AU2011253604B2 - Method and system for authenticating an accessory - Google Patents
Method and system for authenticating an accessory Download PDFInfo
- Publication number
- AU2011253604B2 AU2011253604B2 AU2011253604A AU2011253604A AU2011253604B2 AU 2011253604 B2 AU2011253604 B2 AU 2011253604B2 AU 2011253604 A AU2011253604 A AU 2011253604A AU 2011253604 A AU2011253604 A AU 2011253604A AU 2011253604 B2 AU2011253604 B2 AU 2011253604B2
- Authority
- AU
- Australia
- Prior art keywords
- media player
- accessory
- authentication
- commands
- authentication operation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Signal Processing For Digital Recording And Reproducing (AREA)
Abstract
A method, system, and connector interface for authenticating an accessory. A method includes performing an authentication operation and allowing the accessory to access the media player during the authentication operation; if the authentication operation fails, the accessory is locked out from any further access to the media player. The authentication operation can include, e.g., validating authentication information included in an authentication certificate provided by the accessory and/or validating a digital signature provided by the accessory. The media player and accessory may utilize a plurality of commands in a variety of environments such as within a connector interface system environment to control access to the media player.
Description
P/00101 1 Regulation 32 AUSTRALIA Patents Act 1990 COMPLETE SPECIFICATION STANDARD PATENT Invention Title: Method and system for authenticating an accessory The following statement is a full description of this invention, including the best method of performing it known to us: WO 2008/002916 PCT/US2007/072127 METHOD AND SYSTEM FOR AUTHENTICATING AN ACCESSORY FIELD OF THE INVENTION [00011 The present invention relates generally to electrical devices and more particularly to 5 electronic devices such as media players that communicate with accessory devices. BACKGROUND OF THE INVENTION [00021 A media player stores media assets, such as audio tracks or photos that can be played or displayed on the media player. One example of a media player is the iPodTM media player, which is available from Apple Inc. of Cupertino, CA. Often, a media player acquires 0 its media assets from a host computer that serves to enable a user to manage media assets. As an example, the host computer can execute a media management application to manage media assets. One example of a media management application is iTunes*, version 6.0, produced by Apple Inc. 100031 A media player typically includes one or more connectors or ports that can be used 5 to interface to the media player. For example, the connector or port can enable the media player to couple to a host computer, be inserted into a docking system, or receive an accessory device. There are today many different types of accessory devices that can interconnect to the media player. For example, a remote control can be connected to the connector or port to allow the user to remotely control the media player. As another example, 20 an automobile can include a connector and the media player can be inserted onto the connector such that an automobile media system can interact with the media player, thereby allowing the media content on the media player to be played within the automobile. [00041 Numerous third parties have developed accessories for use with media players. An accessory may be used with the media player as long as a compatible connector or port is 25 utilized. Accessories interact with the media player using an accessory protocol. One example of an accessory protocol is referred to as iPod Accessory Protocol (iAP), which is available from Apple Inc. of Cupertino, CA. The accessory protocol includes commands which have been typically been made freely accessible to accessory developers. A problem with the commands being freely accessible is that they can be used by unauthorized or 30 counterfeit accessory devices. 1 [0005] One solution is to perform authentication operations on an accessory device. Accordingly, the accessory devices would not have any access to the media player until after the authentication process is complete. [0006] Thus, there is a need for improved techniques to control the nature and extent to which 5 accessory devices can be utilized with other electronic devices. BRIEF SUMMARY OF THE INVENTION [0007] A method, system, and connector interface for authenticating an accessory are disclosed. In one aspect, the method includes performing an authentication operation and allowing the accessory to access the media player during the authentication operation; if the 0 authentication operation fails, the accessory is locked out from any further access to the media player. The authentication operation can include, e.g., validating authentication information included in an authentication certificate provided by the accessory and/or validating a digital signature provided by the accessory. [0008] According to the system and method disclosed herein, the media player and accessory 5 may utilize a plurality of commands in a variety of environments such as within a connector interface system environment to control access to the media player. [0008A] In one aspect the present invention provides a media player comprising: a processor; and an accessory interface coupled to the processor and configured to communicate with an accessory configured to interact with the media player according to a media player accessory 20 protocol that defines a plurality of application commands to invoke a plurality of media player application functions, wherein the processor in conjunction with the accessory interface is configured to: execute an authentication operation to authenticate the accessory; before the authentication operation is completed, both receive one of the plurality of application commands of the media player accessory protocol from the accessory and, in response to the received 25 application command, invoke one of the plurality of media player application functions; determine whether the authentication operation completed successfully or failed: in the event that the authentication operation completed successfully, receive a subsequent one of the plurality of application commands from the accessory and, in response to the subsequent application command, invoke a subsequent one of the plurality of media player application 2 functions; and in the event that the authentication operation failed, ignore any subsequent application command received from the accessory. [0008] In a second aspect the present invention provides an accessory comprising: a processor; and a media player interface coupled to the processor and configured to interact with a media 5 player according to a media player accessory protocol that defines a plurality of application commands to invoke a plurality of media player application functions, wherein the processor in conjunction with the media player interface is configured to: execute an authentication operation to authenticate the media player; send one of the plurality of application commands of the media player accessory protocol to the media player before the authentication operation is completed D and invoke one of the plurality of media player application functions also during the authentication operation; determine whether the authentication operation completed successfully or failed; in the event that the authentication operation completed successfully, send a subsequent one of the plurality of application commands to the media player to invoke a subsequent one of the plurality of media player application functions; and in the event that the 5 authentication operation failed, any subsequent commands sent by the accessory are ignored by the media player. [0008C] In a further aspect the present invention provides an accessory comprising: a processor; and a media player interface configured to interact with a media player according to a media player accessory protocol that defines a plurality of application commands to invoke a plurality 0 of media player application functions, the plurality of media player application functions including a first function associated with a risky behavior and a second function associated with a non-risky behavior, wherein the processor is configured to: receive an authentication request from the media player, the authentication request initiating an authentication operation; transmit authentication information to the media player in response to the authentication request, the 25 authentication information being usable by the media player in the authentication operation; send at least one of the plurality of application commands to the media player prior to completion of the authentication operation, wherein in response to the at least one application command, the media player invokes an associated one of the plurality of media player application functions if the associated one of the plurality of media player application functions is the second function 30 but does not invoke the associated one of the plurality of media player application functions if the associated one of the plurality of media player application functions is the first function; and transmit an authentication signature to the media player for validation, wherein the 2A authentication operation completes upon validation of the authentication signature, wherein if the authentication operation fails, any subsequent commands sent by the accessory are ignored by the media player. [0008D] In a further aspect the present invention provides a media player comprising: a 5 processor; and an accessory interface configured to communicate with an accessory configured to interact with the media player according to a media player accessory protocol that defines a first plurality of commands related to a risky behavior and a second plurality of commands related to non-risky behavior, wherein the processor in conjunction with the accessory interface is configured to: execute an authentication operation to authenticate the accessory; receive one or 0 more commands from the second plurality of commands and blocking commands from the first plurality of commands, from the accessory during the authentication operation; determine whether the authentication operation completed successfully or failed; receive one or more commands from the first plurality of commands from the accessory in the event that the authentication operation completed successfully; and ignore any subsequent application 5 command received from the accessory in the event that the authentication operation failed. [0008E] In a further aspect the present invention provides an accessory comprising: a processor for communicating with a media player configured to interact with the accessory according to a media player accessory protocol that defines a first plurality of commands related to a risky behavior and a second plurality of commands related to non-risky behavior, wherein the o processor is further configured to: receive an authentication request from the media player, the authentication request initiating an authentication operation; during the authentication operation, send to the media player one or more commands from the second plurality of commands, wherein during the authentication operation commands from the first plurality of commands are blocked by the media player; determine whether the authentication operation completed 25 successfully or failed; in the event that the authentication operation completed successfully, send one or more commands from the first plurality of commands to the media player; and in the event that the authentication operation failed, any subsequent commands sent by the accessory are ignored by the media player. [0008F] As used herein, except where the context requires otherwise, the term "comprise" and 30 variations of the term, such as "comprising", "comprises" and "comprised", are not intended to exclude further additives, components, integers or steps. 2B BRIEF DESCRIPTION OF THE DRAWINGS [0009] Figures 1A and 1B illustrate a docking connector in accordance with the present invention. [0010] Figure 2A is a front and top view of a remote connector in accordance with the present invention. [0011] Figure 2B illustrates a plug that can be utilized in the remote connector of Figure 2A. [0012] Figure 2C illustrates the plug of Figure 2B inserted into the remote connector of Figure 2A. [0013] Figure 3A illustrates connector pin designations for the docking connector. 0 [0014] Figure 3B illustrates connection pin designations for the remote connector. [0015] Figure 4A illustrates a typical Fire Wire connector interface for the docking connector. 2C WO 2008/002916 PCT[US2007/072127 [00161 Figure 4B illustrates a reference schematic diagram for an accessory power source. [00171 Figure 4C illustrates a reference schematic diagram for a system for detecting and identifying accessories for the docking connector. [00181 Figure 4D is a reference schematic of an electret microphone that may be connected 5 to the remote connector. 100191 Figure 5A illustrates a media player coupled to different accessories. 100201 Figure 5B illustrates the media player coupled to a computer. [00211 Figure SC illustrates the media player coupled to a car or home stereo system. 100221 Figure 5D illustrates the media player coupled to a dongle that communicates 0 wirelessly with other accessories. [0023] Figure 5E illustrates the media player coupled to a speaker system. [00241 Figure 6 is a flow chart that illustrates a process for controlling access to a media player. [0025] Figure 7 is a flow chart that illustrates a process for authenticating an accessory. 5 DETAILED DESCRIPTION OF THE INVENTION [00261 The present invention relates generally to electrical devices and more particularly to electrical devices such as media players that communicate with accessory devices. The following description is presented to enable one of ordinary skill in the art to make and use the invention and is provided in the context of a patent application and its requirements. 20 Various modifications to the preferred embodiment and the generic principles and features described herein will be readily apparent to those skilled in the art. Thus, the present invention is not intended to be limited to the embodiment shown but is to be accorded the widest scope consistent with the principles and features described herein. [0027] A method in accordance with the present invention for authenticating an accessory 25 includes performing a first authentication operation on the accessory by the media player, wherein an authentication certificate is validated. In one embodiment, the authentication operations are handled in the background such that the media player is operative to process commands after authentication has begun but before the authentication has completed. This allows the media player and the accessory to interact immediately rather than waiting until 3 WO 2008/002916 PCT/US2007/072127 after the authentication process has completed successfully. The method also includes performing a second authentication operation on the accessory by the media player, wherein an authentication signature is validated. In one embodiment, the media player verifies the authentication signature using a public key provided in the certificate. The media player and 5 accessory may utilize a plurality of commands in a variety of environments to facilitate controlling access to the media player. One such environment is within a connector interface system environment such as described in detail hereinbelow. [00281 Although the authentication of an accessory is described hereinbelow, one of ordinary skill in the art recognizes that the procedures described below may be applied to the 0 authentication of the media player and such application would be within the spirit and scope of the present invention. Connector Interface System Overview [00291 To describe the features of the connector interface system in accordance with the present invention in more detail, refer now to the following description in conjunction with 5 the accompanying drawings. Docking Connector [0030] Figures 1 A and 1B illustrate a docking connector 100 in accordance with the present invention. Referring first to Figure IA, the keying features 102 are of a custom length 104. In addition, a specific key arrangement is used where one set of keys is separated by one D length at the bottom of the connector and another set of keys is separated by another length at the top of the connector. The use of this key arrangement prevents noncompliant connectors from being plugged in and causing potential damage to the device. The connector for power utilizes a Firewire specification for power. The connector includes a first make/last break contact to implement this scheme. Figure lB illustrates the first make/last break contact 202 .5 and also illustrates a ground pin and a power pin related to providing an appropriate first make/last break contact. In this example, the ground pin 204 is longer than the power pin 206. Therefore, the ground pin 204 would contact its mating pin in the docking accessory before the power pin 206, minimizing internal electrical damage of the electronics of the device. 0 [0031] In addition, a connector interface system in accordance with the present invention uses universal serial bus (USB), universal asynchronous receiver-transmitter (UART), and Firewire interfaces as part of the same docking connector alignment, thereby making the 4 WO 2008/002916 PCT/US2007/072127 design more compatible with different types of interfaces, as will be discussed in detail hereinafter. In so doing, more remote accessories can interface with the media player. Remote Connector [00321 The connection interface system also includes a remote connector which provides 5 for the ability to output and input audio, provides I/O serial protocol, and provides an output for video. Figure 2A is a front and top view of a remote connector 200 in accordance with the present invention. As is seen, the remote connector 200 includes a top headphone receptacle 202, as well as a second receptacle 204 for remote devices. Figure 2B illustrates a plug 300 to be utilized in the remote connector. The plug 300 allows the functions to be 0 provided via the remote connector. Figure 2C illustrates the plug 300 inserted into the remote connector 200. Heretofore, all of these features have not been implemented in a remote connector. Therefore, a standard headphone cable can be plugged in, but also special remote control cables, microphone cables, and video cables could be utilized with the remote connector. 5 10033] To describe the features of the connector interface system in more detail, please find below a functional description of the docking connector, remote connector and a command set in accordance with the present invention. Docking and Remote Connector Specifications [00341 For an example of the connector pin designations for both the docking connector 0 and for the remote connector for a media player such as an iPodTM device by Apple Inc., refer now to Figures 3A and 3B. Figure 3A illustrates the connector pin designations for the docking connector. Figure 3B illustrates the connection pin designations for the remote connector. Docking Connector Specifications .5 [00351 Figure 4A illustrates a typical Firewire connector interface for the docking connector. The following are some exemplary specifications: Firewire power (8V - 30V DC IN, 1OW Max). In one embodiment, Firewire may be designed to the IEEE 1394 A Spec (400 Mb/s). USB Interface 0 100361 The media player provides two configurations, or modes, of USB device operation: mass storage and media player USB Interface (MPUI). The MPUI allows the media player to be controlled using a media player accessory protocol (MPAP) which will be described in 5 WO 2008/002916 PCT/US2007/072127 detail later herein, using a USB Human Interface Device (HID) interface as a transport mechanism. Accessory 3.3 V Power [00371 Figure 4B illustrates the accessory power source. The media player accessory 5 power pin supplies voltages, for example, 3.0 V to 3.3V+/-5% (2.85 V to 3.465 V) over the docking connector and remote connector (if present). A maximum current is shared between the docking and remote connectors. [00381 By default, the media player supplies a particular current such as 5mA. Proper software accessory detection is required to turn on high power (for example, up to 100 mA) 0 during active device usage. When devices are inactive, they must consume less than a predetermined amount of power such as 5mA current. [00391 Accessory power is grounded through the Digital GND pins. [00401 Figure 4C illustrates a reference schematic diagram for a system for detecting and identifying accessories for the docking connector. The system comprises a resistor to ground 5 that allows the device to determine what has been plugged into the docking connector. There is an internal pullup on Accessory Identify within the media player. Two pins (Accessory Identify & Accessory Detect) are used. [0041] Figure 4D is a reference schematic of an electret microphone that may be connected to the remote connector. 0 [0042] Serial Protocol Communication: [0043] a) Two pins used to communicate to and from device (Rx & Tx) [0044] b) Input & Output (OV=Low, 3.3V=High) [0045] As mentioned previously, media players connect to a variety of accessories. Figures 5A-5E illustrate a media player 500 coupled to different accessories. Figure 5A illustrates a 5 media player 500 coupled to a docking station 502. Figure 5B illustrates the media player 500' coupled to a computer 504. Figure 5C illustrates the media player 500" coupled to a car or home stereo system 506. Figure 5D illustrates the media player 500.'coupled to a dongle 508 that communicates wirelessly with other devices. Figure SE illustrates the media player 500"" coupled to a speaker system 510. As is seen, what is meant by accessories includes but 6 WO 2008/002916 PCT/US2007/072127 is not limited to docking stations, chargers, car stereos, microphones, home stereos, computers, speakers, and accessories which communicate wirelessly with other accessories. 100461 As mentioned previously, this connector interface system could be utilized with a command set for authenticating an accessory. In one embodiment, the accessory may be a 5 host computer or any other electronic device or system that may communicate with the media player. It should be understood by one of ordinary skill in the art that although the above-identified connector interface system could be utilized with the command set, a variety of other connectors or systems could be utilized and they would be within the spirit and scope of the present invention. 0 [00471 As described above, accessories interact with the media player using a media player accessory protocol. An example of such a media player accessory protocol is the iPod Accessory Protocol (iAP). The media player accessory protocol refers to the software component executing on the media player that communicates with accessories over a given transport layer. The application of the media player may be, for example, a media player 5 application framework that presents menus/screens to the user. Media player commands are associated with the processing of voice, video, and other data between the media player and the accessory. For example, commands may be associated with read operations and write operations to transfer and store information between the media player and the accessory. Accordingly, in one embodiment, for each command related to the media player, there is a 3 reciprocal command for the accessory. In one embodiment, commands may be grouped and associated with specific accessory functionality. Command Functionality [0048] Although a plurality of commands is described hereinbelow, one of ordinary skill in the art recognizes that many other commands could be utilized and their use would be within 5 the spirit and scope of the present invention. Accordingly, the list of commands below is representative, but not exhaustive, of the types of commands that could be utilized to authenticate an accessory. Furthermore, it is also readily understood by one of ordinary skill in the art that a subset of these commands could be utilized by a media player or an accessory and that use would be within the spirit and scope of the present invention. A description of 0 the functionality of some of these commands is described below. 7 WO 2008/002916 PCT/US2007/072127 Authentication of an Accessory [0049] In previous authentication methods, the accessory transmits an identification message to the media player, where the identification message indicates that the accessory supports certain commands and supports authentication. The media player then transmits an 5 acknowledgment message to the accessory. The media player blocks access by the accessory until the entire authentication process completes. The media player may display a "Connecting..." screen. The media player then confirms that the authentication version number that the accessory provides is the correct version number. If so, the media player transmits a challenge to be signed by the device. The media player then validates the 0 authentication signature using a public key based on a device ID from the accessory. The following describes improvements over the previous authentication methods, in accordance with the present invention. [0050] Figure 6 is a flow chart that illustrates a process for controlling access to a media player in accordance with the present invention. As Figure 6 illustrates, the process begins in 5 step 602 where the media player performs a background authentication operation on the accessory, in which the authentication certificate is validated. More specifically, during the background authentication operation, the accessory transmits authentication information to the media player, and the media player receives and validates the certificate contained in the authentication information. In one embodiment, the authentication information may also 0 include an authentication version number. Authentication certificates are described in more detail below. As described in more detail below, the media player does not wait until the entire authentication process completes but instead allows certain access before the authentication process completes. Next, in step 604, the media player performs a second authentication operation on the accessory, in which an authentication signature is validated. 25 More specifically, during the second authentication operation, the accessory transmits an authentication signature to the media player, and the media player receives and validates the authentication signature. In one embodiment, the media player verifies the authentication signature using a public key. More detailed embodiments of the background authentication and second authentication operations are described below with reference to Figure 7. 30 [0051] Although the authentication of an accessory is described herein, one of ordinary skill in the art recognizes that the procedures described herein may be applied to the authentication of the media player and such application would be within the spirit and scope 8 WO 2008/002916 PCT/US2007/072127 of the present invention. For example, the same or similar steps described in Figure 6 above and/or in Figure 7 below may be utilized by an accessory to authenticate the media player. Authentication Certificates [0052] Standard authentication certificates function as containers for data such as the 5 certificate creator (issuer, country, etc.), certificate type, valid certificate date ranges, and other metadata. Authentication certificates, also referred to as certificates or certs, are generated and signed by one or more certificate authorities (CAs) and have a unique serial number. In one embodiment, the certificate may be stored in an authentication coprocessor chip on the accessory. Authentication certificates in accordance with the present invention 0 contain not only the metadata as in a standard authentication certificate but also device class information and a public key, which are described in more detail below. [0053] As described in more detail below, the media player verifies certificates using a public key that is issued by the CA. The media player may also use the public key to verify a signed challenge. Certificates are used to transfer the public key and other accessory-specific 5 information to the media player. Such accessory-specific information may contain, for example, device class information about the accessory. The device class determines what commands the accessory is permitted to use with respect to the media player. In one embodiment, the media player may add permissible commands to existing classes or add new device classes by means of a media player firmware update. New accessories may be 0 supported by the media player when the CA issues new certificates to the accessory vendor. [0054] In one embodiment, if a certificate is somehow compromised and cloned in counterfeit devices, the compromised serial number may be added to a certificate revocation list (or CRL) on the media player to prevent devices using the certificate from authenticating successfully. If the certificate parser of the media player does not recognize the cert's device 25 class, the media player rejects the certificate. In one embodiment, a certificate to be used for device authentication may have a preset lifespan (e.g., in the range of 1-5 years, etc.), which may be set, for example, by a date. In one embodiment, certificate expiration could be accomplished by adding device serial numbers to the CRL after the expiration date has passed. 30 [00551 Figure 7 is a flow chart that illustrates a process for authenticating an accessory in accordance with the present invention. As Figure 7 illustrates, the process begins in step 702 where the media player and accessory exchange messages to determine whether the accessory 9 WO 2008/002916 PCT/US2007/072127 supports certain commands and supports immediate authentication. More specifically, in one embodiment, the accessory transmits an identification message to the media player. The identification message includes a device identification (ID) and an indication that the accessory supports certain commands and supports authentication. In some embodiments, 5 support for immediate authentication is required. The media player then transmits an acknowledgment message to the accessory. In one embodiment, the media player notifies the application of the media player that the accessory is attempting to access the media player. [00561 As described above, in one embodiment, the authentication operations are handled in the background to allow multiple cryptography options (e.g., RSA or SFEE) with/without 0 hardware acceleration to be used. As a result, the media player is operative to process device commands after authentication has begun, before the authentication has completed, and through its successful completion. When device authentication fails (e.g., retry count and/or maximum time has been exhausted), the media player can lockout processing of incoming commands and prevent the device from interacting with media player. Media player 5 applications can permit non-risky device use once authentication has started. Risky behavior is defined as anything that could permanently alter the media player behavior or download unsafe media. Examples of risky behavior to be avoided include download executable media or firmware updates to the media player. If authentication fails at some later point, the application of the media player could cancel any device-related activities and possibly report 0 an error message to the user (e.g., "Device is not supported"). [00571 Referring still to Figure 7, in step 704, during the background authentication operation, the media player transmits an authentication information request to the accessory. In one embodiment, the media player starts a timeout timer. Next, in step 706, the accessory transmits the authentication information to the media player. In one embodiment, the 25 authentication information includes an authentication major version, an authentication minor version, and a public certificate, where the certificate may be divided up into sections if it is large (e.g., greater than 500 bytes). If the certificate is divided up into sections, upon receipt of the authentication information the media player reassembles the certificate. When the certificate is fully assembled, the certificate is parsed for device class information. The 30 media player then converts a class number from the device class information into an allowed command mask. This mask is used to validate that the commands identified by the device are allowed by the certificate. In other words, the media player validates the certificate based at least in part on the device class information. 10 WO 2008/002916 PCT/US2007/072127 [00581 Next, in step 708, the media player validates the authentication information. The authentication information may be invalid for a number of reasons. For example, the authentication information may be invalid if the authentication version is not valid, if the public certificate has expired, or if the public certificate is on the certificate revocation list 5 (CRL). If any of the authentication information is invalid, the background authentication operation fails. A failure will restart the authentication process (if a retry count and timeout limits have not been exceeded). The background authentication operation passes if the authentication version is validated and if the certificate class commands have been determined to match or exceed those requested by an identify command of the media player, 0 and if a certification chain has been verified. In one embodiment, non-risky media player command application functions and command processing are enabled while authentication process continues. In one embodiment, the media player may transmit a message to the accessory indicating a version information status. [00591 Next, in step 710, during a second authentication operation, the media player 5 transmits an authentication signature request to the accessory. The authentication signature request includes a random nonce/challenge to be signed by the device. The specific nonce/challenge length may vary and will depend on the specific implementation. Next, in step 712, the accessory transmits an authentication signature (i.e., a message with a signed challenge/signature) to the media player. Next, in step 714, upon receipt of the authentication 0 signature, the media player validates the authentication signature (i.e., the signed challenge). In one embodiment, the media player verifies the signed nonce/challenge using a public key based on a device ID from the accessory. In a preferred embodiment, the media player verifies the signed nonce/challenge using a public key from the certificate provided by the accessory. Z5 10060] In one embodiment, an accessory authentication process is based on a public key/private key system where the accessory has a private key and the media player has the associated public key. The accessory authentication process is closely integrated with accessory protocol commands. [0061] Before completing the authentication process, the media player transmits an 0 authentication status message to the accessory indicating signature status and authentication process completion. The authentication passes if the media player verifies the authentication 11 WO 2008/002916 PCT/US2007/072127 signature. Otherwise, the authentication process fails. If authentication passes, the application of the media player unblocks to allow user access to the device. [00621 If the authentication process fails, the device port of the media player will lock out the accessory. Also, upon a failure, the media player de-authorizes the accessory to prevent 5 the accessory from utilizing the media player resources. In one embodiment, the media player may also transmit an authentication status to the application of the media player. For example, if the authentication fails, the application of the media player may display a "Connection Failed" message. [00631 In one embodiment, the authentication operations may utilize a retry count and 0 maximum timeout. Accordingly, in one embodiment, the authentication can also fail if the retry counter or maximum timeout is exceeded. Locking out a port prevents an accessory from simulating a detach or re-identifying in order to reset the authentication retry/timeout counters. In one embodiment, incoming packets may be deleted if a device port authentication state is set to "lockout." This will prevent any locked out device packets from 5 being processed. In one embodiment, if the failure is due to an accessory identifying more commands than allowed by the certificate, the device lockout is not activated at authentication failure and the accessory may be permitted to re-identify. 100641 A method, system, and connector interface for authenticating an accessory has been disclosed. The method includes performing a first authentication operation on the accessory D by the media player, where an authentication certificate is validated. The method also includes performing a second authentication operation on the accessory by the media player, where an authentication signature is validated. According to the system and method disclosed herein, the media player and accessory may utilize a plurality of commands in a variety of environments such as within a connector interface system environment to control 5 access to the media player. [00651 Although the present invention has been described in accordance with the embodiments shown, one of ordinary skill in the art will readily recognize that there could be variations to the embodiments and those variations would be within the spirit and scope of the present invention. For example, the present invention can be implemented using 0 hardware, software, a computer readable medium containing program instructions, or a combination thereof. Software written according to the present invention is to be either stored in some form of computer-readable medium such as memory or CD-ROM, or is to be 12 WO 2008/002916 PCT/US2007/072127 transmitted over a network, and is to be executed by a processor. Consequently, a computer-readable medium is intended to include a computer readable signal, which may be, for example, transmitted over a network. Accordingly, many modifications may be made by one of ordinary skill in the art without departing from the spirit and scope of the appended 5 claims. 13
Claims (20)
1. A media player comprising: a processor; and an accessory interface coupled to the processor and configured to communicate with an 5 accessory configured to interact with the media player according to a media player accessory protocol that defines a plurality of application commands to invoke a plurality of media player application functions, wherein the processor in conjunction with the accessory interface is configured to: execute an authentication operation to authenticate the accessory; [0 before the authentication operation is completed, both receive one of the plurality of application commands of the media player accessory protocol from the accessory and, in response to the received application command, invoke one of the plurality of media player application functions; determine whether the authentication operation completed successfully or failed: 15 in the event that the authentication operation completed successfully, receive a subsequent one of the plurality of application commands from the accessory and, in response to the subsequent application command, invoke a subsequent one of the plurality of media player application functions; and in the event that the authentication operation failed, ignore any subsequent application !0 command received from the accessory.
2. The media player of claim 1 wherein the processor is further configured to: obtain an authentication certificate for the accessory; and validate authentication information included in the authentication certificate.
3. The media player of claim 2 wherein the processor is further configured to: 25 receive a device identification message from the accessory, the device identification message including an indication of a command set supported by the accessory, the supported command set including at least some of the plurality of commands defined by the media player accessory protocol; determine an allowed command set for the accessory based on the authentication 30 information included in the authentication certificate; and compare the allowed command set to the supported command set, wherein the 15 authentication operation fails in the event that the allowed command set does not match the supported command set.
4. The media player of claim 2 wherein the processor is further configured to: transmit a digital signature request to the accessory, the digital signature request 5 including a random challenge; receive from the accessory a digitally signed version of the random challenge; and validate the digital signature.
5. The media player of claim 4 wherein the digitally signed version of the random challenge is signed by the accessory using a private key and wherein to validate the digital signature the 10 processor is further configured to: extract a public key from the authentication certificate; and use the public key to validate the digital signature.
6. The media player of claim I wherein the processor is further configured to: receive a device identification message from the accessory, the device identification L5 message including an indication of a command set supported by the accessory, the command set including at least some of the plurality of commands defined by the media player accessory protocol, wherein during the authentication operation, the first command is one of the commands in the command set supported by the accessory.
7. The media player of claim I wherein the processor is further configured to: 20 receive a device identification message from the accessory, the device identification message including an indication of a command set supported by the accessory, the command set including at least some of the plurality of commands defined by the media player accessory protocol, wherein the command set includes a first command that relates to a risky behavior and a second command that relates to a non-risky behavior; wherein during the authentication 25 operation, if the second command is received, the media player invokes a corresponding media player application function and if the first command is received, the media player ignores the first command.
8. The media player of claim 1 wherein to determine whether the authentication operation completed successfully or failed, the processor is further configured to: 30 detect when a timeout period measured from a starting time of the authentication 16 operation ends, wherein the authentication operation fails in the event that the authentication operation does not complete successfully before the timeout period ends.
9. The media player of claim 8 wherein to execute the authentication operation, the 5 processor is further configured to: retry the authentication operation if the timeout period has not ended in the event that an error occurs during the authentication operation.
10. The media player of claim 9 wherein the processor is further configured to update a count of retries and wherein the authentication operation fails in the event that the count of retries t0 exceeds a retry limit.
11. The media player of claim 1 wherein the processor is further configured to generate a notification for a user in the event that the authentication operation fails.
12. The media player of claim 11 wherein the notification further comprises a message displayed on a display screen of the media player. .5
13. An accessory comprising: a processor; and a media player interface coupled to the processor and configured to interact with a media player according to a media player accessory protocol that defines a plurality of application commands to invoke a plurality of media player application functions, 20 wherein the processor in conjunction with the media player interface is configured to: execute an authentication operation to authenticate the media player; send one of the plurality of application commands of the media player accessory protocol to the media player before the authentication operation is completed and invoke one of the plurality of media player application functions also during the authentication operation; 25 determine whether the authentication operation completed success fully or failed; in the event that the authentication operation completed successfully, send a subsequent one of the plurality of application commands to the media player to invoke a subsequent one of the plurality of media player application functions; and in the event that the authentication operation failed, any subsequent commands sent by 30 the accessory are ignored by the media player. 17
14. An accessory comprising: a processor; and a media player interface configured to interact with a media player according to a media player accessory protocol that defines a plurality of application commands to invoke a plurality 5 of media player application functions, the plurality of media player application functions including a first function associated with a risky behavior and a second function associated with a non-risky behavior, wherein the processor is configured to: receive an authentication request from the media player, the authentication request 10 initiating an authentication operation; transmit authentication information to the media player in response to the authentication request, the authentication information being usable by the media player in the authentication operation; send at least one of the plurality of application commands to the media player prior to 15 completion of the authentication operation, wherein in response to the at least one application command, the media player invokes an associated one of the plurality of media player application functions if the associated one of the plurality of media player application functions is the second function but does not invoke the associated one of the plurality of media player application functions if the associated one of the plurality of media player application functions !0 is the first function; and transmit an authentication signature to the media player for validation, wherein the authentication operation completes upon validation of the authentication signature, wherein if the authentication operation fails, any subsequent commands sent by the accessory are ignored by the media player. 25
15. A media player comprising: a processor; and an accessory interface configured to communicate with an accessory configured to interact with the media player according to a media player accessory protocol that defines a first plurality of commands related to a risky behavior and a second plurality of commands related to 30 non-risky behavior, wherein the processor in conjunction with the accessory interface is configured to: execute an authentication operation to authenticate the accessory; 18 receive one or more commands from the second plurality of commands and blocking commands from the first plurality of commands, from the accessory during the authentication operation; determine whether the authentication operation completed successfully or failed; 5 receive one or more commands from the first plurality of commands from the accessory in the event that the authentication operation completed successfully; and ignore any subsequent application command received from the accessory in the event that the authentication operation failed.
16. The media player of claim 15 wherein risky behavior is any behavior that permenantly 10 alters the media player behavior or that causes the media player to download unsafe media.
17. An accessory comprising: a processor for communicating with a media player configured to interact with the accessory according to a media player accessory protocol that defines a first plurality of commands related to a risky behavior and a second plurality of commands related to non-risky .5 behavior, wherein the processor is further configured to: receive an authentication request from the media player, the authentication request initiating an authentication operation; during the authentication operation, send to the media player one or more commands 20 from the second plurality of commands, wherein during the authentication operation commands from the first plurality of commands are blocked by the media player; determine whether the authentication operation completed successfully or failed; in the event that the authentication operation completed successfully, send one or more commands from the first plurality of commands to the media player; and 25 in the event that the authentication operation failed, any subsequent commands sent by the accessory are ignored by the media player.
18. The accessory of claim 17 wherein risky behavior is any behavior that permenantly alters the media player behavior or that causes the media player to download unsafe media.
19. The accessory of claim 17 wherein the processor is further configured to 30 receive a digital signature request from the media player, the digital signature request 19 including a random challenge; and transmit a digitally signed version of the random challenge to the media player.
20. The accessory of claim 19 wherein the digitally signed version of the random challenge is signed by the accessory using a private key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2011253604A AU2011253604B2 (en) | 2006-06-27 | 2011-11-22 | Method and system for authenticating an accessory |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/476,999 | 2006-06-27 | ||
AU2007265149A AU2007265149B2 (en) | 2006-06-27 | 2007-06-26 | Method and system for authenticating an accessory |
AU2011253604A AU2011253604B2 (en) | 2006-06-27 | 2011-11-22 | Method and system for authenticating an accessory |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
AU2007265149A Division AU2007265149B2 (en) | 2006-06-27 | 2007-06-26 | Method and system for authenticating an accessory |
Publications (2)
Publication Number | Publication Date |
---|---|
AU2011253604A1 AU2011253604A1 (en) | 2011-12-15 |
AU2011253604B2 true AU2011253604B2 (en) | 2014-08-21 |
Family
ID=45442494
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
AU2011253604A Active AU2011253604B2 (en) | 2006-06-27 | 2011-11-22 | Method and system for authenticating an accessory |
Country Status (1)
Country | Link |
---|---|
AU (1) | AU2011253604B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10049206B2 (en) | 2005-01-07 | 2018-08-14 | Apple Inc. | Accessory authentication for electronic devices |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6697944B1 (en) * | 1999-10-01 | 2004-02-24 | Microsoft Corporation | Digital content distribution, transmission and protection system and method, and portable device for use therewith |
WO2006073702A1 (en) * | 2005-01-07 | 2006-07-13 | Apple Inc. | Accessory authentication for electronic devices |
-
2011
- 2011-11-22 AU AU2011253604A patent/AU2011253604B2/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6697944B1 (en) * | 1999-10-01 | 2004-02-24 | Microsoft Corporation | Digital content distribution, transmission and protection system and method, and portable device for use therewith |
WO2006073702A1 (en) * | 2005-01-07 | 2006-07-13 | Apple Inc. | Accessory authentication for electronic devices |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10049206B2 (en) | 2005-01-07 | 2018-08-14 | Apple Inc. | Accessory authentication for electronic devices |
Also Published As
Publication number | Publication date |
---|---|
AU2011253604A1 (en) | 2011-12-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2651048C (en) | Method and system for authenticating an accessory | |
EP2034423B1 (en) | Smart cables | |
US8370555B2 (en) | Method and system for allowing a media player to determine if it supports the capabilities of an accessory | |
JP5021027B2 (en) | Method and system for enabling a media player to transfer digital audio to an accessory | |
TWI515568B (en) | Method for establishing communication and related accessory and host device | |
AU2011253604B2 (en) | Method and system for authenticating an accessory | |
CN111886585B (en) | Terminal device, debugging card and debugging method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
MK4 | Application lapsed section 142(2)(d) - no continuation fee paid for the application | ||
NA | Applications received for extensions of time, section 223 |
Free format text: AN APPLICATION TO EXTEND THE TIME FROM 26 JUN 2012 TO 26 FEB 2013 IN WHICH TO PAY A CONTINUATION FEE HAS BEEN FILED . |
|
NB | Applications allowed - extensions of time section 223(2) |
Free format text: THE TIME IN WHICH TO PAY A CONTINUATION FEE HAS BEEN EXTENDED TO 26 FEB 2013 . |
|
FGA | Letters patent sealed or granted (standard patent) |