CN106339621A - Data processing method for USB equipment and USB equipment - Google Patents
Data processing method for USB equipment and USB equipment Download PDFInfo
- Publication number
- CN106339621A CN106339621A CN201510424886.7A CN201510424886A CN106339621A CN 106339621 A CN106339621 A CN 106339621A CN 201510424886 A CN201510424886 A CN 201510424886A CN 106339621 A CN106339621 A CN 106339621A
- Authority
- CN
- China
- Prior art keywords
- safety chip
- instruction
- chip
- main control
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 13
- 238000000034 method Methods 0.000 claims abstract description 30
- 230000001360 synchronised effect Effects 0.000 claims description 83
- 238000004891 communication Methods 0.000 claims description 8
- 101000896740 Solanum tuberosum Cysteine protease inhibitor 9 Proteins 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000017702 response to host Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/38—Information transfer, e.g. on bus
- G06F13/42—Bus transfer protocol, e.g. handshake; Synchronisation
- G06F13/4282—Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus
- G06F13/4295—Bus transfer protocol, e.g. handshake; Synchronisation on a serial bus, e.g. I2C bus, SPI bus using an embedded synchronisation
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
- Information Transfer Systems (AREA)
Abstract
The embodiment of the invention discloses a data processing method for the USB equipment. The USB equipment is connected with an upper computer through a USB interface and comprises a main control chip and a plurality of security chips. The method comprises the following steps: after receiving an instruction from the upper computer, the main control chip determines one of the security chips to be a secure chip for executing the instruction and transmits the instruction to the security chip executing the instruction; and after receiving the instruction, the security chip used for executing the instruction executes the instruction. The concurrent operation is implemented through the plurality of security chips, the arithmetic speed of a cryptographic algorithm is increased, and meanwhile, the additional problems of high cost or high calorific value are also avoided.
Description
Technical field
The present invention relates to data processing field and in particular to a kind of data processing method of usb equipment and should
Usb equipment.
Background technology
Usb equipment (usb key) is a kind of hardware device of usb interface.Its built-in single-chip microcomputer or intelligence
The core of the card piece, has certain memory space, can store private key and the digital certificate of user, using usb key
Built-in public key algorithm realizes the certification to user identity.Because private key for user is saved in coded lock, theoretical
On make all cannot to read in any way, thereby ensure that the security of user authentication.
Usb key as digital certificate the application in pki (PKIX) field for the carrier increasingly
Generally, bank has spread over other application from network, and such as web-based registration etc. needs the scene of batch signature.
Due to traditional usb key adopt safety chip performance limit so that the arithmetic speed of its cryptographic algorithm
Through the requirement of user can not be met.
Safety chip in order to improve usb key employing executes the arithmetic speed of cryptographic algorithm, in the market
The scheme existing mostly is and adopts high-frequency, high performance safety chip to replace the peace that traditional usb key adopts
Full chip, although high-frequency, high performance safety chip can solve the problem that the arithmetic speed of cryptographic algorithm
Problem, is but with the Costco Wholesale of decades of times or higher as cost.Simultaneously as the high frequency of safety chip
Rate so that safety chip operationally caloric value is big, have impact on the experience of user.
Content of the invention
The invention provides a kind of data processing method of usb equipment and this usb equipment, can not only solve
The certainly problem of the arithmetic speed of cryptographic algorithm, also will not bring as high in Costco Wholesale, and caloric value is asked by big additional
Topic.
The invention provides a kind of data processing method of usb equipment, described usb equipment is by usb interface
It is connected with host computer, described usb equipment includes main control chip and multiple safety chip, methods described includes:
Described main control chip is receiving after the instruction of described host computer, by the plurality of safety chip
One safety chip is defined as the safety chip for executing described instruction, and described instruction is sent to described
For executing the safety chip of described instruction;
The described safety chip for executing described instruction, after receiving described instruction, executes described instruction.
Preferably, described usb equipment is equipment complex, and methods described also includes:
Described main control chip sets up multiple corresponding with each interface equipment in described usb equipment respectively patrol
Volume passage, and the corresponding relation of each logical channel and each safety chip is set, described logical channel is used for
Described main control chip and the communication of described host computer.
Preferably, described main control chip is receiving after the instruction of described host computer, by the plurality of safety
One of chip safety chip is defined as the safety chip for executing described instruction, comprising:
Described main control chip, by one of the plurality of logical channel logical channel, receives on described
The instruction of position machine;
Described main control chip passes through to identify described logical channel, in each logical channel described and each safe core
In the corresponding relation of piece, inquire about safety chip corresponding with described logical channel, and will be true for described safety chip
It is set to the safety chip for executing described instruction.
Preferably, described main control chip is receiving after the instruction of described host computer, by the plurality of safety
One of chip safety chip is defined as the safety chip for executing described instruction, comprising:
Described main control chip receives the instruction from described host computer, and described instruction includes safety chip mark;
Described main control chip will identify corresponding safe core with described safety chip in the plurality of safety chip
Piece, is defined as the safety chip for executing described instruction.
Preferably, the plurality of safety chip includes a main safety chip and multiple auxiliary safety chip, described
Method also includes:
The synchronizing information to be synchronized of itself to the plurality of auxiliary safety chip, described is treated by described main safety chip
Synchronizing information include unsymmetrical key and or safe condition, described safe condition is used for identifying safety chip and works as
Front residing safe class.
Preferably, described main control chip is receiving after the instruction of described host computer, by the plurality of safety
One of chip safety chip is defined as the safety chip for executing described instruction, and described instruction is sent out
Deliver to the described safety chip for executing described instruction, particularly as follows:
Described main control chip receives and refers to from the generation unsymmetrical key instruction of described host computer or discriminating authority
After order, described main safety chip is defined as executing described generation unsymmetrical key instruction or differentiating authority
The safety chip of instruction, and by described generation unsymmetrical key instruction or differentiate that authority instruction sends to described master
Safety chip;
The described safety chip for executing described instruction, after receiving described instruction, executes described instruction,
Particularly as follows:
Described main safety chip is after receiving described generation unsymmetrical key instruction or differentiating authority instruction, raw
Unsymmetrical key or execution is become to differentiate authority.
Preferably, described main safety chip by the synchronizing information to be synchronized of itself to the plurality of auxiliary safe core
Piece, comprising:
Described main safety chip sends the information encryption to be synchronized of itself to described main control chip;
Described main control chip is by the synchronizing information described to be synchronized encrypted to the plurality of auxiliary safety chip;
The plurality of auxiliary safety chip after the information described to be synchronized deciphering storage by encryption, to described master control
Chip returns synchronous success status code;
When described main control chip receives the synchronization of each the auxiliary safety chip in the plurality of auxiliary safety chip
After success status code, send synchronizing information success status code to be synchronized to described host computer.
Preferably, described main safety chip by the synchronizing information to be synchronized of itself to the plurality of auxiliary safe core
Piece, comprising:
Described main safety chip sends the information encryption to be synchronized of itself to described main control chip, and passes through institute
State main control chip and return synchronizing information request to be synchronized to described host computer;
Described main control chip receives after the synchronizing information instruction to be synchronized of described host computer, by the institute of encryption
State synchronizing information to be synchronized to the plurality of auxiliary safety chip.
Present invention also offers a kind of usb equipment, described usb equipment is by usb interface and host computer
It is connected, described usb equipment includes main control chip and multiple safety chip;
Described main control chip, for receiving after the instruction of described host computer, by the plurality of safety
One of chip safety chip is defined as the safety chip for executing described instruction, and described instruction is sent out
Deliver to the described safety chip for executing described instruction;
The described safety chip for executing described instruction, for, after receiving described instruction, execution is described
Instruction.
Preferably, described usb equipment be equipment complex, described main control chip include path setup module and
Setup module,
Described path setup module, multiple is set with each interface in described usb equipment respectively for setting up
Standby corresponding logical channel, described logical channel is used for the communication of described main control chip and described host computer;
Described setup module, for arranging the corresponding relation of each logical channel and each safety chip.
Preferably, described main control chip also includes the first receiver module and the first determining module,
Described first receiver module, for by one of the plurality of logical channel logical channel, receiving
Instruction from described host computer;
Described first determining module, for by identify described logical channel, each logical channel described with
In the corresponding relation of each safety chip, inquire about safety chip corresponding with described logical channel, and will be described
Safety chip is defined as the safety chip for executing described instruction.
Preferably, described main control chip includes the second receiver module and the second determining module;
Described second receiver module, for receiving the instruction from described host computer, described instruction includes safety
Chip identification;
Described second determining module, for corresponding by identifying with described safety chip in the plurality of safety chip
Safety chip, be defined as the safety chip for executing described instruction.
Preferably, the plurality of safety chip includes a main safety chip and multiple auxiliary safety chip, described
Main safety chip includes synchronization module;
Described synchronization module, for extremely the plurality of by the described main safety chip synchronizing information to be synchronized of itself
Auxiliary safety chip, described information to be synchronized includes unsymmetrical key, safe condition, and described safe condition is used for
The safe class that mark safety chip is presently in.
Preferably, described main control chip, specifically for receiving the generation unsymmetrical key from described host computer
After instruction or discriminating authority instruction, described main safety chip is defined as asymmetric close for executing described generation
Key instruction or the safety chip differentiating authority instruction, and by described generation unsymmetrical key instruction or differentiate authority
Instruction sends to described main safety chip;
Described main safety chip, for receiving described generation unsymmetrical key instruction or differentiating authority instruction
Afterwards, generate unsymmetrical key or execution differentiates authority.
Preferably, the synchronization module of described main safety chip is included for sending out the information encryption to be synchronized of itself
Deliver to the submodule of described main control chip;
Described main control chip, including the synchronizing information described to be synchronized for encrypting to the plurality of auxiliary safety
The module of chip;
The plurality of auxiliary safety chip, for after the information deciphering storage described to be synchronized by encryption, to institute
State main control chip and return synchronous success status code;
Described main control chip, is also included for receiving each the auxiliary safety in the plurality of auxiliary safety chip
The mould of synchronizing information success status code to be synchronized after the synchronous success status code of chip, is sent to described host computer
Block.
Preferably, the synchronization module of described main safety chip includes encrypting sending submodule and returns submodule;
Described encryption sending submodule, for sending the information encryption to be synchronized of described main safety chip itself
To described main control chip;
Described return submodule, same for information to be synchronized is returned to described host computer by described main control chip
Step request;
Described main control chip, after instructing including the synchronizing information to be synchronized being derived from described host computer for reception,
Module by the synchronizing information described to be synchronized of encryption to the plurality of auxiliary safety chip.
The invention provides a kind of data processing method of usb equipment, described usb equipment is by usb interface
It is connected with host computer, described usb equipment includes main control chip and multiple safety chip, methods described includes:
Described main control chip is receiving after the instruction of described host computer, by one of the plurality of safety chip
Safety chip is defined as the safety chip for executing described instruction, and described instruction is sent extremely described being used for
Execute the safety chip of described instruction;The described safety chip for executing described instruction is receiving described finger
After order, execute described instruction.The present invention realizes concurrent operations by multiple safety chips, can not only improve
The arithmetic speed of cryptographic algorithm, also will not bring as high in Costco Wholesale, the big accessory problem of caloric value simultaneously.
In addition, The invention also achieves in usb equipment many safety chips synchronization.
Brief description
For the technical scheme being illustrated more clearly that in the embodiment of the present application, below will be to institute in embodiment description
Need use accompanying drawing be briefly described it should be apparent that, drawings in the following description are only the application
Some embodiments, for those of ordinary skill in the art, in the premise not paying creative labor
Under, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is the flow chart of the data processing method of usb equipment provided in an embodiment of the present invention;
Fig. 2 is the structural representation of usb equipment provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present application, the technical scheme in the embodiment of the present application is carried out clearly
Chu, it is fully described by it is clear that described embodiment is only some embodiments of the present application, rather than
Whole embodiments.Based on the embodiment in the application, those of ordinary skill in the art are not making creation
Property work under the premise of the every other embodiment that obtained, broadly fall into the scope of the application protection.
In the examples below, host computer refers to can directly send the computer of manipulation instruction, but is not limited to
This.Usb equipment (usb key) is a kind of hardware device of usb interface.Wherein, usb equipment passes through
Usb interface is connected with host computer.
Usb equipment in the embodiment of the present invention is a kind of usb equipment with multiple safety chips.Pass through
Many safety chips in usb equipment realize concurrent operations, to improve the fortune of the cryptographic algorithm in usb equipment
Calculate speed.It is true that from the point of view of device external, the concurrent operations of multiple safety chips are similar to a high-performance
Safety chip operational effect.But, the Costco Wholesale using traditional multiple safety chips is relatively low, with
Scheme using high-frequency, high performance safety chip is compared, and has saved cost to a certain extent.
Below the embodiment of the present invention is described.
Embodiments provide a kind of data processing method of usb equipment, wherein, described usb sets
Standby inclusion main control chip and multiple safety chip.With reference to Fig. 1, Fig. 1 is that the usb of the embodiment of the present invention sets
The flow chart of standby data processing method, as shown in figure 1, the method comprises the following steps:
S101: described main control chip is receiving after the instruction of described host computer, by the plurality of safe core
One of piece safety chip is defined as the safety chip for executing described instruction, and described instruction is sent
To the described safety chip for executing described instruction.
, after receiving described instruction, execution is described for s102: the described safety chip for executing described instruction
Instruction.
Usb equipment provided in an embodiment of the present invention includes main control chip and multiple safety chip.Wherein, when
When host computer and usb equipment interact, the main control chip in this usb equipment and host computer are directly carried out
Communication.That is, the multiple safety chips in usb equipment pass through the communication of main control chip and host computer,
Final realization is interacted with this host computer.
In s101, after the main control chip of usb equipment receives from the instruction of host computer, determine one
The individual safety chip for executing this instruction.
In a kind of implementation, described usb equipment is equipment complex.That is, work as realizing equipment complex
Usb equipment be connected with host computer after, this host computer by this have the usb equipment of multiple safety chips as
Be multiple usb equipment with single secure chip it is understood that being yes, host computer with multiple there is Dan An
The usb interface equipment of full chip is connected.In practical application, the main control chip of described usb equipment pre-builds
Multiple respectively with the corresponding logical channel of each interface equipment in described usb equipment, and pre-set each
Individual logical channel and the corresponding relation of each safety chip.That is, host computer is wanted and different safety
Chip carries out communicating to be needed using different logical channels.
Specifically, described main control chip, by one of the plurality of logical channel logical channel, receives
Instruction from described host computer.Described main control chip passes through to identify described logical channel, in each logic described
In the corresponding relation of passage and safety chip, inquire about safety chip corresponding with described logical channel, and by institute
State safety chip and be defined as the safety chip for executing described instruction.Wherein, pre-set in main control chip
The corresponding relation of each logical channel and each safety chip.
In another kind of implementation, first, described main control chip receives the instruction from described host computer, institute
State instruction and include safety chip mark, wherein, safety chip identifies for identifying each safety chip.Secondly,
Described main control chip will identify corresponding safety chip with described safety chip in the plurality of safety chip, really
It is set to the safety chip for executing described instruction.Specifically, the multiple safety chips in usb equipment divide
Not there is mark, the instruction that described host computer sends includes the mark of safety chip, for identifying this instruction
Which processed by safety chip.After described main control chip receives the instruction including safety chip mark, identification
Safety chip mark in described instruction, and described instruction is forwarded to the described safety chip corresponding peace of mark
Full chip.It should be noted that having prestored each safety chip in the main control chip of usb equipment
Mark.
In addition, in the present embodiment, host computer is before being communicated with usb equipment, it is first determined this usb
The not busy busy condition of the safety chip in equipment.Host computer each safety chip in locally recording this usb equipment
Not busy busy condition, for indicating that host computer sends instruction to which safety chip.In practical operation, when upper
Machine sends after instruction to certain safety chip, locally the state of this safety chip is set to busy;When this
Safety chip returns after response to host computer, and the state of this safety chip is locally being set to sky by host computer
Not busy.
In the present embodiment, described usb equipment includes a main safety chip and multiple auxiliary safety chip,
Described main safety chip by the synchronizing information to be synchronized of itself to the plurality of auxiliary safety chip, with keep main,
The synchronization of information in auxiliary safety chip.Wherein, described information to be synchronized includes unsymmetrical key and or safety
State.Wherein, safe condition refers to safety chip in a kind of safe class being presently in, by differentiating to weigh
Limit can be lifted or reduce the level of security of safety chip.In practical operation, main safety chip is used for producing non-
Symmetric key, can be also used for execution and differentiates limiting operation.Specifically, host computer is sent out to described main control chip
Send generation unsymmetrical key instruction or differentiate authority instruction, described main control chip receives from described host computer
After generating unsymmetrical key instruction or differentiating authority instruction, described main safety chip is defined as executing
State the safety chip generating unsymmetrical key instruction or differentiating authority instruction, and by described generation unsymmetrical key
Instruction or discriminating authority instruction send to described main safety chip.Described main safety chip is receiving described life
After becoming unsymmetrical key instruction or differentiating authority instruction, generate unsymmetrical key or execution differentiates limiting operation.
It should be noted that this unsymmetrical key can not occur in host computer in any form.
The information to be synchronized (such as unsymmetrical key, safe condition) of two kinds of main and auxiliary safety chips introduced below
Synchronous method, one of which method is:
First, described main safety chip sends the information encryption to be synchronized of itself to described main control chip, example
As for the asymmetric-key encryption of generation is sent to described main control chip.Secondly, described main control chip will add
Close synchronizing information described to be synchronized is to the plurality of auxiliary safety chip.Specifically, described main control chip passes through
Communication interface (spi, i2c, uart etc.) transmits described information to be synchronized.The plurality of auxiliary safety chip
After the information deciphering storage described to be synchronized by encryption, return synchronous success status to described main control chip
Code.When the synchronization that described main control chip receives each the auxiliary safety chip in the plurality of auxiliary safety chip becomes
After work(conditional code, send synchronizing information success status code to be synchronized to described host computer.That is, only
After in the plurality of auxiliary safety chip, all auxiliary safety chips all complete synchronization, described main control chip ability is to described
Host computer sends synchronizing information success status code to be synchronized.
Wherein, conditional code can be used for informing master control for the status indicator made an appointment, synchronous success status code
Each auxiliary safety chip of chip has completed the synchronization of information to be synchronized.Synchronizing information success status code to be synchronized
For notifying the main and auxiliary safety chip of described host computer to complete synchronization.
In another kind of method, described main safety chip sends the information encryption to be synchronized of itself to described master control
Chip, for example, after main safety chip is successfully generated unsymmetrical key, will generate asymmetric-key encryption
Send to main control chip.It is to be synchronized to the return of described host computer that described main safety chip passes through described main control chip
Synchronizing information is asked, to ask described host computer to send synchronizing information instruction to be synchronized to described main control chip.
Described main control chip receives after the synchronizing information instruction to be synchronized of described host computer, will treat described in encryption
Synchronizing information is synchronized to the plurality of auxiliary safety chip, with complete the information to be synchronized of main and auxiliary safety chip with
Step.
In addition, usb equipment needed first to the safety chip in usb equipment before being first used
Cos (chip operating system) carries out initialization and pre- individualized operation.Usb equipment due to the present invention
There are multiple safety chips, so, in order to reduce initialization and pre- individualized operation's number of times, the present invention is implemented
Example only carries out initialization and pre- individualized operation to main safety chip cos.That is, having many peaces
Before the usb equipment of full chip is first used, only initialized in advance in described main safety chip
With pre- individualized operation, without each auxiliary safety chip cos is carried out initialization and pre- individualized behaviour
Make.Simultaneously for security consideration, auxiliary safety chip is when using the such as privacy information of unsymmetrical key, first
The corresponding access right of this privacy information is first obtained from main safety chip.Utilize main in the embodiment of the present invention,
The information synchronization method to be synchronized of auxiliary safety chip, each auxiliary safety chip can obtain from main safety chip
The corresponding access right of privacy information.
In practical operation, the synchronous key with main and auxiliary safety chip of safe condition of main and auxiliary safety chip is same
The implementation of step is essentially identical, be referred to the key synchronization of main and auxiliary safety chip scheme understand main,
The synchronous implementation of the safe condition of auxiliary safety chip.
In the data processing method of usb equipment provided in an embodiment of the present invention, described usb equipment passes through usb
Interface is connected with host computer, and described usb equipment includes main control chip and multiple safety chip, methods described bag
Include: described main control chip is receiving after the instruction of described host computer, by the plurality of safety chip
One safety chip is defined as the safety chip for executing described instruction, and described instruction is sent to described
For executing the safety chip of described instruction;The described safety chip for executing described instruction is receiving
After stating instruction, execute described instruction.The embodiment of the present invention realizes concurrent operations by multiple safety chips, no
The arithmetic speed of cryptographic algorithm only can be improved, also will not bring as high in Costco Wholesale, caloric value is big simultaneously
Accessory problem.In addition, The invention also achieves in usb equipment many safety chips synchronization.
The embodiment of the present invention additionally provides a kind of usb equipment, and with reference to Fig. 2, Fig. 2 carries for the embodiment of the present invention
For usb equipment structural representation, wherein, described usb equipment 200 pass through usb interface with upper
Machine 210 is connected, and described usb equipment includes main control chip 201 and multiple safety chip 202;
Described main control chip 201, for receiving after the instruction of described host computer, will be the plurality of
One of safety chip safety chip is defined as the safety chip for executing described instruction, and by described finger
Order sends to the described safety chip for executing described instruction;
The described safety chip 202 for executing described instruction, for, after receiving described instruction, executing
Described instruction.
In a kind of implementation, realize usb equipment complex in advance, that is, described usb equipment is equipment complex,
Now, described main control chip includes path setup module and setup module,
Described path setup module, is used for setting up multiple logical channels, and described logical channel is used for described master control
Chip and the communication of described host computer;
Described setup module, for arranging the corresponding relation of each logical channel and each safety chip.
In this implementation, described main control chip also includes the first receiver module and the first determining module,
Described first receiver module, for by one of the plurality of logical channel logical channel, receiving
Instruction from described host computer;
Described first determining module, for by identify described logical channel, each logical channel described with
In the corresponding relation of each safety chip, inquire about safety chip corresponding with described logical channel, and will be described
Safety chip is defined as the safety chip for executing described instruction.
In another kind of implementation, described main control chip includes the second receiver module and the second determining module;
Described second receiver module, for receiving the instruction from described host computer, described instruction includes safety
Chip identification;
Described second determining module, for corresponding by identifying with described safety chip in the plurality of safety chip
Safety chip, be defined as the safety chip for executing described instruction.
The present embodiment provide usb equipment in multiple safety chips includes one main safety chip with many
Individual auxiliary safety chip, described main safety chip includes synchronization module;
Described synchronization module, for extremely the plurality of by the described main safety chip synchronizing information to be synchronized of itself
Auxiliary safety chip, described information to be synchronized includes unsymmetrical key, safe condition, and described safe condition is used for
The safe class that mark safety chip is presently in.
In practical application, main safety chip is used for generating unsymmetrical key or execution differentiates authority, and this is asymmetric
Key can not occur in host computer in any form.
Specifically, described main control chip, specifically for receiving the generation unsymmetrical key from described host computer
After instruction or discriminating authority instruction, described main safety chip is defined as asymmetric close for executing described generation
Key instruction or the safety chip differentiating authority instruction, and by described generation unsymmetrical key instruction or differentiate authority
Instruction sends to described main safety chip;
Described main safety chip, for receiving described generation unsymmetrical key instruction or differentiating authority instruction
Afterwards, generate unsymmetrical key or execution differentiates authority.
In addition, for the synchronization realizing main and auxiliary safety chip, in main safety chip in the embodiment of the present invention
The specific implementation of synchronization module is as follows:
The synchronization module of described main safety chip is included for sending the information encryption to be synchronized of itself to institute
State the submodule of main control chip;
Described main control chip, including the synchronizing information described to be synchronized for encrypting to the plurality of auxiliary safety
The module of chip;
The plurality of auxiliary safety chip, for after the information deciphering storage described to be synchronized by encryption, to institute
State main control chip and return synchronous success status code;
Described main control chip, is also included for receiving each the auxiliary safety in the plurality of auxiliary safety chip
The mould of synchronizing information success status code to be synchronized after the synchronous success status code of chip, is sent to described host computer
Block.
The specific implementation of the synchronization module in main safety chip in the embodiment of the present invention is as follows:
The synchronization module of described main safety chip includes encrypting sending submodule and returns submodule;
Described encryption sending submodule, for sending the information encryption to be synchronized of described main safety chip itself
To described main control chip;
Described return submodule, same for information to be synchronized is returned to described host computer by described main control chip
Step request;
Described main control chip, after instructing including the synchronizing information to be synchronized being derived from described host computer for reception,
Module by the synchronizing information described to be synchronized of encryption to the plurality of auxiliary safety chip.
A kind of usb equipment provided in an embodiment of the present invention, described usb equipment passes through usb interface and host computer
It is connected, described usb equipment includes main control chip and multiple safety chip, and described main control chip, for connecing
Receive after the instruction of described host computer, one of the plurality of safety chip safety chip is defined as
For executing the safety chip of described instruction, and described instruction transmission is used for executing described instruction to described
Safety chip;The described safety chip for executing described instruction, for, after receiving described instruction, holding
The described instruction of row.The embodiment of the present invention realizes concurrent operations by multiple safety chips, can not only improve close
The arithmetic speed of code algorithm, also will not bring as high in Costco Wholesale, the big accessory problem of caloric value simultaneously.Separately
Outward, The invention also achieves in usb equipment many safety chips synchronization.
For terminal, server, system embodiment, because it corresponds essentially to embodiment of the method,
So the part referring to embodiment of the method illustrates in place of correlation.Terminal described above, service
Device, system embodiment are only schematically, and the wherein said module illustrating as separating component is permissible
It is or may not be physically separate, as the part that module shows can be or can also
It is not physical location, you can with positioned at a place, or can also be distributed on multiple NEs.
Some or all of module therein can be selected according to the actual needs to realize this embodiment scheme
Purpose.Those of ordinary skill in the art are not in the case of paying creative work, you can to understand simultaneously
Implement.
It should be noted that herein, such as first and second or the like relational terms be used merely to by
One entity or operation are made a distinction with another entity or operation, and not necessarily require or imply these
There is any this actual relation or order between entity or operation.And, term " inclusion ", " bag
Contain " or its any other variant be intended to comprising of nonexcludability so that include a series of key elements
Process, method, article or equipment not only includes those key elements, but also includes being not expressly set out
Other key elements, or also include for this process, method, article or the intrinsic key element of equipment.?
In the case of not having more restriction, the key element being limited by sentence "including a ..." is it is not excluded that wrapping
Also there is other identical element in the process, method, article or the equipment that include described key element.
Data processing method to the usb equipment of the embodiment of the present invention above, and this usb equipment carried out in detail
Introduce, specific case used herein is set forth to the principle of the present invention and embodiment, above reality
The explanation applying example is only intended to help and understands the method for the present invention and its core concept;Simultaneously for this area
Those skilled in the art, according to the present invention thought, all have in specific embodiments and applications and change
In place of change, in sum, this specification content should not be construed as limitation of the present invention.
Claims (16)
1. a kind of data processing method of usb equipment is it is characterised in that described usb equipment passes through usb
Interface is connected with host computer, and described usb equipment includes main control chip and multiple safety chip, methods described bag
Include:
Described main control chip is receiving after the instruction of described host computer, by the plurality of safety chip
One safety chip is defined as the safety chip for executing described instruction, and described instruction is sent to described
For executing the safety chip of described instruction;
The described safety chip for executing described instruction, after receiving described instruction, executes described instruction.
2. method according to claim 1 it is characterised in that described usb equipment be equipment complex,
Methods described also includes:
Described main control chip sets up multiple corresponding with each interface equipment in described usb equipment respectively patrol
Volume passage, and the corresponding relation of each logical channel and each safety chip is set, described logical channel is used for
Described main control chip and the communication of described host computer.
3. method according to claim 2 is it is characterised in that described main control chip is derived from reception
After the instruction of described host computer, one of the plurality of safety chip safety chip is defined as executing
The safety chip of described instruction, comprising:
Described main control chip, by one of the plurality of logical channel logical channel, receives on described
The instruction of position machine;
Described main control chip passes through to identify described logical channel, in each logical channel described and each safe core
In the corresponding relation of piece, inquire about safety chip corresponding with described logical channel, and will be true for described safety chip
It is set to the safety chip for executing described instruction.
4. method according to claim 1 is it is characterised in that described main control chip is derived from reception
After the instruction of described host computer, one of the plurality of safety chip safety chip is defined as executing
The safety chip of described instruction, comprising:
Described main control chip receives the instruction from described host computer, and described instruction includes safety chip mark;
Described main control chip will identify corresponding safe core with described safety chip in the plurality of safety chip
Piece, is defined as the safety chip for executing described instruction.
5. method according to claim 1 is it is characterised in that the plurality of safety chip includes one
Individual main safety chip and multiple auxiliary safety chip, methods described also includes:
The synchronizing information to be synchronized of itself to the plurality of auxiliary safety chip, described is treated by described main safety chip
Synchronizing information include unsymmetrical key and or safe condition, described safe condition is used for identifying safety chip and works as
Front residing safe class.
6. method according to claim 5 is it is characterised in that described main control chip is derived from reception
After the instruction of described host computer, one of the plurality of safety chip safety chip is defined as executing
The safety chip of described instruction, and described instruction is sent to the described safe core being used for executing described instruction
Piece, particularly as follows:
Described main control chip receives and refers to from the generation unsymmetrical key instruction of described host computer or discriminating authority
After order, described main safety chip is defined as executing described generation unsymmetrical key instruction or differentiating authority
The safety chip of instruction, and by described generation unsymmetrical key instruction or differentiate that authority instruction sends to described master
Safety chip;
The described safety chip for executing described instruction, after receiving described instruction, executes described instruction,
Particularly as follows:
Described main safety chip is after receiving described generation unsymmetrical key instruction or differentiating authority instruction, raw
Unsymmetrical key or execution is become to differentiate authority.
7. method according to claim 5 it is characterised in that described main safety chip by itself
Synchronizing information to be synchronized is to the plurality of auxiliary safety chip, comprising:
Described main safety chip sends the information encryption to be synchronized of itself to described main control chip;
Described main control chip is by the synchronizing information described to be synchronized encrypted to the plurality of auxiliary safety chip;
The plurality of auxiliary safety chip after the information described to be synchronized deciphering storage by encryption, to described master control
Chip returns synchronous success status code;
When described main control chip receives the synchronization of each the auxiliary safety chip in the plurality of auxiliary safety chip
After success status code, send synchronizing information success status code to be synchronized to described host computer.
8. method according to claim 5 it is characterised in that described main safety chip by itself
Synchronizing information to be synchronized is to the plurality of auxiliary safety chip, comprising:
Described main safety chip sends the information encryption to be synchronized of itself to described main control chip, and passes through institute
State main control chip and return synchronizing information request to be synchronized to described host computer;
Described main control chip receives after the synchronizing information instruction to be synchronized of described host computer, by the institute of encryption
State synchronizing information to be synchronized to the plurality of auxiliary safety chip.
9. a kind of usb equipment is it is characterised in that described usb equipment passes through usb interface and host computer
It is connected, described usb equipment includes main control chip and multiple safety chip;
Described main control chip, for receiving after the instruction of described host computer, by the plurality of safety
One of chip safety chip is defined as the safety chip for executing described instruction, and described instruction is sent out
Deliver to the described safety chip for executing described instruction;
The described safety chip for executing described instruction, for, after receiving described instruction, execution is described
Instruction.
10. usb equipment according to claim 9 is it is characterised in that described usb equipment is multiple
Conjunction equipment, described main control chip includes path setup module and setup module,
Described path setup module, multiple is set with each interface in described usb equipment respectively for setting up
Standby corresponding logical channel, described logical channel is used for the communication of described main control chip and described host computer;
Described setup module, for arranging the corresponding relation of each logical channel and each safety chip.
11. usb equipment according to claim 10 are it is characterised in that described main control chip also wraps
Include the first receiver module and the first determining module,
Described first receiver module, for by one of the plurality of logical channel logical channel, receiving
Instruction from described host computer;
Described first determining module, for by identify described logical channel, each logical channel described with
In the corresponding relation of each safety chip, inquire about safety chip corresponding with described logical channel, and will be described
Safety chip is defined as the safety chip for executing described instruction.
12. usb equipment according to claim 9 are it is characterised in that described main control chip includes
Second receiver module and the second determining module;
Described second receiver module, for receiving the instruction from described host computer, described instruction includes safety
Chip identification;
Described second determining module, for corresponding by identifying with described safety chip in the plurality of safety chip
Safety chip, be defined as the safety chip for executing described instruction.
13. usb equipment according to claim 9 are it is characterised in that the plurality of safety chip
Including a main safety chip and multiple auxiliary safety chip, described main safety chip includes synchronization module;
Described synchronization module, for extremely the plurality of by the described main safety chip synchronizing information to be synchronized of itself
Auxiliary safety chip, described information to be synchronized includes unsymmetrical key, safe condition, and described safe condition is used for
The safe class that mark safety chip is presently in.
14. usb equipment according to claim 13, it is characterised in that described main control chip, have
Body is used for receiving after the instruction of generation unsymmetrical key or discriminating authority instruction of described host computer, will be described
Main safety chip is defined as executing the described safety generating unsymmetrical key instruction or differentiating authority instruction
Chip, and by described generation unsymmetrical key instruction or differentiate that authority instruction sends to described main safety chip;
Described main safety chip, for receiving described generation unsymmetrical key instruction or differentiating authority instruction
Afterwards, generate unsymmetrical key or execution differentiates authority.
15. usb equipment according to claim 13 are it is characterised in that described main safety chip
Synchronization module is included for sending the information encryption to be synchronized of itself to the submodule of described main control chip;
Described main control chip, including the synchronizing information described to be synchronized for encrypting to the plurality of auxiliary safety
The module of chip;
The plurality of auxiliary safety chip, for after the information deciphering storage described to be synchronized by encryption, to institute
State main control chip and return synchronous success status code;
Described main control chip, is also included for receiving each the auxiliary safety in the plurality of auxiliary safety chip
The mould of synchronizing information success status code to be synchronized after the synchronous success status code of chip, is sent to described host computer
Block.
16. usb equipment according to claim 13 are it is characterised in that described main safety chip
Synchronization module includes encrypting sending submodule and returns submodule;
Described encryption sending submodule, for sending the information encryption to be synchronized of described main safety chip itself
To described main control chip;
Described return submodule, same for information to be synchronized is returned to described host computer by described main control chip
Step request;
Described main control chip, after instructing including the synchronizing information to be synchronized being derived from described host computer for reception,
Module by the synchronizing information described to be synchronized of encryption to the plurality of auxiliary safety chip.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510424886.7A CN106339621B (en) | 2015-07-17 | 2015-07-17 | Data processing method of USB device and USB device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510424886.7A CN106339621B (en) | 2015-07-17 | 2015-07-17 | Data processing method of USB device and USB device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106339621A true CN106339621A (en) | 2017-01-18 |
CN106339621B CN106339621B (en) | 2024-03-29 |
Family
ID=57826777
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510424886.7A Active CN106339621B (en) | 2015-07-17 | 2015-07-17 | Data processing method of USB device and USB device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106339621B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110365480A (en) * | 2019-07-19 | 2019-10-22 | 中安云科科技发展(山东)有限公司 | A kind of multi-chip cipher key synchronization method, system and encryption device |
CN114297114A (en) * | 2021-11-23 | 2022-04-08 | 北京智芯微电子科技有限公司 | Encryption card, data interaction method and device thereof, and computer readable storage medium |
CN116155491A (en) * | 2023-02-02 | 2023-05-23 | 广州万协通信息技术有限公司 | Symmetric key synchronization method of security chip and security chip device |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070168676A1 (en) * | 2006-01-13 | 2007-07-19 | International Business Machines Corporation | Methods for coordinating access to memory from at least two cryptography secure processing units |
CN101872334A (en) * | 2010-05-26 | 2010-10-27 | 北京飞天诚信科技有限公司 | Compound type usb equipment and implementation method thereof |
CN101873588A (en) * | 2010-05-27 | 2010-10-27 | 大唐微电子技术有限公司 | Method and system for realizing service application safety |
CN103544786A (en) * | 2012-07-11 | 2014-01-29 | 北京旋极信息技术股份有限公司 | Tax control disc |
CN104217327A (en) * | 2014-09-25 | 2014-12-17 | 山东中孚信息产业股份有限公司 | Financial IC (integrated circuit) card Internet terminal and trading method thereof |
CN204791020U (en) * | 2015-07-17 | 2015-11-18 | 北京握奇智能科技有限公司 | USB equipment |
-
2015
- 2015-07-17 CN CN201510424886.7A patent/CN106339621B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070168676A1 (en) * | 2006-01-13 | 2007-07-19 | International Business Machines Corporation | Methods for coordinating access to memory from at least two cryptography secure processing units |
CN101872334A (en) * | 2010-05-26 | 2010-10-27 | 北京飞天诚信科技有限公司 | Compound type usb equipment and implementation method thereof |
CN101873588A (en) * | 2010-05-27 | 2010-10-27 | 大唐微电子技术有限公司 | Method and system for realizing service application safety |
CN103544786A (en) * | 2012-07-11 | 2014-01-29 | 北京旋极信息技术股份有限公司 | Tax control disc |
CN104217327A (en) * | 2014-09-25 | 2014-12-17 | 山东中孚信息产业股份有限公司 | Financial IC (integrated circuit) card Internet terminal and trading method thereof |
CN204791020U (en) * | 2015-07-17 | 2015-11-18 | 北京握奇智能科技有限公司 | USB equipment |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110365480A (en) * | 2019-07-19 | 2019-10-22 | 中安云科科技发展(山东)有限公司 | A kind of multi-chip cipher key synchronization method, system and encryption device |
CN114297114A (en) * | 2021-11-23 | 2022-04-08 | 北京智芯微电子科技有限公司 | Encryption card, data interaction method and device thereof, and computer readable storage medium |
CN114297114B (en) * | 2021-11-23 | 2024-01-23 | 北京智芯微电子科技有限公司 | Encryption card, data interaction method and device thereof and computer readable storage medium |
CN116155491A (en) * | 2023-02-02 | 2023-05-23 | 广州万协通信息技术有限公司 | Symmetric key synchronization method of security chip and security chip device |
CN116155491B (en) * | 2023-02-02 | 2024-03-08 | 广州万协通信息技术有限公司 | Symmetric key synchronization method of security chip and security chip device |
Also Published As
Publication number | Publication date |
---|---|
CN106339621B (en) | 2024-03-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11329965B2 (en) | Method for dynamic encryption and signing, terminal, and server | |
EP3198781B1 (en) | Techniques for distributing secret shares | |
EP3289723B1 (en) | Encryption system, encryption key wallet and method | |
EP3232634B1 (en) | Identity authentication method and device | |
WO2017210145A1 (en) | Flexible provisioning of attestation keys in secure enclaves | |
CN108011716B (en) | Cipher device and implementation method | |
CN101916342A (en) | Secure mobile storage device and method for realizing secure data exchange by using same | |
CN105208005B (en) | A kind of fingerprint verification method, connection equipment and terminal device | |
CN106529308A (en) | Data encryption method and apparatus, and mobile terminal | |
CA3068145A1 (en) | Method and devices for communicating securely between devices | |
CN105653986A (en) | Micro SD card-based data protection method and device | |
CN103378971A (en) | Data encryption system and method | |
CN106339621A (en) | Data processing method for USB equipment and USB equipment | |
CN104951688A (en) | Special data encryption method and encryption card suitable for Xen virtualized environment | |
CN204791020U (en) | USB equipment | |
CN104023009A (en) | Web system license verification mechansim | |
CN105516210A (en) | System and method for terminal security access authentication | |
KR102419505B1 (en) | Method and system for authentication of a storage device | |
CN108154037B (en) | Inter-process data transmission method and device | |
CN114697113A (en) | Hardware accelerator card-based multi-party privacy calculation method, device and system | |
CN103248487A (en) | Near field communication authentication method, certificate authorization center and near field communication equipment | |
CN106487509A (en) | A kind of method for generating key and host equipment | |
EP2675105B1 (en) | Apparatus and method for providing security service | |
CN106911625A (en) | A kind of text handling method of safe input method, device and system | |
CN112821978B (en) | Clock synchronization-based unidirectional network gate circuit, method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |