption Standard code key, standard rivest, shamir, adelman public key are plucked
It wants.
In one embodiment, as shown in figure 4, above-mentioned step S130 may include step S131~S132.
S131, Advanced Encryption Standard code key is obtained from the disposable programmable memory;
S132, standard rivest, shamir, adelman public key abstract is obtained from the disposable programmable memory.
S140, ciphertext image file is decrypted using code key, is plucked with obtaining rivest, shamir, adelman public key to be verified
It wants, multicore loads engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature.
In the present embodiment, it in the process of loading firmware, is equivalent to and decryption oprerations is done to initial ciphering process.
In one embodiment, as shown in figure 5, above-mentioned step S140 may include step S141~S142.
S141, Advanced Encryption Standard decryption is done using Advanced Encryption Standard secret key pair ciphertext image file, generate multicore and add
The clear text file of engineering, rivest, shamir, adelman public key, rivest, shamir, adelman digital signature composition is carried, to obtain multicore load
Engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
S142, Hash processing is carried out to rivest, shamir, adelman public key, to generate rivest, shamir, adelman public key to be verified
Abstract.
Above-mentioned AES decrypting process is the reverse process for making the AES encryption process of ciphertext image file, and to asymmetric
Encryption Algorithm public key carries out Hash processing and the rivest, shamir, adelman public key Hash of above-mentioned production ciphertext image file is processed
Journey is consistent, to ensure the consistency compared.
S150, judge whether the rivest, shamir, adelman public key abstract to be verified meets preset requirement.
In the present embodiment, preset requirement refers to that the rivest, shamir, adelman public key to be verified is made a summary and standard is asymmetric and adds
Close algorithm public key abstract is consistent.
In one embodiment, as shown in fig. 6, above-mentioned step S150 may include step S151~S153.
S151, judge the rivest, shamir, adelman public key abstract to be verified and the standard rivest, shamir, adelman public key
It whether consistent makes a summary;
S152, if so, rivest, shamir, adelman public key to be verified abstract meet preset requirement;
S153, if it is not, then rivest, shamir, adelman public key to be verified abstract does not meet preset requirement.
If it is not, then entering step S200;
S160, if so, using rivest, shamir, adelman public key decryptions rivest, shamir, adelman digital signature, to obtain
One multicore loads engineering abstract.
S170, hash algorithm processing is carried out to multicore load engineering, to obtain the second multicore load engineering abstract.
Second multicore load engineering abstract namely production ciphertext image file during generate about multicore load
The abstract with its cryptographic Hash of engineering.
S180, judge whether the first multicore load engineering abstract and second multicore load engineering abstract are consistent;
S190, if so, operation multicore load engineering with loading firmware;
S200, fail if it is not, then showing that code loads, jump to code download function.
Solid-state hard disk controller operates normally code and needs to obtain Advanced Encryption Standard code key, rivest, shamir, adelman public affairs
Key, rivest, shamir, adelman private key, three are indispensable.If code key is not leaked, controller can not be cracked, forbidden code
It can not be run in solid-state hard disk controller, and ensure that multicore load engineering is that the engineering of the solid state hard disk can just be transported
Row, to carry out loading firmware.
Above-mentioned firmware method for secure loading, by using Advanced Encryption Standardalgorithm and rivest, shamir, adelman and Kazakhstan
Uncommon Processing Algorithm is encrypted multicore load engineering, and combines the code key of Advanced Encryption Standardalgorithm, asymmetric encryption
The public key and private key of algorithm, in loading firmware, need that ciphertext image file is decrypted to form ciphertext image file,
Twice judgment step is being carried out, it is only private in Advanced Encryption Standard code key, rivest, shamir, adelman public key, rivest, shamir, adelman
In the case that key and multicore load engineering are all satisfied requirement, firmware loads are just carried out, realize safety when improving load, solution
Certainly solid-state hard disk controller is easy the problem of being cracked, and prevents controller from running forbidden code.
Fig. 7 is the schematic block diagram that a kind of firmware provided in an embodiment of the present invention is safely loaded with device 300.As shown in fig. 7,
Corresponding to the above firmware method for secure loading, the present invention also provides a kind of firmwares to be safely loaded with device 300.The firmware is safely loaded with
Device 300 includes the unit for executing above-mentioned firmware method for secure loading, which can be configured in desktop computer, plate
In the terminals such as computer, laptop computer and equipment with solid state hard disk.
Specifically, referring to Fig. 7, the firmware is safely loaded with device 300 includes:
Encryption unit 301, for multicore load engineering to be encrypted, to obtain ciphertext image file;
Image file acquiring unit 302, for obtaining ciphertext image file in firmware loads;
Code key acquiring unit 303, for obtaining the code key for decrypting the ciphertext image file;
First decryption unit 304, it is to be verified asymmetric to obtain for ciphertext image file to be decrypted using code key
Encryption Algorithm public key abstract, multicore load engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
First judging unit 305, for judging it is default whether the rivest, shamir, adelman public key abstract to be verified meets
It is required that;
Second decryption unit 306, for if so, using rivest, shamir, adelman public key decryptions rivest, shamir, adelman number
Word signature, to obtain the first multicore load engineering abstract;
Hash processing unit 307, for carrying out hash algorithm processing to multicore load engineering, to obtain the load of the second multicore
Engineering abstract;
Second judgment unit 308, for judging that the first multicore load engineering abstract loads work with second multicore
Whether journey abstract is consistent;
Running unit 309 is used for if so, operation multicore load engineering is with loading firmware.
In one embodiment, the encryption unit 301 includes:
File acquisition subelement, for obtaining multicore load project file;
First Hash handles subelement, for carrying out Hash processing to multicore load project file, to obtain the second multicore
Load engineering abstract;
First code key obtain subelement, for obtain rivest, shamir, adelman private key, rivest, shamir, adelman public key and
Advanced Encryption Standard code key;
Abstract encryption sub-unit operable, for being encrypted using rivest, shamir, adelman private key to the second multicore load engineering abstract,
To generate rivest, shamir, adelman digital signature;
Image file generates subelement, for loading engineering, asymmetric encryption using Advanced Encryption Standard secret key pair multicore
The binary file of algorithm public key and rivest, shamir, adelman digital signature composition carries out Advanced Encryption Standard encryption, to generate
Ciphertext image file;
Subelement is written in file, for writing ciphertext image file in nonvolatile flash memory chip;
Subelement is written in code key, compiles for Advanced Encryption Standard code key to be write insertion in the microcontroller disposable
In journey memory;
Public-key process subelement, for carrying out Hash processing to rivest, shamir, adelman public key, generation standard is asymmetric to be added
Close algorithm public key abstract;
Subelement is written in public key, is embedded in the microcontroller for standard rivest, shamir, adelman public key to make a summary to be written
In disposable programmable memory.
In one embodiment, above-mentioned code key acquiring unit 303 includes
Standard code key obtains subelement, for obtaining Advanced Encryption Standard code key from the disposable programmable memory;
Abstract obtains subelement, for obtaining standard rivest, shamir, adelman public key from the disposable programmable memory
Abstract.
In one embodiment, the first above-mentioned decryption unit 304 includes:
High level decryption subelement, for doing Advanced Encryption Standard solution using Advanced Encryption Standard secret key pair ciphertext image file
It is close, multicore load engineering, the clear text file of rivest, shamir, adelman public key, rivest, shamir, adelman digital signature composition are generated,
To obtain multicore load engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
Summarization generation subelement to be verified, it is to be tested to generate for carrying out Hash processing to rivest, shamir, adelman public key
Demonstrate,prove rivest, shamir, adelman public key abstract.
In addition, above-mentioned device further include:
Display unit 310 jumps to code download function for failing if it is not, then showing that code loads.
It should be noted that it is apparent to those skilled in the art that, above-mentioned firmware is safely loaded with device
300 and each unit specific implementation process, can with reference to the corresponding description in preceding method embodiment, for convenience of description and
Succinctly, details are not described herein.
Above-mentioned firmware, which is safely loaded with device 300, can be implemented as a kind of form of computer program, which can
To be run in computer equipment as shown in Figure 8.
Referring to Fig. 8, Fig. 8 is a kind of schematic block diagram of computer equipment provided by the embodiments of the present application.The computer
Equipment 500 can be the terminal with solid state hard disk, be also possible to the server with solid state hard disk, wherein terminal can be
Smart phone, tablet computer, laptop, desktop computer etc. have the electronic equipment of communication function.Server can be solely
Vertical server is also possible to the server cluster of multiple server compositions.
Refering to Fig. 8, which includes processor 502, memory and the net connected by system bus 501
Network interface 505, wherein memory may include non-volatile memory medium 503 and built-in storage 504.
The non-volatile memory medium 503 can storage program area 5031 and computer program 5032.The computer program
5032 include program instruction, which is performed, and processor 502 may make to execute a kind of firmware method for secure loading.
The processor 502 is for providing calculating and control ability, to support the operation of entire computer equipment 500.
The built-in storage 504 provides environment for the operation of the computer program 5032 in non-volatile memory medium 503, should
When computer program 5032 is executed by processor 502, processor 502 may make to execute a kind of firmware method for secure loading.
The network interface 505 is used to carry out network communication with other equipment.It will be understood by those skilled in the art that in Fig. 8
The structure shown, only the block diagram of part-structure relevant to application scheme, does not constitute and is applied to application scheme
The restriction of computer equipment 500 thereon, specific computer equipment 500 may include more more or fewer than as shown in the figure
Component perhaps combines certain components or with different component layouts.
Wherein, the processor 502 is for running computer program 5032 stored in memory, to realize following step
It is rapid:
Multicore load engineering is encrypted, to obtain ciphertext image file;
In firmware loads, ciphertext image file is obtained;
Obtain the code key for decrypting the ciphertext image file;
Ciphertext image file is decrypted using code key, is made a summary with obtaining rivest, shamir, adelman public key to be verified, is more
Core loads engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
Judge whether the rivest, shamir, adelman public key abstract to be verified meets preset requirement;
If so, using rivest, shamir, adelman public key decryptions rivest, shamir, adelman digital signature, to obtain more than first
Core loads engineering abstract;
Hash algorithm processing is carried out to multicore load engineering, to obtain the second multicore load engineering abstract;
Judge whether the first multicore load engineering abstract and second multicore load engineering abstract are consistent;
If so, operation multicore load engineering is with loading firmware.
In one embodiment, processor 502 realize it is described to multicore load engineering be encrypted, to obtain ciphertext
When image file step, it is implemented as follows step:
It obtains multicore and loads project file;
Hash processing is carried out to multicore load project file, to obtain the second multicore load engineering abstract;
Obtain rivest, shamir, adelman private key, rivest, shamir, adelman public key and Advanced Encryption Standard code key;
Using rivest, shamir, adelman private key to the load engineering abstract encryption of the second multicore, to generate rivest, shamir, adelman
Digital signature;
It is calculated using Advanced Encryption Standard secret key pair multicore load engineering, rivest, shamir, adelman public key and asymmetric encryption
The binary file of method digital signature composition carries out Advanced Encryption Standard encryption, to generate ciphertext image file.
In one embodiment, processor 502 realize it is described using Advanced Encryption Standard secret key pair multicore load engineering, non-
The binary file of symmetric encipherment algorithm public key and rivest, shamir, adelman digital signature composition carries out Advanced Encryption Standard and adds
It is close, after generating ciphertext image file step, also realize following steps:
Ciphertext image file is write in nonvolatile flash memory chip;
Advanced Encryption Standard code key is write in the disposable programmable memory of insertion in the microcontroller;
Hash processing is carried out to rivest, shamir, adelman public key, generates standard rivest, shamir, adelman public key abstract;
Standard rivest, shamir, adelman public key is made a summary, the disposable programmable memory of insertion in the microcontroller is written
In.
In one embodiment, processor 502 realize it is described obtain the code key step for decrypting the ciphertext image file when,
It is implemented as follows step:
Advanced Encryption Standard code key is obtained from the disposable programmable memory;
Standard rivest, shamir, adelman public key abstract is obtained from the disposable programmable memory.
In one embodiment, processor 502 realize it is described ciphertext image file is decrypted using code key, to obtain
Rivest, shamir, adelman public key abstract, multicore load engineering, rivest, shamir, adelman public key and asymmetric encryption to be verified are calculated
When method digital signature step, it is implemented as follows step:
Advanced Encryption Standard decryption is done using Advanced Encryption Standard secret key pair ciphertext image file, multicore is generated and loads work
The clear text file of journey, rivest, shamir, adelman public key, rivest, shamir, adelman digital signature composition, to obtain multicore load work
Journey, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
Hash processing is carried out to rivest, shamir, adelman public key, to generate rivest, shamir, adelman public key abstract to be verified.
In one embodiment, processor 502 is realizing the judgement rivest, shamir, adelman public key abstract to be verified
When whether meeting preset requirement step, it is implemented as follows step:
Judge that the rivest, shamir, adelman public key abstract to be verified is made a summary with the standard rivest, shamir, adelman public key
It is whether consistent;
If so, rivest, shamir, adelman public key abstract to be verified meets preset requirement;
If it is not, then rivest, shamir, adelman public key abstract to be verified does not meet preset requirement.
In one embodiment, processor 502 is realizing the judgement first multicore load engineering abstract and described the
Two multicores load engineering abstract whether after consistent step, also realization following steps:
If it is not, then showing code load failure, code download function is jumped to.
It should be appreciated that in the embodiment of the present application, processor 502 can be central processing unit (Central
Processing Unit, CPU), which can also be other general processors, digital signal processor (Digital
Signal Processor, DSP), specific integrated circuit (Application Specific Integrated Circuit,
ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic
Device, discrete gate or transistor logic, discrete hardware components etc..Wherein, general processor can be microprocessor or
Person's processor is also possible to any conventional processor etc..
Those of ordinary skill in the art will appreciate that be realize above-described embodiment method in all or part of the process,
It is that relevant hardware can be instructed to complete by computer program.The computer program includes program instruction, computer journey
Sequence can be stored in a storage medium, which is computer readable storage medium.The program instruction is by the department of computer science
At least one processor in system executes, to realize the process step of the embodiment of the above method.
Therefore, the present invention also provides a kind of storage mediums.The storage medium can be computer readable storage medium.This is deposited
Storage media is stored with computer program, and processor is made to execute following steps when wherein the computer program is executed by processor:
Multicore load engineering is encrypted, to obtain ciphertext image file;
In firmware loads, ciphertext image file is obtained;
Obtain the code key for decrypting the ciphertext image file;
Ciphertext image file is decrypted using code key, is made a summary with obtaining rivest, shamir, adelman public key to be verified, is more
Core loads engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
Judge whether the rivest, shamir, adelman public key abstract to be verified meets preset requirement;
If so, using rivest, shamir, adelman public key decryptions rivest, shamir, adelman digital signature, to obtain more than first
Core loads engineering abstract;
Hash algorithm processing is carried out to multicore load engineering, to obtain the second multicore load engineering abstract;
Judge whether the first multicore load engineering abstract and second multicore load engineering abstract are consistent;
If so, operation multicore load engineering is with loading firmware.
In one embodiment, the processor execute the computer program and realize it is described to multicore load engineering into
Row encryption is implemented as follows step when obtaining ciphertext image file step:
It obtains multicore and loads project file;
Hash processing is carried out to multicore load project file, to obtain the second multicore load engineering abstract;
Obtain rivest, shamir, adelman private key, rivest, shamir, adelman public key and Advanced Encryption Standard code key;
Using rivest, shamir, adelman private key to the load engineering abstract encryption of the second multicore, to generate rivest, shamir, adelman
Digital signature;
It is calculated using Advanced Encryption Standard secret key pair multicore load engineering, rivest, shamir, adelman public key and asymmetric encryption
The binary file of method digital signature composition carries out Advanced Encryption Standard encryption, to generate ciphertext image file.
In one embodiment, the processor is realized and described uses Advanced Encryption Standard executing the computer program
Secret key pair multicore loads the binary system text of engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature composition
Part carries out Advanced Encryption Standard encryption, after generating ciphertext image file step, also realizes following steps:
Ciphertext image file is write in nonvolatile flash memory chip;
Advanced Encryption Standard code key is write in the disposable programmable memory of insertion in the microcontroller;
Hash processing is carried out to rivest, shamir, adelman public key, generates standard rivest, shamir, adelman public key abstract;
Standard rivest, shamir, adelman public key is made a summary, the disposable programmable memory of insertion in the microcontroller is written
In.
In one embodiment, the processor realizes the acquisition decryption ciphertext executing the computer program
When the code key step of image file, it is implemented as follows step:
Advanced Encryption Standard code key is obtained from the disposable programmable memory;
Standard rivest, shamir, adelman public key abstract is obtained from the disposable programmable memory.
In one embodiment, the processor is realized and described is adopted to ciphertext image file executing the computer program
It is decrypted, is made a summary with obtaining rivest, shamir, adelman public key to be verified, multicore load engineering, rivest, shamir, adelman with code key
When public key and rivest, shamir, adelman digital signature step, it is implemented as follows step:
Advanced Encryption Standard decryption is done using Advanced Encryption Standard secret key pair ciphertext image file, multicore is generated and loads work
The clear text file of journey, rivest, shamir, adelman public key, rivest, shamir, adelman digital signature composition, to obtain multicore load work
Journey, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
Hash processing is carried out to rivest, shamir, adelman public key, to generate rivest, shamir, adelman public key abstract to be verified.
In one embodiment, the processor realizes that the judgement is described to be verified non-executing the computer program
When whether symmetric encipherment algorithm public key abstract meets preset requirement step, following steps are also realized:
Judge that the rivest, shamir, adelman public key abstract to be verified is made a summary with the standard rivest, shamir, adelman public key
It is whether consistent;
If so, rivest, shamir, adelman public key abstract to be verified meets preset requirement;
If it is not, then rivest, shamir, adelman public key abstract to be verified does not meet preset requirement.
In one embodiment, the processor realizes judgement first multicore executing the computer program
Engineering abstract is loaded with second multicore load engineering abstract whether after consistent step, also realization following steps:
If it is not, then showing code load failure, code download function is jumped to.
The storage medium can be USB flash disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), magnetic disk
Or the various computer readable storage mediums that can store program code such as CD.
Those of ordinary skill in the art may be aware that list described in conjunction with the examples disclosed in the embodiments of the present disclosure
Member and algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clearly demonstrate hardware
With the interchangeability of software, each exemplary composition and step are generally described according to function in the above description.This
A little functions are implemented in hardware or software actually, the specific application and design constraint depending on technical solution.Specially
Industry technical staff can use different methods to achieve the described function each specific application, but this realization is not
It is considered as beyond the scope of this invention.
In several embodiments provided by the present invention, it should be understood that disclosed device and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary.For example, the division of each unit, only
Only a kind of logical function partition, there may be another division manner in actual implementation.Such as multiple units or components can be tied
Another system is closed or is desirably integrated into, or some features can be ignored or not executed.
The steps in the embodiment of the present invention can be sequentially adjusted, merged and deleted according to actual needs.This hair
Unit in bright embodiment device can be combined, divided and deleted according to actual needs.In addition, in each implementation of the present invention
Each functional unit in example can integrate in one processing unit, is also possible to each unit and physically exists alone, can also be with
It is that two or more units are integrated in one unit.
If the integrated unit is realized in the form of SFU software functional unit and when sold or used as an independent product,
It can store in one storage medium.Based on this understanding, technical solution of the present invention is substantially in other words to existing skill
The all or part of part or the technical solution that art contributes can be embodied in the form of software products, the meter
Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a
People's computer, terminal or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
Those familiar with the art in the technical scope disclosed by the present invention, can readily occur in various equivalent modifications or replace
It changes, these modifications or substitutions should be covered by the protection scope of the present invention.Therefore, protection scope of the present invention should be with right
It is required that protection scope subject to.
Claims (10)
1. firmware method for secure loading characterized by comprising
Multicore load engineering is encrypted, to obtain ciphertext image file;
In firmware loads, ciphertext image file is obtained;
Obtain the code key for decrypting the ciphertext image file;
Ciphertext image file is decrypted using code key, to obtain, rivest, shamir, adelman public key to be verified is made a summary, multicore adds
Carry engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
Judge whether the rivest, shamir, adelman public key abstract to be verified meets preset requirement;
If so, being added using rivest, shamir, adelman public key decryptions rivest, shamir, adelman digital signature with obtaining the first multicore
Carry engineering abstract;
Hash algorithm processing is carried out to multicore load engineering, to obtain the second multicore load engineering abstract;
Judge whether the first multicore load engineering abstract and second multicore load engineering abstract are consistent;
If so, operation multicore load engineering is with loading firmware.
2. firmware method for secure loading according to claim 1, which is characterized in that described to add to multicore load engineering
Close processing, to obtain ciphertext image file, comprising:
It obtains multicore and loads project file;
Hash processing is carried out to multicore load project file, to obtain the second multicore load engineering abstract;
Obtain rivest, shamir, adelman private key, rivest, shamir, adelman public key and Advanced Encryption Standard code key;
Using rivest, shamir, adelman private key to the load engineering abstract encryption of the second multicore, to generate rivest, shamir, adelman number
Signature;
Use Advanced Encryption Standard secret key pair multicore load engineering, rivest, shamir, adelman public key and rivest, shamir, adelman number
The binary file of word signature composition carries out Advanced Encryption Standard encryption, to generate ciphertext image file.
3. firmware method for secure loading according to claim 2, which is characterized in that described to use Advanced Encryption Standard code key
To multicore load engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature composition binary file into
Row Advanced Encryption Standard encryption, after generating ciphertext image file, further includes:
Ciphertext image file is write in nonvolatile flash memory chip;
Advanced Encryption Standard code key is write in the disposable programmable memory of insertion in the microcontroller;
Hash processing is carried out to rivest, shamir, adelman public key, generates standard rivest, shamir, adelman public key abstract;
Standard rivest, shamir, adelman public key is made a summary and is written in the disposable programmable memory of insertion in the microcontroller.
4. firmware method for secure loading according to any one of claims 1 to 3, which is characterized in that institute is decrypted in the acquisition
State the code key of ciphertext image file, comprising:
Advanced Encryption Standard code key is obtained from the disposable programmable memory;
Standard rivest, shamir, adelman public key abstract is obtained from the disposable programmable memory.
5. firmware method for secure loading according to claim 4, which is characterized in that it is described to ciphertext image file using secret
Key is decrypted, and is made a summary with obtaining rivest, shamir, adelman public key to be verified, multicore load engineering, rivest, shamir, adelman public key
And rivest, shamir, adelman digital signature, comprising:
Advanced Encryption Standard decryption is done using Advanced Encryption Standard secret key pair ciphertext image file, generates multicore load engineering, non-
The clear text file of symmetric encipherment algorithm public key, rivest, shamir, adelman digital signature composition, to obtain multicore load engineering, non-right
Claim Encryption Algorithm public key and rivest, shamir, adelman digital signature;
Hash processing is carried out to rivest, shamir, adelman public key, to generate rivest, shamir, adelman public key abstract to be verified.
6. firmware method for secure loading according to claim 5, which is characterized in that the judgement is described to be verified asymmetric
Whether Encryption Algorithm public key abstract meets preset requirement, comprising:
Judge whether the rivest, shamir, adelman public key abstract to be verified makes a summary with the standard rivest, shamir, adelman public key
Unanimously;
If so, rivest, shamir, adelman public key abstract to be verified meets preset requirement;
If it is not, then rivest, shamir, adelman public key abstract to be verified does not meet preset requirement.
7. firmware method for secure loading according to claim 1, which is characterized in that judgement the first multicore load
After whether engineering abstract and second multicore load engineering abstract are consistent, further includes:
If it is not, then showing code load failure, code download function is jumped to.
8. firmware is safely loaded with device characterized by comprising
Encryption unit, for multicore load engineering to be encrypted, to obtain ciphertext image file;
Image file acquiring unit, for obtaining ciphertext image file in firmware loads;
Code key acquiring unit, for obtaining the code key for decrypting the ciphertext image file;
First decryption unit is calculated for ciphertext image file to be decrypted using code key with obtaining asymmetric encryption to be verified
Method public key abstract, multicore load engineering, rivest, shamir, adelman public key and rivest, shamir, adelman digital signature;
First judging unit, for judging whether the rivest, shamir, adelman public key abstract to be verified meets preset requirement;
Second decryption unit is used for if so, using rivest, shamir, adelman public key decryptions rivest, shamir, adelman digital signature,
To obtain the first multicore load engineering abstract;
Hash processing unit is plucked for carrying out hash algorithm processing to multicore load engineering with obtaining the second multicore load engineering
It wants;
Second judgment unit, for judging that the first multicore load engineering is made a summary and second multicore load engineering abstract is
It is no consistent;
Running unit is used for if so, operation multicore load engineering is with loading firmware.
9. a kind of computer equipment, which is characterized in that the computer equipment includes memory and processor, on the memory
It is stored with computer program, the processor is realized as described in any one of claims 1 to 7 when executing the computer program
Method.
10. a kind of storage medium, which is characterized in that the storage medium is stored with computer program, the computer program quilt
Processor can realize the method as described in any one of claims 1 to 7 when executing.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811524830.9A CN109583189B (en) | 2018-12-13 | 2018-12-13 | Firmware secure loading method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811524830.9A CN109583189B (en) | 2018-12-13 | 2018-12-13 | Firmware secure loading method and device, computer equipment and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109583189A true CN109583189A (en) | 2019-04-05 |
CN109583189B CN109583189B (en) | 2020-08-11 |
Family
ID=65928401
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811524830.9A Active CN109583189B (en) | 2018-12-13 | 2018-12-13 | Firmware secure loading method and device, computer equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109583189B (en) |
Cited By (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110008689A (en) * | 2019-04-15 | 2019-07-12 | 苏州浪潮智能科技有限公司 | A kind of BMC starting method, apparatus, equipment and computer readable storage medium |
CN110109714A (en) * | 2019-04-25 | 2019-08-09 | 深圳忆联信息系统有限公司 | Promote method, apparatus, computer equipment and the storage medium of firmware loads efficiency |
CN110704852A (en) * | 2019-09-26 | 2020-01-17 | 江苏方天电力技术有限公司 | Encryption system for RTOS system program image file |
CN111783072A (en) * | 2020-07-15 | 2020-10-16 | 北京同源华安软件科技有限公司 | Security control method and device under Linux system |
CN111857756A (en) * | 2020-07-23 | 2020-10-30 | 上海世麦智能科技有限公司 | Safe flashing method and system based on hardware encryption |
CN112131612A (en) * | 2020-09-30 | 2020-12-25 | 杭州安恒信息安全技术有限公司 | CF card data tamper-proofing method, device, equipment and medium |
CN112187544A (en) * | 2020-09-30 | 2021-01-05 | 深圳忆联信息系统有限公司 | Firmware upgrading method and device, computer equipment and storage medium |
CN112306547A (en) * | 2020-09-29 | 2021-02-02 | 北京软慧科技有限公司 | Method and device for identifying firmware encryption mode |
CN112433742A (en) * | 2020-11-26 | 2021-03-02 | 中电金融设备系统(深圳)有限公司 | Secure firmware updating method, device, equipment and storage medium |
CN112560064A (en) * | 2020-12-23 | 2021-03-26 | Oppo广东移动通信有限公司 | File detection method and device, storage medium and user terminal |
CN112733092A (en) * | 2020-12-30 | 2021-04-30 | 五八有限公司 | Information processing method and device |
CN113127262A (en) * | 2020-01-13 | 2021-07-16 | 北京地平线机器人技术研发有限公司 | Method and device for generating mirror image file, electronic equipment and storage medium |
CN113138775A (en) * | 2020-01-20 | 2021-07-20 | 上海交通大学 | Firmware protection method and system for vehicle-mounted diagnosis system |
CN113177222A (en) * | 2021-05-28 | 2021-07-27 | 沈阳美行科技有限公司 | Dynamic library processing method and device, electronic equipment and storage medium |
CN113239363A (en) * | 2021-06-01 | 2021-08-10 | 长江存储科技有限责任公司 | Firmware updating method, device, equipment, readable storage medium and memory system |
CN113656086A (en) * | 2020-04-28 | 2021-11-16 | 瑞昱半导体股份有限公司 | Method for safely storing and loading firmware and electronic device |
CN113688399A (en) * | 2021-08-25 | 2021-11-23 | 深圳忆联信息系统有限公司 | Firmware digital signature protection method and device, computer equipment and storage medium |
CN113742784A (en) * | 2020-05-27 | 2021-12-03 | 瑞昱半导体股份有限公司 | System for applying method for accelerating verification of mapping file |
CN114201224A (en) * | 2021-12-13 | 2022-03-18 | 北京奕斯伟计算技术有限公司 | Processor starting method, heterogeneous processor system and processor starting device |
CN114266055A (en) * | 2022-03-02 | 2022-04-01 | 山东华翼微电子技术股份有限公司 | Multi-core firmware secure storage method and system |
CN114817935A (en) * | 2022-05-26 | 2022-07-29 | 无锡华大国奇科技有限公司 | Chip safe starting method |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
CN103914658A (en) * | 2013-01-05 | 2014-07-09 | 展讯通信(上海)有限公司 | Safe starting method of terminal equipment, and terminal equipment |
CN104156659A (en) * | 2014-08-14 | 2014-11-19 | 电子科技大学 | Embedded system secure start method |
-
2018
- 2018-12-13 CN CN201811524830.9A patent/CN109583189B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
CN103914658A (en) * | 2013-01-05 | 2014-07-09 | 展讯通信(上海)有限公司 | Safe starting method of terminal equipment, and terminal equipment |
CN103914658B (en) * | 2013-01-05 | 2017-02-22 | 展讯通信(上海)有限公司 | Safe starting method of terminal equipment, and terminal equipment |
CN104156659A (en) * | 2014-08-14 | 2014-11-19 | 电子科技大学 | Embedded system secure start method |
Cited By (29)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110008689A (en) * | 2019-04-15 | 2019-07-12 | 苏州浪潮智能科技有限公司 | A kind of BMC starting method, apparatus, equipment and computer readable storage medium |
CN110109714B (en) * | 2019-04-25 | 2022-03-29 | 深圳忆联信息系统有限公司 | Method and device for improving firmware loading efficiency, computer equipment and storage medium |
CN110109714A (en) * | 2019-04-25 | 2019-08-09 | 深圳忆联信息系统有限公司 | Promote method, apparatus, computer equipment and the storage medium of firmware loads efficiency |
CN110704852A (en) * | 2019-09-26 | 2020-01-17 | 江苏方天电力技术有限公司 | Encryption system for RTOS system program image file |
CN113127262B (en) * | 2020-01-13 | 2024-05-14 | 北京地平线机器人技术研发有限公司 | Image file generation method and device, electronic equipment and storage medium |
CN113127262A (en) * | 2020-01-13 | 2021-07-16 | 北京地平线机器人技术研发有限公司 | Method and device for generating mirror image file, electronic equipment and storage medium |
CN113138775B (en) * | 2020-01-20 | 2022-11-18 | 上海交通大学 | Firmware protection method and system for vehicle-mounted diagnosis system |
CN113138775A (en) * | 2020-01-20 | 2021-07-20 | 上海交通大学 | Firmware protection method and system for vehicle-mounted diagnosis system |
CN113656086A (en) * | 2020-04-28 | 2021-11-16 | 瑞昱半导体股份有限公司 | Method for safely storing and loading firmware and electronic device |
CN113742784A (en) * | 2020-05-27 | 2021-12-03 | 瑞昱半导体股份有限公司 | System for applying method for accelerating verification of mapping file |
CN111783072A (en) * | 2020-07-15 | 2020-10-16 | 北京同源华安软件科技有限公司 | Security control method and device under Linux system |
CN111857756A (en) * | 2020-07-23 | 2020-10-30 | 上海世麦智能科技有限公司 | Safe flashing method and system based on hardware encryption |
CN112306547A (en) * | 2020-09-29 | 2021-02-02 | 北京软慧科技有限公司 | Method and device for identifying firmware encryption mode |
CN112131612A (en) * | 2020-09-30 | 2020-12-25 | 杭州安恒信息安全技术有限公司 | CF card data tamper-proofing method, device, equipment and medium |
CN112131612B (en) * | 2020-09-30 | 2024-03-08 | 杭州安恒信息安全技术有限公司 | CF card data tamper-proof method, device, equipment and medium |
CN112187544A (en) * | 2020-09-30 | 2021-01-05 | 深圳忆联信息系统有限公司 | Firmware upgrading method and device, computer equipment and storage medium |
CN112187544B (en) * | 2020-09-30 | 2023-08-08 | 深圳忆联信息系统有限公司 | Firmware upgrading method, device, computer equipment and storage medium |
CN112433742A (en) * | 2020-11-26 | 2021-03-02 | 中电金融设备系统(深圳)有限公司 | Secure firmware updating method, device, equipment and storage medium |
CN112560064A (en) * | 2020-12-23 | 2021-03-26 | Oppo广东移动通信有限公司 | File detection method and device, storage medium and user terminal |
CN112733092A (en) * | 2020-12-30 | 2021-04-30 | 五八有限公司 | Information processing method and device |
CN112733092B (en) * | 2020-12-30 | 2022-12-23 | 五八有限公司 | Information processing method and device |
CN113177222A (en) * | 2021-05-28 | 2021-07-27 | 沈阳美行科技有限公司 | Dynamic library processing method and device, electronic equipment and storage medium |
CN113239363A (en) * | 2021-06-01 | 2021-08-10 | 长江存储科技有限责任公司 | Firmware updating method, device, equipment, readable storage medium and memory system |
CN113688399A (en) * | 2021-08-25 | 2021-11-23 | 深圳忆联信息系统有限公司 | Firmware digital signature protection method and device, computer equipment and storage medium |
CN114201224A (en) * | 2021-12-13 | 2022-03-18 | 北京奕斯伟计算技术有限公司 | Processor starting method, heterogeneous processor system and processor starting device |
CN114201224B (en) * | 2021-12-13 | 2024-04-12 | 北京奕斯伟计算技术股份有限公司 | Processor starting method, heterogeneous processor system and processor starting device |
CN114266055B (en) * | 2022-03-02 | 2022-05-27 | 山东华翼微电子技术股份有限公司 | Multi-core firmware secure storage method and system |
CN114266055A (en) * | 2022-03-02 | 2022-04-01 | 山东华翼微电子技术股份有限公司 | Multi-core firmware secure storage method and system |
CN114817935A (en) * | 2022-05-26 | 2022-07-29 | 无锡华大国奇科技有限公司 | Chip safe starting method |
Also Published As
Publication number | Publication date |
---|---|
CN109583189B (en) | 2020-08-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109583189A (en) | Firmware method for secure loading, device, computer equipment and storage medium | |
CN100487715C (en) | Date safety storing system, device and method | |
JP5984625B2 (en) | Semiconductor device and encryption key writing method | |
CN100576792C (en) | The method that file encryption is shared | |
EP3522050A1 (en) | System and method for defining programmable processing steps applied when protecting the data | |
CN103345609B (en) | A kind of text encipher-decipher method and encryption and decryption equipment | |
TWI570590B (en) | Dynamic encryption keys for use with xts encryption systems employing reduced-round ciphers | |
CN108880806A (en) | Encryption and decryption method, chip and readable storage medium storing program for executing | |
US8769312B2 (en) | Tampering monitoring system, protection control module, and detection module | |
CN105450620A (en) | Information processing method and device | |
US7636441B2 (en) | Method for secure key exchange | |
CN105095097B (en) | The memory access of randomization | |
CN109815747A (en) | Offline auditing method, electronic device and readable storage medium storing program for executing based on block chain | |
CN110474767A (en) | Chip keys method for burn-recording and system under a kind of off-line state | |
CN105468940A (en) | Software protection method and apparatus | |
CN112989356A (en) | Blank security chip burning method and system, blank security chip and storage medium | |
CN110650191A (en) | Data read-write method of distributed storage system | |
CN103347017A (en) | Data processing method and system on chip | |
US10572635B2 (en) | Automatic correction of cryptographic application program interfaces | |
CN112822010B (en) | Removable storage medium management method based on quantum key and block chain | |
CN110532737A (en) | Jar packet encryption management method, device, computer equipment and storage medium | |
CN109598105A (en) | A kind of microcontroller is safely loaded with the method, apparatus, computer equipment and storage medium of firmware | |
CN110932853B (en) | Key management device and key management method based on trusted module | |
US9979541B2 (en) | Content management system, host device and content key access method | |
CN105939192A (en) | Data encryption method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |