CN109819018A - A kind of hot update method that realizing smart card executable file and device - Google Patents
A kind of hot update method that realizing smart card executable file and device Download PDFInfo
- Publication number
- CN109819018A CN109819018A CN201811631072.0A CN201811631072A CN109819018A CN 109819018 A CN109819018 A CN 109819018A CN 201811631072 A CN201811631072 A CN 201811631072A CN 109819018 A CN109819018 A CN 109819018A
- Authority
- CN
- China
- Prior art keywords
- executable file
- card
- application
- submodule
- host computer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The present invention discloses a kind of hot update method for realizing smart card executable file and device, this method comprises: obtaining executable file to be updated when card receives the starting heat more newer command of host computer transmission;By the system registry information in registration table corresponding to executable file to be updated, all application registry information for belonging in executable file to be updated in registration table, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;It downloads new executable file and application is reinstalled according to the system registry information of backup and all application registry information of backup by new executable file, and the backup function in the application reinstalled is called the user information in the respective application of backup to be restored in the application reinstalled.The present invention can update executable file and application to be updated, and retain using the pervious data of person, user-friendly, raising user experience.
Description
Technical field
The present invention relates to electronics field more particularly to a kind of hot update method for realizing smart card executable file and
Device.
Background technique
In the prior art, executable file refers to be carried out the file of load and execution by operating system.It is executable
There is application module in file, application module is instantiated as one or more application, applies for one and correspond to one in registration table
Application registry information, an executable file correspond to a file registry information in registration table.Using operating in intelligence
On energy card operation system, such as windows can run application.
Existing all electronic equipments (such as laptop, handheld device) all allow to carry out software upgrade process.It is soft
There are many reason of part upgrades, such as repair mistake, increase new function etc..As more and more multi-application smart card systems are set
Standby is universal, and smart card needs to customize distinctive software upgrading mechanism.Relative to privately owned software, traditional smart card system software
The function that can delete and update application is had been realized in, but will be deleted the pervious data of user in escalation process, influences to use
Family uses.
Summary of the invention
The purpose of the invention is to overcome the deficiencies of the prior art and provide a kind of heat for realizing smart card executable file
Update method and device.
The present invention provides a kind of hot update methods for realizing smart card executable file, comprising:
Step S1: when card receives the starting heat more newer command of host computer transmission, life is updated according to the starting heat
File identification in order searches executable file in registration table and saves address, saves address non-volatile according to executable file
Executable file to be updated is obtained in second memory block of memory;
Step S2: the card registers the file corresponding to the executable file to be updated in the registration table
All application registry information belonged in executable file to be updated in table information, the registration table, all applications refer to
The user information backed up is needed to backup to the first memory block of nonvolatile storage calmly, by the system registry information, described
What the specified needs of all application registry information belonged in executable file to be updated, all applications in registration table backed up
User information is deleted;
Step S3: the card downloads new executable file and is saved into the second of the nonvolatile storage and deposits
Storage area, in the executable file registration table record one correspond to new executable file registry information and will be new
The preservation address of executable file is added in the registry information;
Step S4: the card is by the new executable file according to the system registry information and backup of backup
All application registry information reinstall application, and call backup function accordingly the answering backup in the application reinstalled
User information in is restored in the application reinstalled;
Step S5: the card calls garbage reclamation function to the first memory block for being stored in the nonvolatile storage
Information is recycled.
Further, the card registers the file for corresponding to the executable file to be updated in the registration table
All application registry information belonged in the executable file to be updated in table information, the registration table, Suo Youying
The user information backed up is needed to backup to after the first memory block of nonvolatile storage with specified further include: by the acquisition
Executable file to be updated is deleted.
Further, the application registry information has a plurality of, includes by first application registration before the step S4
Table information is as current application registry information;
The step S4 replacement are as follows: the card is believed by the new executable file according to the system registry of backup
Breath and the current application registry information of backup reinstall corresponding application, and call the backup function handle in corresponding application
User information in the corresponding application of backup is restored in corresponding application;
Then include: that the card judges whether all applications are successfully recovered between step S4 and step S5, is to execute
Step S5, otherwise using next application registry information as current application registry information, return step S4.
Further, before the step S1 further include: the card establishes the exit passageway between host computer.
Further, the card establishes the exit passageway between host computer specifically:
Step A1: the card receives the host-random-number that the host computer is sent;
Step A2: the card generates the first session key and card random number, saves the card random number, pre- according to second
Algorithm is set the host-random-number and the card random number are encrypted using first session key to obtain card certification
The card authentication code is simultaneously returned to the host computer by code;
Step A3: when the card receives the host machine authentication code that the host computer is sent, described in the card use
First session key decrypts the host machine authentication code, judge to decrypt card random number that the host machine authentication code obtains whether with preservation
Card random number it is identical, be that the exit passageway between host computer is successfully established, otherwise give host computer return error message.
Further, the card in the step A2 generates the first session key, comprising: the card is according to first
Preset algorithm encrypts derived data using preset basic key to obtain the first session key;
The card authentication code is returned into the host computer in the step A2, including;By the derived data
Variable data and card authentication code return to host computer.
It further, include: when the card receives the foundation safety that the host computer is sent before the step A1
When channel command, the outer entity of card is authenticated using the exit passageway agreement of support, such as authenticates and successfully thens follow the steps A1, such as
Authentification failure then returns to error message to host computer.
Further, the user information that the specified needs of all applications back up is backuped into non-volatile memory in the step S2
First memory block of device includes: the card according to the corresponding application of executable file acquisition to be updated, each application
The respective user information backed up is needed to calculate the taken up space total size of initial data in backup information and standard according to described
Object number passes through the space size of nonvolatile storage described in application programming interface announcement card application, the card
Save the management object that the first memory block of the nonvolatile storage is returned to by the application programming interface;The card
Piece will correspond in specified the first memory block for needing the user information backed up to backup to the nonvolatile storage of each application
In the management object of each application.
Further, the step S2 includes:
Step B1: the card judges whether hot more new session has been started up, and is then to return to error message to host computer, no
Then follow the steps B2;
Step B2: the card judges whether backup operation is legal, is to then follow the steps B3, otherwise returns to host computer wrong
False information;
Step B3: the card judges whether to have downloaded and saved new executable file, is to then follow the steps B4, no
Then follow the steps B6;
Step B4: whether the new executable file saved has been downloaded in card judgement effective, is to execute
Otherwise step B5 returns to error message to host computer;
Step B5: the card judges whether the corresponding application of the new executable file has created, and is then to upper
Machine returns to error message, no to then follow the steps B6;
Step B6: the card judges power down type according to power-fail interrupt mark, and power down or Backup Data mistake does not occur such as
Cheng Fasheng power down thens follow the steps B7, and cleaning data procedures are sequentially executed if power down occurs for cleaning data procedures, execute deletion
Data procedures execute deletion data procedures if deleting data procedures and power down occurs;
Step B7: the card sequence executes Backup Data process, executes cleaning data procedures, executes and delete data mistake
Journey;
During the execution Backup Data card by corresponding in the registration table it is described it is to be updated can
Execute the system registry information of file, all applications registration belonged in executable file to be updated in the registration table
Table information, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;
In execution cleaning data procedures and execute the system registry information, Suo Youying in deletion data procedures
It is deleted with registry information, the specified user information for needing to back up of all applications.
Further, the step B2 includes: the version for the executable file to be updated that the card judgement obtains
Minimal version number, judgement needed for this number executable file version to be updated whether being less than in the hot more newer command of the starting
Whether the executable file to be updated obtained is not present static dependencies, judgement belongs to the described to be updated of acquisition and holds
Compose a piece of writing part each application whether not in any logical channel by real-time selection, being such as judgement is to then follow the steps
Otherwise B3 returns to error message to host computer.
Further, the step B4 includes: the pass of new executable file that card judgement has been downloaded and saved
Connection security domain is associated with whether security domain is consistent and judgement has been downloaded and saved with the executable file to be updated of acquisition
The application module smallest subset of new executable file whether include application all in the executable file to be updated
Module, being such as judgement is to then follow the steps B5, otherwise returns to error message to host computer.
Further, the card execution Backup Data process includes:
Step T1: whether the card checking Backup Data process occurs power down, is to then follow the steps T2, otherwise executes step
Rapid T3;
Step T2: the card recycles the user information that Backup Data power-fail interrupt occurs, and executes step T3;
Step T3: the card is called each application for belonging to the executable file to be updated by preset sequence
Function is saved to save the user information for needing to back up, and saves belonging in the system registry information and the registration table
All application registry information in executable file to be updated execute step T4;
Step T4: the card judges whether Backup Data process has exception throws, is, deletes the user's letter backed up
Breath, system registry information and application registry information, return to error message to host computer, otherwise execute cleaning data procedures.
Further, the step T2 is specifically included:
Step Y1: the card searches the management object for saving user information according to the file identification;
Step Y2: the card recycles the management object found.
Further, the step Y2 is specifically included: the card empties the management object found, calls virtual machine
Complete garbage reclamation function.
Further, the step Y2 is specifically included: being traversed the subdomain object under the management object found, will be found
Management object and the management object that finds under subdomain object recycled.
Further, the execution cleaning data procedures include:
Step P1: whether the card checking scale removal process occurs power down, is to then follow the steps P2, no to then follow the steps
P3;
Step P2: the card restarts the application of cleaning data outage to call cleaning function, executes step P3;
Step P3: the card belongs to the every of the executable file to be updated using typographical sequences calling by preset
The cleaning function of a application come promote application deletion, execute step P4;
Step P4: the card judges whether there is exception throws in scale removal process, is to delete current executable file pair
The user information backed up, system registry information and the application registry information answered return to error message to host computer, otherwise
It executes and deletes data procedures.
Further, the execution deletion data procedures include:
Step W1: the card deletes the system registry information for corresponding to the executable file to be updated, application
Registry information, user information;
Step W2: whether the card, which judges to update option to be set as retaining executable file to be updated, does not delete,
It is to then follow the steps W3, otherwise deletes the executable file to be updated, executes step W3;
Step W3: the card judges whether deletion process has exception throws, is, it is corresponding to delete current executable file
Backup information, the application of the executable file to be updated will be belonged to according to the cleaning function for executing cleaning data procedures
Become unknown state, returns to error message to host computer, it is no to then follow the steps W4;
Step W4: the executable file version that the card waits for downloads new, and return success to host computer.
Further, the step S3 includes:
Step C1: the instruction that the host computer to be received such as described card issues executes step when receiving and preparing installation order
Rapid C2 executes step C5 when receiving download command;
Step C2: the card judges whether to get out download new executable file, is to then follow the steps C3, otherwise holds
Row step C4;
Step C3: whether the new executable file to be downloaded of card judgement includes the executable text to be updated
Part is, for the second memory block of the new executable file application nonvolatile storage to be downloaded, to give the host computer
It returns success, otherwise download other executable files and returns to downloading result information to the host computer;
Step C4: whether the new executable file to be downloaded described in the card judgement includes executable text to be updated
Part is then to return to error message to host computer, otherwise downloads other executable files and returns to downloading result information to host computer;
Step C5: the downloading file data blocks parsing composition that the card sends the multiple APDU instructions of host computer point can
It executes file and is saved in the second memory block of nonvolatile storage, judge whether downloading process normally completes, be, execute
Otherwise step C6 returns to error message to host computer;
Step C6: the card judge current download package mark code whether be new executable file mark code and judgement
Whether hot more new session has been started up, and being such as judgement is to then follow the steps C7, otherwise by the second storage of nonvolatile storage
The information in area is recycled, and returns to error message to host computer;
Step C7: the card judges whether the mode of recovery process is to restore automatically, is then in the executable file
The registry information an of correspondence and new executable file and the preservation address by new executable file are recorded in registration table
It is added in the registry information, executes step S4, is otherwise return success to the host computer.
Further, the step S4 includes:
Step D0: the standard when the card, which receives heat, updates recovery executable file order, before checking recovery process
Whether standby process is completed, and is to then follow the steps D1, otherwise returns to error message to host computer;
Step D1: the card judges whether heat update recovery operation is legal, is to then follow the steps D2, otherwise gives host computer
Return to error message;
Step D2: whether the card checking occurs power down, and power down does not such as occur or card reinstalls new opplication process
Power down occurs and thens follow the steps D3, power down such as occurs using backed up in synchronization data procedures and thens follow the steps D4, such as application merges number
Power down occurs according to process and thens follow the steps D7;
Step D3: the card passes sequentially through the new executable file according to downloading order and infuses according to the file of backup
Volume table information and each application registry information of backup reinstall each application, and judge whether to install successfully, are
D4 is thened follow the steps, otherwise returns to error message to host computer;
Step D4: the card calls the backup function in the application each reinstalled will be standby in order by security domain
The user information of the respective application of part is restored in the respective application reinstalled;
Step D5: the card judges whether all applications successfully restore, and is to then follow the steps D7, no to then follow the steps
D6;
Step D6: the card calls garbage reclamation function to clear up all temporary variables and data cached, returns to host computer
Return error message;
Step D7: the card calls the pooled function for the application each reinstalled by security domain in order;
Step D8: the card judges whether the pooled function for successfully calling all applications reinstalled, and is then to institute
Host computer is stated to return success, it is no to then follow the steps D9;
Step D9: the card deletes the application reinstalled and corresponding new executable file.
Further, described to check whether the preparation process before recovery process is completed to include: to judge whether backup procedure is complete
At and new executable file whether download completion, be that the preparation process before recovery process is completed, otherwise before recovery process
Preparation process do not complete.
Further, the step D1 includes: whether the card judges the version number of new executable file than to more
Whether the version number of new executable file is high and judge in executable file to be updated to include static dependencies, such as judges equal
To be to then follow the steps D2, error message otherwise is returned to host computer.
Further, the step S2 to have exception throws between the step S4 and the card give host computer return
After error message, carry out abandoning hot more new session behaviour when the card receives the order of the host computer transmission again
Make.
Further, described abandon hot more new session operation and include:
Step E1: the card judges whether to preserve executable file to be updated, is to then follow the steps E3, otherwise holds
Row step E2;
Step E2: the card downloads executable file to be updated, when receiving recovery order and on having restored
Step E3 is executed after primary new executable file;
Step E3: the card belongs to executable file to be updated according to the executable file recovery to be updated
All user informations of all application registry information and backup execute step E4;
Step E4: the card recycles Useless object, clears up the information backed up in hot renewal process, and give
The host computer is return success.
Invention further provides a kind of hot updating devices for realizing smart card executable file, comprising:
First receiving module, for receiving the starting heat more newer command of host computer transmission;
First obtains module, the files-designated in the hot more newer command of the starting for being received according to first receiving module
Know and search executable file preservation address in registration table, address is saved the second of nonvolatile storage according to executable file
Executable file to be updated is obtained in memory block;
Backup removing module, for infusing the file corresponding to the executable file to be updated in the registration table
Volume table information, all application registry information belonged in executable file to be updated in the registration table, all applications
Specified the first memory block for needing the user information backed up to backup to nonvolatile storage;By the system registry information, institute
State all application registry information belonged in executable file to be updated in registration table, all applications specify and need to back up
User information delete;
Preserving module is downloaded, for downloading new executable file and being saved into the second of the nonvolatile storage
Memory block, records the registry information of a correspondence and new executable file and will be new in the executable file registration table
The preservation address of executable file be added in the registry information;
Install recovery module, for by the new executable file according to the system registry information of backup and backup
All application registry information reinstall application, and call the backup function in the application reinstalled the corresponding of backup
User information in is restored in the application reinstalled;
First recycling module, for calling garbage reclamation function pair after the installation recovery module successfully installs recovery
The information for being stored in the first memory block of the nonvolatile storage is recycled.
Further, described device further includes the second removing module, in first backup module backup completion
The executable file to be updated that module obtains is obtained by described first afterwards to delete.
Further, the application registry information has a plurality of, and described device further includes that the first conduct module and first is sentenced
Disconnected module;
Described first is used as module, for using first application registry information as current application registry information;
The installation recovery module is specifically used for believing by the new executable file according to the system registry of backup
Breath and the current application registry information of backup reinstall corresponding application, and call the backup function handle in corresponding application
User information in the corresponding application of backup is restored in corresponding application;
The first judgment module is to trigger first recycling for judging whether all applications are successfully recovered
Module triggers the installation recovery module otherwise using next application registry information as current application registry information.
Further, described device further include: channel module is established, it is logical for establishing the safety between card and host computer
Road;
First receiving module is specifically used for waiting and receiving in described establish after channel module is successfully established exit passageway
The starting heat more newer command that host computer is sent.
Further, the channel module of establishing includes:
First receiving submodule, the host-random-number and host machine authentication code sent for receiving the host computer;
First generates submodule, for generating the first session key and card random number;
First saves submodule, the card random number received for saving first receiving submodule;
First encryption submodule, for being received using first session key to described first according to the second Predistribution Algorithm
The card random number of host-random-number and generation that module receives is encrypted to obtain card authentication code;
First sending submodule, the card authentication code for obtaining the generation encryption submodule return to described upper
Machine;
Judging submodule is encrypted, for using described first to generate the first session key decryption described that submodule generates
The host machine authentication code that one receiving submodule receives, judge to decrypt card random number that the host machine authentication code obtains whether with it is described
The card random number that first preservation submodule saves is identical, is that the exit passageway between host computer is successfully established, otherwise to upper
Position machine returns to error message.
Further, described first submodule is generated specifically for using preset basic key according to the first preset algorithm
Derived data is encrypted to obtain the first session key;Generate card random number;
First sending submodule is specifically used for returning to the variable data of the derived data and card authentication code
Host computer.
Further, described to establish channel module further include: authentication sub module receives the host computer transmission for working as
When establishing exit passageway order, the outer entity of card is authenticated using the exit passageway agreement of support, is touched if authenticating successfully
It sends out the first receiving submodule described, gives host computer to return to error message if authentification failure.
Further, the backup removing module is used to backup to the user information that the specified needs of all applications back up non-
First memory block of volatile memory includes: to obtain corresponding application, each application according to the executable file to be updated
The respective user information backed up is needed to calculate the taken up space total size of initial data in backup information and standard according to described
Object number passes through the space size of nonvolatile storage described in application programming interface announcement card application, the card
Save the management object that the first memory block of the nonvolatile storage is returned to by the application programming interface;It will be each
It is backuped to using the user information that specified needs back up and corresponds to each application in the first memory block of the nonvolatile storage
Management object in.
Further, the backup removing module includes:
Second judgment submodule is then to return to mistake letter to host computer for judging whether hot more new session has been started up
Otherwise breath triggers third judging submodule;
The third judging submodule is then to trigger the 4th judging submodule for judging whether backup operation is legal, no
Then error message is returned to host computer;
4th judging submodule has been downloaded and has been saved new executable file for judging whether, has been to trigger
Otherwise 5th judging submodule triggers the 7th judging submodule;
5th judging submodule, it is whether effective for judging to have downloaded the new executable file saved,
It is then to trigger the 6th judging submodule, otherwise host computer is given to return to error message;
6th judging submodule, for judge the new executable file it is corresponding application whether created, be
Error message then is returned to host computer, otherwise triggers the 7th judging submodule;
For judging power down type according to power-fail interrupt mark power down or standby does not occur for the 7th judging submodule such as
Part data procedures occur power down and then successively trigger Backup Data submodule, cleaning data submodule and delete data submodule, such as
Clearing up data procedures generation power down, then successively triggering clears up data submodule and deletes data submodule, sends out as deleted data procedures
Raw power down, which then triggers, deletes data submodule;
Backup Data submodule, for executing Backup Data process;
Data submodule is cleared up, for executing cleaning data procedures;
Data submodule is deleted, deletes data procedures for executing;
Backup Data submodule is for executing Backup Data process, comprising: for will correspond to institute in the registration table
State the system registry information of executable file to be updated, belonging in executable file to be updated in the registration table
All application registry information, specified the first storage for needing the user information backed up to backup to nonvolatile storage of all applications
Area;
The cleaning data submodule is for executing cleaning data procedures, the deletion data submodule for executing deletion
Data procedures, comprising: by the institute belonged in executable file to be updated in the system registry information, the registration table
There is the specified user information for needing to back up of application registry information, all applications to delete.
Further, the third judging submodule is specifically used for the executable file to be updated that judgement obtains
Minimal version number needed for whether version number is less than the executable file version to be updated started in hot more newer command is sentenced
Whether the disconnected executable file to be updated obtained is not present static dependencies, judgement belong to acquisition it is described it is to be updated can
Execute file each application whether not in any logical channel by real-time selection, trigger the 4th if judgement is to be
Otherwise judging submodule returns to error message to host computer.
Further, the new executable file that the 5th judging submodule has been downloaded and saved specifically for judgement
Association security domain is associated with whether security domain is consistent and judgement has been downloaded and protected with the executable file to be updated of acquisition
Whether the application module smallest subset for the new executable file deposited includes all in the executable file to be updated answer
With module, the 6th judging submodule is triggered if judgement is to be, otherwise returns to error message to host computer.
Further, the Backup Data submodule includes:
First inspection unit is to trigger the first recovery unit for checking whether Backup Data process occurs power down, no
Then trigger the first storage unit;
First recovery unit, for being recycled to the user information that Backup Data power-fail interrupt occurs, triggering the
One storage unit;
First storage unit, for belonging to each of the executable file to be updated by preset sequence calling
The preservation function of application needs the user information that backs up to save, and saves in the system registry information and the registration table
All application registry information belonged in executable file to be updated, trigger the first judging unit;
First judging unit is then deleted and has been backed up for judging whether Backup Data process has exception throws
User information, system registry information and application registry information return to error message to host computer, otherwise trigger the cleaning
Data submodule.
Further, first recovery unit includes:
First searches subelement, for searching the management object for saving user information according to the file identification;
First recycling subelement, the management object for finding to the first lookup subelement recycle.
Further, the management object that the first recycling subelement is specifically used for find empties, and calls virtual machine
Complete garbage reclamation function.
Further, the first recycling subelement is specifically used for the subdomain object under the management object that traversal is found,
Subdomain object under the management object found and the management object found is recycled.
Further, the cleaning data submodule includes:
Second inspection unit is to trigger the first call unit, otherwise touch for checking whether scale removal process occurs power down
Send out the second call unit;
First call unit restarts to call cleaning function, triggering for the application to cleaning data outage
Two call units;
Second call unit, for belonging to the executable text to be updated using typographical sequences calling by preset
The cleaning function of each application of part come promote application deletion, trigger second judgment unit;
Second judgment unit is to delete current executable file for judging whether there is exception throws in scale removal process
The corresponding user information backed up, system registry information and application registry information return to error message to host computer, no
Then trigger the deletion data submodule.
Further, the deletion data submodule includes:
First deletes unit, for deleting the system registry information corresponding to the executable file to be updated, answering
With registry information, user information;
Unit is deleted in judgement, is not deleted for judge whether update option is set as retaining executable file to be updated
It removes, is, trigger third judging unit, otherwise delete the executable file to be updated, trigger third judging unit;
The third judging unit is then to delete current executable text for judging whether deletion process has exception throws
The information of the corresponding backup of part will belong to the executable file to be updated according to the cleaning function for executing cleaning data procedures
Application become unknown state, give host computer return error message, otherwise triggering wait return unit;
The waiting return unit, the executable file version for waiting for downloads new, and return to host computer and successfully believe
Breath.
Further, the downloading preserving module includes:
Second receiving submodule, for receiving the preparation installation order and download command that host computer issues;
8th judging submodule, for judging whether standard when second receiving module receives preparation installation order
It gets ready and downloads new executable file, be then to trigger the 9th judging submodule, otherwise trigger the tenth judging submodule;
9th judging submodule, for judging whether the new executable file to be downloaded includes described to be updated
Executable file is, for the second memory block of the new executable file application nonvolatile storage to be downloaded, to give institute
It states host computer to return success, otherwise download other executable files and returns to downloading result information to the host computer;
Tenth judging submodule, for judging whether the new executable file to be downloaded includes to be updated
Executable file is then to return to error message to host computer, otherwise downloads other executable files and return to host computer and download
Result information;
Judging submodule is saved, for host computer being divided multiple when second receiving module receives download command
The downloading file data blocks parsing that APDU instruction is sent, which forms executable file and is saved in the second of nonvolatile storage, deposits
In storage area, judge whether downloading process normally completes, be, triggers judgement recycling submodule, otherwise return to mistake letter to host computer
Breath;
Submodule is recycled in the judgement, for judge current download package mark code whether be new executable file mark
Code simultaneously judges whether hot more new session has been started up, and if judgement is to be, triggers judgement addition submodule, otherwise will be non-volatile
The information of second memory block of memory is recycled, and returns to error message to host computer;
Submodule is added in the judgement, judges whether the mode of recovery process is to restore automatically, is then in institute for card
State the registry information that correspondence and new executable file are recorded in executable file registration table and by new executable text
The preservation address of part is added in the registry information, triggers the installation recovery module, otherwise returns to the host computer
Successful information.
Further, the installation recovery module includes:
Third receiving submodule restores executable file order for receiving heat and updating;
First checks submodule, for restoring executable file order when the third receiving submodule receives heat and updates
When, whether the preparation process before checking recovery process is completed, and is then to trigger the 11st judging submodule, otherwise host computer is given to return
Error message;
11st judging submodule is that then triggering second checks for judging whether heat update recovery operation is legal
Otherwise submodule returns to error message to host computer;
Described second checks submodule, for checking whether generation power down, power down does not such as occur or card is reinstalled newly
Application process occurs power down and then triggers installation judging submodule, triggers installation if power down occurs using backed up in synchronization data procedures
Restore submodule, triggers the first calling submodule if power down occurs using merging data process;
The installation judging submodule, for passing sequentially through the new executable file according to backup according to downloading order
System registry information and each application registry information of backup reinstall each application, and judge whether to install
Success is to trigger installation to restore submodule, otherwise returns to error message to host computer;
The installation restores submodule, for calling the backup in the application each reinstalled in order by security domain
The user information of the respective application of backup is restored in the respective application reinstalled by function;
12nd judging submodule is that then submodule is called in triggering first for judging whether all applications successfully restore
Block, otherwise triggering, which is called, returns to submodule;
The calling returns to submodule, for calling garbage reclamation function to clear up all temporary variables and data cached, gives
Host computer returns to error message;
Described first calls submodule, for calling the merging letter for the application each reinstalled in order by security domain
Number;
13rd judging submodule, the pooled function for judging whether successfully to call all applications reinstalled are
It is then return success to the host computer, otherwise triggers first and delete submodule;
Described first deletes submodule, for deleting the application reinstalled and corresponding new executable file.
Further, it is described first inspection submodule be specifically used for when the third receiving submodule receive heat update it is extensive
When multiple executable file order, judge whether backup procedure is completed and whether new executable file downloads completion, such as judges equal
To be then to trigger the 11st judging submodule, error message otherwise is returned to host computer.
Further, the 11st judging submodule is specifically used for judging whether the version number of new executable file compares
Whether the version number of executable file to be updated is high and judge in executable file to be updated to include static dependencies, such as sentences
It is disconnected be that then triggering second checks submodule, otherwise host computer is given to return to error message.
Further, described device further includes abandoning module, for having exception throws and returning to mistake letter to host computer
After breath, carry out abandoning hot more new session behaviour when first receiving module receives the order of the host computer transmission again
Make.
Further, the module of abandoning includes:
14th judging submodule preserves executable file to be updated for judging whether, is to trigger recovery
Module, otherwise submodule is downloaded in triggering;
The downloading submodule when receiving recovery order and is restoring for downloading executable file to be updated
It is triggered after last new executable file and restores submodule;
The recovery submodule, for belonging to executable text to be updated according to the executable file recovery to be updated
All application registry information of part and all user informations of backup execute step E4;
Backup submodule is recycled, for being recycled to Useless object, the information that cleaning is backed up in hot renewal process,
And it is return success to the host computer.
Compared with prior art, the present invention having the advantage that
Technical solution of the present invention can not only update executable file and application to be updated, but also can also retain using making
The pervious data of user, it is user-friendly, improve user experience.
Detailed description of the invention
Fig. 1 is a kind of hot update method flow chart for realizing smart card executable file that the embodiment of the present invention one provides;
Fig. 2 is a kind of hot update method flow chart for realizing smart card executable file provided by Embodiment 2 of the present invention;
Fig. 3 is a kind of realization process flow diagram flow chart of step 101 of the embodiment of the present invention;
Fig. 4 is a kind of realization process flow diagram flow chart of step 102 of the embodiment of the present invention;
Fig. 5 is a kind of realization process flow diagram flow chart of step 103 of the embodiment of the present invention;
Fig. 6 is a kind of realization process flow diagram flow chart of step 104 of the embodiment of the present invention;
Fig. 7 is a kind of realization process flow diagram flow chart for abandoning hot more new session of the embodiment of the present invention;
Fig. 8 is a kind of hot updating device block diagram for realizing smart card executable file that the embodiment of the present invention three provides.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, those skilled in the art's every other implementation obtained without making creative work
Example, shall fall within the protection scope of the present invention.
Heat in the present embodiment, which updates, refers to that (fresh code needs to be compatible with old generation by the new code of downloading installation when update
Code), and in application to be updated before user information can preserve not and influence user's use habit, and when updating application
It will not influence the use of other application.New executable file in this renewal process just become during next update to
The executable file of update.
Embodiment one
The embodiment of the present invention one provides a kind of hot update method for realizing smart card executable file, as shown in Figure 1, packet
It includes:
Step S1: when card receives the starting heat more newer command of host computer transmission, according in the hot more newer command of starting
File identification searched in registration table executable file save address, according to executable file save address in non-volatile memory
Executable file to be updated is obtained in second memory block of device;
In the present embodiment, there is one or more application module in executable file, an application module can be instantiated as
One application or the application of multiple and different file identifications apply for one and correspond to an application registry information in registration table,
One executable file corresponds to a file registry information in registration table;One application turns to a use by individual
Family, i.e., the corresponding user information of one application;
Optionally, in the present embodiment, before step S1 further include: card establishes the exit passageway between host computer;
Specifically:
Step P1: card receives the host-random-number that host computer is sent;
Specifically, including: in the present embodiment, before step P1 when the foundation sent on card using host computer is received
When exit passageway order, the outer entity of card is authenticated using the exit passageway agreement of support, card is established if authenticating successfully
Exit passageway between host computer returns to error message to host computer if authentification failure, terminates;
Step P2: card generates the first session key and card random number, and conserving card random number makes according to the second Predistribution Algorithm
Host-random-number and card random number are encrypted to obtain card authentication code with the first session key and returned to card authentication code
To host computer;
Optionally, in the present embodiment, card generates the first session key, comprising: card makes according to the first preset algorithm
Derived data is encrypted with preset basic key to obtain the first session key;Card authentication code is returned into host computer,
Including;The variable data of derived data is returned into host computer together with card authentication code;
Step P3: when card receives the host machine authentication code of host computer transmission, card is decrypted using the first session key
Host machine authentication code, judge to decrypt the obtained card random number of host machine authentication code it is whether identical as the card random number of preservation, be then with it is upper
Exit passageway between the machine of position is successfully established, and otherwise returns to error message to host computer;
Step S2: card is by the system registry information in registration table corresponding to executable file to be updated, registration
The specified user for needing to back up of all application registry information belonged in executable file to be updated, all applications in table
Information back-up is to the first memory block of NVM (Non-volatile memory, nonvolatile storage);By system registry information,
What the specified needs of all application registry information belonged in executable file to be updated, all applications in registration table backed up
User information is deleted;
In the present embodiment, before step S2 further include: card saves corresponding by the executable file to be updated
The application of creation, and delete this application in the registration table of executable file to be updated, using backup user as needed
Information calculates initial data in backup information and takes up space total size and standard object number, and then by API, (application program is compiled
Journey interface) announcement card application NVM space size, card save the API return NVM the first memory block management pair
As card is by creation using the first memory block for needing the user information backed up to backup to nonvolatile storage in step s 2
In correspond to each application management object in;When executable file to be updated corresponds to multiple in application, each application is corresponding
In a management object;In step s 2 card by the registry information of executable file to be updated, can by be updated
The registry information for executing the application of the corresponding creation of file backups in the first memory block of nonvolatile storage;
Specifically, in the present embodiment, the card of step S2 will correspond to executable file to be updated in registration table
All application registry information belonged in executable file to be updated in system registry information, registration table, Suo Youying
Need the user information that backs up to backup to after the first memory block of nonvolatile storage with specified further include: will acquire to more
New executable file is deleted;
Step S3: card downloads new executable file and is saved into the second memory block of nonvolatile storage,
One is recorded in executable file registration table corresponds to the registry information of new executable file and by new executable file
Preservation address be added in registry information;
Step S4: card is by new executable file according to the system registry information of backup and all applications of backup
Registry information reinstalls application, and calls the backup function in the application reinstalled the use in the respective application of backup
Family Information recovering is into the application reinstalled;
Optionally, as in the present embodiment, all application modules in executable file to be updated are instantiated as multiple answer
With step S4 includes by first application as current application before;
Step S4 replacement are as follows: card is by new executable file according to the system registry information of backup and working as backup
The application registry information of preceding application reinstalls application, and calls the backup function of current application in the current application of backup
User information be restored in current application;
Then include: that card judges whether all applications are successfully recovered between step S4 and step S5, is to then follow the steps
S5, otherwise using next application as current application, return step S4;
Step S5: card calls garbage reclamation function to carry out the information for the first memory block for being stored in nonvolatile storage
Recycling.
In the present embodiment, the executable file to be updated of acquisition can be deleted and can not be deleted, and be needed if deleting in card
Piece is held affiliated to be updated in the system registry information for corresponding to executable file to be updated in registration table, registration table
The user information that all application registry information of part, the specified needs of all applications back up of composing a piece of writing backups to nonvolatile storage
It is carried out after first memory block.
In the present embodiment, as power down occurs upon step s 2, then card by the system registry information backed up in S2,
What the specified needs of all application registry information belonged in executable file to be updated, all applications in registration table backed up
User information reverts in former memory block, facilitates in hot renewal process next time and carries out backup operation.
Embodiment two
Second embodiment of the present invention provides a kind of hot update method for realizing smart card executable file, multi-application smart card systems
System application heat update is by backing up old executable load document version (old ELF version) and its associated application, so
It updates new executable load document version (new ELF version) again afterwards and restores old associated application to realize, such as
Shown in Fig. 2, the present embodiment method includes:
Step 101: card establishes the exit passageway between host computer;
Specifically, in the present embodiment, the realization process of step 101 is as shown in Figure 3, comprising:
Step a1: when establishing exit passageway order of host computer transmission is received when applying on card, uses the peace of support
Full tunnel agreement authenticates the outer entity of card, returns to entity authentication successful information to host computer if authenticating successfully, executes step
Rapid A2 returns to error message to host computer if authentification failure;
Optionally, error message is returned to return to error message to host computer to host computer in the present embodiment, terminate:
For example, the exit passageway order of establishing in the present embodiment is 84 82 00 00 10 14 53 2A, 38 8B FC
39 D6 B6 E5 C0 D5 DF 69 1E 5;It is 69 82 to the error message that host computer returns;
Step a2: host computer generates and saves host-random-number, sends host-random-number to card;
Step a3: card receiving host random number generates the first session key and card random number, conserving card random number, root
Host-random-number and card random number are encrypted to obtain card authentication code simultaneously using the first session key according to the second Predistribution Algorithm
Card authentication code is returned into host computer;
Specifically, being encrypted using the first session key to host-random-number and card random number according to the second Predistribution Algorithm
Before obtaining card authentication code further include: card generates the first session key, comprising: card uses pre- according to the first preset algorithm
The basic key set encrypts derived data to obtain the first session key;
Correspondingly, card authentication code is returned into host computer, including;By the variable data of derived data and card authentication code
Host computer is returned to together;
Step a4: host computer generates the second session key and decrypts card authentication code using the second session key, judges to solve
Whether the host-random-number that close card authentication code obtains is identical as the host-random-number of preservation, is such as judged as YES and thens follow the steps
a5;Otherwise error message is returned to host computer;
Step a5: the card that host computer obtains decryption card authentication code using the second session key according to the second Predistribution Algorithm
Random number and host-random-number are encrypted to obtain host machine authentication code, and host machine authentication code is sent to card;
Step a6: when card receives the host machine authentication code of host computer transmission, host is decrypted using the first session key
Authentication code, judge to decrypt the obtained card random number of host machine authentication code it is whether identical as the card random number of preservation, be then card with it is upper
Exit passageway between the machine of position is successfully established, and otherwise returns to error message to host computer;
Specifically, host computer generates the second session key, comprising: host computer is generated according to the variable data received to be derived from
Data encrypt derived data using preset basic key according to the first preset algorithm to obtain the second session key;
For example, the channel successful information of establishing that card is returned to host computer is 9000;
Step 102: when card receives the starting heat more newer command of host computer transmission, according in the hot more newer command of starting
File identification searched in registration table executable file save address, according to executable file save address in non-volatile memory
Executable file to be updated is obtained in second memory block of device, and backs up the relevant information of executable file to be updated, so
The initial data of relevant information is deleted afterwards;
Specifically, having application module in executable file to be updated in the present embodiment, application module is instantiated as more
A application applies for one and corresponds to an application registry information (application registry letter i.e. in the present embodiment in registration table
Breath has a plurality of), an executable file corresponds to a file registry information in registration table, and an application corresponds to one
User information;
In the present embodiment, the relevant information for backing up executable file to be updated includes: card by pair in registration table
It should the institute belonged in executable file to be updated in the system registry information of executable file to be updated, registration table
There is specified the first storage for needing the user information backed up to backup to nonvolatile storage of application registry information, all applications
Area;The initial data for deleting relevant information includes: the system registry corresponding to executable file to be updated in registration table
All application registry information belonged in executable file to be updated, all applications in information, registration table specify needs
The user information of backup is deleted;
Preferably, by specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications
It include: card according to the corresponding application of executable file acquisition to be updated, it is each to apply the respective use backed up as needed
Family information calculates the taken up space total size of initial data in backup information and standard object number, is connect by application programming
The space size of mouth announcement card application nonvolatile storage, smart card system is returned non-volatile by application programming interface
The management object of first memory block of memory is to card;Card backups to the user information that the specified needs of each application back up
Corresponding in the management object of each application in first memory block of nonvolatile storage;
In the present embodiment, as shown in figure 4, step 102 specifically includes:
Step B0: when card receives the starting heat more newer command of host computer transmission, according in the hot more newer command of starting
File identification searched in registration table executable file save address, according to executable file save address in non-volatile memory
Executable file to be updated is obtained in second memory block of device;
For example, the starting heat more newer command in the present embodiment are as follows: 80 EA, 01 00 1F A1,12 4F 09 11 22 33
44 55 66 77 88 00 4F 09 11 22 33 44 55 66 77 88 01 80 01 80 81 02 01 00;Wherein
File identification is 11 22 33 44 55 66 77 88 00;
Step B1: card judges whether hot more new session has been started up, and is then to return to error message to host computer, otherwise holds
Row step B2;
For example, card is 6985 to the error message that host computer returns;
Step B2: card judges whether backup operation is legal, is to then follow the steps B3, otherwise returns to mistake letter to host computer
Breath;
Specifically, in the present embodiment, step B2 includes: the version for the executable file to be updated that card judgement obtains
Number whether it is less than minimal version number needed for starting the executable file version to be updated in hot more newer command, judgement obtains
Executable file to be updated whether be not present static dependencies, judgement belong to acquisition executable file to be updated each
Whether using not in any logical channel by real-time selection, being such as judgement is to then follow the steps B3, otherwise gives host computer
Return to error message;
For example, card is 6985 or 6401 to the error message that host computer returns, indicate to be updated if returning to 6401
Minimal version number needed for the version number of executable file is higher than the old executable file version in hot more newer command, such as returns
6985 indicate that other conditions are unsatisfactory for;
Step B3: card judges whether to have downloaded and saved new executable file, is to then follow the steps B4, otherwise holds
Row step B6;
In the present embodiment, it when the file identification of executable file as usual and new executable file is different, is updated in heat
It will be in new loading of executed file to card (i.e. before receiving heat and updating start command) before session initiation;
Step B4: whether the new executable file that preservation has been downloaded in card judgement is effective, is to then follow the steps B5, otherwise
Error message is returned to host computer;
Specifically, in the present embodiment, step B4 includes: that card judges the new executable file downloaded and saved
Association security domain and the executable file to be updated of acquisition whether be associated with security domain consistent and judge to have downloaded and save
Whether the application module smallest subset of new executable file includes application module all in executable file to be updated, such as
Judgement be to then follow the steps B5, otherwise give host computer return error message;
For example, card is 6985 or 6400 to the error message that host computer returns, unknown execution is indicated if returning to 6400
Condition indicates that condition is unsatisfactory for if returning to 6985;
Step B5: card judges whether the corresponding application example of new executable file has created, and is returned to host computer
Error message is returned, it is no to then follow the steps B6;
For example, card is 6985 or 6400 to the error message that host computer returns, unknown execution is indicated if returning to 6400
Condition indicates that condition is unsatisfactory for if returning to 6985;
Step B6: card judges power down type according to power-fail interrupt mark, and power down or Backup Data process hair does not occur such as
Raw power down thens follow the steps B7, and cleaning data procedures are sequentially executed if power down occurs for cleaning data procedures, executes and deletes data
Process executes deletion data procedures if deleting data procedures and power down occurs;
Specifically, in the present embodiment, when card will when starting Backup Data or cleaning data or deletion data operation
Corresponding power-fail interrupt identifies set, power down such as occurs in Backup Data or cleaning data or deletion data procedures, then again
It powers on rear card and detects that power-fail interrupt mark re-executes respective operations;Such as Backup Data or cleaning data delete data mistake
Do not occur to identify corresponding power-fail interrupt after the completion of power down then executes in journey and reset;Or it in Backup Data or cleaning data or deletes
The power down generation step is then jumped directly to except power down occurs in process operation data, it, then will be corresponding after having executed the step
Power-fail interrupt identifies set;It also needs to record currently performed application identities if power down occurs during Backup Data;
Step B7: card sequence executes Backup Data process, executes cleaning data procedures, executes and delete data procedures;
Specifically, in the present embodiment, card is to be updated by corresponding in registration table during executing Backup Data
The system registry information of executable file, all applications registration belonged in executable file to be updated in registration table
Table information, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;It is clear executing
Reason data procedures and execution, which are deleted, refers to system registry information, all application registry information, all applications in data procedures
The user information backed up is needed to delete calmly;
In the present embodiment, card execution Backup Data process includes:
Step T1: whether card checking Backup Data process occurs power down, is to then follow the steps T2, no to then follow the steps
T3;
Specifically, in the present embodiment, step T1 specifically: card judges that power down identifies whether set, is, falls
Otherwise power down does not occur for electricity;
Step T2: card recycles the user information that Backup Data power-fail interrupt occurs, and executes step T3;
For example, in the present embodiment, as power down occurs, (i.e. the application backed up when power down is needed during Backup Data
The data to be backed up have had backed up a part in card), it needs first when backing up the application next time again the application function
The data backed up are recycled;
The recycling that carries out in the present embodiment specifically includes:
Step Y1: card searches the management object for saving user information according to file identification;
Step Y2: card recycles the management object found;
Optionally, to management object recycle can there are many mode, such as: object will be managed and emptied, then directly
Call the complete garbage reclamation function of virtual machine;It can certainly be recycled for the management object, method is that traversal is searched
Subdomain object under the management object arrived carries out the subdomain object under the management object found and the management object found
Recycling;
Wherein, label can be deleted by stamping when carrying out recycling beginning to data to all objects;What lookup cannot delete
Object (such as system object, static object etc.) simultaneously removes the deletion of the object that cannot be deleted found label;It will be all
It includes: that all objects of traversal are found without the object for deleting label that management object and subdomain object, which carry out recycling, and further traversal is looked for
All subobjects under the object without deletion label arrived, and remove the deletion label of all subobjects;It deletes to have and deletes label
Object, and carry out defragmentation;
Step T3: card is called the onSave () for belonging to each application of executable file to be updated by preset sequence
Function (save function) saves the user information for needing to back up, and saves question paper registry information and application registry letter
Breath executes step T4;
Specifically, step T3 includes: that card is called in executable file to be updated often as preset using typographical sequences
The backup function of a application needs the application data that back up to save, and saves executable file and its application correlation to be updated
Registry data.It applies to construct to map by calling the specific API of virtual machine in the backup function and correspond to using standby
The instance objects of part data, can directly pass through original data type the instance objects interface using person and be written,
For object, standard object directly gets up fiducial value backup, can repeat previous step for custom object and construct one
New mappings object, and the fiducial value of the new mappings object is backuped in previous mapping object and is gone, can also be directly making by oneself
Adopted object resolves into initial form completely or standard object is backed up;
Optionally, as such as detected power down during step T3, then Backup Data power-fail interrupt is set and identifies and records
It is current to execute application identities;
Step T4: card judges whether Backup Data process has exception throws, is, deletes the user information backed up, text
Part registry information and application registry information return to error message to host computer, otherwise clear up data procedures;
For example, card is 6400 to the error message that host computer returns, unknown execution condition is indicated if returning to 6400, heat
Renewal process terminates;
In the present embodiment, card executes cleaning data procedures and specifically includes:
Step P1: whether card checking scale removal process occurs power down, is to then follow the steps P2, no to then follow the steps P3;
Specifically, in the present embodiment, if card detects power down, then power down mark is arranged;Correspondingly, step P1 is specific
Are as follows: judge whether that being provided with power down identifies, is to delete power down mark, executes step P2, it is no to then follow the steps P3;
Step P2: card restarts the application of cleaning data outage to call onCleanup () function (cleaning function),
Execute step P3;
Step P3: card is by the preset each application for belonging to executable file to be updated using typographical sequences calling
OnCleanup () function come promote application deletion, execute step P4;
For example, the step P3 in the present embodiment is the success for guaranteeing recycling by discharging some dynamic dependencies;By preset
The cleaning function of each application in executable file to be updated is called using typographical sequences to promote the deletion of subsequent application,
Such as: guarantee the success of recycling by discharging some dynamic dependencies;
Optionally, power-fail interrupt mark is set if there is power down during step P3;
Step P4: card judges whether there is exception throws in scale removal process, is that delete current executable file corresponding
User information, system registry information and the application registry information backed up returns to error message to host computer, otherwise executes
Next step;
For example, card is 6400 to the error message that host computer returns, unknown execution condition is indicated if returning to 6400, heat
Renewal process terminates;
In the present embodiment, card executes deletion data procedures and specifically includes:
Step W1: card deletes the system registry information for corresponding to executable file to be updated, application registry letter
Breath, user information;
Step W2: whether card, which judges to update option to be set as retaining executable file to be updated, does not delete, and is then
Step W3 is executed, executable file to be updated is otherwise deleted, executes step W3;
Optionally, as such as there is power down during step W1-W2, then entering power-fail interrupt, setting power-fail interrupt identifies,
Exit power-fail interrupt;
Step W3: card judges whether deletion process has exception throws, is, it is corresponding standby to delete current executable file
The information of part may cause according to the realization for the cleaning function for executing cleaning data procedures and belong to executable file to be updated
Application become unknown state, give host computer return error message, it is no to then follow the steps W4;
For example, card is 6400 to the error message that host computer returns, unknown execution condition is indicated if returning to 6400, heat
Renewal process terminates;
Step W4: the executable file version that card waits for downloads new, and return success to host computer.
For example, card is 00 04 A1 02 90 02 to the successful information that host computer returns;It is wherein exactly more under tagA1
New session information data, sub- tag90 indicate that update session status, 02 expression current card are in the executable file that waits for downloads
Heat updates session status;
Step 103: card downloads new executable file and is saved into the second memory block of nonvolatile storage,
One is recorded in executable file registration table corresponds to the registry information of new executable file and by new executable file
Preservation address be added in registry information;
Optionally, it may also be desirable to download the dependence library packet of new executable file in the step 103 in the present embodiment;
In the present embodiment, as shown in figure 5, step 103 specifically includes:
Step C1: the instruction that the host computer to be received such as card issues executes step C2 when receiving and preparing installation order,
Step C5 is executed when receiving download command;
For example, the preparation installation order in the present embodiment are as follows: 84 E6 02 00 16 09 11 22 33 44 55 66
77 88 00 00 00 00 00 17 96 2F 4F E3 07 07 80;Download command can be one or more: 84 E8
00 00 FF C4 82 01 CE 01 00 31 DE CA FF ED 02 02 04 00 01 09 11 22 33 44 55 66
77 88 00 1D 6F 72 67 2F 67 6C 6F 62 61 6C 70 6C 61 74 66 6F 72 6D 2F 72 61 6E
64 6F 6D 44 61 74 61 02 00 21 00 31 00 21 00 0D 00 1E 00 3A 00 1D 00 B5 00 0A
00 20 00 00 00 D8 04 CF 00 00 00 00 00 00 03 01 00 04 00 1E 03 03 01 07 A0 00
00 00 62 01 01 00 01 06 A0 00 00 01 51 07 00 01 07 A0 00 00 00 62 00 01 03 00
0D 01 09 11 22 33 44 55 66 77 88 99 00 1A 06 00 1D 00 00 01 80 03 03 00 01 07
05 00 00 00 2E 00 6E 00 75 00 97 00 9F 81 02 04 08 09 0A 0B 07 00 B5 00 02 10
18 8C 00 03 18 10 7F 88 00 18 11 01 11 89 01 18 10 0A 90 0B 87 02 7A 05 30 8F
00 04 3D 8C 00 05 18 1D 04 41 18 1D 25 8B 00 06 7A 02 21 19 8B 00 07 2D 18 8B
00 08 60 03 7A, 18 10 51 88 00 18 11 02 43 89 01 3B D2 5E 4A A5,50 A1 E0 00 and/
Or 84 E8,80 01 E3 7A, 03 10 18 67 04 01 77 04 06 04 8D, 00 09 18 84 00 8E 02 00
0A 01 18 85 01 8E 02 00 0A 02 18 83 02 8E 02 00 0A 03 77 01 10 18 8D 00 0B 77
00 10 7A 02 20 19 67 03 7A 19 8E 01 00 0A 08 18 19 8E 01 00 0A 0A 88 00 18 19
8E 01 00 0A 0B 89 01 7A 02 20 18 19 8D 00 0C 7A 02 10 AE 00 10 51 6B 09 AF 01
11 02 43 6A 08 11 6F 00 8D 00 0D 7A 08 00 0A 00 00 00 00 00 00 00 00 00 00 05
00 3A 00 0E 02 00 02 01 02 00 02 02 02 00 02 00 06 80 03 00 01 00 02 00 06 00
00 01 03 80 03 02 03 80 0A 01 03 80 03 03 06 81 03 03 01 81 00 00 06 00 00 48
06 00 00 78 06 80 07 01 09 00 20 00 0C 0B 06 07 28 06 11 08 08 25 09 0D 06 00
10 05 18 04 0A 07 05 1C 07 08 08 08 0F 07 09 0B 16 07 50 ED 43 D2 D6 0C 5D
00;
Step C2: card judges whether to get out download new executable file, is to then follow the steps C3, otherwise executes step
Rapid C4;
Step C3: card judges whether the new executable file to be downloaded includes executable file to be updated, is then
It for the new executable file application memory space to be downloaded, is return success to host computer, it is executable otherwise to download other
File simultaneously returns to downloading result information to host computer;
For example, the successful respond status code that card is returned to host computer in the present embodiment is 90 00;Other executable files
Returning to successful respond status code to host computer if downloading successfully is 90 00, returns to 6581 (tables to host computer if failed download
Show EMS memory error) or 6A84 (indicating low memory);
Step C4: card judges whether the new executable file to be downloaded includes executable file to be updated, is then
Error message is returned to host computer, otherwise download other executable files and returns to downloading result information to host computer;
For example, the error message that card is returned to host computer in the present embodiment is 6985, card to host computer return at
Function information is 90 00;
Step C5: card can hold the downloading file data blocks parsing composition that the multiple APDU instructions of host computer point send over
Style of writing part is simultaneously saved in the second memory block of nonvolatile storage, and judges whether downloading process normally completes, and is to execute
Otherwise step C6 returns to error message to host computer;
For example, the error message that card is returned to host computer in the present embodiment is 6400 or 6A84, the table if returning to 6400
Show that unknown execution condition, hot renewal process terminate, representation space is insufficient if returning to 6A84;
Step C6: card judges whether current download package mark code is the mark code of new executable file and judges heat more
Whether new session has been started up, and being such as judgement is to then follow the steps C7, otherwise by the second memory block of nonvolatile storage
Information is recycled, and host computer returns to error message;
For example, card is 6985 to the error message that host computer returns, expression condition is unsatisfactory for;
Step C7: card judges whether the mode of recovery process is to restore automatically, is then in executable file registration table
Record one corresponds to the registry information of new executable file and the preservation address of new executable file is added to note
In volume table information, step 104 is executed, is otherwise return success to host computer, waited host computer to send heat and update and restore order;
For example, the successful information that card is returned to host computer in the present embodiment is 90 00;
Step 104: card pass sequentially through new executable file according to backup system registry information and backup it is every
One application registry information reinstalls corresponding application, and successively calls the backup function in corresponding application backup
User information in corresponding application is restored in corresponding application;
Specifically, the step 104 in the present embodiment includes:
Step 104-1: card is using first application registry information as current application registry information;
Step 104-2: card by new executable file according to backup system registry information and backup it is current
Application registry information reinstalls corresponding application, and calls backup function the answering accordingly backup in corresponding application
User information in is restored in corresponding application;
Step 104-3: card judges whether all applications are successfully recovered, and is to then follow the steps 105, otherwise by next
Application registry information is as current application registry information return step 104-2;
In the present embodiment, the specific implementation process of step 104 is as shown in Figure 6, comprising:
Step D0: the preparation when card, which receives heat, updates recovery executable file order, before checking recovery process
Whether journey is completed, and is to then follow the steps D1, otherwise returns to error message to host computer;
For example, the heat in the present embodiment, which updates, restores new executable file order as 80 EA, 02 00 1C A1 08 01
02 03 04 05 06 07 08 4F 09 11 22 33 44 55 66 77 88 00 80 01 80 81 02 01 00;Card
Piece is 6985 to the error message that host computer returns;
Specifically, in the present embodiment, whether the preparation process before checking recovery process is completed to include: judgement backup procedure
Whether complete and whether new executable file downloads completion, is that the preparation process before recovery process is completed, otherwise restores
The preparation process for crossing Cheng Qian does not complete;
Step D1: card judges whether heat update recovery operation is legal, is to then follow the steps D2, otherwise host computer is given to return
Error message;
For example, card to error message for example 64 01 that host computer returns indicates executable file version in the present embodiment
, lower than compatible minimal version requirement, heat, which updates, to be terminated for this;For example 64 02 indicate that new executable file security domain is incorrect,
Heat, which updates, to be terminated;For example 64 03 indicate that new executable file lacks module, and heat updates recovery process and has been started up:
Specifically, in the present embodiment, step D1 includes: that card judges whether the version number of the executable file updated compares
Whether the version number of executable file to be updated is high and judge in executable file to be updated to include static dependencies, such as sentences
It is disconnected be that then more new session is legal, it is otherwise illegal;
Step D2: whether card checking occurs power down, and power down does not occur such as or card reinstalls the generation of new opplication process
Power down thens follow the steps D3, and power down such as occurs using backed up in synchronization data procedures and thens follow the steps D4, such as applies merging data mistake
Cheng Fasheng power down thens follow the steps D7;
Step D3: card passes sequentially through new executable file according to the system registry information of backup according to downloading order
The application of each is reinstalled with each application registry information of backup, and judges whether to install successfully, is to execute
Otherwise step D4 returns to error message to host computer;
For example, card is 64 00 to the error message that host computer returns, unknown execution mistake is indicated, heat, which updates, to be terminated;
Step D4: card calls the onRestore () function for the application each reinstalled (standby in order by security domain
Part function) user information of the respective application of backup is restored in the respective application reinstalled;
Optionally, start to continue to call application with the last one application before power down if there is power down in the process
OnRestore () function;
Step D5: card judges whether all applications successfully restore, and is to then follow the steps D7, no to then follow the steps D6;
Step D6: card calls garbage reclamation function to clear up all temporary variables and data cached, and card is returned to host computer
Return error message;
For example, card is 64 00 or 62 00 to the error message that host computer returns;
Step D7: card calls the onConsolidate () letter for the application each reinstalled by security domain in order
Number (pooled function);
Optionally, start to continue to call application with the last one application before power down if there is power down in the process
OnConsolidate () function;Specifically: card calls the merging method of each new opplication by security domain in certain sequence
(i.e. onConsolidate () function) carrys out merging data, determines whether entire recovery process normally completes;
Step D8: card judges whether the onConsolidate () function for successfully calling all new opplications reinstalled,
It is that card is return success to host computer, it is no to then follow the steps D9;
For example, card is 62 01 or 90 00 to the successful information that host computer returns;
Step D9: card deletes the application reinstalled and corresponding new executable file.
Step 105: card call garbage reclamation function to the information of the first memory block for being stored in nonvolatile storage into
Row recycling.
It in the present embodiment, can also include: to have exception throws between step 102- step 104 and card is to host computer
After returning to error message, when the order that card receives host computer transmission again carries out abandoning hot more new session operation;Such as Fig. 7
Shown, abandoning hot more new session operation includes:
Step E1: card judges whether to preserve executable file to be updated, is to then follow the steps E3, otherwise executes step
Rapid E2;
Step E2: card downloads executable file to be updated, is restoring upper primary when receiving and restoring order
Step E3 is executed after new executable file;
In the present embodiment, last new executable file is executable text to be updated in this recovery process
Part;
Step E3: card restores all applications for belonging to executable file to be updated according to executable file to be updated
All user informations of registry information and backup execute step E4;
Step E4: card recycles Useless object, clears up the information backed up in hot renewal process, and to upper
Machine is return success;
For example, card is 62 01 or 90 00 to the successful information that host computer returns;
Specifically, the recycling in the present embodiment in the step includes: to delete unwanted object (i.e. all backup numbers
According to) and recycle its space used.
The method of the present embodiment is realized under the java card runtime environment context of application program, and information quilt is not present
The problem of other application is stolen.
In hot renewal process (the heat update backup procedure, the more newly downloaded new executable file process of heat and heat of the present embodiment
Update recovery process) in occur interrupting or abnormal, then carry out following processing:
1, power-fail interrupt unexpected power blackout situations such as (including) artificially pulling out card, power down, card is arranged in corresponding during power down
Disconnected mark:
(1) automatic to restore: card automaticly inspects power down after re-powering and identifies whether set, is then to be identified to jump according to power down
It goes to corresponding process and executes subsequent step;Such as update backup procedure generation power down in heat and backup power-fail interrupt mark is then set,
Card detects that backup power-fail interrupt mark then jumps to the corresponding position that heat updates in backup procedure and continues to hold after powering on again
Row subsequent step;
(2) order restores: the host computer to be received such as card, which issues, restores new executable file order, as card receive it is extensive
Multiple new executable file order, then the corresponding position for jumping to corresponding power-fail interrupt identification record (may be that heat update was backed up
Some step of journey, it is also possible to which heat updates some step of recovery process) continue to execute subsequent step;As card receives
Other orders for the non-recovery new executable file order that position machine issues, card directly return to miscue code (such as 69 85);
Preferably, card receive restore new executable file order before can also include: on card receives
When the current heat of the acquisition that position machine is sent updates session status order, current hot more new state is returned to host computer by card;Such as
Current heat more new state is then card returns to 0x00 to host computer without hot more new session;Current heat more new state updates institute for heat
There is step to successfully complete then card and gives host computer return 0x01;Current heat more new state is the executable file then card that waits for downloads
0x02 is returned to host computer;To wait heat to update recovery process, then card gives host computer return 0x03 to current hot more new state;When
To wait heat to update recovery process failure, then card gives host computer return 0x04 to preceding heat more new state;Current heat more new state is standby
Then card gives host computer to return to 0x10 for the preservation step interruption of part process;Current heat more new state is the cleanup step of backup procedure
It interrupts then card and gives host computer return 0x20;Current heat more new state be the deletion step of backup procedure interrupt then card to upper
Machine returns to 0x30;Current heat more new state interrupts then card for the installation steps of recovery process and returns to 0x40 to host computer;Currently
Hot more new state interrupts then card for the recovering step of recovery process and returns to 0x50 to host computer;Current heat more new state is to restore
Then card gives host computer to return to 0x60 for the merging step interruption of process;
2, card updates backup procedure step, the more newly downloaded new executable file process steps of heat and heat in heat and updates and restore
Step is such as abnormal, then different error messages is sent to host computer, these error messages are from application, can also
Unknown execution mistake can be indicated if error message is 6400 from system, heat, which updates, to be abandoned;As error message is
6401 indicate executable file version lower than compatible minimal version requirement, and heat, which updates, to be abandoned;As error message is
6402 indicate that new executable file security domain is incorrect, and heat, which updates, to be abandoned;It indicates newly may be used if error message is 6403
It executes file and lacks module, heat updates recovery process and has been started up;It indicates to attempt to save if error message is 6410 to make by oneself
Object, heat, which updates, to be abandoned;Indicate that condition is unsatisfactory for if error message is 6985;It is indicated if error message is 6200
(warning) unknown execution mistake, heat update recovery process and have been started up.
Embodiment three
The embodiment of the present invention three provides a kind of hot updating device for realizing smart card executable file, as shown in figure 8, packet
It includes:
First receiving module 801, for receiving the starting heat more newer command of host computer transmission;
First obtains module 802, the file in the hot more newer command of the starting for being received according to the first receiving module 801
Mark searches executable file in registration table and saves address, saves address the of nonvolatile storage according to executable file
Executable file to be updated is obtained in two memory blocks;
Backup removing module 803, for by the system registry corresponding to executable file to be updated in registration table
All application registry information belonged in executable file to be updated, all applications in information, registration table specify needs
The user information of backup backups to the first memory block of nonvolatile storage;By belonging in system registry information, registration table
The specified user information for needing to back up of all application registry information, all applications in executable file to be updated is deleted;
Preserving module 804 is downloaded, for downloading new executable file and being saved into the second of nonvolatile storage
Memory block, records the registry information of correspondence and new executable file and can by new in executable file registration table
The preservation address for executing file is added in registry information;
Install recovery module 805, for by new executable file according to the system registry information of backup and backup
All application registry information reinstall application, and call the backup function in the application reinstalled the corresponding of backup
User information in is restored in the application reinstalled;
First recycling module 806, for calling garbage reclamation function after installation recovery module 805 successfully installs recovery
The information for the first memory block for being stored in nonvolatile storage is recycled.
Optionally, the device of the present embodiment further includes the second removing module, in the backup completion of the first backup module
The executable file to be updated that the first acquisition module 802 obtains is deleted afterwards.
Optionally, the application registry information in the present embodiment has a plurality of, correspondingly, device further includes first as module
And first judgment module;
First is used as module, for using first application registry information as current application registry information;
Recovery module 805 is installed to be specifically used for through new executable file according to the system registry information of backup and standby
The current application registry information of part reinstalls corresponding application, and calls the backup function in corresponding application backup
User information in corresponding application is restored in corresponding application;
First judgment module is to trigger the first recycling module 806 for judging whether all applications are successfully recovered,
Otherwise using next application registry information as current application registry information, triggering installation recovery module 805.
Optionally, the device of the present embodiment further include: channel module is established, for establishing the peace between card and host computer
Full tunnel;
First receiving module 801 after establishing channel module and being successfully established exit passageway specifically on waiting and receiving
The starting heat more newer command that position machine is sent.
Specifically, establishing channel module and including:
First receiving submodule, for receiving the host-random-number and host machine authentication code of host computer transmission;
First generates submodule, for generating the first session key and card random number;
First saves submodule, the card random number received for saving the first receiving submodule;
First encryption submodule, for using the first session key to the first receiving module 801 according to the second Predistribution Algorithm
The host-random-number received and the card random number of generation are encrypted to obtain card authentication code;
First sending submodule returns to host computer for will generate the card authentication code that encryption submodule obtains;
Judging submodule is encrypted, the first session key decryption first for using the first generation submodule to generate receives son
The host machine authentication code that module receives judges to decrypt whether the card random number that host machine authentication code obtains protects with the first preservation submodule
The card random number deposited is identical, is, the exit passageway between host computer is successfully established, and otherwise returns to error message to host computer.
In the present embodiment, first submodule is generated specifically for using preset basic key according to the first preset algorithm
Derived data is encrypted to obtain the first session key;Generate card random number;
First sending submodule is specifically used for the variable data of derived data and card authentication code returning to host computer.
Optionally, the present embodiment establishes channel module further include: authentication sub module, for sending when receiving host computer
When establishing exit passageway order, the outer entity of card is authenticated using the exit passageway agreement of support, is touched if authenticating successfully
The first receiving submodule is sent out, returns to error message to host computer if authentification failure.
Specifically, in the present embodiment, backup removing module 803 is used to believe the specified user for needing to back up of all applications
The first memory block that breath backups to nonvolatile storage includes: to obtain corresponding application according to executable file to be updated, often
A application calculates the taken up space total size of initial data in backup information and standard according to respective user information to be backed up
Object number passes through the space size of application programming interface announcement card application nonvolatile storage;Card preservation passes through
Application programming interface returns to the management object of the first memory block of nonvolatile storage, and the specified needs of each application are standby
The user information of part backups in the first memory block of nonvolatile storage in the management object for corresponding to each application.
Specifically, the backup removing module 803 of the present embodiment includes:
Second judgment submodule is then to return to mistake letter to host computer for judging whether hot more new session has been started up
Otherwise breath triggers third judging submodule;
Third judging submodule is then to trigger the 4th judging submodule, otherwise gives for judging whether backup operation is legal
Host computer returns to error message;
Further, third judging submodule is specifically used for the version number for the executable file to be updated that judgement obtains
Whether be less than minimal version number needed for starting the executable file version to be updated in hot more newer command, judgement obtains to
Whether the executable file of update is not present static dependencies, judges that each for belonging to the executable file to be updated of acquisition is answered
With whether not in any logical channel by real-time selection, the 4th judging submodule is triggered if judgement is to be, is otherwise given
Host computer returns to error message;
New executable file has been downloaded and saved to 4th judging submodule for judging whether, is then to trigger the 5th
Otherwise judging submodule triggers the 7th judging submodule;
5th judging submodule, it is whether effective for judging to have downloaded the new executable file saved, it is to trigger
Otherwise 6th judging submodule returns to error message to host computer;
Further, the pass for the new executable file that the 5th judging submodule has been downloaded and saved specifically for judgement
Connection security domain is associated with whether security domain is consistent and judgement has been downloaded and saved new with the executable file to be updated of acquisition
The application module smallest subset of executable file whether include application module all in executable file to be updated, such as sentence
It is disconnected be then the 6th judging submodule of triggering, otherwise host computer is given to return to error message;
6th judging submodule is then to upper for judging whether the corresponding application of new executable file has created
Machine returns to error message, otherwise triggers the 7th judging submodule;
For judging power down type according to power-fail interrupt mark power down or backup number do not occur for the 7th judging submodule such as
Power down occurs according to process and then successively triggers Backup Data submodule, cleaning data submodule and deletion data submodule, such as clears up
Power down occurs for data procedures, and then successively triggering clears up data submodule and deletes data submodule, such as deletes data procedures and falls
It is electric then trigger delete data submodule;
Backup Data submodule, for executing Backup Data process;
Data submodule is cleared up, for executing cleaning data procedures;
Data submodule is deleted, deletes data procedures for executing;
Backup Data submodule is for executing Backup Data process, comprising: for by corresponding in registration table it is to be updated
The system registry information of executable file, all applications registration belonged in executable file to be updated in registration table
Table information, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;
It clears up data submodule and deletes data mistake for executing for executing cleaning data procedures, deleting data submodule
Journey, comprising: believe all application registries belonged in executable file to be updated in system registry information, registration table
Breath, the specified user information for needing to back up of all applications are deleted.
In the present embodiment, Backup Data submodule includes:
First inspection unit is to trigger the first recovery unit for checking whether Backup Data process occurs power down, no
Then trigger the first storage unit;
First recovery unit, for recycling to the user information that Backup Data power-fail interrupt occurs, triggering first is protected
Memory cell;
Specifically, the first recovery unit includes:
First searches subelement, for searching the management object for saving user information according to file identification;
First recycling subelement, the management object for finding to the first lookup subelement recycle;
Further, the first recycling subelement is specifically used for emptying the management object found, calls virtual machine complete
Whole garbage reclamation function;Or first recycling subelement be specifically used for traversal find management object under subdomain object, will
Subdomain object under the management object found and the management object found is recycled;
First storage unit, for calling the guarantor for belonging to each application of executable file to be updated by preset sequence
Store function needs the user information that backs up to save, and save in system registry information and registration table belong to it is to be updated can
All application registry information in file are executed, the first judging unit is triggered;
First judging unit is to delete the user backed up for judging whether Backup Data process has exception throws
Information, system registry information and application registry information return to error message to host computer, otherwise triggering cleaning data submodule
Block.
In the present embodiment, cleaning data submodule includes:
Second inspection unit is to trigger the first call unit, otherwise touch for checking whether scale removal process occurs power down
Send out the second call unit;
First call unit restarts to call cleaning function for the application to cleaning data outage, and triggering second is adjusted
Use unit;
Second call unit, for belonging to each of executable file to be updated using typographical sequences calling by preset
The cleaning function of application come promote application deletion, trigger second judgment unit;
Second judgment unit is to delete current executable file for judging whether there is exception throws in scale removal process
The corresponding user information backed up, system registry information and application registry information return to error message to host computer, no
It then triggers and deletes data submodule.
In the present embodiment, deleting data submodule includes:
First deletes unit, corresponds to the system registry information of executable file to be updated, using note for deleting
Volume table information, user information;
Unit is deleted in judgement, is not deleted for judge whether update option is set as retaining executable file to be updated
It removes, is, trigger third judging unit, otherwise delete executable file to be updated, trigger third judging unit;
Third judging unit is to delete current executable file pair for judging whether deletion process has exception throws
The information for the backup answered becomes the application for belonging to executable file to be updated according to the cleaning function for executing cleaning data procedures
At unknown state, error message is returned to host computer, otherwise triggering waits return unit;
Return unit, the executable file version for waiting for downloads new are waited, and is return success to host computer.
Further, the downloading preserving module 804 in the present embodiment includes:
Second receiving submodule, for receiving the preparation installation order and download command that host computer issues;
8th judging submodule, for judging whether to be ready to when the second receiving module receives preparation installation order
New executable file is downloaded, is then to trigger the 9th judging submodule, otherwise triggers the tenth judging submodule;
9th judging submodule, for judging whether the new executable file to be downloaded includes executable text to be updated
Part is to be the second memory block of the new executable file application nonvolatile storage to be downloaded, return successfully to host computer
Otherwise information downloads other executable files and returns to downloading result information to host computer;
Tenth judging submodule, for judging whether the new executable file to be downloaded includes executable text to be updated
Part is then to return to error message to host computer, otherwise downloads other executable files and returns to downloading result information to host computer;
Judging submodule is saved, for dividing multiple APDU host computer when the second receiving module receives download command
It instructs the downloading file data blocks sent parsing composition executable file and is saved in the second memory block of nonvolatile storage
In, judge whether downloading process normally completes, be, triggers judgement recycling submodule, otherwise return to error message to host computer;
Judgement recycling submodule, for judge current download package mark code whether be the mark code of new executable file simultaneously
Judge whether hot more new session has been started up, if judgement is to be, judgement addition submodule is triggered, otherwise by non-volatile memory
The information of second memory block of device is recycled, and returns to error message to host computer;
Judgement addition submodule, judges whether the mode of recovery process is to restore automatically for card, is then executable
The registry information of correspondence and new executable file is recorded in system registry and by the preservation of new executable file
Address is added in registry information, otherwise triggering installation recovery module 805 is return success to host computer.
Further, the installation recovery module 805 of the present embodiment includes:
Third receiving submodule restores executable file order for receiving heat and updating;
First check submodule, for when third receiving submodule receive heat update restore executable file order when,
Whether the preparation process before checking recovery process is completed, and is then to trigger the 11st judging submodule, otherwise gives host computer to return wrong
False information;
Preferably, the first inspection submodule is specifically used for restoring executable text when third receiving submodule receives heat and updates
When part order, judge whether backup procedure is completed and whether new executable file downloads completion, if judgement is to be, triggers
Otherwise 11st judging submodule returns to error message to host computer;
11st judging submodule is that then triggering second checks submodule for judging whether heat update recovery operation is legal
Otherwise block returns to error message to host computer;
Preferably, whether the 11st judging submodule is specifically used for judging the version number of new executable file than to be updated
Executable file version number it is high and judge in executable file to be updated whether to include static dependencies, as judgement is
It is that then triggering second checks submodule, otherwise returns to error message to host computer;
Second checks submodule, for checking whether generation power down, power down does not such as occur or card reinstalls new opplication
Process occurs power down and then triggers installation judging submodule, and installation is triggered if power down occurs using backed up in synchronization data procedures and is restored
Submodule triggers the first calling submodule if power down occurs using merging data process;
Judging submodule is installed, is infused for passing sequentially through new executable file according to downloading order according to the file of backup
Volume table information and each application registry information of backup reinstall each application, and judge whether to install successfully, are
It then triggers installation and restores submodule, otherwise return to error message to host computer;
Installation restores submodule, for calling the backup function in the application each reinstalled in order by security domain
The user information of the respective application of backup is restored in the respective application reinstalled;
12nd judging submodule is that then submodule is called in triggering first for judging whether all applications successfully restore
Block, otherwise triggering, which is called, returns to submodule;
It calls and returns to submodule, for calling garbage reclamation function to clear up all temporary variables and data cached, to upper
Machine returns to error message;
First calls submodule, for calling the pooled function for the application each reinstalled in order by security domain;
13rd judging submodule, the pooled function for judging whether successfully to call all applications reinstalled are
It is then return success to host computer, otherwise triggers first and delete submodule;
First deletes submodule, for deleting the application reinstalled and corresponding new executable file.
Optionally, the device of the present embodiment, which may also include, abandons module, for having exception throws and returning to host computer
After error message, carry out abandoning hot more new session when the first receiving module 801 receives the order of host computer transmission again
Operation.
Specifically, abandoning module and including:
14th judging submodule preserves executable file to be updated for judging whether, is to trigger recovery
Module, otherwise submodule is downloaded in triggering;
Submodule is downloaded, for downloading executable file to be updated, when receiving recovery order and on having restored
It is triggered after primary new executable file and restores submodule;
Restore submodule, belongs to all of executable file to be updated for restoring according to executable file to be updated
All user informations of application registry information and backup execute step E4;
Backup submodule is recycled, for being recycled to Useless object, the information that cleaning is backed up in hot renewal process,
And it is return success to host computer.
The foregoing is only a preferred embodiment of the present invention, but scope of protection of the present invention is not limited thereto,
Anyone skilled in the art is in technical scope disclosed by the invention, and any changes or substitutions that can be easily thought of,
It should be covered by the protection scope of the present invention.Therefore, protection scope of the present invention should be with scope of protection of the claims
Subject to.
Claims (46)
1. a kind of hot update method for realizing smart card executable file characterized by comprising
Step S1: when card receives the starting heat more newer command of host computer transmission, according in the hot more newer command of the starting
File identification searched in registration table executable file save address, according to executable file save address in non-volatile memory
Executable file to be updated is obtained in second memory block of device;
Step S2: the card believes the system registry corresponding to the executable file to be updated in the registration table
Breath, all application registry information belonged in executable file to be updated in the registration table, the specified need of all applications
The user information to be backed up backups to the first memory block of nonvolatile storage, by the system registry information, the registration
The specified user for needing to back up of all application registry information belonged in executable file to be updated, all applications in table
Information deletion;
Step S3: the card downloads new executable file and is saved into the second storage of the nonvolatile storage
Area, in the executable file registration table record one correspond to new executable file registry information and can by new
The preservation address for executing file is added in the registry information;
Step S4: the card according to the system registry information of backup and is backed up all by the new executable file
Application registry information reinstalls application, and calls the backup function in the application reinstalled in the respective application of backup
User information be restored to reinstall application in;
Step S5: the card calls information of the garbage reclamation function to the first memory block for being stored in the nonvolatile storage
It is recycled.
2. the method according to claim 1, wherein the card will correspond in the registration table it is described to more
The institute belonged in the executable file to be updated in the system registry information of new executable file, the registration table
There is specified the first memory block for needing the user information backed up to backup to nonvolatile storage of application registry information, all applications
Later further include: delete the executable file to be updated of the acquisition.
3. the method according to claim 1, wherein the application registry information has a plurality of, the step S4
It before include using first application registry information as current application registry information;
Step S4 replacement are as follows: the card by the new executable file according to backup system registry information with
The current application registry information of backup reinstalls corresponding application, and calls the backup function in corresponding application backup
Corresponding application in user information be restored in corresponding application;
Then include: that the card judges whether all applications are successfully recovered between step S4 and step S5, is to then follow the steps
S5, otherwise using next application registry information as current application registry information, return step S4.
4. the method according to claim 1, wherein before the step S1 further include: the card establish with
Exit passageway between host computer.
5. according to the method described in claim 4, it is characterized in that, the exit passageway that the card is established between host computer has
Body are as follows:
Step A1: the card receives the host-random-number that the host computer is sent;
Step A2: the card generates the first session key and card random number, the card random number is saved, according to the second preset calculation
Method is encrypted to obtain card authentication code simultaneously using first session key to the host-random-number and the card random number
The card authentication code is returned into the host computer;
Step A3: when the card receives the host machine authentication code that the host computer is sent, the card uses described first
Session key decrypts the host machine authentication code, judge to decrypt card random number that the host machine authentication code obtains whether the card with preservation
Random number is identical, is, the exit passageway between host computer is successfully established, and otherwise returns to error message to host computer.
6. according to the method described in claim 5, it is characterized in that, the card the first session of generation in the step A2 is close
Key, comprising: the card encrypts derived data to obtain first according to the first preset algorithm using preset basic key
Session key;
The card authentication code is returned into the host computer in the step A2, including;By the variable of the derived data
Data and card authentication code return to host computer.
7. according to the method described in claim 5, it is characterized in that, including: when the card receives before the step A1
When establishing exit passageway order of the host computer transmission authenticates the outer entity of card using the exit passageway agreement of support,
It such as authenticates and successfully thens follow the steps A1, return to error message to host computer if authentification failure.
8. the method according to claim 1, wherein specifying needs to back up all applications in the step S2
It includes: the card according to the executable file to be updated that user information, which backups to the first memory block of nonvolatile storage,
Corresponding application is obtained, each application needs the respective user information backed up to calculate original number in backup information according to described
According to taken up space total size and standard object number, pass through non-volatile memory described in application programming interface announcement card application
The space size of device, the card save the first memory block that the application programming interface returns to the nonvolatile storage
Management object;The card needs the user information backed up to backup to the of the nonvolatile storage for each application is specified
Corresponding in the management object of each application in one memory block.
9. the method according to claim 1, wherein the step S2 includes:
Step B1: the card judges whether hot more new session has been started up, and is then to return to error message to host computer, otherwise holds
Row step B2;
Step B2: the card judges whether backup operation is legal, is to then follow the steps B3, otherwise returns to mistake letter to host computer
Breath;
Step B3: the card judges whether to have downloaded and saved new executable file, is to then follow the steps B4, otherwise holds
Row step B6;
Step B4: whether the new executable file saved has been downloaded in card judgement effective, is to then follow the steps
Otherwise B5 returns to error message to host computer;
Step B5: the card judges whether the corresponding application of the new executable file has created, and is returned to host computer
Error message is returned, it is no to then follow the steps B6;
Step B6: the card judges power down type according to power-fail interrupt mark, and power down or Backup Data process hair does not occur such as
Raw power down thens follow the steps B7, and cleaning data procedures are sequentially executed if power down occurs for cleaning data procedures, executes and deletes data
Process executes deletion data procedures if deleting data procedures and power down occurs;
Step B7: the card sequence executes Backup Data process, executes cleaning data procedures, executes and delete data procedures;
The card will correspond to described to be updated can be performed in the registration table during execution Backup Data
All application registries letter belonged in executable file to be updated in the system registry information of file, the registration table
Breath, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;
In execution cleaning data procedures and execute the system registry information, all applications note in deletion data procedures
Volume table information, the specified user information for needing to back up of all applications are deleted.
10. according to the method described in claim 9, it is characterized in that, the step B2 includes: the institute that the card judgement obtains
Whether the version number for stating executable file to be updated is less than the executable file to be updated started in hot more newer command
Minimal version number needed for version judges whether the executable file to be updated obtained is not present static dependencies, judgement
Whether each application for belonging to the executable file to be updated of acquisition is not selected in real time in any logical channel
It selects, being such as judgement is to then follow the steps B3, otherwise returns to error message to host computer.
11. according to the method described in claim 9, it is characterized in that, the step B4 includes: that the card judgement has been downloaded simultaneously
The association security domain of new executable file saved is with the security domain that is associated with of the executable file to be updated of acquisition
Whether the application module smallest subset for the new executable file that no consistent and judgement has been downloaded and saved includes described to be updated
Executable file in all application module, being such as judgement is to then follow the steps B5, and host computer is otherwise given to return to mistake letter
Breath.
12. according to the method described in claim 9, it is characterized in that, card execution Backup Data process includes:
Step T1: whether the card checking Backup Data process occurs power down, is to then follow the steps T2, no to then follow the steps
T3;
Step T2: the card recycles the user information that Backup Data power-fail interrupt occurs, and executes step T3;
Step T3: the card is called the preservation for belonging to each application of the executable file to be updated by preset sequence
Function saves the specified user information for needing to back up, and saves belonging in the system registry information and the registration table
All application registry information in executable file to be updated execute step T4;
Step T4: the card judges whether Backup Data process has exception throws, is, deletes the user information backed up, text
Part registry information and application registry information, return to error message to host computer, otherwise execute cleaning data procedures.
13. according to the method for claim 12, which is characterized in that the step T2 is specifically included:
Step Y1: the card searches the management object for saving user information according to the file identification;
Step Y2: the card recycles the management object found.
14. according to the method for claim 13, which is characterized in that the step Y2 is specifically included: the card will be searched
To management object empty, call the complete garbage reclamation function of virtual machine.
15. according to the method for claim 13, which is characterized in that the step Y2 is specifically included: traversing the pipe found
The subdomain object under object is managed, the subdomain object under the management object found and the management object found is recycled.
16. according to the method described in claim 9, it is characterized in that, execution cleaning data procedures include:
Step P1: whether the card checking scale removal process occurs power down, is to then follow the steps P2, no to then follow the steps P3;
Step P2: the card restarts the application of cleaning data outage to call cleaning function, executes step P3;
Step P3: the card is belonged to each of the executable file to be updated and answered as preset using typographical sequences calling
Function is cleared up to promote the deletion of application, executes step P4;
Step P4: the card judges whether there is exception throws in scale removal process, is that delete current executable file corresponding
User information, system registry information and the application registry information backed up returns to error message to host computer, otherwise executes
Delete data procedures.
17. according to the method described in claim 9, it is characterized in that, execution deletion data procedures include:
Step W1: the card, which is deleted, corresponds to the system registry information of the executable file to be updated, using registration
Table information, user information;
Step W2: whether the card, which judges to update option to be set as retaining executable file to be updated, does not delete, and is then
Step W3 is executed, the executable file to be updated is otherwise deleted, executes step W3;
Step W3: the card judges whether deletion process has exception throws, is, it is corresponding standby to delete current executable file
The information of part becomes the application for belonging to the executable file to be updated according to the cleaning function for executing cleaning data procedures
Unknown state returns to error message to host computer, no to then follow the steps W4;
Step W4: the executable file version that the card waits for downloads new, and return success to host computer.
18. the method according to claim 1, wherein the step S3 includes:
Step C1: the instruction that the host computer to be received such as described card issues executes step C2 when receiving and preparing installation order,
Step C5 is executed when receiving download command;
Step C2: the card judges whether to get out download new executable file, is to then follow the steps C3, otherwise executes step
Rapid C4;
Step C3: whether the new executable file to be downloaded of card judgement includes the executable file to be updated,
It is, for the second memory block of the new executable file application nonvolatile storage to be downloaded, to be returned to the host computer
Otherwise successful information downloads other executable files and returns to downloading result information to the host computer;
Step C4: whether the new executable file to be downloaded described in the card judgement includes executable file to be updated,
It is then to return to error message to host computer, otherwise downloads other executable files and return to downloading result information to host computer;
Step C5: the downloading file data blocks parsing composition that the card sends the multiple APDU instructions of host computer point is executable
File is simultaneously saved in the second memory block of nonvolatile storage, judges whether downloading process normally completes, and is to then follow the steps
Otherwise C6 returns to error message to host computer;
Step C6: the card judges whether current download package mark code is the mark code of new executable file and judges heat more
Whether new session has been started up, and being such as judgement is to then follow the steps C7, otherwise by the second memory block of nonvolatile storage
Information is recycled, and returns to error message to host computer;
Step C7: the card judges whether the mode of recovery process is to restore automatically, is then to register in the executable file
The registry information an of correspondence and new executable file is recorded in table and adds the preservation address of new executable file
Into the registry information, step S4 is executed, is otherwise return success to the host computer.
19. the method according to claim 1, wherein the step S4 includes:
Step D0: the preparation when the card, which receives heat, updates recovery executable file order, before checking recovery process
Whether journey is completed, and is to then follow the steps D1, otherwise returns to error message to host computer;
Step D1: the card judges whether heat update recovery operation is legal, is to then follow the steps D2, otherwise host computer is given to return
Error message;
Step D2: whether the card checking occurs power down, and power down does not occur such as or card reinstalls the generation of new opplication process
Power down thens follow the steps D3, and power down such as occurs using backed up in synchronization data procedures and thens follow the steps D4, such as applies merging data mistake
Cheng Fasheng power down thens follow the steps D7;
Step D3: the card passes sequentially through the new executable file according to the system registry of backup according to downloading order
Information and each application registry information of backup reinstall each application, and judge whether to install successfully, are to hold
Otherwise row step D4 returns to error message to host computer;
Step D4: the card calls the backup function in the application each reinstalled by backup in order by security domain
The user information of respective application is restored in the respective application reinstalled;
Step D5: the card judges whether all applications successfully restore, and is to then follow the steps D7, no to then follow the steps D6;
Step D6: the card calls garbage reclamation function to clear up all temporary variables and data cached, gives host computer to return wrong
False information;
Step D7: the card calls the pooled function for the application each reinstalled by security domain in order;
Step D8: the card judges whether the pooled function for successfully calling all applications reinstalled, and is then on described
Position machine is return success, no to then follow the steps D9;
Step D9: the card deletes the application reinstalled and corresponding new executable file.
20. according to the method for claim 19, which is characterized in that described to check whether the preparation process before recovery process is complete
It is the preparation then before recovery process at including: to judge whether backup procedure is completed and whether new executable file downloads completion
Process is completed, and otherwise the preparation process before recovery process does not complete.
21. according to the method for claim 19, which is characterized in that the step D1 include: card judgement it is new can
Whether the version number of execution file is higher than the version number of executable file to be updated and judges in executable file to be updated
It whether include static dependencies, being is to then follow the steps D2, otherwise returns to error message to host computer such as judgement.
22. the method according to claim 1, wherein having exception between the step S4 in the step S2
It dishes out and after the card returns to error message to host computer, when the card receives the life that the host computer is sent again
It carries out abandoning hot more new session operation when enabling.
23. according to the method for claim 22, which is characterized in that described abandon hot more new session operation and include:
Step E1: the card judges whether to preserve executable file to be updated, is to then follow the steps E3, otherwise executes step
Rapid E2;
Step E2: the card downloads executable file to be updated, when receiving recovery order and is restoring upper primary
New executable file after execute step E3;
Step E3: the card restores to belong to all of executable file to be updated according to the executable file to be updated
All user informations of application registry information and backup execute step E4;
Step E4: the card recycles Useless object, clears up the information backed up in hot renewal process, and to described
Host computer is return success.
24. a kind of hot updating device for realizing smart card executable file characterized by comprising
First receiving module, for receiving the starting heat more newer command of host computer transmission;
First obtains module, and the file identification in the hot more newer command of the starting for being received according to first receiving module exists
Executable file is searched in registration table and saves address, and address is saved in the second storage of nonvolatile storage according to executable file
Executable file to be updated is obtained in area;
Backup removing module, for by the system registry corresponding to the executable file to be updated in the registration table
All application registry information belonged in executable file to be updated, all applications in information, the registration table are specified
The user information for needing to back up backups to the first memory block of nonvolatile storage;By the system registry information, the note
The specified use for needing to back up of all application registry information belonged in executable file to be updated, all applications in volume table
Family information deletion;
Preserving module is downloaded, is stored for downloading new executable file and being saved into the second of the nonvolatile storage
Area, records the registry information of correspondence and new executable file and can by new in the executable file registration table
The preservation address for executing file is added in the registry information;
Install recovery module, for by the new executable file according to the system registry information of backup and the institute of backup
There is application registry information to reinstall application, and calls the backup function in the application reinstalled the respective application of backup
In user information be restored to reinstall application in;
First recycling module, for calling garbage reclamation function to preservation after the installation recovery module successfully installs recovery
Information in the first memory block of the nonvolatile storage is recycled.
25. device according to claim 24, which is characterized in that further include the second removing module, for described first
Backup module backup obtains the executable file to be updated that module obtains for described first after completing and deletes.
26. device according to claim 24, which is characterized in that the application registry information has a plurality of, described device
It further include first as module and first judgment module;
Described first is used as module, for using first application registry information as current application registry information;
It is described installation recovery module be specifically used for by the new executable file according to backup system registry information with
The current application registry information of backup reinstalls corresponding application, and calls the backup function in corresponding application backup
Corresponding application in user information be restored in corresponding application;
The first judgment module is to trigger first recycling module for judging whether all applications are successfully recovered,
Otherwise using next application registry information as current application registry information, the installation recovery module is triggered.
27. device according to claim 24, which is characterized in that further include: establish channel module, for establish card with
Exit passageway between host computer;
First receiving module is specifically used for waiting and receiving upper in described establish after channel module is successfully established exit passageway
The starting heat more newer command that machine is sent.
28. device according to claim 27, which is characterized in that the channel module of establishing includes:
First receiving submodule, the host-random-number and host machine authentication code sent for receiving the host computer;
First generates submodule, for generating the first session key and card random number;
First saves submodule, the card random number received for saving first receiving submodule;
First encryption submodule, for using first session key to first receiving module according to the second Predistribution Algorithm
The card random number of the host-random-number and generation that receive is encrypted to obtain card authentication code;
First sending submodule, the card authentication code for obtaining the generation encryption submodule return to the host computer;
Judging submodule is encrypted, the first session key decryption described first for being generated using the first generation submodule is connect
The host machine authentication code that receives of submodule is received, whether judges to decrypt card random number that the host machine authentication code obtains with described first
It is identical to save the card random number that submodule saves, is that the exit passageway between host computer is successfully established, otherwise gives host computer
Return to error message.
29. device according to claim 28, which is characterized in that described first, which generates submodule, is specifically used for according to first
Preset algorithm encrypts derived data using preset basic key to obtain the first session key;Generate card random number;
First sending submodule is specifically used for returning to the variable data of the derived data with card authentication code upper
Machine.
30. device according to claim 28, which is characterized in that described to establish channel module further include: authentication sub module,
For when receiving that the host computer sends when establishing exit passageway order, using the exit passageway agreement of support to the outer reality of card
Body is authenticated, and the first receiving submodule as described in triggering if authenticating successfully returns to mistake letter to host computer if authentification failure
Breath.
31. device according to claim 24, which is characterized in that the backup removing module is for specifying all applications
The first memory block that the user information for needing to back up backups to nonvolatile storage includes: according to the executable text to be updated
Part obtains corresponding application, and each application calculates original in backup information according to the respective user information that the needs back up
The taken up space total size of data and standard object number are deposited by non-volatile described in application programming interface announcement card application
The space size of reservoir, the card, which is saved, returns to the first of the nonvolatile storage by the application programming interface
The management object of memory block;The user information that the specified needs of each application back up is backuped to the first of the nonvolatile storage
Corresponding in the management object of each application in memory block.
32. device according to claim 24, which is characterized in that the backup removing module includes:
Second judgment submodule is then to return to error message to host computer for judging whether hot more new session has been started up, no
Then trigger third judging submodule;
The third judging submodule is then to trigger the 4th judging submodule, otherwise gives for judging whether backup operation is legal
Host computer returns to error message;
New executable file has been downloaded and saved to 4th judging submodule for judging whether, is then to trigger the 5th
Otherwise judging submodule triggers the 7th judging submodule;
5th judging submodule, it is whether effective for judging to have downloaded the new executable file saved, it is then
The 6th judging submodule is triggered, otherwise returns to error message to host computer;
6th judging submodule is to give for judging whether the corresponding application of the new executable file has created
Host computer returns to error message, otherwise triggers the 7th judging submodule;
For judging power down type according to power-fail interrupt mark power down or backup number do not occur for the 7th judging submodule such as
Power down occurs according to process and then successively triggers Backup Data submodule, cleaning data submodule and deletion data submodule, such as clears up
Power down occurs for data procedures, and then successively triggering clears up data submodule and deletes data submodule, such as deletes data procedures and falls
It is electric then trigger delete data submodule;
Backup Data submodule, for executing Backup Data process;
Data submodule is cleared up, for executing cleaning data procedures;
Data submodule is deleted, deletes data procedures for executing;
Backup Data submodule is for executing Backup Data process, comprising: for by corresponding in the registration table it is described to
Belonging in the system registry information of the executable file of update, the registration table is all in executable file to be updated
Application registry information, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;
The cleaning data submodule deletes data for executing for executing cleaning data procedures, the deletion data submodule
Process, comprising: by the system registry information, the registration table belong in executable file to be updated all answer
It is deleted with registry information, the specified user information for needing to back up of all applications.
33. device according to claim 32, which is characterized in that the third judging submodule is specifically used for judgement and obtains
The executable file to be updated version number whether be less than it is described start it is to be updated executable in hot more newer command
Minimal version number needed for FileVersion, judge obtain the executable file to be updated whether be not present static dependencies,
Judgement belong to acquisition the executable file to be updated each application whether not in any logical channel by reality
When select, as judgement be to be if trigger the 4th judging submodule, otherwise give host computer return error message.
34. device according to claim 32, which is characterized in that the 5th judging submodule is specifically used under judgement
It carries and the association security domain of new executable file that saves and the executable file to be updated of acquisition is associated with safety
The application module smallest subset for the new executable file that whether domain consistent and judgement has been downloaded and saves whether include it is described to
All application modules in the executable file of update trigger the 6th judging submodule if judgement is to be, otherwise to upper
Machine returns to error message.
35. device according to claim 32, which is characterized in that the Backup Data submodule includes:
First inspection unit is to trigger the first recovery unit, otherwise touch for checking whether Backup Data process occurs power down
Send out the first storage unit;
First recovery unit, for recycling to the user information that Backup Data power-fail interrupt occurs, triggering first is protected
Memory cell;
First storage unit, for calling each application for belonging to the executable file to be updated by preset sequence
Preservation function need the user information that backs up to save, and save the category in the system registry information and the registration table
All application registry information in executable file to be updated trigger the first judging unit;
First judging unit is to delete the user backed up for judging whether Backup Data process has exception throws
Information, system registry information and application registry information return to error message to host computer, otherwise trigger the cleaning data
Submodule.
36. device according to claim 35, which is characterized in that first recovery unit includes:
First searches subelement, for searching the management object for saving user information according to the file identification;
First recycling subelement, the management object for finding to the first lookup subelement recycle.
37. device according to claim 36, which is characterized in that the first recycling subelement is specifically used for find
Management object empty, call the complete garbage reclamation function of virtual machine.
38. device according to claim 36, which is characterized in that the first recycling subelement is specifically used for traversal and searches
Subdomain object under the management object arrived carries out the subdomain object under the management object found and the management object found
Recycling.
39. device according to claim 32, which is characterized in that the cleaning data submodule includes:
Second inspection unit is to trigger the first call unit for checking whether scale removal process occurs power down, otherwise triggers
Two call units;
First call unit restarts to call cleaning function for the application to cleaning data outage, and triggering second is adjusted
Use unit;
Second call unit, for belonging to the executable file to be updated using typographical sequences calling by preset
The cleaning function of each application come promote application deletion, trigger second judgment unit;
Second judgment unit is to delete current executable file to correspond to for judging whether there is exception throws in scale removal process
The user information backed up, system registry information and application registry information, give host computer return error message, otherwise touch
It sends out described and deletes data submodule.
40. device according to claim 32, which is characterized in that the deletion data submodule includes:
First deletes unit, corresponds to the system registry information of the executable file to be updated, using note for deleting
Volume table information, user information;
Unit is deleted in judgement, is not deleted for judge whether update option is set as retaining executable file to be updated, is
Third judging unit is then triggered, the executable file to be updated is otherwise deleted, triggers third judging unit;
The third judging unit is to delete current executable file pair for judging whether deletion process has exception throws
The information for the backup answered will belong to answering for the executable file to be updated according to the cleaning function for executing cleaning data procedures
With unknown state is become, error message is returned to host computer, otherwise triggering waits return unit;
The waiting return unit, the executable file version for waiting for downloads new, and return success to host computer.
41. device according to claim 24, which is characterized in that the downloading preserving module includes:
Second receiving submodule, for receiving the preparation installation order and download command that host computer issues;
8th judging submodule, for judging whether to be ready to when second receiving module receives preparation installation order
New executable file is downloaded, is then to trigger the 9th judging submodule, otherwise triggers the tenth judging submodule;
9th judging submodule, for judging whether the new executable file to be downloaded includes described to be updated hold
Style of writing part is, for the second memory block of the new executable file application nonvolatile storage to be downloaded, to give on described
Position machine is return success, and is otherwise downloaded other executable files and is returned to downloading result information to the host computer;
Tenth judging submodule, for judging whether the new executable file to be downloaded includes to be updated hold
Style of writing part is then to return to error message to host computer, otherwise downloads other executable files and returns to downloading result to host computer
Information;
Judging submodule is saved, for dividing multiple APDU host computer when second receiving module receives download command
It instructs the downloading file data blocks sent parsing composition executable file and is saved in the second memory block of nonvolatile storage
In, judge whether downloading process normally completes, be, triggers judgement recycling submodule, otherwise return to error message to host computer;
Submodule is recycled in the judgement, for judge current download package mark code whether be the mark code of new executable file simultaneously
Judge whether hot more new session has been started up, if judgement is to be, judgement addition submodule is triggered, otherwise by non-volatile memory
The information of second memory block of device is recycled, and returns to error message to host computer;
Submodule is added in the judgement, judges whether the mode of recovery process is to restore automatically for card, be then it is described can
Execute in system registry one correspondence of record and the registry information of new executable file and by new executable file
It saves address to be added in the registry information, triggers the installation recovery module, otherwise returned successfully to the host computer
Information.
42. device according to claim 24, which is characterized in that the installation recovery module includes:
Third receiving submodule restores executable file order for receiving heat and updating;
First check submodule, for when the third receiving submodule receive heat update restore executable file order when,
Whether the preparation process before checking recovery process is completed, and is then to trigger the 11st judging submodule, otherwise gives host computer to return wrong
False information;
11st judging submodule is that then triggering second checks submodule for judging whether heat update recovery operation is legal
Otherwise block returns to error message to host computer;
Described second checks submodule, for checking whether generation power down, power down does not such as occur or card reinstalls new opplication
Process occurs power down and then triggers installation judging submodule, and installation is triggered if power down occurs using backed up in synchronization data procedures and is restored
Submodule triggers the first calling submodule if power down occurs using merging data process;
The installation judging submodule, for passing sequentially through the new executable file according to the text of backup according to downloading order
Part registry information and each application registry information of backup reinstall each application, and judge whether to be mounted to
Function is to trigger installation to restore submodule, otherwise returns to error message to host computer;
The installation restores submodule, for calling the backup function in the application each reinstalled in order by security domain
The user information of the respective application of backup is restored in the respective application reinstalled;
12nd judging submodule is that then submodule is called in triggering first for judging whether all applications successfully restore, no
It then triggers calling and returns to submodule;
The calling returns to submodule, for calling garbage reclamation function to clear up all temporary variables and data cached, to upper
Machine returns to error message;
Described first calls submodule, for calling the pooled function for the application each reinstalled in order by security domain;
13rd judging submodule, the pooled function for judging whether successfully to call all applications reinstalled, is to give
The host computer is return success, and is otherwise triggered first and is deleted submodule;
Described first deletes submodule, for deleting the application reinstalled and corresponding new executable file.
43. device according to claim 42, which is characterized in that described first checks that submodule is specifically used for when described the
Three receiving submodules receive heat and update when restoring executable file order, judge whether backup procedure is completed and new executable
Whether file downloads completion, triggers the 11st judging submodule if judgement is to be, otherwise returns to error message to host computer.
44. device according to claim 42, which is characterized in that it is new that the 11st judging submodule is specifically used for judgement
Executable file version number it is whether higher than the version number of executable file to be updated and judge executable text to be updated
It whether include static dependencies in part, triggering second checks submodule if judgement is to be, otherwise returns to mistake to host computer
Information.
45. device according to claim 24, which is characterized in that further include abandoning module, for have exception throws and
After returning to error message to host computer, when first receiving module receives the order that the host computer sends again into
Row abandons hot more new session operation.
46. device according to claim 45, which is characterized in that the module of abandoning includes:
14th judging submodule preserves executable file to be updated for judging whether, is to trigger recovery submodule,
Otherwise triggering downloading submodule;
The downloading submodule, for downloading executable file to be updated, when receiving recovery order and on having restored
It is triggered after primary new executable file and restores submodule;
The recovery submodule, for belonging to executable file to be updated according to the executable file recovery to be updated
All user informations of all application registry information and backup execute step E4;
Backup submodule is recycled, for recycling to Useless object, clears up the information backed up in hot renewal process, and give
The host computer is return success.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811631072.0A CN109819018B (en) | 2018-12-29 | 2018-12-29 | Method and device for realizing hot updating of executable file of smart card |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811631072.0A CN109819018B (en) | 2018-12-29 | 2018-12-29 | Method and device for realizing hot updating of executable file of smart card |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109819018A true CN109819018A (en) | 2019-05-28 |
CN109819018B CN109819018B (en) | 2021-06-08 |
Family
ID=66602767
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811631072.0A Active CN109819018B (en) | 2018-12-29 | 2018-12-29 | Method and device for realizing hot updating of executable file of smart card |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109819018B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110688125A (en) * | 2019-08-28 | 2020-01-14 | 北京浪潮数据技术有限公司 | Deployment method and system of big data platform |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103019892A (en) * | 2012-12-29 | 2013-04-03 | 盛耀无线通讯科技(北京)有限公司 | NV data backup and recovery method based on high-pass platform |
CN105302666A (en) * | 2015-10-13 | 2016-02-03 | 东信和平科技股份有限公司 | JAVA CARD based backup and recovery method for data in application |
CN105677513A (en) * | 2016-01-04 | 2016-06-15 | 北京小米移动软件有限公司 | Method and device for restoring backup data |
CN105893084A (en) * | 2016-03-29 | 2016-08-24 | 青岛海信移动通信技术股份有限公司 | Version upgrading method and terminal equipment |
CN107678886A (en) * | 2017-10-09 | 2018-02-09 | 飞天诚信科技股份有限公司 | A kind of method and terminal device for preserving, recovering application data |
US20180089031A1 (en) * | 2014-08-06 | 2018-03-29 | Commvault Systems, Inc. | Application recovery in an information management system based on a pseudo-storage-device driver |
-
2018
- 2018-12-29 CN CN201811631072.0A patent/CN109819018B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103019892A (en) * | 2012-12-29 | 2013-04-03 | 盛耀无线通讯科技(北京)有限公司 | NV data backup and recovery method based on high-pass platform |
US20180089031A1 (en) * | 2014-08-06 | 2018-03-29 | Commvault Systems, Inc. | Application recovery in an information management system based on a pseudo-storage-device driver |
CN105302666A (en) * | 2015-10-13 | 2016-02-03 | 东信和平科技股份有限公司 | JAVA CARD based backup and recovery method for data in application |
CN105677513A (en) * | 2016-01-04 | 2016-06-15 | 北京小米移动软件有限公司 | Method and device for restoring backup data |
CN105893084A (en) * | 2016-03-29 | 2016-08-24 | 青岛海信移动通信技术股份有限公司 | Version upgrading method and terminal equipment |
CN107678886A (en) * | 2017-10-09 | 2018-02-09 | 飞天诚信科技股份有限公司 | A kind of method and terminal device for preserving, recovering application data |
Non-Patent Citations (1)
Title |
---|
闫海忠: "一种深度备份应用程序和数据的方法", 《电脑编程技巧与维护》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110688125A (en) * | 2019-08-28 | 2020-01-14 | 北京浪潮数据技术有限公司 | Deployment method and system of big data platform |
Also Published As
Publication number | Publication date |
---|---|
CN109819018B (en) | 2021-06-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2010353673B2 (en) | Managing method, device and terminal for application program | |
CN101854392B (en) | Personal data management method based on cloud computing environment | |
CN107783776B (en) | Processing method and device of firmware upgrade package and electronic equipment | |
CN102236764B (en) | Method and monitoring system for Android system to defend against desktop information attack | |
CN104662552A (en) | Secure disk access control | |
CN106937274A (en) | A kind of Profile changing methods and device based on EUICC | |
CN103106372A (en) | Lightweight class privacy data encryption method and system for Android system | |
CN1954297A (en) | Isolated multiplexed multi-dimensional processing in a virtual processing space having virus, spyware, and hacker protection features | |
JPH05334253A (en) | Method for utilizing information processing workstation with password and information processing workstation utilizing the method | |
CN107111717A (en) | Safe boot policy on upgrading virtual machine | |
CN101815292B (en) | Device and method for protecting data of mobile terminal | |
CN106681865B (en) | Service recovery method and device | |
CN101008895A (en) | Software update system and method of computer enclosed operation system | |
CN107943501A (en) | Embedded device upgrade method, device, computer equipment and storage medium | |
CN109120584B (en) | Terminal security protection method and system based on UEFI and WinPE | |
CN105867962A (en) | System upgrading method and device | |
CN110955901A (en) | Storage method and server for virtual machine image file of cloud computing platform | |
CN113961226B (en) | Software development kit repairing method, terminal, server and equipment | |
CN109819018A (en) | A kind of hot update method that realizing smart card executable file and device | |
CN105302666A (en) | JAVA CARD based backup and recovery method for data in application | |
CN113342425A (en) | Starting method, device and storage medium of Linux embedded system | |
JP2004252707A (en) | Memory device | |
CN103646205B (en) | A kind of method controlling operation of encryption lock | |
CN106844005A (en) | Based on data reconstruction method and system under virtualized environment | |
CN104346299A (en) | Updating control method and device of mobile terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |