CN111158728B - Firmware upgrading method, firmware starting method and device - Google Patents
Firmware upgrading method, firmware starting method and device Download PDFInfo
- Publication number
- CN111158728B CN111158728B CN201911420205.4A CN201911420205A CN111158728B CN 111158728 B CN111158728 B CN 111158728B CN 201911420205 A CN201911420205 A CN 201911420205A CN 111158728 B CN111158728 B CN 111158728B
- Authority
- CN
- China
- Prior art keywords
- hash value
- firmware
- kernel
- module
- rsa
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 66
- 238000004364 calculation method Methods 0.000 claims abstract description 23
- 238000004458 analytical method Methods 0.000 claims description 2
- 230000000977 initiatory effect Effects 0.000 claims description 2
- 238000004891 communication Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000013528 artificial neural network Methods 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000001537 neural effect Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The embodiment of the invention discloses a firmware upgrading method, a firmware starting method, a firmware generating method and a firmware generating device. The firmware upgrading method comprises the following steps: acquiring an upgrade file of firmware to be upgraded; analyzing the upgrade file to separate the kernel and the file system in the upgrade file; respectively acquiring a first RSA signature and a second RSA signature from the header of the kernel and the header of the file system; decrypting the first RSA signature and the second RSA signature by using the RSA public key to obtain a first hash value and a second hash value respectively; comparing the first hash value and the second hash value with a third hash value of a kernel and a fourth hash value of a file system which are obtained by calculation in advance respectively, and generating a first comparison result; and when the first comparison result is that the first hash value and the second hash value are respectively consistent with the third hash value and the fourth hash value, upgrading the firmware according to the upgrading file. The embodiment of the invention can prevent the tampered firmware from operating normally.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a firmware upgrade method, a firmware startup method, and a device.
Background
In order to solve the problem that the software and hardware of the electronic product are not suitable due to high updating speed of the electronic product and the problem that the security hole of the network equipment is frequently generated, the general solution method is as follows: and (5) performing system updating.
The following problems exist in the technical scheme:
the firmware of a device may be accessed and tampered with by unauthorized users, resulting in the device being used illegally.
Therefore, a new solution is needed to solve the above-mentioned problems.
Disclosure of Invention
The invention aims to provide a firmware upgrading method, a firmware starting method and a device, which can prevent tampered firmware from operating normally.
In order to solve the above problems, the technical solution of the embodiment of the present invention is as follows:
a firmware-initiated method, the firmware being generated based on: traversing the kernel module; calculating a sixth hash value of the kernel module; encrypting the sixth hash value by using an RSA private key to obtain a third RSA signature, wherein the third RSA signature is written into the tail of the kernel module; respectively calculating a first hash value and a second hash value of a kernel and a file system comprising the kernel module, wherein the third RSA signature is written in the kernel module; encrypting the first hash value and the second hash value by using an RSA private key respectively to obtain a first RSA signature and a second RSA signature, wherein the first RSA signature and the second RSA signature are written into the head of the kernel and the head of the file system respectively; generating the firmware according to the kernel written with the first RSA signature and the file system written with the second RSA signature; the firmware starting method comprises the following steps: acquiring a first RSA signature and a second RSA signature from a header of a kernel of firmware and a header of a file system of the firmware respectively; reading an RSA public key from a preset storage space of equipment corresponding to the firmware; decrypting the first RSA signature and the second RSA signature by using an RSA public key to obtain a first hash value and a second hash value respectively; calculating a third hash value of the kernel and a fourth hash value of the file system; comparing the first hash value and the second hash value with the calculated third hash value of the kernel and the fourth hash value of the file system respectively, and generating a second comparison result; when the second comparison result is that the first hash value is consistent with the third hash value and the second hash value is consistent with the fourth hash value, the firmware is guided to start; terminating the firmware boot when the second comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value; after the firmware is started, a third RSA signature is obtained from the tail of a kernel module of the firmware; decrypting the third RSA signature using the RSA public key to obtain a fifth hash value; comparing the fifth hash value with a sixth hash value of the kernel module obtained by pre-calculation, and generating a third comparison result; and loading the kernel module when the third comparison result is that the fifth hash value is consistent with the sixth hash value.
A firmware upgrade method for upgrading a firmware started by the above firmware start method, the firmware upgrade method comprising the steps of: acquiring an upgrade file of firmware to be upgraded; analyzing the upgrade file to separate a kernel and a file system in the upgrade file; acquiring a first RSA signature and a second RSA signature from the header of the kernel and the header of the file system respectively; reading an RSA public key from a preset storage space of equipment corresponding to the firmware; decrypting the first RSA signature and the second RSA signature by using an RSA public key to obtain a first hash value and a second hash value respectively; respectively calculating a third hash value of the kernel and a fourth hash value of the file system; comparing the first hash value and the second hash value with the calculated third hash value of the kernel and the fourth hash value of the file system respectively, and generating a first comparison result; when the first comparison result is that the first hash value and the second hash value are respectively consistent with the third hash value and the fourth hash value, upgrading the firmware according to the upgrading file; and when the first comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value, the firmware upgrading is terminated.
A firmware start-up device, the firmware being generated by a firmware generation device, the firmware generation device comprising: the traversal module is used for traversing the kernel module; a third calculation module, configured to calculate a sixth hash value of the kernel module; the encryption module is used for encrypting the sixth hash value by using an RSA private key to obtain a third RSA signature, wherein the third RSA signature is written into the tail part of the kernel module; the third calculation module is further used for calculating a first hash value and a second hash value of a kernel and a file system comprising the kernel module respectively, and the kernel module is written with the third RSA signature; the encryption module is further configured to encrypt the first hash value and the second hash value by using an RSA private key, so as to obtain a first RSA signature and a second RSA signature, where the first RSA signature and the second RSA signature are written into the header of the kernel and the header of the file system respectively; the firmware generation apparatus further includes: the firmware generation module is used for generating the firmware according to the kernel written with the first RSA signature and the file system written with the second RSA signature; wherein, the firmware initiation device includes: the second signature acquisition module is used for acquiring a first RSA signature and a second RSA signature from the head of the kernel of the firmware and the head of the file system of the firmware respectively; the second decryption module is used for reading an RSA public key from a preset storage space of equipment corresponding to the firmware and decrypting the first RSA signature and the second RSA signature by using the RSA public key so as to obtain a first hash value and a second hash value respectively; the second calculation module is used for calculating a third hash value of the kernel and a fourth hash value of the file system; the second comparison module is used for comparing the first hash value and the second hash value with the calculated third hash value of the kernel and the fourth hash value of the file system respectively and generating a second comparison result; a starting module, configured to guide firmware to start when the second comparison result is that the first hash value is consistent with the third hash value and the second hash value is consistent with the fourth hash value, and terminate the firmware to start when the second comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value; the second signature acquisition module is further used for acquiring a third RSA signature from the tail of the kernel module of the firmware after the firmware is started; the second decryption module is further configured to decrypt the third RSA signature using an RSA public key to obtain a fifth hash value; the second comparison module is further configured to compare the fifth hash value with a sixth hash value of the kernel module, which is obtained by calculation in advance, and generate a third comparison result; the firmware start-up device further includes: and the loading module is used for loading the kernel module when the third comparison result is that the fifth hash value is consistent with the sixth hash value.
A firmware upgrade apparatus that upgrades for firmware started by the above-described firmware start-up apparatus, comprising: the upgrade file acquisition module is used for acquiring an upgrade file of firmware to be upgraded; the analysis module is used for analyzing the upgrade file to separate a kernel and a file system in the upgrade file; a first signature acquisition module, configured to acquire a first RSA signature and a second RSA signature from a header of the kernel and a header of the file system, respectively; the first decryption module is used for reading an RSA public key from a preset storage space of equipment corresponding to the firmware and decrypting the first RSA signature and the second RSA signature by using the RSA public key so as to obtain a first hash value and a second hash value respectively; the first calculation module is used for calculating a third hash value of the kernel and a fourth hash value of the file system respectively; the first comparison module is used for comparing the first hash value and the second hash value with the calculated third hash value of the kernel and the fourth hash value of the file system respectively, and generating a first comparison result; the upgrade module is used for upgrading the firmware according to the upgrade file when the first comparison result is that the first hash value and the second hash value are respectively consistent with the third hash value and the fourth hash value, and terminating the upgrade of the firmware when the first comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value.
In the embodiment of the invention, because RSA signatures are added on the kernel, the kernel module and the file system, the RSA signatures are authenticated in the stages of upgrading, system starting and kernel module loading, and only if the authentication is passed, normal operation (upgrading, system starting and kernel module loading) can be realized, otherwise, execution is terminated. Therefore, the firmware damage during upgrading can be effectively solved, and the firmware is prevented from being tampered by an unauthorized user, namely, the tampered firmware is prevented from operating normally.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of a firmware upgrade method provided in an embodiment of the present invention.
Fig. 2 is a block diagram of a firmware upgrade apparatus provided in an embodiment of the present invention.
Fig. 3 is a flowchart of a firmware boot method according to an embodiment of the present invention.
Fig. 4 is a block diagram of a firmware boot device according to an embodiment of the present invention.
Fig. 5 is a flowchart of a firmware generation method according to an embodiment of the present invention.
Fig. 6 is a block diagram of a firmware generating apparatus provided by an embodiment of the present invention.
Description of the embodiments
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by a person skilled in the art without making any inventive effort, are intended to be within the scope of the present invention based on the embodiments of the present invention.
In embodiments of the present invention, the term "module" generally refers to: hardware, a combination of hardware and software, etc. For example, a module may be a process running on a processor, an object, an executable application, a thread of execution, a program, etc. Both an application running on a processor and the processor may be a module. One or more modules may be located in one computer and/or distributed between two or more computers.
In the embodiments of the present invention, "first", "second", etc. are merely for distinguishing different objects, and should not constitute any limitation to the embodiments of the present invention.
The embodiment of the invention provides a firmware upgrading method, a firmware starting method, a firmware generating method and a device. Specifically, the firmware upgrading method, the firmware starting method, the firmware generating method and the firmware generating device provided by the embodiment of the invention are suitable for (integrated in) a computing device, wherein the computing device can be a personal computer, a server, a mobile device (such as a mobile phone, a personal digital assistant (PDA, personal Digital Assistant), a tablet computer) and the like.
As shown in fig. 1, the firmware upgrade method includes:
step 101, obtaining an upgrade file of Firmware (Firmware) to be upgraded.
And 102, analyzing the upgrade file to separate a kernel and a file system in the upgrade file.
Step 103, acquiring a first RSA signature and a second RSA signature from the header of the kernel and the header of the file system respectively.
Step 104, reading the RSA public key from a preset storage space of the device corresponding to the firmware.
Step 105, decrypting the first RSA signature and the second RSA signature by using the RSA public key to obtain a first hash value and a second hash value respectively.
And 106, respectively calculating a third hash value of the kernel and a fourth hash value of the file system.
And 107, comparing the first hash value and the second hash value with the third hash value of the kernel and the fourth hash value of the file system, which are obtained by calculation in advance, respectively, and generating a first comparison result.
And step 108, upgrading the firmware according to the upgrade file when the first comparison result is that the first hash value and the second hash value are respectively consistent with (equal to) the third hash value and the fourth hash value.
Step 109, terminating the firmware upgrade when the first comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value.
After steps 101 to 109, the firmware according to the embodiment of the present invention is started by a firmware start method shown in fig. 3, specifically, as shown in fig. 3, the firmware start method includes:
step 301, acquiring a first RSA signature and a second RSA signature from a header of a kernel of the firmware and a header of a file system of the firmware, respectively.
Step 302, reading an RSA public key from a predetermined storage space of the device corresponding to the firmware.
Step 303, decrypting the first RSA signature and the second RSA signature by using the RSA public key to obtain a first hash value and a second hash value respectively.
Step 304, calculating the third hash value and the fourth hash value.
And 305, comparing the first hash value and the second hash value with the third hash value of the kernel and the fourth hash value of the file system, which are obtained by calculation in advance, respectively, and generating a second comparison result.
And 306, when the second comparison result is that the first hash value is consistent with the third hash value and the second hash value is consistent with the fourth hash value, guiding the firmware to start.
Step 307, terminating the firmware start when the second comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value.
Step 308, after the firmware is started, obtaining a third RSA signature from the tail of the kernel module of the firmware.
Step 309, reading the RSA public key from a predetermined storage space of the device corresponding to the firmware.
Step 310, decrypting the third RSA signature by using the RSA public key to obtain a fifth hash value.
Step 311, calculating a sixth hash value of the kernel module.
And step 312, comparing the fifth hash value with a sixth hash value of the kernel module obtained by pre-calculation, and generating a third comparison result.
Step 313, loading the kernel module when the third comparison result is that the fifth hash value is consistent with the sixth hash value.
And step 314, when the third comparison result is that the fifth hash value is inconsistent with the sixth hash value, loading of the kernel module is forbidden.
After steps 301 to 314, the firmware according to the embodiment of the present invention is upgraded by the firmware upgrade method shown in fig. 1.
The firmware according to the embodiment of the present invention is generated by a firmware generation method as shown in fig. 5, and includes an installation file or an upgrade file. Specifically, the firmware generation method includes:
step 501, traversing the kernel module.
Step 502, calculating a sixth hash value of the kernel module.
Step 503, encrypt the sixth hash value with an RSA private key to obtain a third RSA signature, where the third RSA signature is written into the tail of the kernel module.
Step 504, respectively calculating a first hash value and a second hash value of a kernel and a file system including the kernel module, where the kernel module writes the third RSA signature.
And 505, encrypting the first hash value and the second hash value by using an RSA private key to obtain a first RSA signature and a second RSA signature, wherein the first RSA signature and the second RSA signature are written into the header of the kernel and the header of the file system respectively.
Step 506, generating firmware according to the kernel written with the first RSA signature and the file system written with the second RSA signature.
In the embodiment of the invention, because RSA signatures are added on the kernel, the kernel module and the file system, the RSA signatures are authenticated in the stages of upgrading, system starting and kernel module loading, and only if the authentication is passed, normal operation (upgrading, system starting and kernel module loading) can be realized, otherwise, execution is terminated. Therefore, the firmware damage during upgrading can be effectively solved, and the firmware is prevented from being tampered by an unauthorized user, namely, the tampered firmware is prevented from operating normally.
In order to better implement the above method, correspondingly, the embodiment of the invention also provides a firmware upgrading device, a firmware starting device and a firmware generating device, which can be integrated (applicable) in the computing equipment.
As shown in fig. 2, the firmware upgrade apparatus includes an upgrade file acquisition module 201, a parsing module 202, a first signature acquisition module 203, a first decryption module 204, a first calculation module 205, a first comparison module 206, and an upgrade module 207.
The upgrade file obtaining module 201 is configured to obtain an upgrade file of firmware to be upgraded.
The parsing module 202 is configured to parse the upgrade file to separate a kernel and a file system in the upgrade file.
The first signature obtaining module 203 is configured to obtain a first RSA signature and a second RSA signature from a header of the kernel and a header of the file system, respectively.
The first decryption module 204 is configured to read an RSA public key from a predetermined storage space of a device corresponding to the firmware, and decrypt the first RSA signature and the second RSA signature by using the RSA public key to obtain a first hash value and a second hash value respectively.
The first calculation module 205 is configured to calculate a third hash value of the kernel and a fourth hash value of the file system respectively.
The first comparing module 206 is configured to compare the first hash value and the second hash value with a third hash value of the kernel and a fourth hash value of the file system, which are obtained by pre-calculation, respectively, and generate a first comparison result.
The upgrade module 207 is configured to upgrade the firmware according to the upgrade file when the first comparison result is that the first hash value and the second hash value are respectively consistent with the third hash value and the fourth hash value, and terminate the upgrade of the firmware when the first comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value.
After the firmware is upgraded by the firmware upgrading device, the firmware is started by the firmware starting device shown in fig. 5, and specifically, as shown in fig. 5, the firmware starting device includes a second signature acquisition module 401, a second decryption module 402, a second calculation module 403, a second comparison module 404, a starting module 405, and a loading module 406.
The second signature acquisition module 401 is configured to acquire a first RSA signature and a second RSA signature from a header of a kernel of the firmware and a header of a file system of the firmware, respectively.
The second decryption module 402 is configured to read an RSA public key from a predetermined storage space of a device corresponding to the firmware, and decrypt the first RSA signature and the second RSA signature by using the RSA public key to obtain a first hash value and a second hash value respectively.
The second calculating module 403 is configured to calculate the third hash value and the fourth hash value.
The second comparing module 404 is configured to compare the first hash value and the second hash value with a third hash value of the kernel and a fourth hash value of the file system, which are obtained by pre-calculation, respectively, and generate a second comparison result.
The boot module 405 is configured to direct the firmware to boot when the second comparison result is that the first hash value is consistent with the third hash value and the second hash value is consistent with the fourth hash value, and terminate the firmware to boot when the second comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value.
The second signature obtaining module 401 is further configured to obtain a third RSA signature from a tail portion of a kernel module of the firmware after the firmware is started.
The second decryption module 402 is further configured to read an RSA public key from a predetermined storage space of a device corresponding to the firmware, and decrypt the third RSA signature using the RSA public key to obtain a fifth hash value.
The second calculation module 403 is further configured to calculate a sixth hash value of the kernel module.
The second comparing module 404 is configured to compare the fifth hash value with a sixth hash value of the kernel module, and generate a third comparison result.
The loading module 406 is configured to load the kernel module when the third comparison result is that the fifth hash value is consistent with the sixth hash value, and prohibit the kernel module from being loaded when the third comparison result is that the fifth hash value is inconsistent with the sixth hash value.
After the firmware of the embodiment of the present invention is started by the firmware starting device, the firmware is upgraded by the firmware upgrading device shown in fig. 2.
The firmware according to the embodiment of the present invention is generated by a firmware generating device shown in fig. 6, and specifically, the firmware generating device includes a traversing module 601, a third computing module 602, an encrypting module 603, and a firmware generating module 604. The firmware includes an installation file or an upgrade file.
The traversing module 601 is configured to traverse the kernel module.
The third calculation module 602 is configured to calculate a sixth hash value of the kernel module.
The encryption module 603 is configured to encrypt the sixth hash value with an RSA private key to obtain a third RSA signature, where the third RSA signature is written to the tail of the kernel module.
The third computing module 602 is further configured to compute a first hash value and a second hash value of a kernel and a file system that include the kernel module, where the third RSA signature is written.
The encryption module 603 is further configured to encrypt the first hash value and the second hash value with an RSA private key, so as to obtain a first RSA signature and a second RSA signature, where the first RSA signature and the second RSA signature are written into the header of the kernel and the header of the file system, respectively.
The firmware generation module 604 is configured to generate firmware according to the kernel written with the first RSA signature and the file system written with the second RSA signature.
In the embodiment of the invention, because RSA signatures are added on the kernel, the kernel module and the file system, the RSA signatures are authenticated in the stages of upgrading, system starting and kernel module loading, and only if the authentication is passed, normal operation (upgrading, system starting and kernel module loading) can be realized, otherwise, execution is terminated. Therefore, the firmware damage during upgrading can be effectively solved, and the firmware is prevented from being tampered by an unauthorized user, namely, the tampered firmware is prevented from operating normally.
The firmware upgrading method, the firmware starting method, the firmware generating method and the device provided by the embodiment of the invention can be realized through hardware, and the hardware can comprise any combination of a processor, a memory, a display screen, a communication circuit and the like, wherein the memory, the display screen and the communication circuit are electrically connected with the processor. Any combination of the above processor, memory, display screen, communication circuit, etc. is used to implement the functions and steps of the firmware upgrading method, firmware starting method, firmware generating method and device provided by the embodiments of the present invention.
The processor may be, for example: CPU (Central Processing Unit ), GPU, NPU (Neural Processing Unit, neural network processing unit), other general purpose processor, digital signal processor (DSP, digital Signal Processor), application specific integrated circuit (ASIC, application Specific Integrated Circuit), field programmable gate array (FPGA, field-Programmable Gate Array) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc., a general purpose processor being a microprocessor or any conventional processor, etc.
The memory may include read only memory and random access memory for providing program code and data to the processor. The memory may also include non-volatile random access memory. The memory may be volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The nonvolatile Memory may be a Read-Only Memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an Electrically Erasable EPROM (EEPROM), or a flash Memory. The volatile memory may be random access memory (Random Access Memory, RAM) which acts as an external cache.
The firmware upgrading method, the firmware starting method, the firmware generating method and the device provided by the embodiment of the invention can also be realized by software, and at this time, the firmware upgrading method, the firmware starting method, the firmware generating method and the device and all the modules thereof can also be software modules. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product (the carrier of which may be, for example, a computer-readable storage medium of an embodiment of the invention).
The firmware upgrading method, the firmware starting method and the firmware generating method and the device provided by the embodiment of the invention can also be realized by the combination of software and hardware.
The firmware upgrading device, the firmware starting device and the firmware generating device provided by the embodiment of the invention can correspond to the method for executing the embodiment of the invention, and the above and other operations and/or functions of each module in the firmware upgrading device, the firmware starting device and the firmware generating device are used for realizing the corresponding flow of the firmware upgrading method, the firmware starting method and the firmware generating method provided by the embodiment of the invention.
The computing device provided by the embodiment of the invention comprises a processor and a memory, wherein the processor and the memory are communicated through a bus. The memory is used for storing program codes, and when the computing device runs, the processor executes the program codes to execute the firmware upgrading method, the firmware starting method and the firmware generating method provided by the embodiment of the invention.
The computer readable storage medium of the embodiment of the present invention stores program codes for causing a computer to execute the firmware upgrade method, the firmware start method, and the firmware generation method provided by the embodiment of the present invention.
The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains one or more sets of available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium. The semiconductor medium may be a solid state disk (Solid State Drive, SSD).
The instructions of the program code may be stored in or transmitted from one computer readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital subscriber line (DSL, digital Subscriber Line)) or wireless (e.g., infrared, wireless, microwave, etc.) means from one website, computer, server, or data center.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. The skilled person may use different methods for each specific application to achieve the described functionality.
In summary, although the present invention has been described in terms of the preferred embodiments, the preferred embodiments are not limited to the above embodiments, and various modifications and changes can be made by one skilled in the art without departing from the spirit and scope of the invention, and the scope of the invention is defined by the appended claims.
Claims (4)
1. A firmware-initiated method, wherein the firmware is generated based on the steps of:
traversing the kernel module;
calculating a sixth hash value of the kernel module;
encrypting the sixth hash value by using an RSA private key to obtain a third RSA signature, wherein the third RSA signature is written into the tail of the kernel module;
respectively calculating a first hash value and a second hash value of a kernel and a file system comprising the kernel module, wherein the third RSA signature is written in the kernel module;
encrypting the first hash value and the second hash value by using an RSA private key respectively to obtain a first RSA signature and a second RSA signature, wherein the first RSA signature and the second RSA signature are written into the head of the kernel and the head of the file system respectively;
generating the firmware according to the kernel written with the first RSA signature and the file system written with the second RSA signature;
the firmware starting method comprises the following steps:
acquiring a first RSA signature and a second RSA signature from a header of a kernel of firmware and a header of a file system of the firmware respectively;
reading an RSA public key from a preset storage space of equipment corresponding to the firmware;
decrypting the first RSA signature and the second RSA signature by using an RSA public key to obtain a first hash value and a second hash value respectively;
calculating a third hash value of the kernel and a fourth hash value of the file system;
comparing the first hash value and the second hash value with the calculated third hash value of the kernel and the fourth hash value of the file system respectively, and generating a second comparison result;
when the second comparison result is that the first hash value is consistent with the third hash value and the second hash value is consistent with the fourth hash value, the firmware is guided to start;
terminating the firmware boot when the second comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value;
after the firmware is started, a third RSA signature is obtained from the tail of a kernel module of the firmware;
decrypting the third RSA signature using the RSA public key to obtain a fifth hash value;
comparing the fifth hash value with a sixth hash value of the kernel module obtained by pre-calculation, and generating a third comparison result;
and loading the kernel module when the third comparison result is that the fifth hash value is consistent with the sixth hash value.
2. A firmware upgrade method for upgrading a firmware started by the firmware start method according to claim 1, the firmware upgrade method comprising the steps of:
acquiring an upgrade file of firmware to be upgraded;
analyzing the upgrade file to separate a kernel and a file system in the upgrade file;
acquiring a first RSA signature and a second RSA signature from the header of the kernel and the header of the file system respectively;
reading an RSA public key from a preset storage space of equipment corresponding to the firmware;
decrypting the first RSA signature and the second RSA signature by using an RSA public key to obtain a first hash value and a second hash value respectively;
respectively calculating a third hash value of the kernel and a fourth hash value of the file system;
comparing the first hash value and the second hash value with the calculated third hash value of the kernel and the fourth hash value of the file system respectively, and generating a first comparison result;
when the first comparison result is that the first hash value and the second hash value are respectively consistent with the third hash value and the fourth hash value, upgrading the firmware according to the upgrading file;
and when the first comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value, the firmware upgrading is terminated.
3. A firmware start-up device, wherein the firmware is generated by firmware generation means, the firmware generation means comprising:
the traversal module is used for traversing the kernel module;
a third calculation module, configured to calculate a sixth hash value of the kernel module;
the encryption module is used for encrypting the sixth hash value by using an RSA private key to obtain a third RSA signature, wherein the third RSA signature is written into the tail part of the kernel module;
the third calculation module is further used for calculating a first hash value and a second hash value of a kernel and a file system comprising the kernel module respectively, and the kernel module is written with the third RSA signature;
the encryption module is further configured to encrypt the first hash value and the second hash value by using an RSA private key, so as to obtain a first RSA signature and a second RSA signature, where the first RSA signature and the second RSA signature are written into the header of the kernel and the header of the file system respectively;
the firmware generation apparatus further includes:
the firmware generation module is used for generating the firmware according to the kernel written with the first RSA signature and the file system written with the second RSA signature;
wherein, the firmware initiation device includes:
the second signature acquisition module is used for acquiring a first RSA signature and a second RSA signature from the head of the kernel of the firmware and the head of the file system of the firmware respectively;
the second decryption module is used for reading an RSA public key from a preset storage space of equipment corresponding to the firmware and decrypting the first RSA signature and the second RSA signature by using the RSA public key so as to obtain a first hash value and a second hash value respectively;
the second calculation module is used for calculating a third hash value of the kernel and a fourth hash value of the file system;
the second comparison module is used for comparing the first hash value and the second hash value with the calculated third hash value of the kernel and the fourth hash value of the file system respectively and generating a second comparison result;
a starting module, configured to guide firmware to start when the second comparison result is that the first hash value is consistent with the third hash value and the second hash value is consistent with the fourth hash value, and terminate the firmware to start when the second comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value;
the second signature acquisition module is further used for acquiring a third RSA signature from the tail of the kernel module of the firmware after the firmware is started;
the second decryption module is further configured to decrypt the third RSA signature using an RSA public key to obtain a fifth hash value;
the second comparison module is further configured to compare the fifth hash value with a sixth hash value of the kernel module, which is obtained by calculation in advance, and generate a third comparison result;
the firmware start-up device further includes:
and the loading module is used for loading the kernel module when the third comparison result is that the fifth hash value is consistent with the sixth hash value.
4. A firmware upgrade apparatus for upgrading a firmware started by the firmware start apparatus according to claim 3, the firmware upgrade apparatus comprising:
the upgrade file acquisition module is used for acquiring an upgrade file of firmware to be upgraded;
the analysis module is used for analyzing the upgrade file to separate a kernel and a file system in the upgrade file;
a first signature acquisition module, configured to acquire a first RSA signature and a second RSA signature from a header of the kernel and a header of the file system, respectively;
the first decryption module is used for reading an RSA public key from a preset storage space of equipment corresponding to the firmware and decrypting the first RSA signature and the second RSA signature by using the RSA public key so as to obtain a first hash value and a second hash value respectively;
the first calculation module is used for calculating a third hash value of the kernel and a fourth hash value of the file system respectively;
the first comparison module is used for comparing the first hash value and the second hash value with the calculated third hash value of the kernel and the fourth hash value of the file system respectively, and generating a first comparison result;
the upgrade module is used for upgrading the firmware according to the upgrade file when the first comparison result is that the first hash value and the second hash value are respectively consistent with the third hash value and the fourth hash value, and terminating the upgrade of the firmware when the first comparison result is that the first hash value is inconsistent with the third hash value or the second hash value is inconsistent with the fourth hash value.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911420205.4A CN111158728B (en) | 2019-12-31 | 2019-12-31 | Firmware upgrading method, firmware starting method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911420205.4A CN111158728B (en) | 2019-12-31 | 2019-12-31 | Firmware upgrading method, firmware starting method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111158728A CN111158728A (en) | 2020-05-15 |
CN111158728B true CN111158728B (en) | 2024-02-02 |
Family
ID=70560441
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911420205.4A Active CN111158728B (en) | 2019-12-31 | 2019-12-31 | Firmware upgrading method, firmware starting method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111158728B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116932011B (en) * | 2023-09-14 | 2024-02-06 | 合肥大唐存储科技有限公司 | SSD firmware segment encryption and burning method |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
US8161012B1 (en) * | 2010-02-05 | 2012-04-17 | Juniper Networks, Inc. | File integrity verification using a verified, image-based file system |
CN104503803A (en) * | 2014-12-26 | 2015-04-08 | 上海斐讯数据通信技术有限公司 | Linux kernel and file system upgrading method |
CN105094927A (en) * | 2015-08-28 | 2015-11-25 | 东方网力科技股份有限公司 | Equipment firmware updating method and device |
CN105989306A (en) * | 2015-02-13 | 2016-10-05 | 中兴通讯股份有限公司 | File signature method and device of operating system and file verification method and device of operating system |
CN108762788A (en) * | 2018-05-31 | 2018-11-06 | 四川斐讯信息技术有限公司 | A kind of embedded device firmware encrypting method and system based on server |
-
2019
- 2019-12-31 CN CN201911420205.4A patent/CN111158728B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
US8161012B1 (en) * | 2010-02-05 | 2012-04-17 | Juniper Networks, Inc. | File integrity verification using a verified, image-based file system |
CN104503803A (en) * | 2014-12-26 | 2015-04-08 | 上海斐讯数据通信技术有限公司 | Linux kernel and file system upgrading method |
CN105989306A (en) * | 2015-02-13 | 2016-10-05 | 中兴通讯股份有限公司 | File signature method and device of operating system and file verification method and device of operating system |
CN105094927A (en) * | 2015-08-28 | 2015-11-25 | 东方网力科技股份有限公司 | Equipment firmware updating method and device |
CN108762788A (en) * | 2018-05-31 | 2018-11-06 | 四川斐讯信息技术有限公司 | A kind of embedded device firmware encrypting method and system based on server |
Also Published As
Publication number | Publication date |
---|---|
CN111158728A (en) | 2020-05-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10931451B2 (en) | Securely recovering a computing device | |
US11921860B2 (en) | Rollback resistant security | |
US8291480B2 (en) | Trusting an unverified code image in a computing device | |
US20190278583A1 (en) | Method for updating firmware, terminal and computer readable non-volatile storage medium | |
US8254568B2 (en) | Secure booting a computing device | |
US20070260866A1 (en) | Selectively unlocking a core root of trust for measurement (CRTM) | |
EP2727040B1 (en) | A secure hosted execution architecture | |
US20190318078A1 (en) | Application security authentication method, terminal and storage medium | |
CN115248919A (en) | Method and device for calling function interface, electronic equipment and storage medium | |
CN111158728B (en) | Firmware upgrading method, firmware starting method and device | |
US20170286665A1 (en) | Devices and methods for facilitating software signing by more than one signing authority | |
CN117272317B (en) | System safety starting method, electronic equipment and storage medium | |
JP7439067B2 (en) | File system verification and installation | |
CN111191196A (en) | Embedded program running method and device, computer equipment and storage medium | |
CN110688663A (en) | Execution command protection method and device, android device and storage medium | |
CN116089967B (en) | Data rollback prevention method and electronic equipment | |
US11374761B2 (en) | Selective device connection | |
CN111373404B (en) | Cipher key security | |
CN117311753A (en) | POS machine remote upgrade management system | |
CN117556418A (en) | Method for determining kernel state and related equipment | |
CN115048640A (en) | Anti-rollback method and device for terminal, computer readable storage medium and computing equipment | |
CN113420340A (en) | Information recording device, computer equipment and information recording method | |
CN115913766A (en) | Server encryption method, server decryption device and server | |
CN115033854A (en) | Data processing method and device, electronic equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |