CN110245466B - Software integrity protection and verification method, system, device and storage medium - Google Patents
Software integrity protection and verification method, system, device and storage medium Download PDFInfo
- Publication number
- CN110245466B CN110245466B CN201910530809.8A CN201910530809A CN110245466B CN 110245466 B CN110245466 B CN 110245466B CN 201910530809 A CN201910530809 A CN 201910530809A CN 110245466 B CN110245466 B CN 110245466B
- Authority
- CN
- China
- Prior art keywords
- public
- private key
- loader
- software
- key pair
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 160
- 238000012795 verification Methods 0.000 title claims abstract description 56
- 230000008569 process Effects 0.000 claims abstract description 96
- 230000008676 import Effects 0.000 claims description 4
- 238000004806 packaging method and process Methods 0.000 claims 1
- 238000012545 processing Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000005111 flow chemistry technique Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a software integrity protection and verification method, a system, equipment and a storage medium, wherein the method comprises the following steps: the loader generates a first public and private key pair; the loader signs a core process file by adopting a private key in the first public and private key pair to obtain a digital signature of the core process file and stores the digital signature; the security chip generates a second public and private key pair; and the security chip signs the loader with the signature result of the core process file by using a private key in the second public and private key pair to obtain and store the signature result of the loader. By adopting the invention, the integrity of the software is protected based on the security chip, and the core process of the software is ensured not to be illegally tampered and started by utilizing the characteristic that the key in the security chip can not be exported and the mode of verifying the integrity of the file by the digital signature.
Description
Technical Field
The present invention relates to the field of software protection technologies, and in particular, to a method, a system, a device, and a storage medium for protecting and verifying software integrity.
Background
For a piece of software, it is very important that there are many core processes, if the core processes are started illegally, the software will be invaded illegally, the software cannot run and use normally, and the security of the software is threatened seriously. For a piece of software, a process that realizes the core function of the software is started as a core process of the software. In order to ensure the safe use of software, it is necessary to protect the files corresponding to the core processes from being tampered. The core process file is some data file that is necessary to start the core process. For example, for a conference system software, a codec algorithm for conference access is used as a core process file of the conference system software, and if the core process file is tampered, the normal conference access function of the conference system software cannot be realized. Therefore, it is necessary to provide a method for performing encryption verification on software, which ensures that the software is not illegally tampered and started.
Disclosure of Invention
Aiming at the problems in the prior art, the invention aims to provide a software integrity protection and verification method, a system, equipment and a storage medium, which are used for protecting the integrity of software based on a security chip and ensuring that the software cannot be illegally tampered and started.
The embodiment of the invention provides a software integrity protection method, which comprises the following steps:
the loader generates a first public and private key pair;
the loader signs a core process file by adopting a private key in the first public and private key pair to obtain a digital signature of the core process file and stores the digital signature;
the security chip generates a second public and private key pair;
and the security chip signs the loader with the signature result of the core process file by using a private key in the second public and private key pair to obtain and store the signature result of the loader.
Optionally, the method further comprises the following steps:
the security chip generates a session key, and encrypts the first public and private key pair by adopting the session key to obtain a first public and private key pair ciphertext;
the loader stores the first public and private key pair ciphertext;
wherein, before the loader signs a core process file with a private key of the first public-private key pair, the method further comprises:
and the security chip decrypts the ciphertext of the first public and private key pair by using the session key to obtain a private key in the first public and private key pair.
Optionally, the protection method further includes the following steps:
the security chip encrypts the session key by adopting a public key in the second public and private key pair to obtain a session key ciphertext;
the loader stores the session key ciphertext.
Optionally, before the loader signs a core process file with a private key in the first public and private key pair, the method further includes the following steps:
the loader imports the session key ciphertext into the security chip;
and the security chip decrypts the session key ciphertext by using a private key in the second public and private key pair to obtain the session key.
The embodiment of the invention also provides a software integrity verification method, which is used for verifying the integrity of the software processed by the software integrity protection method, and the verification method comprises the following steps:
starting a loader of software to be verified;
when detecting that a security chip is accessed, the loader of the software to be verified acquires a digital signature of the loader stored in the security chip;
importing the digital signature and a source file of the loader of the software to be verified into a security chip, and performing digital signature verification on the source file of the loader of the software to be verified by using a public key in a second public and private key pair in the security chip;
when the loader of the software to be verified passes the verification, acquiring a core process file of the software to be verified;
and performing digital signature verification on the digital signature of the core process file stored by the loader of the software to be verified and the core process file of the software to be verified by utilizing a public key in a first public and private key pair in the loader of the software to be verified.
Optionally, a loader of the software to be verified stores a first public and private key pair ciphertext, where the first public and private key pair ciphertext is obtained by encrypting the first public and private key pair with a session key;
after the loader of the software to be verified is verified, the method further comprises the following steps:
and the security chip decrypts the ciphertext of the first public and private key pair by using the session key to obtain a public key in the first public and private key pair.
Optionally, the loader of the software to be verified further stores a session key ciphertext, where the session key ciphertext is obtained by encrypting the session key with a public key in the second public and private key pair;
after the loader of the software to be verified is verified, the method further comprises the following steps:
and the security chip decrypts the session key ciphertext by using a private key in the second public and private key pair to obtain the session key.
The embodiment of the invention also provides a software integrity protection system, which is applied to the software integrity protection method, and the system comprises:
the loader module is used for generating a first public and private key pair, storing a first public and private key pair ciphertext obtained by encrypting the first public and private key pair by a security chip, and signing the core process file by adopting a private key of the first public and private key pair to obtain a digital signature of the core process file and store the digital signature;
and the security chip is used for generating a second public and private key pair, signing the loader with the signature result of the core process file stored by using a private key in the second public and private key pair, obtaining and storing the signature result of the loader.
An embodiment of the present invention further provides a software integrity protection device, including:
a processor;
a memory having stored therein executable instructions of the processor;
wherein the processor is configured to perform the steps performed by the loader in the software integrity protection method via execution of the executable instructions.
The embodiment of the present invention further provides a computer-readable storage medium, which is used for storing a program, and when the program is executed, the step executed by a loader in the software integrity protection method is implemented.
The software integrity protection and verification method, the system, the equipment and the storage medium provided by the invention have the following advantages:
the invention carries out integrity protection on software based on the security chip, and ensures that the core process of the software cannot be illegally tampered and started by utilizing the characteristic that a secret key in the security chip can not be exported and the mode of verifying the integrity of a file by a digital signature; furthermore, the invention uses the loader to sign the core process file and store the digital signature of the core process file outside the security chip, thus saving the physical storage space and power consumption of the security chip and improving the processing efficiency of software integrity protection and integrity verification.
Drawings
Other features, objects and advantages of the present invention will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, with reference to the accompanying drawings.
FIG. 1 is a flow chart of a software integrity protection method according to an embodiment of the invention;
FIG. 2 is a flow chart of a software integrity verification method according to an embodiment of the present invention;
FIG. 3 is a block diagram of a software integrity protection system according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a software integrity protection device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a computer storage medium according to an embodiment of the present invention.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals in the drawings denote the same or similar structures, and thus their repetitive description will be omitted.
As shown in fig. 1, an embodiment of the present invention provides a software integrity protection method, including the following steps:
s110: the loader generates a first public and private key pair;
s120: the loader signs a core process file by adopting a private key in the first public and private key pair to obtain a digital signature of the core process file and stores the digital signature;
s130: the security chip generates a second public and private key pair;
s140: and the security chip signs the loader with the signature result of the core process file by using a private key in the second public and private key pair to obtain and store the signature result of the loader.
The digital signature of the loader can be used for verifying the integrity of the loader during software integrity verification, so that the content of the loader is prevented from being illegally tampered, and the loader and the security chip are used for further verifying the core process file after the verification of the loader passes. Therefore, the invention provides double integrity guarantee of the digital signature of the loader and the digital signature of the core process file, and avoids software from being illegally tampered and illegally started.
The sequence numbers of the steps are merely identification and differentiation, and do not limit the execution order of the steps, for example, steps S110 to S140 may be executed in the order shown in fig. 1, step S130 may be executed first, and then step S110 may be executed, or step S110 may be executed first, then step S130 may be executed, then step S120 may be executed, and the like, all of which are within the protection scope of the present invention.
The core process file is a core process file which influences the normal operation of the core process of the software, and a part of software source files can be selected by an encryption worker as the core process file, and the integrity of the software is protected through the integrity protection of the core process file.
The invention adopts the loader, carries out integrity protection on the core process file of the software based on the security chip, and protects the core process file from illegal tampering in a digital signature mode. The loader of the present invention refers to a software program file written in advance, and when the loader is started, the program instructions in the software program file of the loader are executed, so as to execute steps S110 and S120, the core process file is signed outside the secure chip, and the digital signature of the core process file is added to its own source file. Because the digital signature process of the core process file is carried out outside the security chip and the digital signature of the core process file is stored in the loader without being stored in the security chip, the physical storage space and the power consumption of the security chip are saved, and the processing efficiency of software integrity protection and subsequent integrity verification is improved. Further, in the present invention, through steps S130 to S140, the loader storing the signature result of the core process file is signed by the private key in the second public and private key pair of the security chip, so as to ensure the integrity of the loader, and by using the characteristic that the secret key in the security chip cannot be derived, the loader is ensured not to be illegally tampered, and further, the software is ensured not to be illegally tampered and illegally started.
After step S140 is completed, the loader and the core process file are packaged as a software package to be verified, and when a software integrity verification method is performed subsequently, the software package to be verified and the security chip are used to perform software integrity verification, where the specific verification method will be described in detail below with reference to fig. 2.
After the loader generates the first public-private key pair in step S110, if the loader directly stores the first public-private key pair, there is a risk of theft, and if the first public-private key pair is stolen, the thief may regenerate the signature, pretend that the verification is passed, thereby causing the verification of the core process file to be no longer reliable. Based on this, in this embodiment, the software integrity protection method further includes: the security chip generates a session key, and encrypts the first public and private key pair by adopting the session key to obtain a first public and private key pair ciphertext; and the loader stores the first public and private key pair ciphertext.
Before the step S120 of the loader signing a core process file with a private key of the first public-private key pair, the method further comprises: and the security chip decrypts the ciphertext of the first public and private key pair by using the session key to obtain a private key in the first public and private key pair.
Therefore, only the first public and private key pair ciphertext is stored in the loader, and when the first public and private key pair is required to be used for encryption and decryption, the security chip is required to use the session key to decrypt the ciphertext through the first public and private key pair. Because the session key can not be derived from the security chip, even if a thief acquires the first public-private key pair ciphertext, the thief cannot decrypt the first public-private key pair, and the digital signature of the core process file cannot be forged, so that the validity of the security verification of the core process file is greatly guaranteed.
In this embodiment, the software integrity protection method further includes: the security chip encrypts the session key by adopting a public key in the second public and private key pair to obtain a session key ciphertext; the loader stores the session key ciphertext.
In this embodiment, before the loader signs a core process file with a private key in the first public and private key pair, the method further includes the following steps:
the loader imports the session key ciphertext into the security chip;
and the security chip decrypts the session key ciphertext by using a private key in the second public and private key pair to obtain the session key.
Therefore, in this embodiment, the session key is further protected with a second public-private key pair, and the first public-private key generated by the loader is processed in the form of a digital envelope. And the first public and private key pair can only adopt the security chip to decrypt by utilizing the characteristic that the second public and private key and the session key are stored in the security chip and cannot be derived. The secure chip does not need to store the session key, only needs to store the session key in the loader, and when the loader imports the session key ciphertext into the secure chip, the secure chip can decrypt the session key ciphertext by using the private key of the second public and private key pair to obtain the session key adopted by the session. Therefore, on the basis of more safely protecting the second public and private keys based on the security chip, the embodiment does not need to separately store the session key for each session, and saves the physical storage space of the security chip.
As shown in fig. 2, an embodiment of the present invention further provides a software integrity verification method, which is used for performing integrity verification on software processed by using the software integrity protection method shown in fig. 1, where the verification method includes the following steps:
s210: starting a loader of software to be verified;
s220: when detecting that a security chip is accessed, the loader of the software to be verified acquires a digital signature of the loader stored in the security chip;
s230: importing the digital signature and a source file of the loader of the software to be verified into a security chip, and performing digital signature verification on the source file of the loader of the software to be verified by using a public key in a second public and private key pair in the security chip;
s240: when the loader of the software to be verified passes the verification, acquiring a core process file of the software to be verified;
s250: and performing digital signature verification on the digital signature of the core process file stored by the loader of the software to be verified and the core process file of the software to be verified by utilizing a public key in a first public and private key pair in the loader of the software to be verified.
In practical application, when an administrator takes a software package to be verified and a security chip, the software package to be verified comprises a loader and a core process file. Firstly, an administrator inserts the security chip and inputs the PIN code of the security chip, wherein the PIN code is used for obtaining the authorization of the security chip, so that the security chip can be adopted to execute the subsequent operation. And then starting the loader, executing the step S220 after the loader detects that the security chip is accessed, further verifying the core process file through the step S250 after the loader is successfully verified in the step S240, and successfully verifying the integrity of the software after the loader and the core process file are both successfully verified, so that the software can be normally started. After all processes of the software are started by the loader, the loader stops working, and an administrator can pull out the security chip, so that the normal operation of the software is realized.
The invention prevents the loader from being tampered by firstly verifying the integrity of the loader of the security chip by utilizing the integrity of the loader of the security chip. Since the verification of the subsequent kernel process file is performed by using the loader, if the loader itself is tampered, the subsequent verification of the kernel process file is invalid. Therefore, the integrity of the loader is verified firstly, and after the verification is successful, the loader is applied to the integrity verification of the core process file.
Therefore, the invention greatly improves the accuracy of software integrity verification through double verification of the loader and the core process file, and through the characteristic that the key in the security chip can not be derived, the digital signature verification of the loader can only be carried out by the security chip, thereby avoiding the problem that the signature is forged because the second public and private key pair is stolen.
In addition, since the signature verification of the core process file in the step S250 is performed outside the security chip, the calculation amount of the security chip is greatly saved, the power consumption of the security chip is also saved, and the efficiency of software integrity verification is improved. The digital signature of the core process file used in the verification process is stored in the loader, namely outside the secure chip, so that the storage space of the secure chip can be saved.
Since only the first public and private key pair ciphertext is stored in the loader, in step S220, the public key of the first public and private key pair ciphertext can be obtained only by decrypting the ciphertext by the security chip, and then in step S230, the digital signature of the core process file can be decrypted by using the public key of the first public and private key pair, the core process file to be verified is verified by using the file obtained by decryption, if the verification passes, the core process file is not tampered, the core process can be normally started, and if the verification fails, the core process file is tampered, the core process is stopped being started, and an alarm is given. Therefore, the invention can carry out integrity verification on software through the digital signature verification of the core process file, and based on the characteristic that the key of the security chip can not be derived, in the step S220, the public key of the first public and private key pair for signing the core process file can only be obtained by decrypting the security chip, thereby combining the encryption and decryption of the security chip and the encryption and decryption of the loader, and greatly improving the security of software protection.
Corresponding to the software integrity protection method, in order to further protect the security of the first public and private key pair, the digital signature of the core process file is prevented from being forged. The loader of the software to be verified does not store a plaintext directly storing the first public and private key pair, but stores a ciphertext of the first public and private key pair, and the ciphertext of the first public and private key pair is obtained by encrypting the first public and private key pair by using a session key.
After the loader of the software to be verified is verified, the method further comprises the following steps:
the security chip decrypts the ciphertext of the first public-private key pair by using the session key to obtain the public key in the first public-private key pair, and then continues to execute step S250.
Therefore, even if a thief illegally acquires the first public and private key pair ciphertext, the session key cannot be derived from the security chip, and cannot decrypt the first public and private key pair ciphertext, so that the digital signature of the core process file cannot be forged, and the validity of integrity verification of the core process file is guaranteed.
Further, corresponding to the software integrity protection method, the secure chip may store only the second public and private key pair without storing a session key for each session. And the loader of the software to be verified also stores a session key ciphertext, wherein the session key ciphertext is obtained by encrypting the session key by using a public key in the second public and private key pair.
After the loader of the software to be verified is verified, the method further comprises the following steps:
and the security chip decrypts the session key ciphertext by using a private key in the second public and private key pair to obtain the session key, and then applies the session key to decrypt the ciphertext of the first public and private key pair.
Therefore, the session key ciphertext does not need to be stored in the security chip, only one second public and private key pair needs to be stored, and the second public and private key pair can be applied to encryption of a plurality of session keys. And for the encrypted session key of each first public and private key pair, the ciphertext is stored in the loader, and the encrypted session key for the first public and private key pair can be obtained after the second public and private key pair is used for decryption, so that the storage space of the security chip is saved, and the property that the key in the security chip can not be derived can be utilized to the maximum extent to ensure the security of the first public and private key pair.
As shown in fig. 3, an embodiment of the present invention further provides a software integrity protection system, which is applied to the software integrity protection method, and the system includes a loader module M100 and a secure chip M200.
The loader module M100 stores a source file of the loader and runs a program instruction in the source file of the loader, and the loader is configured to generate a first public and private key pair, store a first public and private key pair ciphertext obtained by encrypting the first public and private key pair by a security chip, and sign the core process file M300 by using a private key of the first public and private key pair, obtain a digital signature of the core process file M300, and store the digital signature;
the security chip M200 is configured to generate a second public and private key pair, sign the loader, in which the signature result of the core process file M300 is stored, with a private key in the second public and private key pair, obtain and store the signature result of the loader.
According to the invention, the loader module M100 is used for digitally signing the core process file M300, the integrity of the core process file M300 of the software can be protected, and the security chip M200 is used for digitally signing the loader, so that the integrity of the loader can be protected, and the security of the loader used for verifying the software core file is ensured, thereby improving the software integrity protection effect and avoiding the software from being illegally tampered and illegally started.
Specifically, the specific implementation manner of each step S110 to S140 of the software integrity protection may be referred to in the implementation manner of each function implemented by the loader module M100 and the implementation manner of each function implemented by the secure chip M200, and is not described herein again.
Further, the software integrity protection system may also implement verification of software integrity, that is, the loader module M100 and the secure chip M200 execute steps S210 to S250 by using the software integrity verification method shown in fig. 2, so as to effectively and quickly verify the software integrity.
The embodiment of the invention also provides software integrity protection equipment, which comprises a processor; a memory having stored therein executable instructions of the processor; wherein the processor is configured to perform the steps performed by the loader in the software integrity protection method via execution of the executable instructions.
As will be appreciated by one skilled in the art, aspects of the present invention may be embodied as a system, method or program product. Thus, various aspects of the invention may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
An electronic device 600 according to this embodiment of the invention is described below with reference to fig. 4. The electronic device 600 shown in fig. 4 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 4, the electronic device 600 is embodied in the form of a general purpose computing device. The components of the electronic device 600 may include, but are not limited to: at least one processing unit 610, at least one storage unit 620, a bus 630 that connects the various system components (including the storage unit 620 and the processing unit 610), a display unit 640, and the like.
Wherein the storage unit stores program code executable by the processing unit 610 to cause the processing unit 610 to perform steps according to various exemplary embodiments of the present invention described in the above-mentioned electronic prescription flow processing method section of the present specification. For example, the processing unit 610 may perform the steps performed by the loader among the steps shown in fig. 1, i.e., steps S110, S130, and S140, and be used together with a security chip.
The storage unit 620 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)6201 and/or a cache memory unit 6202, and may further include a read-only memory unit (ROM) 6203.
The memory unit 620 may also include a program/utility 6204 having a set (at least one) of program modules 6205, such program modules 6205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The electronic device 600 may also communicate with one or more external devices 700 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 600, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 600 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 650. Also, the electronic device 600 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the Internet) via the network adapter 660. The network adapter 660 may communicate with other modules of the electronic device 600 via the bus 630. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 600, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
An embodiment of the present invention further provides a computer-readable storage medium, which is used for storing a program, and when the program is executed, the steps executed by a loader in the software integrity protection method, that is, steps S110, S130, and S140, are implemented, and are used together with a security chip. In some possible embodiments, aspects of the present invention may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the present invention described in the above-mentioned electronic prescription flow processing method section of this specification, when the program product is run on the terminal device.
Referring to fig. 5, a program product 800 for implementing the above method according to an embodiment of the present invention is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present invention is not limited in this regard and, in the present document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
In summary, compared with the prior art, the software integrity protection and verification method, system, device and storage medium provided by the present invention have the following advantages:
the software integrity protection and verification method, the system, the equipment and the storage medium provided by the invention have the following advantages:
the invention carries out integrity protection on software based on the security chip, and ensures that the core process of the software cannot be illegally tampered and started by utilizing the characteristic that a secret key in the security chip can not be exported and the mode of verifying the integrity of a file by a digital signature; furthermore, the invention uses the loader to sign the core process file and store the digital signature of the core process file outside the security chip, thus saving the physical storage space and power consumption of the security chip and improving the processing efficiency of software integrity protection and integrity verification.
The foregoing is a more detailed description of the invention in connection with specific preferred embodiments and it is not intended that the invention be limited to these specific details. For those skilled in the art to which the invention pertains, several simple deductions or substitutions can be made without departing from the spirit of the invention, and all shall be considered as belonging to the protection scope of the invention.
Claims (10)
1. A software integrity protection method is characterized by comprising the following steps:
the loader generates a first public and private key pair;
the loader signs a core process file by adopting a private key in the first public and private key pair to obtain a digital signature of the core process file and stores the digital signature into a source file of the loader;
the security chip generates a second public and private key pair;
the security chip signs the loader with the signature result of the core process file by using a private key in the second public and private key pair to obtain and store the signature result of the loader;
and packaging the loader and the core process file to be used as a software package to be verified.
2. The software integrity protection method of claim 1, further comprising the steps of:
the security chip generates a session key, and encrypts the first public and private key pair by adopting the session key to obtain a first public and private key pair ciphertext;
the loader stores the first public and private key pair ciphertext;
wherein, before the loader signs a core process file with a private key of the first public-private key pair, the method further comprises:
and the security chip decrypts the ciphertext of the first public and private key pair by using the session key to obtain a private key in the first public and private key pair.
3. The software integrity protection method of claim 2, wherein the protection method further comprises the steps of:
the security chip encrypts the session key by adopting a public key in the second public and private key pair to obtain a session key ciphertext;
the loader stores the session key ciphertext.
4. The software integrity protection method as claimed in claim 3, wherein before the loader signs the core process file with the private key of the first public-private key pair, the method further comprises the following steps:
the loader imports the session key ciphertext into the security chip;
and the security chip decrypts the session key ciphertext by using a private key in the second public and private key pair to obtain the session key.
5. A software integrity verification method for performing integrity verification on software processed by the software integrity protection method according to any one of claims 1 to 4, the verification method comprising the following steps:
starting a loader of software to be verified;
when detecting that a security chip is accessed, the loader of the software to be verified acquires a digital signature of the loader stored in the security chip;
importing the digital signature and a source file of the loader of the software to be verified into a security chip, and performing digital signature verification on the source file of the loader of the software to be verified by using a public key in a second public and private key pair in the security chip;
when the loader of the software to be verified passes the verification, acquiring a core process file of the software to be verified;
and performing digital signature verification on the digital signature of the core process file stored by the loader of the software to be verified and the core process file of the software to be verified by utilizing a public key in a first public and private key pair in the loader of the software to be verified.
6. The software integrity verification method according to claim 5, wherein a loader of the software to be verified stores a first public-private key pair ciphertext, and the first public-private key pair ciphertext is obtained by encrypting the first public-private key pair with a session key;
after the loader of the software to be verified is verified, the method further comprises the following steps:
and the security chip decrypts the ciphertext of the first public and private key pair by using the session key to obtain a public key in the first public and private key pair.
7. The software integrity verification method of claim 6, wherein the loader of the software to be verified further stores a session key ciphertext, wherein the session key ciphertext is obtained by encrypting the session key with a public key of the second public-private key pair;
after the loader of the software to be verified is verified, the method further comprises the following steps:
and the security chip decrypts the session key ciphertext by using a private key in the second public and private key pair to obtain the session key.
8. A software integrity protection system applied to the software integrity protection method according to any one of claims 1 to 3, the system comprising:
the loader module is used for generating a first public and private key pair, storing a first public and private key pair ciphertext obtained by encrypting the first public and private key pair by a security chip, and signing the core process file by adopting a private key of the first public and private key pair to obtain a digital signature of the core process file and store the digital signature;
and the security chip is used for generating a second public and private key pair, signing the loader with the signature result of the core process file stored by using a private key in the second public and private key pair, obtaining and storing the signature result of the loader.
9. A software integrity protection device, comprising:
a processor;
a memory having stored therein executable instructions of the processor;
wherein the processor is configured to perform the steps performed by the loader in the software integrity protection method of any one of claims 1 to 4 via execution of the executable instructions.
10. A computer readable storage medium storing a program, wherein the program when executed implements the steps performed by a loader in the software integrity protection method of any of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910530809.8A CN110245466B (en) | 2019-06-19 | 2019-06-19 | Software integrity protection and verification method, system, device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910530809.8A CN110245466B (en) | 2019-06-19 | 2019-06-19 | Software integrity protection and verification method, system, device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110245466A CN110245466A (en) | 2019-09-17 |
| CN110245466B true CN110245466B (en) | 2021-08-24 |
Family
ID=67887990
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910530809.8A Active CN110245466B (en) | 2019-06-19 | 2019-06-19 | Software integrity protection and verification method, system, device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110245466B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112699343A (en) * | 2019-10-23 | 2021-04-23 | 华为技术有限公司 | Software integrity protection and verification method and device |
| CN113127814B (en) * | 2019-12-31 | 2023-03-14 | 杭州海康威视数字技术股份有限公司 | Software anti-copying method and device, electronic equipment and readable storage medium |
| CN111541725B (en) * | 2020-07-08 | 2021-04-27 | 支付宝(杭州)信息技术有限公司 | Block chain all-in-one machine, password acceleration card thereof, and key management method and device |
| CN112613030A (en) * | 2020-12-15 | 2021-04-06 | 深圳市燃气集团股份有限公司 | Credible safe starting method and system based on Internet of things gas meter |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101149773A (en) * | 2007-08-27 | 2008-03-26 | 中国人民解放军空军电子技术研究所 | Software real name authentication system and its safe checking method |
| US20100199325A1 (en) * | 2009-01-28 | 2010-08-05 | Headwater Partners I Llc | Security techniques for device assisted services |
| CN103914658A (en) * | 2013-01-05 | 2014-07-09 | 展讯通信(上海)有限公司 | Safe starting method of terminal equipment, and terminal equipment |
| US10162543B1 (en) * | 2017-12-15 | 2018-12-25 | Qualcomm Incorporated | System and method for power mode selection in a computing device |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7386736B2 (en) * | 2004-12-16 | 2008-06-10 | International Business Machines Corporation | Method and system for using a compact disk as a smart key device |
| CN101282222B (en) * | 2008-05-28 | 2011-09-28 | 胡祥义 | Digital signature method based on CSK |
| JP5736994B2 (en) * | 2011-06-15 | 2015-06-17 | 株式会社リコー | Information processing apparatus, validity verification method, and program |
| US20130031371A1 (en) * | 2011-07-25 | 2013-01-31 | Alcatel-Lucent Usa Inc. | Software Run-Time Provenance |
| WO2015042981A1 (en) * | 2013-09-30 | 2015-04-02 | 华为技术有限公司 | Encryption and decryption processing method, apparatus and device |
| CN103995992A (en) * | 2014-05-28 | 2014-08-20 | 全联斯泰克科技有限公司 | Method and device for protecting software |
| CN109768862B (en) * | 2019-03-12 | 2019-11-22 | 北京深思数盾科技股份有限公司 | A kind of key management method, key call method and cipher machine |
-
2019
- 2019-06-19 CN CN201910530809.8A patent/CN110245466B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101149773A (en) * | 2007-08-27 | 2008-03-26 | 中国人民解放军空军电子技术研究所 | Software real name authentication system and its safe checking method |
| US20100199325A1 (en) * | 2009-01-28 | 2010-08-05 | Headwater Partners I Llc | Security techniques for device assisted services |
| CN103914658A (en) * | 2013-01-05 | 2014-07-09 | 展讯通信(上海)有限公司 | Safe starting method of terminal equipment, and terminal equipment |
| US10162543B1 (en) * | 2017-12-15 | 2018-12-25 | Qualcomm Incorporated | System and method for power mode selection in a computing device |
Non-Patent Citations (4)
| Title |
|---|
| Malicious Code Detection for Android Using Instruction Signatures;Hu Ge , et al.;《2014 IEEE 8th International Symposium on Service Oriented System Engineering (SOSE)》;20140612;第1卷;第332-337页 * |
| 基于UEFI的可信Tiano设计与研究;曾颖明 等;《计算机工程与设计》;20090616;第30卷(第11期);第2645-2648页 * |
| 基于虚拟机监控技术的可信虚拟域;邢彬 等;《信息安全学报》;20160115;第1卷(第1期);第75-94页 * |
| 基于重定义JVM类加载器移动代码的安全;张爱娟 等;《计算机工程》;20060620;第32卷(第4期);第177-178,202页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110245466A (en) | 2019-09-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110245466B (en) | Software integrity protection and verification method, system, device and storage medium | |
| JP4664398B2 (en) | Incremental code signing method and apparatus | |
| CN110519309B (en) | Data transmission method, device, terminal, server and storage medium | |
| CN100487715C (en) | Date safety storing system, device and method | |
| US7987374B2 (en) | Security chip | |
| US9973496B2 (en) | Controlled use of a hardware security module | |
| CN102262599B (en) | Trusted root-based portable hard disk fingerprint identification method | |
| EP3316160A1 (en) | Authentication method and apparatus for reinforced software | |
| US8369526B2 (en) | Device, system, and method of securely executing applications | |
| CN111931158A (en) | Bidirectional authentication method, terminal and server | |
| US9256756B2 (en) | Method of encryption and decryption for shared library in open operating system | |
| CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
| JP2010517449A (en) | Secret protection for untrusted recipients | |
| US20230370262A1 (en) | Wireless Terminal and Method for Authenticating Interface Access of Wireless Terminal in Uboot Mode | |
| CN113946863A (en) | Data encryption storage method, system, equipment and storage medium | |
| CN112115491B (en) | Symmetric encryption key protection method, device, equipment and storage medium | |
| KR101859823B1 (en) | Ransomware prevention technique using key backup | |
| CN114816549B (en) | Method and system for protecting bootloader and environment variable thereof | |
| CN110674525A (en) | Electronic equipment and file processing method thereof | |
| CN107861892B (en) | Method and terminal for realizing data processing | |
| US20230017231A1 (en) | Securely executing software based on cryptographically verified instructions | |
| CN112883397B (en) | Data storage method, data reading method, device, equipment and storage medium | |
| CN114866228A (en) | Method, system, storage medium and terminal for realizing soft password module | |
| CN112825093B (en) | Security baseline checking method, host, server, electronic device and storage medium | |
| CN108667594B (en) | Software program module integrity detection method based on PKI public key algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |