CN102831362B - Method and device for safely producing intelligent key device - Google Patents

Method and device for safely producing intelligent key device Download PDF

Info

Publication number
CN102831362B
CN102831362B CN201210259619.5A CN201210259619A CN102831362B CN 102831362 B CN102831362 B CN 102831362B CN 201210259619 A CN201210259619 A CN 201210259619A CN 102831362 B CN102831362 B CN 102831362B
Authority
CN
China
Prior art keywords
backup data
cipher key
intelligent cipher
key equipment
instruction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210259619.5A
Other languages
Chinese (zh)
Other versions
CN102831362A (en
Inventor
陆舟
于华章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Feitian Technologies Co Ltd
Original Assignee
Feitian Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Feitian Technologies Co Ltd filed Critical Feitian Technologies Co Ltd
Priority to CN201210259619.5A priority Critical patent/CN102831362B/en
Publication of CN102831362A publication Critical patent/CN102831362A/en
Application granted granted Critical
Publication of CN102831362B publication Critical patent/CN102831362B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a device for safely producing an intelligent key device. The method comprises the steps of: electrifying and initializing the intelligent key device, and waiting for receiving USB (Universal Serial Bus) data; detecting the type of an instruction when the instruction is received at a production stage; analyzing the instruction and writing the analyzed backup data into a system file if the instruction is a production instruction, calculating a current check value according to the backup data, and storing the backup data into a developed subsidiary space; if the instruction is a sealing instruction, analyzing the instruction and judging whether the analyzed check value accords with the current check value, if so, modifying the life cycle scale state into the application stage, and if not, reporting an error; judging whether the instruction is an instant recovery instruction when being received at the application stage, and if so, covering the backup data in the system file by the backup data of the subsidiary space; and reporting the error if the instruction is the production instruction, and carrying out corresponding operation and returning an operation result to a host computer if the instruction is other instruction. According to the method and the device, disclosed by the invention, the security in the production of the intelligent key device is improved.

Description

A kind of method of the intelligent cipher key equipment of keeping the safety in production and device
Technical field
The present invention relates to electronic product equipment field, relate in particular to a kind of method and device of the intelligent cipher key equipment of keeping the safety in production.
Background technology
Intelligent cipher key equipment (USBKEY) is a kind of hardware device of USB interface.Its built-in single-chip microcomputer or intelligent card chip, has certain storage space, can store user's private key and digital certificate, utilizes built-in public key algorithm to realize the authentication to user identity.Prior art is in intelligent cipher key equipment production run, terminal need to create file, append key, write the orders corresponding to generation such as related hardware information and public key algorithm and send to one by one intelligent cipher key equipment to carry out resolve command, terminal message in the process that repeatedly sends order is likely caused production run dangerous by intercepting and capturing.
Summary of the invention
The object of the invention is, in order to overcome the deficiencies in the prior art, provides a kind of method and device of the intelligent cipher key equipment of keeping the safety in production.
The method of a kind of intelligent cipher key equipment of keeping the safety in production provided by the invention, comprising:
Step S1: intelligent cipher key equipment power-up initializing, wait for and receive usb data;
Step S2: described intelligent cipher key equipment judges that whether its life cycle state is in the production phase, is to perform step S3, otherwise execution step S7;
Step S3: described intelligent cipher key equipment is waited under Receiving Host and being sent instructions, when receiving instruction, detect instruction type, production ordering performs step S4 in this way, seals in this way instruction and performs step S5, other instructions report an error in this way, continue the instruction of waiting for that Receiving Host issues;
Step S4: described intelligent cipher key equipment is resolved described production ordering, and the Backup Data in analysis result is written in system file, according to described Backup Data, calculate current proof test value, open up subsidiary space and by the backup data store in described analysis result in described subsidiary space, return to step S3;
Step S5: described intelligent cipher key equipment is resolved described sealing instruction, and judge whether the proof test value in analysis result conforms to described current proof test value, is to perform step S6, otherwise reports an error, and returns to step S3;
Step S6: described intelligent cipher key equipment is revised as the application stage by described life cycle state, returns to step S2;
Step S7: described intelligent cipher key equipment is waited under Receiving Host and sending instructions judge when receiving instruction whether it is that a key recovers instruction, is to perform step S9, otherwise execution step S8;
Step S8: whether the instruction that described intelligent cipher key equipment judgement receives is production ordering, is to report an error, and returns to step S7, otherwise carries out corresponding operating according to the instruction receiving, and operating result is returned to main frame, returns to step S7;
Step S9: described intelligent cipher key equipment covers the Backup Data in described system file with the Backup Data of described subsidiary space, and judges whether to have covered, is to return to step S7, otherwise finishes current operation, returns to step S7.
Wherein, described step S6 also comprises: file is normally identified to set.
While wherein, being judged as NO in described step S2, first carry out following step;
Steps A 1: described intelligent cipher key equipment judges that described file normally identifies whether set, is to perform step S7, otherwise execution step A2;
Steps A 2: described intelligent cipher key equipment covers the Backup Data in described system file with the Backup Data of described subsidiary space;
Steps A 3: described intelligent cipher key equipment judges whether to have covered, is to perform step A4, otherwise returns to steps A 2;
Steps A 4: described intelligent cipher key equipment normally identifies set by described file, order performs step S7.
While wherein, being judged as YES in described step S7, first carry out following step:
Step B1: described intelligent cipher key equipment judges that described file normally identifies whether set, is to perform step B2, otherwise execution step S9;
Step B2: described intelligent cipher key equipment normally identifies reset by described file, order performs step S9.
Wherein, while being judged as YES in described step S9, described file is normally identified to set, return to step S7.
Wherein, detecting the type of instruction in described step S3 by the second byte of instruction, is production ordering as the data in the second byte are 12, as the data in the second byte are 14, is sealing instruction.
Wherein, when described Backup Data is greater than the reception buffer area of described intelligent cipher key equipment, described main frame is divided into polylith by Backup Data and is handed down to described intelligent cipher key equipment.
Wherein, described step S4 specifically comprises:
Step S4-1: described intelligent cipher key equipment is resolved described production ordering, and the Backup Data in analysis result is written in system file;
Step S4-2: described intelligent cipher key equipment calculates new proof test value according to the Backup Data in described analysis result and current proof test value, and upgrades current proof test value with new proof test value;
Step S4-3: described intelligent cipher key equipment open up subsidiary space and by the backup data store in described analysis result in described subsidiary space, return to step S3.
Wherein, when described intelligent cipher key equipment receives production ordering for the first time, described step S4-2 replaces with:
Described intelligent cipher key equipment calculates new proof test value according to the Backup Data in described analysis result, and using described new proof test value as current proof test value.
Wherein, when described main frame is divided into polylith by Backup Data, and not that while being handed down to described intelligent cipher key equipment according to the order of sequence, the initial value of writing indegree in intelligent cipher key equipment is set to 0; Described step S4 and step S5 replace with step S4 ' and step S5 ';
Step S4 ': described intelligent cipher key equipment is resolved described production ordering, the sequence number that judges the file content in analysis result whether with write indegree and add 1 and equate, the Backup Data in described analysis result to be written in described system file, said write number of times is from adding 1, return to step S3, otherwise report an error, and said write number of times is set to 0, returns to step S3;
Step S5 ': described intelligent cipher key equipment calculates current proof test value according to the Backup Data in described system file, and described sealing instruction is resolved, judge whether the proof test value in analysis result conforms to described current proof test value, be to perform step S6, otherwise report an error, return to step S3.
Wherein, when described main frame is divided into polylith by Backup Data, and not while being handed down to described intelligent cipher key equipment according to the order of sequence, the system file of described intelligent cipher key equipment carries out piecemeal and numbers according to the order of sequence according to fixed size; Described step S4 and step S5 replace with step S4 accordingly " and step S5 ";
Step S4 ": described intelligent cipher key equipment is resolved described production ordering; and from analysis result, obtain the sequence number of file content and corresponding Backup Data, the Backup Data of described correspondence is write in the system file piecemeal that numbering is consistent with the sequence number of described file content;
Step S5 ": described intelligent cipher key equipment calculates current proof test value according to the Backup Data in described system file; and described sealing instruction is resolved, judge whether the proof test value in analysis result conforms to described current proof test value, be to perform step S6; otherwise report an error, return to step S3.
Wherein, described in, open up subsidiary space and the backup data store in described system file be specially in described subsidiary space:
Open up subsidiary space, and will after the Backup Data compression in described analysis result, store in described subsidiary space;
Described intelligent cipher key equipment is specially with the Backup Data that the Backup Data of described subsidiary space covers in described system file:
Described intelligent cipher key equipment first carries out decompress(ion) to the Backup Data of described subsidiary space, then with the Backup Data in system file described in the data cover after decompress(ion).
Wherein, described in, open up subsidiary space and the backup data store in described system file be specially in described subsidiary space:
After using self private key to encrypt the Backup Data in described analysis result, store in subsidiary space or other buffer areas;
Described intelligent cipher key equipment is specially with the Backup Data that the Backup Data of described subsidiary space covers in described system file:
Described intelligent cipher key equipment is used self PKI to be first decrypted Backup Data in described subsidiary space or buffer memory, then with the Backup Data in system file described in the data cover after deciphering.
The device of a kind of intelligent cipher key equipment of keeping the safety in production provided by the invention, comprising:
Receiver module, the instruction issuing for Receiving Host;
Whether the first judge module, in the production phase, be the second judge module work for the life cycle state that judges intelligent cipher key equipment, otherwise the 3rd judge module work;
Described the second judge module, for detect instruction type when described receiver module receives instruction, production ordering is resolved writing module work in this way, seals in this way analysis judgment module work of instruction, other instructions module work that reports an error in this way;
The described module that reports an error, for reporting an error;
Described parsing writing module, for described production ordering is resolved, and is written to the Backup Data in analysis result in system file;
Computing module, for calculating current proof test value according to described Backup Data;
Memory module, for open up subsidiary space and by the backup data store of described analysis result in described subsidiary space;
Described analysis judgment module, for described sealing instruction is resolved, and judges whether the proof test value in analysis result conforms to described current proof test value, is modified module work, otherwise described in the module work that reports an error;
Described modified module, for being revised as the application stage by described life cycle state;
Described the 3rd judge module, for judging when described receiver module receives instruction whether it is that a key recovers instruction, is the 4th judge module work, otherwise the work of Covering judgment module;
Described the 4th judge module, for judging whether the instruction that described receiver module receives is production ordering, is the module work that reports an error described in, otherwise carries out corresponding operating according to the instruction receiving, and operating result is returned to main frame;
Described Covering judgment module, covers the Backup Data of described system file for the Backup Data with described subsidiary space, and judges whether to have covered.
Wherein, described device also comprises:
Set module, for file normally being identified to set when described Covering judgment module is judged as YES, normally identifies reset by file while being also judged as YES for the 5th judge module;
Described the 5th judge module, for judging that described file normally identifies whether set, is described the 3rd judge module work or the work of described set module, otherwise the work of described Covering judgment module;
Set module work described in when described Covering judgment module is judged as YES; The 5th judge module work described in when described the 3rd judge module is judged as YES, when described the 5th judge module is judged as YES described in the work of set module, when described the 5th judge module is judged as NO described in the work of Covering judgment module.
Wherein, described computing module is specifically for calculating new proof test value according to the Backup Data in described analysis result and current proof test value, and upgrades current proof test value with new proof test value;
When described receiver module is to receive for the first time production ordering, described computing module is also for calculating new proof test value according to the Backup Data of described analysis result, and using described new proof test value as current proof test value.
Wherein, described parsing writing module comprises:
The first resolution unit, for resolving described production ordering;
Judging unit, for judge described the first resolution unit analysis result file content sequence number whether with write indegree and add 1 and equate, be first to write processing unit work, otherwise setting unit and the module work that reports an error;
Described first writes processing unit, and for the Backup Data of described analysis result is written in described system file, said write number of times is from adding 1;
Described setting unit, is set to 0 for said write number of times.
Wherein, described parsing writing module comprises:
The second resolution unit, for resolving described production ordering;
Acquiring unit, obtains the sequence number of file content and corresponding Backup Data for the analysis result from described the second resolution unit;
The second writing unit, for writing the Backup Data of described correspondence the system file piecemeal that numbering is consistent with the sequence number of described file content.
Wherein, described memory module is specifically for storing in described subsidiary space after the Backup Data compression of described system file;
Described Covering judgment module is specifically for the Backup Data of described subsidiary space is carried out to decompress(ion), then with the Backup Data in system file described in the data cover after decompress(ion), and judge whether to have covered.
Wherein, described memory module stores in subsidiary space or other buffer areas after using self private key to encrypt the Backup Data in described analysis result;
Described Covering judgment module is specifically for using self PKI to be first decrypted Backup Data in described subsidiary space or buffer memory, then with the Backup Data in system file described in the data cover after deciphering, and judge whether to have covered.
The present invention compared with prior art, has the following advantages:
The USBKEY file system structure that production is completed is write as journal file, by an order, write data in USBKEY, after production completes, by this order sealing, production efficiency is higher, thereby and reduces the probability of being intercepted and captured by hacker and improved the security of producing.
Accompanying drawing explanation
The method flow diagram of a kind of intelligent cipher key equipment of keeping the safety in production that Fig. 1 provides for the embodiment of the present invention one;
The method flow diagram of a kind of intelligent cipher key equipment of keeping the safety in production in the production phase that Fig. 2 provides for the embodiment of the present invention two;
A kind of method flow diagram that generates safely intelligent cipher key equipment in the application stage that Fig. 3 provides for the embodiment of the present invention three;
A kind of safety that Fig. 4 provides for the embodiment of the present invention four generates the method flow diagram of intelligent cipher key equipment;
A kind of safety that Fig. 5 provides for the embodiment of the present invention five generates the device block diagram of intelligent cipher key equipment;
The another kind that Fig. 6 provides for the embodiment of the present invention five generates safely the device block diagram of intelligent cipher key equipment;
The concrete schematic diagram of the parsing writing module in the device that Fig. 7 and Fig. 8 provide for the embodiment of the present invention five.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, those of ordinary skills, not making the every other embodiment obtaining under creative work prerequisite, belong to the scope of protection of the invention.
Embodiment mono-
The embodiment of the present invention one provides a kind of method of the intelligent cipher key equipment of keeping the safety in production, in terminal, store the daily record of the essential information that comprises intelligent cipher key equipment, essential information comprises PIN code, produces key, key object, file object and related hardware information etc.As shown in Figure 1, the method comprises:
Step S1: intelligent cipher key equipment power-up initializing, wait for and receive usb data;
Step S2: intelligent cipher key equipment judges that whether its life cycle state is in the production phase, is to perform step S3, otherwise execution step S7;
Step S3: send instructions under intelligent cipher key equipment wait Receiving Host, detect instruction type when receiving instruction, production ordering performs step S4 in this way, seals in this way instruction and performs step S5, and other instructions report an error in this way, return to step S3;
Concrete, in the present embodiment, intelligent cipher key equipment detects the type of instruction by the second byte of instruction, as the data in the second byte are 12, is production ordering, as the data in the second byte are 14, is sealing instruction;
Step S4: intelligent cipher key equipment is resolved described production ordering, and the Backup Data in analysis result is written in system file, according to Backup Data, calculate current proof test value, open up subsidiary space and by the backup data store in analysis result in subsidiary space, return to step S3;
Step S5: intelligent cipher key equipment is resolved described sealing instruction, and judge whether the proof test value in analysis result conforms to current proof test value, is to perform step S6, otherwise reports an error, and returns to step S3;
Step S6: intelligent cipher key equipment is revised as the application stage by life cycle state, returns to step S2;
Step S7: intelligent cipher key equipment is waited under Receiving Host and sending instructions judge when receiving instruction whether it is that a key recovers instruction, is to perform step S9, otherwise execution step S8;
Step S8: whether the instruction that intelligent cipher key equipment judgement receives is production ordering, is to report an error, and returns to step S7, otherwise carries out corresponding operating according to the instruction receiving, and operating result is returned to main frame, returns to step S7;
Step S9: the Backup Data in the Backup Data covering system file of subsidiary space for intelligent cipher key equipment, and judge whether to have covered, be to return to step S7, otherwise finish current operation, return to step S7.
Embodiment bis-
The method of a kind of intelligent cipher key equipment of keeping the safety in production that the embodiment of the present invention two provides, be applicable to the production phase of intelligent cipher key equipment, in terminal, store the Backup Data of the essential information that comprises intelligent cipher key equipment, essential information comprises PIN code, produces key, key object, file object and related hardware information etc.As shown in Figure 2, the method comprises:
Step 101: intelligent cipher key equipment power-up initializing, wait for and receive usb data;
Step 102: intelligent cipher key equipment judges that whether its life cycle state is in the production phase, is to perform step 103, otherwise carries out application operating;
Step 103: intelligent cipher key equipment is waited for the instruction that Receiving Host issues judges whether it is production ordering, is to perform step 104 when receiving the instruction that main frame issues, otherwise execution step 106;
In the present embodiment, by the second byte of instruction, carry out the type of decision instruction, concrete, the present embodiment production ordering is 80 12 00 OP Lc Data, and when Backup Data is greater than the reception buffer area of intelligent cipher key equipment, main frame is divided into polylith by Backup Data and issues; Wherein OP represents the sequence number of file content, and Data represents corresponding file content;
Step 104: intelligent cipher key equipment is resolved the production ordering receiving, and the Backup Data in analysis result is written in system file, according to the Backup Data in analysis result and current proof test value, calculate new proof test value, and upgrade current proof test value with new proof test value;
In the present embodiment, if intelligent cipher key equipment is the production ordering that Receiving Host issues for the first time, step 104 replaces with accordingly: intelligent cipher key equipment is resolved the production ordering receiving, and the Backup Data in analysis result is written in system file, intelligent cipher key equipment is according to the Backup Data calculation check value in analysis result, and using result of calculation as current proof test value;
When main frame is not while issuing production ordering according to the order of sequence, the initial value of writing indegree in intelligent cipher key equipment is set to 0, step 104 replaces with: intelligent cipher key equipment is resolved the instruction receiving, the sequence number that judges the file content in analysis result whether with write indegree and add 1 and equate, be the Backup Data in analysis result to be written in system file, write indegree from adding 1, return to step 103, otherwise report an error, and write indegree and be set to 0, return to step 103;
When main frame is not that while issuing production ordering according to the order of sequence, step 104 also has another kind of implementation, the system file of intelligent cipher key equipment carries out piecemeal and numbers according to the order of sequence according to fixed size (as 64K); Step 104 replaces with accordingly: intelligent cipher key equipment is resolved the instruction receiving, and from analysis result, obtain the sequence number of file content and corresponding Backup Data, according to the sequence number of file content, find the numbering of system file piecemeal, and Backup Data is write in the system file piecemeal that numbering is consistent with the sequence number of file content;
When main frame is not while issuing production ordering according to the order of sequence, operating in while receiving sealing instruction of calculation check value carried out;
Step 105: intelligent cipher key equipment open up subsidiary space and by the backup data store in analysis result in subsidiary space, return to step 103;
In the present embodiment, before the Backup Data in intelligent cipher key equipment standby system file, can first to it, compress processing, then by compression after backup data store in subsidiary space; In preferred the present embodiment, use Huffman (Huffman) algorithm to compress, but be not limited to this, also available other algorithms realizations, as LZW (Lenpel-Ziv & Welch) compression algorithm etc.; Accordingly, while using the Backup Data in the Backup Data covering system file in subsidiary space in the application stage, need first decompress and cover again;
Step 106: whether the instruction that intelligent cipher key equipment judgement receives is sealing instruction, is to perform step 107, otherwise reports an error, and returns to step 103;
Concrete, the sealing instruction in the present embodiment is: 84 14 00 00 Lc CRC;
Step 107: intelligent cipher key equipment is resolved sealing instruction, and judges whether the proof test value in analysis result conforms to current proof test value, is to perform step 108, otherwise reports an error, and returns to step 103;
In the present embodiment, when main frame is not, while issuing production ordering according to the order of sequence, also to comprise between step 106 and step 107: calculate current proof test value according to the Backup Data in system file;
Step 108: intelligent cipher key equipment normally identifies set by file, and life cycle state is revised as to the application stage, return to step 102.
Embodiment tri-
The method of a kind of intelligent cipher key equipment of keeping the safety in production that the embodiment of the present invention three provides, be applicable to the application stage of intelligent cipher key equipment, in terminal, store the Backup Data of the essential information that comprises intelligent cipher key equipment, essential information comprises PIN code, produces key, key object, file object and related hardware information etc.As shown in Figure 3, the method comprises:
Step 201: intelligent cipher key equipment power-up initializing, wait for and receive usb data;
Step 202: intelligent cipher key equipment judges that file normally identifies whether set, is to perform step 206, otherwise execution step 203;
Step 203: the Backup Data in the Backup Data covering system file of subsidiary space for intelligent cipher key equipment;
Concrete, in the present embodiment, if the Backup Data in subsidiary space is for the data after compressing, in step 203, first the Backup Data of compression is decompressed, then with the Backup Data in the data cover system file after decompressing; Compression process in decompression process and embodiment bis-is reciprocal;
Step 204: intelligent cipher key equipment judges whether to have covered, is to perform step 205, otherwise returns to step 203;
Step 205: intelligent cipher key equipment normally identifies set by file, order performs step 206;
Step 206: intelligent cipher key equipment is waited under Receiving Host and sending instructions judge when receiving instruction whether it is that a key recovers instruction, is to perform step 208, otherwise execution step 207;
Concrete, it is 84 16 00 00 Lc Data that the key in the present embodiment recovers instruction;
Step 207: whether the instruction that intelligent cipher key equipment judgement receives is production ordering, is to report an error, and returns to step 206, otherwise carries out corresponding operating according to the instruction receiving, and operating result is returned to main frame, returns to step 206;
Step 208: intelligent cipher key equipment judges that file normally identifies whether set, is to perform step 209, otherwise execution step 210;
Step 209: intelligent cipher key equipment normally identifies reset by file, order performs step 210;
Step 210: the Backup Data in the Backup Data covering system file of subsidiary space for intelligent cipher key equipment, and judge whether to have covered, be to perform step 211, otherwise finish current operation, return to step 206;
Concrete, in the present embodiment, as what store in subsidiary space, be the Backup Data after compression, overwrite procedure is specially: first the data of subsidiary space are decompressed, then with the Backup Data in the Backup Data covering system file after decompressing; Compression process in decompression process and embodiment bis-is reciprocal;
Step 211: intelligent cipher key equipment normally identifies set by file, returns to 206.
In the present embodiment, the Backup Data in the Backup Data covering system file of repeatedly using subsidiary space can be set, while being judged as NO in step 210, carry out the following step: intelligent cipher key equipment judges whether to arrive Preset Time, be to report an error, finish, otherwise return to 206.
Embodiment tetra-
The method of a kind of intelligent cipher key equipment of keeping the safety in production that the embodiment of the present invention four provides, in terminal, store the Backup Data of the essential information that comprises intelligent cipher key equipment, essential information comprises PIN code, produces key, key object, file object and related hardware information etc.As shown in Figure 4, the method comprises:
Step 301: intelligent cipher key equipment power-up initializing, wait for and receive usb data;
Step 302: intelligent cipher key equipment judges that whether its life cycle state is in the production phase, is to perform step 303, otherwise execution step 309;
Step 303: intelligent cipher key equipment is waited for the instruction that Receiving Host issues, and judges whether it is production ordering, is to perform step 304 when receiving instruction, otherwise execution step 306;
In the present embodiment, by the second byte of instruction, carry out the type of decision instruction, concrete, the present embodiment production ordering is 80 12 00 OP Lc Data, and when Backup Data is greater than the reception buffer area of intelligent cipher key equipment, main frame is divided into polylith by Backup Data and issues; Wherein OP represents the sequence number of file content, and Data represents corresponding file content;
Step 304: intelligent cipher key equipment is resolved the production ordering receiving, and the Backup Data in analysis result is written in system file, and calculate new proof test value according to the Backup Data in analysis result and current proof test value, and upgrade current proof test value with new proof test value;
In the present embodiment, if intelligent cipher key equipment is the production ordering that Receiving Host issues for the first time, step 304 replaces with accordingly: intelligent cipher key equipment is according to the Backup Data calculation check value in analysis result;
In the present embodiment, when main frame is divided into Backup Data polylith and issues, its implementation is identical with embodiment bis-, and the operation of corresponding calculation check value is also carried out when receiving sealing instruction, does not repeat them here;
Step 305: intelligent cipher key equipment open up subsidiary space and by the backup data store in analysis result in subsidiary space, return to step 303;
In the present embodiment, also can first the Backup Data in analysis result be compressed, store in subsidiary space after the reversible treatment such as encryption again, implementation is with reference to embodiment bis-;
Step 306: whether the instruction that intelligent cipher key equipment judgement receives is sealing instruction, is to perform step 307, otherwise reports an error, and returns to step 303;
Concrete, the sealing instruction in the present embodiment is: 84 14 00 00 Lc CRC;
In the present embodiment, when main frame is divided into Backup Data polylith and issues, step 304 replaces with: intelligent cipher key equipment is resolved the instruction receiving, and the Backup Data of analysis result is written in system file;
Accordingly, first according to the Backup Data calculation check value in system file while being judged as YES in step 306, then order performs step 307;
Step 307: intelligent cipher key equipment is resolved sealing instruction, and judges whether the proof test value in analysis result conforms to current proof test value, is to perform step 308, otherwise reports an error, and returns to step 303;
Step 308: intelligent cipher key equipment normally identifies set by file, and life cycle state is revised as to the application stage, continue execution step 309;
Step 309: intelligent cipher key equipment judges that file normally identifies whether set, is to perform step 313, otherwise execution step 310;
Step 310: the Backup Data in the Backup Data covering system file of subsidiary space for intelligent cipher key equipment;
In the present embodiment, while being as the Backup Data in subsidiary space the data of crossing through reversible treatment such as overcompression or encryptions, in this step, first the data in subsidiary space are decompressed or the processing such as deciphering, with the Backup Data in the data cover system file after processing, implementation can be with reference to embodiment tri-again;
Step 311: intelligent cipher key equipment judges whether to have covered, is to perform step 312, otherwise returns to step 310;
Step 312: intelligent cipher key equipment normally identifies set by file;
Step 313: intelligent cipher key equipment is waited under Receiving Host and being sent instructions, when receiving instruction, judge that whether it is that a key recovers instruction, is to perform step 314, otherwise carries out corresponding operating according to the instruction receiving, operating result is returned to main frame, execution step 313;
Concrete, it is 84 16 00 00 Lc Data that the key in the present embodiment recovers instruction;
Step 314: intelligent cipher key equipment judges that file normally identifies whether set, is to perform step 315, otherwise execution step 316;
Step 315: intelligent cipher key equipment normally identifies reset by file, order performs step 316;
Step 316: the Backup Data in the Backup Data covering system file of subsidiary space for intelligent cipher key equipment, and judge whether to have covered, be to perform step 317, otherwise finish current operation, return to step 313;
Overwrite procedure in the present embodiment in this step can realize with reference to step 310;
Step 317: intelligent cipher key equipment normally identifies set by file, returns to 313.
In the present embodiment, Backup Data in the Backup Data covering system file of repeatedly using subsidiary space can be set, while being judged as NO in step 316, carry out the following step: intelligent cipher key equipment judges whether to arrive Preset Time, to report an error, finish current operation, return to step 313, otherwise directly return to 313.
The data of storing in subsidiary space in the present embodiment four are the Backup Data after compressing, and its implementation procedure and embodiment bis-are identical with embodiment tri-, do not repeat them here.
In the embodiment of the present invention, intelligent cipher key equipment also can be used the private key of self to be encrypted Backup Data, then stores in subsidiary space or in other buffer areas; When covering, intelligent cipher key equipment first obtains the Backup Data of encryption from subsidiary space or other buffer areas, uses the PKI to self to be decrypted the Backup Data of encrypting, then by the data file in the data cover log system after deciphering; Or intelligent cipher key equipment can carry out other reversible calculating to Backup Data, and then store in subsidiary space; When covering, intelligent cipher key equipment first carries out contrary calculating to the data in subsidiary space, then by the data file in the data cover log system after contrary calculating.
Embodiment five
The device of a kind of intelligent cipher key equipment of keeping the safety in production that the embodiment of the present invention five provides, as shown in Figure 5, comprising:
Receiver module 501, the instruction issuing for Receiving Host;
Whether the first judge module 502, in the production phase, be the second judge module 503 work for the life cycle state that judges intelligent cipher key equipment, otherwise the 3rd judge module 504 work;
The second judge module 503, for detect instruction type when receiver module 501 receives instruction, production ordering is resolved writing module 505 work in this way, seals in this way analysis judgment module 506 work of instruction, in this way other module 507 work that report an error;
The 3rd judge module 504, for judging when receiver module 501 receives instruction whether it is that a key recovers instruction, is the 4th judge module 511 work, otherwise 512 work of Covering judgment module;
Resolve writing module 505, for production ordering is resolved, and the Backup Data in analysis result is written in system file;
Parsing writing module 505 in the present embodiment has two kinds of implementations, and the first implementation is set to 0 for write the initial value of indegree in device, as shown in Figure 7, resolves writing module 505 and comprises:
The first resolution unit 5051, for resolving production ordering;
Judging unit 5052, for judge the first resolution unit 5051 analysis result file content sequence number whether with write indegree and add 1 and equate, be first to write processing unit 5053 work, otherwise setting unit 5054 and module 507 work that report an error;
First writes processing unit 5053, for the Backup Data of analysis result is written in system file, writes indegree from adding 1;
Setting unit 5054, is set to 0 for writing indegree;
Parsing writing module 505 in the present embodiment has two kinds of implementations, and the second implementation as shown in Figure 8, is resolved writing module 505 and comprised:
The second resolution unit 5055, for resolving production ordering;
Acquiring unit 5056, obtains the sequence number of file content and corresponding Backup Data for the analysis result from the second resolution unit 5055;
The second writing unit 5057, for writing corresponding Backup Data the system file piecemeal that numbering is consistent with the sequence number of file content;
Analysis judgment module 506, for sealing instruction is resolved, and judges whether the proof test value in analysis result conforms to described current proof test value, is modified module 510 work, otherwise module 507 work that report an error;
The module 507 that reports an error, for reporting an error;
Computing module 508, for calculating current proof test value according to Backup Data;
In the present embodiment, computing module 508 is specifically for calculating new proof test value according to the Backup Data in system file and current proof test value, and upgrades current proof test value with new proof test value; When receiver module 501 is to receive for the first time production ordering, computing module 508 is also for calculating new proof test value according to the Backup Data of analysis result, and using new proof test value as current proof test value;
When parsing writing module 505 adopts above-mentioned two kinds of modes to realize, the computing module 508 in the present embodiment is specifically for calculating current proof test value according to the Backup Data in system file;
Memory module 509, for open up subsidiary space and by the backup data store of analysis result in subsidiary space;
Modified module 510, for being revised as the application stage by life cycle state;
The 4th judge module 511, for judging whether the instruction that receiver module 501 receives is production ordering, is module 507 work that report an error, otherwise carries out corresponding operating according to the instruction receiving, and operating result is returned to main frame;
Covering judgment module 512, for the Backup Data of the Backup Data covering system file with subsidiary space, and judges whether to have covered.
As shown in Figure 6, the device in the present embodiment also comprises:
Set module 513, for file normally being identified to set when Covering judgment module 512 is judged as YES, normally identifies reset by file while being also judged as YES for the 5th judge module 514;
The 5th judge module 514, for judging that file normally identifies whether set, is the 3rd judge module 504 work or 513 work of set module, otherwise 512 work of Covering judgment module;
Set module 513 work when Covering judgment module 512 is judged as YES; The 5th judge module 514 work when the 3rd judge module 504 is judged as YES, set module 513 work when the 5th judge module 514 is judged as YES, Covering judgment module 512 work when the 5th judge module 514 is judged as NO.
In the present embodiment, memory module 509 is specifically for storing in subsidiary space after the Backup Data compression of system file; Covering judgment module 512 is specifically for the Backup Data of subsidiary space is carried out to decompress(ion), then with the Backup Data in the data cover system file after decompress(ion), and judge whether to have covered.
Or the memory module in the present embodiment 509 stores in subsidiary space or other buffer areas after using self private key to encrypt the Backup Data in analysis result; Covering judgment module 512 is specifically for using self PKI to be first decrypted Backup Data in subsidiary space or buffer memory, then with the Backup Data in the data cover system file after deciphering, and judge whether to have covered.
The above; be only the present invention's embodiment preferably, but protection scope of the present invention is not limited to this, is anyly familiar with those skilled in the art in technical scope disclosed by the invention; the variation that can expect easily or replacement, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection domain of claim.

Claims (20)

1. the keep the safety in production method of intelligent cipher key equipment, is characterized in that, comprising:
Step S1: intelligent cipher key equipment power-up initializing, wait for and receive usb data;
Step S2: described intelligent cipher key equipment judges that whether its life cycle state is in the production phase, is to perform step S3, otherwise execution step S7;
Step S3: described intelligent cipher key equipment is waited under Receiving Host and being sent instructions, when receiving instruction, detect instruction type, production ordering performs step S4 in this way, seals in this way instruction and performs step S5, other instructions report an error in this way, continue the instruction of waiting for that Receiving Host issues;
Step S4: described intelligent cipher key equipment is resolved described production ordering, and the Backup Data in analysis result is written in system file, according to described Backup Data, calculate current proof test value, open up subsidiary space and by the backup data store in described analysis result in described subsidiary space, return to step S3;
Step S5: described intelligent cipher key equipment is resolved described sealing instruction, and judge whether the proof test value in analysis result conforms to described current proof test value, is to perform step S6, otherwise reports an error, and returns to step S3;
Step S6: described intelligent cipher key equipment is revised as the application stage by described life cycle state, returns to step S2;
Step S7: described intelligent cipher key equipment is waited under Receiving Host and sending instructions judge when receiving instruction whether it is that a key recovers instruction, is to perform step S9, otherwise execution step S8;
Step S8: whether the instruction that described intelligent cipher key equipment judgement receives is production ordering, is to report an error, and returns to step S7, otherwise carries out corresponding operating according to the instruction receiving, and operating result is returned to main frame, returns to step S7;
Step S9: described intelligent cipher key equipment covers the Backup Data in described system file with the Backup Data of described subsidiary space, and judges whether to have covered, is to return to step S7, otherwise finishes current operation, returns to step S7.
2. the method for claim 1, is characterized in that, described step S6 also comprises: file is normally identified to set.
3. method as claimed in claim 2, is characterized in that, first carries out following step while being judged as NO in described step S2;
Steps A 1: described intelligent cipher key equipment judges that described file normally identifies whether set, is to perform step S7, otherwise execution step A2;
Steps A 2: described intelligent cipher key equipment covers the Backup Data in described system file with the Backup Data of described subsidiary space;
Steps A 3: described intelligent cipher key equipment judges whether to have covered, is to perform step A4, otherwise returns to steps A 2;
Steps A 4: described intelligent cipher key equipment normally identifies set by described file, order performs step S7.
4. method as claimed in claim 3, is characterized in that, first carries out following step while being judged as YES in described step S7:
Step B1: described intelligent cipher key equipment judges that described file normally identifies whether set, is to perform step B2, otherwise execution step S9;
Step B2: described intelligent cipher key equipment normally identifies reset by described file, order performs step S9.
5. method as claimed in claim 4, is characterized in that, while being judged as YES in described step S9, described file is normally identified to set, returns to step S7.
6. the method as described in claim 1 or 5, is characterized in that, detects the type of instruction in described step S3 by the second byte of instruction, as the data in the second byte are 12, is production ordering, as the data in the second byte are 14, is sealing instruction.
7. the method as described in claim 1 or 5, is characterized in that, when described Backup Data is greater than the reception buffer area of described intelligent cipher key equipment, described main frame is divided into polylith by Backup Data and is handed down to described intelligent cipher key equipment.
8. method as claimed in claim 7, is characterized in that, described step S4 specifically comprises:
Step S4-1: described intelligent cipher key equipment is resolved described production ordering, and the Backup Data in analysis result is written in system file;
Step S4-2: described intelligent cipher key equipment calculates new proof test value according to the Backup Data in described analysis result and current proof test value, and upgrades current proof test value with new proof test value;
Step S4-3: described intelligent cipher key equipment open up subsidiary space and by the backup data store in described analysis result in described subsidiary space, return to step S3.
9. method as claimed in claim 8, is characterized in that, when described intelligent cipher key equipment receives production ordering for the first time, described step S4-2 replaces with:
Described intelligent cipher key equipment calculates new proof test value according to the Backup Data in described analysis result, and using described new proof test value as current proof test value.
10. method as claimed in claim 7, is characterized in that, when described main frame is divided into polylith by Backup Data, and is not that while being handed down to described intelligent cipher key equipment according to the order of sequence, the initial value of writing indegree in intelligent cipher key equipment is set to 0; Described step S4 and step S5 replace with step S4 ' and step S5 ';
Step S4 ': described intelligent cipher key equipment is resolved described production ordering, whether the sequence number that judges the file content in analysis result adds 1 with said write number of times equates, the Backup Data in described analysis result to be written in described system file, said write number of times is from adding 1, return to step S3, otherwise report an error, and said write number of times is set to 0, returns to step S3;
Step S5 ': described intelligent cipher key equipment calculates current proof test value according to the Backup Data in described system file, and described sealing instruction is resolved, judge whether the proof test value in analysis result conforms to described current proof test value, be to perform step S6, otherwise report an error, return to step S3.
11. methods as claimed in claim 7, is characterized in that, when described main frame is divided into polylith by Backup Data, and are not while being handed down to described intelligent cipher key equipment according to the order of sequence, and the system file of described intelligent cipher key equipment carries out piecemeal and numbers according to the order of sequence according to fixed size; Described step S4 and step S5 replace with step S4 accordingly " and step S5 ";
Step S4 ": described intelligent cipher key equipment is resolved described production ordering; and from analysis result, obtain the sequence number of file content and corresponding Backup Data, the Backup Data of described correspondence is write in the system file piecemeal that numbering is consistent with the sequence number of described file content;
Step S5 ": described intelligent cipher key equipment calculates current proof test value according to the Backup Data in described system file; and described sealing instruction is resolved, judge whether the proof test value in analysis result conforms to described current proof test value, be to perform step S6; otherwise report an error, return to step S3.
12. methods as described in claim 1 or 5, is characterized in that, described in open up subsidiary space and the backup data store in described system file be specially in described subsidiary space:
Open up subsidiary space, and will after the Backup Data compression in described analysis result, store in described subsidiary space;
Described intelligent cipher key equipment is specially with the Backup Data that the Backup Data of described subsidiary space covers in described system file:
Described intelligent cipher key equipment first carries out decompress(ion) to the Backup Data of described subsidiary space, then with the Backup Data in system file described in the data cover after decompress(ion).
13. methods as described in claim 1 or 5, is characterized in that, described in open up subsidiary space and the backup data store in described system file be specially in described subsidiary space:
After using self private key to encrypt the Backup Data in described analysis result, store in subsidiary space or other buffer areas;
Described intelligent cipher key equipment is specially with the Backup Data that the Backup Data of described subsidiary space covers in described system file:
Described intelligent cipher key equipment is used self PKI to be first decrypted Backup Data in described subsidiary space or buffer memory, then with the Backup Data in system file described in the data cover after deciphering.
The device of 14. 1 kinds of intelligent cipher key equipments of keeping the safety in production, is characterized in that, comprising:
Receiver module, the instruction issuing for Receiving Host;
Whether the first judge module, in the production phase, be the second judge module work for the life cycle state that judges intelligent cipher key equipment, otherwise the 3rd judge module work;
Described the second judge module, for detect instruction type when described receiver module receives instruction, production ordering is resolved writing module work in this way, seals in this way analysis judgment module work of instruction, other instructions module work that reports an error in this way;
The described module that reports an error, for reporting an error;
Described parsing writing module, for described production ordering is resolved, and is written to the Backup Data in analysis result in system file;
Computing module, for calculating current proof test value according to described Backup Data;
Memory module, for open up subsidiary space and by the backup data store of described analysis result in described subsidiary space;
Described analysis judgment module, for described sealing instruction is resolved, and judges whether the proof test value in analysis result conforms to described current proof test value, is modified module work, otherwise described in the module work that reports an error;
Described modified module, for being revised as the application stage by described life cycle state;
Described the 3rd judge module, for judging when described receiver module receives instruction whether it is that a key recovers instruction, is the 4th judge module work, otherwise the work of Covering judgment module;
Described the 4th judge module, for judging whether the instruction that described receiver module receives is production ordering, is the module work that reports an error described in, otherwise carries out corresponding operating according to the instruction receiving, and operating result is returned to main frame;
Described Covering judgment module, covers the Backup Data of described system file for the Backup Data with described subsidiary space, and judges whether to have covered.
15. devices as claimed in claim 14, is characterized in that, also comprise:
Set module, for file normally being identified to set when described Covering judgment module is judged as YES, normally identifies reset by file while being also judged as YES for the 5th judge module;
Described the 5th judge module, for judging that described file normally identifies whether set, is described the 3rd judge module work or the work of described set module, otherwise the work of described Covering judgment module;
Set module work described in when described Covering judgment module is judged as YES; The 5th judge module work described in when described the 3rd judge module is judged as YES, when described the 5th judge module is judged as YES described in the work of set module, when described the 5th judge module is judged as NO described in the work of Covering judgment module.
16. devices as claimed in claim 14, is characterized in that, described computing module is specifically for calculating new proof test value according to the Backup Data in described analysis result and current proof test value, and upgrade current proof test value with new proof test value;
When described receiver module is to receive for the first time production ordering, described computing module is also for calculating new proof test value according to the Backup Data of described analysis result, and using described new proof test value as current proof test value.
17. devices as claimed in claim 14, is characterized in that, described parsing writing module comprises:
The first resolution unit, for resolving described production ordering;
Judging unit, for judge described the first resolution unit analysis result file content sequence number whether with write indegree and add 1 and equate, be first to write processing unit work, otherwise setting unit and the module work that reports an error;
Described first writes processing unit, and for the Backup Data of described analysis result is written in described system file, said write number of times is from adding 1;
Described setting unit, is set to 0 for said write number of times.
18. devices as claimed in claim 14, is characterized in that, described parsing writing module comprises:
The second resolution unit, for resolving described production ordering;
Acquiring unit, obtains the sequence number of file content and corresponding Backup Data for the analysis result from described the second resolution unit;
The second writing unit, for writing the Backup Data of described correspondence the system file piecemeal that numbering is consistent with the sequence number of described file content.
19. devices as claimed in claim 14, is characterized in that, described memory module is specifically for storing in described subsidiary space after the Backup Data compression of described system file;
Described Covering judgment module is specifically for the Backup Data of described subsidiary space is carried out to decompress(ion), then with the Backup Data in system file described in the data cover after decompress(ion), and judge whether to have covered.
20. devices as claimed in claim 14, is characterized in that, described memory module stores in subsidiary space or other buffer areas after using self private key to encrypt the Backup Data in described analysis result;
Described Covering judgment module is specifically for using self PKI to be first decrypted Backup Data in described subsidiary space or buffer memory, then with the Backup Data in system file described in the data cover after deciphering, and judge whether to have covered.
CN201210259619.5A 2012-07-25 2012-07-25 Method and device for safely producing intelligent key device Active CN102831362B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210259619.5A CN102831362B (en) 2012-07-25 2012-07-25 Method and device for safely producing intelligent key device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210259619.5A CN102831362B (en) 2012-07-25 2012-07-25 Method and device for safely producing intelligent key device

Publications (2)

Publication Number Publication Date
CN102831362A CN102831362A (en) 2012-12-19
CN102831362B true CN102831362B (en) 2014-12-10

Family

ID=47334495

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210259619.5A Active CN102831362B (en) 2012-07-25 2012-07-25 Method and device for safely producing intelligent key device

Country Status (1)

Country Link
CN (1) CN102831362B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103269271B (en) 2013-05-23 2016-12-07 天地融科技股份有限公司 A kind of back up the method and system of private key in electronic signature token
CN103248490B (en) * 2013-05-23 2016-08-10 天地融科技股份有限公司 A kind of back up the method and system of information in electronic signature token
CN103248491B (en) 2013-05-23 2016-04-13 天地融科技股份有限公司 A kind of backup method of electronic signature token private key and system
CN107423583B (en) * 2017-07-18 2018-08-03 北京深思数盾科技股份有限公司 A kind of software protecting device remapping method and device
CN111970108B (en) * 2020-07-20 2022-08-02 四川虹美智能科技有限公司 Key writing method, device and system for intelligent equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101588351A (en) * 2008-05-21 2009-11-25 北京飞天诚信科技有限公司 Method for information security device for binding network software
CN102227106A (en) * 2011-06-01 2011-10-26 飞天诚信科技股份有限公司 Method and system for intelligent secret key equipment to communicate with computer

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4891902B2 (en) * 2005-06-01 2012-03-07 パナソニック株式会社 Electronic device, update server device, key update device
US7818586B2 (en) * 2005-11-11 2010-10-19 Computer Associates Think, Inc. System and method for data encryption keys and indicators

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101588351A (en) * 2008-05-21 2009-11-25 北京飞天诚信科技有限公司 Method for information security device for binding network software
CN102227106A (en) * 2011-06-01 2011-10-26 飞天诚信科技股份有限公司 Method and system for intelligent secret key equipment to communicate with computer

Also Published As

Publication number Publication date
CN102831362A (en) 2012-12-19

Similar Documents

Publication Publication Date Title
US11263416B2 (en) Two-dimensional code generation and identification
CN102831362B (en) Method and device for safely producing intelligent key device
CN104202185B (en) A kind of communication data backup method and device
CN105760764B (en) Encryption and decryption method and device for embedded storage device file and terminal
CN107786331B (en) Data processing method, device, system and computer readable storage medium
CN103544410B (en) It is a kind of that embedded microprocessor is non-clones function key authentication system and method
CN101646168B (en) Data encryption method, decryption method and mobile terminal
CN110324138B (en) Data encryption and decryption method and device
US20150019875A1 (en) Portable device for data encryption/decryption and/or compression/decompression
CN107395751A (en) A kind of remote control system of intelligent household electrical appliance and method
CN104732159A (en) File processing method and file processing device
US20150071442A1 (en) Data-encrypting method and decrypting method for a mobile phone
CN105848145A (en) WIFI intelligent configuration method and device
CN111596938A (en) Embedded equipment firmware safety upgrading method, system, terminal and storage medium
CN108170461B (en) Differential upgrade package generation method, differential upgrade method and device
CN113190877A (en) Model loading method and device, readable storage medium and electronic equipment
Park et al. A methodology for the decryption of encrypted smartphone backup data on android platform: A case study on the latest samsung smartphone backup system
CN105512520B (en) Anti-cloning vehicle-mounted system and working method thereof
Park et al. New flash memory acquisition methods based on firmware update protocols for LG Android smartphones
CN115242413A (en) Internet of things equipment firmware safety upgrading method and device, electronic equipment and medium
CN107169370A (en) The encryption method and encryption device of executable file
CN102012978A (en) Method and system for safely upgrading ISO (International Standard Code) file
WO2020077626A1 (en) Method and device for recognizing finger vein information
CN103888416B (en) Prevent the method and device of IP information leakages that safety-protection system terminal device stores
CN111159783B (en) Portable high-speed stream encryption hardware device and method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 17th floor, building B, Huizhi building, No.9, Xueqing Road, Haidian District, Beijing 100085

Patentee after: Feitian Technologies Co.,Ltd.

Country or region after: China

Address before: 100085 17th floor, block B, Huizhi building, No.9 Xueqing Road, Haidian District, Beijing

Patentee before: Feitian Technologies Co.,Ltd.

Country or region before: China