CN111327429B

CN111327429B - Terminal starting processing method and device

Info

Publication number: CN111327429B
Application number: CN202010117233.5A
Authority: CN
Inventors: 陈达; 陈加栋; 陈思
Original assignee: Hangzhou Hikvision Digital Technology Co Ltd
Current assignee: Hangzhou Hikvision Digital Technology Co Ltd
Priority date: 2020-02-25
Filing date: 2020-02-25
Publication date: 2022-07-22
Anticipated expiration: 2040-02-25
Also published as: CN111327429A

Abstract

Compared with the prior art, the target data and the digital signature are always preset in the terminal in a ciphertext mode, the terminal starts the terminal by adopting the decryption algorithm only when the target data is started to operate, the decryption algorithm is adopted to decrypt the ciphertext target data and the ciphertext digital signature so as to obtain the target data and the digital signature, then the public key corresponding to the private key is adopted to verify the digital signature, the target data is operated after the verification is passed, and the terminal is controlled to start the terminal. The risk that target data and digital signatures are stolen is effectively reduced, and therefore the data security is improved.

Description

Terminal starting processing method and device

Technical Field

The present application relates to the field of network security technologies, and in particular, to a method and an apparatus for processing terminal startup.

Background

With the continuous improvement of terminal technology, taking an embedded terminal as an example, the embedded terminal provides convenience for people's daily life, and becomes an indispensable part of people's daily life, and meanwhile, the security of the embedded terminal also becomes more important.

At present, more mature and effective schemes are available for performing security verification on the operation stage of the embedded terminal, but the schemes for performing security verification on the start-up stage of the embedded terminal are less. In order to perform security verification at the start-up stage of the embedded terminal, in the prior art, a private key is used to perform digital signature on data (such as a bootstrap program, a kernel/operating system, an application, and the like) of a key module of the embedded terminal, and the data and the digital signature of the key module are preset in the embedded terminal, so that when the embedded terminal performs security verification at the start-up stage, only a public key corresponding to the private key is used to verify the digital signature, and whether to run the data of the key module is determined according to a verification result, thereby determining whether to control the start-up of the embedded terminal.

However, since the data of the key module is always preset in the embedded terminal in the form of a plaintext, the data of the key module may be stolen, and thus the security of the data of the key module is not high.

Disclosure of Invention

The embodiment of the application provides a terminal starting processing method and device, and data security is improved in the terminal starting process.

In a first aspect, an embodiment of the present application provides a terminal start processing method, where the terminal start processing method may include:

after the terminal is powered on and reset, decrypting ciphertext target data and a ciphertext digital signature in the terminal by adopting a decryption algorithm to obtain target data before encryption and a digital signature before encryption; the digital signature is obtained by performing digital signature on the target data by adopting a private key.

And verifying the digital signature by adopting a public key corresponding to the private key, operating the target data after the verification is passed, and controlling the terminal to start.

In a possible implementation manner, the verifying the digital signature by using the public key corresponding to the private key includes:

and decrypting the ciphertext signature certificate in the terminal by using the decryption algorithm to obtain the signature certificate before encryption.

And extracting a public key from the signature certificate, and verifying the digital signature by using the public key.

In a possible implementation manner, the presetting of a root certificate issued by a certificate authority CA in the terminal, the extracting of a public key from the signature certificate, and the verifying of the digital signature by using the public key include:

and verifying the signature certificate by adopting the root certificate, and extracting a public key in the signature certificate after the signature certificate passes verification.

And verifying the digital signature by adopting the public key in the signature certificate.

In a possible implementation manner, the terminal is preset with a check code of the decryption algorithm and a check code of the root certificate, and before performing decryption processing on ciphertext target data and a ciphertext digital signature in the terminal by using the decryption algorithm, the method further includes:

and reading the check code of the root certificate, and verifying the integrity of the root certificate according to the check code of the root certificate, wherein the root certificate passing the verification is used for verifying the signature certificate.

And reading the check code of the decryption algorithm, and verifying the integrity of the decryption algorithm according to the check code of the decryption algorithm, wherein the decryption algorithm passing the verification is used for decrypting the ciphertext target data and the ciphertext digital signature.

In a possible implementation manner, the check code of the root certificate and the check code of the decryption algorithm are stored in a trusted storage area of the terminal.

In one possible implementation, the target data includes a boot program, kernel/operating system data, and application data, and the boot program, the kernel/operating system data, and the application data correspond to respective digital signatures; before the decryption algorithm is adopted to decrypt the ciphertext target data and the ciphertext digital signature in the terminal, the method further comprises the following steps:

and respectively carrying out segmented digital signature on the bootstrap program, the kernel/operating system data and the application data by adopting private keys corresponding to public keys in different signature certificates to obtain digital signatures corresponding to the bootstrap program, the kernel/operating system data and the application data.

In a possible implementation manner, the target data includes a bootstrap, the decryption algorithm includes a first decryption algorithm, and the decrypting the ciphertext target data and the ciphertext digital signature in the terminal by using the decryption algorithm to obtain the target data before encryption and the digital signature before encryption, includes:

and encrypting the bootstrap program, the first digital signature of the bootstrap program and the first signature certificate of the bootstrap program by adopting a first encryption algorithm corresponding to the first decryption algorithm to obtain a ciphertext bootstrap program, a first ciphertext digital signature and a first ciphertext signature certificate.

And decrypting the ciphertext bootstrap program, the first ciphertext digital signature of the ciphertext bootstrap program and the first ciphertext signature certificate of the ciphertext bootstrap program by using the first decryption algorithm to obtain the bootstrap program, the first digital signature and the first signature certificate.

In a possible implementation manner, the target data includes kernel/operating system data, the decryption algorithm includes a second decryption algorithm, and the decrypting the ciphertext target data and the ciphertext digital signature in the terminal by using the decryption algorithm to obtain the target data before encryption and the digital signature before encryption, includes:

and encrypting the kernel/operating system data, the second digital signature of the kernel/operating system data and the second signature certificate of the kernel/operating system data by adopting a second encryption algorithm corresponding to the second decryption algorithm to obtain ciphertext kernel/operating system data, a second ciphertext digital signature and a second ciphertext signature certificate.

And decrypting the ciphertext kernel/operating system data, the second ciphertext digital signature of the ciphertext kernel/operating system data and the second ciphertext signature certificate of the ciphertext kernel/operating system data by adopting the second decryption algorithm to obtain the kernel/operating system data, the second digital signature and the second signature certificate.

In a possible implementation manner, the target data includes application data, the decryption algorithm includes a third decryption algorithm, and the decrypting process is performed on the ciphertext target data and the ciphertext digital signature in the terminal by using the decryption algorithm to obtain the target data before encryption and the digital signature before encryption, and includes:

and encrypting the application data, the third digital signature of the application data and the third signature certificate of the application data by adopting a third encryption algorithm corresponding to the third decryption algorithm to obtain ciphertext application data, a third ciphertext digital signature and a third ciphertext signature certificate.

And decrypting the application data, the third ciphertext digital signature of the ciphertext application data and the third ciphertext signature certificate of the application data by adopting the third decryption algorithm to obtain the application data, the third digital signature and the third signature certificate.

In a second aspect, an embodiment of the present application further provides a terminal-initiated processing apparatus, where the terminal-initiated processing apparatus may include:

the processing unit is used for decrypting ciphertext target data and the ciphertext digital signature in the terminal by adopting a decryption algorithm after the terminal is powered on and reset to obtain target data before encryption and a digital signature before encryption; the digital signature is obtained by performing digital signature on the target data by adopting a private key.

And the verification unit is used for verifying the digital signature by adopting the public key corresponding to the private key.

And the control unit is used for operating the target data after the verification is passed and controlling the terminal to start.

In a possible implementation manner, the processing unit is further configured to perform decryption processing on the ciphertext signature certificate in the terminal by using the decryption algorithm, so as to obtain the signature certificate before encryption.

The verification unit is specifically configured to extract a public key from the signature certificate, and verify the digital signature by using the public key.

In a possible implementation manner, a root certificate issued by a certificate authority CA is preset in the terminal, and the verification unit is specifically configured to verify the signature certificate by using the root certificate, and extract a public key in the signature certificate after the signature certificate passes verification; and verifying the digital signature by adopting the public key in the signature certificate.

In a possible implementation manner, a check code of the decryption algorithm and a check code of the root certificate are preset in the terminal;

the verification unit is further configured to read a check code of the root certificate and verify the integrity of the root certificate according to the check code of the root certificate, where the root certificate that passes verification is used to verify the signature certificate; and reading the check code of the decryption algorithm, and verifying the integrity of the decryption algorithm according to the check code of the decryption algorithm, wherein the decryption algorithm passing the verification is used for decrypting the ciphertext target data and the ciphertext digital signature.

In one possible implementation, the target data includes a boot program, kernel/operating system data, and application data, and the boot program, the kernel/operating system data, and the application data correspond to respective digital signatures; the processing unit is further configured to perform a digital signature on the bootstrap program, the kernel/operating system data, and the application data in a segmented manner by using private keys corresponding to public keys in different signature certificates, so as to obtain digital signatures corresponding to the bootstrap program, the kernel/operating system data, and the application data, respectively.

In a possible implementation manner, the target data includes a bootstrap program, the decryption algorithm includes a first decryption algorithm, and the processing unit is specifically configured to encrypt the bootstrap program, a first digital signature of the bootstrap program, and a first signature certificate of the bootstrap program by using a first encryption algorithm corresponding to the first decryption algorithm, so as to obtain a ciphertext bootstrap program, a first ciphertext digital signature, and a first ciphertext signature certificate; and decrypting the ciphertext bootstrap program, the first ciphertext digital signature of the ciphertext bootstrap program and the first ciphertext signature certificate of the ciphertext bootstrap program by using the first decryption algorithm to obtain the bootstrap program, the first digital signature and the first signature certificate.

In a possible implementation manner, the target data includes kernel/operating system data, the decryption algorithm includes a second decryption algorithm, and the processing unit is specifically configured to perform encryption processing on the kernel/operating system data, a second digital signature of the kernel/operating system data, and a second signature certificate of the kernel/operating system data by using a second encryption algorithm corresponding to the second decryption algorithm, so as to obtain ciphertext kernel/operating system data, a second ciphertext digital signature, and a second ciphertext signature certificate; and decrypting the ciphertext kernel/operating system data, the second ciphertext digital signature of the ciphertext kernel/operating system data and the second ciphertext signature certificate of the ciphertext kernel/operating system data by using the second decryption algorithm to obtain the kernel/operating system data, the second digital signature and the second signature certificate.

In a possible implementation manner, the target data includes application data, the decryption algorithm includes a third decryption algorithm, and the processing unit is specifically configured to encrypt the application data, a third digital signature of the application data, and a third signature certificate of the application data by using a third encryption algorithm corresponding to the third decryption algorithm, so as to obtain ciphertext application data, a third ciphertext digital signature, and a third ciphertext signature certificate; and decrypting the application data, the third ciphertext digital signature of the ciphertext application data and the third ciphertext signature certificate of the application data by using the third decryption algorithm to obtain the application data, the third digital signature and the third signature certificate.

In a third aspect, an embodiment of the present application further provides a terminal, where the terminal may include a memory and a processor;

a memory for storing a computer program;

and a processor, configured to read the computer program stored in the memory, and execute the terminal-initiated processing method in any one of the possible implementation manners of the first aspect according to the computer program in the memory.

In a fourth aspect, an embodiment of the present application further provides a computer-readable storage medium, where the computer-readable storage medium stores computer-executable instructions, and when a processor executes the computer-executable instructions, the method for processing terminal boot described in any one of the foregoing possible implementation manners of the first aspect is implemented.

Compared with the prior art, the target data and the digital signature are always preset in the terminal in a ciphertext mode, the target data and the digital signature are decrypted by adopting the decryption algorithm only when the target data is started to operate, so that the target data and the digital signature are obtained, and the target data and the digital signature are decrypted by adopting the decryption algorithm only when the target data is started to operate, the risk that target data and digital signatures are stolen is effectively reduced, and therefore the data security is improved.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and, together with the description, serve to explain the principles of the disclosure.

Fig. 1 is a schematic diagram of a possible application scenario provided in an embodiment of the present application;

fig. 2 is a schematic flowchart of a processing method for terminal booting according to an embodiment of the present application;

fig. 3 is a schematic flowchart of another terminal start processing method according to an embodiment of the present application;

fig. 4 is a schematic structural diagram of a terminal-initiated processing apparatus according to an embodiment of the present disclosure;

fig. 5 is a schematic structural diagram of a terminal according to an embodiment of the present application.

Specific embodiments of the present disclosure have been shown by way of example in the drawings and will be described in more detail below. These drawings and written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the concepts of the disclosure to those skilled in the art by reference to specific embodiments.

Detailed Description

Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below do not represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.

In the embodiments of the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" describes the association relationship of the associated object, indicating that there may be three relationships, for example, a and/or B, which may indicate: a exists alone, A and B exist simultaneously, and B exists alone, wherein A and B can be singular or plural. In the description of the text of the present application, the character "/" generally indicates that the former and latter associated objects are in an "or" relationship.

In order to solve the problems existing in the prior art: the method comprises the steps that before the terminal is started, target data and a digital signature are preset in the terminal in a ciphertext mode, after the terminal is powered on and reset, a decryption algorithm is firstly adopted to decrypt ciphertext target data and the ciphertext digital signature in the terminal to obtain target data and the digital signature before the ciphertext target data and the ciphertext digital signature are encrypted, then a public key corresponding to a private key is adopted to verify the digital signature, and the target data is operated after the verification is passed to control the terminal to be started, compared with the prior art, the target data and the digital signature are always preset in the terminal in the ciphertext mode, only when the target data is started to operate, the decryption algorithm is adopted to decrypt the ciphertext target data and the ciphertext digital signature so as to obtain the target data and the digital signature, so that the time of the target data and the digital signature existing in a plaintext form can be reduced, the risk of stealing the target data and the digital signature is effectively reduced, and the safety of the data is improved.

For example, the target data is data that can control the terminal to start, and may include a boot program, kernel/operating system data, and application data, and certainly, may also include other critical data. It should be noted that, when the target data includes the boot program, the kernel/operating system data, and the application data, the boot program, the kernel/operating system data, and the application data correspond to respective digital signatures, and the following description will take the example that the target data includes the boot program, the kernel/operating system data, and the application data as an example.

It can be understood that, in the above description, before the target data and the digital signature are preset in the terminal in the form of the ciphertext, the target data and the digital signature need to be encrypted first to obtain the ciphertext target data and the ciphertext digital signature in the form of the ciphertext. In a possible scenario mode, the terminal may include a dedicated server and a terminal, for example, please refer to fig. 1, where fig. 1 is a schematic diagram of a possible application scenario provided in an embodiment of the present application, the dedicated server may first use a private key to perform a segmented digital signature on target data of the terminal, such as key data of a boot program, kernel/operating system data, application data, and the like, to obtain a digital signature corresponding to the target data, then use an encryption algorithm corresponding to a decryption algorithm to encrypt the target data and the digital signature, and store the target data and the digital signature in the terminal in a form of a ciphertext.

In another possible scenario, the terminal may only include the terminal itself without including a dedicated server, after the terminal acquires the target data, the terminal performs a segmented digital signature on the target data of the terminal by using a private key, for example, key data such as a boot program, kernel/operating system data, application data, and the like, to obtain a digital signature corresponding to the target data, then encrypts the target data and the digital signature by using an encryption algorithm corresponding to a decryption algorithm, and stores the target data and the digital signature in the terminal in a ciphertext form. In the following description, an example will be described in which a terminal uses a private key to perform a segmented digital signature on target data of the terminal, and uses an encryption algorithm corresponding to a decryption algorithm to encrypt the target data and the digital signature, but this embodiment of the present application is only described in this way, and is not limited to this embodiment of the present application.

For example, the decryption algorithm and the encryption algorithm corresponding to the decryption algorithm may be a white-box algorithm, or may also be an AES symmetric algorithm, or of course, may also be other decryption algorithms or encryption algorithms corresponding thereto. It should be noted that, in the embodiment of the present application, since both the algorithm and the key in the white-box algorithm are hidden in the execution process, and the security is high, in the following description, an example will be described in which the decryption algorithm and the encryption algorithm corresponding to the decryption algorithm are the white-box algorithm, but the embodiment of the present application is not limited thereto.

Before describing the technical solutions provided in the embodiments of the present application in detail, a brief introduction will be made to several concepts involved in the embodiments of the present application. The White-Box Attack environment (White-Box Attack Context) is characterized in that the execution process of the software is completely visible to an attacker, and if the cipher software running in the White-Box Attack environment does not specially protect the key, the attacker can easily obtain the key information by observing or executing the cipher software. The white-box algorithm is proposed for the situation, and aims to protect the key in the white-box attack environment, hide the key information in the operation execution process and prevent an attacker from extracting the key in the white-box attack environment.

The signature certificate can indicate and verify the identity information of the network user, is issued by a certificate certification center CA which is authoritative and just trusted, plays a key role in a PKI public key infrastructure, and can carry out digital signature certification processing on various information transmitted on the Internet to ensure the integrity of the information.

Having described several concepts related to the present application, the following detailed description will be provided for the technical solutions provided in the embodiments of the present application through specific embodiments. It is to be understood that the following detailed description may be combined with the accompanying drawings, and that the same or similar concepts or processes may not be described in detail in connection with certain embodiments.

Fig. 2 is a flowchart illustrating a terminal-initiated processing method according to an embodiment of the present disclosure, where the terminal-initiated processing method may be executed by software and/or a hardware device, for example, the hardware device may be a terminal-initiated processing device, and the terminal-initiated processing device may be disposed in a terminal. For example, referring to fig. 2, the terminal-initiated processing method may include:

s201, after the terminal is powered on and reset, the ciphertext target data and the ciphertext digital signature in the terminal are decrypted by adopting a white box algorithm to obtain the ciphertext target data and the digital signature before the ciphertext digital signature is encrypted.

The digital signature is obtained by performing digital signature on the target data by adopting a private key. Illustratively, the target data includes a boot program, kernel/operating system data, and application data, and the boot program, kernel/operating system data, and application data correspond to respective digital signatures. For example, when the terminal is an embedded terminal, the corresponding bootstrap program is a U-Boot; when the terminal is a computer, the corresponding boot program is a Basic Input Output System (BIOS).

For example, before the white-box algorithm is used for decrypting the ciphertext target data and the ciphertext digital signature in the terminal, the integrity of the white-box algorithm needs to be ensured, so that the check code of the white-box algorithm in the terminal can be read first, the integrity of the white-box algorithm can be verified according to the check code of the white-box algorithm to ensure that the white-box algorithm is the complete white-box algorithm, and then the verified white-box algorithm is used for decrypting the ciphertext target data and the ciphertext digital signature in the terminal. Illustratively, the check code of the white-box algorithm is stored in a trusted memory area of the terminal. The trusted memory area can be understood as a trusted secure memory area, which can prevent physical or logical attacks to steal and tamper the content therein. The Trusted storage area may be, for example, a Trusted Platform Module (TPM), or a One Time Programmable (OTP), or may be other Trusted storage areas. The TPM is an encryption coprocessor, can be used for most commercial computers and servers, is a security root of trusted computing, and can provide functions of cryptographic algorithm, authority control storage, trusted measurement and the like. The OTP is a memory type of the singlechip, and after a program is burnt into the singlechip, the program cannot be changed and cleared again. For example, the check code of the white-box algorithm may be a hash value of the white-box algorithm, or may be a metric value of the white-box algorithm, or of course, may be other check codes as long as the check of the white-box algorithm can be implemented.

It should be noted that, in the embodiment of the present application, for convenience of subsequent description, the first type of data, the second type of data, and the third type of data may be used to describe the boot program and a first digital signature of the boot program, the kernel/operating system data and a second digital signature of the kernel/operating system data, and the application data and a third digital signature of the application data, respectively. The first type of data comprises a bootstrap program and a first digital signature, the second type of data comprises kernel/operating system data and a second digital signature, and the third type of data comprises application data and a third digital signature.

Further, after the first type of data is encrypted, first type of ciphertext data is obtained, wherein the first type of ciphertext data comprises a ciphertext bootstrap program obtained after the bootstrap program is encrypted and a first ciphertext digital signature obtained after the first digital signature is encrypted; after the second type of data is encrypted, second type of ciphertext data is obtained, wherein the second type of ciphertext data comprises ciphertext kernel/operating system data encrypted by kernel/operating system data and a second ciphertext digital signature encrypted by a second digital signature; and after the third type of data is encrypted, third type of ciphertext data is obtained, wherein the third type of ciphertext data comprises ciphertext application data encrypted by the application data and a third ciphertext digital signature encrypted by a third digital signature.

It can be understood that before the white-box algorithm is used to decrypt the ciphertext target data and the ciphertext digital signature in the terminal, the ciphertext target data and the ciphertext digital signature are necessarily encrypted, and in combination with the encryption step, the white-box algorithm may be used to decrypt the ciphertext target data and the ciphertext digital signature in the terminal in three possible implementation manners, which will be described in detail below.

In a possible implementation manner, the same white-box algorithm may be used to encrypt the first type of data, the second type of data, and the third type of data at the same time to obtain encrypted first type of ciphertext data, second type of ciphertext data, and then the white-box algorithm may be used to decrypt the first type of ciphertext data, the second type of ciphertext data, and the second type of ciphertext data, so that the decrypted first type of data, the decrypted second type of data, and the decrypted third type of data may be obtained only through one decryption.

It can be seen that, with the implementation, when the three types of data are encrypted and decrypted, the same white-box algorithm is used to encrypt and decrypt the three types of data at the same time, so that the data processing efficiency can be improved.

In another possible implementation manner, the same white-box algorithm may be used to encrypt the first type of data, the second type of data, and the third type of data, respectively, to obtain encrypted first type of ciphertext data, second type of ciphertext data, and second type of ciphertext data, so that when a bootstrap program in the first type of data is run, the white-box algorithm is first used to decrypt the first type of ciphertext data, to obtain a decrypted bootstrap program and a first digital signature of the bootstrap program, where the second type of data and the third type of data still exist in the form of ciphertext; when kernel/operating system data in the second type of data is operated, the white-box algorithm is adopted to decrypt the second type of ciphertext data to obtain the decrypted kernel/operating system data and a second digital signature of the kernel/operating system data, wherein the third type of data still exists in a ciphertext form; and when the application data in the third type of data is operated, the white-box algorithm is adopted to decrypt the third type of ciphertext data to obtain the decrypted application data and a third digital signature of the application data.

After the first type of data is encrypted, first type of ciphertext data is obtained, wherein the first type of ciphertext data comprises a ciphertext bootstrap program obtained after the bootstrap program is encrypted and a first ciphertext digital signature obtained after the first digital signature is encrypted; after the second type of data is encrypted, second type of ciphertext data is obtained, wherein the second type of ciphertext data comprises ciphertext kernel/operating system data encrypted by kernel/operating system data and a second ciphertext digital signature encrypted by a second digital signature; and after the third type of data is encrypted, third type of ciphertext data is obtained, wherein the third type of ciphertext data comprises ciphertext application data encrypted by the application data and a third ciphertext digital signature encrypted by a third digital signature.

It can be seen that, with this possible implementation, when encrypting and decrypting three types of data, although the same white-box algorithm is used to encrypt and decrypt the three types of data at the same time, when decrypting, only when a certain type of data (e.g., a boot program) is running, the type of data is decrypted, and other types of data (e.g., the second type of data and the third type of data) still exist in the form of a ciphertext.

In another possible implementation manner, different white-box algorithms may be used to encrypt the first type of data, the second type of data, and the third type of data, respectively, for example, a first white-box algorithm is used to encrypt the first type of data, so as to obtain encrypted first type of ciphertext data; encrypting the second type of data by adopting a second white-box algorithm to obtain encrypted second type of ciphertext data; encrypting the third type of data by adopting a third white-box algorithm to obtain encrypted third type of ciphertext data; and the keys in the first white-box algorithm, the second white-box algorithm and the third white-box algorithm are different. When the bootstrap program in the first type of data is operated, the first white-box algorithm is adopted to decrypt the first type of ciphertext data to obtain the decrypted bootstrap program and a first digital signature of the bootstrap program, wherein the second type of data and the third type of data still exist in the form of ciphertext; when kernel/operating system data in the second type of data is operated, a second white-box algorithm is adopted to decrypt the second type of ciphertext data to obtain the decrypted kernel/operating system data and a second digital signature of the kernel/operating system data, wherein the third type of data still exists in a ciphertext form; and when the application data in the third type of data is operated, decrypting the third type of ciphertext data by adopting a third white-box algorithm to obtain the decrypted application data and a third digital signature of the application data.

It can be seen that, with this possible implementation, when encrypting and decrypting three types of data, three different white-box algorithms are respectively used to encrypt and decrypt the three types of data, and when decrypting, only when a certain type of data (e.g., a boot program) is running, the first white-box algorithm is used to decrypt the type of data, while other types of data (e.g., the second type of data and the third type of data) still exist in a form of a ciphertext.

It should be noted that, when encrypting and decrypting three types of data, the embodiments of the present application are described by taking the above three possible implementations as examples, but do not represent that the embodiments of the present application are limited thereto.

After the target data and the digital signature before encryption are obtained by decrypting the ciphertext target data and the ciphertext digital signature in the terminal through any possible implementation, the digital signature can be verified by using a public key corresponding to a private key, the target data is operated after the verification is passed, and the terminal is controlled to start, that is, the following step S202 is executed:

s202, verifying the digital signature by adopting a public key corresponding to the private key, running target data after the verification is passed, and controlling the terminal to start.

Illustratively, when the target data includes a boot program, kernel/operating system data, and application data, the boot program, kernel/operating system data, and application data correspond to respective digital signatures. When the public key is used to digitally sign the bootstrap program, the kernel/operating system data, and the application data, the public key may be the same public key or different public keys, and may be specifically set according to actual needs.

With reference to the description in S201, after the first type of data including the bootstrap program and the first digital signature of the bootstrap program is obtained through decryption, the first digital signature of the bootstrap program may be verified by using a public key, and if the first type of data passes verification, it is indicated that the bootstrap program is not tampered, and is complete target data, and then the bootstrap program is executed; after the second type of data comprising the kernel/operating system data and the second digital signature of the kernel/operating system data is obtained through decryption, the second digital signature of the kernel/operating system data can be verified by adopting a public key, if the verification is passed, the kernel/operating system data is not tampered and is complete target data, and then the kernel/operating system data is operated; after the third type of data including the application data and the third digital signature of the application data is obtained through decryption, the third digital signature of the application data can be verified by using a public key, if the third type of data passes the verification, the application data is not tampered and is complete target data, and then the application data is operated to control the terminal to be started, so that the terminal starting process is complete.

Therefore, compared with the prior art, the processing method for terminal starting provided by the embodiment of the application has the advantages that the target data and the digital signature are always preset in the terminal in a ciphertext mode, and only when the target data is started and operated, the white box algorithm is adopted to decrypt the ciphertext target data and the ciphertext digital signature to obtain the target data and the digital signature, so that the time of the target data and the digital signature existing in a plaintext mode can be reduced, the risk of stealing the target data and the digital signature is effectively reduced, and the safety of data is improved.

Based on the embodiment shown in fig. 2, in the above S202, when the public key is used to verify the digital signature, in order to improve the reliability of the verification result, the public key used for verification is the public key in the signature certificate, that is, the decryption algorithm may be used to decrypt a ciphertext signature certificate in the terminal to obtain the signature certificate before encryption, and extract the public key from the signature certificate, and then verify the digital signature by using the public key, for example, please refer to fig. 3, where fig. 3 is a schematic flow diagram of another processing method for terminal startup provided in the embodiment of the present application, where the processing method for terminal startup may include:

s301, the ciphertext target data, the ciphertext digital signature and the ciphertext signature certificate are decrypted by adopting a white box algorithm to obtain the target data, the digital signature and the signature certificate.

The public key in the signature certificate is used for verifying the digital signature, and the private key corresponding to the public key in the signature certificate is used for digitally signing the target data.

In an example, before the white-box algorithm is used for decrypting the ciphertext target data, the ciphertext digital signature and the ciphertext signature certificate, the integrity of the white-box algorithm needs to be ensured, so that the check code of the white-box algorithm in the terminal can be read first, the integrity of the white-box algorithm can be verified according to the check code of the white-box algorithm to ensure that the white-box algorithm is the complete white-box algorithm, and then the white-box algorithm passing the verification is used for decrypting the ciphertext target data, the ciphertext digital signature and the ciphertext signature certificate. Likewise, the check code of the white-box algorithm is stored in a trusted memory area of the terminal. The trusted memory area may be, for example, a TPM or an OTP, but of course, other trusted memory areas are also possible. For example, the check code of the white-box algorithm may be a hash value of the white-box algorithm, or may be a metric value of the white-box algorithm, or of course, may be other check codes as long as the check on the white-box algorithm can be implemented.

In conjunction with the description in S201, for convenience of subsequent description, the first type data, the second type data, and the third type data may be used to describe the boot program and the first digital signature of the boot program, the kernel/operating system data and the second digital signature of the kernel/operating system data, and the application data and the third digital signature of the application data, respectively. In this embodiment, when the public key used for verification is a public key in the signature certificates, the first class of data also includes a first signature certificate corresponding to the boot program, the second class of data also includes a second signature certificate corresponding to the kernel/operating system data, and the third class of data also includes a third signature certificate corresponding to the application data, that is, the first class of data includes the boot program, the first digital signature, and the first signature certificate, the second class of data includes the kernel/operating system data, the second digital signature, and the second signature certificate, and the third class of data includes the application data, the third digital signature, and the third signature certificate.

Further, when the first type of data includes a bootstrap program, a first digital signature and a first signature certificate, after the first type of data is encrypted, first type of ciphertext data is obtained, where the first type of ciphertext data includes a ciphertext bootstrap program obtained after the bootstrap program is encrypted, a first ciphertext digital signature encrypted by the first digital signature and a first ciphertext signature certificate encrypted by the first signature certificate; when the second type of data comprises kernel/operating system data, a second digital signature and a second signature certificate, after the second type of data is encrypted, second type of ciphertext data is obtained, wherein the second type of ciphertext data comprises ciphertext kernel/operating system data encrypted by the kernel/operating system data, a second ciphertext digital signature encrypted by the second digital signature and a second ciphertext signature certificate encrypted by the second signature certificate; and when the third type of data comprises the application data, a third digital signature and a third signature certificate, encrypting the third type of data to obtain third type of ciphertext data, wherein the third type of ciphertext data comprises ciphertext application data encrypted by the application data, a third ciphertext digital signature encrypted by the third digital signature and a third ciphertext signature certificate encrypted by the third signature certificate.

The first signature certificate, the second signature certificate, and the third signature certificate may be the same signature certificate, or may be different signature certificates, and may be specifically set according to actual needs. When the first signature certificate, the second signature certificate, and the third signature certificate may be the same signature certificate, the private key corresponding to the public key in the signature certificate may respectively perform digital signature on the bootstrap, the kernel/operating system data, and the application data, so as to obtain respective digital signatures corresponding to the bootstrap, the kernel/operating system data, and the application data. When the first signature certificate, the second signature certificate, and the third signature certificate may be different signature certificates, the private keys corresponding to the public keys in the different signature certificates may be used to perform the segmented digital signatures on the bootstrap program, the kernel/operating system data, and the application data, respectively, to obtain the digital signatures corresponding to the bootstrap program, the kernel/operating system data, and the application data, respectively.

It can also be understood that, before the white-box algorithm is used to decrypt the ciphertext target data, the ciphertext digital signature and the ciphertext signature certificate, the ciphertext target data, the ciphertext digital signature and the ciphertext signature certificate are necessarily encrypted, and in combination with the encryption step, the white-box algorithm may be used to decrypt the ciphertext target data, the ciphertext digital signature and the ciphertext signature certificate.

It can be seen that, with the possible implementation manner, when the three types of data are encrypted and decrypted, the same white-box algorithm is adopted to simultaneously encrypt and decrypt the three types of data, so that the data processing efficiency can be improved.

In another possible implementation manner, the same white-box algorithm may be used to encrypt the first type of data, the second type of data, and the third type of data, respectively, to obtain encrypted first type of ciphertext data, second type of ciphertext data, and second type of ciphertext data, so that when a bootstrap program in the first type of data is run, the white-box algorithm is first used to decrypt the first type of ciphertext data, so as to obtain a decrypted bootstrap program, a first digital signature, and a first signature certificate, where the second type of data and the third type of data still exist in the form of ciphertext; when kernel/operating system data in the second type of data is operated, the white-box algorithm is adopted to decrypt the second type of ciphertext data to obtain decrypted kernel/operating system data, a second digital signature and a second signature certificate, wherein the third type of data still exists in a form of ciphertext; and when the application data in the third type of data is operated, the white-box algorithm is adopted to decrypt the third type of ciphertext data to obtain the decrypted application data, the third digital signature and the third signature certificate.

In another possible implementation manner, different white-box algorithms may be used to encrypt the first type of data, the second type of data, and the third type of data, respectively, for example, a first white-box algorithm is used to encrypt the first type of data, so as to obtain encrypted first type of ciphertext data; encrypting the second type of data by adopting a second white-box algorithm to obtain encrypted second type of ciphertext data; encrypting the third type of data by adopting a third white-box algorithm to obtain encrypted third type of ciphertext data; and the keys in the first white-box algorithm, the second white-box algorithm and the third white-box algorithm are different. When the bootstrap program in the first type of data is operated, the first white-box algorithm is adopted to decrypt the first type of ciphertext data to obtain the decrypted bootstrap program, a first digital signature and a first signature certificate, wherein the second type of data and the third type of data still exist in the form of ciphertext; when kernel/operating system data in the second type of data is operated, a second white-box algorithm is adopted to decrypt the second type of ciphertext data to obtain decrypted kernel/operating system data, a second digital signature and a second signature certificate, wherein the third type of data still exists in the form of a ciphertext; and when the application data in the third type of data is operated, the third white-box algorithm is adopted to decrypt the third type of ciphertext data to obtain the decrypted application data, the third digital signature and the third signature certificate.

After the ciphertext target data and the ciphertext digital signature in the terminal are decrypted through any possible implementation manner to obtain the target data and the digital signature before encryption, the public key corresponding to the private key in the signature certificate may be used to verify the digital signature, but before the public key corresponding to the private key in the signature certificate is used to verify the digital signature, the signature certificate needs to be verified, that is, the following S302 is executed:

s302, the root certificate is adopted to verify the signature certificate, and the public key in the signature certificate passing the verification is adopted to verify the digital signature.

In order to ensure the reliability of the signature certificate, before the digital signature is verified by using the public key corresponding to the private key in the signature certificate, the signature certificate may be verified by using a root certificate issued by a Certificate Authority (CA) preset in the terminal, so as to ensure the reliability of the signature certificate. Certainly, before the signature certificate is verified through a root certificate issued by a certificate authority CA preset in the terminal, the check code of the root certificate in the terminal can be read first, and the integrity of the root certificate is verified according to the check code of the root certificate, so as to ensure that the root certificate is an integral root certificate; and then, verifying the signature certificate through a root certificate issued by a Certificate Authority (CA) preset by the terminal so as to ensure the reliability of the signature certificate. For example, the hash value of the root certificate may be stored in a trusted storage area of the terminal. The trusted memory area may be, for example, a TPM or an OTP, but of course, other trusted memory areas are also possible. For example, the check code of the root certificate may be a hash value of the root certificate, or may be a metric value of the root certificate, or of course, may be other check codes as long as the check of the root certificate may be implemented.

With reference to the description in S301, when there are three signature certificates, the first signature certificate, the second signature certificate, and the third signature certificate may be verified through the root certificate, and after the verification passes, public keys are extracted from the first signature certificate, the second signature certificate, and the third signature certificate, respectively, and the public key in the first signature certificate is used to verify the first digital signature of the bootstrap program, the public key in the second signature certificate is used to verify the second digital signature of the kernel/operating system data, the public key in the third signature certificate is used to verify the third digital signature of the application data, and the target data is run after the verification passes, so that the terminal is controlled to start, that is, the following S303 is executed:

and S303, verifying the digital signature by using the public key in the signature certificate, running the target data after the verification is passed, and controlling the terminal to start.

With reference to the descriptions in S301 and S302, when the bootstrap program is to be run, a first white-box algorithm may be first used to decrypt the first type of ciphertext data to obtain a decrypted bootstrap program, a first digital signature and a first signature certificate, then the first signature certificate is verified through a root certificate issued by a certificate authority CA, and after verification, a public key in the first signature certificate is used to verify the first digital signature, and after verification is passed, the bootstrap program is run; then, when the kernel/operating system data is about to be operated, a second white-box algorithm can be adopted to decrypt the second type of ciphertext data to obtain the decrypted kernel/operating system data, a second digital signature and a second signature certificate, then the second signature certificate is verified through a root certificate issued by a Certificate Authority (CA), after the second signature certificate is verified, a public key in the second signature certificate is adopted to verify the second digital signature, and after the second signature certificate passes the verification, the kernel/operating system data is operated; then, when the application data is about to be operated, a third white-box algorithm can be adopted to decrypt third-class ciphertext data to obtain decrypted application data, a third digital signature and a third signature certificate, then the third signature certificate is verified through a root certificate issued by a Certificate Authority (CA), after verification, a public key in the third signature certificate is adopted to verify the third digital signature, and after verification is passed, the application data is operated to control the terminal to be started, so that the terminal starting process is completed.

Therefore, compared with the prior art, the processing method for terminal starting provided by the embodiment of the application has the advantages that the target data, the digital signature and the signature certificate are always preset in the terminal in a ciphertext form, and only when the target data is started to operate, the ciphertext target data, the ciphertext digital signature and the ciphertext signature certificate are decrypted by adopting the white box algorithm to obtain the target data, the digital signature and the signature certificate, so that the time of the target data, the digital signature and the signature certificate existing in a plaintext form can be reduced, the risk of stealing the target data, the digital signature and the signature certificate is effectively reduced, and the safety of data is improved.

In order to facilitate understanding of the terminal start processing method provided in the embodiment of the present application, a terminal is taken as an embedded terminal for example, and a corresponding bootstrap program is a U-Boot program. In the starting process of the embedded terminal, executing a Boot code (Boot code) solidified in an ROM of the embedded terminal, reading respective hash values of a first white box algorithm, a second white box algorithm and a third white box algorithm in the terminal, verifying the integrity of the first white box algorithm according to the hash value of the first white box algorithm, verifying the integrity of the second white box algorithm according to the hash value of the second white box algorithm, and verifying the integrity of the third white box algorithm according to the hash value of the third white box algorithm to ensure that the first white box algorithm, the second white box algorithm and the third white box algorithm are all complete white box algorithms; reading the hash value of the root certificate in the terminal, and verifying the integrity of the root certificate according to the hash value of the root certificate so as to ensure that the root certificate is an integral root certificate; decrypting first ciphertext data including a ciphertext U-Boot program, a first ciphertext digital signature and a first ciphertext signature certificate by adopting a first white box algorithm to obtain the decrypted U-Boot program, the first digital signature and the first signature certificate, verifying the first signature certificate by using a root certificate issued by a Certificate Authority (CA), verifying the first digital signature by adopting a public key in the first signature certificate after verification, and operating the U-Boot program after the verification is passed; then, a second white-box algorithm is adopted to decrypt second-class ciphertext data comprising the ciphertext kernel/operating system data, a second ciphertext digital signature and a second ciphertext signature certificate to obtain the decrypted kernel/operating system data, a second digital signature and a second signature certificate, then the second signature certificate is verified through a root certificate issued by a Certificate Authority (CA), after verification, a public key in the second signature certificate is adopted to verify the second digital signature, and after the verification is passed, the kernel/operating system data is operated; then, when application data is about to be operated, a third white-box algorithm can be used for decrypting third-class ciphertext data comprising the ciphertext application data, a third ciphertext digital signature encrypted by a third digital signature and a third ciphertext signature certificate encrypted by a third signature certificate to obtain the decrypted application data, the third digital signature and the third signature certificate, then the third signature certificate is verified through a root certificate issued by a Certificate Authority (CA), a public key in the third signature certificate is used for verifying the third digital signature after verification, and the application data is operated to control the terminal to be started after verification is passed, so that the terminal starting process is completed. Compared with the prior art, the target data, the digital signature and the signature certificate are always preset in the terminal in a ciphertext form, and only when the target data is started to operate, the white box algorithm is adopted to decrypt the ciphertext target data, the ciphertext digital signature and the ciphertext signature certificate to obtain the target data, the digital signature and the signature certificate, so that the time of the target data, the digital signature and the signature certificate existing in a plaintext form can be reduced, the risk that the target data, the digital signature and the signature certificate are stolen is effectively reduced, and the safety of data is improved.

It can be understood that, in the above embodiment, three different white-box algorithms are respectively used to perform decryption processing on the first type of data, the second type of data, and the third type of data, but of course, the same white-box algorithm may also be used to perform decryption processing on the first type of data, the second type of data, and the third type of data, which may be specifically set according to actual needs.

Fig. 4 is a schematic structural diagram of a terminal-started processing device 40 according to an embodiment of the present application, and for example, referring to fig. 4, the terminal-started processing device 40 may include:

the processing unit 401 is configured to decrypt, by using a decryption algorithm, ciphertext target data and a ciphertext digital signature in the terminal after the terminal is powered on and reset, so as to obtain target data before encryption and a digital signature before encryption; the digital signature is obtained by digitally signing the target data by using a private key.

And a verification unit 402, configured to verify the digital signature by using a public key corresponding to the private key.

And a control unit 403, configured to run the target data after the verification is passed, and control the terminal to start.

Optionally, the processing unit 401 is further configured to perform decryption processing on the ciphertext signature certificate in the terminal by using a decryption algorithm, so as to obtain a signature certificate before encryption.

The verifying unit 402 is specifically configured to extract a public key from the signature certificate, and verify the digital signature by using the public key.

Optionally, a root certificate issued by a certificate authority CA is preset in the terminal, and the verification unit 402 is specifically configured to verify the signature certificate by using the root certificate, and extract a public key in the signature certificate after the signature certificate passes verification; and verifying the digital signature by adopting a public key in the signature certificate.

Optionally, the terminal is preset with a check code of a decryption algorithm and a check code of a root certificate; the verifying unit 402 is further configured to read a check code of the root certificate, and verify the integrity of the root certificate according to the check code of the root certificate, where the root certificate that passes the verification is used to verify the signature certificate; and reading the check code of the decryption algorithm, and verifying the integrity of the decryption algorithm according to the check code of the decryption algorithm, wherein the decryption algorithm passing the verification is used for decrypting the ciphertext target data and the ciphertext digital signature.

Optionally, the check code of the root certificate and the check code of the decryption algorithm are stored in a trusted storage area of the terminal.

Optionally, the target data includes a boot program, kernel/operating system data, and application data, and the boot program, the kernel/operating system data, and the application data correspond to respective digital signatures; the processing unit 401 is further configured to perform segmented digital signatures on the bootstrap, the kernel/operating system data, and the application data respectively by using private keys corresponding to public keys in different signature certificates, so as to obtain digital signatures corresponding to the bootstrap, the kernel/operating system data, and the application data, respectively.

Optionally, the target data includes a bootstrap program, the decryption algorithm includes a first decryption algorithm, and the processing unit 401 is specifically configured to encrypt the bootstrap program, a first digital signature of the bootstrap program, and a first signature certificate of the bootstrap program by using a first encryption algorithm corresponding to the first decryption algorithm, to obtain a ciphertext bootstrap program, a first ciphertext digital signature, and a first ciphertext signature certificate; and a first decryption algorithm is adopted to decrypt the ciphertext bootstrap program, the first ciphertext digital signature of the ciphertext bootstrap program and the first ciphertext signature certificate of the ciphertext bootstrap program to obtain the bootstrap program, the first digital signature and the first signature certificate.

Optionally, the target data includes kernel/operating system data, the decryption algorithm includes a second decryption algorithm, and the processing unit 401 is specifically configured to perform encryption processing on the kernel/operating system data, a second digital signature of the kernel/operating system data, and a second signature certificate of the kernel/operating system data by using a second encryption algorithm corresponding to the second decryption algorithm, so as to obtain ciphertext kernel/operating system data, a second ciphertext digital signature, and a second ciphertext signature certificate; and decrypting the ciphertext kernel/operating system data, the second ciphertext digital signature of the ciphertext kernel/operating system data and the second ciphertext signature certificate of the ciphertext kernel/operating system data by adopting a second decryption algorithm to obtain the kernel/operating system data, the second digital signature and the second signature certificate.

Optionally, the target data includes application data, the decryption algorithm includes a third decryption algorithm, and the processing unit 401 is specifically configured to perform encryption processing on the application data, a third digital signature of the application data, and a third signature certificate of the application data by using a third encryption algorithm corresponding to the third decryption algorithm, so as to obtain ciphertext application data, a third ciphertext digital signature, and a third ciphertext signature certificate; and a third decryption algorithm is adopted to decrypt the application data, a third ciphertext digital signature of the ciphertext application data and a third ciphertext signature certificate of the application data to obtain the application data, the third digital signature and the third signature certificate.

The terminal-initiated processing apparatus 40 shown in this embodiment of the application may execute the technical solution of the terminal-initiated processing method in the embodiment shown in any one of the above figures, and its implementation principle and beneficial effects are similar to those of the terminal-initiated processing method, and are not described herein again.

Fig. 5 is a schematic structural diagram of a terminal 50 according to an embodiment of the present application, for example, please refer to fig. 5, where the terminal 50 may include a memory 501 and a processor 502.

A memory 501 for storing a computer program;

the processor 502 is configured to read the computer program stored in the memory 501, and execute the terminal-initiated processing method according to any of the embodiments described above according to the computer program in the memory 501.

Alternatively, the memory 501 may be separate or integrated with the processor 502. When the memory 501 is a device separate from the processor 502, the electronic apparatus may further include: a bus for connecting the memory 501 and the processor 502.

Optionally, this embodiment further includes: a communication interface that may be coupled to the processor 502 via a bus. The processor 502 may control the communication interface to implement the functions of reception and transmission of the terminal described above.

The terminal 50 shown in the embodiment of the present application may execute the technical solution of the terminal start processing method in the embodiment shown in any one of the above figures, and the implementation principle and the beneficial effect of the terminal start processing method are similar to those of the terminal start processing method, and are not described herein again.

An embodiment of the present application further provides a computer-readable storage medium, where a computer execution instruction is stored in the computer-readable storage medium, and when a processor executes the computer execution instruction, the method for processing terminal start-up according to any of the above embodiments is implemented, and an implementation principle and beneficial effects of the method are similar to those of the method for processing terminal start-up, and are not described herein again.

In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one type of logical functional division, and other divisions may be realized in practice, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the illustrated or discussed coupling or direct coupling or communication connection between each other may be through some interfaces, indirect coupling or communication connection between devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts shown as units may or may not be physical units, may be located in one position, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment. In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit may be implemented in the form of hardware, or in the form of hardware plus a software functional unit.

The integrated module implemented in the form of a software functional module may be stored in a computer-readable storage medium. The software functional module is stored in a storage medium and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) or a processor (in english: processor) to execute some steps of the methods according to the embodiments of the present application.

It should be understood that the Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the present invention may be embodied directly in a hardware processor, or in a combination of the hardware and software modules within the processor.

The memory may comprise a high speed RAM memory, and may further comprise a non-volatile storage NVM, such as at least one magnetic disk memory, and may also be a usb disk, a removable hard disk, a read-only memory, a magnetic or optical disk, or the like.

The bus may be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, an Extended ISA (EISA) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, the buses in the figures of the present application are not limited to only one bus or one type of bus.

The computer-readable storage medium may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.

Finally, it should be noted that: the above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present application.

Claims

1. A terminal startup processing method is characterized in that a root certificate issued by a Certificate Authority (CA) is preset in a terminal, and the method comprises the following steps:

after the terminal is powered on and reset, decrypting ciphertext target data and a ciphertext digital signature in the terminal by adopting a decryption algorithm to obtain target data before encryption and a digital signature before encryption; the digital signature is obtained by performing digital signature on the target data by adopting a private key; the target data includes boot program, kernel/operating system data and application data;

decrypting the ciphertext signature certificate in the terminal by using the decryption algorithm to obtain a signature certificate before encryption, verifying the signature certificate by using the root certificate, and extracting a public key in the signature certificate after the signature certificate passes verification;

verifying the digital signature by using a public key in the signature certificate, running the target data after the verification is passed, and controlling the terminal to start;

the decrypting algorithm is adopted to decrypt the ciphertext target data and the ciphertext digital signature in the terminal to obtain the target data before encryption and the digital signature before encryption, and the decrypting algorithm comprises the following steps:

decrypting a ciphertext bootstrap program, a first ciphertext digital signature of the bootstrap program and a first ciphertext signature certificate of the bootstrap program by using a first decryption algorithm to obtain the bootstrap program, the first digital signature of the bootstrap program and the first signature certificate of the bootstrap program;

decrypting ciphertext kernel/operating system data, a second ciphertext digital signature of the ciphertext kernel/operating system data and a second ciphertext signature certificate of the ciphertext kernel/operating system data by adopting a second decryption algorithm to obtain the kernel/operating system data, the second digital signature of the kernel/operating system data and the second signature certificate of the kernel/operating system data;

decrypting ciphertext application data, a third ciphertext digital signature of the ciphertext application data and a third ciphertext signature certificate of the ciphertext application data by using a third decryption algorithm to obtain the application data, the third digital signature of the application data and the third signature certificate of the application data;

wherein the first decryption algorithm, the second decryption algorithm, and the third decryption algorithm are the same white-box algorithm or different white-box algorithms.

2. The method according to claim 1, wherein the terminal is preset with a check code of the decryption algorithm and a check code of the root certificate, and before decrypting the ciphertext target data and the ciphertext digital signature in the terminal by using the decryption algorithm, the method further comprises:

reading the check code of the root certificate, and verifying the integrity of the root certificate according to the check code of the root certificate, wherein the root certificate passing the verification is used for verifying the signature certificate;

3. The method of claim 2,

and the check code of the root certificate and the check code of the decryption algorithm are stored in a trusted storage area of the terminal.

4. The method according to any one of claims 1 to 3, wherein before the decryption algorithm is used to decrypt the ciphertext target data and the ciphertext digital signature in the terminal, the method further comprises:

and respectively carrying out segmented digital signatures on the bootstrap program, the kernel/operating system data and the application data by adopting private keys corresponding to public keys in different signature certificates to obtain digital signatures corresponding to the bootstrap program, the kernel/operating system data and the application data.

5. The method according to any one of claims 1 to 3, wherein before the decrypting the ciphertext bootstrap, the first ciphertext digital signature of the bootstrap, and the first ciphertext signature certificate of the bootstrap with the first decryption algorithm to obtain the bootstrap, the first digital signature of the bootstrap, and the first signature certificate of the bootstrap, the method further comprises:

and encrypting the bootstrap program, the first digital signature of the bootstrap program and the first signature certificate of the bootstrap program by adopting a first encryption algorithm corresponding to the first decryption algorithm to obtain the ciphertext bootstrap program, the first ciphertext digital signature and the first ciphertext signature certificate.

6. The method according to claim 5, wherein before the second decryption algorithm is used to decrypt the ciphertext kernel/os data, the second ciphertext digital signature of the ciphertext kernel/os data, and the second ciphertext signature certificate of the ciphertext kernel/os data, so as to obtain the kernel/os data, the second digital signature of the kernel/os data, and the second signature certificate of the kernel/os data, the method further comprises:

and encrypting the kernel/operating system data, the second digital signature of the kernel/operating system data and the second signature certificate of the kernel/operating system data by adopting a second encryption algorithm corresponding to the second decryption algorithm to obtain the ciphertext kernel/operating system data, the second ciphertext digital signature and the second ciphertext signature certificate.

7. The method according to claim 5, wherein before the third decryption algorithm is used to decrypt the ciphertext application data, the third ciphertext digital signature of the ciphertext application data, and the third ciphertext signature certificate of the ciphertext application data to obtain the application data, the third digital signature of the application data, and the third signature certificate of the application data, the method further comprises:

and encrypting the application data, the third digital signature of the application data and the third signature certificate of the application data by adopting a third encryption algorithm corresponding to the third decryption algorithm to obtain the ciphertext application data, the third ciphertext digital signature and the third ciphertext signature certificate.

8. A terminal boot processing apparatus, wherein a root certificate issued by a certificate authority CA is preset in the terminal, the apparatus comprising:

the processing unit is used for decrypting ciphertext target data and the ciphertext digital signature in the terminal by adopting a decryption algorithm after the terminal is powered on and reset to obtain the target data before encryption and the digital signature before encryption; the digital signature is obtained by performing digital signature on the target data by adopting a private key; the target data includes boot program, kernel/operating system data and application data;

the verification unit is used for decrypting the ciphertext signature certificate in the terminal by using the decryption algorithm to obtain the signature certificate before encryption, verifying the signature certificate by using the root certificate, extracting a public key in the signature certificate after the signature certificate passes verification, and verifying the digital signature by using the public key in the signature certificate;

the control unit is used for operating the target data after the verification is passed and controlling the terminal to start;

the processing unit is specifically configured to decrypt a ciphertext bootstrap program, a first ciphertext digital signature of the bootstrap program, and a first ciphertext signature certificate of the bootstrap program by using a first decryption algorithm to obtain the bootstrap program, the first digital signature of the bootstrap program, and the first signature certificate of the bootstrap program;

9. A terminal comprising a memory and a processor;

a memory for storing a computer program;

a processor for reading the computer program stored in the memory and executing the terminal-initiated processing method according to any one of claims 1 to 7 in accordance with the computer program in the memory.

10. A computer-readable storage medium, wherein a computer-executable instruction is stored in the computer-readable storage medium, and when the processor executes the computer-executable instruction, the terminal-initiated processing method according to any one of claims 1 to 7 is implemented.