CN109819018A - A kind of hot update method that realizing smart card executable file and device - Google Patents

A kind of hot update method that realizing smart card executable file and device Download PDF

Info

Publication number
CN109819018A
CN109819018A CN201811631072.0A CN201811631072A CN109819018A CN 109819018 A CN109819018 A CN 109819018A CN 201811631072 A CN201811631072 A CN 201811631072A CN 109819018 A CN109819018 A CN 109819018A
Authority
CN
China
Prior art keywords
executable file
card
application
submodule
host computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811631072.0A
Other languages
Chinese (zh)
Other versions
CN109819018B (en
Inventor
陆舟
于华章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Feitian Technologies Co Ltd
Original Assignee
Feitian Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Feitian Technologies Co Ltd filed Critical Feitian Technologies Co Ltd
Priority to CN201811631072.0A priority Critical patent/CN109819018B/en
Publication of CN109819018A publication Critical patent/CN109819018A/en
Application granted granted Critical
Publication of CN109819018B publication Critical patent/CN109819018B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Abstract

The present invention discloses a kind of hot update method for realizing smart card executable file and device, this method comprises: obtaining executable file to be updated when card receives the starting heat more newer command of host computer transmission;By the system registry information in registration table corresponding to executable file to be updated, all application registry information for belonging in executable file to be updated in registration table, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;It downloads new executable file and application is reinstalled according to the system registry information of backup and all application registry information of backup by new executable file, and the backup function in the application reinstalled is called the user information in the respective application of backup to be restored in the application reinstalled.The present invention can update executable file and application to be updated, and retain using the pervious data of person, user-friendly, raising user experience.

Description

A kind of hot update method that realizing smart card executable file and device
Technical field
The present invention relates to electronics field more particularly to a kind of hot update method for realizing smart card executable file and Device.
Background technique
In the prior art, executable file refers to be carried out the file of load and execution by operating system.It is executable There is application module in file, application module is instantiated as one or more application, applies for one and correspond to one in registration table Application registry information, an executable file correspond to a file registry information in registration table.Using operating in intelligence On energy card operation system, such as windows can run application.
Existing all electronic equipments (such as laptop, handheld device) all allow to carry out software upgrade process.It is soft There are many reason of part upgrades, such as repair mistake, increase new function etc..As more and more multi-application smart card systems are set Standby is universal, and smart card needs to customize distinctive software upgrading mechanism.Relative to privately owned software, traditional smart card system software The function that can delete and update application is had been realized in, but will be deleted the pervious data of user in escalation process, influences to use Family uses.
Summary of the invention
The purpose of the invention is to overcome the deficiencies of the prior art and provide a kind of heat for realizing smart card executable file Update method and device.
The present invention provides a kind of hot update methods for realizing smart card executable file, comprising:
Step S1: when card receives the starting heat more newer command of host computer transmission, life is updated according to the starting heat File identification in order searches executable file in registration table and saves address, saves address non-volatile according to executable file Executable file to be updated is obtained in second memory block of memory;
Step S2: the card registers the file corresponding to the executable file to be updated in the registration table All application registry information belonged in executable file to be updated in table information, the registration table, all applications refer to The user information backed up is needed to backup to the first memory block of nonvolatile storage calmly, by the system registry information, described What the specified needs of all application registry information belonged in executable file to be updated, all applications in registration table backed up User information is deleted;
Step S3: the card downloads new executable file and is saved into the second of the nonvolatile storage and deposits Storage area, in the executable file registration table record one correspond to new executable file registry information and will be new The preservation address of executable file is added in the registry information;
Step S4: the card is by the new executable file according to the system registry information and backup of backup All application registry information reinstall application, and call backup function accordingly the answering backup in the application reinstalled User information in is restored in the application reinstalled;
Step S5: the card calls garbage reclamation function to the first memory block for being stored in the nonvolatile storage Information is recycled.
Further, the card registers the file for corresponding to the executable file to be updated in the registration table All application registry information belonged in the executable file to be updated in table information, the registration table, Suo Youying The user information backed up is needed to backup to after the first memory block of nonvolatile storage with specified further include: by the acquisition Executable file to be updated is deleted.
Further, the application registry information has a plurality of, includes by first application registration before the step S4 Table information is as current application registry information;
The step S4 replacement are as follows: the card is believed by the new executable file according to the system registry of backup Breath and the current application registry information of backup reinstall corresponding application, and call the backup function handle in corresponding application User information in the corresponding application of backup is restored in corresponding application;
Then include: that the card judges whether all applications are successfully recovered between step S4 and step S5, is to execute Step S5, otherwise using next application registry information as current application registry information, return step S4.
Further, before the step S1 further include: the card establishes the exit passageway between host computer.
Further, the card establishes the exit passageway between host computer specifically:
Step A1: the card receives the host-random-number that the host computer is sent;
Step A2: the card generates the first session key and card random number, saves the card random number, pre- according to second Algorithm is set the host-random-number and the card random number are encrypted using first session key to obtain card certification The card authentication code is simultaneously returned to the host computer by code;
Step A3: when the card receives the host machine authentication code that the host computer is sent, described in the card use First session key decrypts the host machine authentication code, judge to decrypt card random number that the host machine authentication code obtains whether with preservation Card random number it is identical, be that the exit passageway between host computer is successfully established, otherwise give host computer return error message.
Further, the card in the step A2 generates the first session key, comprising: the card is according to first Preset algorithm encrypts derived data using preset basic key to obtain the first session key;
The card authentication code is returned into the host computer in the step A2, including;By the derived data Variable data and card authentication code return to host computer.
It further, include: when the card receives the foundation safety that the host computer is sent before the step A1 When channel command, the outer entity of card is authenticated using the exit passageway agreement of support, such as authenticates and successfully thens follow the steps A1, such as Authentification failure then returns to error message to host computer.
Further, the user information that the specified needs of all applications back up is backuped into non-volatile memory in the step S2 First memory block of device includes: the card according to the corresponding application of executable file acquisition to be updated, each application The respective user information backed up is needed to calculate the taken up space total size of initial data in backup information and standard according to described Object number passes through the space size of nonvolatile storage described in application programming interface announcement card application, the card Save the management object that the first memory block of the nonvolatile storage is returned to by the application programming interface;The card Piece will correspond in specified the first memory block for needing the user information backed up to backup to the nonvolatile storage of each application In the management object of each application.
Further, the step S2 includes:
Step B1: the card judges whether hot more new session has been started up, and is then to return to error message to host computer, no Then follow the steps B2;
Step B2: the card judges whether backup operation is legal, is to then follow the steps B3, otherwise returns to host computer wrong False information;
Step B3: the card judges whether to have downloaded and saved new executable file, is to then follow the steps B4, no Then follow the steps B6;
Step B4: whether the new executable file saved has been downloaded in card judgement effective, is to execute Otherwise step B5 returns to error message to host computer;
Step B5: the card judges whether the corresponding application of the new executable file has created, and is then to upper Machine returns to error message, no to then follow the steps B6;
Step B6: the card judges power down type according to power-fail interrupt mark, and power down or Backup Data mistake does not occur such as Cheng Fasheng power down thens follow the steps B7, and cleaning data procedures are sequentially executed if power down occurs for cleaning data procedures, execute deletion Data procedures execute deletion data procedures if deleting data procedures and power down occurs;
Step B7: the card sequence executes Backup Data process, executes cleaning data procedures, executes and delete data mistake Journey;
During the execution Backup Data card by corresponding in the registration table it is described it is to be updated can Execute the system registry information of file, all applications registration belonged in executable file to be updated in the registration table Table information, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;
In execution cleaning data procedures and execute the system registry information, Suo Youying in deletion data procedures It is deleted with registry information, the specified user information for needing to back up of all applications.
Further, the step B2 includes: the version for the executable file to be updated that the card judgement obtains Minimal version number, judgement needed for this number executable file version to be updated whether being less than in the hot more newer command of the starting Whether the executable file to be updated obtained is not present static dependencies, judgement belongs to the described to be updated of acquisition and holds Compose a piece of writing part each application whether not in any logical channel by real-time selection, being such as judgement is to then follow the steps Otherwise B3 returns to error message to host computer.
Further, the step B4 includes: the pass of new executable file that card judgement has been downloaded and saved Connection security domain is associated with whether security domain is consistent and judgement has been downloaded and saved with the executable file to be updated of acquisition The application module smallest subset of new executable file whether include application all in the executable file to be updated Module, being such as judgement is to then follow the steps B5, otherwise returns to error message to host computer.
Further, the card execution Backup Data process includes:
Step T1: whether the card checking Backup Data process occurs power down, is to then follow the steps T2, otherwise executes step Rapid T3;
Step T2: the card recycles the user information that Backup Data power-fail interrupt occurs, and executes step T3;
Step T3: the card is called each application for belonging to the executable file to be updated by preset sequence Function is saved to save the user information for needing to back up, and saves belonging in the system registry information and the registration table All application registry information in executable file to be updated execute step T4;
Step T4: the card judges whether Backup Data process has exception throws, is, deletes the user's letter backed up Breath, system registry information and application registry information, return to error message to host computer, otherwise execute cleaning data procedures.
Further, the step T2 is specifically included:
Step Y1: the card searches the management object for saving user information according to the file identification;
Step Y2: the card recycles the management object found.
Further, the step Y2 is specifically included: the card empties the management object found, calls virtual machine Complete garbage reclamation function.
Further, the step Y2 is specifically included: being traversed the subdomain object under the management object found, will be found Management object and the management object that finds under subdomain object recycled.
Further, the execution cleaning data procedures include:
Step P1: whether the card checking scale removal process occurs power down, is to then follow the steps P2, no to then follow the steps P3;
Step P2: the card restarts the application of cleaning data outage to call cleaning function, executes step P3;
Step P3: the card belongs to the every of the executable file to be updated using typographical sequences calling by preset The cleaning function of a application come promote application deletion, execute step P4;
Step P4: the card judges whether there is exception throws in scale removal process, is to delete current executable file pair The user information backed up, system registry information and the application registry information answered return to error message to host computer, otherwise It executes and deletes data procedures.
Further, the execution deletion data procedures include:
Step W1: the card deletes the system registry information for corresponding to the executable file to be updated, application Registry information, user information;
Step W2: whether the card, which judges to update option to be set as retaining executable file to be updated, does not delete, It is to then follow the steps W3, otherwise deletes the executable file to be updated, executes step W3;
Step W3: the card judges whether deletion process has exception throws, is, it is corresponding to delete current executable file Backup information, the application of the executable file to be updated will be belonged to according to the cleaning function for executing cleaning data procedures Become unknown state, returns to error message to host computer, it is no to then follow the steps W4;
Step W4: the executable file version that the card waits for downloads new, and return success to host computer.
Further, the step S3 includes:
Step C1: the instruction that the host computer to be received such as described card issues executes step when receiving and preparing installation order Rapid C2 executes step C5 when receiving download command;
Step C2: the card judges whether to get out download new executable file, is to then follow the steps C3, otherwise holds Row step C4;
Step C3: whether the new executable file to be downloaded of card judgement includes the executable text to be updated Part is, for the second memory block of the new executable file application nonvolatile storage to be downloaded, to give the host computer It returns success, otherwise download other executable files and returns to downloading result information to the host computer;
Step C4: whether the new executable file to be downloaded described in the card judgement includes executable text to be updated Part is then to return to error message to host computer, otherwise downloads other executable files and returns to downloading result information to host computer;
Step C5: the downloading file data blocks parsing composition that the card sends the multiple APDU instructions of host computer point can It executes file and is saved in the second memory block of nonvolatile storage, judge whether downloading process normally completes, be, execute Otherwise step C6 returns to error message to host computer;
Step C6: the card judge current download package mark code whether be new executable file mark code and judgement Whether hot more new session has been started up, and being such as judgement is to then follow the steps C7, otherwise by the second storage of nonvolatile storage The information in area is recycled, and returns to error message to host computer;
Step C7: the card judges whether the mode of recovery process is to restore automatically, is then in the executable file The registry information an of correspondence and new executable file and the preservation address by new executable file are recorded in registration table It is added in the registry information, executes step S4, is otherwise return success to the host computer.
Further, the step S4 includes:
Step D0: the standard when the card, which receives heat, updates recovery executable file order, before checking recovery process Whether standby process is completed, and is to then follow the steps D1, otherwise returns to error message to host computer;
Step D1: the card judges whether heat update recovery operation is legal, is to then follow the steps D2, otherwise gives host computer Return to error message;
Step D2: whether the card checking occurs power down, and power down does not such as occur or card reinstalls new opplication process Power down occurs and thens follow the steps D3, power down such as occurs using backed up in synchronization data procedures and thens follow the steps D4, such as application merges number Power down occurs according to process and thens follow the steps D7;
Step D3: the card passes sequentially through the new executable file according to downloading order and infuses according to the file of backup Volume table information and each application registry information of backup reinstall each application, and judge whether to install successfully, are D4 is thened follow the steps, otherwise returns to error message to host computer;
Step D4: the card calls the backup function in the application each reinstalled will be standby in order by security domain The user information of the respective application of part is restored in the respective application reinstalled;
Step D5: the card judges whether all applications successfully restore, and is to then follow the steps D7, no to then follow the steps D6;
Step D6: the card calls garbage reclamation function to clear up all temporary variables and data cached, returns to host computer Return error message;
Step D7: the card calls the pooled function for the application each reinstalled by security domain in order;
Step D8: the card judges whether the pooled function for successfully calling all applications reinstalled, and is then to institute Host computer is stated to return success, it is no to then follow the steps D9;
Step D9: the card deletes the application reinstalled and corresponding new executable file.
Further, described to check whether the preparation process before recovery process is completed to include: to judge whether backup procedure is complete At and new executable file whether download completion, be that the preparation process before recovery process is completed, otherwise before recovery process Preparation process do not complete.
Further, the step D1 includes: whether the card judges the version number of new executable file than to more Whether the version number of new executable file is high and judge in executable file to be updated to include static dependencies, such as judges equal To be to then follow the steps D2, error message otherwise is returned to host computer.
Further, the step S2 to have exception throws between the step S4 and the card give host computer return After error message, carry out abandoning hot more new session behaviour when the card receives the order of the host computer transmission again Make.
Further, described abandon hot more new session operation and include:
Step E1: the card judges whether to preserve executable file to be updated, is to then follow the steps E3, otherwise holds Row step E2;
Step E2: the card downloads executable file to be updated, when receiving recovery order and on having restored Step E3 is executed after primary new executable file;
Step E3: the card belongs to executable file to be updated according to the executable file recovery to be updated All user informations of all application registry information and backup execute step E4;
Step E4: the card recycles Useless object, clears up the information backed up in hot renewal process, and give The host computer is return success.
Invention further provides a kind of hot updating devices for realizing smart card executable file, comprising:
First receiving module, for receiving the starting heat more newer command of host computer transmission;
First obtains module, the files-designated in the hot more newer command of the starting for being received according to first receiving module Know and search executable file preservation address in registration table, address is saved the second of nonvolatile storage according to executable file Executable file to be updated is obtained in memory block;
Backup removing module, for infusing the file corresponding to the executable file to be updated in the registration table Volume table information, all application registry information belonged in executable file to be updated in the registration table, all applications Specified the first memory block for needing the user information backed up to backup to nonvolatile storage;By the system registry information, institute State all application registry information belonged in executable file to be updated in registration table, all applications specify and need to back up User information delete;
Preserving module is downloaded, for downloading new executable file and being saved into the second of the nonvolatile storage Memory block, records the registry information of a correspondence and new executable file and will be new in the executable file registration table The preservation address of executable file be added in the registry information;
Install recovery module, for by the new executable file according to the system registry information of backup and backup All application registry information reinstall application, and call the backup function in the application reinstalled the corresponding of backup User information in is restored in the application reinstalled;
First recycling module, for calling garbage reclamation function pair after the installation recovery module successfully installs recovery The information for being stored in the first memory block of the nonvolatile storage is recycled.
Further, described device further includes the second removing module, in first backup module backup completion The executable file to be updated that module obtains is obtained by described first afterwards to delete.
Further, the application registry information has a plurality of, and described device further includes that the first conduct module and first is sentenced Disconnected module;
Described first is used as module, for using first application registry information as current application registry information;
The installation recovery module is specifically used for believing by the new executable file according to the system registry of backup Breath and the current application registry information of backup reinstall corresponding application, and call the backup function handle in corresponding application User information in the corresponding application of backup is restored in corresponding application;
The first judgment module is to trigger first recycling for judging whether all applications are successfully recovered Module triggers the installation recovery module otherwise using next application registry information as current application registry information.
Further, described device further include: channel module is established, it is logical for establishing the safety between card and host computer Road;
First receiving module is specifically used for waiting and receiving in described establish after channel module is successfully established exit passageway The starting heat more newer command that host computer is sent.
Further, the channel module of establishing includes:
First receiving submodule, the host-random-number and host machine authentication code sent for receiving the host computer;
First generates submodule, for generating the first session key and card random number;
First saves submodule, the card random number received for saving first receiving submodule;
First encryption submodule, for being received using first session key to described first according to the second Predistribution Algorithm The card random number of host-random-number and generation that module receives is encrypted to obtain card authentication code;
First sending submodule, the card authentication code for obtaining the generation encryption submodule return to described upper Machine;
Judging submodule is encrypted, for using described first to generate the first session key decryption described that submodule generates The host machine authentication code that one receiving submodule receives, judge to decrypt card random number that the host machine authentication code obtains whether with it is described The card random number that first preservation submodule saves is identical, is that the exit passageway between host computer is successfully established, otherwise to upper Position machine returns to error message.
Further, described first submodule is generated specifically for using preset basic key according to the first preset algorithm Derived data is encrypted to obtain the first session key;Generate card random number;
First sending submodule is specifically used for returning to the variable data of the derived data and card authentication code Host computer.
Further, described to establish channel module further include: authentication sub module receives the host computer transmission for working as When establishing exit passageway order, the outer entity of card is authenticated using the exit passageway agreement of support, is touched if authenticating successfully It sends out the first receiving submodule described, gives host computer to return to error message if authentification failure.
Further, the backup removing module is used to backup to the user information that the specified needs of all applications back up non- First memory block of volatile memory includes: to obtain corresponding application, each application according to the executable file to be updated The respective user information backed up is needed to calculate the taken up space total size of initial data in backup information and standard according to described Object number passes through the space size of nonvolatile storage described in application programming interface announcement card application, the card Save the management object that the first memory block of the nonvolatile storage is returned to by the application programming interface;It will be each It is backuped to using the user information that specified needs back up and corresponds to each application in the first memory block of the nonvolatile storage Management object in.
Further, the backup removing module includes:
Second judgment submodule is then to return to mistake letter to host computer for judging whether hot more new session has been started up Otherwise breath triggers third judging submodule;
The third judging submodule is then to trigger the 4th judging submodule for judging whether backup operation is legal, no Then error message is returned to host computer;
4th judging submodule has been downloaded and has been saved new executable file for judging whether, has been to trigger Otherwise 5th judging submodule triggers the 7th judging submodule;
5th judging submodule, it is whether effective for judging to have downloaded the new executable file saved, It is then to trigger the 6th judging submodule, otherwise host computer is given to return to error message;
6th judging submodule, for judge the new executable file it is corresponding application whether created, be Error message then is returned to host computer, otherwise triggers the 7th judging submodule;
For judging power down type according to power-fail interrupt mark power down or standby does not occur for the 7th judging submodule such as Part data procedures occur power down and then successively trigger Backup Data submodule, cleaning data submodule and delete data submodule, such as Clearing up data procedures generation power down, then successively triggering clears up data submodule and deletes data submodule, sends out as deleted data procedures Raw power down, which then triggers, deletes data submodule;
Backup Data submodule, for executing Backup Data process;
Data submodule is cleared up, for executing cleaning data procedures;
Data submodule is deleted, deletes data procedures for executing;
Backup Data submodule is for executing Backup Data process, comprising: for will correspond to institute in the registration table State the system registry information of executable file to be updated, belonging in executable file to be updated in the registration table All application registry information, specified the first storage for needing the user information backed up to backup to nonvolatile storage of all applications Area;
The cleaning data submodule is for executing cleaning data procedures, the deletion data submodule for executing deletion Data procedures, comprising: by the institute belonged in executable file to be updated in the system registry information, the registration table There is the specified user information for needing to back up of application registry information, all applications to delete.
Further, the third judging submodule is specifically used for the executable file to be updated that judgement obtains Minimal version number needed for whether version number is less than the executable file version to be updated started in hot more newer command is sentenced Whether the disconnected executable file to be updated obtained is not present static dependencies, judgement belong to acquisition it is described it is to be updated can Execute file each application whether not in any logical channel by real-time selection, trigger the 4th if judgement is to be Otherwise judging submodule returns to error message to host computer.
Further, the new executable file that the 5th judging submodule has been downloaded and saved specifically for judgement Association security domain is associated with whether security domain is consistent and judgement has been downloaded and protected with the executable file to be updated of acquisition Whether the application module smallest subset for the new executable file deposited includes all in the executable file to be updated answer With module, the 6th judging submodule is triggered if judgement is to be, otherwise returns to error message to host computer.
Further, the Backup Data submodule includes:
First inspection unit is to trigger the first recovery unit for checking whether Backup Data process occurs power down, no Then trigger the first storage unit;
First recovery unit, for being recycled to the user information that Backup Data power-fail interrupt occurs, triggering the One storage unit;
First storage unit, for belonging to each of the executable file to be updated by preset sequence calling The preservation function of application needs the user information that backs up to save, and saves in the system registry information and the registration table All application registry information belonged in executable file to be updated, trigger the first judging unit;
First judging unit is then deleted and has been backed up for judging whether Backup Data process has exception throws User information, system registry information and application registry information return to error message to host computer, otherwise trigger the cleaning Data submodule.
Further, first recovery unit includes:
First searches subelement, for searching the management object for saving user information according to the file identification;
First recycling subelement, the management object for finding to the first lookup subelement recycle.
Further, the management object that the first recycling subelement is specifically used for find empties, and calls virtual machine Complete garbage reclamation function.
Further, the first recycling subelement is specifically used for the subdomain object under the management object that traversal is found, Subdomain object under the management object found and the management object found is recycled.
Further, the cleaning data submodule includes:
Second inspection unit is to trigger the first call unit, otherwise touch for checking whether scale removal process occurs power down Send out the second call unit;
First call unit restarts to call cleaning function, triggering for the application to cleaning data outage Two call units;
Second call unit, for belonging to the executable text to be updated using typographical sequences calling by preset The cleaning function of each application of part come promote application deletion, trigger second judgment unit;
Second judgment unit is to delete current executable file for judging whether there is exception throws in scale removal process The corresponding user information backed up, system registry information and application registry information return to error message to host computer, no Then trigger the deletion data submodule.
Further, the deletion data submodule includes:
First deletes unit, for deleting the system registry information corresponding to the executable file to be updated, answering With registry information, user information;
Unit is deleted in judgement, is not deleted for judge whether update option is set as retaining executable file to be updated It removes, is, trigger third judging unit, otherwise delete the executable file to be updated, trigger third judging unit;
The third judging unit is then to delete current executable text for judging whether deletion process has exception throws The information of the corresponding backup of part will belong to the executable file to be updated according to the cleaning function for executing cleaning data procedures Application become unknown state, give host computer return error message, otherwise triggering wait return unit;
The waiting return unit, the executable file version for waiting for downloads new, and return to host computer and successfully believe Breath.
Further, the downloading preserving module includes:
Second receiving submodule, for receiving the preparation installation order and download command that host computer issues;
8th judging submodule, for judging whether standard when second receiving module receives preparation installation order It gets ready and downloads new executable file, be then to trigger the 9th judging submodule, otherwise trigger the tenth judging submodule;
9th judging submodule, for judging whether the new executable file to be downloaded includes described to be updated Executable file is, for the second memory block of the new executable file application nonvolatile storage to be downloaded, to give institute It states host computer to return success, otherwise download other executable files and returns to downloading result information to the host computer;
Tenth judging submodule, for judging whether the new executable file to be downloaded includes to be updated Executable file is then to return to error message to host computer, otherwise downloads other executable files and return to host computer and download Result information;
Judging submodule is saved, for host computer being divided multiple when second receiving module receives download command The downloading file data blocks parsing that APDU instruction is sent, which forms executable file and is saved in the second of nonvolatile storage, deposits In storage area, judge whether downloading process normally completes, be, triggers judgement recycling submodule, otherwise return to mistake letter to host computer Breath;
Submodule is recycled in the judgement, for judge current download package mark code whether be new executable file mark Code simultaneously judges whether hot more new session has been started up, and if judgement is to be, triggers judgement addition submodule, otherwise will be non-volatile The information of second memory block of memory is recycled, and returns to error message to host computer;
Submodule is added in the judgement, judges whether the mode of recovery process is to restore automatically, is then in institute for card State the registry information that correspondence and new executable file are recorded in executable file registration table and by new executable text The preservation address of part is added in the registry information, triggers the installation recovery module, otherwise returns to the host computer Successful information.
Further, the installation recovery module includes:
Third receiving submodule restores executable file order for receiving heat and updating;
First checks submodule, for restoring executable file order when the third receiving submodule receives heat and updates When, whether the preparation process before checking recovery process is completed, and is then to trigger the 11st judging submodule, otherwise host computer is given to return Error message;
11st judging submodule is that then triggering second checks for judging whether heat update recovery operation is legal Otherwise submodule returns to error message to host computer;
Described second checks submodule, for checking whether generation power down, power down does not such as occur or card is reinstalled newly Application process occurs power down and then triggers installation judging submodule, triggers installation if power down occurs using backed up in synchronization data procedures Restore submodule, triggers the first calling submodule if power down occurs using merging data process;
The installation judging submodule, for passing sequentially through the new executable file according to backup according to downloading order System registry information and each application registry information of backup reinstall each application, and judge whether to install Success is to trigger installation to restore submodule, otherwise returns to error message to host computer;
The installation restores submodule, for calling the backup in the application each reinstalled in order by security domain The user information of the respective application of backup is restored in the respective application reinstalled by function;
12nd judging submodule is that then submodule is called in triggering first for judging whether all applications successfully restore Block, otherwise triggering, which is called, returns to submodule;
The calling returns to submodule, for calling garbage reclamation function to clear up all temporary variables and data cached, gives Host computer returns to error message;
Described first calls submodule, for calling the merging letter for the application each reinstalled in order by security domain Number;
13rd judging submodule, the pooled function for judging whether successfully to call all applications reinstalled are It is then return success to the host computer, otherwise triggers first and delete submodule;
Described first deletes submodule, for deleting the application reinstalled and corresponding new executable file.
Further, it is described first inspection submodule be specifically used for when the third receiving submodule receive heat update it is extensive When multiple executable file order, judge whether backup procedure is completed and whether new executable file downloads completion, such as judges equal To be then to trigger the 11st judging submodule, error message otherwise is returned to host computer.
Further, the 11st judging submodule is specifically used for judging whether the version number of new executable file compares Whether the version number of executable file to be updated is high and judge in executable file to be updated to include static dependencies, such as sentences It is disconnected be that then triggering second checks submodule, otherwise host computer is given to return to error message.
Further, described device further includes abandoning module, for having exception throws and returning to mistake letter to host computer After breath, carry out abandoning hot more new session behaviour when first receiving module receives the order of the host computer transmission again Make.
Further, the module of abandoning includes:
14th judging submodule preserves executable file to be updated for judging whether, is to trigger recovery Module, otherwise submodule is downloaded in triggering;
The downloading submodule when receiving recovery order and is restoring for downloading executable file to be updated It is triggered after last new executable file and restores submodule;
The recovery submodule, for belonging to executable text to be updated according to the executable file recovery to be updated All application registry information of part and all user informations of backup execute step E4;
Backup submodule is recycled, for being recycled to Useless object, the information that cleaning is backed up in hot renewal process, And it is return success to the host computer.
Compared with prior art, the present invention having the advantage that
Technical solution of the present invention can not only update executable file and application to be updated, but also can also retain using making The pervious data of user, it is user-friendly, improve user experience.
Detailed description of the invention
Fig. 1 is a kind of hot update method flow chart for realizing smart card executable file that the embodiment of the present invention one provides;
Fig. 2 is a kind of hot update method flow chart for realizing smart card executable file provided by Embodiment 2 of the present invention;
Fig. 3 is a kind of realization process flow diagram flow chart of step 101 of the embodiment of the present invention;
Fig. 4 is a kind of realization process flow diagram flow chart of step 102 of the embodiment of the present invention;
Fig. 5 is a kind of realization process flow diagram flow chart of step 103 of the embodiment of the present invention;
Fig. 6 is a kind of realization process flow diagram flow chart of step 104 of the embodiment of the present invention;
Fig. 7 is a kind of realization process flow diagram flow chart for abandoning hot more new session of the embodiment of the present invention;
Fig. 8 is a kind of hot updating device block diagram for realizing smart card executable file that the embodiment of the present invention three provides.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, those skilled in the art's every other implementation obtained without making creative work Example, shall fall within the protection scope of the present invention.
Heat in the present embodiment, which updates, refers to that (fresh code needs to be compatible with old generation by the new code of downloading installation when update Code), and in application to be updated before user information can preserve not and influence user's use habit, and when updating application It will not influence the use of other application.New executable file in this renewal process just become during next update to The executable file of update.
Embodiment one
The embodiment of the present invention one provides a kind of hot update method for realizing smart card executable file, as shown in Figure 1, packet It includes:
Step S1: when card receives the starting heat more newer command of host computer transmission, according in the hot more newer command of starting File identification searched in registration table executable file save address, according to executable file save address in non-volatile memory Executable file to be updated is obtained in second memory block of device;
In the present embodiment, there is one or more application module in executable file, an application module can be instantiated as One application or the application of multiple and different file identifications apply for one and correspond to an application registry information in registration table, One executable file corresponds to a file registry information in registration table;One application turns to a use by individual Family, i.e., the corresponding user information of one application;
Optionally, in the present embodiment, before step S1 further include: card establishes the exit passageway between host computer; Specifically:
Step P1: card receives the host-random-number that host computer is sent;
Specifically, including: in the present embodiment, before step P1 when the foundation sent on card using host computer is received When exit passageway order, the outer entity of card is authenticated using the exit passageway agreement of support, card is established if authenticating successfully Exit passageway between host computer returns to error message to host computer if authentification failure, terminates;
Step P2: card generates the first session key and card random number, and conserving card random number makes according to the second Predistribution Algorithm Host-random-number and card random number are encrypted to obtain card authentication code with the first session key and returned to card authentication code To host computer;
Optionally, in the present embodiment, card generates the first session key, comprising: card makes according to the first preset algorithm Derived data is encrypted with preset basic key to obtain the first session key;Card authentication code is returned into host computer, Including;The variable data of derived data is returned into host computer together with card authentication code;
Step P3: when card receives the host machine authentication code of host computer transmission, card is decrypted using the first session key Host machine authentication code, judge to decrypt the obtained card random number of host machine authentication code it is whether identical as the card random number of preservation, be then with it is upper Exit passageway between the machine of position is successfully established, and otherwise returns to error message to host computer;
Step S2: card is by the system registry information in registration table corresponding to executable file to be updated, registration The specified user for needing to back up of all application registry information belonged in executable file to be updated, all applications in table Information back-up is to the first memory block of NVM (Non-volatile memory, nonvolatile storage);By system registry information, What the specified needs of all application registry information belonged in executable file to be updated, all applications in registration table backed up User information is deleted;
In the present embodiment, before step S2 further include: card saves corresponding by the executable file to be updated The application of creation, and delete this application in the registration table of executable file to be updated, using backup user as needed Information calculates initial data in backup information and takes up space total size and standard object number, and then by API, (application program is compiled Journey interface) announcement card application NVM space size, card save the API return NVM the first memory block management pair As card is by creation using the first memory block for needing the user information backed up to backup to nonvolatile storage in step s 2 In correspond to each application management object in;When executable file to be updated corresponds to multiple in application, each application is corresponding In a management object;In step s 2 card by the registry information of executable file to be updated, can by be updated The registry information for executing the application of the corresponding creation of file backups in the first memory block of nonvolatile storage;
Specifically, in the present embodiment, the card of step S2 will correspond to executable file to be updated in registration table All application registry information belonged in executable file to be updated in system registry information, registration table, Suo Youying Need the user information that backs up to backup to after the first memory block of nonvolatile storage with specified further include: will acquire to more New executable file is deleted;
Step S3: card downloads new executable file and is saved into the second memory block of nonvolatile storage, One is recorded in executable file registration table corresponds to the registry information of new executable file and by new executable file Preservation address be added in registry information;
Step S4: card is by new executable file according to the system registry information of backup and all applications of backup Registry information reinstalls application, and calls the backup function in the application reinstalled the use in the respective application of backup Family Information recovering is into the application reinstalled;
Optionally, as in the present embodiment, all application modules in executable file to be updated are instantiated as multiple answer With step S4 includes by first application as current application before;
Step S4 replacement are as follows: card is by new executable file according to the system registry information of backup and working as backup The application registry information of preceding application reinstalls application, and calls the backup function of current application in the current application of backup User information be restored in current application;
Then include: that card judges whether all applications are successfully recovered between step S4 and step S5, is to then follow the steps S5, otherwise using next application as current application, return step S4;
Step S5: card calls garbage reclamation function to carry out the information for the first memory block for being stored in nonvolatile storage Recycling.
In the present embodiment, the executable file to be updated of acquisition can be deleted and can not be deleted, and be needed if deleting in card Piece is held affiliated to be updated in the system registry information for corresponding to executable file to be updated in registration table, registration table The user information that all application registry information of part, the specified needs of all applications back up of composing a piece of writing backups to nonvolatile storage It is carried out after first memory block.
In the present embodiment, as power down occurs upon step s 2, then card by the system registry information backed up in S2, What the specified needs of all application registry information belonged in executable file to be updated, all applications in registration table backed up User information reverts in former memory block, facilitates in hot renewal process next time and carries out backup operation.
Embodiment two
Second embodiment of the present invention provides a kind of hot update method for realizing smart card executable file, multi-application smart card systems System application heat update is by backing up old executable load document version (old ELF version) and its associated application, so It updates new executable load document version (new ELF version) again afterwards and restores old associated application to realize, such as Shown in Fig. 2, the present embodiment method includes:
Step 101: card establishes the exit passageway between host computer;
Specifically, in the present embodiment, the realization process of step 101 is as shown in Figure 3, comprising:
Step a1: when establishing exit passageway order of host computer transmission is received when applying on card, uses the peace of support Full tunnel agreement authenticates the outer entity of card, returns to entity authentication successful information to host computer if authenticating successfully, executes step Rapid A2 returns to error message to host computer if authentification failure;
Optionally, error message is returned to return to error message to host computer to host computer in the present embodiment, terminate:
For example, the exit passageway order of establishing in the present embodiment is 84 82 00 00 10 14 53 2A, 38 8B FC 39 D6 B6 E5 C0 D5 DF 69 1E 5;It is 69 82 to the error message that host computer returns;
Step a2: host computer generates and saves host-random-number, sends host-random-number to card;
Step a3: card receiving host random number generates the first session key and card random number, conserving card random number, root Host-random-number and card random number are encrypted to obtain card authentication code simultaneously using the first session key according to the second Predistribution Algorithm Card authentication code is returned into host computer;
Specifically, being encrypted using the first session key to host-random-number and card random number according to the second Predistribution Algorithm Before obtaining card authentication code further include: card generates the first session key, comprising: card uses pre- according to the first preset algorithm The basic key set encrypts derived data to obtain the first session key;
Correspondingly, card authentication code is returned into host computer, including;By the variable data of derived data and card authentication code Host computer is returned to together;
Step a4: host computer generates the second session key and decrypts card authentication code using the second session key, judges to solve Whether the host-random-number that close card authentication code obtains is identical as the host-random-number of preservation, is such as judged as YES and thens follow the steps a5;Otherwise error message is returned to host computer;
Step a5: the card that host computer obtains decryption card authentication code using the second session key according to the second Predistribution Algorithm Random number and host-random-number are encrypted to obtain host machine authentication code, and host machine authentication code is sent to card;
Step a6: when card receives the host machine authentication code of host computer transmission, host is decrypted using the first session key Authentication code, judge to decrypt the obtained card random number of host machine authentication code it is whether identical as the card random number of preservation, be then card with it is upper Exit passageway between the machine of position is successfully established, and otherwise returns to error message to host computer;
Specifically, host computer generates the second session key, comprising: host computer is generated according to the variable data received to be derived from Data encrypt derived data using preset basic key according to the first preset algorithm to obtain the second session key;
For example, the channel successful information of establishing that card is returned to host computer is 9000;
Step 102: when card receives the starting heat more newer command of host computer transmission, according in the hot more newer command of starting File identification searched in registration table executable file save address, according to executable file save address in non-volatile memory Executable file to be updated is obtained in second memory block of device, and backs up the relevant information of executable file to be updated, so The initial data of relevant information is deleted afterwards;
Specifically, having application module in executable file to be updated in the present embodiment, application module is instantiated as more A application applies for one and corresponds to an application registry information (application registry letter i.e. in the present embodiment in registration table Breath has a plurality of), an executable file corresponds to a file registry information in registration table, and an application corresponds to one User information;
In the present embodiment, the relevant information for backing up executable file to be updated includes: card by pair in registration table It should the institute belonged in executable file to be updated in the system registry information of executable file to be updated, registration table There is specified the first storage for needing the user information backed up to backup to nonvolatile storage of application registry information, all applications Area;The initial data for deleting relevant information includes: the system registry corresponding to executable file to be updated in registration table All application registry information belonged in executable file to be updated, all applications in information, registration table specify needs The user information of backup is deleted;
Preferably, by specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications It include: card according to the corresponding application of executable file acquisition to be updated, it is each to apply the respective use backed up as needed Family information calculates the taken up space total size of initial data in backup information and standard object number, is connect by application programming The space size of mouth announcement card application nonvolatile storage, smart card system is returned non-volatile by application programming interface The management object of first memory block of memory is to card;Card backups to the user information that the specified needs of each application back up Corresponding in the management object of each application in first memory block of nonvolatile storage;
In the present embodiment, as shown in figure 4, step 102 specifically includes:
Step B0: when card receives the starting heat more newer command of host computer transmission, according in the hot more newer command of starting File identification searched in registration table executable file save address, according to executable file save address in non-volatile memory Executable file to be updated is obtained in second memory block of device;
For example, the starting heat more newer command in the present embodiment are as follows: 80 EA, 01 00 1F A1,12 4F 09 11 22 33 44 55 66 77 88 00 4F 09 11 22 33 44 55 66 77 88 01 80 01 80 81 02 01 00;Wherein File identification is 11 22 33 44 55 66 77 88 00;
Step B1: card judges whether hot more new session has been started up, and is then to return to error message to host computer, otherwise holds Row step B2;
For example, card is 6985 to the error message that host computer returns;
Step B2: card judges whether backup operation is legal, is to then follow the steps B3, otherwise returns to mistake letter to host computer Breath;
Specifically, in the present embodiment, step B2 includes: the version for the executable file to be updated that card judgement obtains Number whether it is less than minimal version number needed for starting the executable file version to be updated in hot more newer command, judgement obtains Executable file to be updated whether be not present static dependencies, judgement belong to acquisition executable file to be updated each Whether using not in any logical channel by real-time selection, being such as judgement is to then follow the steps B3, otherwise gives host computer Return to error message;
For example, card is 6985 or 6401 to the error message that host computer returns, indicate to be updated if returning to 6401 Minimal version number needed for the version number of executable file is higher than the old executable file version in hot more newer command, such as returns 6985 indicate that other conditions are unsatisfactory for;
Step B3: card judges whether to have downloaded and saved new executable file, is to then follow the steps B4, otherwise holds Row step B6;
In the present embodiment, it when the file identification of executable file as usual and new executable file is different, is updated in heat It will be in new loading of executed file to card (i.e. before receiving heat and updating start command) before session initiation;
Step B4: whether the new executable file that preservation has been downloaded in card judgement is effective, is to then follow the steps B5, otherwise Error message is returned to host computer;
Specifically, in the present embodiment, step B4 includes: that card judges the new executable file downloaded and saved Association security domain and the executable file to be updated of acquisition whether be associated with security domain consistent and judge to have downloaded and save Whether the application module smallest subset of new executable file includes application module all in executable file to be updated, such as Judgement be to then follow the steps B5, otherwise give host computer return error message;
For example, card is 6985 or 6400 to the error message that host computer returns, unknown execution is indicated if returning to 6400 Condition indicates that condition is unsatisfactory for if returning to 6985;
Step B5: card judges whether the corresponding application example of new executable file has created, and is returned to host computer Error message is returned, it is no to then follow the steps B6;
For example, card is 6985 or 6400 to the error message that host computer returns, unknown execution is indicated if returning to 6400 Condition indicates that condition is unsatisfactory for if returning to 6985;
Step B6: card judges power down type according to power-fail interrupt mark, and power down or Backup Data process hair does not occur such as Raw power down thens follow the steps B7, and cleaning data procedures are sequentially executed if power down occurs for cleaning data procedures, executes and deletes data Process executes deletion data procedures if deleting data procedures and power down occurs;
Specifically, in the present embodiment, when card will when starting Backup Data or cleaning data or deletion data operation Corresponding power-fail interrupt identifies set, power down such as occurs in Backup Data or cleaning data or deletion data procedures, then again It powers on rear card and detects that power-fail interrupt mark re-executes respective operations;Such as Backup Data or cleaning data delete data mistake Do not occur to identify corresponding power-fail interrupt after the completion of power down then executes in journey and reset;Or it in Backup Data or cleaning data or deletes The power down generation step is then jumped directly to except power down occurs in process operation data, it, then will be corresponding after having executed the step Power-fail interrupt identifies set;It also needs to record currently performed application identities if power down occurs during Backup Data;
Step B7: card sequence executes Backup Data process, executes cleaning data procedures, executes and delete data procedures;
Specifically, in the present embodiment, card is to be updated by corresponding in registration table during executing Backup Data The system registry information of executable file, all applications registration belonged in executable file to be updated in registration table Table information, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;It is clear executing Reason data procedures and execution, which are deleted, refers to system registry information, all application registry information, all applications in data procedures The user information backed up is needed to delete calmly;
In the present embodiment, card execution Backup Data process includes:
Step T1: whether card checking Backup Data process occurs power down, is to then follow the steps T2, no to then follow the steps T3;
Specifically, in the present embodiment, step T1 specifically: card judges that power down identifies whether set, is, falls Otherwise power down does not occur for electricity;
Step T2: card recycles the user information that Backup Data power-fail interrupt occurs, and executes step T3;
For example, in the present embodiment, as power down occurs, (i.e. the application backed up when power down is needed during Backup Data The data to be backed up have had backed up a part in card), it needs first when backing up the application next time again the application function The data backed up are recycled;
The recycling that carries out in the present embodiment specifically includes:
Step Y1: card searches the management object for saving user information according to file identification;
Step Y2: card recycles the management object found;
Optionally, to management object recycle can there are many mode, such as: object will be managed and emptied, then directly Call the complete garbage reclamation function of virtual machine;It can certainly be recycled for the management object, method is that traversal is searched Subdomain object under the management object arrived carries out the subdomain object under the management object found and the management object found Recycling;
Wherein, label can be deleted by stamping when carrying out recycling beginning to data to all objects;What lookup cannot delete Object (such as system object, static object etc.) simultaneously removes the deletion of the object that cannot be deleted found label;It will be all It includes: that all objects of traversal are found without the object for deleting label that management object and subdomain object, which carry out recycling, and further traversal is looked for All subobjects under the object without deletion label arrived, and remove the deletion label of all subobjects;It deletes to have and deletes label Object, and carry out defragmentation;
Step T3: card is called the onSave () for belonging to each application of executable file to be updated by preset sequence Function (save function) saves the user information for needing to back up, and saves question paper registry information and application registry letter Breath executes step T4;
Specifically, step T3 includes: that card is called in executable file to be updated often as preset using typographical sequences The backup function of a application needs the application data that back up to save, and saves executable file and its application correlation to be updated Registry data.It applies to construct to map by calling the specific API of virtual machine in the backup function and correspond to using standby The instance objects of part data, can directly pass through original data type the instance objects interface using person and be written, For object, standard object directly gets up fiducial value backup, can repeat previous step for custom object and construct one New mappings object, and the fiducial value of the new mappings object is backuped in previous mapping object and is gone, can also be directly making by oneself Adopted object resolves into initial form completely or standard object is backed up;
Optionally, as such as detected power down during step T3, then Backup Data power-fail interrupt is set and identifies and records It is current to execute application identities;
Step T4: card judges whether Backup Data process has exception throws, is, deletes the user information backed up, text Part registry information and application registry information return to error message to host computer, otherwise clear up data procedures;
For example, card is 6400 to the error message that host computer returns, unknown execution condition is indicated if returning to 6400, heat Renewal process terminates;
In the present embodiment, card executes cleaning data procedures and specifically includes:
Step P1: whether card checking scale removal process occurs power down, is to then follow the steps P2, no to then follow the steps P3;
Specifically, in the present embodiment, if card detects power down, then power down mark is arranged;Correspondingly, step P1 is specific Are as follows: judge whether that being provided with power down identifies, is to delete power down mark, executes step P2, it is no to then follow the steps P3;
Step P2: card restarts the application of cleaning data outage to call onCleanup () function (cleaning function), Execute step P3;
Step P3: card is by the preset each application for belonging to executable file to be updated using typographical sequences calling OnCleanup () function come promote application deletion, execute step P4;
For example, the step P3 in the present embodiment is the success for guaranteeing recycling by discharging some dynamic dependencies;By preset The cleaning function of each application in executable file to be updated is called using typographical sequences to promote the deletion of subsequent application, Such as: guarantee the success of recycling by discharging some dynamic dependencies;
Optionally, power-fail interrupt mark is set if there is power down during step P3;
Step P4: card judges whether there is exception throws in scale removal process, is that delete current executable file corresponding User information, system registry information and the application registry information backed up returns to error message to host computer, otherwise executes Next step;
For example, card is 6400 to the error message that host computer returns, unknown execution condition is indicated if returning to 6400, heat Renewal process terminates;
In the present embodiment, card executes deletion data procedures and specifically includes:
Step W1: card deletes the system registry information for corresponding to executable file to be updated, application registry letter Breath, user information;
Step W2: whether card, which judges to update option to be set as retaining executable file to be updated, does not delete, and is then Step W3 is executed, executable file to be updated is otherwise deleted, executes step W3;
Optionally, as such as there is power down during step W1-W2, then entering power-fail interrupt, setting power-fail interrupt identifies, Exit power-fail interrupt;
Step W3: card judges whether deletion process has exception throws, is, it is corresponding standby to delete current executable file The information of part may cause according to the realization for the cleaning function for executing cleaning data procedures and belong to executable file to be updated Application become unknown state, give host computer return error message, it is no to then follow the steps W4;
For example, card is 6400 to the error message that host computer returns, unknown execution condition is indicated if returning to 6400, heat Renewal process terminates;
Step W4: the executable file version that card waits for downloads new, and return success to host computer.
For example, card is 00 04 A1 02 90 02 to the successful information that host computer returns;It is wherein exactly more under tagA1 New session information data, sub- tag90 indicate that update session status, 02 expression current card are in the executable file that waits for downloads Heat updates session status;
Step 103: card downloads new executable file and is saved into the second memory block of nonvolatile storage, One is recorded in executable file registration table corresponds to the registry information of new executable file and by new executable file Preservation address be added in registry information;
Optionally, it may also be desirable to download the dependence library packet of new executable file in the step 103 in the present embodiment;
In the present embodiment, as shown in figure 5, step 103 specifically includes:
Step C1: the instruction that the host computer to be received such as card issues executes step C2 when receiving and preparing installation order, Step C5 is executed when receiving download command;
For example, the preparation installation order in the present embodiment are as follows: 84 E6 02 00 16 09 11 22 33 44 55 66 77 88 00 00 00 00 00 17 96 2F 4F E3 07 07 80;Download command can be one or more: 84 E8 00 00 FF C4 82 01 CE 01 00 31 DE CA FF ED 02 02 04 00 01 09 11 22 33 44 55 66 77 88 00 1D 6F 72 67 2F 67 6C 6F 62 61 6C 70 6C 61 74 66 6F 72 6D 2F 72 61 6E 64 6F 6D 44 61 74 61 02 00 21 00 31 00 21 00 0D 00 1E 00 3A 00 1D 00 B5 00 0A 00 20 00 00 00 D8 04 CF 00 00 00 00 00 00 03 01 00 04 00 1E 03 03 01 07 A0 00 00 00 62 01 01 00 01 06 A0 00 00 01 51 07 00 01 07 A0 00 00 00 62 00 01 03 00 0D 01 09 11 22 33 44 55 66 77 88 99 00 1A 06 00 1D 00 00 01 80 03 03 00 01 07 05 00 00 00 2E 00 6E 00 75 00 97 00 9F 81 02 04 08 09 0A 0B 07 00 B5 00 02 10 18 8C 00 03 18 10 7F 88 00 18 11 01 11 89 01 18 10 0A 90 0B 87 02 7A 05 30 8F 00 04 3D 8C 00 05 18 1D 04 41 18 1D 25 8B 00 06 7A 02 21 19 8B 00 07 2D 18 8B 00 08 60 03 7A, 18 10 51 88 00 18 11 02 43 89 01 3B D2 5E 4A A5,50 A1 E0 00 and/ Or 84 E8,80 01 E3 7A, 03 10 18 67 04 01 77 04 06 04 8D, 00 09 18 84 00 8E 02 00 0A 01 18 85 01 8E 02 00 0A 02 18 83 02 8E 02 00 0A 03 77 01 10 18 8D 00 0B 77 00 10 7A 02 20 19 67 03 7A 19 8E 01 00 0A 08 18 19 8E 01 00 0A 0A 88 00 18 19 8E 01 00 0A 0B 89 01 7A 02 20 18 19 8D 00 0C 7A 02 10 AE 00 10 51 6B 09 AF 01 11 02 43 6A 08 11 6F 00 8D 00 0D 7A 08 00 0A 00 00 00 00 00 00 00 00 00 00 05 00 3A 00 0E 02 00 02 01 02 00 02 02 02 00 02 00 06 80 03 00 01 00 02 00 06 00 00 01 03 80 03 02 03 80 0A 01 03 80 03 03 06 81 03 03 01 81 00 00 06 00 00 48 06 00 00 78 06 80 07 01 09 00 20 00 0C 0B 06 07 28 06 11 08 08 25 09 0D 06 00 10 05 18 04 0A 07 05 1C 07 08 08 08 0F 07 09 0B 16 07 50 ED 43 D2 D6 0C 5D 00;
Step C2: card judges whether to get out download new executable file, is to then follow the steps C3, otherwise executes step Rapid C4;
Step C3: card judges whether the new executable file to be downloaded includes executable file to be updated, is then It for the new executable file application memory space to be downloaded, is return success to host computer, it is executable otherwise to download other File simultaneously returns to downloading result information to host computer;
For example, the successful respond status code that card is returned to host computer in the present embodiment is 90 00;Other executable files Returning to successful respond status code to host computer if downloading successfully is 90 00, returns to 6581 (tables to host computer if failed download Show EMS memory error) or 6A84 (indicating low memory);
Step C4: card judges whether the new executable file to be downloaded includes executable file to be updated, is then Error message is returned to host computer, otherwise download other executable files and returns to downloading result information to host computer;
For example, the error message that card is returned to host computer in the present embodiment is 6985, card to host computer return at Function information is 90 00;
Step C5: card can hold the downloading file data blocks parsing composition that the multiple APDU instructions of host computer point send over Style of writing part is simultaneously saved in the second memory block of nonvolatile storage, and judges whether downloading process normally completes, and is to execute Otherwise step C6 returns to error message to host computer;
For example, the error message that card is returned to host computer in the present embodiment is 6400 or 6A84, the table if returning to 6400 Show that unknown execution condition, hot renewal process terminate, representation space is insufficient if returning to 6A84;
Step C6: card judges whether current download package mark code is the mark code of new executable file and judges heat more Whether new session has been started up, and being such as judgement is to then follow the steps C7, otherwise by the second memory block of nonvolatile storage Information is recycled, and host computer returns to error message;
For example, card is 6985 to the error message that host computer returns, expression condition is unsatisfactory for;
Step C7: card judges whether the mode of recovery process is to restore automatically, is then in executable file registration table Record one corresponds to the registry information of new executable file and the preservation address of new executable file is added to note In volume table information, step 104 is executed, is otherwise return success to host computer, waited host computer to send heat and update and restore order;
For example, the successful information that card is returned to host computer in the present embodiment is 90 00;
Step 104: card pass sequentially through new executable file according to backup system registry information and backup it is every One application registry information reinstalls corresponding application, and successively calls the backup function in corresponding application backup User information in corresponding application is restored in corresponding application;
Specifically, the step 104 in the present embodiment includes:
Step 104-1: card is using first application registry information as current application registry information;
Step 104-2: card by new executable file according to backup system registry information and backup it is current Application registry information reinstalls corresponding application, and calls backup function the answering accordingly backup in corresponding application User information in is restored in corresponding application;
Step 104-3: card judges whether all applications are successfully recovered, and is to then follow the steps 105, otherwise by next Application registry information is as current application registry information return step 104-2;
In the present embodiment, the specific implementation process of step 104 is as shown in Figure 6, comprising:
Step D0: the preparation when card, which receives heat, updates recovery executable file order, before checking recovery process Whether journey is completed, and is to then follow the steps D1, otherwise returns to error message to host computer;
For example, the heat in the present embodiment, which updates, restores new executable file order as 80 EA, 02 00 1C A1 08 01 02 03 04 05 06 07 08 4F 09 11 22 33 44 55 66 77 88 00 80 01 80 81 02 01 00;Card Piece is 6985 to the error message that host computer returns;
Specifically, in the present embodiment, whether the preparation process before checking recovery process is completed to include: judgement backup procedure Whether complete and whether new executable file downloads completion, is that the preparation process before recovery process is completed, otherwise restores The preparation process for crossing Cheng Qian does not complete;
Step D1: card judges whether heat update recovery operation is legal, is to then follow the steps D2, otherwise host computer is given to return Error message;
For example, card to error message for example 64 01 that host computer returns indicates executable file version in the present embodiment , lower than compatible minimal version requirement, heat, which updates, to be terminated for this;For example 64 02 indicate that new executable file security domain is incorrect, Heat, which updates, to be terminated;For example 64 03 indicate that new executable file lacks module, and heat updates recovery process and has been started up:
Specifically, in the present embodiment, step D1 includes: that card judges whether the version number of the executable file updated compares Whether the version number of executable file to be updated is high and judge in executable file to be updated to include static dependencies, such as sentences It is disconnected be that then more new session is legal, it is otherwise illegal;
Step D2: whether card checking occurs power down, and power down does not occur such as or card reinstalls the generation of new opplication process Power down thens follow the steps D3, and power down such as occurs using backed up in synchronization data procedures and thens follow the steps D4, such as applies merging data mistake Cheng Fasheng power down thens follow the steps D7;
Step D3: card passes sequentially through new executable file according to the system registry information of backup according to downloading order The application of each is reinstalled with each application registry information of backup, and judges whether to install successfully, is to execute Otherwise step D4 returns to error message to host computer;
For example, card is 64 00 to the error message that host computer returns, unknown execution mistake is indicated, heat, which updates, to be terminated;
Step D4: card calls the onRestore () function for the application each reinstalled (standby in order by security domain Part function) user information of the respective application of backup is restored in the respective application reinstalled;
Optionally, start to continue to call application with the last one application before power down if there is power down in the process OnRestore () function;
Step D5: card judges whether all applications successfully restore, and is to then follow the steps D7, no to then follow the steps D6;
Step D6: card calls garbage reclamation function to clear up all temporary variables and data cached, and card is returned to host computer Return error message;
For example, card is 64 00 or 62 00 to the error message that host computer returns;
Step D7: card calls the onConsolidate () letter for the application each reinstalled by security domain in order Number (pooled function);
Optionally, start to continue to call application with the last one application before power down if there is power down in the process OnConsolidate () function;Specifically: card calls the merging method of each new opplication by security domain in certain sequence (i.e. onConsolidate () function) carrys out merging data, determines whether entire recovery process normally completes;
Step D8: card judges whether the onConsolidate () function for successfully calling all new opplications reinstalled, It is that card is return success to host computer, it is no to then follow the steps D9;
For example, card is 62 01 or 90 00 to the successful information that host computer returns;
Step D9: card deletes the application reinstalled and corresponding new executable file.
Step 105: card call garbage reclamation function to the information of the first memory block for being stored in nonvolatile storage into Row recycling.
It in the present embodiment, can also include: to have exception throws between step 102- step 104 and card is to host computer After returning to error message, when the order that card receives host computer transmission again carries out abandoning hot more new session operation;Such as Fig. 7 Shown, abandoning hot more new session operation includes:
Step E1: card judges whether to preserve executable file to be updated, is to then follow the steps E3, otherwise executes step Rapid E2;
Step E2: card downloads executable file to be updated, is restoring upper primary when receiving and restoring order Step E3 is executed after new executable file;
In the present embodiment, last new executable file is executable text to be updated in this recovery process Part;
Step E3: card restores all applications for belonging to executable file to be updated according to executable file to be updated All user informations of registry information and backup execute step E4;
Step E4: card recycles Useless object, clears up the information backed up in hot renewal process, and to upper Machine is return success;
For example, card is 62 01 or 90 00 to the successful information that host computer returns;
Specifically, the recycling in the present embodiment in the step includes: to delete unwanted object (i.e. all backup numbers According to) and recycle its space used.
The method of the present embodiment is realized under the java card runtime environment context of application program, and information quilt is not present The problem of other application is stolen.
In hot renewal process (the heat update backup procedure, the more newly downloaded new executable file process of heat and heat of the present embodiment Update recovery process) in occur interrupting or abnormal, then carry out following processing:
1, power-fail interrupt unexpected power blackout situations such as (including) artificially pulling out card, power down, card is arranged in corresponding during power down Disconnected mark:
(1) automatic to restore: card automaticly inspects power down after re-powering and identifies whether set, is then to be identified to jump according to power down It goes to corresponding process and executes subsequent step;Such as update backup procedure generation power down in heat and backup power-fail interrupt mark is then set, Card detects that backup power-fail interrupt mark then jumps to the corresponding position that heat updates in backup procedure and continues to hold after powering on again Row subsequent step;
(2) order restores: the host computer to be received such as card, which issues, restores new executable file order, as card receive it is extensive Multiple new executable file order, then the corresponding position for jumping to corresponding power-fail interrupt identification record (may be that heat update was backed up Some step of journey, it is also possible to which heat updates some step of recovery process) continue to execute subsequent step;As card receives Other orders for the non-recovery new executable file order that position machine issues, card directly return to miscue code (such as 69 85);
Preferably, card receive restore new executable file order before can also include: on card receives When the current heat of the acquisition that position machine is sent updates session status order, current hot more new state is returned to host computer by card;Such as Current heat more new state is then card returns to 0x00 to host computer without hot more new session;Current heat more new state updates institute for heat There is step to successfully complete then card and gives host computer return 0x01;Current heat more new state is the executable file then card that waits for downloads 0x02 is returned to host computer;To wait heat to update recovery process, then card gives host computer return 0x03 to current hot more new state;When To wait heat to update recovery process failure, then card gives host computer return 0x04 to preceding heat more new state;Current heat more new state is standby Then card gives host computer to return to 0x10 for the preservation step interruption of part process;Current heat more new state is the cleanup step of backup procedure It interrupts then card and gives host computer return 0x20;Current heat more new state be the deletion step of backup procedure interrupt then card to upper Machine returns to 0x30;Current heat more new state interrupts then card for the installation steps of recovery process and returns to 0x40 to host computer;Currently Hot more new state interrupts then card for the recovering step of recovery process and returns to 0x50 to host computer;Current heat more new state is to restore Then card gives host computer to return to 0x60 for the merging step interruption of process;
2, card updates backup procedure step, the more newly downloaded new executable file process steps of heat and heat in heat and updates and restore Step is such as abnormal, then different error messages is sent to host computer, these error messages are from application, can also Unknown execution mistake can be indicated if error message is 6400 from system, heat, which updates, to be abandoned;As error message is 6401 indicate executable file version lower than compatible minimal version requirement, and heat, which updates, to be abandoned;As error message is 6402 indicate that new executable file security domain is incorrect, and heat, which updates, to be abandoned;It indicates newly may be used if error message is 6403 It executes file and lacks module, heat updates recovery process and has been started up;It indicates to attempt to save if error message is 6410 to make by oneself Object, heat, which updates, to be abandoned;Indicate that condition is unsatisfactory for if error message is 6985;It is indicated if error message is 6200 (warning) unknown execution mistake, heat update recovery process and have been started up.
Embodiment three
The embodiment of the present invention three provides a kind of hot updating device for realizing smart card executable file, as shown in figure 8, packet It includes:
First receiving module 801, for receiving the starting heat more newer command of host computer transmission;
First obtains module 802, the file in the hot more newer command of the starting for being received according to the first receiving module 801 Mark searches executable file in registration table and saves address, saves address the of nonvolatile storage according to executable file Executable file to be updated is obtained in two memory blocks;
Backup removing module 803, for by the system registry corresponding to executable file to be updated in registration table All application registry information belonged in executable file to be updated, all applications in information, registration table specify needs The user information of backup backups to the first memory block of nonvolatile storage;By belonging in system registry information, registration table The specified user information for needing to back up of all application registry information, all applications in executable file to be updated is deleted;
Preserving module 804 is downloaded, for downloading new executable file and being saved into the second of nonvolatile storage Memory block, records the registry information of correspondence and new executable file and can by new in executable file registration table The preservation address for executing file is added in registry information;
Install recovery module 805, for by new executable file according to the system registry information of backup and backup All application registry information reinstall application, and call the backup function in the application reinstalled the corresponding of backup User information in is restored in the application reinstalled;
First recycling module 806, for calling garbage reclamation function after installation recovery module 805 successfully installs recovery The information for the first memory block for being stored in nonvolatile storage is recycled.
Optionally, the device of the present embodiment further includes the second removing module, in the backup completion of the first backup module The executable file to be updated that the first acquisition module 802 obtains is deleted afterwards.
Optionally, the application registry information in the present embodiment has a plurality of, correspondingly, device further includes first as module And first judgment module;
First is used as module, for using first application registry information as current application registry information;
Recovery module 805 is installed to be specifically used for through new executable file according to the system registry information of backup and standby The current application registry information of part reinstalls corresponding application, and calls the backup function in corresponding application backup User information in corresponding application is restored in corresponding application;
First judgment module is to trigger the first recycling module 806 for judging whether all applications are successfully recovered, Otherwise using next application registry information as current application registry information, triggering installation recovery module 805.
Optionally, the device of the present embodiment further include: channel module is established, for establishing the peace between card and host computer Full tunnel;
First receiving module 801 after establishing channel module and being successfully established exit passageway specifically on waiting and receiving The starting heat more newer command that position machine is sent.
Specifically, establishing channel module and including:
First receiving submodule, for receiving the host-random-number and host machine authentication code of host computer transmission;
First generates submodule, for generating the first session key and card random number;
First saves submodule, the card random number received for saving the first receiving submodule;
First encryption submodule, for using the first session key to the first receiving module 801 according to the second Predistribution Algorithm The host-random-number received and the card random number of generation are encrypted to obtain card authentication code;
First sending submodule returns to host computer for will generate the card authentication code that encryption submodule obtains;
Judging submodule is encrypted, the first session key decryption first for using the first generation submodule to generate receives son The host machine authentication code that module receives judges to decrypt whether the card random number that host machine authentication code obtains protects with the first preservation submodule The card random number deposited is identical, is, the exit passageway between host computer is successfully established, and otherwise returns to error message to host computer.
In the present embodiment, first submodule is generated specifically for using preset basic key according to the first preset algorithm Derived data is encrypted to obtain the first session key;Generate card random number;
First sending submodule is specifically used for the variable data of derived data and card authentication code returning to host computer.
Optionally, the present embodiment establishes channel module further include: authentication sub module, for sending when receiving host computer When establishing exit passageway order, the outer entity of card is authenticated using the exit passageway agreement of support, is touched if authenticating successfully The first receiving submodule is sent out, returns to error message to host computer if authentification failure.
Specifically, in the present embodiment, backup removing module 803 is used to believe the specified user for needing to back up of all applications The first memory block that breath backups to nonvolatile storage includes: to obtain corresponding application according to executable file to be updated, often A application calculates the taken up space total size of initial data in backup information and standard according to respective user information to be backed up Object number passes through the space size of application programming interface announcement card application nonvolatile storage;Card preservation passes through Application programming interface returns to the management object of the first memory block of nonvolatile storage, and the specified needs of each application are standby The user information of part backups in the first memory block of nonvolatile storage in the management object for corresponding to each application.
Specifically, the backup removing module 803 of the present embodiment includes:
Second judgment submodule is then to return to mistake letter to host computer for judging whether hot more new session has been started up Otherwise breath triggers third judging submodule;
Third judging submodule is then to trigger the 4th judging submodule, otherwise gives for judging whether backup operation is legal Host computer returns to error message;
Further, third judging submodule is specifically used for the version number for the executable file to be updated that judgement obtains Whether be less than minimal version number needed for starting the executable file version to be updated in hot more newer command, judgement obtains to Whether the executable file of update is not present static dependencies, judges that each for belonging to the executable file to be updated of acquisition is answered With whether not in any logical channel by real-time selection, the 4th judging submodule is triggered if judgement is to be, is otherwise given Host computer returns to error message;
New executable file has been downloaded and saved to 4th judging submodule for judging whether, is then to trigger the 5th Otherwise judging submodule triggers the 7th judging submodule;
5th judging submodule, it is whether effective for judging to have downloaded the new executable file saved, it is to trigger Otherwise 6th judging submodule returns to error message to host computer;
Further, the pass for the new executable file that the 5th judging submodule has been downloaded and saved specifically for judgement Connection security domain is associated with whether security domain is consistent and judgement has been downloaded and saved new with the executable file to be updated of acquisition The application module smallest subset of executable file whether include application module all in executable file to be updated, such as sentence It is disconnected be then the 6th judging submodule of triggering, otherwise host computer is given to return to error message;
6th judging submodule is then to upper for judging whether the corresponding application of new executable file has created Machine returns to error message, otherwise triggers the 7th judging submodule;
For judging power down type according to power-fail interrupt mark power down or backup number do not occur for the 7th judging submodule such as Power down occurs according to process and then successively triggers Backup Data submodule, cleaning data submodule and deletion data submodule, such as clears up Power down occurs for data procedures, and then successively triggering clears up data submodule and deletes data submodule, such as deletes data procedures and falls It is electric then trigger delete data submodule;
Backup Data submodule, for executing Backup Data process;
Data submodule is cleared up, for executing cleaning data procedures;
Data submodule is deleted, deletes data procedures for executing;
Backup Data submodule is for executing Backup Data process, comprising: for by corresponding in registration table it is to be updated The system registry information of executable file, all applications registration belonged in executable file to be updated in registration table Table information, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;
It clears up data submodule and deletes data mistake for executing for executing cleaning data procedures, deleting data submodule Journey, comprising: believe all application registries belonged in executable file to be updated in system registry information, registration table Breath, the specified user information for needing to back up of all applications are deleted.
In the present embodiment, Backup Data submodule includes:
First inspection unit is to trigger the first recovery unit for checking whether Backup Data process occurs power down, no Then trigger the first storage unit;
First recovery unit, for recycling to the user information that Backup Data power-fail interrupt occurs, triggering first is protected Memory cell;
Specifically, the first recovery unit includes:
First searches subelement, for searching the management object for saving user information according to file identification;
First recycling subelement, the management object for finding to the first lookup subelement recycle;
Further, the first recycling subelement is specifically used for emptying the management object found, calls virtual machine complete Whole garbage reclamation function;Or first recycling subelement be specifically used for traversal find management object under subdomain object, will Subdomain object under the management object found and the management object found is recycled;
First storage unit, for calling the guarantor for belonging to each application of executable file to be updated by preset sequence Store function needs the user information that backs up to save, and save in system registry information and registration table belong to it is to be updated can All application registry information in file are executed, the first judging unit is triggered;
First judging unit is to delete the user backed up for judging whether Backup Data process has exception throws Information, system registry information and application registry information return to error message to host computer, otherwise triggering cleaning data submodule Block.
In the present embodiment, cleaning data submodule includes:
Second inspection unit is to trigger the first call unit, otherwise touch for checking whether scale removal process occurs power down Send out the second call unit;
First call unit restarts to call cleaning function for the application to cleaning data outage, and triggering second is adjusted Use unit;
Second call unit, for belonging to each of executable file to be updated using typographical sequences calling by preset The cleaning function of application come promote application deletion, trigger second judgment unit;
Second judgment unit is to delete current executable file for judging whether there is exception throws in scale removal process The corresponding user information backed up, system registry information and application registry information return to error message to host computer, no It then triggers and deletes data submodule.
In the present embodiment, deleting data submodule includes:
First deletes unit, corresponds to the system registry information of executable file to be updated, using note for deleting Volume table information, user information;
Unit is deleted in judgement, is not deleted for judge whether update option is set as retaining executable file to be updated It removes, is, trigger third judging unit, otherwise delete executable file to be updated, trigger third judging unit;
Third judging unit is to delete current executable file pair for judging whether deletion process has exception throws The information for the backup answered becomes the application for belonging to executable file to be updated according to the cleaning function for executing cleaning data procedures At unknown state, error message is returned to host computer, otherwise triggering waits return unit;
Return unit, the executable file version for waiting for downloads new are waited, and is return success to host computer.
Further, the downloading preserving module 804 in the present embodiment includes:
Second receiving submodule, for receiving the preparation installation order and download command that host computer issues;
8th judging submodule, for judging whether to be ready to when the second receiving module receives preparation installation order New executable file is downloaded, is then to trigger the 9th judging submodule, otherwise triggers the tenth judging submodule;
9th judging submodule, for judging whether the new executable file to be downloaded includes executable text to be updated Part is to be the second memory block of the new executable file application nonvolatile storage to be downloaded, return successfully to host computer Otherwise information downloads other executable files and returns to downloading result information to host computer;
Tenth judging submodule, for judging whether the new executable file to be downloaded includes executable text to be updated Part is then to return to error message to host computer, otherwise downloads other executable files and returns to downloading result information to host computer;
Judging submodule is saved, for dividing multiple APDU host computer when the second receiving module receives download command It instructs the downloading file data blocks sent parsing composition executable file and is saved in the second memory block of nonvolatile storage In, judge whether downloading process normally completes, be, triggers judgement recycling submodule, otherwise return to error message to host computer;
Judgement recycling submodule, for judge current download package mark code whether be the mark code of new executable file simultaneously Judge whether hot more new session has been started up, if judgement is to be, judgement addition submodule is triggered, otherwise by non-volatile memory The information of second memory block of device is recycled, and returns to error message to host computer;
Judgement addition submodule, judges whether the mode of recovery process is to restore automatically for card, is then executable The registry information of correspondence and new executable file is recorded in system registry and by the preservation of new executable file Address is added in registry information, otherwise triggering installation recovery module 805 is return success to host computer.
Further, the installation recovery module 805 of the present embodiment includes:
Third receiving submodule restores executable file order for receiving heat and updating;
First check submodule, for when third receiving submodule receive heat update restore executable file order when, Whether the preparation process before checking recovery process is completed, and is then to trigger the 11st judging submodule, otherwise gives host computer to return wrong False information;
Preferably, the first inspection submodule is specifically used for restoring executable text when third receiving submodule receives heat and updates When part order, judge whether backup procedure is completed and whether new executable file downloads completion, if judgement is to be, triggers Otherwise 11st judging submodule returns to error message to host computer;
11st judging submodule is that then triggering second checks submodule for judging whether heat update recovery operation is legal Otherwise block returns to error message to host computer;
Preferably, whether the 11st judging submodule is specifically used for judging the version number of new executable file than to be updated Executable file version number it is high and judge in executable file to be updated whether to include static dependencies, as judgement is It is that then triggering second checks submodule, otherwise returns to error message to host computer;
Second checks submodule, for checking whether generation power down, power down does not such as occur or card reinstalls new opplication Process occurs power down and then triggers installation judging submodule, and installation is triggered if power down occurs using backed up in synchronization data procedures and is restored Submodule triggers the first calling submodule if power down occurs using merging data process;
Judging submodule is installed, is infused for passing sequentially through new executable file according to downloading order according to the file of backup Volume table information and each application registry information of backup reinstall each application, and judge whether to install successfully, are It then triggers installation and restores submodule, otherwise return to error message to host computer;
Installation restores submodule, for calling the backup function in the application each reinstalled in order by security domain The user information of the respective application of backup is restored in the respective application reinstalled;
12nd judging submodule is that then submodule is called in triggering first for judging whether all applications successfully restore Block, otherwise triggering, which is called, returns to submodule;
It calls and returns to submodule, for calling garbage reclamation function to clear up all temporary variables and data cached, to upper Machine returns to error message;
First calls submodule, for calling the pooled function for the application each reinstalled in order by security domain;
13rd judging submodule, the pooled function for judging whether successfully to call all applications reinstalled are It is then return success to host computer, otherwise triggers first and delete submodule;
First deletes submodule, for deleting the application reinstalled and corresponding new executable file.
Optionally, the device of the present embodiment, which may also include, abandons module, for having exception throws and returning to host computer After error message, carry out abandoning hot more new session when the first receiving module 801 receives the order of host computer transmission again Operation.
Specifically, abandoning module and including:
14th judging submodule preserves executable file to be updated for judging whether, is to trigger recovery Module, otherwise submodule is downloaded in triggering;
Submodule is downloaded, for downloading executable file to be updated, when receiving recovery order and on having restored It is triggered after primary new executable file and restores submodule;
Restore submodule, belongs to all of executable file to be updated for restoring according to executable file to be updated All user informations of application registry information and backup execute step E4;
Backup submodule is recycled, for being recycled to Useless object, the information that cleaning is backed up in hot renewal process, And it is return success to host computer.
The foregoing is only a preferred embodiment of the present invention, but scope of protection of the present invention is not limited thereto, Anyone skilled in the art is in technical scope disclosed by the invention, and any changes or substitutions that can be easily thought of, It should be covered by the protection scope of the present invention.Therefore, protection scope of the present invention should be with scope of protection of the claims Subject to.

Claims (46)

1. a kind of hot update method for realizing smart card executable file characterized by comprising
Step S1: when card receives the starting heat more newer command of host computer transmission, according in the hot more newer command of the starting File identification searched in registration table executable file save address, according to executable file save address in non-volatile memory Executable file to be updated is obtained in second memory block of device;
Step S2: the card believes the system registry corresponding to the executable file to be updated in the registration table Breath, all application registry information belonged in executable file to be updated in the registration table, the specified need of all applications The user information to be backed up backups to the first memory block of nonvolatile storage, by the system registry information, the registration The specified user for needing to back up of all application registry information belonged in executable file to be updated, all applications in table Information deletion;
Step S3: the card downloads new executable file and is saved into the second storage of the nonvolatile storage Area, in the executable file registration table record one correspond to new executable file registry information and can by new The preservation address for executing file is added in the registry information;
Step S4: the card according to the system registry information of backup and is backed up all by the new executable file Application registry information reinstalls application, and calls the backup function in the application reinstalled in the respective application of backup User information be restored to reinstall application in;
Step S5: the card calls information of the garbage reclamation function to the first memory block for being stored in the nonvolatile storage It is recycled.
2. the method according to claim 1, wherein the card will correspond in the registration table it is described to more The institute belonged in the executable file to be updated in the system registry information of new executable file, the registration table There is specified the first memory block for needing the user information backed up to backup to nonvolatile storage of application registry information, all applications Later further include: delete the executable file to be updated of the acquisition.
3. the method according to claim 1, wherein the application registry information has a plurality of, the step S4 It before include using first application registry information as current application registry information;
Step S4 replacement are as follows: the card by the new executable file according to backup system registry information with The current application registry information of backup reinstalls corresponding application, and calls the backup function in corresponding application backup Corresponding application in user information be restored in corresponding application;
Then include: that the card judges whether all applications are successfully recovered between step S4 and step S5, is to then follow the steps S5, otherwise using next application registry information as current application registry information, return step S4.
4. the method according to claim 1, wherein before the step S1 further include: the card establish with Exit passageway between host computer.
5. according to the method described in claim 4, it is characterized in that, the exit passageway that the card is established between host computer has Body are as follows:
Step A1: the card receives the host-random-number that the host computer is sent;
Step A2: the card generates the first session key and card random number, the card random number is saved, according to the second preset calculation Method is encrypted to obtain card authentication code simultaneously using first session key to the host-random-number and the card random number The card authentication code is returned into the host computer;
Step A3: when the card receives the host machine authentication code that the host computer is sent, the card uses described first Session key decrypts the host machine authentication code, judge to decrypt card random number that the host machine authentication code obtains whether the card with preservation Random number is identical, is, the exit passageway between host computer is successfully established, and otherwise returns to error message to host computer.
6. according to the method described in claim 5, it is characterized in that, the card the first session of generation in the step A2 is close Key, comprising: the card encrypts derived data to obtain first according to the first preset algorithm using preset basic key Session key;
The card authentication code is returned into the host computer in the step A2, including;By the variable of the derived data Data and card authentication code return to host computer.
7. according to the method described in claim 5, it is characterized in that, including: when the card receives before the step A1 When establishing exit passageway order of the host computer transmission authenticates the outer entity of card using the exit passageway agreement of support, It such as authenticates and successfully thens follow the steps A1, return to error message to host computer if authentification failure.
8. the method according to claim 1, wherein specifying needs to back up all applications in the step S2 It includes: the card according to the executable file to be updated that user information, which backups to the first memory block of nonvolatile storage, Corresponding application is obtained, each application needs the respective user information backed up to calculate original number in backup information according to described According to taken up space total size and standard object number, pass through non-volatile memory described in application programming interface announcement card application The space size of device, the card save the first memory block that the application programming interface returns to the nonvolatile storage Management object;The card needs the user information backed up to backup to the of the nonvolatile storage for each application is specified Corresponding in the management object of each application in one memory block.
9. the method according to claim 1, wherein the step S2 includes:
Step B1: the card judges whether hot more new session has been started up, and is then to return to error message to host computer, otherwise holds Row step B2;
Step B2: the card judges whether backup operation is legal, is to then follow the steps B3, otherwise returns to mistake letter to host computer Breath;
Step B3: the card judges whether to have downloaded and saved new executable file, is to then follow the steps B4, otherwise holds Row step B6;
Step B4: whether the new executable file saved has been downloaded in card judgement effective, is to then follow the steps Otherwise B5 returns to error message to host computer;
Step B5: the card judges whether the corresponding application of the new executable file has created, and is returned to host computer Error message is returned, it is no to then follow the steps B6;
Step B6: the card judges power down type according to power-fail interrupt mark, and power down or Backup Data process hair does not occur such as Raw power down thens follow the steps B7, and cleaning data procedures are sequentially executed if power down occurs for cleaning data procedures, executes and deletes data Process executes deletion data procedures if deleting data procedures and power down occurs;
Step B7: the card sequence executes Backup Data process, executes cleaning data procedures, executes and delete data procedures;
The card will correspond to described to be updated can be performed in the registration table during execution Backup Data All application registries letter belonged in executable file to be updated in the system registry information of file, the registration table Breath, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;
In execution cleaning data procedures and execute the system registry information, all applications note in deletion data procedures Volume table information, the specified user information for needing to back up of all applications are deleted.
10. according to the method described in claim 9, it is characterized in that, the step B2 includes: the institute that the card judgement obtains Whether the version number for stating executable file to be updated is less than the executable file to be updated started in hot more newer command Minimal version number needed for version judges whether the executable file to be updated obtained is not present static dependencies, judgement Whether each application for belonging to the executable file to be updated of acquisition is not selected in real time in any logical channel It selects, being such as judgement is to then follow the steps B3, otherwise returns to error message to host computer.
11. according to the method described in claim 9, it is characterized in that, the step B4 includes: that the card judgement has been downloaded simultaneously The association security domain of new executable file saved is with the security domain that is associated with of the executable file to be updated of acquisition Whether the application module smallest subset for the new executable file that no consistent and judgement has been downloaded and saved includes described to be updated Executable file in all application module, being such as judgement is to then follow the steps B5, and host computer is otherwise given to return to mistake letter Breath.
12. according to the method described in claim 9, it is characterized in that, card execution Backup Data process includes:
Step T1: whether the card checking Backup Data process occurs power down, is to then follow the steps T2, no to then follow the steps T3;
Step T2: the card recycles the user information that Backup Data power-fail interrupt occurs, and executes step T3;
Step T3: the card is called the preservation for belonging to each application of the executable file to be updated by preset sequence Function saves the specified user information for needing to back up, and saves belonging in the system registry information and the registration table All application registry information in executable file to be updated execute step T4;
Step T4: the card judges whether Backup Data process has exception throws, is, deletes the user information backed up, text Part registry information and application registry information, return to error message to host computer, otherwise execute cleaning data procedures.
13. according to the method for claim 12, which is characterized in that the step T2 is specifically included:
Step Y1: the card searches the management object for saving user information according to the file identification;
Step Y2: the card recycles the management object found.
14. according to the method for claim 13, which is characterized in that the step Y2 is specifically included: the card will be searched To management object empty, call the complete garbage reclamation function of virtual machine.
15. according to the method for claim 13, which is characterized in that the step Y2 is specifically included: traversing the pipe found The subdomain object under object is managed, the subdomain object under the management object found and the management object found is recycled.
16. according to the method described in claim 9, it is characterized in that, execution cleaning data procedures include:
Step P1: whether the card checking scale removal process occurs power down, is to then follow the steps P2, no to then follow the steps P3;
Step P2: the card restarts the application of cleaning data outage to call cleaning function, executes step P3;
Step P3: the card is belonged to each of the executable file to be updated and answered as preset using typographical sequences calling Function is cleared up to promote the deletion of application, executes step P4;
Step P4: the card judges whether there is exception throws in scale removal process, is that delete current executable file corresponding User information, system registry information and the application registry information backed up returns to error message to host computer, otherwise executes Delete data procedures.
17. according to the method described in claim 9, it is characterized in that, execution deletion data procedures include:
Step W1: the card, which is deleted, corresponds to the system registry information of the executable file to be updated, using registration Table information, user information;
Step W2: whether the card, which judges to update option to be set as retaining executable file to be updated, does not delete, and is then Step W3 is executed, the executable file to be updated is otherwise deleted, executes step W3;
Step W3: the card judges whether deletion process has exception throws, is, it is corresponding standby to delete current executable file The information of part becomes the application for belonging to the executable file to be updated according to the cleaning function for executing cleaning data procedures Unknown state returns to error message to host computer, no to then follow the steps W4;
Step W4: the executable file version that the card waits for downloads new, and return success to host computer.
18. the method according to claim 1, wherein the step S3 includes:
Step C1: the instruction that the host computer to be received such as described card issues executes step C2 when receiving and preparing installation order, Step C5 is executed when receiving download command;
Step C2: the card judges whether to get out download new executable file, is to then follow the steps C3, otherwise executes step Rapid C4;
Step C3: whether the new executable file to be downloaded of card judgement includes the executable file to be updated, It is, for the second memory block of the new executable file application nonvolatile storage to be downloaded, to be returned to the host computer Otherwise successful information downloads other executable files and returns to downloading result information to the host computer;
Step C4: whether the new executable file to be downloaded described in the card judgement includes executable file to be updated, It is then to return to error message to host computer, otherwise downloads other executable files and return to downloading result information to host computer;
Step C5: the downloading file data blocks parsing composition that the card sends the multiple APDU instructions of host computer point is executable File is simultaneously saved in the second memory block of nonvolatile storage, judges whether downloading process normally completes, and is to then follow the steps Otherwise C6 returns to error message to host computer;
Step C6: the card judges whether current download package mark code is the mark code of new executable file and judges heat more Whether new session has been started up, and being such as judgement is to then follow the steps C7, otherwise by the second memory block of nonvolatile storage Information is recycled, and returns to error message to host computer;
Step C7: the card judges whether the mode of recovery process is to restore automatically, is then to register in the executable file The registry information an of correspondence and new executable file is recorded in table and adds the preservation address of new executable file Into the registry information, step S4 is executed, is otherwise return success to the host computer.
19. the method according to claim 1, wherein the step S4 includes:
Step D0: the preparation when the card, which receives heat, updates recovery executable file order, before checking recovery process Whether journey is completed, and is to then follow the steps D1, otherwise returns to error message to host computer;
Step D1: the card judges whether heat update recovery operation is legal, is to then follow the steps D2, otherwise host computer is given to return Error message;
Step D2: whether the card checking occurs power down, and power down does not occur such as or card reinstalls the generation of new opplication process Power down thens follow the steps D3, and power down such as occurs using backed up in synchronization data procedures and thens follow the steps D4, such as applies merging data mistake Cheng Fasheng power down thens follow the steps D7;
Step D3: the card passes sequentially through the new executable file according to the system registry of backup according to downloading order Information and each application registry information of backup reinstall each application, and judge whether to install successfully, are to hold Otherwise row step D4 returns to error message to host computer;
Step D4: the card calls the backup function in the application each reinstalled by backup in order by security domain The user information of respective application is restored in the respective application reinstalled;
Step D5: the card judges whether all applications successfully restore, and is to then follow the steps D7, no to then follow the steps D6;
Step D6: the card calls garbage reclamation function to clear up all temporary variables and data cached, gives host computer to return wrong False information;
Step D7: the card calls the pooled function for the application each reinstalled by security domain in order;
Step D8: the card judges whether the pooled function for successfully calling all applications reinstalled, and is then on described Position machine is return success, no to then follow the steps D9;
Step D9: the card deletes the application reinstalled and corresponding new executable file.
20. according to the method for claim 19, which is characterized in that described to check whether the preparation process before recovery process is complete It is the preparation then before recovery process at including: to judge whether backup procedure is completed and whether new executable file downloads completion Process is completed, and otherwise the preparation process before recovery process does not complete.
21. according to the method for claim 19, which is characterized in that the step D1 include: card judgement it is new can Whether the version number of execution file is higher than the version number of executable file to be updated and judges in executable file to be updated It whether include static dependencies, being is to then follow the steps D2, otherwise returns to error message to host computer such as judgement.
22. the method according to claim 1, wherein having exception between the step S4 in the step S2 It dishes out and after the card returns to error message to host computer, when the card receives the life that the host computer is sent again It carries out abandoning hot more new session operation when enabling.
23. according to the method for claim 22, which is characterized in that described abandon hot more new session operation and include:
Step E1: the card judges whether to preserve executable file to be updated, is to then follow the steps E3, otherwise executes step Rapid E2;
Step E2: the card downloads executable file to be updated, when receiving recovery order and is restoring upper primary New executable file after execute step E3;
Step E3: the card restores to belong to all of executable file to be updated according to the executable file to be updated All user informations of application registry information and backup execute step E4;
Step E4: the card recycles Useless object, clears up the information backed up in hot renewal process, and to described Host computer is return success.
24. a kind of hot updating device for realizing smart card executable file characterized by comprising
First receiving module, for receiving the starting heat more newer command of host computer transmission;
First obtains module, and the file identification in the hot more newer command of the starting for being received according to first receiving module exists Executable file is searched in registration table and saves address, and address is saved in the second storage of nonvolatile storage according to executable file Executable file to be updated is obtained in area;
Backup removing module, for by the system registry corresponding to the executable file to be updated in the registration table All application registry information belonged in executable file to be updated, all applications in information, the registration table are specified The user information for needing to back up backups to the first memory block of nonvolatile storage;By the system registry information, the note The specified use for needing to back up of all application registry information belonged in executable file to be updated, all applications in volume table Family information deletion;
Preserving module is downloaded, is stored for downloading new executable file and being saved into the second of the nonvolatile storage Area, records the registry information of correspondence and new executable file and can by new in the executable file registration table The preservation address for executing file is added in the registry information;
Install recovery module, for by the new executable file according to the system registry information of backup and the institute of backup There is application registry information to reinstall application, and calls the backup function in the application reinstalled the respective application of backup In user information be restored to reinstall application in;
First recycling module, for calling garbage reclamation function to preservation after the installation recovery module successfully installs recovery Information in the first memory block of the nonvolatile storage is recycled.
25. device according to claim 24, which is characterized in that further include the second removing module, for described first Backup module backup obtains the executable file to be updated that module obtains for described first after completing and deletes.
26. device according to claim 24, which is characterized in that the application registry information has a plurality of, described device It further include first as module and first judgment module;
Described first is used as module, for using first application registry information as current application registry information;
It is described installation recovery module be specifically used for by the new executable file according to backup system registry information with The current application registry information of backup reinstalls corresponding application, and calls the backup function in corresponding application backup Corresponding application in user information be restored in corresponding application;
The first judgment module is to trigger first recycling module for judging whether all applications are successfully recovered, Otherwise using next application registry information as current application registry information, the installation recovery module is triggered.
27. device according to claim 24, which is characterized in that further include: establish channel module, for establish card with Exit passageway between host computer;
First receiving module is specifically used for waiting and receiving upper in described establish after channel module is successfully established exit passageway The starting heat more newer command that machine is sent.
28. device according to claim 27, which is characterized in that the channel module of establishing includes:
First receiving submodule, the host-random-number and host machine authentication code sent for receiving the host computer;
First generates submodule, for generating the first session key and card random number;
First saves submodule, the card random number received for saving first receiving submodule;
First encryption submodule, for using first session key to first receiving module according to the second Predistribution Algorithm The card random number of the host-random-number and generation that receive is encrypted to obtain card authentication code;
First sending submodule, the card authentication code for obtaining the generation encryption submodule return to the host computer;
Judging submodule is encrypted, the first session key decryption described first for being generated using the first generation submodule is connect The host machine authentication code that receives of submodule is received, whether judges to decrypt card random number that the host machine authentication code obtains with described first It is identical to save the card random number that submodule saves, is that the exit passageway between host computer is successfully established, otherwise gives host computer Return to error message.
29. device according to claim 28, which is characterized in that described first, which generates submodule, is specifically used for according to first Preset algorithm encrypts derived data using preset basic key to obtain the first session key;Generate card random number;
First sending submodule is specifically used for returning to the variable data of the derived data with card authentication code upper Machine.
30. device according to claim 28, which is characterized in that described to establish channel module further include: authentication sub module, For when receiving that the host computer sends when establishing exit passageway order, using the exit passageway agreement of support to the outer reality of card Body is authenticated, and the first receiving submodule as described in triggering if authenticating successfully returns to mistake letter to host computer if authentification failure Breath.
31. device according to claim 24, which is characterized in that the backup removing module is for specifying all applications The first memory block that the user information for needing to back up backups to nonvolatile storage includes: according to the executable text to be updated Part obtains corresponding application, and each application calculates original in backup information according to the respective user information that the needs back up The taken up space total size of data and standard object number are deposited by non-volatile described in application programming interface announcement card application The space size of reservoir, the card, which is saved, returns to the first of the nonvolatile storage by the application programming interface The management object of memory block;The user information that the specified needs of each application back up is backuped to the first of the nonvolatile storage Corresponding in the management object of each application in memory block.
32. device according to claim 24, which is characterized in that the backup removing module includes:
Second judgment submodule is then to return to error message to host computer for judging whether hot more new session has been started up, no Then trigger third judging submodule;
The third judging submodule is then to trigger the 4th judging submodule, otherwise gives for judging whether backup operation is legal Host computer returns to error message;
New executable file has been downloaded and saved to 4th judging submodule for judging whether, is then to trigger the 5th Otherwise judging submodule triggers the 7th judging submodule;
5th judging submodule, it is whether effective for judging to have downloaded the new executable file saved, it is then The 6th judging submodule is triggered, otherwise returns to error message to host computer;
6th judging submodule is to give for judging whether the corresponding application of the new executable file has created Host computer returns to error message, otherwise triggers the 7th judging submodule;
For judging power down type according to power-fail interrupt mark power down or backup number do not occur for the 7th judging submodule such as Power down occurs according to process and then successively triggers Backup Data submodule, cleaning data submodule and deletion data submodule, such as clears up Power down occurs for data procedures, and then successively triggering clears up data submodule and deletes data submodule, such as deletes data procedures and falls It is electric then trigger delete data submodule;
Backup Data submodule, for executing Backup Data process;
Data submodule is cleared up, for executing cleaning data procedures;
Data submodule is deleted, deletes data procedures for executing;
Backup Data submodule is for executing Backup Data process, comprising: for by corresponding in the registration table it is described to Belonging in the system registry information of the executable file of update, the registration table is all in executable file to be updated Application registry information, specified the first memory block for needing the user information backed up to backup to nonvolatile storage of all applications;
The cleaning data submodule deletes data for executing for executing cleaning data procedures, the deletion data submodule Process, comprising: by the system registry information, the registration table belong in executable file to be updated all answer It is deleted with registry information, the specified user information for needing to back up of all applications.
33. device according to claim 32, which is characterized in that the third judging submodule is specifically used for judgement and obtains The executable file to be updated version number whether be less than it is described start it is to be updated executable in hot more newer command Minimal version number needed for FileVersion, judge obtain the executable file to be updated whether be not present static dependencies, Judgement belong to acquisition the executable file to be updated each application whether not in any logical channel by reality When select, as judgement be to be if trigger the 4th judging submodule, otherwise give host computer return error message.
34. device according to claim 32, which is characterized in that the 5th judging submodule is specifically used under judgement It carries and the association security domain of new executable file that saves and the executable file to be updated of acquisition is associated with safety The application module smallest subset for the new executable file that whether domain consistent and judgement has been downloaded and saves whether include it is described to All application modules in the executable file of update trigger the 6th judging submodule if judgement is to be, otherwise to upper Machine returns to error message.
35. device according to claim 32, which is characterized in that the Backup Data submodule includes:
First inspection unit is to trigger the first recovery unit, otherwise touch for checking whether Backup Data process occurs power down Send out the first storage unit;
First recovery unit, for recycling to the user information that Backup Data power-fail interrupt occurs, triggering first is protected Memory cell;
First storage unit, for calling each application for belonging to the executable file to be updated by preset sequence Preservation function need the user information that backs up to save, and save the category in the system registry information and the registration table All application registry information in executable file to be updated trigger the first judging unit;
First judging unit is to delete the user backed up for judging whether Backup Data process has exception throws Information, system registry information and application registry information return to error message to host computer, otherwise trigger the cleaning data Submodule.
36. device according to claim 35, which is characterized in that first recovery unit includes:
First searches subelement, for searching the management object for saving user information according to the file identification;
First recycling subelement, the management object for finding to the first lookup subelement recycle.
37. device according to claim 36, which is characterized in that the first recycling subelement is specifically used for find Management object empty, call the complete garbage reclamation function of virtual machine.
38. device according to claim 36, which is characterized in that the first recycling subelement is specifically used for traversal and searches Subdomain object under the management object arrived carries out the subdomain object under the management object found and the management object found Recycling.
39. device according to claim 32, which is characterized in that the cleaning data submodule includes:
Second inspection unit is to trigger the first call unit for checking whether scale removal process occurs power down, otherwise triggers Two call units;
First call unit restarts to call cleaning function for the application to cleaning data outage, and triggering second is adjusted Use unit;
Second call unit, for belonging to the executable file to be updated using typographical sequences calling by preset The cleaning function of each application come promote application deletion, trigger second judgment unit;
Second judgment unit is to delete current executable file to correspond to for judging whether there is exception throws in scale removal process The user information backed up, system registry information and application registry information, give host computer return error message, otherwise touch It sends out described and deletes data submodule.
40. device according to claim 32, which is characterized in that the deletion data submodule includes:
First deletes unit, corresponds to the system registry information of the executable file to be updated, using note for deleting Volume table information, user information;
Unit is deleted in judgement, is not deleted for judge whether update option is set as retaining executable file to be updated, is Third judging unit is then triggered, the executable file to be updated is otherwise deleted, triggers third judging unit;
The third judging unit is to delete current executable file pair for judging whether deletion process has exception throws The information for the backup answered will belong to answering for the executable file to be updated according to the cleaning function for executing cleaning data procedures With unknown state is become, error message is returned to host computer, otherwise triggering waits return unit;
The waiting return unit, the executable file version for waiting for downloads new, and return success to host computer.
41. device according to claim 24, which is characterized in that the downloading preserving module includes:
Second receiving submodule, for receiving the preparation installation order and download command that host computer issues;
8th judging submodule, for judging whether to be ready to when second receiving module receives preparation installation order New executable file is downloaded, is then to trigger the 9th judging submodule, otherwise triggers the tenth judging submodule;
9th judging submodule, for judging whether the new executable file to be downloaded includes described to be updated hold Style of writing part is, for the second memory block of the new executable file application nonvolatile storage to be downloaded, to give on described Position machine is return success, and is otherwise downloaded other executable files and is returned to downloading result information to the host computer;
Tenth judging submodule, for judging whether the new executable file to be downloaded includes to be updated hold Style of writing part is then to return to error message to host computer, otherwise downloads other executable files and returns to downloading result to host computer Information;
Judging submodule is saved, for dividing multiple APDU host computer when second receiving module receives download command It instructs the downloading file data blocks sent parsing composition executable file and is saved in the second memory block of nonvolatile storage In, judge whether downloading process normally completes, be, triggers judgement recycling submodule, otherwise return to error message to host computer;
Submodule is recycled in the judgement, for judge current download package mark code whether be the mark code of new executable file simultaneously Judge whether hot more new session has been started up, if judgement is to be, judgement addition submodule is triggered, otherwise by non-volatile memory The information of second memory block of device is recycled, and returns to error message to host computer;
Submodule is added in the judgement, judges whether the mode of recovery process is to restore automatically for card, be then it is described can Execute in system registry one correspondence of record and the registry information of new executable file and by new executable file It saves address to be added in the registry information, triggers the installation recovery module, otherwise returned successfully to the host computer Information.
42. device according to claim 24, which is characterized in that the installation recovery module includes:
Third receiving submodule restores executable file order for receiving heat and updating;
First check submodule, for when the third receiving submodule receive heat update restore executable file order when, Whether the preparation process before checking recovery process is completed, and is then to trigger the 11st judging submodule, otherwise gives host computer to return wrong False information;
11st judging submodule is that then triggering second checks submodule for judging whether heat update recovery operation is legal Otherwise block returns to error message to host computer;
Described second checks submodule, for checking whether generation power down, power down does not such as occur or card reinstalls new opplication Process occurs power down and then triggers installation judging submodule, and installation is triggered if power down occurs using backed up in synchronization data procedures and is restored Submodule triggers the first calling submodule if power down occurs using merging data process;
The installation judging submodule, for passing sequentially through the new executable file according to the text of backup according to downloading order Part registry information and each application registry information of backup reinstall each application, and judge whether to be mounted to Function is to trigger installation to restore submodule, otherwise returns to error message to host computer;
The installation restores submodule, for calling the backup function in the application each reinstalled in order by security domain The user information of the respective application of backup is restored in the respective application reinstalled;
12nd judging submodule is that then submodule is called in triggering first for judging whether all applications successfully restore, no It then triggers calling and returns to submodule;
The calling returns to submodule, for calling garbage reclamation function to clear up all temporary variables and data cached, to upper Machine returns to error message;
Described first calls submodule, for calling the pooled function for the application each reinstalled in order by security domain;
13rd judging submodule, the pooled function for judging whether successfully to call all applications reinstalled, is to give The host computer is return success, and is otherwise triggered first and is deleted submodule;
Described first deletes submodule, for deleting the application reinstalled and corresponding new executable file.
43. device according to claim 42, which is characterized in that described first checks that submodule is specifically used for when described the Three receiving submodules receive heat and update when restoring executable file order, judge whether backup procedure is completed and new executable Whether file downloads completion, triggers the 11st judging submodule if judgement is to be, otherwise returns to error message to host computer.
44. device according to claim 42, which is characterized in that it is new that the 11st judging submodule is specifically used for judgement Executable file version number it is whether higher than the version number of executable file to be updated and judge executable text to be updated It whether include static dependencies in part, triggering second checks submodule if judgement is to be, otherwise returns to mistake to host computer Information.
45. device according to claim 24, which is characterized in that further include abandoning module, for have exception throws and After returning to error message to host computer, when first receiving module receives the order that the host computer sends again into Row abandons hot more new session operation.
46. device according to claim 45, which is characterized in that the module of abandoning includes:
14th judging submodule preserves executable file to be updated for judging whether, is to trigger recovery submodule, Otherwise triggering downloading submodule;
The downloading submodule, for downloading executable file to be updated, when receiving recovery order and on having restored It is triggered after primary new executable file and restores submodule;
The recovery submodule, for belonging to executable file to be updated according to the executable file recovery to be updated All user informations of all application registry information and backup execute step E4;
Backup submodule is recycled, for recycling to Useless object, clears up the information backed up in hot renewal process, and give The host computer is return success.
CN201811631072.0A 2018-12-29 2018-12-29 Method and device for realizing hot updating of executable file of smart card Active CN109819018B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811631072.0A CN109819018B (en) 2018-12-29 2018-12-29 Method and device for realizing hot updating of executable file of smart card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811631072.0A CN109819018B (en) 2018-12-29 2018-12-29 Method and device for realizing hot updating of executable file of smart card

Publications (2)

Publication Number Publication Date
CN109819018A true CN109819018A (en) 2019-05-28
CN109819018B CN109819018B (en) 2021-06-08

Family

ID=66602767

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811631072.0A Active CN109819018B (en) 2018-12-29 2018-12-29 Method and device for realizing hot updating of executable file of smart card

Country Status (1)

Country Link
CN (1) CN109819018B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110688125A (en) * 2019-08-28 2020-01-14 北京浪潮数据技术有限公司 Deployment method and system of big data platform

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103019892A (en) * 2012-12-29 2013-04-03 盛耀无线通讯科技(北京)有限公司 NV data backup and recovery method based on high-pass platform
CN105302666A (en) * 2015-10-13 2016-02-03 东信和平科技股份有限公司 JAVA CARD based backup and recovery method for data in application
CN105677513A (en) * 2016-01-04 2016-06-15 北京小米移动软件有限公司 Method and device for restoring backup data
CN105893084A (en) * 2016-03-29 2016-08-24 青岛海信移动通信技术股份有限公司 Version upgrading method and terminal equipment
CN107678886A (en) * 2017-10-09 2018-02-09 飞天诚信科技股份有限公司 A kind of method and terminal device for preserving, recovering application data
US20180089031A1 (en) * 2014-08-06 2018-03-29 Commvault Systems, Inc. Application recovery in an information management system based on a pseudo-storage-device driver

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103019892A (en) * 2012-12-29 2013-04-03 盛耀无线通讯科技(北京)有限公司 NV data backup and recovery method based on high-pass platform
US20180089031A1 (en) * 2014-08-06 2018-03-29 Commvault Systems, Inc. Application recovery in an information management system based on a pseudo-storage-device driver
CN105302666A (en) * 2015-10-13 2016-02-03 东信和平科技股份有限公司 JAVA CARD based backup and recovery method for data in application
CN105677513A (en) * 2016-01-04 2016-06-15 北京小米移动软件有限公司 Method and device for restoring backup data
CN105893084A (en) * 2016-03-29 2016-08-24 青岛海信移动通信技术股份有限公司 Version upgrading method and terminal equipment
CN107678886A (en) * 2017-10-09 2018-02-09 飞天诚信科技股份有限公司 A kind of method and terminal device for preserving, recovering application data

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
闫海忠: "一种深度备份应用程序和数据的方法", 《电脑编程技巧与维护》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110688125A (en) * 2019-08-28 2020-01-14 北京浪潮数据技术有限公司 Deployment method and system of big data platform

Also Published As

Publication number Publication date
CN109819018B (en) 2021-06-08

Similar Documents

Publication Publication Date Title
AU2010353673B2 (en) Managing method, device and terminal for application program
CN101854392B (en) Personal data management method based on cloud computing environment
CN107783776B (en) Processing method and device of firmware upgrade package and electronic equipment
CN102236764B (en) Method and monitoring system for Android system to defend against desktop information attack
CN104662552A (en) Secure disk access control
CN106937274A (en) A kind of Profile changing methods and device based on EUICC
CN103106372A (en) Lightweight class privacy data encryption method and system for Android system
CN1954297A (en) Isolated multiplexed multi-dimensional processing in a virtual processing space having virus, spyware, and hacker protection features
JPH05334253A (en) Method for utilizing information processing workstation with password and information processing workstation utilizing the method
CN107111717A (en) Safe boot policy on upgrading virtual machine
CN101815292B (en) Device and method for protecting data of mobile terminal
CN106681865B (en) Service recovery method and device
CN101008895A (en) Software update system and method of computer enclosed operation system
CN107943501A (en) Embedded device upgrade method, device, computer equipment and storage medium
CN109120584B (en) Terminal security protection method and system based on UEFI and WinPE
CN105867962A (en) System upgrading method and device
CN110955901A (en) Storage method and server for virtual machine image file of cloud computing platform
CN113961226B (en) Software development kit repairing method, terminal, server and equipment
CN109819018A (en) A kind of hot update method that realizing smart card executable file and device
CN105302666A (en) JAVA CARD based backup and recovery method for data in application
CN113342425A (en) Starting method, device and storage medium of Linux embedded system
JP2004252707A (en) Memory device
CN103646205B (en) A kind of method controlling operation of encryption lock
CN106844005A (en) Based on data reconstruction method and system under virtualized environment
CN104346299A (en) Updating control method and device of mobile terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant