CN103425932B - Signature calibration method and terminal device - Google Patents
Signature calibration method and terminal device Download PDFInfo
- Publication number
- CN103425932B CN103425932B CN201310347235.3A CN201310347235A CN103425932B CN 103425932 B CN103425932 B CN 103425932B CN 201310347235 A CN201310347235 A CN 201310347235A CN 103425932 B CN103425932 B CN 103425932B
- Authority
- CN
- China
- Prior art keywords
- software package
- system software
- signing messages
- terminal unit
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Stored Programmes (AREA)
Abstract
The invention discloses a signature calibration method and a terminal device. The signature calibration method includes the steps of obtaining hardware information of the terminal device in the state that a system is safely started, and conducting calibration to find out whether a system software package is legal or not through the terminal device according to N pieces of signature information in the system software package and the hardware information of the terminal device, wherein the hardware information of the terminal device includes at least one of the type of a processor of the terminal device, information of a manufacturer and the type of the device or any combination of the type of the processor of the terminal device, information of the manufacturer and the type of the device, the N pieces of signature information is generated according to original data of the system software package and different types of hardware information, and N is larger than or equal to 2. Due to the fact that the N pieces of signature information is generated according to the original data of the system software package and the different types of hardware information, the signature calibration method and the terminal device can adapt to safe starting of various types of hardware, and when the hardware information such as the type of the processor, the information of the manufacturer and the type of the device changes, normal use such as starting of the device, updating of the device and maintaining of the device can not be influenced.
Description
Technical field
The present invention relates to communication technical field, especially a kind of signature check method and terminal unit.
Background technology
At present, high-pass platform supports the clean boot scheme (secureboot) based on fuse failure technology.Clean boot
Scheme is a kind of clean boot scheme being provided according to different application demand, starts for protection and some two using that communicate
Binary data.Its principle is: first using softdog and digital certificate, the initial data needed for clean boot and hardware information is entered
Row signature verification process, the signing messages of generation is bound together with corresponding initial data;Then start in terminal unit
When, the internal processes of terminal unit chips use the hardware letter of this terminal unit to the initial data loading and signing messages
Breath is verified, and to guarantee the legitimacy of the initial data loading, that is, guarantees the legitimacy of the system software package of loading.
High-pass platform existing signature check technology, terminal unit is carrying out school to the initial data loading and signing messages
When testing, need the hardware information using this terminal unit, when the hardware information of terminal unit changes, this hardware information is just
May thus occur and verify unsuccessfully with to generate the hardware information that be used of signing messages inconsistent, lead to the terminal unit cannot
Start.
Content of the invention
The problem to be solved in the present invention is that existing signature check technology, when hardware information changes, affects equipment
Normal use.
In view of this, in order to solve the above problems, in a first aspect, the present invention proposes a kind of signature check method, wrap
Include:
In the state of safety startup of system, obtain the hardware information of terminal unit, the hardware information of described terminal unit
At least one including the processor model of described terminal unit, manufacturer's information and unit type or its combination in any;
Described terminal unit is according to the hardware information of the n bar signing messages in system software package and described terminal unit, school
Test whether described system software package is legal, described n bar signing messages is initial data and the difference according to described system software package
Hardware information generate;n≥2.
In conjunction with a first aspect, in the first possible embodiment, before the described hardware information obtaining terminal unit,
Methods described also includes:
By the signing messages by default of in described n bar signing messages, by described n bar signing messages except described silent
Recognize other signing messages outside signing messages as attaching signature information;
Wherein, described acquiescence signing messages is the A.L.S. that when described terminal unit is verified every time, first time uses
Breath;After described acquiescence signing messages is saved in the mirror image data of described system software package, described attaching signature information is saved in
After described acquiescence signing messages;Or, described acquiescence signing messages is saved in mirror image head and the mirror image number of described system software package
According between, after described attaching signature information is saved in described mirror image data.
In conjunction with the first possible embodiment of first aspect, in the possible embodiment of second, described terminal
Equipment, according to the hardware information of the n bar signing messages in system software package and described terminal unit, verifies described system software package
It is whether legal, comprising:
Described terminal unit is hard according to the described acquiescence signing messages in described system software package and described terminal unit
Whether legal part information, verify described system software package;
If according to the hardware information of described acquiescence signing messages and described terminal unit, verify described system software package and do not conform to
Method, then the hardware information according to described attaching signature information and described terminal unit successively, whether verify described system software package
Legal, until it is legal to verify out described system software package.
In conjunction with the possible embodiment of the second of first aspect, in the third possible embodiment, described successively
According to the hardware information of described attaching signature information and described terminal unit, whether the described system software package of verification is legal, until
Verify out described system software package legal after, methods described also includes:
By verify out described system software package legal when the attachment signatures information that used, replace described acquiescence A.L.S.
Breath.
In conjunction with first aspect or any of the above-described kind of possible embodiment, in the 4th kind of possible embodiment, described
System software package includes the initial data of needs renewal,
Described terminal unit is according to the hardware information of the n bar signing messages in system software package and described terminal unit, school
Whether legal test described system software package, comprising:
During updating described initial data, described terminal unit is according to described n bar signing messages and described terminal
Whether legal the hardware information of equipment, verify described system software package;
Methods described also includes:
If described system software package is legal, execute the more new technological process of the initial data of described system software package;
Otherwise, stop the updating and report an error of initial data of described system software package.
In conjunction with the possible embodiment of first aspect or the first possible embodiment or second or the third may
Embodiment, in the 5th kind of possible embodiment, described terminal unit is according to the n bar signing messages in system software package
With the hardware information of described terminal unit, whether legal verify described system software package, comprising:
During safety startup of system, described terminal unit is according to described n bar signing messages and described terminal unit
Hardware information, verify described system software package whether legal;
Methods described also includes:
If described system software package is legal, the flow process that execution system starts;
Otherwise, stop the flow process of execution system startup and report an error.
In second aspect, the present invention proposes a kind of terminal unit, comprising:
Data obtaining module, for, in the state of safety startup of system, obtaining the hardware information of terminal unit, described end
The hardware information of end equipment include at least one of processor model, manufacturer's information and unit type of described terminal unit or its
Combination in any;
Signature check module, for the hardware letter according to the n bar signing messages in system software package and described terminal unit
Breath, whether verify described system software package legal, described n bar signing messages be initial data according to described system software package and
Different hardware informations generates;n≥2.
In conjunction with second aspect, in the first possible embodiment, described terminal unit also includes:
Signature processing module, for by the signing messages by default of in described n bar signing messages, by described n bar
Signing messages other signing messages in addition to described acquiescence signing messages are as attaching signature information;
Wherein, described acquiescence signing messages is the A.L.S. that when described terminal unit is verified every time, first time uses
Breath;After described acquiescence signing messages is saved in the mirror image data of described system software package, described attaching signature information is saved in
After described acquiescence signing messages;Or, described acquiescence signing messages is saved in mirror image head and the mirror image number of described system software package
According between, after described attaching signature information is saved in described mirror image data.
In conjunction with the first possible embodiment of second aspect, in the possible embodiment of second, described signature
Correction verification module specifically for: according to the hardware of the described acquiescence signing messages in described system software package and described terminal unit letter
Whether legal breath, verify described system software package;If according to the hardware information of described acquiescence signing messages and described terminal unit,
Verify that described system software package is illegal, then the hardware information according to described attaching signature information and described terminal unit successively,
Whether legal verify described system software package, until it is legal to verify out described system software package.
In conjunction with the possible embodiment of the second of second aspect, in the third possible embodiment, described signature
Processing module is additionally operable to: in the described signature check module successively hardware according to described attaching signature information and described terminal unit
Information, whether verify described system software package legal, until verify out described system software package legal after, will verify out described
The attachment signatures information being used when system software package is legal, replaces described acquiescence signing messages.
In conjunction with second aspect or any of the above-described kind of possible embodiment, in the 4th kind of possible embodiment, described
System software package includes the initial data of needs renewal, and described signature check module includes:
Data updating unit, for during updating described initial data, according to described n bar signing messages and described
Whether legal the hardware information of terminal unit, verify described system software package;If described system software package is legal, execute institute
State the more new technological process of the initial data of system software package;Otherwise, stop the updating and report of initial data of described system software package
Wrong.
In conjunction with the possible embodiment of second aspect or the first possible embodiment or second or the third may
Embodiment, in the 5th kind of possible embodiment, described signature check module includes:
Clean boot unit, for during safety startup of system, according to described n bar signing messages and described terminal
Whether legal the hardware information of equipment, verify described system software package;If described system software package is legal, execution system opens
Dynamic flow process;Otherwise, stop the flow process of execution system startup and report an error.
The embodiment of the present invention in the state of safety startup of system, sign according to the n bar in system software package by terminal unit
Information and the hardware information of described terminal unit, can verify described system software package whether legal, because n bar signing messages is
Initial data according to described system software package and different hardware informations generate, and can adapt to the peace of polytype hardware
Complete start, when the hardware informations such as processor model, manufacturer's information or unit type change, the startup of equipment, upgrading and
Maintenance etc. normally uses unaffected.
Brief description
Comprise in the description and constitute the Figure of description of a part of description and description together illustrates this
The exemplary embodiment of invention, feature and aspect, and for explaining the principle of the present invention.
Fig. 1 is the schematic flow sheet of the signature check method of the embodiment of the present invention one;
Fig. 2 a~Fig. 2 d is the schematic diagram of signing messages storage location in the signature check method of the embodiment of the present invention two;
Fig. 2 e is the schematic flow sheet of the signature check method of the embodiment of the present invention two;
Fig. 3 is the schematic flow sheet of the signature check method of the embodiment of the present invention three;
Fig. 4 is the structured flowchart of the terminal unit of the embodiment of the present invention four;
Fig. 5 is the structured flowchart of the terminal unit of the embodiment of the present invention five;
Fig. 6 is the structured flowchart of the terminal unit of the embodiment of the present invention six.
Specific embodiment
Describe various exemplary embodiments, feature and the aspect of the present invention below with reference to accompanying drawing in detail.Identical in accompanying drawing
Reference represent the same or analogous element of function.Although the various aspects of embodiment shown in the drawings, remove
Non-specifically points out it is not necessary to accompanying drawing drawn to scale.
Special word " exemplary " means " as example, embodiment or illustrative " here.Here as " exemplary "
Illustrated any embodiment should not necessarily be construed as preferred or advantageous over other embodiments.
In addition, in order to better illustrate the present invention, giving numerous details in specific embodiment below.
It will be appreciated by those skilled in the art that not having these details, the present invention equally can be implemented.In other example,
Known method, means, element and circuit are not described in detail, in order to highlight the purport of the present invention.
Fig. 1 is the schematic flow sheet of the signature check method of the embodiment of the present invention one.On stream, different terminals set
Standby for example: mobile phone, pad etc. are likely to be of different types of processor, and terminal unit is likely to occur process during using
The processor type that the situation of the new and old replacing of device chip, therefore terminal unit are supported may have multiple, is carrying out mirror image data liter
During level or safety startup of system, need the hardware informations such as the processor using terminal unit that system software package is carried out
Signature check.As shown in figure 1, this signature check method may comprise steps of:
Step 101, in the state of safety startup of system, obtain terminal unit hardware information, described terminal unit
Hardware information includes at least one of processor model, manufacturer's information and unit type of described terminal unit or its any group
Close.
Specifically, the system of terminal unit may be at the state of clean boot, for example: the terminal using high-pass platform sets
For being in secureboot state, under clean boot state, terminal unit is being signed to the system software package needing to run
During name verification, need the hardware information using this terminal unit itself.Wherein, each terminal unit has the hardware letter of itself
Breath, hardware information typically can include any one or a few in processor model, manufacturer's information and unit type.
Step 102, terminal unit are believed according to the hardware of the n bar signing messages in system software package and described terminal unit
Breath, whether verify described system software package legal, described n bar signing messages be initial data according to described system software package and
Different hardware informations generates.n≥2.
Different terminal units is likely to be of different hardware informations, such as: different processor model, manufacturer's information or set
Standby model;Same terminal unit has different types of hardware information, for example: the processor model of same terminal unit and
Manufacturer's information is dissimilar.Initial data according to system software package and a hardware information can generate an A.L.S.
Breath, the initial data according to a system software package and n different hardware information can generate n bar signing messages;Wherein, n is individual not
Same hardware information can include the different hardware information belonging to same terminal unit, can also include belonging to difference
The different hardware information of terminal unit.Specifically, before system software package runs on the terminal device, it is possible to use softdog
Respectively required during clean boot initial data in system software package and n different hardware information are signed from digital certificate
Name verification process, generates corresponding n bar signing messages, and this n bar signing messages is stored in this system software package;A.L.S.
Verification data (signature data) and certificate information (cert chain) etc. can be included in breath.Terminal unit is right in needs
When system software package carries out signature check, hardware information that can successively according to n bar signing messages and terminal unit, respectively to being
System software kit carries out signature check, and the verification enabling to system software package if there are a signing messages is passed through, and can terminate
Checking process, is processed according to normal flow.The verification of system software package all can not be made to pass through if all of signing messages, then
This terminal unit can not support the normal works such as operation and the renewal of this system software package.Specifically, terminal unit is according to one
Signing messages and the hardware information of terminal unit, the process carrying out signature check to system software package respectively may include that terminal
Equipment obtains the hardware information of itself and the initial data of the system software package of pending signature check, the then core of terminal unit
The checking routine of piece storage inside is calculated a signing messages according to this hardware information and initial data, and then judgement obtains
Whether signing messages is mated with the signing messages in this system software package, if mating the signature school then it represents that to system software package
Test and pass through, that is, system software package is legal, if mismatching then it represents that not passing through to the signature check of system software package.
Because system software package includes signing messages corresponding from multiple different hardware informations, so this systems soft ware
When bag runs in the different multiple terminal devices of hardware information, all can verify and pass through.
, in the state of safety startup of system, terminal unit is according to the n bar signing messages in system software package for the present embodiment
With the hardware information of described terminal unit, described system software package can be verified whether legal, according to n bar signing messages
The initial data of described system software package and different hardware informations generate, and the safety that can adapt to polytype hardware opens
Dynamic, when the hardware informations such as processor model, manufacturer's information or unit type change, the startup of equipment, upgrading and maintenance
Use unaffected Deng normally.
Fig. 2 a~Fig. 2 d is the schematic diagram of signing messages storage location in the signature check method of the embodiment of the present invention two.?
On the basis of above-described embodiment, the storage location of n bar signing messages can have multiple, can all be saved in as an entirety
It is also possible to be divided into multistage to store at one.With a signing messages for giving tacit consent to signing messages in the embodiment of the present invention, remaining signature
Information illustrates for as a example attaching signature information.
Can be by the signing messages by default of in described n bar signing messages, by described n bar signing messages except silent
Recognize other signing messages outside signing messages as attaching signature information.Wherein, described acquiescence signing messages is described terminal
The signing messages that when equipment is verified every time, first time uses.The storage mode of acquiescence signing messages and attaching signature information can
With include following any one:
After mode one, described acquiescence signing messages are saved in the mirror image data of described system software package, described additional label
After name information is saved in acquiescence signing messages.
The initial data of system software package can include mirror image head and mirror image data, for example: as shown in Figure 2 a, mirror image head
Be * hd.mbn and mirror image data be * sbl.mbn, acquiescence signing messages can be saved in after mirror image data is * sbl.mbn.As
Shown in Fig. 2 b, after acquiescence signing messages, can first preserve a mirror image signature entirety header file, then preserve each and add
The header file of signature and attaching signature information.If described acquiescence signing messages is saved between mirror image head and mirror image data,
After described attaching signature information being saved in described mirror image data.
Mode two, described acquiescence signing messages are saved between the mirror image head of described system software package and mirror image data, institute
State after attaching signature information is saved in described mirror image data.
As shown in Figure 2 c, mirror image head is elf_header and mirror image data is * .mbn, and acquiescence signing messages can be saved in
Between mirror image head and mirror image data.If additionally, after described acquiescence signing messages is saved in mirror image data, can will be described
After attaching signature information is saved in described acquiescence signing messages.As shown in Figure 2 d, after mirror image data, one can first be preserved
Individual mirror image signature entirety header file, then header file and the attaching signature information preserving each attaching signature.
Further, terminal unit is believed according to the hardware of the n bar signing messages in system software package and described terminal unit
Breath, whether the described system software package of verification is legal, specifically may include that
Described terminal unit is according to the hardware information of the acquiescence signing messages in system software package and described terminal unit, school
Whether legal test described system software package;
If according to the hardware information of described acquiescence signing messages and described terminal unit, verify described system software package and do not conform to
Method, then the hardware information according to described attaching signature information and described terminal unit successively, whether verify described system software package
Legal, until it is legal to verify out described system software package.
Yet further, verifying the signing messages passing through every time may be different, if the acquiescence label of system software package storage
Name information is the signing messages that verification is passed through, then, during restarting terminal unit every time, can preferentially adopt acquiescence signature
Information verifies to system software package, to reduce checking time.Therefore, successively according to described attaching signature information and described end
The hardware information of end equipment, verify described system software package whether legal, until verify out described system software package legal after,
Described signature check method also includes:
By verify out described system software package legal when the attachment signatures information that used, replace described acquiescence A.L.S.
Breath.
Specifically, the upgrading flow process of the system software package of acquiescence is usually: after entering more new technological process, terminal unit is to system
Software kit carries out mirror image integrity checking, if the mirror image data of system software package is complete, then updates mirror image data.The present invention is real
Apply in example, the verifying function to system software package can be increased in the upgrading flow process of acquiescence, special according to the flow process of software upgrading
Point, when described system software package includes the initial data of needs renewal, terminal unit is according to the n bar label in system software package
Name information and the hardware information of described terminal unit, whether the described system software package of verification is legal, specifically may include that
During updating described initial data, described terminal unit is according to described n bar signing messages and described terminal
Whether legal the hardware information of equipment, verify described system software package;
In this case, methods described also includes:
If described system software package is legal, execute the more new technological process of the initial data of described system software package;Otherwise,
Stop the updating and report an error of initial data of described system software package.
Fig. 2 e is the schematic flow sheet of the signature check method of the embodiment of the present invention two, as shown in Figure 2 e, this signature check
Method may comprise steps of:
Step 201, terminal unit read the acquiescence signing messages of default location;
Whether step 202, terminal unit, according to acquiescence signing messages, judge to need the system software package of upgrading legal, such as
It is really, then execution step 206;Otherwise, execution step 203;
Specifically, whether terminal unit, according to the signing messages reading, judges to need the system software package of upgrading legal
Process can be for example:
Terminal unit obtains the initial data in the hardware information of itself and the system software package of needs upgrading, terminal unit
Chip internal be stored with checking routine, according to this checking routine, the hardware information obtaining and initial data are carried out with checking meter
Calculate, obtain a signing messages, then judge whether the signing messages that the signing messages obtaining is read with terminal unit mates, if
Join, then this system software package is legal, if mismatching, this system software package is illegal;Wherein, terminal unit is signed according to one
Information, whether legal process may refer to the checking procedure in existing secure launch process to judge system software package;
Step 203, terminal unit judge whether next attaching signature information, if it is, execution step 204,
Otherwise, execution step 207;
Step 204, terminal unit read an attaching signature information;
Step 205, terminal unit, according to the attaching signature information reading, judge to need whether the system software package of upgrading closes
Method, if it is, replacing acquiescence signing messages, then execution step 206 using the attaching signature information of coupling, otherwise returning and holding
Row step 203;
Step 206, according to normal process, terminal unit continues to update the initial data of this system software package, completes data
Update.
Step 207, the updating and report an error of the initial data of terminal unit halt system software kit.For example: user provides wrong
By mistake during the mirror image data AKU of version, actively refusal updates software and points out user error reason, to avoid using terminal unit
Family mistake updates and leads to mobile phone cannot start.
, in the state of safety startup of system, terminal unit is according to the n bar signing messages in system software package for the present embodiment
With the hardware information of described terminal unit, described system software package can be verified whether legal, according to n bar signing messages
The initial data of described system software package and different hardware informations generate, and the safety that can adapt to polytype hardware opens
Dynamic, when the hardware informations such as processor model, manufacturer's information or unit type change, the startup of equipment, upgrading and maintenance
Use unaffected Deng normally.Additionally, a kind of system software package can be adaptive to many moneys employs different model processor
Terminal unit, can reduce research staff's workload, the compatibility of lift system, improve Consumer's Experience.Further, this signature
Method of calibration can also be according to the renewal of check results Control System Software bag, it is to avoid mistake updates AKU.Additionally, will verify
The signing messages passing through signing messages by default, it is possible to reduce the number of times that system software package verifies when updating, improves verification
Efficiency.
Fig. 3 is the schematic flow sheet of the signature check method of the embodiment of the present invention three.The present embodiment can be in terminal unit
When carrying out clean boot, carry out signature check.When terminal unit boots up startup, first it is confirmed whether to carry out clean boot,
Confirm carry out clean boot when, on startup verification terminal unit in system software package whether legal, checking process with upper
State the checking process basic simlarity of software upgrading in embodiment, difference is that the trigger point of checking process is different.Wherein, system is soft
Checking process during part bag updates can the triggering when entering system software package more new technological process.And checking process during clean boot
In starting up and can find to need to carry out triggering during clean boot.The present embodiment is existed with the difference of Fig. 2 e illustrated embodiment
In, according to the hardware information of the n bar signing messages in system software package and described terminal unit, verification is described for described terminal unit
Whether system software package is legal, comprising:
During safety startup of system, described terminal unit is according to described n bar signing messages and described terminal unit
Hardware information, verify described system software package whether legal;
In this case, methods described also includes:
If described system software package is legal, the flow process that execution system starts;
Otherwise, stop the flow process of execution system startup and report an error.
It should be noted that clean boot can be carried out by multiple means come instruction terminal equipment.For example: to high obturator
Piece carries out fuse failure, can be used to instruction and executes secure launch process on startup using the terminal unit of this chip;At end
When end equipment starts, fuse failure data be can first checking whether there is, if having, secure launch process, i.e. check system executed
Whether software kit is legal.
As shown in figure 3, this signature check method may comprise steps of:
Step 301, terminal unit read the acquiescence signing messages of default location;
Step 302, terminal unit, according to acquiescence signing messages, judge whether system software package is legal, if it is, execution
Step 306;Otherwise, execution step 303;
Whether legal method may refer to the embodiment shown in Fig. 2 e specifically to judge system software package;
Step 303, terminal unit judge whether next attaching signature information, if it is, execution step 304,
Otherwise, execution step 307;
Step 304, terminal unit read an attaching signature information;
Step 305, terminal unit, according to the attaching signature information reading, judge whether system software package is legal, if it is,
Then using coupling attaching signature information replace acquiescence signing messages, will this coupling attaching signature information be set to acquiescence sign
Name information, then execution step 306, otherwise return execution step 303;
Step 306, terminal unit allow equipment to continue to run with, the flow process that execution system starts.
Step 307, terminal unit stop the flow process of execution system startup and report an error.So can that no thoroughfare be illegal
System software package is started.
, in the state of safety startup of system, terminal unit is according to the n bar signing messages in system software package for the present embodiment
With the hardware information of described terminal unit, described system software package can be verified whether legal, according to n bar signing messages
The initial data of described system software package and different hardware informations generate, and the safety that can adapt to polytype hardware opens
Dynamic, when the hardware informations such as processor model, manufacturer's information or unit type change, the startup of equipment, upgrading and maintenance
Use unaffected Deng normally.Additionally, a kind of system software package can be adaptive to many moneys employs different model processor
Terminal unit, can reduce research staff's workload, the compatibility of lift system, improve Consumer's Experience.Further, this signature
Method of calibration can also control whether to carry out system start-up according to check results.Additionally, using verification by signing messages as
The acquiescence signing messages of verification data, it is possible to reduce the number of times that terminal unit verifies when starting, improves the efficiency of verification.
Fig. 4 is the structured flowchart of the terminal unit of the embodiment of the present invention four, as shown in figure 4, this terminal unit 40 can wrap
Include:
Data obtaining module 41, in the state of safety startup of system, obtaining the hardware information of terminal unit, described
The hardware information of terminal unit include described terminal unit at least one of processor model, manufacturer's information and unit type or
Its combination in any.
Signature check module 43, for the hardware according to the n bar signing messages in system software package and described terminal unit
Information, verifies whether described system software package is legal, described n bar signing messages is the initial data according to described system software package
With different hardware information generations;n≥2.
Specifically, the system of terminal unit may be at the state of clean boot, for example: the terminal using high-pass platform sets
For being in secureboot state, under clean boot state, terminal unit is being signed to the system software package needing to run
During name verification, need the hardware information using this terminal unit itself.Wherein, each terminal unit has the hardware letter of itself
Breath, hardware information typically can include any one or a few in processor model, manufacturer's information and unit type.
Before system software package runs on the terminal device, it is possible to use softdog and digital certificate are respectively to systems soft ware
In bag, required initial data during clean boot and n different hardware information carry out signature verification process, generate corresponding n bar
Signing messages, and this n bar signing messages is stored in this system software package;Verification data can be included in signing messages
(signature data) and certificate information (cert chain) etc..Terminal unit is needing system software package is carried out with school of signing
When testing, the hardware information that signature check module 43 can successively according to n bar signing messages and terminal unit, respectively to systems soft ware
Bag carries out signature check, and the verification enabling to system software package if there are a signing messages is passed through, and can terminate verification stream
Journey, is processed according to normal flow.The verification of system software package all can not be made to pass through if all of signing messages, then this terminal
Equipment can not support the normal works such as operation and the renewal of this system software package.
The terminal unit that the present embodiment provides is used for executing method in said method embodiment, specific operation principle and
Workflow may refer to above-mentioned each method embodiment.
The present embodiment, in the state of safety startup of system, the data obtaining module of terminal unit can obtain terminal and set
Standby hardware information, signature check module is believed according to the hardware of the n bar signing messages in system software package and described terminal unit
Breath, can verify whether described system software package is legal, because n bar signing messages is the original number according to described system software package
Generate according to different hardware information, can adapt to the clean boot of polytype hardware, in processor model, manufacturer's letter
When the hardware information such as breath and unit type changes, the startup of equipment, upgrading and maintenance etc. normally use unaffected.
Fig. 5 is the structured flowchart of the terminal unit of the embodiment of the present invention five, and Fig. 5 and Fig. 4 label identical assembly has phase
Same implication.As shown in figure 5, with the differring primarily in that of a upper embodiment, this terminal unit 50 can also include: signature is processed
Module 51, for by the signing messages by default of in described n bar signing messages, by described n bar signing messages except institute
State acquiescence signing messages outside other signing messages as attaching signature information;
Wherein, described acquiescence signing messages is the A.L.S. that when described terminal unit is verified every time, first time uses
Breath;After described acquiescence signing messages is saved in the mirror image data of described system software package, described attaching signature information is saved in
After acquiescence signing messages;Or, described acquiescence signing messages be saved in the mirror image head of described system software package and mirror image data it
Between, after described attaching signature information is saved in described mirror image data.Specifically may refer to the signature check side of above-described embodiment
Fig. 2 a~Fig. 2 d and its associated description in method.
Described signature check module 43 specifically for: set according to the acquiescence signing messages in system software package and described terminal
Whether legal standby hardware information, verify described system software package;If according to described acquiescence signing messages and described terminal unit
Hardware information, verify described system software package illegal, then successively according to described attaching signature information and described terminal unit
Hardware information, verify described system software package whether legal, until to verify out described system software package legal.
Further, signature processing module 51 can be also used for: in signature check module 43 successively according to described additional label
Name information and the hardware information of described terminal unit, verify described system software package whether legal, until verifying out described system
After software kit is legal, by verify out described system software package legal when the attachment signatures information that used, replace described acquiescence
Signing messages.
In the first possible embodiment, described system software package includes the initial data of needs renewal, described
Signature check module 43 may include that
Data updating unit 53, for during updating described initial data, according to described n bar signing messages and institute
State the hardware information of terminal unit, whether legal verify described system software package;If described system software package is legal, execute
The more new technological process of the initial data of described system software package;Otherwise, stop the renewal of initial data of described system software package simultaneously
Report an error.Specifically may refer to Fig. 2 e and its associated description in the signature check method of above-described embodiment.
In alternatively possible embodiment, described signature check module 43 can also include:
Clean boot unit 55, for during safety startup of system, according to described n bar signing messages and described end
Whether legal the hardware information of end equipment, verify described system software package;If described system software package is legal, execution system
The flow process starting;Otherwise, stop the flow process of execution system startup and report an error.Specifically may refer to the signature check of above-described embodiment
Fig. 3 and its associated description in method.
The present embodiment, in the state of safety startup of system, the data obtaining module of terminal unit can obtain terminal and set
Standby hardware information, signature check module is believed according to the hardware of the n bar signing messages in system software package and described terminal unit
Breath, can verify whether described system software package is legal, because n bar signing messages is the original number according to described system software package
Generate according to different hardware information, can adapt to the clean boot of polytype hardware, in processor model, manufacturer's letter
When the hardware information such as breath or unit type changes, the startup of equipment, upgrading and maintenance etc. normally use unaffected.This
Outward, a kind of system software package can be adaptive to the terminal unit that many moneys employ different model processor, can reduce research and development
Person works measure, the compatibility of lift system, improve Consumer's Experience.Further, terminal unit can also be according to check results
The renewal of Control System Software bag or system start-up, it is to avoid mistake updates AKU or system illegally starts.Additionally, terminal unit
The signing messages signing messages by default that verification is passed through, it is possible to reduce the number of times subsequently being verified, improves the effect of verification
Rate.
Fig. 6 is the structured flowchart of the terminal unit of the embodiment of the present invention six.Described terminal unit 60 can be to possess calculating
The host server of ability, personal computer pc or portable portable computer or terminal etc..The present invention is embodied as
Example does not limit to implementing of calculate node.This terminal unit 60 can be used for executing in above-mentioned each method embodiment
Method.
Described terminal unit 60 can include processor (processor) 61, communication interface (communications
Interface) 62, memorizer (memory array) 63 and bus 64.Wherein, processor 61, communication interface 62 and storage
Device 63 completes mutual communication by bus 64.
Communication interface 62 is used for and PERCOM peripheral communication.
Processor 61 is used for configuration processor.Processor 61 is probably a central processing unit cpu, or special integrated electricity
Road asic(application specific integrated circuit), or be arranged to implement present invention enforcement
One or more integrated circuits of example.
Memorizer 63 is used for depositing file and program.Memorizer 63 may comprise high speed ram memorizer it is also possible to also include
Nonvolatile memory (non-volatile memory), for example, at least one disk memory.Memorizer 63 can also be deposited
Memory array.Memorizer 63 is also possible to by piecemeal, and described piece can be combined into virtual volume by certain rule.
In a kind of possible embodiment, said procedure can be the program code including computer-managed instruction.This journey
Sequence is particularly used in:
In the state of safety startup of system, obtain the hardware information of terminal unit, the hardware information of described terminal unit
At least one including the processor model of described terminal unit, manufacturer's information and unit type or its combination in any;
According to the hardware information of the n bar signing messages in system software package and described terminal unit, verify described system soft
Whether part bag is legal, and described n bar signing messages is the initial data and the life of different hardware informations according to described system software package
Become;n≥2.
In a kind of possible embodiment, described program is additionally operable to: before the hardware information of described acquisition terminal unit,
By the signing messages by default of in described n bar signing messages, by described n bar signing messages except described acquiescence A.L.S.
Other signing messages outside breath are as attaching signature information;
Wherein, described acquiescence signing messages is the A.L.S. that when described terminal unit is verified every time, first time uses
Breath;After described acquiescence signing messages is saved in the mirror image data of described system software package, described attaching signature information is saved in
After described acquiescence signing messages;Or, described acquiescence signing messages is saved in mirror image head and the mirror image number of described system software package
According between, after described attaching signature information is saved in described mirror image data.
In a kind of possible embodiment, according to the n bar signing messages in system software package and described terminal unit
Whether legal hardware information, verify described system software package, comprising:
According to the hardware information of the described acquiescence signing messages in described system software package and described terminal unit, verify institute
Whether legal state system software package;
If according to the hardware information of described acquiescence signing messages and described terminal unit, verify described system software package and do not conform to
Method, then the hardware information according to described attaching signature information and described terminal unit successively, whether verify described system software package
Legal, until it is legal to verify out described system software package.
In a kind of possible embodiment, described program is additionally operable to: described successively according to described attaching signature information and
The hardware information of described terminal unit, verifies described system software package whether legal, until verifying out described systems soft ware inclusion
After method, by verify out described system software package legal when the attachment signatures information that used, replace described acquiescence signing messages.
In a kind of possible embodiment, described system software package includes the initial data of needs renewal, described end
End equipment, according to the hardware information of the n bar signing messages in system software package and described terminal unit, verifies described systems soft ware
Whether bag is legal, comprising:
During updating described initial data, described terminal unit is according to described n bar signing messages and described terminal
Whether legal the hardware information of equipment, verify described system software package;
Described program is additionally operable to:
If described system software package is legal, execute the more new technological process of the initial data of described system software package;
Otherwise, stop the updating and report an error of initial data of described system software package.
In a kind of possible embodiment, described terminal unit is according to the n bar signing messages in system software package and institute
State the hardware information of terminal unit, whether legal verify described system software package, comprising:
During safety startup of system, described terminal unit is according to described n bar signing messages and described terminal unit
Hardware information, verify described system software package whether legal;
Described program is additionally operable to:
If described system software package is legal, the flow process that execution system starts;
Otherwise, stop the flow process of execution system startup and report an error.
The present embodiment, in the state of safety startup of system, terminal unit can obtain the hardware information of terminal unit, root
According to the hardware information of the n bar signing messages in system software package and described terminal unit, can verify described system software package is
No legal, because n bar signing messages is initial data and the generation of different hardware informations according to described system software package, energy
Enough adapt to the clean boot of polytype hardware, occur in hardware informations such as processor model, manufacturer's information or unit types
During change, the startup of equipment, upgrading and maintenance etc. normally use unaffected.Additionally, a kind of system software package can be with self adaptation
Employ the terminal unit of different model processor in many moneys, can reduce research staff's workload, the compatibility of lift system,
Improve Consumer's Experience.Further, this signature check method can also according to the renewal of check results Control System Software bag or
System start-up, it is to avoid mistake updates AKU or system illegally starts.Additionally, the signing messages passing through verification is signed by default
Name information, it is possible to reduce the number of times subsequently being verified, improves the efficiency of verification.
Those of ordinary skill in the art are it is to be appreciated that each exemplary cell in embodiment described herein and algorithm
Step, being capable of being implemented in combination in electronic hardware or computer software and electronic hardware.These functions are actually with hardware also
Being software form to realize, the application-specific depending on technical scheme and design constraint.Professional and technical personnel can be directed to
Specifically application selects different methods to realize described function, but this realization is it is not considered that exceed the model of the present invention
Enclose.
If to be realized using in the form of computer software described function and as independent production marketing or use when,
To a certain extent it is believed that all or part (part for example prior art being contributed) of technical scheme is
Embody in form of a computer software product.This computer software product is generally stored inside the storage medium of embodied on computer readable
In, including some instructions with so that computer equipment (can be personal computer, server or network equipment etc.) executes
The all or part of step of various embodiments of the present invention method.And aforesaid storage medium includes u disk, portable hard drive, read-only storage
Device (rom, read-only memory), random access memory (ram, random access memory), magnetic disc or light
Disk etc. is various can be with the medium of store program codes.
The above, the only specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, and any
Those familiar with the art the invention discloses technical scope in, change or replacement can be readily occurred in, all should contain
Cover within protection scope of the present invention.Therefore, protection scope of the present invention should described be defined by scope of the claims.
Claims (10)
1. a kind of signature check method is it is characterised in that include:
In the state of safety startup of system, obtain the hardware information of terminal unit, the hardware information of described terminal unit includes
At least one of the processor model of described terminal unit, manufacturer's information and unit type or its combination in any;
During updating initial data, described terminal unit is according to the n bar signing messages in system software package and described end
The hardware information of end equipment, whether the described system software package of verification is legal, enables to described system if there are a signing messages
The verification of system software kit is passed through, then terminate checking process;Described n bar signing messages is the original number according to described system software package
Generate according to different hardware information;N >=2, described initial data is that the needs that described system software package includes update
Initial data;
If described system software package is legal, execute the more new technological process of the initial data of described system software package;Otherwise, stop
The updating and report an error of the initial data of described system software package.
2. signature check method according to claim 1 it is characterised in that described acquisition terminal unit hardware information it
Before, methods described also includes:
By the signing messages by default of in described n bar signing messages, by described n bar signing messages except described acquiescence is signed
Other signing messages outside name information are as attaching signature information;
Wherein, described acquiescence signing messages is the signing messages that when described terminal unit is verified every time, first time uses;Institute
State after acquiescence signing messages is saved in the mirror image data of described system software package, described attaching signature information is saved in described silent
After recognizing signing messages;Or, described acquiescence signing messages is saved between the mirror image head of described system software package and mirror image data,
After described attaching signature information is saved in described mirror image data.
3. signature check method according to claim 2 is it is characterised in that described terminal unit is according in system software package
N bar signing messages and described terminal unit hardware information, verify described system software package whether legal, comprising:
Described terminal unit is believed according to the hardware of the described acquiescence signing messages in described system software package and described terminal unit
Whether legal breath, verify described system software package;
If according to the hardware information of described acquiescence signing messages and described terminal unit, the described system software package of verification is illegal,
The then hardware information according to described attaching signature information and described terminal unit successively, verifies whether described system software package closes
Method, until it is legal to verify out described system software package.
4. signature check method according to claim 3 it is characterised in that described successively according to described attaching signature information
With the hardware information of described terminal unit, verify described system software package whether legal, until verifying out described system software package
After legal, methods described also includes:
By verify out described system software package legal when the attachment signatures information that used, replace described acquiescence signing messages.
5. the signature check method according to any one of claim 1-4 is it is characterised in that also include:
During safety startup of system, described terminal unit is hard according to described n bar signing messages and described terminal unit
Whether legal part information, verify described system software package;
If described system software package is legal, the flow process that execution system starts;
Otherwise, stop the flow process of execution system startup and report an error.
6. a kind of terminal unit is it is characterised in that include:
Data obtaining module, for, in the state of safety startup of system, obtaining the hardware information of terminal unit, described terminal sets
Standby hardware information includes at least one of processor model, manufacturer's information and unit type of described terminal unit or it is any
Combination;
Signature check module, for the hardware information according to the n bar signing messages in system software package and described terminal unit, school
Test whether described system software package is legal, the verification enabling to described system software package if there are a signing messages is passed through,
Then terminate checking process;Described n bar signing messages is initial data and the different hardware information according to described system software package
Generate;n≥2;
Wherein, described system software package includes the initial data of needs renewal, and described signature check module includes:
Data updating unit, for during updating described initial data, according to described n bar signing messages and described terminal
Whether legal the hardware information of equipment, verify described system software package;If described system software package is legal, execute described system
The more new technological process of the initial data of system software kit;Otherwise, stop the updating and report an error of initial data of described system software package.
7. terminal unit according to claim 6 is it is characterised in that also include:
Signature processing module, for by the signing messages by default of in described n bar signing messages, described n bar being signed
Information other signing messages in addition to described acquiescence signing messages are as attaching signature information;
Wherein, described acquiescence signing messages is the signing messages that when described terminal unit is verified every time, first time uses;Institute
State after acquiescence signing messages is saved in the mirror image data of described system software package, described attaching signature information is saved in described silent
After recognizing signing messages;Or, described acquiescence signing messages is saved between the mirror image head of described system software package and mirror image data,
After described attaching signature information is saved in described mirror image data.
8. terminal unit according to claim 7 it is characterised in that described signature check module specifically for: according to institute
State the hardware information of described acquiescence signing messages in system software package and described terminal unit, verifying described system software package is
No legal;If according to the hardware information of described acquiescence signing messages and described terminal unit, verify described system software package and do not conform to
Method, then the hardware information according to described attaching signature information and described terminal unit successively, whether verify described system software package
Legal, until it is legal to verify out described system software package.
9. terminal unit according to claim 7 is it is characterised in that described signature processing module is additionally operable to:
In the described signature check module successively hardware information according to described attaching signature information and described terminal unit, verify institute
Whether legal state system software package, until verify out described system software package legal after, described system software package will be verified out
The attachment signatures information being used when legal, replaces described acquiescence signing messages.
10. the terminal unit according to any one of claim 6-9 is it is characterised in that described signature check module is also wrapped
Include:
Clean boot unit, for during safety startup of system, according to described n bar signing messages and described terminal unit
Hardware information, verify described system software package whether legal;If described system software package is legal, execution system starts
Flow process;Otherwise, stop the flow process of execution system startup and report an error.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310347235.3A CN103425932B (en) | 2013-08-09 | 2013-08-09 | Signature calibration method and terminal device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310347235.3A CN103425932B (en) | 2013-08-09 | 2013-08-09 | Signature calibration method and terminal device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103425932A CN103425932A (en) | 2013-12-04 |
| CN103425932B true CN103425932B (en) | 2017-02-01 |
Family
ID=49650653
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310347235.3A Active CN103425932B (en) | 2013-08-09 | 2013-08-09 | Signature calibration method and terminal device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103425932B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107193612B (en) * | 2014-06-27 | 2021-03-23 | 青岛海信移动通信技术股份有限公司 | Version upgrading method and device for mobile terminal |
| CN110135130B (en) * | 2019-04-25 | 2021-03-12 | 武汉虹信科技发展有限责任公司 | Method and system for preventing embedded equipment software from being modified |
| CN111125725A (en) * | 2019-11-22 | 2020-05-08 | 苏州浪潮智能科技有限公司 | Encryption and decryption method, equipment and medium for mirror image verification |
| CN113434484A (en) * | 2021-06-29 | 2021-09-24 | 青岛海尔科技有限公司 | Method, system, device and electronic device for describing functions of equipment |
| CN117574352B (en) * | 2024-01-16 | 2024-04-05 | 苏州元脑智能科技有限公司 | Software and hardware combined anti-counterfeiting method, system, equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101373437A (en) * | 2007-04-10 | 2009-02-25 | 标准微系统公司 | Accessing safety memory by embedded controller to increase system safety |
| CN102289622A (en) * | 2011-09-01 | 2011-12-21 | 西安电子科技大学 | Trusted startup method based on authentication policy file and hardware information collection |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2008293442A (en) * | 2007-05-28 | 2008-12-04 | Toshiba Corp | Information processor |
-
2013
- 2013-08-09 CN CN201310347235.3A patent/CN103425932B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101373437A (en) * | 2007-04-10 | 2009-02-25 | 标准微系统公司 | Accessing safety memory by embedded controller to increase system safety |
| CN102289622A (en) * | 2011-09-01 | 2011-12-21 | 西安电子科技大学 | Trusted startup method based on authentication policy file and hardware information collection |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103425932A (en) | 2013-12-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103425932B (en) | Signature calibration method and terminal device | |
| CN103473088B (en) | A kind of single-chip microcomputer online upgrading method and system | |
| CN108021410A (en) | A kind of firmware upgrade method and system of intelligent appliance equipment | |
| CN101925908B (en) | Secure boot method and device of optional components and integrated circuit | |
| CN109992274A (en) | Recording device, the method for burning program and readable storage medium storing program for executing | |
| CN104200153A (en) | Start verification method and system | |
| CN108234134A (en) | Block synchronous method and system | |
| CN110442473A (en) | A kind of non-volatile data storage method, apparatus, electronic equipment and medium | |
| CN110995825B (en) | Intelligent contract issuing method, intelligent node equipment and storage medium | |
| CN110377468A (en) | A kind of test method and relevant apparatus of CPU activation core number setting | |
| CN105677409B (en) | A kind of method for upgrading system and device | |
| CN109992444A (en) | The hardware based end-to-end data guard method of one kind, device, computer equipment and storage medium | |
| CN110209529A (en) | The guard method of radio frequency parameter and electronic equipment | |
| KR101751098B1 (en) | Method for programming a mobile terminal chip | |
| CN107679423A (en) | Partition integrity inspection method and device | |
| CN107239358A (en) | Startup method, mobile terminal and the device with store function of Android system | |
| CN117112288B (en) | Disk array verification method and device, storage medium and electronic equipment | |
| CN108196975B (en) | Data verification method and device based on multiple checksums and storage medium | |
| CN107329746B (en) | Chip configuration information processing method and device | |
| CN111767231B (en) | Multi-platform Bootrom verification method, device and system and computer readable medium | |
| CN108765786A (en) | Quick Response Code withdrawal safe verification method and its system, computer storage media | |
| CN111176917B (en) | Method, system, terminal and storage medium for testing stability of CPU SST-BF function | |
| CN108647119A (en) | The startup method, apparatus and equipment of linux system | |
| CN110096882A (en) | A kind of security measure method in equipment running process | |
| CN107479924A (en) | Software upgrading method of calibration based on android system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171027 Address after: Metro Songshan Lake high tech Industrial Development Zone, Guangdong Province, Dongguan City Road 523808 No. 2 South Factory (1) project B2 -5 production workshop Patentee after: Huawei terminal (Dongguan) Co.,Ltd. Address before: 518129 Longgang District, Guangdong, Bantian HUAWEI base B District, building 2, building No. Patentee before: HUAWEI DEVICE Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 523808 Southern Factory Building (Phase I) Project B2 Production Plant-5, New Town Avenue, Songshan Lake High-tech Industrial Development Zone, Dongguan City, Guangdong Province Patentee after: HUAWEI DEVICE Co.,Ltd. Address before: 523808 Southern Factory Building (Phase I) Project B2 Production Plant-5, New Town Avenue, Songshan Lake High-tech Industrial Development Zone, Dongguan City, Guangdong Province Patentee before: Huawei terminal (Dongguan) Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20210430 Address after: Unit 3401, unit a, building 6, Shenye Zhongcheng, No. 8089, Hongli West Road, Donghai community, Xiangmihu street, Futian District, Shenzhen, Guangdong 518040 Patentee after: Honor Device Co.,Ltd. Address before: 523808 Southern Factory Building (Phase I) Project B2 Production Plant-5, New Town Avenue, Songshan Lake High-tech Industrial Development Zone, Dongguan City, Guangdong Province Patentee before: HUAWEI DEVICE Co.,Ltd. |
|
| TR01 | Transfer of patent right |