CN106295363A - Startup calibration method and device - Google Patents

Startup calibration method and device Download PDF

Info

Publication number
CN106295363A
CN106295363A CN201610620662.8A CN201610620662A CN106295363A CN 106295363 A CN106295363 A CN 106295363A CN 201610620662 A CN201610620662 A CN 201610620662A CN 106295363 A CN106295363 A CN 106295363A
Authority
CN
China
Prior art keywords
terminal
layer
pki
signature
test
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610620662.8A
Other languages
Chinese (zh)
Other versions
CN106295363B (en
Inventor
梁博
于淼
赵亚帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Xiaomi Mobile Software Co Ltd
Original Assignee
Beijing Xiaomi Mobile Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Xiaomi Mobile Software Co Ltd filed Critical Beijing Xiaomi Mobile Software Co Ltd
Priority to CN201610620662.8A priority Critical patent/CN106295363B/en
Publication of CN106295363A publication Critical patent/CN106295363A/en
Application granted granted Critical
Publication of CN106295363B publication Critical patent/CN106295363B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The disclosure discloses a kind of startup calibration method and device, belongs to field of embedded technology.Described method includes: whether detection terminal is non-test terminal, when determining that terminal is non-test terminal, using PKI to verify signature by Kernel layer, signature is the signature generated according to private key unmatched with PKI, when verifying unsuccessfully, instruction terminates verification;Solve terminal because the Rom bag of testing results version causes the relatively low problem of safety;By arranging the key of a set of coupling and a set of unmatched key in the terminal, reach non-test terminal and unsuccessfully cannot successfully start up owing to verifying, it is ensured that the effect of the safety of terminal.

Description

Startup calibration method and device
Technical field
It relates to field of embedded technology, particularly to a kind of startup calibration method and device.
Background technology
Android (Android) system is the operating system of a kind of open source code based on Linux, Android system The system source code of system can be packaged as Rom image (ReadOnlyMemory image, read only memory mirror image), Rom Image is also referred to as Rom bag.When Rom is coated in the Rom of the write terminal such as mobile phone or panel computer, terminal is by loading System source code in this this Rom bag of Rom contracted affreightment row.
Current Rom bag is broadly divided into official version and beta version two kinds, and in Rom, storage has the Rom bag of official version The file system of terminal the most do not support root (power user) authority, in Rom, storage has the terminal of the Rom bag of beta version File system generally support root authority, wherein, root gathers around systematic highest weight limit, therefore when the terminal that user is used In Rom in time the Rom of beta version is installed, any one application program in terminal can get root authority, And carry out the private data of the user of storage in reading terminals by root authority.
Summary of the invention
In order to solve terminal because the Rom of testing results version causes the relatively low problem of safety, the disclosure provides one Startup calibration method and device.Described technical scheme is as follows:
First aspect according to disclosure embodiment, it is provided that a kind of startup calibration method, the method is in terminal, and this is eventually End at least includes hardware layer, Kernel (kernel) layer, Bootloader (bootload) layer and file system layer, Kernel layer Middle storage has PKI, Bootloader layer to carry signature, and the method includes:
Whether detection terminal is non-test terminal;
When determining that terminal is non-test terminal, then use PKI that signature is verified by Kernel layer, signature Being the signature generated according to private key, private key does not mates with PKI, and when verifying unsuccessfully, instruction terminates verification.
Optionally, whether detection terminal is non-test terminal, including:
Whether comprising preinstalled circuit structure in detection terminal, preinstalled circuit structure is used for representing that terminal is test terminal;
If terminal does not comprise preinstalled circuit structure, it is determined that terminal is non-test terminal.
Optionally, whether detection terminal comprises preinstalled circuit structure, including:
Whether comprising preinstalled circuit structure in the trusted area of detection hardware layer, trusted area is to forbid in hardware layer being answered The region directly accessed by program.
Optionally, whether detection terminal is non-test terminal, including:
Whether detection terminal comprises and presets mark, preset and be designated for representing the mark that terminal is test terminal;
Mark is preset, it is determined that terminal is non-test terminal if terminal does not comprise.
Optionally, whether detection terminal comprises and presets mark, including:
Whether comprise in the trusted storage region of detection hardware layer and preset mark, trusted storage region is to forbid in hardware layer It is employed the region that program directly accesses.
Second aspect according to disclosure embodiment, it is provided that a kind of start calibration equipment, in terminal, in terminal at least Including hardware layer, Kernel layer, Bootloader layer and file system layer, in Kernel layer, storage has PKI, Bootloader Layer carries signature, and this device includes:
Detection module, is configured to detect whether terminal is non-test terminal;
Correction verification module, is configured to when terminal is non-test terminal, then use PKI to signature by Kernel layer Verifying, signature is the signature generated according to private key, and private key does not mates with PKI, and when verifying unsuccessfully, instruction terminates verification.
Optionally, detection module includes:
First detection sub-module, is configured to detect in terminal whether comprise preinstalled circuit structure, and preinstalled circuit structure is used In representing that terminal is test terminal;
First determines submodule, is configured to when not comprising preinstalled circuit structure, it is determined that terminal is that non-test is whole End.
Optionally, the first detection sub-module, it is additionally configured in the trusted area of detection hardware layer whether comprise preset electricity Line structure, trusted area is to forbid in hardware layer being employed the region that program directly accesses.
Optionally, detection module includes:
Whether the second detection sub-module, comprise in detection terminal and preset mark, preset and be designated for representing that terminal is survey The mark of terminal on probation;
Second determines submodule, presets mark if not comprising in terminal, it is determined that terminal is non-test terminal.
Optionally, the second detection sub-module, be additionally configured to detect hardware layer trusted storage region in whether comprise pre- Bidding is known, and trusted storage region is to forbid in hardware layer being employed the region that program directly accesses.
The third aspect according to disclosure embodiment, it is provided that a kind of start calibration equipment, in terminal, in terminal at least Including hardware layer, Kernel layer, Bootloader layer and file system layer, in Kernel layer, storage has PKI, Bootloader Layer carries signature, and this device includes:
Processor;
For storing the memorizer of processor executable;
Wherein, processor is configured to:
Whether detection terminal is non-test terminal;
When determining that terminal is non-test terminal, then use PKI that signature is verified by Kernel layer, signature Being the signature generated according to private key, private key does not mates with PKI, and when verifying unsuccessfully, instruction terminates verification.
Embodiment of the disclosure that the technical scheme of offer can include following beneficial effect:
Whether it is non-test terminal by detection terminal, when determining that terminal is non-test terminal, passes through Kernel Layer uses PKI to verify signature, and owing to signature is the signature generated according to private key, and private key does not mates with PKI, therefore Client checks failure, it is impossible to open;Solve terminal because the Rom bag of testing results version causes the relatively low problem of safety; By arranging the key of a set of coupling and a set of unmatched key in the terminal, reach non-test terminal due to verification mistake Lose and cannot successfully start up, it is ensured that the effect of the safety of terminal.
It should be appreciated that it is only exemplary that above general description and details hereinafter describe, can not be limited this Open.
Accompanying drawing explanation
Accompanying drawing herein is merged in description and constitutes the part of this specification, it is shown that meet the enforcement of the disclosure Example, and in description together for explaining the principle of the disclosure.
Fig. 1 is the structural representation according to a kind of terminal shown in an exemplary embodiment;
Fig. 2 is the flow chart according to a kind of startup calibration method shown in an exemplary embodiment;
Fig. 3 is the flow chart according to a kind of startup calibration method shown in another exemplary embodiment;
Fig. 4 is the flow chart according to a kind of startup calibration method shown in another exemplary embodiment;
Fig. 5 is the flow chart according to a kind of startup calibration method shown in another exemplary embodiment;
Fig. 6 is the flow chart according to a kind of startup calibration method shown in another exemplary embodiment;
Fig. 7 A is the schematic diagram according to a kind of startup calibration method shown in an exemplary embodiment;
Fig. 7 B is the schematic diagram according to a kind of startup calibration method shown in another exemplary embodiment;
Fig. 8 is the block diagram according to a kind of calibration equipment of starting shooting shown in an exemplary embodiment;
Fig. 9 A is the block diagram according to a kind of calibration equipment of starting shooting shown in another exemplary embodiment;
Fig. 9 B is the block diagram according to a kind of calibration equipment of starting shooting shown in another exemplary embodiment;
Figure 10 is the block diagram according to a kind of terminal shown in another exemplary embodiment.
Detailed description of the invention
Here will illustrate exemplary embodiment in detail, its example represents in the accompanying drawings.Explained below relates to During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represents same or analogous key element.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the disclosure.On the contrary, they are only with the most appended The example of the apparatus and method that some aspects that described in detail in claims, the disclosure are consistent.
The startup calibration method that each embodiment of the disclosure provides, can be come by the terminal using Android operation system Realizing, this terminal can be the terminal of such as smart mobile phone, intelligent television and panel computer etc.
The structural representation of this terminal can be as it is shown in figure 1, at least include in terminal 10: hardware layer 110, Kernel layer 120, Bootloader layer 130 and file system layer 140.Kernel layer 120 is positioned at the upper strata of hardware layer 110, Bootloader Layer 130 is positioned at the upper strata of Kernel layer 120, and file system layer 140 is positioned at the upper strata of Bootloader layer 130.
Wherein, hardware layer 110 generally includes processor, memorizer, depositor, electric capacity, diode and audion etc. hard Part device;Kernel in terminal 10 is kernel based on Linux, Kernel layer 120 be generally used for manage memorizer, process, File and system resource etc.;Bootloader layer 130 is mainly used in initializing processor and related hardware;File system For the fileinfo in terminal being managed and storing.
In the disclosed embodiments, in Kernel layer 120, the PKI of storage is the first PKI, and Bootloader layer 130 is taken The signature of band is the first signature, and this first signature is the signature generated according to the first private key.Bootloader layer 130 also stores Having the second PKI, file system layer 140 to carry the second signature, this second signature is the signature generated according to the second private key.
Fig. 2 is the flow chart according to a kind of startup calibration method shown in an exemplary embodiment, and the present embodiment is with the party Method in the terminal shown in Fig. 1 as a example by illustrate, the method can include following several step:
In step 201, whether detection terminal is non-test terminal.
Performing the startup calibration method that disclosure embodiment provides during the Rom bag that terminal stores in adding mounted terminal, this is eventually End can be test terminal or non-test terminal, and test terminal is the terminal for testing Rom bag, it is common that The terminal that the tester of Rom bag is used;Non-test terminal be run Rom bag terminal in addition to test terminal Terminal, it is common that the terminal that domestic consumer is used.
In step 202., when determining that terminal is non-test terminal, then by Kernel layer use PKI to sign into Row verification, when verifying unsuccessfully, instruction terminates verification.
When terminal uses PKI to signature check failure by Kernel layer, terminal instruction verification terminates, and does not starts Other operations in Bootloader layer and no longer execution start process, keep being in off-mode.
Wherein, signature is the signature generated according to private key, and private key does not mates with PKI.PKI and private key are by exploitation Rom The software developer of bag configures in advance, and PKI and private key carry in Rom bag, and terminal is when installing this Rom bag, from Rom Bag obtains PKI and private key, and PKI is stored in Kernel layer and uses private key sign Bootloader layer Name, the data referred in Bootloader layer of signing Bootloader layer are signed.
Optionally, PKI and private key are character string, and this character string includes at least one in numeral, letter and symbol, This character string can be the character string of 16, the character string of 32 or the character string of 64, and the present embodiment is to PKI and private key Form be not construed as limiting.
Optionally, terminal uses private key to be encrypted the data of Bootloader layer by predetermined cryptographic algorithm To signature, predetermined cryptographic algorithm is in Schnorr signature algorithm, ECDSA and EIGamal signature algorithm Any one.
In sum, whether the startup calibration method that disclosure embodiment provides, be that non-test is whole by detection terminal End, when determining that terminal is non-test terminal, uses PKI to verify signature by Kernel layer, owing to signature is root The signature generated according to private key, and private key does not mates with PKI, therefore client checks failure, it is impossible to open;Solve terminal because The Rom bag of testing results version causes the problem that safety is relatively low;By arranging the key of a set of coupling and a set of in the terminal Unmatched key, has reached non-test terminal and unsuccessfully cannot successfully start up owing to verifying, it is ensured that the safety of terminal Effect.
As a example by terminal as shown in Figure 1, when this terminal is test terminal, terminal is usual before loading Rom bag Including following several steps, as shown in Figure 3:
In step 301, generation instruction is received.
Wherein, generate instruction to be used for indicating terminal generate preinstalled circuit structure or generate default mark, the most only test Personnel just have the authority triggering this generation instruction.
Optionally, generate instruction to be used for indicating terminal by adjusting the parameters such as voltage and current, original circuit structure to be carried out Irreversible change, generates preinstalled circuit structure.Preinstalled circuit structure includes being in the predetermined capacitance of blown state, being in fusing The predetermined diode of state and at least one being in the predetermined audion of blown state.Optionally, generate instruction to be used for referring to Show that terminal generates preinstalled circuit structure in the trusted area of hardware layer.
As a rule, terminal hardware layer includes some reserved devices or includes being specifically designed to the device carrying out testing Part, such as reserved electric capacity and reserved diode, terminal when devices that these are reserved are operated, normal to terminal Work not impact, therefore, generates instruction and may indicate that terminal performs irreversible operation to these reserved devices, formed pre- If circuit structure, such as, instruction terminal tunes up voltage breakdown predetermined capacitance.Optionally, generating instruction is used for indicating terminal can In letter memory area, mark is preset in write.Optionally, the memorizer during trusted storage region is terminal hardware layer.Optionally, in advance It is predetermined field that bidding is known, and such as, default mark is field 0 or field 1, and in an actual example, generating instruction can In the memory element of address 1 correspondence of memorizer, field 1 is write for instruction terminal.
In step 302, according to generating instruction generation preinstalled circuit structure and/or presetting mark.
Optionally, in order to avoid being forged, terminal generates default according to generating the instruction trusted area at terminal hardware layer Circuit structure, trusted area is to forbid in hardware layer being employed the region that program directly accesses.
Optionally, terminal according to generate instruction in the trusted storage region of terminal hardware layer storage preset mark, credible deposit Storage area territory is to forbid in hardware layer being employed the region that program directly accesses.
It should be noted that test terminal can be to form this preinstalled circuit structure by above-mentioned steps;Or, this survey Terminal on probation is used exclusively for the terminal testing the Rom bag of this beta version, is testing when producing this test terminal With terminal is formed this preinstalled circuit structure.
The terminal flow chart when booting up verification can as shown in Figure 4, and the present embodiment is in this way for shown in Fig. 1 Terminal in as a example by illustrate, the method can include following several step:
In step 401, whether comprising preinstalled circuit structure in detection terminal, preinstalled circuit structure is used for representing that terminal is Test terminal.
Optionally, test terminal is positioned at test by the preinstalled circuit structure that above-mentioned steps 301 and step 302 generate and uses In the trusted area of terminal hardware layer, or, the preinstalled circuit structure that test terminal is formed when producing is positioned at test eventually In the trusted area of end hardware layer, then whether this step comprises default electricity in can being implemented as the trusted area of detection hardware layer Line structure.
In step 402, if not comprising preinstalled circuit structure, it is determined that terminal is non-test terminal.
In step 403, when determining that terminal is non-test terminal, then use the first PKI to by Kernel layer One signature verifies, and when verifying unsuccessfully, instruction terminates verification.
Wherein, the first signature is the signature generated according to the first private key, and the first private key and the first PKI do not mate.
First PKI and the first private key carry in Rom bag, when the Rom of terminal writes certain Rom bag, and terminal From Rom bag, obtain the first PKI and the first private key, the first PKI is stored in Kernel layer, and use the first private key pair Bootloader layer carries out signature and generates the first signature.Wherein, Bootloader layer signature is referred in Bootloader layer Including file and data etc. sign.
For the Rom bag of a beta version, software developer generate this beta version Rom bag time at this Carrying the first PKI and the first private key being not belonging to same double secret key in Rom bag, the i.e. first PKI and the first private key cannot Encryption and decryption mutually, therefore, for not comprising the terminal of preinstalled circuit structure, terminal is using the first public affairs by Kernel layer When first signature is verified by key, verification can be failed, and terminal cannot start.
In step 404, if comprising preinstalled circuit structure, it is determined that terminal is test terminal.
In step 405, when determining that terminal is test terminal, then the second PKI pair is used by Bootloader layer Second signature verifies, and when verifying successfully, terminal is opened in instruction.
Wherein, the second signature is the signature generated according to the second private key, and the second private key and the second PKI match.
Second PKI and the second private key also carry in Rom bag, when writing certain Rom bag in the Rom of terminal, eventually End obtains the second PKI and the second private key from Rom bag, is stored in Bootloader layer by the second PKI, and uses the second private Key carries out signature to literary composition system layer and generates the second signature.Wherein, refer to file system layer is included to file system layer signature File and data etc. sign.
Optionally, in disclosure embodiment, write in the Rom of terminal is the Rom bag of beta version.For a test For the Rom bag of version, software developer carries in this Rom bag when generating the Rom of this beta version and belongs to same Second PKI of individual double secret key and the second private key, the i.e. second PKI and the second private key can encryption and decryption mutually.Default for comprising For the test terminal of circuit structure, test terminal is without using the first PKI to carry out the first signature by Kernel layer Verification, when only directly need to use the second PKI that the second signature is verified by Bootloader layer, now verification meeting success, Terminal successfully starts up.
Optionally, the first PKI and the second PKI are identical.
Optionally, same terminal could be for testing the test terminal of the Rom bag of multiple different beta version, then This terminal can including, a preinstalled circuit structure, the Rom bag of different beta versions both correspond to same preinstalled circuit knot Structure;Or, this terminal includes multiple different preinstalled circuit structure, and the Rom bag of different beta versions is corresponding to different pre- If circuit structure, as the Rom of the different beta version of write in terminal, then terminal is by detecting whether to comprise and currently loading Preinstalled circuit structure decision corresponding to the Rom bag of beta version this be whether the test of the Rom bag for testing this beta version Use terminal.
Such as, the preinstalled circuit structure corresponding with Rom bag 1 is preinstalled circuit structure 1, the preinstalled circuit corresponding with Rom bag 2 Structure is preinstalled circuit structure 2, includes preinstalled circuit structure 1 in terminal.When the Rom of terminal is written with Rom bag 1, eventually End detects when booting up verification and comprises preinstalled circuit structure 1 in terminal, it is determined that terminal is test terminal.When terminal When being written with Rom bag 2 in Rom, terminal detects when booting up verification in terminal and does not comprise preinstalled circuit structure 2, the most now Determine that terminal is non-test terminal.
In sum, whether the startup calibration method that disclosure embodiment provides, be that non-test is whole by detection terminal End, when determining that terminal is non-test terminal, uses the first PKI to verify the first signature by Kernel layer, due to First signature is the signature generated according to the first private key, and the first private key and the first PKI do not mate, therefore client checks failure, Cannot open;And when determining that terminal is test terminal, directly use the second PKI to file system by Bootloader layer The second signature that system layer carries verifies, and the second signature is generated by the second private key, now due to the second PKI and the second private key Matching, therefore test client checks is successful and successfully opens;Solve terminal because the Rom bag of testing results version causes The problem that safety is relatively low;By arranging the key of a set of coupling and a set of unmatched key in the terminal, reach non-survey Terminal on probation unsuccessfully cannot successfully start up owing to verifying, the most also cannot the Rom bag of testing results version, it is ensured that terminal The effect of safety.
The startup calibration method that disclosure embodiment provides, preinstalled circuit structure is arranged on the confidence region of terminal hardware layer Territory, make user cannot directly access this preinstalled circuit structure by application program, it is to avoid the forgery to preinstalled circuit structure, carries High preinstalled circuit reliability of structure.
The terminal flow chart when booting up verification can also be as it is shown in figure 5, the present embodiment be in this way for Fig. 1 institute Illustrating as a example by the terminal shown, the method can include following several step:
In step 501, whether detection terminal comprises and presets mark, preset and be designated for representing that terminal is that test is used The mark of terminal.
Optionally, whether this step comprises default mark in can being implemented as the trusted storage region of detection hardware layer.
In step 502, if terminal not comprising and presetting mark, it is determined that terminal is non-test terminal.
In step 503, when determining that terminal is non-test terminal, then use the first PKI to by Kernel layer One signature verifies, and when verifying unsuccessfully, instruction terminates verification.
First signature is the signature generated according to the first private key, and the first private key and the first PKI do not mate.
In step 504, if terminal comprising and presetting mark, it is determined that terminal is test terminal.
In step 505, when determining that terminal is test terminal, then the second PKI pair is used by Bootloader layer Second signature verifies, and when verifying successfully, terminal is opened in instruction.
Wherein, the second signature is the signature generated according to the second private key, and the second private key and the second PKI match.
The specific implementation of above-mentioned steps 501-step 505 can be in conjunction with the embodiment shown in above-mentioned Fig. 4, the present embodiment This is repeated no more.
The startup calibration method that disclosure embodiment provides, default mark is arranged on the trusted storage district of terminal hardware floor Territory, makes user cannot directly access this by application program and presets mark, it is to avoid forgery to preinstalled circuit, improve default The reliability of mark.
When actual realization, the Rom bag of terminal loads can be the Rom bag of beta version, it is also possible to be official version Rom bag, and for the Rom bag of official version, owing to the terminal of the Rom bag of all loading official versions can verify into Merit also runs this Rom bag, therefore loads and can't include preinstalled circuit structure in the terminal of this Rom bag or preset mark.And it is right For the Rom bag of official version, the first PKI and the first private key that carry in Rom match, the second PKI and the second private key Also match.
Then when terminal is when loading the Rom bag of official version, above-mentioned steps 403 or step 503 can by replacement be embodied as Lower step, as shown in Figure 6:
In step 601, when determining that terminal is non-test terminal, then the first PKI is used to verify by Kernel layer First signature, then terminal uses the first PKI to verify the first signature by Kernel layer.
Wherein, the first signature is the signature generated according to the first private key, the first private key and the first public key match.
In step 602, when verifying successfully, use the second PKI that the second signature is carried out school by Bootloader layer Testing, when verifying successfully, terminal is opened in instruction.
Wherein, the second signature is the signature generated according to the second private key, and the second private key and the second PKI match.
In the present embodiment, the first PKI and the second PKI can be identical, and the first private key and the second private key can also be identical.
In sum, the startup calibration method that disclosure embodiment provides, for the Rom bag of official version, Rom bag is taken First PKI and first private key of band match, and the second PKI and the second private key that carry also match, it is ensured that all terminals Can successfully start up and the Rom bag of properly functioning official version.
In an exemplary example, when in the Rom of terminal write be the Rom bag of beta version time, it is assumed that terminal The first PKI and the second PKI that obtain from Rom bag are all PKI A, and the first private key is private key B, generate first according to private key B Signature, the second private key is private key A, generates the second signature according to private key A, and private key B does not mates with PKI A, private key A and PKI A phase Coupling.Then when terminal is test terminal, terminal detects to comprise in hardware zone presets mark, then the start of terminal verifies Schematic diagram can be as shown in (a) in Fig. 7 A, and terminal does not uses PKI A to verify the first signature, directly by Kernel layer Connecting Bootloader layer uses PKI A to verify the second signature;When terminal is non-test terminal, terminal detects Not comprising in hardware zone and preset mark, the schematic diagram of the start verification of terminal can be as shown in (b) in Fig. 7 A, and terminal is passed through Kernel layer uses PKI A to verify the first signature, verifies unsuccessfully.
In the example that another is exemplary, when in the Rom of terminal write be the Rom bag of official version time, it is assumed that end The first PKI and the second PKI that end obtains from Rom bag are all PKI A, and the first private key got and the second private key are all private Key A, the first signature and the second signature all generate according to private key A, and private key A matches with private key B.Then for loading this Rom bag For any one terminal, can not comprise and preset mark and preinstalled circuit structure in terminal, then terminal is not wrapped detecting Containing when presetting mark or preinstalled circuit structure, the schematic diagram of the start verification of terminal can as shown in Figure 7 B, and terminal is passed through Kernel layer uses PKI A to verify the first signature, when verify successfully, by Bootloader layer use PKI A to the Two signatures verify.
Following for disclosure device embodiment, may be used for performing method of disclosure embodiment.Real for disclosure device Execute the details not disclosed in example, refer to method of disclosure embodiment.
Fig. 8 is the block diagram according to a kind of calibration equipment of starting shooting shown in an exemplary embodiment, as shown in Figure 8, this device Can pass through software, hardware or both terminals being implemented in combination with becoming as shown in Figure 1, this device includes but not limited to: inspection Survey module 810 and correction verification module 820.
Detection module 810, is configured to detect whether terminal is non-test terminal.
Correction verification module 820, is configured as being detected by detection module 810 when determining that terminal is non-test terminal, Then using PKI to verify signature by Kernel layer, signature is the signature generated according to private key, and private key and PKI are not Joining, when verifying unsuccessfully, instruction terminates verification.
In sum, whether the start calibration equipment that disclosure embodiment provides, be that non-test is whole by detection terminal End, when determining that terminal is non-test terminal, uses PKI to verify signature by Kernel layer, owing to signature is root The signature generated according to private key, and private key does not mates with PKI, therefore client checks failure, it is impossible to open;Solve terminal because The Rom bag of testing results version causes the problem that safety is relatively low;By arranging the key of a set of coupling and a set of in the terminal Unmatched key, has reached non-test terminal and unsuccessfully cannot successfully start up owing to verifying, it is ensured that the safety of terminal Effect.
Fig. 9 A and Fig. 9 B is the block diagram according to a kind of calibration equipment of starting shooting shown in another exemplary embodiment, and this device can With by software, hardware or both terminals being implemented in combination with becoming as shown in Figure 1, this device includes but not limited to:
Detection module 910, is configured to detect whether terminal is non-test terminal.
Optionally, detection module 910 includes following several submodule, as shown in Figure 9 A:
First detection sub-module 911, is configured to detect in terminal whether comprise preinstalled circuit structure, preinstalled circuit structure For representing that terminal is test terminal.
First detection sub-module 911, is additionally configured in the trusted area of detection hardware layer whether comprise preinstalled circuit knot Structure, trusted area is to forbid in hardware layer being employed the region that program directly accesses.
First determines submodule 912, be configured to detected by the first detection sub-module 911 terminal does not comprise pre- If during circuit structure, it is determined that terminal is non-test terminal.
Or, optionally, detection module 910 includes following several submodule, as shown in Figure 9 B:
Whether the second detection sub-module 913, be configured to detect in terminal comprise and preset mark, preset and be designated for table Show the mark that terminal is test terminal.
Second detection sub-module 913, is additionally configured in the trusted storage region of detection hardware layer whether comprise pre-bidding Knowing, trusted storage region is to forbid in hardware layer being employed the region that program directly accesses.
Second determines submodule 914, be configured to detected by the second detection sub-module 911 terminal does not comprise pre- When bidding is known, it is determined that terminal is non-test terminal.
Correction verification module 920, is configured to determining submodule 912 by first or determining submodule 914 by second Determining when terminal is non-test terminal, then use PKI to verify signature by Kernel layer, signature is according to private key The signature generated, private key does not mates with PKI, and when verifying unsuccessfully, instruction terminates verification.
In sum, whether the start calibration equipment that disclosure embodiment provides, be that non-test is whole by detection terminal End, when determining that terminal is non-test terminal, uses PKI to verify signature by Kernel layer, owing to signature is root The signature generated according to private key, and private key does not mates with PKI, therefore client checks failure, it is impossible to open;Solve terminal because The Rom bag of testing results version causes the problem that safety is relatively low;By arranging the key of a set of coupling and a set of in the terminal Unmatched key, has reached non-test terminal and unsuccessfully cannot successfully start up owing to verifying, it is ensured that the safety of terminal Effect.
About the device in above-described embodiment, wherein modules performs the concrete mode of operation in relevant the method Embodiment in be described in detail, explanation will be not set forth in detail herein.
The disclosure one exemplary embodiment provides a kind of start calibration equipment, it is possible to realize what the disclosure provided.Start Method of calibration, this device includes: processor, for storing the memorizer of processor executable;
Wherein, processor is configured to:
Whether detection terminal is non-test terminal;
When determining that terminal is non-test terminal, then use PKI that signature is verified by Kernel layer, signature Being the signature generated according to private key, private key does not mates with PKI, and when verifying unsuccessfully, instruction terminates verification.
Figure 10 is the block diagram according to a kind of calibration equipment of starting shooting shown in an exemplary embodiment.Such as, device 1000 can To be mobile phone, computer, digital broadcast terminal, messaging devices, game console, tablet device, armarium, strong Body equipment, personal digital assistant etc..
With reference to Figure 10, device 1000 can include following one or more assembly: processes assembly 1002, memorizer 1004, Power supply module 1006, multimedia groupware 1008, audio-frequency assembly 1010, input/output (I/O) interface 1012, sensor cluster 1014, and communications component 1016.
Process assembly 1002 and generally control the integrated operation of device 1000, such as with display, call, data communication, The operation that camera operation and record operation are associated.Process assembly 1002 and can include that one or more processor 1018 performs Instruction, to complete all or part of step of above-mentioned method.Additionally, process assembly 1002 can include one or more mould Block, it is simple to process between assembly 1002 and other assemblies is mutual.Such as, process assembly 1002 and can include multi-media module, With facilitate multimedia groupware 1008 and process between assembly 1002 mutual.
Memorizer 1004 is configured to store various types of data to support the operation at device 1000.These data Example include on device 1000 operation any application program or the instruction of method, contact data, telephone book data, Message, picture, video etc..Memorizer 1004 can by any kind of volatibility or non-volatile memory device or they Combination realizes, such as static RAM (SRAM), Electrically Erasable Read Only Memory (EEPROM), erasable can Program read-only memory (EPROM), programmable read only memory (PROM), read only memory (ROM), magnetic memory, flash memory Reservoir, disk or CD.
The various assemblies that power supply module 1006 is device 1000 provide electric power.Power supply module 1006 can include power management System, one or more power supplys, and other generate, manage and distribute, with for device 1000, the assembly that electric power is associated.
The screen of one output interface of offer that multimedia groupware 1008 is included between device 1000 and user.At some In embodiment, screen can include liquid crystal display (LCD) and touch panel (TP).If screen includes touch panel, screen May be implemented as touch screen, to receive the input signal from user.Touch panel includes one or more touch sensor With the gesture on sensing touch, slip and touch panel.Touch sensor can not only sense touch or the border of sliding action, But also detect the persistent period relevant to touch or slide and pressure.In certain embodiments, multimedia groupware 1008 Including a front-facing camera and/or post-positioned pick-up head.When device 1000 is in operator scheme, such as screening-mode or video mode Time, front-facing camera and/or post-positioned pick-up head can receive the multi-medium data of outside.Each front-facing camera and rearmounted shooting Head can be a fixing optical lens system or have focal length and optical zoom ability.
Audio-frequency assembly 1010 is configured to output and/or input audio signal.Such as, audio-frequency assembly 1010 includes a wheat Gram wind (MIC), when device 1000 is in operator scheme, during such as call model, logging mode and speech recognition mode, mike quilt It is configured to receive external audio signal.The audio signal received can be further stored at memorizer 1004 or via communication Assembly 1016 sends.In certain embodiments, audio-frequency assembly 1010 also includes a speaker, is used for exporting audio signal.
I/O interface 1012 provides interface, above-mentioned peripheral interface module for processing between assembly 1002 and peripheral interface module Can be keyboard, put striking wheel, button etc..These buttons may include but be not limited to: home button, volume button, start button and Locking press button.
Sensor cluster 1014 includes one or more sensor, for providing the state of various aspects to comment for device 1000 Estimate.Such as, what sensor cluster 1014 can detect device 1000 opens/closed mode, the relative localization of assembly, such as group Part is display and the keypad of device 1000, and sensor cluster 1014 can also detect device 1000 or 1,000 1 groups of device The position change of part, the presence or absence that user contacts with device 1000, device 1000 orientation or acceleration/deceleration and device The variations in temperature of 1000.Sensor cluster 1014 can include proximity transducer, is configured to do not having any physics to connect The existence of object near detection when touching.Sensor cluster 1014 can also include optical sensor, as CMOS or ccd image sense Device, for using in imaging applications.In certain embodiments, this sensor cluster 1014 can also include acceleration sensing Device, gyro sensor, Magnetic Sensor, pressure transducer or temperature sensor.
Communications component 1016 is configured to facilitate the communication of wired or wireless mode between device 1000 and other equipment.Dress Put 1000 and can access wireless network based on communication standard, such as Wi-Fi, 2G or 3G, or combinations thereof.Exemplary at one In embodiment, broadcast singal or broadcast that communications component 1016 receives from external broadcasting management system via broadcast channel are relevant Information.In one exemplary embodiment, communications component 1016 also includes near-field communication (NFC) module, to promote junction service. Such as, can be based on RF identification (RFID) technology in NFC module, Infrared Data Association (IrDA) technology, ultra broadband (UWB) skill Art, bluetooth (BT) technology and other technologies realize.
In the exemplary embodiment, device 1000 can be by one or more application specific integrated circuits (ASIC), numeral Signal processor (DSP), digital signal processing appts (DSPD), PLD (PLD), field programmable gate array (FPGA), controller, microcontroller, microprocessor or other electronic components realize, be used for performing above-mentioned startup calibration method.
In the exemplary embodiment, a kind of non-transitory computer-readable recording medium including instruction, example are additionally provided As included the memorizer 1004 of instruction, above-mentioned instruction can have been performed above-mentioned start verification by the processor 1018 of device 1000 Method.Such as, non-transitory computer-readable recording medium can be ROM, random access memory (RAM), CD-ROM, magnetic Band, floppy disk and optical data storage devices etc..
Those skilled in the art, after considering description and putting into practice invention disclosed herein, will readily occur to its of the disclosure Its embodiment.The application is intended to any modification, purposes or the adaptations of the disclosure, these modification, purposes or Person's adaptations is followed the general principle of the disclosure and includes the undocumented common knowledge in the art of the disclosure Or conventional techniques means.Description and embodiments is considered only as exemplary, and the true scope of the disclosure and spirit are by following Claim is pointed out.
It should be appreciated that the disclosure is not limited to precision architecture described above and illustrated in the accompanying drawings, and And various modifications and changes can carried out without departing from the scope.The scope of the present disclosure is only limited by appended claim.

Claims (11)

1. a startup calibration method, it is characterised in that in terminal, at least includes hardware layer, kernel in described terminal Kernel layer, bootload Bootloader layer and file system layer, in described Kernel layer, storage has PKI, described Bootloader layer carries signature, and described method includes:
Detect whether described terminal is non-test terminal;
When determining that described terminal is described non-test terminal, then use described PKI to described label by described Kernel layer Name verifies, and described signature is the signature generated according to private key, and described private key does not mates with described PKI, is verifying unsuccessfully Time, instruction terminates verification.
Method the most according to claim 1, it is characterised in that whether the described terminal of described detection is non-test terminal, Including:
Detecting and whether comprise preinstalled circuit structure in described terminal, described preinstalled circuit structure is used for representing that described terminal is test Use terminal;
If described terminal does not comprise described preinstalled circuit structure, it is determined that described terminal is described non-test terminal.
Method the most according to claim 2, it is characterised in that whether comprise preinstalled circuit knot in the described terminal of described detection Structure, including:
Detecting and whether comprise described preinstalled circuit structure in the trusted area of described hardware layer, described trusted area is described hardware Forbid in Ceng being employed the region that program directly accesses.
Method the most according to claim 1, it is characterised in that whether the described terminal of described detection is non-test terminal, Including:
Whether detect to comprise in described terminal and preset mark, described presetting is designated for representing that described terminal is test terminal Mark;
If described terminal does not comprise described default mark, it is determined that described terminal is described non-test terminal.
Method the most according to claim 4, it is characterised in that whether comprise in the described terminal of described detection and preset mark, Including:
Detecting and whether comprise described default mark in the trusted storage region of described hardware layer, described trusted storage region is described Hardware layer is forbidden be employed the region that program directly accesses.
6. a start calibration equipment, it is characterised in that in terminal, at least includes hardware layer, kernel in described terminal Kernel layer, bootload Bootloader layer and file system layer, in described Kernel layer, storage has PKI, described Bootloader layer carries signature, and described device includes:
Detection module, is configured to detect whether described terminal is non-test terminal;
Correction verification module, is configured as determining when described terminal is described non-test terminal, then made by described Kernel layer Verifying described signature with described PKI, described signature is the signature generated according to private key, described private key and described PKI Not mating, when verifying unsuccessfully, instruction terminates verification.
Device the most according to claim 6, it is characterised in that described detection module includes:
First detection sub-module, is configured to detect in described terminal whether comprise preinstalled circuit structure, and described preinstalled circuit is tied Structure is used for representing that described terminal is test terminal;
First determines submodule, when being configured to not comprise described preinstalled circuit structure in described terminal, it is determined that described end End is described non-test terminal.
Device the most according to claim 7, it is characterised in that
Described first detection sub-module, is additionally configured to detect in the trusted area of described hardware layer whether comprise described default electricity Line structure, described trusted area is to forbid in described hardware layer being employed the region that program directly accesses.
Device the most according to claim 6, it is characterised in that described detection module includes:
Second detection sub-module, be configured to detect in described terminal whether comprise preset mark, described preset be designated for Represent the mark that described terminal is test terminal;
Second determines submodule, when being configured to not comprise described default mark in described terminal, it is determined that described terminal is Described non-test terminal.
Device the most according to claim 9, it is characterised in that
Described second detection sub-module, be additionally configured to detect whether the trusted storage region of described hardware layer comprises described pre- Bidding is known, and described trusted storage region is to forbid in described hardware layer being employed the region that program directly accesses.
11. 1 kinds of start calibration equipments, it is characterised in that in terminal, at least include hardware layer, kernel in described terminal Kernel layer, bootload Bootloader layer and file system layer, in described Kernel layer, storage has PKI, described Bootloader layer carries signature, and described device includes:
Processor;
For storing the memorizer of described processor executable;
Wherein, described processor is configured to:
Detect whether described terminal is non-test terminal;
When determining that described terminal is described non-test terminal, then use described PKI to described label by described Kernel layer Name verifies, and described signature is the signature generated according to private key, and described private key does not mates with described PKI, is verifying unsuccessfully Time, instruction terminates verification.
CN201610620662.8A 2016-07-29 2016-07-29 Startup calibration method and device Active CN106295363B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610620662.8A CN106295363B (en) 2016-07-29 2016-07-29 Startup calibration method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610620662.8A CN106295363B (en) 2016-07-29 2016-07-29 Startup calibration method and device

Publications (2)

Publication Number Publication Date
CN106295363A true CN106295363A (en) 2017-01-04
CN106295363B CN106295363B (en) 2019-05-14

Family

ID=57663850

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610620662.8A Active CN106295363B (en) 2016-07-29 2016-07-29 Startup calibration method and device

Country Status (1)

Country Link
CN (1) CN106295363B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107194211A (en) * 2017-05-19 2017-09-22 环旭电子股份有限公司 Automated validation test system and method
WO2022028075A1 (en) * 2020-08-03 2022-02-10 深圳市广和通无线股份有限公司 Network connection method and apparatus, and computer device and storage medium
US11392687B2 (en) * 2019-01-04 2022-07-19 Baidu Usa Llc Method and system for validating kernel objects to be executed by a data processing accelerator of a host system
TWI824602B (en) * 2022-07-05 2023-12-01 大陸商星宸科技股份有限公司 Electronic device and control method thereof

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200838251A (en) * 2007-03-06 2008-09-16 Chunghwa Telecom Co Ltd Dynamic one-time password authentication system
CN103914658A (en) * 2013-01-05 2014-07-09 展讯通信(上海)有限公司 Safe starting method of terminal equipment, and terminal equipment
CN104200153A (en) * 2014-09-12 2014-12-10 北京赛科世纪数码科技有限公司 Start verification method and system
US20140380031A1 (en) * 2013-06-24 2014-12-25 Red Hat, Inc. System wide root of trust chaining via signed applications

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200838251A (en) * 2007-03-06 2008-09-16 Chunghwa Telecom Co Ltd Dynamic one-time password authentication system
CN103914658A (en) * 2013-01-05 2014-07-09 展讯通信(上海)有限公司 Safe starting method of terminal equipment, and terminal equipment
US20140380031A1 (en) * 2013-06-24 2014-12-25 Red Hat, Inc. System wide root of trust chaining via signed applications
CN104200153A (en) * 2014-09-12 2014-12-10 北京赛科世纪数码科技有限公司 Start verification method and system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107194211A (en) * 2017-05-19 2017-09-22 环旭电子股份有限公司 Automated validation test system and method
CN107194211B (en) * 2017-05-19 2020-03-10 环旭电子股份有限公司 Automatic authentication test system and method
US11392687B2 (en) * 2019-01-04 2022-07-19 Baidu Usa Llc Method and system for validating kernel objects to be executed by a data processing accelerator of a host system
WO2022028075A1 (en) * 2020-08-03 2022-02-10 深圳市广和通无线股份有限公司 Network connection method and apparatus, and computer device and storage medium
TWI824602B (en) * 2022-07-05 2023-12-01 大陸商星宸科技股份有限公司 Electronic device and control method thereof

Also Published As

Publication number Publication date
CN106295363B (en) 2019-05-14

Similar Documents

Publication Publication Date Title
CN105848134B (en) Virtual SIM card management device, communication terminal, access control method and management method
KR102223609B1 (en) Content sharing method and apparatus
CN107241688A (en) Signature, verification method, device and the storage medium of application installation package
CN104852911B (en) Safe verification method, apparatus and system
CN106650460B (en) A kind of edition correcting method, device and terminal device
CN102016867B (en) System and method of authorizing execution of software code based on at least one installed profile
CN108269334A (en) Method for unlocking, terminal device and smart lock
CN105975864A (en) Operation system starting method and device, and terminal
US11722315B2 (en) Factory data storage and recovery
US10200201B2 (en) Method for application installation, electronic device, and certificate system
CN104283876A (en) Operation authorization method and device
CN103957103A (en) Safety authentication method and device and mobile terminal
CN104331668A (en) Wrong password prompting method and device
CN104618330A (en) Business processing method and device and terminal
CN102016866A (en) System and method of authorizing execution of software code in a device based on entitlements granted to a carrier
CN106295363B (en) Startup calibration method and device
CN106453802A (en) Cipher verification method and device, and terminal
CN107766701A (en) Electronic equipment, dynamic library file guard method and device
CN108696361B (en) Configuration method, generation method and device of smart card
KR20160064033A (en) Method and apparatus of verifying terminal
CN106060098A (en) Processing method, processing device and processing system for verification codes
CN106709284A (en) Root package validation method and device
CN105677513A (en) Method and device for restoring backup data
TW201826158A (en) Method, Device and Terminal for Displaying Data
CN105282162A (en) Processing method and device for account management business

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant