CN105989306A - File signature method and device of operating system and file verification method and device of operating system - Google Patents

File signature method and device of operating system and file verification method and device of operating system Download PDF

Info

Publication number
CN105989306A
CN105989306A CN201510079120.XA CN201510079120A CN105989306A CN 105989306 A CN105989306 A CN 105989306A CN 201510079120 A CN201510079120 A CN 201510079120A CN 105989306 A CN105989306 A CN 105989306A
Authority
CN
China
Prior art keywords
file
cryptographic hash
image file
operating system
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510079120.XA
Other languages
Chinese (zh)
Other versions
CN105989306B (en
Inventor
张敏
冉小凯
刘翔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201510079120.XA priority Critical patent/CN105989306B/en
Priority to PCT/CN2015/078902 priority patent/WO2016127516A1/en
Publication of CN105989306A publication Critical patent/CN105989306A/en
Application granted granted Critical
Publication of CN105989306B publication Critical patent/CN105989306B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a file signature method and device of an operating system and a file verification method and device of the operating system. The file verification method comprises the following steps: obtaining the mirror image file of the operating system; obtaining a signature strategy file and a private key file; according to the signature strategy file and the private key file, carrying out digital signature and encryption on a file which conforms to a condition in the mirror image file to obtain a safe mirror image file; obtaining a checking signature strategy file and a public key file; and according to the checking signature strategy file and the public key file, checking the safe mirror image file, and considering that the file of the operating system is safe if the safe mirror image file conforms to a checking condition. The file verification method only check the file recorded by the checking signature strategy file so as to improve checking efficiency. Meanwhile, the digital signature of the file can be directly stored in the file attribute entries of the checked file, and signature information is read while the file is accessed after the system is started, which is very convenient. The system file can be prevented from being falsified, and meanwhile, single or multiple files can be upgraded.

Description

The file signature method of operating system, file verification method and device
Technical field
The present invention relates to smart machine security technology area, particularly relate to the file signature side of a kind of operating system Method, file verification method and device.
Background technology
Current intelligent set operating system, such as Android system, security incident emerges in an endless stream, mainly A reason be exactly the content of critical file of system or attribute there occurs and is tampered.The means distorted have Two kinds, one is distorted when being and run, and i.e. performs crack tool in the operating system run, by force in amendment Deposit or specified file on disk.Another kind is that the operating system of equipment is brushed in the case of inoperative Machine is distorted, and directly revises disk file, now the most properly functioning due to the operating system of equipment, safety Protective capacities is the weakest, gives cracker opportunity.
The anti-tamper patent documentation of existing disk mirroring includes: " a kind of data tamper-proof method and device " Refer to by operating system nucleus according to the security strategy pre-saved, it is judged that the first application program is to determining Protected data amendment operation whether be valid operation.But the deficiency of the method is, it is impossible to verification In the case of equipment inoperative, the mode that the file mirrors on disk or FLASH is write with a brush dipped in Chinese ink is distorted." it is System starts method of calibration, system start-up calibration equipment and terminal ", " OPTIMIZED STARTUP VERIFICATION OF FILE SYSTEM INTEGRITY " and " realize system in System guides district The system of file integrality checking " the principle that realizes determine in their method of calibration, verification behavior can only Occur to start guiding period at equipment." the anti-tamper verification method of software and device " refer to file school Test the method for calibration that value compares with service end check value.But, the deficiency of the method is, to network speed There is dependence in degree, in the case of network condition is bad, or when verified number of files is huge, and school Testing frequently under scene, the verification efficiency of the method will be the lowest.
《INTELLIGENT MOBILE TERMINAL AND DATA PROCESSING METHOD THEREFOR " introduce signature storehouse and filtering module, the file that all processors are accessed, All carrying out signature verification with signature storehouse, signature stock be placed in hidden partition, is once accessed file signature not Exist or sign incorrect, all passing through filtering module and first do the CPU access to this document.This invention Being disadvantageous in that the problem that there is obvious performance, the file system files quantity of general operation system is very Huge, if left in signature storehouse each with a signature, will additionally consume bigger space, and, Each file of system is carried out signature check, can seriously drag the speed that slow booting operating system starts, fall Low Consumer's Experience." method of image file checking in operation " refer to file mirrors is passed through digital signature One new file mirrors of rear formation, such that it is able to regularly go to verify file when equipment starts or after starting The digital signature of mirror image, thus reach anti-tamper effect.This invention is disadvantageous in that, can only be to literary composition Part mirror image entirety verifies, it is impossible to selectively verify the content of image file, and current file mirror As general the biggest, the most hundreds of million, so verification efficiency is a problem the most very much.
Summary of the invention
The technical problem to be solved is, it is provided that a kind of file signature method of operating system, File verification method and device, signs strategy file by Sign Policies file and school, completes critical file school Test, it is to avoid the verification to all files, improve verification efficiency.
In order to solve above-mentioned technical problem, the present invention adopts the following technical scheme that
An aspect according to the embodiment of the present invention, it is provided that a kind of file signature method of operating system includes: Obtain the image file of operating system;Obtain Sign Policies file and private key file;According to described Sign Policies File and private key file, be digitally signed file qualified in described image file and encrypt, To security image file.
Optionally, the image file of described acquisition operating system includes: obtain operating system source file;To behaviour Make system source file to be compiled, generate described image file.
Optionally, described private key file is asymmetric cryptography private key file.
Optionally, described according to described Sign Policies file and private key file, meet in described image file The file of condition is digitally signed and encrypts, and obtains security image file and includes: obtains described Sign Policies Catalogue in file;Determine mirror image corresponding with the catalogue in described Sign Policies file in described image file File;Described image file is signed and encryption, obtains described security image file.
Optionally, described image file is signed and encryption, obtain described security image file Step includes: the file content obtaining the image file corresponding with the catalogue in described Sign Policies file is corresponding The first cryptographic Hash;According to described private key file, described first cryptographic Hash is encrypted, and by after encryption First cryptographic Hash preserve to described image file file attribute the first attributes entries in;Obtain with described The second cryptographic Hash that the file attribute of the image file that catalogue in Sign Policies file is corresponding is corresponding;According to institute State private key file, described second cryptographic Hash is encrypted, and described second cryptographic Hash after encryption is preserved To the second attributes entries of the file attribute of described image file, obtain described security image file.
Optionally, described file signature method also includes: obtain and need in operating system the file pair of upgrading The renewal file answered;Described renewal file is digitally signed, obtains an AKU.
Optionally, described described renewal file is digitally signed, obtains an AKU and include: obtain with The first cryptographic Hash that the file content of described renewal file is corresponding is corresponding with the file attribute of described renewal file The second cryptographic Hash;By needs corresponding with described renewal file to described first cryptographic Hash, the second cryptographic Hash The file name of the file of upgrading and file path preserve to upgrade information file;Obtain described upgrade information The cryptographic Hash that the file content of file is corresponding, and according to described private key file, this cryptographic Hash is encrypted, will encryption Result preserves to described upgrade information file;Described renewal file and upgrade information file are packed, obtains Described AKU.
Another aspect according to the embodiment of the present invention, it is provided that a kind of file verification method of operating system, Including: obtain the image file of operating system;Obtain Sign Policies file and private key file;According to described label Name strategy file and private key file, be digitally signed file qualified in described image file and add Close, obtain security image file;Obtain school and sign strategy file and PKI file;Strategy literary composition is signed according to described school Part and PKI file, verify described security image file, if meeting verification condition, then it is assumed that described The file security of operating system.
Optionally, described according to described Sign Policies file and private key file, meet in described image file The file of condition is digitally signed and encrypts, and obtains security image file and includes: obtains described Sign Policies Catalogue in file;Determine mirror image corresponding with the catalogue in described Sign Policies file in described image file File;Described image file is signed and encryption, obtains described security image file.
Optionally, described image file is signed and encryption, obtain described security image file Step includes: the file content obtaining the image file corresponding with the catalogue in described Sign Policies file is corresponding The first cryptographic Hash;According to described private key file, described first cryptographic Hash is encrypted, and by after encryption First cryptographic Hash preserve to described image file file attribute the first attributes entries in;Obtain with described The second cryptographic Hash that the file attribute of the image file that catalogue in Sign Policies file is corresponding is corresponding;According to institute State private key file, described second cryptographic Hash is encrypted, and the second cryptographic Hash after encryption is preserved to institute In second attributes entries of the file attribute stating image file, obtain described security image file.
Optionally, described according to described school label strategy file and PKI file, described security image file is entered Row verification, if meeting verification condition, then it is assumed that the step of the file security of described operating system includes: obtain The catalogue in strategy file is signed in described school;Determine in described security image file and sign in strategy file with described school Security image file corresponding to catalogue;Obtain and sign, with described school, the safety glasses that the catalogue in strategy file is corresponding As the second cryptographic Hash that the file attribute of file is corresponding;According to described PKI file, described school is signed strategy literary composition The second cryptographic Hash in second attributes entries of the security image file that catalogue in part is corresponding is decrypted;Ratio Relatively the second cryptographic Hash after described PKI file decryption is corresponding with the catalogue that described school is signed in strategy file The second cryptographic Hash that the file attribute of security image file is corresponding, if identical, then according to described PKI file, Described school is signed first in the first attributes entries of security image file corresponding to the catalogue in strategy file Cryptographic Hash is decrypted;Obtain the literary composition signing security image file corresponding to the catalogue in strategy file with described school The first cryptographic Hash that part content is corresponding;Relatively the first cryptographic Hash after described PKI file decryption and described school Sign the first cryptographic Hash that the file content of security image file corresponding to the catalogue in strategy file is corresponding, if phase With, then it is assumed that the file security of described operating system.
Optionally, described file verification method also includes: obtain and need in operating system the file pair of upgrading The renewal file answered;Described renewal file is digitally signed, obtains an AKU;To described AKU Verifying, if meeting verification condition, then the file needing upgrading being replaced with the file in described AKU.
Optionally, described described renewal file is digitally signed, obtains an AKU and include: obtain with The first cryptographic Hash that the file content of described renewal file is corresponding is corresponding with the file attribute of described renewal file The second cryptographic Hash;By needs corresponding with described renewal file to described first cryptographic Hash, the second cryptographic Hash The file name of the file of upgrading and file path preserve to upgrade information file;Obtain described upgrade information The cryptographic Hash that the file content of file is corresponding, and according to described private key file, this cryptographic Hash is encrypted, will encryption Result preserves to described upgrade information file;Described renewal file and upgrade information file are packed, obtains Described AKU.
Optionally, described described AKU being verified, if meeting verification condition, then will need upgrading The file that file replaces with in described AKU includes: obtain and the upgrade information file in described AKU The cryptographic Hash that file content is corresponding;According to described PKI file, to the upgrade information file in described AKU Cryptographic Hash corresponding to file content be decrypted;Compare the cryptographic Hash after described PKI file decryption and obtain The cryptographic Hash that the file content of the described upgrade information file taken is corresponding, if identical, according to described AKU, Utilize the file corresponding with described renewal file in file replacement operation system that updates in described AKU, and First cryptographic Hash of this renewal file in described upgrade information file and the second cryptographic Hash are preserved respectively to In first attributes entries of this renewal file and the second attributes entries.
Optionally, the image file of described acquisition operating system includes: obtain operating system source file;To behaviour Make system source file to be compiled, generate described image file.
Another aspect according to the embodiment of the present invention, it is provided that the file signature device of a kind of operating system, Including: the first acquisition module, for obtaining the image file of operating system;Second acquisition module, is used for obtaining Take Sign Policies file and private key file;First signature blocks, for according to described Sign Policies file and private Key file, is digitally signed file qualified in described image file and encrypts, obtain safety glasses As file.
Another aspect according to the embodiment of the present invention, it is provided that the file verification device of a kind of operating system, It is characterized in that, including: the 3rd acquisition module, for obtaining the image file of operating system;4th obtains Module, is used for obtaining Sign Policies file and private key file;Second signature blocks, for according to described signature Strategy file and private key file, be digitally signed file qualified in described image file and encrypt, Obtain security image file;5th acquisition module, is used for obtaining school and signs strategy file and PKI file;School is signed Module, for signing strategy file and PKI file according to described school, verifies described security image file, If meeting verification condition, then it is assumed that the file security of described operating system.
The beneficial effect of the embodiment of the present invention at least includes: the embodiment of the present invention passes through Sign Policies file to mirror As the critical file in file is signed, it is to avoid the verification to all files, improve verification efficiency;Enter One step, is directly deposited in file digital signature in the file attribute entry of verified file, after system start-up Go to read signing messages while accessing file very convenient, save and go when signing in school in conventional method to read The CPU spending of additional signatures file, verification efficiency is greatly promoted;The embodiment of the present invention can anti-locking system File is tampered, and can also upgrade single or multiple files simultaneously, and this upgrading mode also passes through Verification, it is ensured that the safety problem of system upgrade, and improve the body of user under the premise that security is guaranteed Test, reduce the maintenance cost of system upgrade.
Accompanying drawing explanation
Fig. 1 represents the file signature method schematic diagram of the operating system that the embodiment of the present invention provides;
Fig. 2 represents that method schematic diagram is signed in the file school of the operating system that the embodiment of the present invention provides;
Fig. 3 represents the actual application flow of the file signature method of the operating system that the embodiment of the present invention provides Figure;
Fig. 4 represents that the actual applicating flow chart of method is signed in the file school of the operating system that the embodiment of the present invention provides;
Fig. 5 represents that method is signed when system upgrade in the file school of the operating system that the embodiment of the present invention provides Actual applicating flow chart;
Fig. 6 represents the file signature device schematic diagram of the operating system that the embodiment of the present invention provides;
Fig. 7 represents that device schematic diagram is signed in the file school of the operating system that the embodiment of the present invention provides.
Detailed description of the invention
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing and specifically real Execute example to describe the present invention.
As it is shown in figure 1, the file signature method schematic diagram of the operating system provided for the embodiment of the present invention, bag Include following steps:
Step S100, the image file of acquisition operating system.
Here, the image file of operating system is generated by compiler server compiling source file.
Step S200, acquisition Sign Policies file and private key file.
Here, Sign Policies file is write according to appointment grammer by user, wherein, including needing the one of verification The title of paper series or feature, to the file name met in Sign Policies file or the file of feature Signing, private key file is asymmetric cryptography private key file, is obtained by prior art, such as, utilize RSA 1024 algorithm in the cryptographic algorithms such as openSSL produces, wherein, and the catalogue of Sign Policies file In include self filename.
Step S300, according to Sign Policies file and private key file, to literary composition qualified in image file Part is digitally signed and encrypts, and obtains security image file.
Here, the catalogue in Sign Policies file there is a need to the file being digitally signed, by this catalogue pair Image file is digitally signed, and the mode of signature is corresponding by calculating the file content of this image file Cryptographic Hash, and this cryptographic Hash is encrypted by private key file, the cryptographic Hash after encryption is preserved to this mirror image In the file attribute of file, wherein, file attribute also includes extended attribute, concrete, in file attribute Create the first attributes entries, preserve the cryptographic Hash after encryption;Calculate the All Files attribute of this image file Corresponding cryptographic Hash, and this cryptographic Hash is encrypted by private key file, the cryptographic Hash after encryption is preserved to being somebody's turn to do In second attributes entries of image file, it is also preferred that the left the Hash in the first attributes entries and the second attributes entries Value uses different private key files to be encrypted.
During operating system update, make a mistake during for avoiding file verification, first determine the literary composition of change before and after upgrading Part, is digitally signed the renewal file corresponding with the file needing upgrading in operating system, wherein, and number The method of word signature is identical with the method that the file in the catalogue of Sign Policies file is digitally signed, at this Repeat no more.
As in figure 2 it is shown, the schematic diagram of file verification method of the operating system provided for the embodiment of the present invention, Comprise the following steps:
Step S400, the image file of acquisition operating system.
Here, the image file of operating system is generated by compiler server compiling source file.
Step S500, acquisition Sign Policies file and private key file.
Here, Sign Policies file is write according to appointment grammer by user, wherein, including needing the one of verification The title of paper series or feature, to the file name met in Sign Policies file or the file of feature Signing, private key file is asymmetric cryptography private key file, is obtained by prior art, such as, utilize RSA 1024 algorithm in the cryptographic algorithms such as openSSL produces, wherein, and the catalogue of Sign Policies file In include self filename.
Step S600, according to Sign Policies file and private key file, to literary composition qualified in image file Part is digitally signed and encrypts, and obtains security image file.
Here, the catalogue in Sign Policies file there is a need to the file being digitally signed, by this catalogue pair Image file is digitally signed, and the mode of signature is corresponding by calculating the file content of this image file Cryptographic Hash, and this cryptographic Hash is encrypted by private key file, the cryptographic Hash after encryption is preserved to this mirror image In the file attribute of file, wherein, file attribute also includes extended attribute, concrete, in file attribute Create the first attributes entries, preserve the cryptographic Hash after encryption;Calculate the All Files attribute of this image file Corresponding cryptographic Hash, and this cryptographic Hash is encrypted by private key file, the cryptographic Hash after encryption is preserved to being somebody's turn to do In second attributes entries of image file, it is also preferred that the left the Hash in the first attributes entries and the second attributes entries Value uses different private key files to be encrypted.
Strategy file and PKI file are signed in step S700, acquisition school.
Here, the catalogue that school is signed in strategy file is identical with the catalogue in Sign Policies file, this PKI file Corresponding with above-mentioned private key file, the cryptographic Hash that above-mentioned private key file is encrypted can be decrypted.
Step S800, sign strategy file and PKI file according to school, security image file verified, If meeting verification condition, then it is assumed that the file security of operating system.
Here, the file that there is a need to carry out verifying in the catalogue in strategy file is signed in school, by this catalogue to mirror image File is digitally signed, and wherein, includes the filename of self, pass through in the catalogue of school label strategy file Following steps verify:
Step S810, the catalogue obtained in the label strategy file of school.
Step S820, determine safety glasses corresponding with the catalogue that school is signed in strategy file in security image file As file.
Step S830, acquisition are signed the file of security image file corresponding to the catalogue in strategy file and are belonged to school The second cryptographic Hash that property is corresponding.
Step S840, according to PKI file, school is signed the security image literary composition that the catalogue in strategy file is corresponding The second cryptographic Hash in second attributes entries of part is decrypted.
Step S850, compare the second cryptographic Hash after PKI file decryption and school and sign the mesh in strategy file Record the second cryptographic Hash that the file attribute of corresponding security image file is corresponding, if identical, then according to PKI literary composition Part, signs the first Kazakhstan in the first attributes entries of security image file corresponding to the catalogue in strategy file to school Uncommon value is decrypted.
Step S860, acquisition are signed with school in the file of security image file corresponding to the catalogue in strategy file Hold the first corresponding cryptographic Hash.
Step S870, compare the first cryptographic Hash after PKI file decryption and school and sign the mesh in strategy file Record the first cryptographic Hash that the file content of corresponding security image file is corresponding, if identical, then it is assumed that safety glasses As file security.
Here, during operating system update, make a mistake during for avoiding file verification, become before and after first determining upgrading The file changed, is digitally signed the renewal file corresponding with the file needing upgrading in operating system, and The title by signing messages, updating file and path preserve to upgrade information file, then calculate upgrading letter Cease the cryptographic Hash that the file content of file is corresponding, by the encryption of this cryptographic Hash and encrypted result is preserved equally to liter In level message file, during verification, only need to verify whether upgrade information file exists and whether be tampered, if By verification, after document upgrading, according to file name and this renewal file of path query of updating file Signing messages, the signing messages that inquiry is obtained preserve to update file file attribute in.The present invention is real Executing example can prevent system file to be tampered, and can also upgrade single or multiple files simultaneously, should Upgrading mode also passes through verification, it is ensured that the safety problem of system upgrade.And ensureing the premise of safety Under improve the experience of user, reduce the maintenance cost of system upgrade.
Critical file in image file is signed by the embodiment of the present invention by Sign Policies file, it is to avoid Verification to all files, improves verification efficiency;Further, file digital signature is directly deposited in by In the file attribute entry of verification file, go while accessing file after system start-up to read signing messages very Convenient, save the CPU spending going when signing in conventional method to read additional signatures file, verification effect in school Rate is greatly promoted.
As it is shown on figure 3, the actual application of file signature method of the operating system provided for the embodiment of the present invention Flow chart, comprises the following steps:
Step 301, the operating system image file compiled give file signature and implantation tool.Specifically , compiler server completes source code compiling, and system file subregion generates the system.img of ext4 form Image file, file signature and implantation tool are executable programs, are responsible for scan operation system image literary composition All Files name in part and attribute, the simultaneously signature condition in contrast Sign Policies file, by eligible File be digitally signed.
Step 302, file signature and this image file of implantation tool carry, user according to the requirement of self, Create Sign Policies file and the private key file of asymmetric cryptography, and give file signature and implantation tool.Tool Body, Sign Policies file includes the All Files of the entitled root of user, the private key file of asymmetric cryptography It is to run the openssl public method on compiler server to generate the public private key pair of one group of asymmetric cryptography, adds Close algorithm uses RSA 1024.
Step 303, file signature and implantation tool scanning analysis successively hangs the file in posterior image file Content.
Whether step 304, filename or attribute meet the condition that Sign Policies file describes.
Step 305, ignore not process and continue to scan on next file.
Step 306, the cryptographic Hash of calculation document content are also encrypted with private key, and encrypted result write file is corresponding In first attributes entries of attribute node.
Step 307, the cryptographic Hash of all properties calculated including the first attributes entries, encrypt with private key, In second attributes entries of encrypted result write file correspondence attribute node.
After step 308, file scan, Sign Policies file is also carried out digital signature and is saved in literary composition In part attributes entries.
Step 309, cancelling the carry of image file, the most signed injection of image file of origin operation system turns It is changed to security image file.
As shown in Figure 4, method actual application stream is signed in the file school of the operating system provided for the embodiment of the present invention Cheng Tu, comprises the following steps:
Step 401, system electrification, the firmware of equipment and be booted up device and first start, start to guide operation System kernel starts.
First step 402, kernel run school and sign execution instrument after starting, school sign execution instrument from kernel only Read to obtain in root partition PKI or digital certificate files and Sign Policies file, carry out the label of Sign Policies file Name checks.Concrete, it is an executable program that execution instrument is signed in school, can be stored in independent operating be The safe Reading Sections of system, by revising the init.rc file of system, allowing school sign execution instrument can open in system Time dynamic, first is performed.
Whether the signature of step 403, Sign Policies file self passes through.
Step 404, verifying unsuccessfully, kernel stops guiding, and performs the safeguard protection behavior of predefined, example As ejected safety warning in user interface.
Step 405, operating system nucleus normal boot are run, system image file that carry was signed and use Family image file, produces the system file subregion of the operating system through signing and passes through the operating system of signature User data subregion.
Step 406, school sign owning in the system file after performing tool scans carry and user data subregion Filename and file attribute.
Whether step 407, filename or file attribute meet school is signed the condition in strategy file.
Step 408, file are not belonging to verification scope, ignore, and continue to scan on next file.
Whether its fileinfo of digital signature verification that step 409, the second attributes entries used preserve occurs Distort;Concrete school is signed execution tool queries and is treated relatively to sign the file attribute entry of file, including that may be present Extended attribute entry, if the second attributes entries existed, then calculate in addition to the second attributes entries other In total cryptographic Hash of file attribute, with the second attributes entries, digital signature is through PKI or digital certificate files solution Cryptographic Hash after close contrasts, if inconsistent, thinks that failure relatively signed by file;If consistent, continue step Rapid 410.
Whether its fileinfo of digital signature verification that step 410, the first attributes entries used preserve occurs Distort;Concrete school is signed execution tool queries and is treated relatively to sign the file attribute entry of file, including that may be present Extended attribute entry, the first attributes entries whether inquiry exists, if it is present calculate the literary composition of this document In total cryptographic Hash of part content, with the first attributes entries, digital signature is deciphered through PKI or digital certificate files After cryptographic Hash contrast, if inconsistent, think that failure relatively signed by file;If unanimously, thinking file Attribute information is not tampered with.
File verification failure when step 411, startup, refusal continues to start the safeguard protection of execution predefined Behavior, such as, eject safety warning in user interface.
Step 412, file verification are passed through, and system continues to guide to be run, kernel-driven is follow-up open every time or Before person's operating file, all need to verify in real time.
Whether step 413, file verify in real time and pass through.
Step 414, perform predefined safeguard protection behavior, kernel can refuse this document be opened or Person performs, it is also possible to select to verify failure record in daily record.
Step 415, file are normally opened or are performed.
As it is shown in figure 5, method is signed at system upgrade in the file school for the operating system of embodiment of the present invention offer Time actual applicating flow chart, comprise the following steps:
The listed files that there are differences before and after step 501, contrast upgrading gives file signature and implantation tool, All Files in scanning AKU successively.
Step 502, whether belong to the file need to upgraded and sign.
Step 503, ignore this document, continue to scan on next file.Concrete, if the on-demand amendment of user The source code of system recompilates, and in the mirror image after recompility, file A and file B there occurs amendment, File A and file B is can detect that by step 501-503.
Step 504, file signature and implantation tool are with reference to step 306 and step 307 in Fig. 3, to this article Part is digitally signed.Concrete, the file A in AKU and file B is digitally signed, and File A in non-original system and file B.
Step 505, file signature and implantation tool calculate digital digest and with asymmetric to upgrade information file The private key file encryption of password generates digital signature information, and signing messages is saved in the end of upgrade information file Tail, repacks upgrade information Piece file mergence in system upgrade bag afterwards.
Step 506, device power to be upgraded, the firmware of equipment and be booted up device and first start, guiding is taken The kernel of tape operation system upgrade function starts.
Step 507, kernel read system upgrade bag, verify AKU integrity, the most therefrom search extraction Upgrade information file, verifies the digital signature of this document with PKI.The concrete kernel with upgrade function is read Take system upgrade bag, the integrity of checking system upgrade bag, the most therefrom search and extract upgrade information file, And from upgrade information file content, obtain digital signature information, use PKI or digital certificate files to upgrading The digital signature at message file end is relatively signed.If upgrade information file does not exists, or relatively sign obstructed Crossing, kernel all should terminate that escalation process, points out user with alarm picture or uses other self-defining peaces Full guard behavior.
If whether step 508, upgrade information file exist and exist whether verification is passed through.
Step 509, kernel terminate escalation process, perform predefined safeguard protection behavior, such as with Safety warning is ejected at interface, family.
Step 510, there is the kernel development system AKU of upgrade function, implement upgrading package-in file and treating Source file replaced by copy on updating apparatus, completes updating operation.
The embodiment of the present invention can prevent system file to be tampered, simultaneously can also be to single or multiple files Upgrading, this upgrading mode also passes through verification, it is ensured that the safety problem of system upgrade, and is protecting Improve the experience of user on the premise of card safety, reduce the maintenance cost of system upgrade.
As shown in Figure 6, the embodiment of the present invention additionally provides the file signature device schematic diagram of a kind of operating system, Including: the first acquisition module 61, for obtaining the image file of operating system;Second acquisition module 62, For obtaining Sign Policies file and private key file;First signature blocks 63, for according to Sign Policies literary composition Part and private key file, be digitally signed file qualified in image file and encrypt, obtain safety Image file.
It should be noted that this device is the device corresponding with the file signature method of aforesaid operations system, on State all implementations in embodiment of the method and, all be applicable to the embodiment of this device, also can reach identical skill Art effect.
As it is shown in fig. 7, device schematic diagram is signed in the file school that the embodiment of the present invention additionally provides a kind of operating system, Including: the 3rd acquisition module 71, for obtaining the image file of operating system;4th acquisition module 72, For obtaining Sign Policies file and private key file;Second signature blocks 73, for according to Sign Policies literary composition Part and private key file, be digitally signed file qualified in image file and encrypt, obtain safety Image file;5th acquisition module 74, is used for obtaining school and signs strategy file and PKI file;Module is signed in school 75, for signing strategy file and PKI file according to school, security image file is verified, if meeting school Test condition, then it is assumed that the file security of operating system.
It should be noted that this device is the device corresponding with the file signature method of aforesaid operations system, on State all implementations in embodiment of the method and, all be applicable to the embodiment of this device, also can reach identical skill Art effect.
Above is the preferred embodiment of the present invention, it should be pointed out that the ordinary person for the art comes Saying, can also make some improvements and modifications under without departing from the principle premise of the present invention, these improve and profit Adorn the most within the scope of the present invention.

Claims (17)

1. the file signature method of an operating system, it is characterised in that including:
Obtain the image file of operating system;
Obtain Sign Policies file and private key file;
According to described Sign Policies file and private key file, file qualified in described image file is entered Row number signature and encryption, obtain security image file.
2. file signature method as claimed in claim 1, it is characterised in that described acquisition operating system Image file include:
Obtain operating system source file;
Operating system source file is compiled, generates described image file.
3. file signature method as claimed in claim 1, it is characterised in that described private key file is non- Symmetric cryptography private key file.
4. file signature method as claimed in claim 1, it is characterised in that described according to described signature Strategy file and private key file, be digitally signed file qualified in described image file and encrypt, Obtain security image file to include:
Obtain the catalogue in described Sign Policies file;
Determine image file corresponding with the catalogue in described Sign Policies file in described image file;
Described image file is signed and encryption, obtains described security image file.
5. file signature method as claimed in claim 4, it is characterised in that described image file is entered Row signature and encryption, the step obtaining described security image file includes:
Obtain that the file content of the image file corresponding with the catalogue in described Sign Policies file is corresponding One cryptographic Hash;
According to described private key file, described first cryptographic Hash is encrypted, and by the first Hash after encryption Value preserves to the first attributes entries of the file attribute of described image file;
Obtain that the file attribute of the image file corresponding with the catalogue in described Sign Policies file is corresponding Two cryptographic Hash;
According to described private key file, described second cryptographic Hash is encrypted, and by described second after encryption Cryptographic Hash preserves to the second attributes entries of the file attribute of described image file, obtains described security image File.
6. file signature method as claimed in claim 1, it is characterised in that described file signature method Also include:
Obtain and operating system needs renewal file corresponding to file upgraded;
Described renewal file is digitally signed, obtains an AKU.
7. file signature method as claimed in claim 6, it is characterised in that described to described renewal literary composition Part is digitally signed, and obtains an AKU and includes:
Obtain first cryptographic Hash corresponding with the file content of described renewal file and the literary composition of described renewal file The second cryptographic Hash that part attribute is corresponding;
By the file needing upgrading corresponding with described renewal file to described first cryptographic Hash, the second cryptographic Hash File name and file path preserve in upgrade information file;
Obtain the cryptographic Hash that the file content of described upgrade information file is corresponding, and will according to described private key file This cryptographic Hash is encrypted, and encrypted result is preserved to described upgrade information file;
Described renewal file and upgrade information file are packed, obtains described AKU.
8. the file verification method of an operating system, it is characterised in that including:
Obtain the image file of operating system;
Obtain Sign Policies file and private key file;
According to described Sign Policies file and private key file, file qualified in described image file is entered Row number signature and encryption, obtain security image file;
Obtain school and sign strategy file and PKI file;
Sign strategy file and PKI file according to described school, described security image file is verified, if symbol Close verification condition, then it is assumed that the file security of described operating system.
9. file verification method as claimed in claim 8, it is characterised in that described according to described signature Strategy file and private key file, be digitally signed file qualified in described image file and encrypt, Obtain security image file to include:
Obtain the catalogue in described Sign Policies file;
Determine image file corresponding with the catalogue in described Sign Policies file in described image file;
Described image file is signed and encryption, obtains described security image file.
10. file verification method as claimed in claim 9, it is characterised in that described image file is entered Row signature and encryption, the step obtaining described security image file includes:
Obtain that the file content of the image file corresponding with the catalogue in described Sign Policies file is corresponding One cryptographic Hash;
According to described private key file, described first cryptographic Hash is encrypted, and by the first Hash after encryption Value preserves to the first attributes entries of the file attribute of described image file;
Obtain that the file attribute of the image file corresponding with the catalogue in described Sign Policies file is corresponding Two cryptographic Hash;
According to described private key file, described second cryptographic Hash is encrypted, and by the second Hash after encryption Value preserves to the second attributes entries of the file attribute of described image file, obtains described security image file.
11. file verification methods as claimed in claim 10, it is characterised in that described according to described school Signing strategy file and PKI file, described security image file being verified, if meeting verification condition, then Think that the step of file security of described operating system includes:
Obtain described school and sign the catalogue in strategy file;
Determine in described security image file and sign, with described school, the security image that the catalogue in strategy file is corresponding File;
The file attribute obtaining the security image file corresponding with the catalogue in the label strategy file of described school is corresponding The second cryptographic Hash;
According to described PKI file, described school is signed security image file corresponding to the catalogue in strategy file The second cryptographic Hash in second attributes entries is decrypted;
Relatively the second cryptographic Hash after described PKI file decryption signs the catalogue in strategy file with described school The second cryptographic Hash that the file attribute of corresponding security image file is corresponding, if identical, then according to described PKI File, signs described school in the first attributes entries of security image file corresponding to the catalogue in strategy file First cryptographic Hash is decrypted;
The file content obtaining the security image file corresponding with the catalogue in the label strategy file of described school is corresponding The first cryptographic Hash;
Relatively the first cryptographic Hash after described PKI file decryption signs the catalogue in strategy file with described school The first cryptographic Hash that the file content of corresponding security image file is corresponding, if identical, then it is assumed that described operation The file security of system.
12. file verification methods as claimed in claim 8, it is characterised in that described file verification method Also include:
Obtain and operating system needs renewal file corresponding to file upgraded;
Described renewal file is digitally signed, obtains an AKU;
Described AKU being verified, if meeting verification condition, then the file needing upgrading being replaced with institute State the file in AKU.
13. file verification methods as claimed in claim 12, it is characterised in that described to described renewal File is digitally signed, and obtains an AKU and includes:
Obtain first cryptographic Hash corresponding with the file content of described renewal file and the literary composition of described renewal file The second cryptographic Hash that part attribute is corresponding;
By the file needing upgrading corresponding with described renewal file to described first cryptographic Hash, the second cryptographic Hash File name and file path preserve in upgrade information file;
Obtain the cryptographic Hash that the file content of described upgrade information file is corresponding, and will according to described private key file This cryptographic Hash is encrypted, and encrypted result is preserved to described upgrade information file;
Described renewal file and upgrade information file are packed, obtains described AKU.
14. file verification methods as claimed in claim 13, it is characterised in that described to described upgrading Bag verifies, if meeting verification condition, then the file needing upgrading is replaced with the literary composition in described AKU Part includes:
Obtain the cryptographic Hash corresponding with the file content of the upgrade information file in described AKU;
According to described PKI file, the Kazakhstan corresponding to the file content of the upgrade information file in described AKU Uncommon value is decrypted;
Compare the file of the cryptographic Hash after described PKI file decryption and the described upgrade information file of acquisition The cryptographic Hash that content is corresponding, if identical, according to described AKU, utilizes the renewal file in described AKU File corresponding with described renewal file in replacement operation system, and by this in described upgrade information file more First cryptographic Hash of new file and the second cryptographic Hash preserve respectively to this renewal file the first attributes entries and In second attributes entries.
15. file verification methods as claimed in claim 8, it is characterised in that described acquisition operating system Image file include:
Obtain operating system source file;
Operating system source file is compiled, generates described image file.
The file signature device of 16. 1 kinds of operating systems, it is characterised in that including:
First acquisition module, for obtaining the image file of operating system;
Second acquisition module, is used for obtaining Sign Policies file and private key file;
First signature blocks, for according to described Sign Policies file and private key file, to described image file In qualified file be digitally signed and encrypt, obtain security image file.
The file verification device of 17. 1 kinds of operating systems, it is characterised in that including:
3rd acquisition module, for obtaining the image file of operating system;
4th acquisition module, is used for obtaining Sign Policies file and private key file;
Second signature blocks, for according to described Sign Policies file and private key file, to described image file In qualified file be digitally signed and encrypt, obtain security image file;
5th acquisition module, is used for obtaining school and signs strategy file and PKI file;
Module is signed in school, for signing strategy file and PKI file according to described school, to described security image file Verify, if meeting verification condition, then it is assumed that the file security of described operating system.
CN201510079120.XA 2015-02-13 2015-02-13 File signature method and device and file verification method and device for operating system Active CN105989306B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201510079120.XA CN105989306B (en) 2015-02-13 2015-02-13 File signature method and device and file verification method and device for operating system
PCT/CN2015/078902 WO2016127516A1 (en) 2015-02-13 2015-05-13 File signature method for operating system, file check method, and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510079120.XA CN105989306B (en) 2015-02-13 2015-02-13 File signature method and device and file verification method and device for operating system

Publications (2)

Publication Number Publication Date
CN105989306A true CN105989306A (en) 2016-10-05
CN105989306B CN105989306B (en) 2020-04-28

Family

ID=56615403

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510079120.XA Active CN105989306B (en) 2015-02-13 2015-02-13 File signature method and device and file verification method and device for operating system

Country Status (2)

Country Link
CN (1) CN105989306B (en)
WO (1) WO2016127516A1 (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106569865A (en) * 2016-11-14 2017-04-19 青岛海信移动通信技术股份有限公司 Producing method and producing device for system upgrade file of terminal
CN108427888A (en) * 2017-02-15 2018-08-21 阿里巴巴集团控股有限公司 File signature method, file verification method and corresponding intrument and equipment
CN108762788A (en) * 2018-05-31 2018-11-06 四川斐讯信息技术有限公司 A kind of embedded device firmware encrypting method and system based on server
CN109766134A (en) * 2019-01-08 2019-05-17 四川虹微技术有限公司 System start method, device, electronic equipment and storage medium
CN110704852A (en) * 2019-09-26 2020-01-17 江苏方天电力技术有限公司 Encryption system for RTOS system program image file
CN111158728A (en) * 2019-12-31 2020-05-15 深圳市潮流网络技术有限公司 Firmware upgrading method, firmware starting method, firmware generating method and device
CN111201553A (en) * 2017-10-16 2020-05-26 华为技术有限公司 Safety element and related equipment
CN111241536A (en) * 2020-01-10 2020-06-05 杭州涂鸦信息技术有限公司 Method and system for loading production test image and preventing illegal swiping
CN111680298A (en) * 2020-04-29 2020-09-18 杭州涂鸦信息技术有限公司 Embedded system safe starting method and device with storage function
CN113157286A (en) * 2021-04-20 2021-07-23 深圳市优必选科技股份有限公司 System upgrading method and device
CN114594912A (en) * 2022-03-14 2022-06-07 中国第一汽车股份有限公司 Information protection method, device, equipment and medium for vehicle instrument system
WO2022156507A1 (en) * 2021-01-20 2022-07-28 浪潮电子信息产业股份有限公司 Virtual optical disc drive generating method and apparatus, and computer readable storage medium

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106548092B (en) * 2016-10-31 2019-07-16 杭州嘉楠耘智信息科技有限公司 File processing method and device
CN111045704B (en) * 2019-11-22 2024-05-24 林洋能源科技(上海)有限公司 Method and equipment for safety upgrading of intelligent power network high-end AMI acquisition and analysis equipment
CN111245616B (en) * 2020-03-10 2023-03-24 阿波罗智联(北京)科技有限公司 Authentication method, device, equipment and storage medium for network communication
CN113296873A (en) * 2020-05-15 2021-08-24 阿里巴巴集团控股有限公司 Mirror image construction method and device, terminal equipment and computer storage medium
CN112257058A (en) * 2020-10-12 2021-01-22 麒麟软件有限公司 Trusted computing verification method and system for operating system
CN112328279B (en) * 2020-11-02 2023-04-14 宁波和利时信息安全研究院有限公司 System firmware file upgrading method, device and system
CN112817621A (en) * 2021-01-22 2021-05-18 浪潮电子信息产业股份有限公司 BIOS firmware refreshing method and device and related components
CN113037494B (en) * 2021-03-02 2023-05-23 福州汇思博信息技术有限公司 Burning piece mirror image file signature method and terminal
CN113391880B (en) * 2021-06-21 2023-04-07 超越科技股份有限公司 Trusted mirror image transmission method for layered double hash verification
CN115941208B (en) * 2022-12-28 2024-04-02 广州文远知行科技有限公司 Method, system, equipment and medium for transmitting vehicle-end file
CN117390702B (en) * 2023-12-11 2024-03-15 厦门天锐科技股份有限公司 Split type driving and shell adding method and device, electronic equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1740941A (en) * 2004-08-25 2006-03-01 微软公司 System and method for secure execution of program code
CN101149773A (en) * 2007-08-27 2008-03-26 中国人民解放军空军电子技术研究所 Software real name authentication system and its safe checking method
CN101578609A (en) * 2007-01-07 2009-11-11 苹果公司 Secure booting a computing device
CN102572595A (en) * 2012-02-03 2012-07-11 深圳市同洲电子股份有限公司 IPTV upgrade package structure, upgrading method and startup calibration method
CN104156659A (en) * 2014-08-14 2014-11-19 电子科技大学 Embedded system secure start method

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6189100B1 (en) * 1998-06-30 2001-02-13 Microsoft Corporation Ensuring the integrity of remote boot client data
GB2499963B (en) * 2010-12-09 2014-03-26 Ibm Computer-readable storage mediums for encrypting and decrypting a virtual disc
CN102025744A (en) * 2010-12-20 2011-04-20 北京世纪互联工程技术服务有限公司 Import and export system of virtual machine image in cloud computing
CN103761329B (en) * 2014-02-08 2017-06-16 广东欧珀移动通信有限公司 A kind of method and its device that brush machine is carried out to mobile device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1740941A (en) * 2004-08-25 2006-03-01 微软公司 System and method for secure execution of program code
CN101578609A (en) * 2007-01-07 2009-11-11 苹果公司 Secure booting a computing device
CN101149773A (en) * 2007-08-27 2008-03-26 中国人民解放军空军电子技术研究所 Software real name authentication system and its safe checking method
CN102572595A (en) * 2012-02-03 2012-07-11 深圳市同洲电子股份有限公司 IPTV upgrade package structure, upgrading method and startup calibration method
CN104156659A (en) * 2014-08-14 2014-11-19 电子科技大学 Embedded system secure start method

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106569865B (en) * 2016-11-14 2020-04-10 青岛海信移动通信技术股份有限公司 Method and device for manufacturing system upgrade file of terminal
CN106569865A (en) * 2016-11-14 2017-04-19 青岛海信移动通信技术股份有限公司 Producing method and producing device for system upgrade file of terminal
CN108427888A (en) * 2017-02-15 2018-08-21 阿里巴巴集团控股有限公司 File signature method, file verification method and corresponding intrument and equipment
US11455430B2 (en) 2017-10-16 2022-09-27 Huawei Technologies Co., Ltd Secure element and related device
CN111201553A (en) * 2017-10-16 2020-05-26 华为技术有限公司 Safety element and related equipment
CN111201553B (en) * 2017-10-16 2022-04-22 华为技术有限公司 Safety element and related equipment
CN108762788A (en) * 2018-05-31 2018-11-06 四川斐讯信息技术有限公司 A kind of embedded device firmware encrypting method and system based on server
CN108762788B (en) * 2018-05-31 2023-07-28 杭州吉吉知识产权运营有限公司 Method and system for encrypting firmware of embedded equipment based on server
CN109766134A (en) * 2019-01-08 2019-05-17 四川虹微技术有限公司 System start method, device, electronic equipment and storage medium
CN110704852A (en) * 2019-09-26 2020-01-17 江苏方天电力技术有限公司 Encryption system for RTOS system program image file
CN111158728A (en) * 2019-12-31 2020-05-15 深圳市潮流网络技术有限公司 Firmware upgrading method, firmware starting method, firmware generating method and device
CN111158728B (en) * 2019-12-31 2024-02-02 深圳市潮流网络技术有限公司 Firmware upgrading method, firmware starting method and device
CN111241536A (en) * 2020-01-10 2020-06-05 杭州涂鸦信息技术有限公司 Method and system for loading production test image and preventing illegal swiping
CN111680298B (en) * 2020-04-29 2023-10-27 杭州涂鸦信息技术有限公司 Safe starting method of embedded system and device with storage function
CN111680298A (en) * 2020-04-29 2020-09-18 杭州涂鸦信息技术有限公司 Embedded system safe starting method and device with storage function
WO2022156507A1 (en) * 2021-01-20 2022-07-28 浪潮电子信息产业股份有限公司 Virtual optical disc drive generating method and apparatus, and computer readable storage medium
CN113157286A (en) * 2021-04-20 2021-07-23 深圳市优必选科技股份有限公司 System upgrading method and device
CN114594912A (en) * 2022-03-14 2022-06-07 中国第一汽车股份有限公司 Information protection method, device, equipment and medium for vehicle instrument system

Also Published As

Publication number Publication date
CN105989306B (en) 2020-04-28
WO2016127516A1 (en) 2016-08-18

Similar Documents

Publication Publication Date Title
CN105989306A (en) File signature method and device of operating system and file verification method and device of operating system
RU2728524C1 (en) Method and device for consensus verification
US11523153B2 (en) System and techniques for digital data lineage verification
CN104408370B (en) Android system security verification method and its checking device
US20090193211A1 (en) Software authentication for computer systems
CN110225063A (en) Upgrade method, upgrade-system, server and the car-mounted terminal of automobile mounted system
US9442833B1 (en) Managing device identity
CN106778283A (en) A kind of guard method of system partitioning critical data and system
CN102346831A (en) Handheld device privacy encryption protection method of Android operating system
US20220337392A1 (en) Automatic digital media authenticator
WO2018184353A1 (en) Method for application security authentication, terminal, and storage medium
CN108540447B (en) Block chain-based certificate verification method and system
CN103745166A (en) Method and device for inspecting file attribute value
CN109117643A (en) The method and relevant device of system processing
Sahin et al. Don't forget the stuffing! revisiting the security impact of typo-tolerant password authentication
Shahriar et al. Content provider leakage vulnerability detection in Android applications
CN108256351B (en) File processing method and device, storage medium and terminal
US8499357B1 (en) Signing a library file to verify a callback function
EP2786519B1 (en) User access control based on a graphical signature
US9860230B1 (en) Systems and methods for digitally signing executables with reputation information
CN1988437A (en) System and method for managing credible calculating platform key authorization data
CN104751042A (en) Credibility detection method based on password hash and biometric feature recognition
US8844024B1 (en) Systems and methods for using tiered signing certificates to manage the behavior of executables
CN106294017A (en) A kind of information security back-up method
CN110555682A (en) multi-channel implementation method based on alliance chain

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant