CN112269609A - Safe starting method and device of embedded linux equipment - Google Patents
Safe starting method and device of embedded linux equipment Download PDFInfo
- Publication number
- CN112269609A CN112269609A CN202011308089.XA CN202011308089A CN112269609A CN 112269609 A CN112269609 A CN 112269609A CN 202011308089 A CN202011308089 A CN 202011308089A CN 112269609 A CN112269609 A CN 112269609A
- Authority
- CN
- China
- Prior art keywords
- file system
- value
- reading
- public key
- kernel program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
Abstract
The invention relates to a safe starting method and a safe starting device of embedded linux equipment, wherein the method comprises the following steps of: after the firmware system is started, reading the boot loader and calculating the MD5 value of the boot loader; verifying the safety of the boot loader by using the RSA public key, and starting the boot loader if the safety is ensured; after the boot loader is started, reading the kernel program, and calculating the MD5 value of the kernel program; verifying the safety of the kernel program by using the RSA public key, and starting the kernel program if the safety is ensured; after the kernel program is started, reading a file system, and calculating an MD5 value of the file system; and verifying the security of the file system by using the RSA public key, and starting the file system if the file system is secure. The invention can ensure that the equipment is started when the system is safe, and avoid equipment operation failure or other safety risks caused by tampering of system files.
Description
Technical Field
The invention relates to the technical field of system security of embedded equipment, in particular to a secure starting method and device of embedded linux equipment.
Background
In an embedded System, for security, an SOC (System on Chip) manufacturer may embed a one-time programmable memory in the SOC for verifying whether or not firmware such as BootLoader, operating System kernel, file System image, etc. is a trusted source in the System burning, upgrading, and booting stages.
Because linux is an open system, although the prior art can verify whether Bootloader, kernel and file system images are trusted sources in the system burning and starting stages, this method cannot prevent malicious programs from tampering with fscheck and other files in the system. Once these files are tampered with, system security cannot be guaranteed.
Disclosure of Invention
Based on this, there is a need to provide a secure booting method and apparatus for embedded linux device, so as to ensure the security of the system and enable the system to be booted securely.
In order to achieve the above purpose, the invention adopts the following technical scheme.
The invention provides a safe starting method of an embedded linux device, wherein the linux device comprises a firmware system, a boot loader, a kernel program, a file system and an RSA public key, and the RSA public key is used for decrypting the boot loader, the kernel program and the file system, and the method comprises the following steps:
after the firmware system is started, reading the boot loader and calculating the MD5 value of the boot loader;
verifying the safety of the boot loader by using the RSA public key, and starting the boot loader if the safety is ensured;
after the boot loader is started, reading the kernel program, and calculating the MD5 value of the kernel program;
verifying the safety of the kernel program by using the RSA public key, and starting the kernel program if the safety is ensured;
after the kernel program is started, reading a file system, and calculating an MD5 value of the file system;
and verifying the security of the file system by using the RSA public key, and starting the file system if the file system is secure.
In the above method, the verifying the security of the bootloader by using the RSA public key, and if the bootloader is secure, the starting the bootloader specifically includes:
reading the signature of the boot loader, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the boot loader or not;
if yes, starting the boot loader.
In the above method, the verifying the security of the kernel program by using the RSA public key, and if the kernel program is secure, the starting the kernel program specifically includes:
reading the signature of the kernel program, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the kernel program;
and if so, starting the kernel program.
In the above method, after the kernel program is started, the step of reading the file system and calculating the MD5 value of the file system specifically includes:
reading an/etc/fscheck.txt file in the file system, and calculating an MD5 value of the file system;
txt file records all files, read and calculate the MD5 value of each file.
In the above method, the verifying the security of the file system by using the RSA public key, and if the file system is secure, the starting the file system specifically includes:
reading the signature of the/etc/fscheck.si file in the file system, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the/etc/fscheck.txt file or not;
if yes, reading the signatures of all files recorded by an/etc/fscheck.txt file in the file system, and respectively decrypting by using the RSA public key;
judging whether the decrypted value is respectively corresponding to and equal to MD5 values of all files recorded by the/etc/fscheck.
If yes, starting the file system.
The invention also provides a safe starting device of the embedded linux equipment, the linux equipment comprises a firmware system, a boot loader, a kernel program, a file system and an RSA public key, the RSA public key is used for decrypting the boot loader, the kernel program and the file system, and the device comprises:
the bootloader value reading module is used for reading a boot loader and calculating an MD5 value of the boot loader after the firmware system is started;
the bootloader verification module is used for verifying the safety of the boot loader by using the RSA public key, and if the safety is ensured, the boot loader is started;
the kernel reading module is used for reading the kernel program after the boot loader is started, and calculating the MD5 value of the kernel program;
the kernel verification module is used for verifying the safety of the kernel program by utilizing the RSA public key, and if the kernel program is safe, the kernel program is started;
the fs reading module is used for reading the file system after the kernel program is started, and calculating the MD5 value of the file system;
and the fs verification module is used for verifying the security of the file system by using the RSA public key, and starting the file system if the file system is safe.
In the above apparatus, the bootloader verification module is specifically configured to:
reading the signature of the boot loader, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the boot loader or not;
and if so, starting the boot loader.
In the above apparatus, the kernel verification module is specifically configured to:
reading the signature of the kernel program, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the kernel program;
and if so, starting the kernel program.
In the above apparatus, the fs reading module is specifically configured to:
reading an/etc/fscheck.txt file in the file system, and calculating an MD5 value of the file system;
txt file in the file system, and reading and calculating the MD5 value of each file.
In the above apparatus, the fs verification module is specifically configured to:
reading the signature of the/etc/fscheck.si file, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the/etc/fscheck.txt file or not;
if yes, reading the signatures of all the files recorded by the/etc/fscheck.txt file, and respectively decrypting by using the RSA public key;
judging whether the decrypted value is respectively corresponding to and equal to MD5 values of all files recorded by the/etc/fscheck.
If yes, starting the file system.
According to the embedded linux device and the method, the RSA public key is implanted into the chip, the boot loader, the kernel program and the file system are decrypted by using the RSA public key, the decrypted value is compared with the read MD5 value, the safety of each program and each file in the system is known by analyzing the comparison condition of the boot loader, the kernel program and the file system respectively, and the system is started under the condition that the safety is ensured, so that the safety of the whole embedded linux device is guaranteed, and various risks caused by malicious programs are avoided.
Drawings
FIG. 1 is a schematic flowchart of a secure boot method of an embedded linux device in this embodiment;
FIG. 2 is a flowchart of the steps for verifying the security of a file system using the RSA public key;
fig. 3 is a block diagram of a secure boot apparatus of the embedded linux device in this embodiment.
The implementation of the objects of the present invention and their functions and principles will be further explained in the detailed description with reference to the attached drawings.
Detailed Description
The following further description is made with reference to the drawings and specific embodiments.
As shown in fig. 1, this embodiment provides a secure boot method for an embedded linux device, where the linux device includes a firmware system (BOOTROM), a bootloader (bootloader), a kernel program (kernel), a file system, and an RSA public key, and the RSA public key is used to decrypt the bootloader, the kernel program, and the file system, and the method includes:
s1: after the firmware system is started, reading the boot loader and calculating the MD5 value of the boot loader;
s2: verifying the safety of the boot loader by using the RSA public key, and starting the boot loader if the safety is ensured;
s3: after the boot loader is started, reading the kernel program, and calculating the MD5 value of the kernel program;
s4: verifying the safety of the kernel program by using the RSA public key, and starting the kernel program if the safety is ensured;
s5: after the kernel program is started, reading a file system, and calculating an MD5 value of the file system;
s6: and verifying the security of the file system by using the RSA public key, and starting the file system if the file system is secure.
Wherein, step S2 specifically includes:
s21: reading the signature of the boot loader, and decrypting by using the RSA public key;
s22: judging whether the decrypted value is equal to the MD5 value of the boot loader or not;
s23: if yes, starting the boot loader.
Similarly, step S4 specifically includes:
s41: reading the signature of the kernel program, and decrypting by using the RSA public key;
s42: judging whether the decrypted value is equal to the MD5 value of the kernel program;
s43: if yes, starting the kernel program.
The step S5 specifically includes:
s51: reading an/etc/fscheck.txt file in the file system, and calculating an MD5 value of the file system;
s52: txt file records all files, read and calculate the MD5 value of each file.
Step S6 specifically includes:
s61: reading the signatures of all files recorded by an/etc/fscheck.si file and an/etc/fscheck.txt file in the file system, and decrypting by using the RSA public key;
s62: judging whether the decrypted value is equal to the MD5 value of the original file;
s63: if yes, starting the file system.
Specifically, referring to fig. 2, step S6 further includes:
s611: reading the signature of the/etc/fscheck.si file in the file system, and decrypting by using the RSA public key;
s612: judging whether the decrypted value is equal to the MD5 value of the/etc/fscheck.
S613: if yes, the/etc/fscheck.txt file is judged to be safe, at the moment, the signatures of all files recorded by the/etc/fscheck.txt file in the file system are read, and the signatures are decrypted by the RSA public key respectively;
s614: judging whether the decrypted value is respectively corresponding to and equal to MD5 values of all files recorded by the/etc/fscheck.
S615: and if so, judging that the/etc/fscheck.txt file is safe, and starting the file system at the moment.
According to the method and the steps, the device can be started only when the system is safe, and the device operation failure or other safety risks caused by tampering of system files are avoided.
Referring to fig. 3, this embodiment further provides a secure boot apparatus 100 for an embedded linux device, where the linux device includes a firmware system, a boot loader, a kernel program, a file system, and an RSA public key, and the RSA public key is used to decrypt the boot loader, the kernel program, and the file system, and the apparatus 100 includes:
the bootloader value reading module 10 is used for reading a boot loader and calculating an MD5 value of the boot loader after the firmware system is started;
the bootloader verification module 20 is configured to verify the security of the bootloader by using the RSA public key, and if the bootloader is secure, start the bootloader;
the kernel reading module 30 is configured to read the kernel program after the boot loader is started, and calculate an MD5 value of the kernel program;
the kernel verification module 40 is used for verifying the security of the kernel program by using the RSA public key, and if the kernel program is safe, the kernel program is started;
the fs reading module 50 is used for reading the file system and calculating the MD5 value of the file system after the kernel program is started;
and the fs verification module 60 is configured to verify the security of the file system by using the RSA public key, and if the file system is secure, start the file system.
Specifically, the bootloader verification module 20 is specifically configured to:
reading the signature of the boot loader, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the boot loader or not;
and if so, starting the boot loader.
The kernel verification module 40 of the present embodiment is specifically configured to:
reading the signature of the kernel program, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the kernel program;
and if so, starting the kernel program.
The fs reading module 50 of the present embodiment is specifically configured to:
reading an/etc/fscheck.txt file in the file system, and calculating an MD5 value of the file system;
txt file in the file system, and reading and calculating the MD5 value of each file.
The fs verification module 60 of this embodiment is specifically configured to:
reading the signature of the/etc/fscheck.si file, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the/etc/fscheck.txt file or not;
if yes, the/etc/fscheck. Reading the signatures of all files recorded by the/etc/fscheck. txt file, and respectively decrypting by using the RSA public key;
judging whether the decrypted value is respectively corresponding to and equal to MD5 values of all files recorded by the/etc/fscheck.
And if so, judging that the/etc/fscheck.txt file is safe, and starting the file system.
In summary, the RSA public key is implanted in the chip, the bootloader, the kernel program and the file system are decrypted by using the RSA public key, the decrypted value is compared with the read MD5 value, the security of each program and file in the system is known by analyzing the comparison condition of the bootloader, the kernel program and the file system, and the system is started under the condition of ensuring the security, so that the security of the whole embedded linux device is ensured, and various risks caused by malicious programs are avoided.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention.
Claims (10)
1. A secure startup method of an embedded linux device, the linux device comprising a firmware system, a boot loader, a kernel program and a file system, characterized by further comprising an RSA public key, the RSA public key being used for decrypting the boot loader, the kernel program and the file system, the method comprising the steps of:
after the firmware system is started, reading the boot loader and calculating the MD5 value of the boot loader;
verifying the safety of the boot loader by using the RSA public key, and starting the boot loader if the safety is ensured;
after the boot loader is started, reading the kernel program, and calculating the MD5 value of the kernel program;
verifying the safety of the kernel program by using the RSA public key, and starting the kernel program if the safety is ensured;
after the kernel program is started, reading a file system, and calculating an MD5 value of the file system;
and verifying the security of the file system by using the RSA public key, and starting the file system if the file system is secure.
2. The secure boot method of claim 1, wherein the RSA public key is used to verify the security of the bootloader, and if secure, the step of booting the bootloader specifically comprises:
reading the signature of the boot loader, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the boot loader or not;
if yes, starting the boot loader.
3. The secure boot method according to claim 1, wherein the step of verifying the security of the kernel program by using the RSA public key includes the steps of, if the kernel program is secure, booting the kernel program:
reading the signature of the kernel program, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the kernel program;
and if so, starting the kernel program.
4. The secure boot method according to claim 1, wherein the step of reading the file system and calculating the MD5 value of the file system after the kernel program is booted includes:
reading an/etc/fscheck.txt file in the file system, and calculating an MD5 value of the file system;
txt file records all files, read and calculate the MD5 value of each file.
5. The secure boot method of claim 4, wherein the step of verifying the security of the file system using the RSA public key, and if secure, booting the file system specifically comprises:
reading the signature of the/etc/fscheck.si file in the file system, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the/etc/fscheck.txt file or not;
if yes, reading the signatures of all files recorded by an/etc/fscheck.txt file in the file system, and respectively decrypting by using the RSA public key;
judging whether the decrypted value is respectively corresponding to and equal to MD5 values of all files recorded by the/etc/fscheck.
If yes, starting the file system.
6. The utility model provides a safe starting drive of embedded linux equipment, linux equipment includes firmware system, bootstrap loader, kernel program and file system, its characterized in that still includes the RSA public key, the RSA public key is used for deciphering bootstrap loader, kernel program and file system, the device includes:
the bootloader value reading module is used for reading a boot loader and calculating an MD5 value of the boot loader after the firmware system is started;
the bootloader verification module is used for verifying the safety of the boot loader by using the RSA public key, and if the safety is ensured, the boot loader is started;
the kernel reading module is used for reading the kernel program and calculating the MD5 value of the kernel program after the boot loader is started;
the kernel verification module is used for verifying the safety of the kernel program by utilizing the RSA public key, and if the kernel program is safe, the kernel program is started;
the fs reading module is used for reading the file system and calculating an MD5 value of the file system after the kernel program is started;
and the fs verification module is used for verifying the security of the file system by using the RSA public key, and starting the file system if the file system is safe.
7. The secure boot apparatus of claim 6, wherein the bootloader authentication module is specifically configured to:
reading the signature of the boot loader, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the boot loader or not;
and if so, starting the boot loader.
8. The secure boot apparatus of claim 6, wherein the kernel authentication module is specifically configured to:
reading the signature of the kernel program, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the kernel program;
and if so, starting the kernel program.
9. The secure boot apparatus of claim 6, wherein the fs read module is specifically configured to:
reading an/etc/fscheck.txt file in the file system, and calculating an MD5 value of the file system;
txt file in the file system, and reading and calculating the MD5 value of each file.
10. The secure boot apparatus of claim 9, wherein the fs validation module is specifically configured to:
reading the signature of the/etc/fscheck.si file, and decrypting by using the RSA public key;
judging whether the decrypted value is equal to the MD5 value of the/etc/fscheck.txt file or not;
if yes, reading the signatures of all the files recorded by the/etc/fscheck.txt file, and respectively decrypting by using the RSA public key;
judging whether the decrypted value is respectively corresponding to and equal to MD5 values of all files recorded by the/etc/fscheck.
If yes, starting the file system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011308089.XA CN112269609A (en) | 2020-11-20 | 2020-11-20 | Safe starting method and device of embedded linux equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011308089.XA CN112269609A (en) | 2020-11-20 | 2020-11-20 | Safe starting method and device of embedded linux equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112269609A true CN112269609A (en) | 2021-01-26 |
Family
ID=74339545
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011308089.XA Pending CN112269609A (en) | 2020-11-20 | 2020-11-20 | Safe starting method and device of embedded linux equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112269609A (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140250291A1 (en) * | 2013-03-01 | 2014-09-04 | Nicholas J. Adams | Continuation of trust for platform boot firmware |
CN106156635A (en) * | 2016-07-29 | 2016-11-23 | 深圳兆日科技股份有限公司 | Method for starting terminal and device |
US20180314829A1 (en) * | 2017-05-01 | 2018-11-01 | International Business Machines Corporation | Portable executable and non-portable executable boot file security |
CN110874467A (en) * | 2018-08-29 | 2020-03-10 | 阿里巴巴集团控股有限公司 | Information processing method, device, system, processor and storage medium |
-
2020
- 2020-11-20 CN CN202011308089.XA patent/CN112269609A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140250291A1 (en) * | 2013-03-01 | 2014-09-04 | Nicholas J. Adams | Continuation of trust for platform boot firmware |
CN106156635A (en) * | 2016-07-29 | 2016-11-23 | 深圳兆日科技股份有限公司 | Method for starting terminal and device |
US20180314829A1 (en) * | 2017-05-01 | 2018-11-01 | International Business Machines Corporation | Portable executable and non-portable executable boot file security |
CN110874467A (en) * | 2018-08-29 | 2020-03-10 | 阿里巴巴集团控股有限公司 | Information processing method, device, system, processor and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10931451B2 (en) | Securely recovering a computing device | |
US9626513B1 (en) | Trusted modular firmware update using digital certificate | |
US8782388B2 (en) | Information processing apparatus, method, and computer-readable storage medium that encrypt data in a blob based on a hash value | |
US8392724B2 (en) | Information terminal, security device, data protection method, and data protection program | |
EP0849657A1 (en) | Secure data processing method and system | |
US20080165952A1 (en) | Secure Booting A Computing Device | |
TW201106194A (en) | Integrity verification using a peripheral device | |
CN112699419A (en) | Method for secure execution of an extensible firmware application and a computer device | |
US20210367781A1 (en) | Method and system for accelerating verification procedure for image file | |
CN112181513B (en) | Trusted measurement method based on control host system guidance of hardware board card | |
CN111095200A (en) | Method, device and equipment for safely upgrading embedded program and storage medium | |
CN108345805B (en) | Method and device for verifying firmware | |
CN116561734A (en) | Verification method, verification device, computer and computer configuration system | |
CN107092832A (en) | A kind of method for making up Secure Boot security breaches in time | |
CN112269609A (en) | Safe starting method and device of embedded linux equipment | |
KR20180007717A (en) | Soc having double security features, and double security method for soc | |
CN114995918A (en) | Starting method and configuration method and device of baseboard management controller and electronic equipment | |
JP2015049785A (en) | Program processor | |
CN113761538A (en) | Security boot file configuration method, boot method, device, equipment and medium | |
CN111125717A (en) | Method, device, equipment and medium for safely running BIOS (basic input output System) driver | |
RU2777704C1 (en) | Method for secure booting of the operating system of computers | |
US20190147166A1 (en) | Method and system for fail-safe booting | |
CN115828273B (en) | Vehicle safety starting method and device, electronic control unit and storage medium | |
CN117556430B (en) | Safe starting method, device, equipment and storage medium | |
KR20230082388A (en) | Apparatus for verifying bootloader of ecu and method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210126 |
|
RJ01 | Rejection of invention patent application after publication |