WO2024027301A1 - Encryption method for automobile diagnosis software - Google Patents

Encryption method for automobile diagnosis software Download PDF

Info

Publication number
WO2024027301A1
WO2024027301A1 PCT/CN2023/096607 CN2023096607W WO2024027301A1 WO 2024027301 A1 WO2024027301 A1 WO 2024027301A1 CN 2023096607 W CN2023096607 W CN 2023096607W WO 2024027301 A1 WO2024027301 A1 WO 2024027301A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
diagnostic
encrypted
automobile
software
Prior art date
Application number
PCT/CN2023/096607
Other languages
French (fr)
Chinese (zh)
Inventor
蒋永鑫
章程
谢嘉丰
Original Assignee
深圳市星卡软件技术开发有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市星卡软件技术开发有限公司 filed Critical 深圳市星卡软件技术开发有限公司
Publication of WO2024027301A1 publication Critical patent/WO2024027301A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]

Definitions

  • the present disclosure relates to the technical field of automobile diagnosis, and in particular, to an encryption method for automobile diagnostic software.
  • the purpose of this disclosure is to provide an encryption method for automobile diagnostic software to alleviate the technical problem in the prior art that encrypted files in automobile diagnostic software are easy to crack.
  • embodiments of the present disclosure provide an encryption method for automobile diagnostic software, which is applied to a server.
  • the server is connected to an automobile diagnostic device.
  • the automobile diagnostic device is connected to a diagnostic connector. Storage is stored in the diagnostic connector.
  • There is a public key file; the methods described include:
  • the file content of the automobile diagnostic software is first encrypted to obtain an encrypted intermediate file, including:
  • the file order of the plurality of files to be encrypted is randomly arranged to obtain the encrypted intermediate file of the automobile diagnostic software.
  • the characteristic information of the diagnostic connector includes any one or more of the following:
  • the serial number of the diagnostic connector and the production time stamp of the diagnostic connector are identical to each other.
  • performing a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file includes:
  • the target intermediate file and the private key file are secondly encrypted using the RSA encryption algorithm to obtain an encrypted encrypted file.
  • the format type of the file content includes any one or more of the following:
  • the diagnostic connector is connected to the car to be diagnosed, and the diagnostic connector is used to send the on-board data of the car to be diagnosed to the car diagnostic device; in the step of sending the encrypted file to the After the automotive diagnostic equipment mentioned above, it also includes:
  • the diagnostic connector decrypts the encrypted file through the public key file
  • the vehicle diagnostic device uses the target vehicle diagnostic software to diagnose the vehicle to be diagnosed based on the vehicle data.
  • inventions of the present disclosure provide an encryption system for automobile diagnostic software.
  • the system includes:
  • a server, an automobile diagnostic equipment and a diagnostic connector, the automobile diagnostic equipment is connected to the server and the diagnostic connector respectively;
  • the server is used to encrypt the file content in the automobile diagnostic software and send the encrypted encrypted file to the automobile diagnostic device;
  • the diagnostic connector is connected to the car to be diagnosed and is used to send the on-board data of the car to be diagnosed to the car diagnostic device;
  • a public key file is stored in the diagnostic connector
  • the automobile diagnostic equipment is used to download the encrypted file from the server, and use the public key file stored in the diagnostic connector to decrypt the encrypted file into the automobile diagnostic software;
  • the automobile diagnostic equipment is also used to run the automobile diagnostic software.
  • embodiments of the present disclosure provide an encryption device for automobile diagnostic software, which is applied to a server.
  • the server is connected to an automobile diagnostic equipment.
  • the automobile diagnostic equipment is connected to a diagnostic connector. Storage is stored in the diagnostic connector.
  • the first encryption module is used to first encrypt the file content of the automobile diagnostic software to obtain an encrypted intermediate file
  • a first determination module configured to determine a target intermediate file corresponding to the target automobile diagnostic software in response to the automobile diagnostic device's download request for the target automobile diagnostic software
  • An acquisition module configured to obtain the characteristic identifier of the diagnostic connector, and determine the public key file version stored in the diagnostic connector based on the characteristic identifier;
  • a second determination module configured to determine the private key file corresponding to the public key file based on the public key file version
  • a second encryption module configured to perform a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file
  • a sending module configured to send the encrypted file to the automobile diagnostic device.
  • an embodiment of the present disclosure provides an electronic device, including a memory and a processor.
  • the memory stores a computer program that can run on the processor.
  • the processor executes the computer program, it implements The steps of the method described in the first aspect above.
  • embodiments of the present disclosure provide a computer-readable storage medium that stores computer-executable instructions.
  • the computer-executable instructions When the computer-executable instructions are called and run by a processor, the computer The executable instructions cause the processor to execute the steps of the method described in the first aspect above.
  • Embodiments of the present disclosure provide an encryption method for automobile diagnostic software.
  • the file content of the automobile diagnostic software is first encrypted to obtain an encrypted intermediate file.
  • Determine the target intermediate file corresponding to the target car diagnostic software then obtain the characteristic information of the diagnostic connector, and determine the public key file version stored in the diagnostic connector based on the characteristic information, thereby determining the private key file corresponding to the public key file based on the public key file version.
  • the key file is then encrypted for a second time on the intermediate file and the private key file to obtain the encrypted encrypted file, and the encrypted file is sent to the automobile diagnostic equipment.
  • the server first determines the file content of each car diagnostic software, performs the first encryption process on the file content of each car diagnostic software, and obtains the corresponding intermediate files, and then responds to the car diagnostic equipment's download of the target car diagnostic software. request, determine the corresponding target intermediate file, and then obtain the pre-stored public key file version in the diagnostic connector based on the characteristic information of the diagnostic connector, determine the private key file corresponding to the public key file, and then process the target intermediate file after the first heavy encryption.
  • the file and private key file are subjected to a second encryption process to obtain the final encrypted file, and the encrypted file is sent to the car diagnostic device.
  • the car diagnostic software file is not easy to be cracked, which alleviates the problem of car diagnostic software in the existing technology. It solves the technical problem that encrypted files are easy to crack, and puts the time-consuming encryption process into the compilation and packaging of diagnostic software, which can shorten the time consumed during use and improve encryption efficiency.
  • Figure 1 is a schematic flowchart of an encryption method for automobile diagnostic software provided by an embodiment of the present disclosure
  • Figure 2 is a schematic diagram of an encryption and decryption process of automobile diagnostic software provided by an embodiment of the present disclosure
  • Figure 3 is a schematic diagram of the principle of a first encryption algorithm provided by an embodiment of the present disclosure
  • Figure 4 is a schematic structural diagram of an encryption system for automobile diagnostic software provided by an embodiment of the present disclosure
  • Figure 5 is a schematic structural diagram of an encryption device for automobile diagnostic software provided by an embodiment of the present disclosure
  • FIG. 6 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure.
  • embodiments of the present disclosure provide an encryption method for automobile diagnostic software. This method can alleviate the technical problem in the prior art that encrypted files in automobile diagnostic software are easy to crack.
  • Figure 1 is a schematic flow chart of an encryption method for automobile diagnostic software provided by an embodiment of the present disclosure.
  • the method can be applied to a server.
  • the server is connected to the automobile diagnostic equipment.
  • the automobile diagnostic equipment is connected to the diagnostic connector.
  • the public key file is stored.
  • the method includes:
  • Step S110 Perform a first encryption on the file content of the automobile diagnostic software to obtain an encrypted intermediate file.
  • the car diagnostic software can go through the process of packaging, compilation, testing, and online for users to download and use on the server.
  • the first encryption process is placed in the packaging and compilation stage.
  • the server completes the first encryption of the file contents of each car diagnostic software, obtains the corresponding encrypted intermediate files, and stores the intermediate files on the server for users to download.
  • Step S120 In response to a download request from the automobile diagnostic device for the target automobile diagnostic software, determine the target intermediate file corresponding to the target automobile diagnostic software.
  • car maintenance personnel operate car diagnostic equipment to perform diagnostic analysis on the car to be diagnosed.
  • the maintenance personnel You can click the download button of the automobile diagnostic equipment to control the automobile diagnostic equipment to send a download request to the server.
  • the server can respond to the download request for the target automobile diagnostic software and determine the target intermediate file corresponding to the target automobile diagnostic software.
  • Step S130 Obtain the characteristic information of the diagnostic connector, and determine the public key file version stored in the diagnostic connector based on the characteristic information.
  • each diagnostic connector has a public key file pre-stored during production.
  • the server can identify the diagnostic connector by obtaining the characteristic information of the diagnostic connector, such as obtaining the unique serial number of the diagnostic connector.
  • the corresponding public key file version is a public key file version.
  • Step S140 Based on the public key file version, determine the private key file corresponding to the public key file.
  • the public key and private key of the server are a pair of keys.
  • the server saves the public key in the diagnostic connector, and the private key is still stored in the server.
  • the server can determine the corresponding private key file based on the public key file version stored in the diagnostic connector.
  • Step S150 Perform a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file.
  • the server can put the target intermediate file corresponding to the target diagnostic software and the private key file together for the second encryption process to obtain an encrypted specific encrypted file (license file and encryption rule file). wait).
  • Step S160 Send the encrypted file to the automobile diagnostic device.
  • the server After the server generates a specific encrypted file, it sends the file to the automobile diagnostic device that requested the download, so that the maintenance personnel can use the automobile diagnostic device to diagnose the vehicle to be diagnosed through the software.
  • the client usually receives the encrypted information sent by the server, and then obtains the car diagnostic software data encrypted by the first algorithm and the first decryption key encrypted by the second algorithm according to the encrypted information, and then obtains the car diagnostic software data encrypted by the second algorithm according to the preset
  • the second algorithm decryption public key decrypts the first decryption key encrypted by the second algorithm to obtain the first algorithm decryption key
  • the first algorithm decryption key decrypts the car diagnostic software data encrypted by the first algorithm to obtain the car Diagnostic software.
  • the solution is to separately encrypt the vehicle diagnostic software data and the first decryption key, thereby realizing encryption of the data.
  • the server first performs encryption before the car diagnostic software is put online for download, and puts the time-consuming encryption process into the compilation and packaging of the diagnostic software. It first determines the file content of each car diagnostic software, and then The file content of the car diagnostic software is first encrypted to obtain the corresponding intermediate files, and then the response is Based on the download request of the target automobile diagnostic software from the automobile diagnostic equipment, the corresponding target intermediate file is determined, and then the pre-stored public key file version in the diagnostic connector is obtained according to the characteristic information of the diagnostic connector, and the private key file corresponding to the public key file is determined. Then, the target intermediate file and the private key file after the first encryption are processed together with the second encryption to obtain the final encrypted file, and the encrypted file is sent to the car diagnostic equipment.
  • the car diagnostic software file is not easily be cracked, which alleviates the technical problem that encrypted files in automobile diagnostic software are easy to crack in the existing technology, and puts the time-consuming encryption process into the compilation and packaging of diagnostic software, which can shorten the time consumed during use and improve encryption efficiency. .
  • the first encryption of the car diagnostic software file content can be flexibly implemented in a variety of ways.
  • the files can be shuffled and reorganized, so that the intermediate files corresponding to the diagnostic software are in an unordered and random state. , better achieve encryption effect.
  • the above step S110 may specifically include the following steps:
  • Step a) use the snowflake algorithm to randomly select multiple files to be encrypted from the file content.
  • the server can first obtain the format types of all files in the diagnostic software, and then randomly select any file from the format types of all files based on the snowflake algorithm, and then convert the selected files into As the files to be encrypted, a corresponding encrypted file list is generated, and the encrypted file list is used as a data file array, where the data of the files to be encrypted are all in binary format. Then obtain the total number of encrypted files n, based on the total number n, traverse all encrypted files, randomly arrange the file order of all files to be encrypted, and obtain the encrypted intermediate files. Among them, the method of traversing all encrypted files is shown in Figure 3.
  • the intermediate files of the diagnostic software can be made into an unordered and random state, which can increase the difficulty of being cracked.
  • the binary data in the intermediate files can be converted into hexadecimal data. Downloading can further protect the data of the intermediate file and ensure the security of the file as much as possible.
  • the characteristic information of the diagnostic connector may include multiple types, so that the server can verify the diagnostic connector in multiple ways and determine the public key and private key information more accurately.
  • the characteristic information of the diagnostic connector includes any one or more of the following:
  • the serial number of the diagnostic connector, and the production timestamp of the diagnostic connector are the serial number of the diagnostic connector, and the production timestamp of the diagnostic connector.
  • the server can determine the public key corresponding to the diagnostic connector and then determine the corresponding private key based on the serial number of the diagnostic connector and the timestamp at the time of production as query conditions.
  • the second encryption of the content of the diagnostic software file can be flexibly implemented in a variety of ways.
  • the target intermediate file and the private key file are secondly encrypted using the RSA encryption algorithm, so that the final encryption Files are more confidential and less likely to be cracked.
  • the above step S150 may specifically include the following steps:
  • the server can perform a second encryption process on the target intermediate file and the private key file using the RSA encryption algorithm to obtain the license file and encryption rule file (encrypted file).
  • the encrypted file corresponds to the device serial number of the automotive diagnostic device and/or diagnostic connector, so only the corresponding device connector can be decrypted.
  • the target intermediate file and the private key file are secondly encrypted using the RSA encryption algorithm to obtain the encrypted encrypted file, thereby realizing the second encryption of the content of the diagnostic software file, making the software file more difficult to crack and improving security.
  • the file contents of multiple formats in the automobile diagnostic software can be encrypted, thereby making the application scenarios more extensive and improving the encryption effect of the automobile diagnostic software.
  • the format type of the file content includes any one or more of the following:
  • the file content of multiple formats in the automotive diagnostic software can be encrypted, thereby making the application scenarios more extensive and improving the encryption effect of the automotive diagnostic software.
  • the encrypted file can be decrypted using the public key in the diagnostic connector, and only when the decryption is successful can the vehicle diagnostic software be run, ensuring data security.
  • the diagnostic connector is connected to the car to be diagnosed, and the diagnostic connector is used to send vehicle-mounted data of the car to be diagnosed to the car diagnostic device; after the above step S160, the method may also include the following steps:
  • Step d) the diagnostic connector decrypts the encrypted file through the public key file
  • Step e) if the decryption is successful, the car diagnostic equipment uses the target car diagnostic software to diagnose the car to be diagnosed based on the vehicle data.
  • the diagnostic connector can decrypt the license file based on the RSA algorithm and the built-in public key. If the decryption is successful, the car diagnostic equipment runs the diagnostic software and starts diagnosis based on the vehicle data transmitted by the diagnostic connector; If decryption is unsuccessful, the diagnostic software rejects the diagnosis and exits.
  • the diagnostic connector When performing car diagnosis, the diagnostic connector needs to use the pre-stored public key to decrypt the license file every time. Any modification in the license file will cause the diagnostic software to fail to decrypt, which can further protect the diagnosis.
  • the security of the files in the software is broken, preventing the software from being cracked and ensuring data security.
  • FIG. 4 is a schematic structural diagram of an encryption system for automobile diagnostic software provided by an embodiment of the present disclosure. As shown in Figure 4, the system includes a server, automotive diagnostic equipment and diagnostic connectors.
  • the automobile diagnostic equipment and the server can be connected through a wireless network, and the automobile diagnostic equipment and the diagnostic connector can be connected through a wireless or wired method.
  • the server is used to encrypt the file contents in the automotive diagnostic software.
  • the file contents in the diagnostic software are encrypted in the packaging and compilation stage to obtain the corresponding intermediate file.
  • the second stage is performed in the automotive diagnostic equipment request download stage. Encryption processing is performed to obtain the final encrypted file, and the encrypted file is sent to the automotive diagnostic equipment.
  • the diagnostic connector is plugged into the car to be diagnosed and used to send on-board data of the car to be diagnosed to the car diagnostic equipment.
  • a public key file is stored in the diagnostic connector.
  • the public key must be obtained from the encryption server.
  • the public key and private key of the encryption server are a pair of keys.
  • the public key is stored in the diagnostic connector.
  • the private key is still stored in the encryption server.
  • the car diagnostic equipment is used to download the encrypted file from the server, and use the public key file stored in the diagnostic connector to decrypt the encrypted file into car diagnostic software and run the car diagnostic software, so that the car diagnostic software can diagnose the car to be diagnosed based on the on-board data.
  • FIG. 5 is a schematic structural diagram of an encryption device for automobile diagnostic software provided by an embodiment of the present disclosure.
  • the encryption device 500 of automobile diagnostic software includes:
  • the first encryption module 501 is used to first encrypt the file content of the automobile diagnostic software to obtain an encrypted intermediate file.
  • the first determination module 502 is used to perform a first encryption on the file content to obtain an encrypted intermediate file of the target automobile diagnostic software.
  • the acquisition module 503 is configured to determine the target intermediate file corresponding to the target automobile diagnostic software in response to the automobile diagnostic device's download request for the target automobile diagnostic software.
  • the second determination module 504 is used to determine the private key file corresponding to the public key file based on the public key file version.
  • the second encryption module 505 is used to perform a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file.
  • the sending module 506 is used to send the encrypted file to the automobile diagnostic device.
  • the first encryption module 501 is specifically used to:
  • the characteristic information of the diagnostic connector includes any one or more of the following:
  • the serial number of the diagnostic connector, and the production timestamp of the diagnostic connector are the serial number of the diagnostic connector, and the production timestamp of the diagnostic connector.
  • the second encryption module 505 is specifically used to:
  • the target intermediate file and the private key file are secondly encrypted using the RSA encryption algorithm to obtain the encrypted encrypted file.
  • the format type of the file content includes any one or more of the following:
  • the diagnostic connector is connected to the car to be diagnosed, and the diagnostic connector is used to send on-board data of the car to be diagnosed to the car diagnostic equipment; the device further includes:
  • the decryption module is used to send the encrypted file to the automotive diagnostic device, and the diagnostic connector decrypts the encrypted file through the public key file;
  • the car diagnostic equipment uses the target car diagnostic software to diagnose the car to be diagnosed based on the on-board data.
  • An embodiment of the present disclosure provides an electronic device.
  • the electronic device includes a processor and a storage device; a computer program is stored on the storage device, and the computer program executes any of the methods of the above embodiments when run by the processor. .
  • FIG. 6 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure.
  • the electronic device includes: a processor 601, a memory 602, a bus 603 and a communication interface 604.
  • the processor 601, the communication interface 604 and the memory 602 are connected through the bus 603. ;
  • the processor 601 is used to execute executable modules stored in the memory 602, such as computer programs.
  • the memory 602 may include high-speed random access memory (RAM, Random Access Memory), and may also include non-volatile memory (Non-volatile Memory), such as at least one disk memory.
  • RAM random access memory
  • Non-volatile Memory non-volatile Memory
  • the communication connection between the system network element and at least one other network element is realized through at least one communication interface 604 (which can be wired or wireless), and the Internet, wide area network, local network, metropolitan area network, etc. can be used.
  • the bus 603 may be an ISA bus, a PCI bus, an EISA bus, etc.
  • the bus can be divided into address bus, data bus, control bus, etc. For ease of presentation, only one bidirectional arrow is used in Figure 6, but it does not mean that there is only one bus or one type of bus.
  • the memory 602 is used to store the program, and the processor 601 executes the program after receiving the execution instruction.
  • the method executed by the device for stream process definition disclosed in any of the embodiments of the present disclosure can be applied to the processor 601, Or implemented by processor 601.
  • the processor 601 may be an integrated circuit chip with signal processing capabilities. During the implementation process, each step of the above method can be completed by instructions in the form of hardware integrated logic circuits or software in the processor 601 .
  • the above-mentioned processor 601 can be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; it can also be a digital signal processor (Digital Signal Processing, DSP for short), Application Specific Integrated Circuit (ASIC for short), Field-Programmable Gate Array (FPGA for short) or other programmable logic devices, discrete gate or transistor logic devices, and discrete hardware components.
  • CPU Central Processing Unit
  • NP Network Processor
  • DSP Digital Signal Processing
  • ASIC Application Specific Integrated Circuit
  • FPGA Field-Programmable Gate Array
  • a general-purpose processor may be a microprocessor or the processor may be any conventional processor, etc.
  • the steps of the method disclosed in conjunction with the embodiments of the present disclosure can be directly implemented by a hardware decoding processor, or executed by a combination of hardware and software modules in the decoding processor.
  • the software module can be located in random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers and other mature storage media in this field.
  • the storage medium is located in the memory 602.
  • the processor 601 reads the information in the memory 602 and completes the steps of the above method in combination with its hardware.
  • the computer program product of the readable storage medium provided by the embodiment of the present disclosure includes a computer-readable storage medium storing program code.
  • the instructions included in the program code can be used to execute the method in the previous method embodiment.
  • the computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods of various embodiments of the present disclosure.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program code. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)

Abstract

The present invention relates to the technical field of automobile diagnosis, and provides an encryption method for automobile diagnosis software, for use in solving the technical problem in the prior art that encrypted files in automobile diagnosis software are easily cracked. The method comprises: performing first encryption on file content of automobile diagnosis software to obtain encrypted intermediate files; in response to a download request of an automobile diagnosis device for target automobile diagnosis software, determining a target intermediate file corresponding to the target automobile diagnosis software; acquiring feature information of a diagnosis connector, and on the basis of the feature information, determining a public key file version stored in the diagnosis connector; on the basis of the public key file version, determining a private key file corresponding to a public key file; performing second encryption on the intermediate file and the private key file to obtain an encrypted file; and sending the encrypted file to the automobile diagnosis device.

Description

一种汽车诊断软件的加密方法An encryption method for automobile diagnostic software
相关申请的交叉引用Cross-references to related applications
本公开要求于2022年08月05日提交中国国家知识产权局的申请号为202210935125.8、名称为“一种汽车诊断软件的加密方法”的中国专利申请的优先权,其全部内容通过引用结合在本公开中。This disclosure claims priority to the Chinese patent application with application number 202210935125.8 and titled "An Encryption Method for Automobile Diagnostic Software" submitted to the State Intellectual Property Office of China on August 5, 2022, the entire content of which is incorporated herein by reference. Public.
技术领域Technical field
本公开涉及汽车诊断技术领域,尤其是涉及一种汽车诊断软件的加密方法。The present disclosure relates to the technical field of automobile diagnosis, and in particular, to an encryption method for automobile diagnostic software.
背景技术Background technique
数据日益成为个人生活、经济发展和安全保障的核心。这就意味着,必须做到时刻保障数据的安全。这就如同在现实世界中紧锁家门、限制重要物品的进出,以及保护重要的企业财产一样,有赖于加密来保证数据不会遭受各种网络犯罪的侵入和盗取。随着汽车保有量的增长,越来越多的汽车维修技术使用诊断工具解码器进行工作,汽车数据安全越来越被受到重视。Data is increasingly central to personal lives, economic development and security. This means that data security must be guaranteed at all times. Just like locking your home, restricting the entry and exit of important items, and protecting important corporate assets in the real world, you rely on encryption to ensure that data is protected from intrusion and theft by various cybercriminals. With the growth of car ownership, more and more car maintenance technologies use diagnostic tool decoders to work, and car data security is receiving more and more attention.
但是,对于现有技术存在着汽车诊断软件中的加密文件易破解的技术问题。However, there is a technical problem with the existing technology that the encrypted files in the automobile diagnostic software are easy to crack.
发明内容Contents of the invention
本公开的目的在于提供一种汽车诊断软件的加密方法,以缓解现有技术中汽车诊断软件中的加密文件易破解的技术问题。The purpose of this disclosure is to provide an encryption method for automobile diagnostic software to alleviate the technical problem in the prior art that encrypted files in automobile diagnostic software are easy to crack.
第一方面,本公开实施例提供了一种汽车诊断软件的加密方法,应用于服务端,所述服务端与汽车诊断设备连接,所述汽车诊断设备与诊断接头连接,所述诊断接头内存储有公钥文件;所述方法包括:In a first aspect, embodiments of the present disclosure provide an encryption method for automobile diagnostic software, which is applied to a server. The server is connected to an automobile diagnostic device. The automobile diagnostic device is connected to a diagnostic connector. Storage is stored in the diagnostic connector. There is a public key file; the methods described include:
对所述汽车诊断软件的文件内容进行第一加密,得到加密后的中间文件;First encrypt the file content of the automobile diagnostic software to obtain an encrypted intermediate file;
响应于所述汽车诊断设备针对目标汽车诊断软件的下载请求,确定与所述目标汽车诊断软件对应的目标中间文件;In response to a download request from the automobile diagnostic device for the target automobile diagnostic software, determine a target intermediate file corresponding to the target automobile diagnostic software;
获取所述诊断接头的特征信息,并基于所述特征信息确定所述诊断接头内存储的公钥文件版本;Obtain the characteristic information of the diagnostic connector, and determine the public key file version stored in the diagnostic connector based on the characteristic information;
基于所述公钥文件版本,确定与所述公钥文件对应的私钥文件;Based on the public key file version, determine the private key file corresponding to the public key file;
对所述中间文件以及所述私钥文件进行第二加密,得到加密后的加密文件;Perform a second encryption on the intermediate file and the private key file to obtain an encrypted encrypted file;
将所述加密文件发送至所述汽车诊断设备。Send the encrypted file to the automotive diagnostic device.
在一个可能的实现中,所述对所述汽车诊断软件的文件内容进行第一加密,得到加密后的中间文件,包括:In a possible implementation, the file content of the automobile diagnostic software is first encrypted to obtain an encrypted intermediate file, including:
利用雪花算法从所述文件内容中随机挑选出多个待加密文件; Use the snowflake algorithm to randomly select multiple files to be encrypted from the file contents;
对所述多个待加密文件的文件顺序进行随机排列,得到加密后的所述汽车诊断软件的中间文件。The file order of the plurality of files to be encrypted is randomly arranged to obtain the encrypted intermediate file of the automobile diagnostic software.
在一个可能的实现中,所述诊断接头的特征信息包括下述任意一项或多项:In a possible implementation, the characteristic information of the diagnostic connector includes any one or more of the following:
所述诊断接头的序列号、所述诊断接头的生产时间戳。The serial number of the diagnostic connector and the production time stamp of the diagnostic connector.
在一个可能的实现中,所述对所述目标中间文件以及所述私钥文件进行第二加密,得到加密后的加密文件,包括:In a possible implementation, performing a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file includes:
通过RSA加密算法对所述目标中间文件以及所述私钥文件进行第二加密,得到加密后的加密文件。The target intermediate file and the private key file are secondly encrypted using the RSA encryption algorithm to obtain an encrypted encrypted file.
在一个可能的实现中,所述文件内容的格式类型包括下述任意一项或多项:In a possible implementation, the format type of the file content includes any one or more of the following:
SO格式、BIN格式、TXT格式、GGP格式、PNG格式、INI格式。SO format, BIN format, TXT format, GGP format, PNG format, INI format.
在一个可能的实现中,所述诊断接头与待诊断汽车连接,所述诊断接头用于向所述汽车诊断设备发送所述待诊断汽车的车载数据;在所述将所述加密文件发送至所述汽车诊断设备之后,还包括:In a possible implementation, the diagnostic connector is connected to the car to be diagnosed, and the diagnostic connector is used to send the on-board data of the car to be diagnosed to the car diagnostic device; in the step of sending the encrypted file to the After the automotive diagnostic equipment mentioned above, it also includes:
所述诊断接头通过所述公钥文件对所述加密文件进行解密;The diagnostic connector decrypts the encrypted file through the public key file;
如果解密成功,则所述汽车诊断设备利用所述目标汽车诊断软件基于所述车载数据对所述待诊断汽车进行诊断。If the decryption is successful, the vehicle diagnostic device uses the target vehicle diagnostic software to diagnose the vehicle to be diagnosed based on the vehicle data.
第二方面,本公开实施例提供了一种汽车诊断软件的加密系统,所述系统包括:In a second aspect, embodiments of the present disclosure provide an encryption system for automobile diagnostic software. The system includes:
服务端、汽车诊断设备以及诊断接头,所述汽车诊断设备分别与所述服务端以及所述诊断接头连接;A server, an automobile diagnostic equipment and a diagnostic connector, the automobile diagnostic equipment is connected to the server and the diagnostic connector respectively;
所述服务端用于对所述汽车诊断软件中的文件内容进行加密,并将加密后的加密文件发送至所述汽车诊断设备;The server is used to encrypt the file content in the automobile diagnostic software and send the encrypted encrypted file to the automobile diagnostic device;
所述诊断接头与待诊断汽车连接,用于向所述汽车诊断设备发送所述待诊断汽车的车载数据;The diagnostic connector is connected to the car to be diagnosed and is used to send the on-board data of the car to be diagnosed to the car diagnostic device;
所述诊断接头内存储有公钥文件;A public key file is stored in the diagnostic connector;
所述汽车诊断设备用于从所述服务端下载所述加密文件,并利用所述诊断接头中存储的所述公钥文件将所述加密文件解密为所述汽车诊断软件;The automobile diagnostic equipment is used to download the encrypted file from the server, and use the public key file stored in the diagnostic connector to decrypt the encrypted file into the automobile diagnostic software;
所述汽车诊断设备还用于运行所述汽车诊断软件。The automobile diagnostic equipment is also used to run the automobile diagnostic software.
第三方面,本公开实施例提供了一种汽车诊断软件的加密装置,应用于服务端,所述服务端与汽车诊断设备连接,所述汽车诊断设备与诊断接头连接,所述诊断接头内存储有公钥文件;所述装置包括:In a third aspect, embodiments of the present disclosure provide an encryption device for automobile diagnostic software, which is applied to a server. The server is connected to an automobile diagnostic equipment. The automobile diagnostic equipment is connected to a diagnostic connector. Storage is stored in the diagnostic connector. There is a public key file; the device includes:
第一加密模块,用于对所述汽车诊断软件的文件内容进行第一加密,得到加密后的中间文件; The first encryption module is used to first encrypt the file content of the automobile diagnostic software to obtain an encrypted intermediate file;
第一确定模块,用于响应于所述汽车诊断设备针对目标汽车诊断软件的下载请求,确定与所述目标汽车诊断软件对应的目标中间文件;A first determination module configured to determine a target intermediate file corresponding to the target automobile diagnostic software in response to the automobile diagnostic device's download request for the target automobile diagnostic software;
获取模块,用于获取所述诊断接头的特征标识,并基于所述特征标识确定所述诊断接头内存储的公钥文件版本;An acquisition module, configured to obtain the characteristic identifier of the diagnostic connector, and determine the public key file version stored in the diagnostic connector based on the characteristic identifier;
第二确定模块,用于基于所述公钥文件版本,确定与所述公钥文件对应的私钥文件;a second determination module, configured to determine the private key file corresponding to the public key file based on the public key file version;
第二加密模块,用于对所述目标中间文件以及所述私钥文件进行第二加密,得到加密后的加密文件;A second encryption module, configured to perform a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file;
发送模块,用于将所述加密文件发送至所述汽车诊断设备。A sending module, configured to send the encrypted file to the automobile diagnostic device.
第四方面,本公开实施例提供了一种电子设备,包括存储器、处理器,所述存储器中存储有可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现上述第一方面所述的方法的步骤。In a fourth aspect, an embodiment of the present disclosure provides an electronic device, including a memory and a processor. The memory stores a computer program that can run on the processor. When the processor executes the computer program, it implements The steps of the method described in the first aspect above.
第五方面,本公开实施例提供了一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可运行指令,所述计算机可运行指令在被处理器调用和运行时,所述计算机可运行指令促使所述处理器运行上述第一方面所述的方法的步骤。In a fifth aspect, embodiments of the present disclosure provide a computer-readable storage medium that stores computer-executable instructions. When the computer-executable instructions are called and run by a processor, the computer The executable instructions cause the processor to execute the steps of the method described in the first aspect above.
本公开实施例带来了以下有益效果:The embodiments of the present disclosure bring the following beneficial effects:
本公开实施例提供了一种汽车诊断软件的加密方法,首先对汽车诊断软件的文件内容进行第一加密,得到加密后的中间文件,之后响应于汽车诊断设备针对目标汽车诊断软件的下载请求,确定与目标汽车诊断软件对应的目标中间文件,之后获取诊断接头的特征信息,并基于特征信息确定诊断接头内存储的公钥文件版本,从而基于公钥文件版本,确定与公钥文件对应的私钥文件,进而对中间文件以及私钥文件进行第二加密,得到加密后的加密文件,将加密文件发送至汽车诊断设备。本方案中,服务端首先确定各个汽车诊断软件的文件内容,对各个汽车诊断软件的文件内容进行第一加密处理,得到各自对应的中间文件,之后响应于汽车诊断设备针对目标汽车诊断软件的下载请求,确定对应的目标中间文件,再根据诊断接头的特征信息获取诊断接头内预先存储的公钥文件版本,确定与公钥文件对应的私钥文件,进而对第一重加密处理后的目标中间文件以及私钥文件进行第二重加密处理,得到最终的加密文件,将加密文件发送至汽车诊断设备,通过多重加密的方式使汽车诊断软件文件不易被破解,缓解了现有技术中汽车诊断软件中的加密文件易破解的技术问题,而且将耗时的加密过程放到了诊断软件的编译打包中,能够缩短使用时消耗的时间,提高了加密效率。Embodiments of the present disclosure provide an encryption method for automobile diagnostic software. First, the file content of the automobile diagnostic software is first encrypted to obtain an encrypted intermediate file. Then, in response to a download request from the automobile diagnostic device for the target automobile diagnostic software, Determine the target intermediate file corresponding to the target car diagnostic software, then obtain the characteristic information of the diagnostic connector, and determine the public key file version stored in the diagnostic connector based on the characteristic information, thereby determining the private key file corresponding to the public key file based on the public key file version. The key file is then encrypted for a second time on the intermediate file and the private key file to obtain the encrypted encrypted file, and the encrypted file is sent to the automobile diagnostic equipment. In this solution, the server first determines the file content of each car diagnostic software, performs the first encryption process on the file content of each car diagnostic software, and obtains the corresponding intermediate files, and then responds to the car diagnostic equipment's download of the target car diagnostic software. request, determine the corresponding target intermediate file, and then obtain the pre-stored public key file version in the diagnostic connector based on the characteristic information of the diagnostic connector, determine the private key file corresponding to the public key file, and then process the target intermediate file after the first heavy encryption. The file and private key file are subjected to a second encryption process to obtain the final encrypted file, and the encrypted file is sent to the car diagnostic device. Through multiple encryption, the car diagnostic software file is not easy to be cracked, which alleviates the problem of car diagnostic software in the existing technology. It solves the technical problem that encrypted files are easy to crack, and puts the time-consuming encryption process into the compilation and packaging of diagnostic software, which can shorten the time consumed during use and improve encryption efficiency.
附图说明Description of drawings
为了更清楚地说明本公开具体实施方式或现有技术中的技术方案,下面将对具体实施方式或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图 是本公开的一些实施方式,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly explain the specific embodiments of the present disclosure or the technical solutions in the prior art, the drawings that need to be used in the description of the specific embodiments or the prior art will be briefly introduced below. Obviously, the drawings in the following description picture These are some embodiments of the present disclosure. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without exerting creative efforts.
图1为本公开实施例提供的一种汽车诊断软件的加密方法的流程示意图;Figure 1 is a schematic flowchart of an encryption method for automobile diagnostic software provided by an embodiment of the present disclosure;
图2为本公开实施例提供的一种汽车诊断软件的加密解密流程示意图;Figure 2 is a schematic diagram of an encryption and decryption process of automobile diagnostic software provided by an embodiment of the present disclosure;
图3为本公开实施例提供的一种第一加密算法原理示意图;Figure 3 is a schematic diagram of the principle of a first encryption algorithm provided by an embodiment of the present disclosure;
图4为本公开实施例提供的一种汽车诊断软件的加密系统的结构示意图;Figure 4 is a schematic structural diagram of an encryption system for automobile diagnostic software provided by an embodiment of the present disclosure;
图5为本公开实施例提供的一种汽车诊断软件的加密装置的结构示意图;Figure 5 is a schematic structural diagram of an encryption device for automobile diagnostic software provided by an embodiment of the present disclosure;
图6为本公开实施例提供的一种电子设备的结构示意图。FIG. 6 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure.
具体实施方式Detailed ways
为使本公开实施例的目的、技术方案和优点更加清楚,下面将结合附图对本公开的技术方案进行清楚、完整地描述,显然,所描述的实施例是本公开一部分实施例,而不是全部的实施例。基于本公开中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本公开保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present disclosure clearer, the technical solutions of the present disclosure will be clearly and completely described below in conjunction with the accompanying drawings. Obviously, the described embodiments are part of the embodiments of the present disclosure, not all of them. embodiment. Based on the embodiments in this disclosure, all other embodiments obtained by those of ordinary skill in the art without creative efforts fall within the scope of protection of this disclosure.
本公开实施例中所提到的术语“包括”和“具有”以及它们的任何变形,意图在于覆盖不排他的包含。例如包含了一系列步骤或单元的过程、方法、系统、产品或设备没有限定于已列出的步骤或单元,而是可选地还包括其他没有列出的步骤或单元,或可选地还包括对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "including" and "having" and any variations thereof mentioned in the embodiments of the present disclosure are intended to cover non-exclusive inclusion. For example, a process, method, system, product or device that includes a series of steps or units is not limited to the listed steps or units, but optionally also includes other unlisted steps or units, or optionally also Includes other steps or units that are inherent to such processes, methods, products, or devices.
当存款、购物和通信时,数据安全显得越发重要。而这种安全的核心便是加密。随着生活越来越多地依赖于互联网,人们更应该不断提高数据安全意识,并为此付诸行动,保护数字化世界不再继续遭受各种网络犯罪的攻击和破坏。Data security is increasingly important when depositing money, shopping and communicating. The core of this security is encryption. As life increasingly relies on the Internet, people should continue to raise their awareness of data security and take action to protect the digital world from being attacked and destroyed by various cyber crimes.
基于此,本公开实施例提供了一种汽车诊断软件的加密方法,通过该方法可以缓解现有技术中汽车诊断软件中的加密文件易破解的技术问题。Based on this, embodiments of the present disclosure provide an encryption method for automobile diagnostic software. This method can alleviate the technical problem in the prior art that encrypted files in automobile diagnostic software are easy to crack.
下面结合附图对本公开实施例进行进一步的介绍。The embodiments of the present disclosure will be further introduced below with reference to the accompanying drawings.
图1为本公开实施例提供的一种汽车诊断软件的加密方法的流程示意图,其中,该方法可以应用于服务端,服务端与汽车诊断设备连接,汽车诊断设备与诊断接头连接,诊断接头内存储有公钥文件。如图1所示,该方法包括:Figure 1 is a schematic flow chart of an encryption method for automobile diagnostic software provided by an embodiment of the present disclosure. The method can be applied to a server. The server is connected to the automobile diagnostic equipment. The automobile diagnostic equipment is connected to the diagnostic connector. In the diagnostic connector, The public key file is stored. As shown in Figure 1, the method includes:
步骤S110,对汽车诊断软件的文件内容进行第一加密,得到加密后的中间文件。Step S110: Perform a first encryption on the file content of the automobile diagnostic software to obtain an encrypted intermediate file.
示例性的,如图2所示,软件开发工程师开发好一个汽车诊断软件后,该汽车诊断软件可以在服务端中经历打包编译、测试以及上线供用户下载使用的过程。本公开实施例中将第一加密过程放在打包编译阶段。服务端在软件打包编译时完成对于各个汽车诊断软件的文件内容进行第一加密,得到各自对应的加密后的中间文件,将中间文件存储于服务端以供用户进行下载。 For example, as shown in Figure 2, after a software development engineer develops a car diagnostic software, the car diagnostic software can go through the process of packaging, compilation, testing, and online for users to download and use on the server. In the embodiment of the present disclosure, the first encryption process is placed in the packaging and compilation stage. When the software is packaged and compiled, the server completes the first encryption of the file contents of each car diagnostic software, obtains the corresponding encrypted intermediate files, and stores the intermediate files on the server for users to download.
步骤S120,响应于汽车诊断设备针对目标汽车诊断软件的下载请求,确定与目标汽车诊断软件对应的目标中间文件。Step S120: In response to a download request from the automobile diagnostic device for the target automobile diagnostic software, determine the target intermediate file corresponding to the target automobile diagnostic software.
示例性的,如图2所示,汽车维修人员操作汽车诊断设备对待诊断汽车进行诊断分析,当汽车诊断设备需要下载某一目标汽车诊断软件,以通过该软件对待诊断车辆进行诊断时,维修人员可以点击汽车诊断设备的下载按钮,控制汽车诊断设备向服务端发送下载请求,服务端可以响应针对目标汽车诊断软件的下载请求,确定目标汽车诊断软件对应的目标中间文件。For example, as shown in Figure 2, car maintenance personnel operate car diagnostic equipment to perform diagnostic analysis on the car to be diagnosed. When the car diagnostic equipment needs to download a certain target car diagnostic software to diagnose the vehicle to be diagnosed through the software, the maintenance personnel You can click the download button of the automobile diagnostic equipment to control the automobile diagnostic equipment to send a download request to the server. The server can respond to the download request for the target automobile diagnostic software and determine the target intermediate file corresponding to the target automobile diagnostic software.
步骤S130,获取诊断接头的特征信息,并基于特征信息确定诊断接头内存储的公钥文件版本。Step S130: Obtain the characteristic information of the diagnostic connector, and determine the public key file version stored in the diagnostic connector based on the characteristic information.
示例性的,如图2所示,每个诊断接头在生产时都预先存储有公钥文件,服务端可以通过获取诊断接头的特征信息,例如获取诊断接头唯一的序列号,从而识别该诊断接头对应的公钥文件版本。For example, as shown in Figure 2, each diagnostic connector has a public key file pre-stored during production. The server can identify the diagnostic connector by obtaining the characteristic information of the diagnostic connector, such as obtaining the unique serial number of the diagnostic connector. The corresponding public key file version.
步骤S140,基于公钥文件版本,确定与公钥文件对应的私钥文件。Step S140: Based on the public key file version, determine the private key file corresponding to the public key file.
示例性的,如图2所示,服务端的公钥与私钥为一对密钥,服务端将公钥保存在诊断接头中,私钥仍存储在服务端中。服务端可以基于诊断接头中所储存的公钥文件版本,确定与其对应的私钥文件。For example, as shown in Figure 2, the public key and private key of the server are a pair of keys. The server saves the public key in the diagnostic connector, and the private key is still stored in the server. The server can determine the corresponding private key file based on the public key file version stored in the diagnostic connector.
步骤S150,对目标中间文件以及私钥文件进行第二加密,得到加密后的加密文件。Step S150: Perform a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file.
示例性的,如图2所示,服务端可以将目标诊断软件对应的目标中间文件与私钥文件放在一起进行第二加密处理,得到加密后的特定的加密文件(license文件以及加密规则文件等)。For example, as shown in Figure 2, the server can put the target intermediate file corresponding to the target diagnostic software and the private key file together for the second encryption process to obtain an encrypted specific encrypted file (license file and encryption rule file). wait).
步骤S160,将加密文件发送至汽车诊断设备。Step S160: Send the encrypted file to the automobile diagnostic device.
示例性的,服务端在生成特定的加密文件后,将该文件发送至请求下载的汽车诊断设备,以供维修人员利用汽车诊断设备通过该软件对待诊断车辆进行诊断。For example, after the server generates a specific encrypted file, it sends the file to the automobile diagnostic device that requested the download, so that the maintenance personnel can use the automobile diagnostic device to diagnose the vehicle to be diagnosed through the software.
在现有技术中,通常为客户端接收服务器发送的加密信息,之后根据加密信息获取通过第一算法加密的汽车诊断软件数据和通过第二算法加密的第一解密密钥,之后根据预设的第二算法解密公钥对通过第二算法加密的第一解密密匙解密以得到第一算法解密密钥,通过第一算法解密密匙对通过第一算法加密的汽车诊断软件数据解密以获得汽车诊断软件。其方案为分别单独对汽车诊断软件数据和第一解密密钥进行加密,从而实现对于数据的加密。In the existing technology, the client usually receives the encrypted information sent by the server, and then obtains the car diagnostic software data encrypted by the first algorithm and the first decryption key encrypted by the second algorithm according to the encrypted information, and then obtains the car diagnostic software data encrypted by the second algorithm according to the preset The second algorithm decryption public key decrypts the first decryption key encrypted by the second algorithm to obtain the first algorithm decryption key, and the first algorithm decryption key decrypts the car diagnostic software data encrypted by the first algorithm to obtain the car Diagnostic software. The solution is to separately encrypt the vehicle diagnostic software data and the first decryption key, thereby realizing encryption of the data.
而本公开实施例中,服务端首先在汽车诊断软件上线供下载之前先进行一次加密,将耗时的加密过程放到了诊断软件的编译打包中,首先确定各个汽车诊断软件的文件内容,对各个汽车诊断软件的文件内容进行第一加密处理,得到各自对应的中间文件,之后响应 于汽车诊断设备针对目标汽车诊断软件的下载请求,确定对应的目标中间文件,再根据诊断接头的特征信息获取诊断接头内预先存储的公钥文件版本,确定与公钥文件对应的私钥文件,进而对第一重加密处理后的目标中间文件以及私钥文件一起进行第二重加密处理,得到最终的加密文件,将加密文件发送至汽车诊断设备,通过多重加密的方式使汽车诊断软件文件不易被破解,缓解了现有技术中汽车诊断软件中的加密文件易破解的技术问题,而且将耗时的加密过程放到了诊断软件的编译打包中,能够缩短使用时消耗的时间,提高了加密效率。In this disclosed embodiment, the server first performs encryption before the car diagnostic software is put online for download, and puts the time-consuming encryption process into the compilation and packaging of the diagnostic software. It first determines the file content of each car diagnostic software, and then The file content of the car diagnostic software is first encrypted to obtain the corresponding intermediate files, and then the response is Based on the download request of the target automobile diagnostic software from the automobile diagnostic equipment, the corresponding target intermediate file is determined, and then the pre-stored public key file version in the diagnostic connector is obtained according to the characteristic information of the diagnostic connector, and the private key file corresponding to the public key file is determined. Then, the target intermediate file and the private key file after the first encryption are processed together with the second encryption to obtain the final encrypted file, and the encrypted file is sent to the car diagnostic equipment. Through multiple encryption, the car diagnostic software file is not easily be cracked, which alleviates the technical problem that encrypted files in automobile diagnostic software are easy to crack in the existing technology, and puts the time-consuming encryption process into the compilation and packaging of diagnostic software, which can shorten the time consumed during use and improve encryption efficiency. .
下面对上述步骤进行详细介绍。The above steps are described in detail below.
在一些实施例中,可以通过多种方式较为灵活的实现对于汽车诊断软件文件内容的第一加密,例如,可以对文件进行打乱重组,从而使得诊断软件对应的中间文件为无序随机的状态,更好的实现加密效果。作为一个示例,上述步骤S110具体可以包括如下步骤:In some embodiments, the first encryption of the car diagnostic software file content can be flexibly implemented in a variety of ways. For example, the files can be shuffled and reorganized, so that the intermediate files corresponding to the diagnostic software are in an unordered and random state. , better achieve encryption effect. As an example, the above step S110 may specifically include the following steps:
步骤a),利用雪花算法从文件内容中随机挑选出多个待加密文件。Step a), use the snowflake algorithm to randomly select multiple files to be encrypted from the file content.
步骤b),对多个待加密文件的文件顺序进行随机排列,得到加密后的汽车诊断软件的中间文件。Step b): Randomly arrange the file order of multiple files to be encrypted to obtain an encrypted intermediate file of the automobile diagnostic software.
示例性的,对于每个开发完成的汽车诊断软件,服务端可以首先获取诊断软件中所有文件的格式类型,之后基于雪花算法从所有文件的格式类型中随机挑选任意个文件,将挑选出来的文件作为待加密文件,生成对应的加密文件列表,将加密文件列表作为数据文件数组,其中,待加密文件的数据均为2进制格式。之后获取加密文件的总数n,基于总数n,遍历所有加密文件,对所有待加密文件的文件顺序进行随机排列,得到加密后的中间文件。其中,遍历所有加密文件的方法如图3所示,可以使用for循环语句,从i=0开始遍历;根据i的值与n的值生成随机下标序号j,下标序号j的格式可以为:int j=rand.Next(i,n),其中,i,n分别表示文件数组中加密文件的两个下标序号;对文件数组中加密文件按照下标序号j进行交换;交换完成后,i自动加1,并返回继续循环,其中,i的数值<总数n;循环结束后,得到打乱的文件数组,即排序后中间文件(无序随机的状态)。在此之后还可以将中间文件的2进制转换为16进制进行存储,存储的格式可以为.MD5。For example, for each developed car diagnostic software, the server can first obtain the format types of all files in the diagnostic software, and then randomly select any file from the format types of all files based on the snowflake algorithm, and then convert the selected files into As the files to be encrypted, a corresponding encrypted file list is generated, and the encrypted file list is used as a data file array, where the data of the files to be encrypted are all in binary format. Then obtain the total number of encrypted files n, based on the total number n, traverse all encrypted files, randomly arrange the file order of all files to be encrypted, and obtain the encrypted intermediate files. Among them, the method of traversing all encrypted files is shown in Figure 3. You can use a for loop statement to start traversing from i=0; generate a random subscript serial number j according to the value of i and n, and the format of the subscript serial number j can be : int j=rand.Next(i, n), where i and n respectively represent the two subscript serial numbers of the encrypted files in the file array; the encrypted files in the file array are exchanged according to the subscript serial number j; after the exchange is completed, i automatically adds 1, and returns to continue the loop, where the value of i < the total number n; after the loop ends, a scrambled file array is obtained, that is, the sorted intermediate file (disordered and random state). After that, you can also convert the binary of the intermediate file into hexadecimal for storage, and the storage format can be .MD5.
通过对诊断软件中的文件进行打乱重组,能够使得诊断软件的中间文件为无序随机的状态,从而可以增加被破解的难度,最后将中间文件内的2进制数据转换为16进制数据进行下载,能够进一步对中间文件的数据进行保护,尽可能保证了文件的安全性。By shuffling and reorganizing the files in the diagnostic software, the intermediate files of the diagnostic software can be made into an unordered and random state, which can increase the difficulty of being cracked. Finally, the binary data in the intermediate files can be converted into hexadecimal data. Downloading can further protect the data of the intermediate file and ensure the security of the file as much as possible.
在一些实施例中,诊断接头的特征信息可以包括多种,从而使服务端可以通过多种方式对诊断接头进行验证,更加精准的确定公钥以及私钥信息。作为一个示例,诊断接头的特征信息包括下述任意一项或多项:In some embodiments, the characteristic information of the diagnostic connector may include multiple types, so that the server can verify the diagnostic connector in multiple ways and determine the public key and private key information more accurately. As an example, the characteristic information of the diagnostic connector includes any one or more of the following:
诊断接头的序列号、诊断接头的生产时间戳。 The serial number of the diagnostic connector, and the production timestamp of the diagnostic connector.
示例性的,服务端可以根据诊断接头的序列号和生产时的时间戳作为查询条件,确定与诊断接头对应的公钥,进而确定对应的私钥。For example, the server can determine the public key corresponding to the diagnostic connector and then determine the corresponding private key based on the serial number of the diagnostic connector and the timestamp at the time of production as query conditions.
在一些实施例中,可以通过多种方式较为灵活的实现对于诊断软件文件内容的第二加密,例如,通过RSA加密算法对目标中间文件以及私钥文件进行第二加密,从而使得最终得到的加密文件保密性更强,更不易被破解。作为一个示例,上述步骤S150具体可以包括如下步骤:In some embodiments, the second encryption of the content of the diagnostic software file can be flexibly implemented in a variety of ways. For example, the target intermediate file and the private key file are secondly encrypted using the RSA encryption algorithm, so that the final encryption Files are more confidential and less likely to be cracked. As an example, the above step S150 may specifically include the following steps:
步骤c),通过RSA加密算法对目标中间文件以及私钥文件进行第二加密,得到加密后的加密文件。Step c): Perform a second encryption on the target intermediate file and the private key file using the RSA encryption algorithm to obtain an encrypted encrypted file.
示例性的,服务端可以通过RSA加密算法对目标中间文件以及私钥文件进行第二加密处理,得到license文件以及加密规则文件(加密文件)。For example, the server can perform a second encryption process on the target intermediate file and the private key file using the RSA encryption algorithm to obtain the license file and encryption rule file (encrypted file).
需要说明的是,该加密文件与汽车诊断设备和/或诊断接头的设备序列号相对应,因此只有对应的设备接头才可以进行解密。It should be noted that the encrypted file corresponds to the device serial number of the automotive diagnostic device and/or diagnostic connector, so only the corresponding device connector can be decrypted.
通过RSA加密算法对目标中间文件以及私钥文件进行第二加密,得到加密后的加密文件,实现对于诊断软件文件内容的第二加密,使软件文件更不易被破解,提高了安全性。The target intermediate file and the private key file are secondly encrypted using the RSA encryption algorithm to obtain the encrypted encrypted file, thereby realizing the second encryption of the content of the diagnostic software file, making the software file more difficult to crack and improving security.
在一些实施例中,可以对汽车诊断软件中多种格式的文件内容均进行加密,从而使得应用场景更为广泛,提高对于汽车诊断软件的加密效果。作为一个示例,文件内容的格式类型包括下述任意一项或多项:In some embodiments, the file contents of multiple formats in the automobile diagnostic software can be encrypted, thereby making the application scenarios more extensive and improving the encryption effect of the automobile diagnostic software. As an example, the format type of the file content includes any one or more of the following:
SO格式、BIN格式、TXT格式、GGP格式、PNG格式、INI格式。SO format, BIN format, TXT format, GGP format, PNG format, INI format.
通过使文件内容的格式类型包括多种,可以对汽车诊断软件中多种格式的文件内容均进行加密,从而使得应用场景更为广泛,提高对于汽车诊断软件的加密效果。By including multiple format types of file content, the file content of multiple formats in the automotive diagnostic software can be encrypted, thereby making the application scenarios more extensive and improving the encryption effect of the automotive diagnostic software.
在一些实施例中,可以通过诊断接头中的公钥对加密文件进行解密,只有解密成功才可以运行汽车诊断软件,保证了数据的安全性。作为一个示例,诊断接头与待诊断汽车连接,诊断接头用于向汽车诊断设备发送待诊断汽车的车载数据;在上述步骤S160之后,该方法还可以包括如下步骤:In some embodiments, the encrypted file can be decrypted using the public key in the diagnostic connector, and only when the decryption is successful can the vehicle diagnostic software be run, ensuring data security. As an example, the diagnostic connector is connected to the car to be diagnosed, and the diagnostic connector is used to send vehicle-mounted data of the car to be diagnosed to the car diagnostic device; after the above step S160, the method may also include the following steps:
步骤d),诊断接头通过公钥文件对加密文件进行解密;Step d), the diagnostic connector decrypts the encrypted file through the public key file;
步骤e),如果解密成功,则汽车诊断设备利用目标汽车诊断软件基于车载数据对待诊断汽车进行诊断。Step e), if the decryption is successful, the car diagnostic equipment uses the target car diagnostic software to diagnose the car to be diagnosed based on the vehicle data.
示例性的,如图2所示,诊断接头可以基于RSA算法,根据内置的公钥对license文件进行解密,如果解密成功,则汽车诊断设备运行诊断软件,基于诊断接头传输的车载数据开始诊断;如果解密不成功,则诊断软件拒绝诊断,并退出。For example, as shown in Figure 2, the diagnostic connector can decrypt the license file based on the RSA algorithm and the built-in public key. If the decryption is successful, the car diagnostic equipment runs the diagnostic software and starts diagnosis based on the vehicle data transmitted by the diagnostic connector; If decryption is unsuccessful, the diagnostic software rejects the diagnosis and exits.
在进行汽车诊断时,诊断接头每次都需要使用预先存储的公钥去对license文件进行解密,license文件中的任何一个的修改都将导致诊断软件解密失败,这样能够进一步保护诊 断软件中文件的安全,避免软件被破解,保证了数据安全。When performing car diagnosis, the diagnostic connector needs to use the pre-stored public key to decrypt the license file every time. Any modification in the license file will cause the diagnostic software to fail to decrypt, which can further protect the diagnosis. The security of the files in the software is broken, preventing the software from being cracked and ensuring data security.
图4为本公开实施例提供的一种汽车诊断软件的加密系统的结构示意图。如图4所示,该系统包括服务端、汽车诊断设备以及诊断接头。FIG. 4 is a schematic structural diagram of an encryption system for automobile diagnostic software provided by an embodiment of the present disclosure. As shown in Figure 4, the system includes a server, automotive diagnostic equipment and diagnostic connectors.
汽车诊断设备与服务端可以通过无线网络连接,汽车诊断设备与诊断接头可以通过无线或有线的方式连接。The automobile diagnostic equipment and the server can be connected through a wireless network, and the automobile diagnostic equipment and the diagnostic connector can be connected through a wireless or wired method.
服务端用于对汽车诊断软件中的文件内容进行加密,首先在打包编译阶段对诊断软件中的文件内容进行第一加密处理,得到对应的中间文件,之后在汽车诊断设备请求下载阶段进行第二加密处理,得到最终的加密文件,并将加密后的加密文件发送至汽车诊断设备。The server is used to encrypt the file contents in the automotive diagnostic software. First, the file contents in the diagnostic software are encrypted in the packaging and compilation stage to obtain the corresponding intermediate file. Then, the second stage is performed in the automotive diagnostic equipment request download stage. Encryption processing is performed to obtain the final encrypted file, and the encrypted file is sent to the automotive diagnostic equipment.
诊断接头插在待诊断汽车上,用于向汽车诊断设备发送待诊断汽车的车载数据。诊断接头内存储有公钥文件,每个诊断接头进行生产时,都要从加密服务端中获取公钥,加密服务端的公钥与私钥为一对密钥,将公钥保存在诊断接头中,私钥仍存储在加密服务端中。The diagnostic connector is plugged into the car to be diagnosed and used to send on-board data of the car to be diagnosed to the car diagnostic equipment. A public key file is stored in the diagnostic connector. When each diagnostic connector is produced, the public key must be obtained from the encryption server. The public key and private key of the encryption server are a pair of keys. The public key is stored in the diagnostic connector. , the private key is still stored in the encryption server.
汽车诊断设备用于从服务端下载加密文件,并利用诊断接头中存储的公钥文件将加密文件解密为汽车诊断软件并运行汽车诊断软件,从而使汽车诊断软件根据车载数据对待诊断汽车进行诊断。The car diagnostic equipment is used to download the encrypted file from the server, and use the public key file stored in the diagnostic connector to decrypt the encrypted file into car diagnostic software and run the car diagnostic software, so that the car diagnostic software can diagnose the car to be diagnosed based on the on-board data.
图5为本公开实施例提供的一种汽车诊断软件的加密装置的结构示意图。如图5所示,汽车诊断软件的加密装置500包括:FIG. 5 is a schematic structural diagram of an encryption device for automobile diagnostic software provided by an embodiment of the present disclosure. As shown in Figure 5, the encryption device 500 of automobile diagnostic software includes:
第一加密模块501,用于对汽车诊断软件的文件内容进行第一加密,得到加密后的中间文件。The first encryption module 501 is used to first encrypt the file content of the automobile diagnostic software to obtain an encrypted intermediate file.
第一确定模块502,用于对文件内容进行第一加密,得到加密后的目标汽车诊断软件的中间文件。The first determination module 502 is used to perform a first encryption on the file content to obtain an encrypted intermediate file of the target automobile diagnostic software.
获取模块503,用于响应于汽车诊断设备针对目标汽车诊断软件的下载请求,确定与目标汽车诊断软件对应的目标中间文件。The acquisition module 503 is configured to determine the target intermediate file corresponding to the target automobile diagnostic software in response to the automobile diagnostic device's download request for the target automobile diagnostic software.
第二确定模块504,用于基于公钥文件版本,确定与公钥文件对应的私钥文件。The second determination module 504 is used to determine the private key file corresponding to the public key file based on the public key file version.
第二加密模块505,用于对目标中间文件以及私钥文件进行第二加密,得到加密后的加密文件。The second encryption module 505 is used to perform a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file.
发送模块506,用于将加密文件发送至汽车诊断设备。The sending module 506 is used to send the encrypted file to the automobile diagnostic device.
在一些实施例中,第一加密模块501具体用于:In some embodiments, the first encryption module 501 is specifically used to:
利用雪花算法从文件内容中随机挑选出多个待加密文件;Use the snowflake algorithm to randomly select multiple files to be encrypted from the file content;
对多个待加密文件的文件顺序进行随机排列,得到加密后的汽车诊断软件的中间文件。Randomly arrange the file order of multiple files to be encrypted to obtain the encrypted intermediate file of the automobile diagnostic software.
在一些实施例中,诊断接头的特征信息包括下述任意一项或多项:In some embodiments, the characteristic information of the diagnostic connector includes any one or more of the following:
诊断接头的序列号、诊断接头的生产时间戳。The serial number of the diagnostic connector, and the production timestamp of the diagnostic connector.
在一些实施例中,第二加密模块505具体用于: In some embodiments, the second encryption module 505 is specifically used to:
通过RSA加密算法对目标中间文件以及私钥文件进行第二加密,得到加密后的加密文件。The target intermediate file and the private key file are secondly encrypted using the RSA encryption algorithm to obtain the encrypted encrypted file.
在一些实施例中,文件内容的格式类型包括下述任意一项或多项:In some embodiments, the format type of the file content includes any one or more of the following:
SO格式、BIN格式、TXT格式、GGP格式、PNG格式、INI格式。SO format, BIN format, TXT format, GGP format, PNG format, INI format.
在一些实施例中,诊断接头与待诊断汽车连接,诊断接头用于向汽车诊断设备发送待诊断汽车的车载数据;该装置还包括:In some embodiments, the diagnostic connector is connected to the car to be diagnosed, and the diagnostic connector is used to send on-board data of the car to be diagnosed to the car diagnostic equipment; the device further includes:
解密模块,用于将加密文件发送至汽车诊断设备之后,诊断接头通过公钥文件对加密文件进行解密;The decryption module is used to send the encrypted file to the automotive diagnostic device, and the diagnostic connector decrypts the encrypted file through the public key file;
如果解密成功,则汽车诊断设备利用目标汽车诊断软件基于车载数据对待诊断汽车进行诊断。If the decryption is successful, the car diagnostic equipment uses the target car diagnostic software to diagnose the car to be diagnosed based on the on-board data.
本公开实施例所提供的装置,其实现原理及产生的技术效果和前述方法实施例相同,为简要描述,系统实施例部分未提及之处,可参考前述方法实施例中相应内容。The implementation principles and technical effects of the device provided by the embodiments of the present disclosure are the same as those of the foregoing method embodiments. This is a brief description. For matters not mentioned in the system embodiments, please refer to the corresponding content in the foregoing method embodiments.
本公开实施例提供了一种电子设备,具体的,该电子设备包括处理器和存储装置;存储装置上存储有计算机程序,计算机程序在被处理器运行时执行如上实施方式的任一项的方法。An embodiment of the present disclosure provides an electronic device. Specifically, the electronic device includes a processor and a storage device; a computer program is stored on the storage device, and the computer program executes any of the methods of the above embodiments when run by the processor. .
图6为本公开实施例提供的一种电子设备的结构示意图,该电子设备包括:处理器601,存储器602,总线603和通信接口604,处理器601、通信接口604和存储器602通过总线603连接;处理器601用于执行存储器602中存储的可执行模块,例如计算机程序。Figure 6 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure. The electronic device includes: a processor 601, a memory 602, a bus 603 and a communication interface 604. The processor 601, the communication interface 604 and the memory 602 are connected through the bus 603. ; The processor 601 is used to execute executable modules stored in the memory 602, such as computer programs.
其中,存储器602可能包含高速随机存取存储器(RAM,Random Access Memory),也可能还包括非不稳定的存储器(Non-volatile Memory),例如至少一个磁盘存储器。通过至少一个通信接口604(可以是有线或者无线)实现该系统网元与至少一个其他网元之间的通信连接,可以使用互联网,广域网,本地网,城域网等。Among them, the memory 602 may include high-speed random access memory (RAM, Random Access Memory), and may also include non-volatile memory (Non-volatile Memory), such as at least one disk memory. The communication connection between the system network element and at least one other network element is realized through at least one communication interface 604 (which can be wired or wireless), and the Internet, wide area network, local network, metropolitan area network, etc. can be used.
总线603可以是ISA总线、PCI总线或EISA总线等。总线可以分为地址总线、数据总线、控制总线等。为便于表示,图6中仅用一个双向箭头表示,但并不表示仅有一根总线或一种类型的总线。The bus 603 may be an ISA bus, a PCI bus, an EISA bus, etc. The bus can be divided into address bus, data bus, control bus, etc. For ease of presentation, only one bidirectional arrow is used in Figure 6, but it does not mean that there is only one bus or one type of bus.
其中,存储器602用于存储程序,处理器601在接收到执行指令后,执行程序,前述本公开实施例任一实施例揭示的流过程定义的装置所执行的方法可以应用于处理器601中,或者由处理器601实现。The memory 602 is used to store the program, and the processor 601 executes the program after receiving the execution instruction. The method executed by the device for stream process definition disclosed in any of the embodiments of the present disclosure can be applied to the processor 601, Or implemented by processor 601.
处理器601可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述方法的各步骤可以通过处理器601中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器601可以是通用处理器,包括中央处理器(Central Processing Unit,简称CPU)、网络处理器(Network Processor,简称NP)等;还可以是数字信号处理器(Digital Signal Processing, 简称DSP)、专用集成电路(Application Specific Integrated Circuit,简称ASIC)、现成可编程门阵列(Field-Programmable Gate Array,简称FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。可以实现或者执行本公开实施例中的公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。结合本公开实施例所公开的方法的步骤可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器602,处理器601读取存储器602中的信息,结合其硬件完成上述方法的步骤。The processor 601 may be an integrated circuit chip with signal processing capabilities. During the implementation process, each step of the above method can be completed by instructions in the form of hardware integrated logic circuits or software in the processor 601 . The above-mentioned processor 601 can be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; it can also be a digital signal processor (Digital Signal Processing, DSP for short), Application Specific Integrated Circuit (ASIC for short), Field-Programmable Gate Array (FPGA for short) or other programmable logic devices, discrete gate or transistor logic devices, and discrete hardware components. Each disclosed method, step and logical block diagram in the embodiment of the present disclosure can be implemented or executed. A general-purpose processor may be a microprocessor or the processor may be any conventional processor, etc. The steps of the method disclosed in conjunction with the embodiments of the present disclosure can be directly implemented by a hardware decoding processor, or executed by a combination of hardware and software modules in the decoding processor. The software module can be located in random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers and other mature storage media in this field. The storage medium is located in the memory 602. The processor 601 reads the information in the memory 602 and completes the steps of the above method in combination with its hardware.
本公开实施例所提供的可读存储介质的计算机程序产品,包括存储了程序代码的计算机可读存储介质,程序代码包括的指令可用于执行前面方法实施例中的方法,具体实现可参见前述方法实施例,在此不再赘述。The computer program product of the readable storage medium provided by the embodiment of the present disclosure includes a computer-readable storage medium storing program code. The instructions included in the program code can be used to execute the method in the previous method embodiment. For specific implementation, please refer to the aforementioned method. The embodiments will not be described again here.
功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本公开的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本公开各个实施例方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。Functions may be stored in a computer-readable storage medium when implemented in the form of software functional units and sold or used as independent products. Based on this understanding, the technical solution of the present disclosure is essentially or contributes to the existing technology or the part of the technical solution can be embodied in the form of a software product. The computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods of various embodiments of the present disclosure. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program code. .
最后应说明的是:以上实施例,仅为本公开的具体实施方式,用以说明本公开的技术方案,而非对其限制,本公开的保护范围并不局限于此,尽管参照前述实施例对本公开进行了详细的说明,本领域的普通技术人员应当理解:任何熟悉本技术领域的技术人员在本公开揭露的技术范围内,其依然可以对前述实施例所记载的技术方案进行修改或可轻易想到变化,或者对其中部分技术特征进行等同替换;而这些修改、变化或者替换,并不使相应技术方案的本质脱离本公开实施例技术方案的精神和范围,都应涵盖在本公开的保护范围之内。因此,本公开的保护范围应以权利要求的保护范围为准。 Finally, it should be noted that the above embodiments are only specific implementations of the present disclosure, and are used to illustrate the technical solutions of the present disclosure, but not to limit them. The protection scope of the present disclosure is not limited thereto. Although referring to the foregoing embodiments The present disclosure has been described in detail. Those of ordinary skill in the art should understand that any person familiar with the technical field can still modify or modify the technical solutions recorded in the foregoing embodiments within the technical scope disclosed in the present disclosure. It is easy to think of changes, or equivalent substitutions of some of the technical features; and these modifications, changes or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present disclosure, and shall be covered by the protection of the present disclosure. within the range. Therefore, the protection scope of the present disclosure should be subject to the protection scope of the claims.

Claims (10)

  1. 一种汽车诊断软件的加密方法,其特征在于,应用于服务端,所述服务端与汽车诊断设备连接,所述汽车诊断设备与诊断接头连接,所述诊断接头内存储有公钥文件;所述方法包括:An encryption method for automobile diagnostic software, characterized in that it is applied to a server, the server is connected to an automobile diagnostic equipment, the automobile diagnostic equipment is connected to a diagnostic connector, and a public key file is stored in the diagnostic connector; The methods include:
    对所述汽车诊断软件的文件内容进行第一加密,得到加密后的中间文件;First encrypt the file content of the automobile diagnostic software to obtain an encrypted intermediate file;
    响应于所述汽车诊断设备针对目标汽车诊断软件的下载请求,确定与所述目标汽车诊断软件对应的目标中间文件;In response to a download request from the automobile diagnostic device for the target automobile diagnostic software, determine a target intermediate file corresponding to the target automobile diagnostic software;
    获取所述诊断接头的特征信息,并基于所述特征信息确定所述诊断接头内存储的公钥文件版本;Obtain the characteristic information of the diagnostic connector, and determine the public key file version stored in the diagnostic connector based on the characteristic information;
    基于所述公钥文件版本,确定与所述公钥文件对应的私钥文件;Based on the public key file version, determine the private key file corresponding to the public key file;
    对所述目标中间文件以及所述私钥文件进行第二加密,得到加密后的加密文件;Perform a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file;
    将所述加密文件发送至所述汽车诊断设备。Send the encrypted file to the automotive diagnostic device.
  2. 根据权利要求1所述的方法,其特征在于,所述对所述汽车诊断软件的文件内容进行第一加密,得到加密后的中间文件,包括:The method according to claim 1, characterized in that the file content of the automobile diagnostic software is first encrypted to obtain an encrypted intermediate file, including:
    利用雪花算法从所述文件内容中随机挑选出多个待加密文件;Use the snowflake algorithm to randomly select multiple files to be encrypted from the file contents;
    对所述多个待加密文件的文件顺序进行随机排列,得到加密后的所述汽车诊断软件的中间文件。The file order of the plurality of files to be encrypted is randomly arranged to obtain the encrypted intermediate file of the automobile diagnostic software.
  3. 根据权利要求1所述的方法,其特征在于,所述诊断接头的特征信息包括下述任意一项或多项:The method according to claim 1, characterized in that the characteristic information of the diagnostic connector includes any one or more of the following:
    所述诊断接头的序列号、所述诊断接头的生产时间戳。The serial number of the diagnostic connector and the production time stamp of the diagnostic connector.
  4. 根据权利要求1所述的方法,其特征在于,所述对所述目标中间文件以及所述私钥文件进行第二加密,得到加密后的加密文件,包括:The method according to claim 1, characterized in that said performing a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file includes:
    通过RSA加密算法对所述目标中间文件以及所述私钥文件进行第二加密,得到加密后的加密文件。The target intermediate file and the private key file are secondly encrypted using the RSA encryption algorithm to obtain an encrypted encrypted file.
  5. 根据权利要求1所述的方法,其特征在于,所述文件内容的格式类型包括下述任意一项或多项:The method according to claim 1, characterized in that the format type of the file content includes any one or more of the following:
    SO格式、BIN格式、TXT格式、GGP格式、PNG格式、INI格式。SO format, BIN format, TXT format, GGP format, PNG format, INI format.
  6. 根据权利要求1所述的方法,其特征在于,所述诊断接头与待诊断汽车连接,所述诊断接头用于向所述汽车诊断设备发送所述待诊断汽车的车载数据;在所述将所述加密文件发送至所述汽车诊断设备之后,还包括:The method according to claim 1, characterized in that the diagnostic connector is connected to the car to be diagnosed, and the diagnostic connector is used to send the on-board data of the car to be diagnosed to the car diagnostic device; After the encrypted file is sent to the automotive diagnostic device, it also includes:
    所述诊断接头通过所述公钥文件对所述加密文件进行解密; The diagnostic connector decrypts the encrypted file through the public key file;
    如果解密成功,则所述汽车诊断设备利用所述目标汽车诊断软件基于所述车载数据对所述待诊断汽车进行诊断。If the decryption is successful, the vehicle diagnostic device uses the target vehicle diagnostic software to diagnose the vehicle to be diagnosed based on the vehicle data.
  7. 一种汽车诊断软件的加密系统,其特征在于,所述系统包括:An encryption system for automobile diagnostic software, characterized in that the system includes:
    服务端、汽车诊断设备以及诊断接头,所述汽车诊断设备分别与所述服务端以及所述诊断接头连接;A server, an automobile diagnostic equipment and a diagnostic connector, the automobile diagnostic equipment is connected to the server and the diagnostic connector respectively;
    所述服务端用于对所述汽车诊断软件中的文件内容进行加密,并将加密后的加密文件发送至所述汽车诊断设备;The server is used to encrypt the file content in the automobile diagnostic software and send the encrypted encrypted file to the automobile diagnostic device;
    所述诊断接头与待诊断汽车连接,用于向所述汽车诊断设备发送所述待诊断汽车的车载数据;The diagnostic connector is connected to the car to be diagnosed and is used to send the on-board data of the car to be diagnosed to the car diagnostic device;
    所述诊断接头内存储有公钥文件;A public key file is stored in the diagnostic connector;
    所述汽车诊断设备用于从所述服务端下载所述加密文件,并利用所述诊断接头中存储的所述公钥文件将所述加密文件解密为所述汽车诊断软件;The automobile diagnostic equipment is used to download the encrypted file from the server, and use the public key file stored in the diagnostic connector to decrypt the encrypted file into the automobile diagnostic software;
    所述汽车诊断设备还用于运行所述汽车诊断软件。The automobile diagnostic equipment is also used to run the automobile diagnostic software.
  8. 一种汽车诊断软件的加密装置,其特征在于,应用于服务端,所述服务端与汽车诊断设备连接,所述汽车诊断设备与诊断接头连接,所述诊断接头内存储有公钥文件;所述装置包括:An encryption device for automobile diagnostic software, characterized in that it is applied to a server, the server is connected to an automobile diagnostic equipment, the automobile diagnostic equipment is connected to a diagnostic connector, and a public key file is stored in the diagnostic connector; The devices include:
    第一加密模块,用于对所述汽车诊断软件的文件内容进行第一加密,得到加密后的中间文件;The first encryption module is used to first encrypt the file content of the automobile diagnostic software to obtain an encrypted intermediate file;
    第一确定模块,用于响应于所述汽车诊断设备针对目标汽车诊断软件的下载请求,确定与所述目标汽车诊断软件对应的目标中间文件;A first determination module configured to determine a target intermediate file corresponding to the target automobile diagnostic software in response to the automobile diagnostic device's download request for the target automobile diagnostic software;
    获取模块,用于获取所述诊断接头的特征标识,并基于所述特征标识确定所述诊断接头内存储的公钥文件版本;An acquisition module, configured to obtain the characteristic identifier of the diagnostic connector, and determine the public key file version stored in the diagnostic connector based on the characteristic identifier;
    第二确定模块,用于基于所述公钥文件版本,确定与所述公钥文件对应的私钥文件;a second determination module, configured to determine the private key file corresponding to the public key file based on the public key file version;
    第二加密模块,用于对所述目标中间文件以及所述私钥文件进行第二加密,得到加密后的加密文件;A second encryption module, configured to perform a second encryption on the target intermediate file and the private key file to obtain an encrypted encrypted file;
    发送模块,用于将所述加密文件发送至所述汽车诊断设备。A sending module, configured to send the encrypted file to the automobile diagnostic device.
  9. 一种电子设备,包括存储器、处理器,所述存储器中存储有可在所述处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现上述权利要求1至6任一项所述的方法的步骤。An electronic device, including a memory and a processor. The memory stores a computer program that can run on the processor. It is characterized in that when the processor executes the computer program, the above claims 1 to 6 are implemented. The steps of any of the methods described.
  10. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有计算机可运行指令,所述计算机可运行指令在被处理器调用和运行时,所述计算机可运行指令促使所述处理器运行所述权利要求1至6任一项所述的方法。 A computer-readable storage medium, characterized in that the computer-readable storage medium stores computer-executable instructions. When the computer-executable instructions are called and executed by a processor, the computer-executable instructions prompt the The processor executes the method of any one of claims 1 to 6.
PCT/CN2023/096607 2022-08-05 2023-05-26 Encryption method for automobile diagnosis software WO2024027301A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210935125.8A CN115017529B (en) 2022-08-05 2022-08-05 Encryption method for automobile diagnosis software
CN202210935125.8 2022-08-05

Publications (1)

Publication Number Publication Date
WO2024027301A1 true WO2024027301A1 (en) 2024-02-08

Family

ID=83066269

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/096607 WO2024027301A1 (en) 2022-08-05 2023-05-26 Encryption method for automobile diagnosis software

Country Status (2)

Country Link
CN (1) CN115017529B (en)
WO (1) WO2024027301A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115017529B (en) * 2022-08-05 2022-11-15 深圳市星卡软件技术开发有限公司 Encryption method for automobile diagnosis software

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101420306A (en) * 2008-12-12 2009-04-29 肖佐楠 Automobile mounted automatic diagnosis method based on RSA ciphering and signature algorithm
KR20180057803A (en) * 2016-11-22 2018-05-31 현대모비스 주식회사 Telematics server and remote diagnosis method for vehicle thereof
CN108124491A (en) * 2017-12-28 2018-06-05 深圳市元征软件开发有限公司 Diagnosis connector upgrading verification method, device and the diagnosis connector of diagnostic device
CN108566368A (en) * 2018-02-08 2018-09-21 深圳市元征软件开发有限公司 A kind of data processing method, server and diagnosis connector
CN110602036A (en) * 2019-07-26 2019-12-20 深圳市元征科技股份有限公司 Automobile diagnosis software management method and related device
CN111245818A (en) * 2020-01-08 2020-06-05 中国信息安全测评中心 File transmission method and system, sending end equipment and receiving end equipment
CN111835511A (en) * 2020-06-30 2020-10-27 平安国际智慧城市科技股份有限公司 Data security transmission method and device, computer equipment and storage medium
CN115017529A (en) * 2022-08-05 2022-09-06 深圳市星卡软件技术开发有限公司 Encryption method for automobile diagnosis software

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AUPP559898A0 (en) * 1998-09-01 1998-09-24 Ross, Peter William Large user-editable data file enabling both a character rotation which is variable and custom encryption/decryption programs
CN105930695B (en) * 2016-04-11 2019-03-19 江苏通付盾科技有限公司 A kind of guard method of Software Development Kit and device
US20210075783A1 (en) * 2019-09-10 2021-03-11 William Mazzara, JR. Authenticated vehicle diagnostic access techniques
CN111181928B (en) * 2019-12-14 2022-08-09 深圳市元征科技股份有限公司 Vehicle diagnosis method, server, and computer-readable storage medium
CN113158268B (en) * 2021-04-28 2022-10-21 福建金成信息科技有限公司 Computer software encryption protection device

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101420306A (en) * 2008-12-12 2009-04-29 肖佐楠 Automobile mounted automatic diagnosis method based on RSA ciphering and signature algorithm
KR20180057803A (en) * 2016-11-22 2018-05-31 현대모비스 주식회사 Telematics server and remote diagnosis method for vehicle thereof
CN108124491A (en) * 2017-12-28 2018-06-05 深圳市元征软件开发有限公司 Diagnosis connector upgrading verification method, device and the diagnosis connector of diagnostic device
CN108566368A (en) * 2018-02-08 2018-09-21 深圳市元征软件开发有限公司 A kind of data processing method, server and diagnosis connector
CN110602036A (en) * 2019-07-26 2019-12-20 深圳市元征科技股份有限公司 Automobile diagnosis software management method and related device
CN111245818A (en) * 2020-01-08 2020-06-05 中国信息安全测评中心 File transmission method and system, sending end equipment and receiving end equipment
CN111835511A (en) * 2020-06-30 2020-10-27 平安国际智慧城市科技股份有限公司 Data security transmission method and device, computer equipment and storage medium
CN115017529A (en) * 2022-08-05 2022-09-06 深圳市星卡软件技术开发有限公司 Encryption method for automobile diagnosis software

Also Published As

Publication number Publication date
CN115017529B (en) 2022-11-15
CN115017529A (en) 2022-09-06

Similar Documents

Publication Publication Date Title
CN107770159B (en) Vehicle accident data recording method and related device and readable storage medium
CN113572715B (en) Data transmission method and system based on block chain
CN110519309B (en) Data transmission method, device, terminal, server and storage medium
CN110149209B (en) Internet of things equipment and method and device for improving data transmission safety of Internet of things equipment
CN109194625B (en) Client application protection method and device based on cloud server and storage medium
CN111935094A (en) Database access method, device, system and computer readable storage medium
CN106372497B (en) Application programming interface API protection method and protection device
CN113268715A (en) Software encryption method, device, equipment and storage medium
WO2015019110A1 (en) Secure data storage
CN111181928A (en) Vehicle diagnosis method, server, and computer-readable storage medium
CN112882750A (en) OTA upgrade package processing method and device and electronic equipment
WO2024027301A1 (en) Encryption method for automobile diagnosis software
CN112257086A (en) User privacy data protection method and electronic equipment
CN110446075A (en) Encryption method and device, decryption method and device, electronic equipment
CN111460400A (en) Data processing method and device and computer readable storage medium
US11550480B2 (en) Method of identifying errors in or manipulations of data or software stored in a device
CN114221762A (en) Private key storage method, private key reading method, private key management device, private key management equipment and private key storage medium
CN109753770A (en) Determine method and device, method for burn-recording and device, the electronic equipment of burning data
CN111241492A (en) Product multi-tenant secure credit granting method, system and electronic equipment
CN113127844A (en) Variable access method, device, system, equipment and medium
CN109547404B (en) Data acquisition method and server
CN106778227A (en) Applied program processing method, application program launching method and device
CN116346415A (en) Multi-factor login authentication method and device for industrial control PLC system and PLC system
CN116366289A (en) Safety supervision method and device for remote sensing data of unmanned aerial vehicle
CN116204903A (en) Financial data security management method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23849011

Country of ref document: EP

Kind code of ref document: A1