CN110096869A - BIOS loads signing certificate method, system, equipment and computer media - Google Patents
BIOS loads signing certificate method, system, equipment and computer media Download PDFInfo
- Publication number
- CN110096869A CN110096869A CN201910380256.2A CN201910380256A CN110096869A CN 110096869 A CN110096869 A CN 110096869A CN 201910380256 A CN201910380256 A CN 201910380256A CN 110096869 A CN110096869 A CN 110096869A
- Authority
- CN
- China
- Prior art keywords
- certificate
- loaded
- signing certificate
- project
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 238000001629 sign test Methods 0.000 claims description 25
- 238000004422 calculation algorithm Methods 0.000 claims description 23
- 238000004590 computer program Methods 0.000 claims description 10
- 238000004891 communication Methods 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 5
- 239000002775 capsule Substances 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 108010001267 Protein Subunits Proteins 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
This application discloses a kind of BIOS load signing certificate method, system, equipment and computer medias, obtain the identification information of target project to be loaded;Corresponding relationship between identification information and signing certificate based on preset project to be loaded determines the corresponding Target Signature certificate of the identification information of target project to be loaded in the corresponding signing certificate file of signing certificate;It include the signing certificate of each project to be loaded in signing certificate file;Load Target Signature certificate.A kind of BIOS load signing certificate method, system, equipment and computer readable storage medium provided by the present application, it include the signing certificate of each project to be loaded in signing certificate file, and it can be according to the corresponding relationship between the identification information and signing certificate of project to be loaded, in signing certificate file, determine the corresponding Target Signature certificate of the identification information of target project to be loaded, without modifying to bios code, loading efficiency can be improved.
Description
Technical field
This application involves server technology fields, more specifically to BIOS load signing certificate method, system, set
Standby and computer media.
Background technique
In the server, Secure Flash is to prevent unwarranted BIOS (Basic Input Output
System, basic input output system) upgrading a kind of method.It may insure BIOS binary file by Secure Flash
Source be effective, and can prevent BIOS file from being distorted by other people.The principle of Secure Flash is to utilize one group of signature
Certificate generates the BIOS file of a signature when compiling bios code, and the label of BIOS file are carried out when refreshing
Name verifying, detailed process are as follows: generate a group key, including public key and private key;Hash is done to BIOS binary file, obtains one
Abstract, signs to this abstract with private key, obtains the signature file of an encryption, it is attached to the Capsule text of BIOS
In part: when refreshing BIOS, the signature section first in taking-up BIOS Capsule file is obtained with public key decryptions
Digest value compares with doing the digest value that Hash obtains to BIOS binary file, and the two is equal, then sign test success, otherwise fails.
It can be appreciated that can guarantee the safety of BIOS upgrading by digital signature, however, existing BIOS load signature
When certificate, BIOS can only load a signing certificate every time, in this way, when BIOS needs to load the signing certificate of multiple projects,
Bios code can only be modified, cumbersome, loading efficiency is low.
In conclusion the loading efficiency for how improving BIOS load signing certificate is that current those skilled in the art urgently solve
Certainly the problem of.
Summary of the invention
The purpose of the application is to provide a kind of BIOS load signing certificate method, can solve how to mention to a certain extent
The technical issues of loading efficiency of high BIOS load signing certificate.Present invention also provides a kind of BIOS to load signing certificate system
System, equipment and computer readable storage medium.
To achieve the goals above, the application provides the following technical solutions:
A kind of BIOS load signing certificate method, comprising:
Obtain the identification information of target project to be loaded;
Corresponding relationship between identification information and signing certificate based on preset project to be loaded, in the signing certificate pair
In the signing certificate file answered, the corresponding Target Signature certificate of the identification information of target project to be loaded is determined;The label
It include the signing certificate of each project to be loaded in name certificate file;
Load the Target Signature certificate.
Preferably, before the identification information for obtaining target project to be loaded, further includes:
Obtain the identification information and corresponding signing certificate of each project to be loaded;
The signing certificate of each project to be loaded is subjected to code compilation, obtains the signing certificate file;
It is described right between the identification information and the corresponding signing certificate of each project to be loaded to establish and save
It should be related to.
Preferably, after the load Target Signature certificate, further includes:
Obtain the corresponding Target Signature file of target project to be loaded;
Sign test is carried out to the Target Signature file based on the Target Signature certificate.
It is preferably, described that sign test is carried out to the Target Signature file based on the Target Signature certificate, comprising:
Parse the first public key information carried in the Target Signature file;
Parse the second public key information carried in the Target Signature certificate;
Judge whether first public key information and second public key information are consistent, if so, executing described based on institute
State the step of Target Signature certificate carries out sign test to the Target Signature file.
Preferably, second public key information includes obtaining after being encrypted based on Encryption Algorithm to initial public key information
Information;
It is described to judge whether first public key information and second public key information are consistent, comprising:
First public key information is encrypted based on the Encryption Algorithm, obtains third key information;
Judge whether the third key information is consistent with second public key information, if so, determining that described first is public
Key information is consistent with second public key information.
Preferably, the Encryption Algorithm includes Hash Encryption Algorithm.
Preferably, the identification information includes item id.
A kind of BIOS load signing certificate system, comprising:
First obtains module, for obtaining the identification information of target project to be loaded;
First determining module, for the pass corresponding between signing certificate of the identification information based on preset project to be loaded
System, in the corresponding signing certificate file of the signing certificate, determines that the identification information of target project to be loaded is corresponding
Target Signature certificate;It include the signing certificate of each project to be loaded in the signing certificate file;
First loading module, for loading the Target Signature certificate.
A kind of BIOS load signing certificate equipment, comprising:
Memory, for storing computer program;
Processor realizes that as above any BIOS loads signing certificate method when for executing the computer program
Step.
A kind of computer readable storage medium is stored with computer program in the computer readable storage medium, described
The step of as above any BIOS load signing certificate method is realized when computer program is executed by processor.
A kind of BIOS provided by the present application loads signing certificate method, obtains the identification information of target project to be loaded;Base
Corresponding relationship between the identification information and signing certificate of preset project to be loaded, in the corresponding signing certificate text of signing certificate
In part, the corresponding Target Signature certificate of the identification information of target project to be loaded is determined;In signing certificate file comprising it is each to
Add-in purpose signing certificate;Load Target Signature certificate.In a kind of BIOS load signing certificate method provided by the present application, label
It include the signing certificate of each project to be loaded in name certificate file, and can be according to the identification information and signature of project to be loaded
Corresponding relationship between certificate determines the corresponding Target Signature of identification information of target project to be loaded in signing certificate file
Certificate, namely after knowing the identification information of target project to be loaded, the Target Signature card of target project to be loaded can be loaded
Load effect can be improved without modifying in the signing certificate of the different projects to be loaded of load to bios code in book
Rate.A kind of BIOS load signing certificate system, equipment and computer readable storage medium provided by the present application also solve accordingly
Technical problem.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of application for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is the first pass figure that a kind of BIOS provided by the embodiments of the present application loads signing certificate method;
Fig. 2 is the second flow chart that a kind of BIOS provided by the embodiments of the present application loads signing certificate method;
Fig. 3 is the structural schematic diagram that a kind of BIOS provided by the embodiments of the present application loads signing certificate system;
Fig. 4 is the structural schematic diagram that a kind of BIOS provided by the embodiments of the present application loads signing certificate equipment;
Fig. 5 is another structural schematic diagram that a kind of BIOS provided by the embodiments of the present application loads signing certificate equipment.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on
Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall in the protection scope of this application.
In the server, Secure Flash is to prevent unwarranted BIOS (Basic Input Output
System, basic input output system) upgrading a kind of method.It may insure BIOS binary file by Secure Flash
Source be effective, and can prevent BIOS file from being distorted by other people.The principle of Secure Flash is to utilize one group of signature
Certificate generates the BIOS file of a signature when compiling bios code, and the label of BIOS file are carried out when refreshing
Name verifying, detailed process are as follows: generate a group key, including public key and private key;Hash is done to BIOS binary file, obtains one
Abstract, signs to this abstract with private key, obtains the signature file of an encryption, it is attached to the Capsule text of BIOS
In part: when refreshing BIOS, the signature section first in taking-up BIOS Capsule file is obtained with public key decryptions
Digest value compares with doing the digest value that Hash obtains to BIOS binary file, and the two is equal, then sign test success, otherwise fails.
It can be appreciated that can guarantee the safety of BIOS upgrading by digital signature, however, when existing BIOS loads signing certificate,
BIOS can only load a signing certificate every time, in this way, can only modify when BIOS needs to load the signing certificate of multiple projects
Bios code, cumbersome, loading efficiency is low.A kind of BIOS load signing certificate method provided by the present application can be improved
The loading efficiency of BIOS load signing certificate.
Referring to Fig. 1, Fig. 1 is the first pass that a kind of BIOS provided by the embodiments of the present application loads signing certificate method
Figure.
A kind of BIOS provided by the embodiments of the present application loads signing certificate method, may comprise steps of:
Step S101: the identification information of target project to be loaded is obtained.
In practical application, the identification information of target project to be loaded can be first obtained, specifically, BIOS can receive upload
The identification information of the target of port transmission project to be loaded, it is to be loaded also to can be read directly the target carried in received file
The identification information etc. of project.The type of identification information can determine according to actual needs, for example it can be project to be loaded
Item id, icon etc..
Step S102: the corresponding relationship between identification information and signing certificate based on preset project to be loaded is being signed
In the corresponding signing certificate file of certificate, the corresponding Target Signature certificate of the identification information of target project to be loaded is determined;Signature
It include the signing certificate of each project to be loaded in certificate file.
In practical application, after the identification information for obtaining target model to be loaded, preset item to be loaded can be based on
Corresponding relationship between purpose mark information and signing certificate determines target item purpose mark to be loaded in signing certificate file
The corresponding Target Signature certificate of information.In addition, including the signing certificate of each project to be loaded in signing certificate file, namely each
The signing certificate of a project to be loaded is stored in signing certificate file, and preserves the identification information and label of project to be loaded
Corresponding relationship between name certificate, so can signed based on the corresponding relationship after the identification information for knowing project to be loaded
The signing certificate of project to be loaded is found in name certificate file.Signing certificate involved in the application refers to that BIOS is carried out
Applied signing certificate when Secure Flash, and signing certificate file is referred to raw after signing certificate progress code compilation
File.
In concrete application scene, signing certificate file and corresponding relationship can be generated directly in real time, then it is to be added to obtain target
Before the identification information of load project, the identification information and corresponding signing certificate of each project to be loaded can also be obtained;It will be each
The signing certificate of a project to be loaded carries out code compilation, obtains signing certificate file;It establishes and saves each project to be loaded
Identification information and corresponding signing certificate between corresponding relationship.It, can also will be each in the code compilation stage in concrete application
The signing certificate of project to be loaded is compiled into different signing certificate files, and distinguishes, and is may not need in this way to different
Signing certificate distinguishes;Correspondingly, the PEI phase that can be run in code, obtains the identification information of target project to be loaded,
And directly acquire the signing certificate file of target project to be loaded.
Step S103: load Target Signature certificate.
In practical application, BIOS can load Target Signature certificate after determining Target Signature certificate.
A kind of BIOS provided by the present application loads signing certificate method, obtains the identification information of target project to be loaded;Base
Corresponding relationship between the identification information and signing certificate of preset project to be loaded, in the corresponding signing certificate text of signing certificate
In part, the corresponding Target Signature certificate of the identification information of target project to be loaded is determined;In signing certificate file comprising it is each to
Add-in purpose signing certificate;Load Target Signature certificate.In a kind of BIOS load signing certificate method provided by the present application, label
Include the signing certificate of each project to be loaded in name certificate file, and BIOS can according to the identification information of project to be loaded with
Corresponding relationship between signing certificate determines the corresponding target of identification information of target project to be loaded in signing certificate file
After signing certificate namely BIOS know the identification information of target project to be loaded, the mesh of target project to be loaded can be loaded
Tag name certificate, without modifying in the signing certificate of the different projects to be loaded of load to bios code, Ke Yiti
High loading efficiency.
Referring to Fig. 2, Fig. 2 is the second procedure that a kind of BIOS provided by the embodiments of the present application loads signing certificate method
Figure.
In practical application, a kind of BIOS load signing certificate method provided by the embodiments of the present application may include following step
It is rapid:
Step S201: the identification information of target project to be loaded is obtained.
Step S202: the corresponding relationship between identification information and signing certificate based on preset project to be loaded is being signed
In the corresponding signing certificate file of certificate, the corresponding Target Signature certificate of the identification information of target project to be loaded is determined;Signature
It include the signing certificate of each project to be loaded in certificate file.
Step S203: load Target Signature certificate.
Step S204: the corresponding Target Signature file of target project to be loaded is obtained.
In practical application, after loading Target Signature certificate, the corresponding target label of target project to be loaded can also be obtained
Name file, Target Signature file refer to obtaining after being signed with abstract of the private key in Target Signature certificate to BIOS file
File, the abstract of BIOS file refers to obtained file after encrypting using hash algorithm to BIOS file, BIOS text
Part refers to the file for being upgraded to BIOS corresponding with target project to be loaded.Specifically, can be run in code
Stage when needing to refresh BIOS, executes the step of obtaining target project to be loaded corresponding Target Signature file.
Step S205: sign test is carried out to Target Signature file based on Target Signature certificate.
It, can be based on Target Signature certificate to Target Signature file after obtaining Target Signature file in practical application
Sign test is carried out, sign test process is same as the prior art, process are as follows: by the public key in Target Signature certificate to Target Signature text
Part is decrypted, obtain target abstract, to BIOS file carry out Hash operation made a summary in real time, judge target abstract in real time
It whether consistent makes a summary, if so, sign test success, if it is not, then sign test fails.
In practical application, because Target Signature file and Target Signature certificate may be distorted by the external world, it is being based on usurping at this time
If Target Signature certificate after changing carries out sign test to the Target Signature file after distorting, the safety of BIOS file not can guarantee
Property, so can first verify Target Signature certificate and mesh when carrying out sign test to Target Signature file based on Target Signature certificate
The safety of tag name file, then the process for carrying out sign test to Target Signature file based on Target Signature certificate can be with specifically:
Parse the first public key information carried in Target Signature file;Parse the second public key letter carried in Target Signature certificate
Breath;Judge whether the first public key information is consistent with the second public key information, if so, executing based on Target Signature certificate to target label
The step of name file carries out sign test.It can be appreciated that the first public key information of carrying is needed in Target Signature file, in Target Signature certificate
The second public key information need to be carried, and the first public key information and the second public key information are the public key information with target project to be loaded
Relevant information.
In concrete application scene, the type of the first public key information can be the initial public key information of target project to be loaded,
Second public key information may include the information obtained after being encrypted based on Encryption Algorithm to initial public key information;Then judge first
Public key information and the whether consistent process of the second public key information can be with specifically: are carried out based on Encryption Algorithm to the first public key information
Encryption, obtains third key information;Judge whether third key information is consistent with the second public key information, if so, determining first
Public key information is consistent with the second public key information.Specifically, Encryption Algorithm includes Hash Encryption Algorithm.
Present invention also provides a kind of BIOS to load signing certificate system, with one kind provided by the embodiments of the present application
The correspondence effect that BIOS load signing certificate method has.Referring to Fig. 3, Fig. 3 is a kind of BIOS provided by the embodiments of the present application
Load the structural schematic diagram of signing certificate system.
A kind of BIOS provided by the embodiments of the present application loads signing certificate system, may include:
First obtains module 101, for obtaining the identification information of target project to be loaded;
First determining module 102, for based on preset project to be loaded identification information with it is corresponding between signing certificate
Relationship determines the corresponding target label of the identification information of target project to be loaded in the corresponding signing certificate file of signing certificate
Name certificate;It include the signing certificate of each project to be loaded in signing certificate file;
First loading module 103, for loading Target Signature certificate.
A kind of BIOS provided by the embodiments of the present application loads signing certificate system, can also include:
Second obtain module, for first obtain obtain target project to be loaded identification information before, obtain it is each to
Add-in purpose mark information and corresponding signing certificate;
First collector obtains signing certificate for the signing certificate of each project to be loaded to be carried out code compilation
File;
First preserving module, between the identification information and corresponding signing certificate for establishing and saving each project to be loaded
Corresponding relationship.
A kind of BIOS provided by the embodiments of the present application loads signing certificate system, can also include:
Third obtains module, after the first loading module load Target Signature certificate, obtains target project to be loaded
Corresponding Target Signature file;
First sign test module, for carrying out sign test to Target Signature file based on Target Signature certificate.
A kind of BIOS provided by the embodiments of the present application loads signing certificate system, and the first sign test module may include:
First resolution unit, for parsing the first public key information carried in Target Signature file;
Second resolution unit, for parsing the second public key information carried in Target Signature certificate;
First judging unit, for judging whether the first public key information is consistent with the second public key information, if so, executing base
In the step of Target Signature certificate carries out sign test to Target Signature file.
A kind of BIOS provided by the embodiments of the present application loads signing certificate system, and the second public key information may include being based on adding
The information that close algorithm obtains after encrypting to initial public key information;
First judging unit may include:
First encryption unit obtains third key information for encrypting based on Encryption Algorithm to the first public key information;
First judgment sub-unit, for judging whether third key information is consistent with the second public key information, if so, determining
First public key information is consistent with the second public key information.
A kind of BIOS provided by the embodiments of the present application loads signing certificate system, and Encryption Algorithm may include that Hash encryption is calculated
Method.
A kind of BIOS provided by the embodiments of the present application loads signing certificate system, and identification information may include item id.
Present invention also provides a kind of BIOS load signing certificate equipment and computer readable storage mediums, all have this
The correspondence effect that a kind of BIOS load signing certificate method that application embodiment provides has.Referring to Fig. 4, Fig. 4 is the application
A kind of structural schematic diagram for BIOS load signing certificate equipment that embodiment provides.
A kind of BIOS provided by the embodiments of the present application loads signing certificate equipment, including memory 201 and processor 202,
Computer program is stored in memory 201, processor 202 is realized such as when executing the computer program stored in memory 201
Lower step:
Obtain the identification information of target project to be loaded;
Corresponding relationship between identification information and signing certificate based on preset project to be loaded, it is corresponding in signing certificate
In signing certificate file, the corresponding Target Signature certificate of the identification information of target project to be loaded is determined;In signing certificate file
Signing certificate comprising each project to be loaded;
Load Target Signature certificate.
A kind of BIOS provided by the embodiments of the present application loads signing certificate equipment, including memory 201 and processor 202,
Computer subprogram, tool when processor 202 executes the computer subprogram stored in memory 201 are stored in memory 201
Body realizes following steps: before the identification information for obtaining target project to be loaded, obtaining the identification information of each project to be loaded
And corresponding signing certificate;The signing certificate of each project to be loaded is subjected to code compilation, obtains signing certificate file;It establishes
And save the corresponding relationship between the identification information and corresponding signing certificate of each project to be loaded.
A kind of BIOS provided by the embodiments of the present application loads signing certificate equipment, including memory 201 and processor 202,
Computer subprogram, tool when processor 202 executes the computer subprogram stored in memory 201 are stored in memory 201
Body realizes following steps: after load Target Signature certificate, obtaining the corresponding Target Signature file of target project to be loaded;It is based on
Target Signature certificate carries out sign test to Target Signature file.
A kind of BIOS provided by the embodiments of the present application loads signing certificate equipment, including memory 201 and processor 202,
Computer subprogram, tool when processor 202 executes the computer subprogram stored in memory 201 are stored in memory 201
Body realizes following steps: parsing the first public key information carried in Target Signature file;It parses and is taken in Target Signature certificate
Second public key information of band;Judge whether the first public key information is consistent with the second public key information, is based on target label if so, executing
The step of name certificate carries out sign test to Target Signature file.
A kind of BIOS provided by the embodiments of the present application loads signing certificate equipment, including memory 201 and processor 202,
Computer subprogram, tool when processor 202 executes the computer subprogram stored in memory 201 are stored in memory 201
Body realizes following steps: the second public key information includes the letter obtained after being encrypted based on Encryption Algorithm to initial public key information
Breath;The first public key information is encrypted based on Encryption Algorithm, obtains third key information;Judge third key information whether with
Second public key information is consistent, if so, determining that the first public key information is consistent with the second public key information.
A kind of BIOS provided by the embodiments of the present application loads signing certificate equipment, including memory 201 and processor 202,
Computer subprogram, tool when processor 202 executes the computer subprogram stored in memory 201 are stored in memory 201
Body realizes following steps: Encryption Algorithm includes Hash Encryption Algorithm.
A kind of BIOS provided by the embodiments of the present application loads signing certificate equipment, including memory 201 and processor 202,
Computer subprogram, tool when processor 202 executes the computer subprogram stored in memory 201 are stored in memory 201
Body realizes following steps: identification information includes item id.
Referring to Fig. 5, can also include: in another kind BIOS provided by the embodiments of the present application load signing certificate equipment with
The input port 203 that processor 202 connects is used for transmission the extraneous order inputted to processor 202;It is connect with processor 202
Display unit 204, the processing result for video-stream processor 202 is to the external world;The communication module 205 being connect with processor 202,
For realizing BIOS load signing certificate equipment and extraneous communication.Display unit 204 can make for display panel, laser scanning
Display etc.;Communication mode used by communication module 205 includes but is not limited to mobile high definition chained technology (HML), general
Universal serial bus (USB), high-definition media interface (HDMI), be wirelessly connected: adopting wireless fidelity technology (WiFi), Bluetooth Communication Technology,
The low-power consumption bluetooth communication technology, the communication technology based on IEEE802.11s.
A kind of computer readable storage medium provided by the embodiments of the present application is stored with meter in computer readable storage medium
Calculation machine program, realizes following steps when computer program is executed by processor:
Obtain the identification information of target project to be loaded;
Corresponding relationship between identification information and signing certificate based on preset project to be loaded, it is corresponding in signing certificate
In signing certificate file, the corresponding Target Signature certificate of the identification information of target project to be loaded is determined;In signing certificate file
Signing certificate comprising each project to be loaded;
Load Target Signature certificate.
A kind of computer readable storage medium provided by the embodiments of the present application is stored with meter in computer readable storage medium
Loom program is calculated, computer subprogram is implemented as follows step when being executed by processor: obtaining the mark of target project to be loaded
Before knowing information, the identification information and corresponding signing certificate of each project to be loaded are obtained;By the label of each project to be loaded
Name certificate carries out code compilation, obtains signing certificate file;Establish and save the identification information and correspondence of each project to be loaded
Signing certificate between corresponding relationship.
A kind of computer readable storage medium provided by the embodiments of the present application is stored with meter in computer readable storage medium
Loom program is calculated, computer subprogram is implemented as follows step when being executed by processor: after load Target Signature certificate, obtained
Take the corresponding Target Signature file of target project to be loaded;Sign test is carried out to Target Signature file based on Target Signature certificate.
A kind of computer readable storage medium provided by the embodiments of the present application is stored with meter in computer readable storage medium
Loom program is calculated, computer subprogram is implemented as follows step when being executed by processor: parsing and takes in Target Signature file
First public key information of band;Parse the second public key information carried in Target Signature certificate;Judge the first public key information and
Whether two public key informations are consistent, if so, executing the step of carrying out sign test to Target Signature file based on Target Signature certificate.
A kind of computer readable storage medium provided by the embodiments of the present application is stored with meter in computer readable storage medium
Loom program is calculated, computer subprogram is implemented as follows step when being executed by processor: the second public key information includes being based on adding
The information that close algorithm obtains after encrypting to initial public key information;The first public key information is encrypted based on Encryption Algorithm,
Obtain third key information;Judge whether third key information is consistent with the second public key information, if so, determining the first public key letter
It ceases consistent with the second public key information.
A kind of computer readable storage medium provided by the embodiments of the present application is stored with meter in computer readable storage medium
Calculate loom program, computer subprogram is implemented as follows step when being executed by processor: Encryption Algorithm includes that Hash encryption is calculated
Method.
A kind of computer readable storage medium provided by the embodiments of the present application is stored with meter in computer readable storage medium
Loom program is calculated, computer subprogram is implemented as follows step when being executed by processor: identification information includes item id.
Computer readable storage medium involved in the application includes random access memory (RAM), memory, read-only memory
(ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technical field
Any other form of storage medium well known to interior.
A kind of BIOS provided by the embodiments of the present application is loaded in signing certificate system, equipment and computer readable storage medium
The explanation of relevant portion refers to the detailed of corresponding part in a kind of BIOS load signing certificate method provided by the embodiments of the present application
Describe in detail bright, details are not described herein.In addition, in above-mentioned technical proposal provided by the embodiments of the present application with correspond to technology in the prior art
The consistent part of scheme realization principle is simultaneously unspecified, in order to avoid excessively repeat.
It should also be noted that, herein, relational terms such as first and second and the like are used merely to one
Entity or operation are distinguished with another entity or operation, without necessarily requiring or implying between these entities or operation
There are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant are intended to contain
Lid non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
The foregoing description of the disclosed embodiments makes those skilled in the art can be realized or use the application.To this
A variety of modifications of a little embodiments will be apparent for a person skilled in the art, and the general principles defined herein can
Without departing from the spirit or scope of the application, to realize in other embodiments.Therefore, the application will not be limited
It is formed on the embodiments shown herein, and is to fit to consistent with the principles and novel features disclosed in this article widest
Range.
Claims (10)
1. a kind of BIOS loads signing certificate method characterized by comprising
Obtain the identification information of target project to be loaded;
Corresponding relationship between identification information and signing certificate based on preset project to be loaded, it is corresponding in the signing certificate
In signing certificate file, the corresponding Target Signature certificate of the identification information of target project to be loaded is determined;The signature card
It include the signing certificate of each project to be loaded in written matter;
Load the Target Signature certificate.
2. the method according to claim 1, wherein it is described obtain target project to be loaded identification information it
Before, further includes:
Obtain the identification information and corresponding signing certificate of each project to be loaded;
The signing certificate of each project to be loaded is subjected to code compilation, obtains the signing certificate file;
Establish and save the corresponding pass between the identification information and the corresponding signing certificate of each project to be loaded
System.
3. method according to claim 1 or 2, which is characterized in that after the load Target Signature certificate, also wrap
It includes:
Obtain the corresponding Target Signature file of target project to be loaded;
Sign test is carried out to the Target Signature file based on the Target Signature certificate.
4. according to the method described in claim 3, it is characterized in that, described be based on the Target Signature certificate to the target label
Name file carries out sign test, comprising:
Parse the first public key information carried in the Target Signature file;
Parse the second public key information carried in the Target Signature certificate;
Judge whether first public key information and second public key information are consistent, if so, executing described based on the mesh
The step of tag name certificate carries out sign test to the Target Signature file.
5. according to the method described in claim 4, it is characterized in that, second public key information includes based on Encryption Algorithm to first
The information that beginning public key information obtains after being encrypted;
It is described to judge whether first public key information and second public key information are consistent, comprising:
First public key information is encrypted based on the Encryption Algorithm, obtains third key information;
Judge whether the third key information is consistent with second public key information, if so, determining the first public key letter
It ceases consistent with second public key information.
6. according to the method described in claim 5, it is characterized in that, the Encryption Algorithm includes Hash Encryption Algorithm.
7. the method according to claim 1, wherein the identification information includes item id.
8. a kind of BIOS loads signing certificate system characterized by comprising
First obtains module, for obtaining the identification information of target project to be loaded;
First determining module, for the corresponding relationship between identification information and signing certificate based on preset project to be loaded,
In the corresponding signing certificate file of the signing certificate, the corresponding target label of the identification information of target project to be loaded are determined
Name certificate;It include the signing certificate of each project to be loaded in the signing certificate file;
First loading module, for loading the Target Signature certificate.
9. a kind of BIOS loads signing certificate equipment characterized by comprising
Memory, for storing computer program;
Processor realizes the BIOS load signature card as described in any one of claim 1 to 7 when for executing the computer program
The step of book method.
10. a kind of computer readable storage medium, which is characterized in that be stored with computer in the computer readable storage medium
Program realizes that BIOS loads signing certificate as described in any one of claim 1 to 7 when the computer program is executed by processor
The step of method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910380256.2A CN110096869A (en) | 2019-05-08 | 2019-05-08 | BIOS loads signing certificate method, system, equipment and computer media |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910380256.2A CN110096869A (en) | 2019-05-08 | 2019-05-08 | BIOS loads signing certificate method, system, equipment and computer media |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110096869A true CN110096869A (en) | 2019-08-06 |
Family
ID=67447220
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910380256.2A Pending CN110096869A (en) | 2019-05-08 | 2019-05-08 | BIOS loads signing certificate method, system, equipment and computer media |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110096869A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113051584A (en) * | 2021-05-31 | 2021-06-29 | 武汉深之度科技有限公司 | System secure starting method and device, computing equipment and readable storage medium |
| CN113094708A (en) * | 2021-04-12 | 2021-07-09 | 北京明朝万达科技股份有限公司 | Electronic file processing method and device, storage medium and processor |
| CN114629658A (en) * | 2022-03-30 | 2022-06-14 | 杭州海康威视系统技术有限公司 | Application signature method, device, equipment and storage medium |
| CN117411644A (en) * | 2023-12-12 | 2024-01-16 | 苏州元脑智能科技有限公司 | Digital signature verification method and device, electronic equipment and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104182242A (en) * | 2013-05-28 | 2014-12-03 | 华为技术有限公司 | System booting method and system booting device |
| CN104572168A (en) * | 2014-09-10 | 2015-04-29 | 中电科技(北京)有限公司 | BIOS (Basic Input/Output System) self-updating protection system and BIOS self-updating protection method |
| CN104680081A (en) * | 2015-02-12 | 2015-06-03 | 北京优星网络科技有限公司 | Processing method and device for batch digital file validity and timeliness |
| US20160012232A1 (en) * | 2014-07-11 | 2016-01-14 | Dell Products L.P. | Systems and methods for secure delivery of public keys for operating system drivers |
| CN107908962A (en) * | 2017-12-05 | 2018-04-13 | 深圳鼎智通讯股份有限公司 | Self checking method applied to Android intelligent terminal |
| CN108427888A (en) * | 2017-02-15 | 2018-08-21 | 阿里巴巴集团控股有限公司 | File signature method, file verification method and corresponding intrument and equipment |
| CN109214146A (en) * | 2018-08-10 | 2019-01-15 | 北京邮电大学 | The endorsement method of application software, sign test method and apparatus |
-
2019
- 2019-05-08 CN CN201910380256.2A patent/CN110096869A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104182242A (en) * | 2013-05-28 | 2014-12-03 | 华为技术有限公司 | System booting method and system booting device |
| US20160012232A1 (en) * | 2014-07-11 | 2016-01-14 | Dell Products L.P. | Systems and methods for secure delivery of public keys for operating system drivers |
| CN104572168A (en) * | 2014-09-10 | 2015-04-29 | 中电科技(北京)有限公司 | BIOS (Basic Input/Output System) self-updating protection system and BIOS self-updating protection method |
| CN104680081A (en) * | 2015-02-12 | 2015-06-03 | 北京优星网络科技有限公司 | Processing method and device for batch digital file validity and timeliness |
| CN108427888A (en) * | 2017-02-15 | 2018-08-21 | 阿里巴巴集团控股有限公司 | File signature method, file verification method and corresponding intrument and equipment |
| CN107908962A (en) * | 2017-12-05 | 2018-04-13 | 深圳鼎智通讯股份有限公司 | Self checking method applied to Android intelligent terminal |
| CN109214146A (en) * | 2018-08-10 | 2019-01-15 | 北京邮电大学 | The endorsement method of application software, sign test method and apparatus |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113094708A (en) * | 2021-04-12 | 2021-07-09 | 北京明朝万达科技股份有限公司 | Electronic file processing method and device, storage medium and processor |
| CN113051584A (en) * | 2021-05-31 | 2021-06-29 | 武汉深之度科技有限公司 | System secure starting method and device, computing equipment and readable storage medium |
| CN114629658A (en) * | 2022-03-30 | 2022-06-14 | 杭州海康威视系统技术有限公司 | Application signature method, device, equipment and storage medium |
| CN114629658B (en) * | 2022-03-30 | 2024-06-07 | 杭州海康威视系统技术有限公司 | Application signature method, device, equipment and storage medium |
| CN117411644A (en) * | 2023-12-12 | 2024-01-16 | 苏州元脑智能科技有限公司 | Digital signature verification method and device, electronic equipment and storage medium |
| CN117411644B (en) * | 2023-12-12 | 2024-03-01 | 苏州元脑智能科技有限公司 | Digital signature verification method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110096869A (en) | BIOS loads signing certificate method, system, equipment and computer media | |
| CN109144584A (en) | A kind of programmable logic device and its starting method, system and storage medium | |
| CN102711108B (en) | Method and system for managing the authentication information of mobile terminal | |
| CN106452786A (en) | Encryption and decryption processing method, apparatus and device | |
| CN107579962A (en) | A kind of method and device of source code encryption and decryption | |
| CN108985066A (en) | Intelligent contract security vulnerability detection method, device, terminal and storage medium | |
| CN104680389A (en) | NFC mobile phone terminal anti-fake system and method based on time encryption | |
| CN104134046A (en) | Encryption method and device | |
| CN101231622A (en) | Data storage method and equipment base on flash memory, as well as data fetch method and apparatu | |
| US8117429B2 (en) | System and method for a distributed and flexible configuration of a TCG TPM-based local verifier | |
| CN101984449B (en) | Smart card COS operating system | |
| CN104573527A (en) | UEFI system updating method based on updating security mechanism | |
| CN109992288A (en) | A kind of firmware update, device and computer readable storage medium | |
| US9659171B2 (en) | Systems and methods for detecting tampering of an information handling system | |
| CN105653283A (en) | Embedded system terminal and boot LOGO picture displaying and changing method thereof | |
| CN107562434A (en) | Preparation method, upgrade method, device and the equipment of upgrade file | |
| CN104469503B (en) | The initial method of a kind of electronic equipment and its external equipment, device | |
| CN102637422A (en) | Matrix obtaining method, character display device and system and electronic signature tool | |
| CN109145639A (en) | File encrypting method, decryption method and device | |
| CN103605939A (en) | Method, device and system for writing personal data in financial IC card | |
| CN109582238A (en) | A kind of hard disk binding, matching process, system and electronic equipment and storage medium | |
| CN110990846B (en) | Information storage method, device and computer readable storage medium | |
| CN111901105B (en) | Method and device for supporting Openssl algorithm based on UEFI (unified extensible firmware interface) architecture EDK2 | |
| CN105261044A (en) | Similar picture identification method and device and electronic equipment | |
| CN105574439A (en) | System disk verifying method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190806 |
|
| RJ01 | Rejection of invention patent application after publication |