Summary of the invention
Technical problem to be solved by this invention is, method for updating set-top box software is provided, and strengthens the fail safe of updating set-top box software, reduces set-top box by the possibility of malicious attack.
In order to solve the problems of the technologies described above, the invention provides a kind of set top box software updating method, described method comprises the steps: that set-top box sends the AKU download request to upgrade service equipment, carries the upgrade parameter of described set-top box in the described AKU download request; Described upgrade service equipment reaches the cryptographic digest that encryption obtains to described AKU summary according to described upgrade parameter with AKU, AKU summary and is downloaded to described set-top box; Described set-top box is sent to subscriber identification module with described cryptographic digest; Described subscriber identification module obtains decrypted result according to the upgrade validation key of storage inside to described cryptographic digest deciphering; Described set-top box is installed described AKU when described AKU summary is identical with described decrypted result.
In order to solve the problems of the technologies described above, the present invention also provides a kind of method for updating set-top box software, and described method comprises the steps: to send the AKU download request that carries upgrade parameter to upgrade service equipment; Receive the AKU that described upgrade service equipment returns, the cryptographic digest that obtains after AKU summary and the summary encryption to described AKU; Described cryptographic digest is sent to subscriber identification module to be decrypted;
When described AKU summary is identical with decrypted result, described AKU is installed.
In order to solve the problems of the technologies described above, the present invention provides a kind of updating set-top box software system again, described system comprises: set-top box, be used for sending the AKU download request that carries upgrade parameter to upgrade service equipment, receive AKU, AKU summary and cryptographic digest that described upgrade service equipment returns, and described cryptographic digest is sent to subscriber identification module deciphering, when described AKU summary is identical with decrypted result, described AKU is installed; Upgrade service equipment is used for the upgrade parameter that carries according to described AKU download request, with AKU, AKU summary and described AKU summary is encrypted the cryptographic digest that obtains be downloaded to described set-top box; Subscriber identification module is used to store the upgrade validation key, and utilizes described upgrade validation key that described cryptographic digest deciphering is obtained decrypted result.
The present invention has strengthened the fail safe of updating set-top box software by the checking to AKU, has reduced set-top box by the possibility of malicious attack; Be stored in the subscriber identification module upgrade validation is close, and finish decrypt operation by subscriber identification module, key can not be leaked to outside the subscriber identification module, thereby has further strengthened fail safe.
Below by drawings and Examples, technical scheme of the present invention is described in further detail.
Embodiment
As shown in Figure 1, for using the system configuration schematic diagram of method for updating set-top box software of the present invention.This system comprises: set-top box 10, subscriber identification module (Subscriber Identity Module is called for short SIM) 20 and upgrade service equipment 30.
Set-top box 10 is the equipment of pending software upgrading, when needs carry out software upgrading, set-top box 10 sends the AKU download request that carries upgrade parameter to upgrade server 30, and upgrade parameter can comprise parameters such as the hardware version numbers, operating system version number of set-top box.
Store the AKU of various set-top box in the upgrade server 30, AKU, the AKU summary of correspondence and the cryptographic digest that encryption obtains to the AKU summary are downloaded to set-top box 10 according to upgrade parameter.Wherein, AKU summary and cryptographic digest are used for the legitimate verification of AKU, and AKU summary and cryptographic digest can generate in advance, and are stored in the upgrade service equipment 30, when downloading, directly get final product according to the corresponding AKU of upgrade parameter retrieval, AKU summary and cryptographic digest.AKU summary and cryptographic digest also can generate in real time, and like this, the fail safe meeting is more better, and upgrade service equipment is retrieved AKU according to upgrade parameter, generate the AKU summary, and encryption generates cryptographic digest to the AKU summary.Download can be adopted the FTP mode, HTTP mode etc.Encryption and decryption to the AKU summary can adopt existing any encipher-decipher method, as 3DES algorithm, MD5 algorithm etc.
Subscriber identification module 20 stores the AKU authentication secret, and can utilize this key to be decrypted computing.Set-top box 10 is sent to subscriber identification module 20 with cryptographic digest after receiving AKU, AKU summary and the cryptographic digest that upgrade service equipment 30 returns, and utilizes the upgrade validation key of storage inside that cryptographic digest is decrypted by subscriber identification module 20.Make a summary when identical when decrypted result and AKU, checking is passed through, and set-top box 10 is installed AKUs.Whether decrypted result and AKU summary is identical can be judged by set-top box 10, also can be judged by subscriber identification module 20.When being determined 20 judgements by the User Recognition mould, set-top box needs the AKU summary is sent to subscriber identification module 20.
As shown in Figure 2, be method for updating set-top box software embodiment one flow chart of the present invention.Present embodiment comprises the steps:
Step S101, set-top box send the AKU download request that carries upgrade parameter to upgrade service equipment;
The upgrade parameter that step S102, upgrade service equipment carry according to the AKU download request, at this locality retrieval AKU, generation AKU summary, and, AKU, AKU summary and cryptographic digest are downloaded to set-top box to AKU summary encryption generation cryptographic digest;
Upgrading newspaper summary and cryptographic digest are verification msg; Can determine the length of AKU summary and cryptographic digest according to actual conditions, for example, adopt the verification msg of 32 bytes, wherein, preceding 16 bytes are the AKU summary, and back 16 bytes are cryptographic digest;
Step S103, set-top box receive AKU, AKU summary and cryptographic digest, and cryptographic digest is sent to subscriber identification module;
Step S104, subscriber identification module are utilized the upgrade validation key of storage inside that cryptographic digest is deciphered and are obtained decrypted result, and decrypted result is sent to set-top box;
Step S105, set-top box judge whether the AKU summary is identical with decrypted result, if identical, checking is passed through, execution in step S106; If different, checking is not passed through, and AKU is not installed;
Step S106, set-top box are installed the AKU of downloading.
Present embodiment can effectively prevent the attack of Malware to terminal by AKU summary encryption and decryption having been realized the legitimate verification of AKU; The storage of upgrade validation key and the deciphering of cryptographic digest are finished by subscriber identification module, make full use of subscriber identification module storage security height, the built-in characteristics of decipherment algorithm, and key can not be leaked to outside the subscriber identification module, can effectively strengthen fail safe.
As shown in Figure 3, be method for updating set-top box software embodiment two flow charts of the present invention.In the present embodiment, different users has different upgrade validation keys, stores the corresponding relation of user ID and encryption key in the upgrade service equipment.After receiving the AKU download request, upgrade service equipment is searched corresponding encryption key according to the user ID of carrying in the request, utilizes this encryption key that the AKU summary is encrypted.Present embodiment comprises the steps:
Step S201, set-top box send the AKU download request that carries upgrade parameter and user ID to upgrade service equipment; Wherein, user ID can be the sign of subscriber identification module;
Step S202, upgrade service equipment are retrieved AKU according to upgrade parameter in this locality, generate the AKU summary;
Step S203, upgrade service equipment are according to the corresponding encryption key of user ID retrieval;
The encryption key that step S204, upgrade service equipment utilization retrieve is encrypted the AKU summary;
Step S205, upgrade server are downloaded to set-top box with AKU, AKU summary and cryptographic digest;
Step S206, set-top box receive AKU, AKU summary and cryptographic digest, and AKU summary and cryptographic digest are sent to subscriber identification module;
Step S207, subscriber identification module are utilized the upgrade validation key of storage inside that cryptographic digest is deciphered and are obtained decrypted result;
Step S208, subscriber identification module judge whether the AKU summary is identical with decrypted result, and judged result is sent to set-top box;
Step S209, set-top box judge according to judged result whether checking is passed through, if the AKU summary is identical with decrypted result, checking is passed through, execution in step S210; If different, checking is not passed through, and AKU is not installed;
Step S210, set-top box are installed the AKU of downloading.
In the present embodiment, upgrade service equipment adopts different encryption keys that the AKU summary is encrypted at different users, further strengthened fail safe, can avoid when all users use same key, revealing the generation of the situation that influences all user's updating set-top box softwares because of key.
Whether identical step also can be carried out by set-top box for judge AKU summary and decrypted result in embodiment illustrated in fig. 3.In this case, set-top box does not need to send the AKU summary to subscriber identification module, subscriber identification module needs decrypted result is sent to set-top box after deciphering, set-top box just can judge whether the decrypted result that returns from the AKU of upgrade service device downloads and subscriber identification module is identical then, and and then selects whether to install AKU according to judged result.
It should be noted that at last: above embodiment only in order to technical scheme of the present invention to be described, is not intended to limit; Although with reference to previous embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that aforementioned each embodiment put down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.