CN113221149A - Firmware encryption method and device, firmware decryption method and computer equipment - Google Patents
Firmware encryption method and device, firmware decryption method and computer equipment Download PDFInfo
- Publication number
- CN113221149A CN113221149A CN202110586968.7A CN202110586968A CN113221149A CN 113221149 A CN113221149 A CN 113221149A CN 202110586968 A CN202110586968 A CN 202110586968A CN 113221149 A CN113221149 A CN 113221149A
- Authority
- CN
- China
- Prior art keywords
- firmware
- block
- plaintext
- sub
- blocks
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000004806 packaging method and process Methods 0.000 claims abstract description 7
- 238000004590 computer program Methods 0.000 claims description 9
- 238000012216 screening Methods 0.000 claims description 6
- 230000011218 segmentation Effects 0.000 claims description 6
- 238000012795 verification Methods 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 4
- 230000006870 function Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 6
- 238000012423 maintenance Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Abstract
The invention provides a firmware encryption method, a firmware encryption device, a firmware decryption method, computer equipment and a readable storage medium, wherein the firmware encryption method comprises the following steps: acquiring a block value of a Flash memory of target equipment; according to the block values, the firmware plaintext blocks are segmented to obtain a plurality of firmware sub plaintext blocks; encrypting each firmware sub-plaintext block by using a preset encryption algorithm to obtain a plurality of ciphertext blocks; and packaging a plurality of ciphertext blocks into an upgrade firmware data packet and transmitting the upgrade firmware data packet to the target equipment. According to the firmware encryption method, the plaintext blocks of the firmware are divided through the block values of the Flash memory of the target equipment, so that the sizes of the subsequent ciphertext blocks are equal to the block values, the ciphertext blocks in the firmware updating data packet can be read out only by the target equipment through the corresponding block values and are decrypted, the safety of the firmware transmitted to the target equipment can be improved, and the user experience degree is improved.
Description
Technical Field
The invention relates to the technical field of encryption, in particular to a firmware encryption method, a firmware encryption device, a firmware decryption method, computer equipment and a readable storage medium.
Background
With the increasing update speed of electronic products, system upgrade or product function maintenance upgrade, including firmware upgrade, is often performed. As an important software program of an electronic product, once an error occurs in an updating process, the electronic product may become unusable, and therefore, when a firmware upgrade data packet is transmitted to a device, security problems such as intermediate tampering and the like need to be avoided by encryption. However, in the conventional firmware encryption method, the whole firmware is generally encrypted in a hardware manner, so that the security is not high.
Disclosure of Invention
In view of the foregoing problems, the present invention provides a firmware encryption method, apparatus, firmware decryption method, computer device and readable storage medium, so as to improve the security of firmware transmission to a target device and improve user experience.
In order to achieve the purpose, the invention adopts the following technical scheme:
a firmware encryption method, comprising:
acquiring a block value of a Flash memory of target equipment;
according to the block values, the firmware plaintext blocks are segmented to obtain a plurality of firmware sub plaintext blocks;
encrypting each firmware sub-plaintext block by using a preset encryption algorithm to obtain a plurality of ciphertext blocks;
and packaging a plurality of ciphertext blocks into an upgrade firmware data packet and transmitting the upgrade firmware data packet to the target equipment.
Preferably, in the firmware encryption method, the encrypting each firmware sub-plaintext block by using a preset encryption algorithm includes:
reading the firmware sub-plaintext blocks according to the segmentation sequence, and encrypting the firmware sub-plaintext blocks by using a preset encryption algorithm;
judging whether the firmware sub-plaintext block is the last unencrypted firmware sub-plaintext block;
comparing the size of the last firmware sub-plaintext block with the block value when the last unencrypted firmware sub-plaintext block is determined;
assigning a value of twice the block value to the last firmware sub-plaintext block when the size of the last firmware sub-plaintext block is greater than the block value;
assigning the size of the last firmware sub-plaintext block as the block value when the size of the last firmware sub-plaintext block is smaller than the block value;
and encrypting the last firmware sub-plaintext block after assignment by using a preset encryption algorithm.
Preferably, in the firmware encryption method, the encrypting each firmware sub-plaintext block by using a preset encryption algorithm includes:
reading the storage information of all the firmware sub-plaintext blocks, and screening out the firmware sub-plaintext blocks with the sizes inconsistent with the block values according to the storage information;
assigning a size of a firmware sub-plaintext block that is larger than the block value to twice the block value;
assigning a size of a firmware sub-plaintext block smaller than the block value as the block value;
and encrypting all the firmware sub-plaintext blocks by using a preset encryption algorithm.
Preferably, in the firmware encryption method, the preset encryption algorithm includes at least one of an AES256 encryption algorithm, a base64 encryption algorithm, an AES128 encryption algorithm, and a WRS encryption algorithm.
The invention also provides a firmware decryption method, which comprises the following steps:
receiving an upgrade firmware data packet, and judging whether the upgrade firmware data packet is an encrypted data packet;
when the data packet is determined to be the encrypted data packet, acquiring a block value of a Flash memory;
reading ciphertext blocks of the firmware upgrading data packet according to the block values, and performing preset decryption algorithm processing on each ciphertext to obtain a plurality of firmware sub-plaintext blocks;
and utilizing a plurality of the firmware sub plaintext blocks to be spliced into a firmware plaintext block.
Preferably, the firmware decryption method further includes:
and verifying the firmware plaintext block, and executing the firmware plaintext block to perform firmware upgrading operation after the verification is passed.
Preferably, in the firmware decryption method, the preset decryption algorithm includes at least one of an AES256 decryption algorithm, a base64 decryption algorithm, an AES128 decryption algorithm, and a WRS decryption algorithm.
The present invention also provides a firmware encryption apparatus, comprising:
the block value acquisition module is used for acquiring the block value of the Flash memory of the target equipment;
the firmware plaintext segmentation module is used for segmenting the firmware plaintext blocks according to the block values to obtain a plurality of firmware sub plaintext blocks;
the sub-plaintext encryption module is used for encrypting each firmware sub-plaintext block by using a preset encryption algorithm to obtain a plurality of ciphertext blocks;
and the firmware package transmission module is used for packaging the ciphertext blocks into an upgrade firmware data package and transmitting the upgrade firmware data package to the target equipment.
The invention also provides a computer device comprising a memory and a processor, wherein the memory stores a computer program, and the computer program executes the firmware encryption method or the firmware decryption method when running on the processor.
The present invention also provides a readable storage medium storing a computer program which, when executed on a processor, performs the firmware encryption method or the firmware decryption method.
The invention provides a firmware encryption method, which comprises the following steps: acquiring a block value of a Flash memory of target equipment; according to the block values, the firmware plaintext blocks are segmented to obtain a plurality of firmware sub plaintext blocks; encrypting each firmware sub-plaintext block by using a preset encryption algorithm to obtain a plurality of ciphertext blocks; and packaging a plurality of ciphertext blocks into an upgrade firmware data packet and transmitting the upgrade firmware data packet to the target equipment. According to the firmware encryption method, the plaintext blocks of the firmware are divided through the block values of the Flash memory of the target equipment, so that the sizes of the subsequent ciphertext blocks are equal to the block values, the ciphertext blocks in the firmware updating data packet can be read out only by the target equipment through the corresponding block values and are decrypted, the safety of the firmware transmitted to the target equipment can be improved, and the user experience degree is improved.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solution of the present invention, the drawings required to be used in the embodiments will be briefly described below, and it should be understood that the following drawings only illustrate some embodiments of the present invention, and therefore should not be considered as limiting the scope of the present invention. Like components are numbered similarly in the various figures.
Fig. 1 is a flowchart of a firmware encryption method according to embodiment 1 of the present invention;
fig. 2 is a flowchart of encryption of a sub-plaintext block of firmware according to embodiment 2 of the present invention;
fig. 3 is a flowchart of encryption of a sub-plaintext block of firmware according to embodiment 3 of the present invention;
fig. 4 is a flowchart of a firmware decryption method according to embodiment 4 of the present invention;
fig. 5 is a flowchart of another firmware decryption method provided in embodiment 4 of the present invention;
fig. 6 is a schematic structural diagram of a firmware encryption apparatus according to embodiment 5 of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
Hereinafter, the terms "including", "having", and their derivatives, which may be used in various embodiments of the present invention, are only intended to indicate specific features, numbers, steps, operations, elements, components, or combinations of the foregoing, and should not be construed as first excluding the existence of, or adding to, one or more other features, numbers, steps, operations, elements, components, or combinations of the foregoing.
Furthermore, the terms "first," "second," "third," and the like are used solely to distinguish one from another and are not to be construed as indicating or implying relative importance.
Unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which various embodiments of the present invention belong. The terms (such as those defined in commonly used dictionaries) should be interpreted as having a meaning that is consistent with their contextual meaning in the relevant art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein in various embodiments of the present invention.
Example 1
Fig. 1 is a flowchart of a firmware encryption method provided in embodiment 1 of the present invention, where the method includes the following steps:
step S11: and acquiring the block value of the Flash memory of the target equipment.
In the embodiment of the present invention, the target devices include devices such as a router and a gateway, which are connected to the update server through a network, and since the update speed of the electronic product is increased, the devices need to frequently perform system upgrade and product function maintenance upgrade, which may involve firmware upgrade. After receiving the firmware upgrading data packet sent by the server, the target device generally stores the firmware upgrading data packet in a Flash memory (a non-volatile memory), and finally stores the programming data of the upgraded firmware in a programming area of the Flash memory. In the process of issuing the firmware upgrading data packet, the firmware plaintext in the firmware upgrading data packet is ensured not to be intercepted midway through an encryption mode, and therefore partial information of the target equipment is revealed.
In the embodiment of the invention, the block value of the Flash memory of the target equipment, namely the block value of the Flash memory, can be obtained in advance on the service end of the down-sending firmware. The block value of the Flash memory of the target device may be stored in a server in a list form, or may be obtained by an instruction after being connected to the target device through a network, which is not limited herein.
Step S12: and segmenting the firmware plaintext blocks according to the block values to obtain a plurality of firmware sub plaintext blocks.
In the embodiment of the present invention, after the block value of the Flash memory of the target device is obtained, the firmware plaintext block that needs to be transmitted to the target device may be divided according to the block value, where the dividing process may be implemented by using an algorithm or an application program, for example, an application program for dividing may be preset in the server, and after the block value and the firmware plaintext block are obtained, the block value and the firmware plaintext block may be input to the application program, so that the application program performs cutting on the firmware plaintext block according to the block value to obtain a plurality of firmware sub plaintext blocks.
Step S13: and encrypting each firmware sub plaintext block by using a preset encryption algorithm to obtain a plurality of ciphertext blocks.
In the embodiment of the invention, for each firmware sub-plaintext block, a preset encryption algorithm is encrypted to obtain a plurality of ciphertext blocks, and the size of each ciphertext block is equal to a block value. The preset encryption algorithm comprises at least one algorithm of an AES256 encryption algorithm, a base64 encryption algorithm, an AES128 encryption algorithm and a WRS encryption algorithm. After the firmware sub plaintext blocks are cut, serial number marking can be carried out on each firmware sub plaintext block, and the firmware sub plaintext blocks with different marks can be encrypted through different encryption algorithms, so that the safety is further improved. The rules of the encryption algorithm corresponding to different marks can be established in advance and stored in the server and the target device.
Step S14: and packaging a plurality of ciphertext blocks into an upgrade firmware data packet and transmitting the upgrade firmware data packet to the target equipment.
In the embodiment of the invention, after the plurality of ciphertext blocks are obtained after encryption, the update server packs the plurality of ciphertext blocks into the upgrade firmware data packet, and transmits the upgrade firmware data packet to the target device through the network, so that the target device can read the plurality of ciphertext blocks in the upgrade firmware data packet according to the block value of the target device, decrypt the ciphertext blocks by using the appointed decryption algorithm to obtain the corresponding firmware sub-plaintext blocks, and finally obtain the upgrade firmware.
In the embodiment of the invention, the firmware plaintext block is divided through the block value of the Flash memory of the target equipment, so that the size of each subsequent ciphertext block is equal to the block value, and the upgraded firmware data packet can only be decrypted by reading the ciphertext block from the target equipment through the corresponding block value, thereby improving the safety of the firmware transmitted to the target equipment and improving the user experience.
Example 2
Fig. 2 is a flowchart of encryption of a sub-plaintext block of firmware according to embodiment 2 of the present invention, where the method includes the following steps:
step S21: and reading the firmware sub-plaintext blocks according to the segmentation sequence, and encrypting the firmware sub-plaintext blocks by using a preset encryption algorithm.
In the embodiment of the present invention, the encryption may be performed according to the sequence of dividing the firmware plaintext blocks by using the block values, that is, when the block values are divided, the encryption may be performed by using a preset algorithm every time a firmware sub plaintext block is obtained.
Step S22: and judging whether the firmware sub-plaintext block is the last unencrypted firmware sub-plaintext block.
Step S23: and comparing the size of the last firmware sub plaintext block with the block value when the firmware sub plaintext block is determined to be the last unencrypted firmware sub plaintext block.
When a left next unencrypted firmware sub-plaintext block is segmented, the size of the firmware sub-plaintext block needs to be compared with a block value, so that whether the size of the firmware sub-plaintext block is larger than the block value or smaller than the block value is judged, the sizes of all ciphertext blocks are conveniently standardized, and the ciphertext blocks are conveniently read by a target device.
In the embodiment of the present invention, the process of comparing the size of the last firmware sub plaintext block with the block value may be implemented by using an algorithm or an application program, which is not limited herein.
Step S24: and when the size of the last firmware sub-plaintext block is larger than the block value, assigning the size of the last firmware sub-plaintext block to be twice the block value.
Step S25: and when the size of the last firmware sub-plaintext block is smaller than the block value, assigning the size of the last firmware sub-plaintext block as the block value.
Step S26: and encrypting the last firmware sub-plaintext block after assignment by using a preset encryption algorithm.
In the embodiment of the invention, the size of the last firmware sub-plaintext block is equal to the block value or twice the block value in a value assignment mode, so that the firmware sub-plaintext block is normalized, and the target equipment is convenient to identify. The assignment process may be implemented by using an application program, which is not limited herein.
Example 3
Fig. 3 is a flowchart of encryption of a sub-plaintext block of firmware according to embodiment 3 of the present invention, where the method includes the following steps:
step S31: and reading the storage information of all the firmware sub-plaintext blocks, and screening out the firmware sub-plaintext blocks with the sizes inconsistent with the block values according to the storage information.
In the embodiment of the invention, after the plurality of firmware sub-plaintext blocks are obtained by segmentation, the storage information of all the firmware sub-plaintext blocks can be read, so that the size information of each firmware sub-plaintext block is obtained. And then screening out the firmware sub plaintext blocks with the sizes inconsistent with the block values in a screening mode. The screening process may be implemented by using an algorithm or an application program, which is not limited herein.
Step S32: assigning a size of a firmware sub-plaintext block that is larger than the block value to twice the block value.
Step S33: assigning a size of a firmware sub-plaintext block smaller than the block value as the block value.
Step S34: and encrypting all the firmware sub-plaintext blocks by using a preset encryption algorithm.
Example 4
Fig. 4 is a flowchart of a firmware decryption method according to embodiment 4 of the present invention, where the method includes the following steps:
step S41: and receiving an upgrade firmware data packet, and judging whether the upgrade firmware data packet is an encrypted data packet.
Step S42: and when the data packet is determined to be the encrypted data packet, acquiring the block value of the Flash memory.
Step S43: and reading the ciphertext blocks of the firmware upgrading data packet according to the block values, and performing preset decryption algorithm processing on each ciphertext to obtain a plurality of firmware sub plaintext blocks.
Step S44: and utilizing a plurality of the firmware sub plaintext blocks to be spliced into a firmware plaintext block.
Fig. 5 is a flowchart of another firmware decryption method provided in embodiment 4 of the present invention, where the method further includes the following steps:
step S45: and verifying the firmware plaintext block, and executing the firmware plaintext block to perform firmware upgrading operation after the verification is passed.
In the embodiment of the present invention, the verification processing may be performed on the firmware plaintext block, and the verification processing may also be performed on the firmware sub plaintext block, and when the verification of the firmware sub plaintext block fails, the corresponding ciphertext block may be obtained from the server again, which is not limited herein.
Example 5
Fig. 6 is a schematic structural diagram of a firmware encryption apparatus according to embodiment 5 of the present invention.
The firmware encryption device 600 includes:
a block value obtaining module 610, configured to obtain a block value of a Flash memory of a target device;
a firmware plaintext division module 620, configured to divide a firmware plaintext block according to the block value to obtain a plurality of firmware sub plaintext blocks;
a sub-plaintext encryption module 630, configured to encrypt each firmware sub-plaintext block by using a preset encryption algorithm to obtain multiple ciphertext blocks;
and the firmware package transmission module 640 is configured to package the ciphertext blocks into an upgrade firmware data package and transmit the upgrade firmware data package to the target device.
In the embodiment of the present invention, for more detailed description of functions of the modules, reference may be made to contents of corresponding parts in the foregoing embodiment, which are not described herein again.
In addition, the present invention also provides a computer device, which includes a memory and a processor, wherein the memory can be used for storing a computer program, and the processor executes the computer program, so that the computer device executes the functions of the above method or the above modules in the firmware encryption device.
The memory may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the computer device, and the like. Further, the memory may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
The embodiment also provides a computer storage medium for storing a computer program used in the computer device.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative and, for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, each functional module or unit in each embodiment of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention or a part of the technical solution that contributes to the prior art in essence can be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a smart phone, a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A method for encrypting firmware, comprising:
acquiring a block value of a Flash memory of target equipment;
according to the block values, the firmware plaintext blocks are segmented to obtain a plurality of firmware sub plaintext blocks;
encrypting each firmware sub-plaintext block by using a preset encryption algorithm to obtain a plurality of ciphertext blocks;
and packaging a plurality of ciphertext blocks into an upgrade firmware data packet and transmitting the upgrade firmware data packet to the target equipment.
2. The firmware encryption method according to claim 1, wherein the encrypting each of the firmware sub-plaintext blocks using a predetermined encryption algorithm comprises:
reading the firmware sub-plaintext blocks according to the segmentation sequence, and encrypting the firmware sub-plaintext blocks by using a preset encryption algorithm;
judging whether the firmware sub-plaintext block is the last unencrypted firmware sub-plaintext block;
comparing the size of the last firmware sub-plaintext block with the block value when the last unencrypted firmware sub-plaintext block is determined;
assigning a value of twice the block value to the last firmware sub-plaintext block when the size of the last firmware sub-plaintext block is greater than the block value;
assigning the size of the last firmware sub-plaintext block as the block value when the size of the last firmware sub-plaintext block is smaller than the block value;
and encrypting the last firmware sub-plaintext block after assignment by using a preset encryption algorithm.
3. The firmware encryption method according to claim 1, wherein the encrypting each of the firmware sub-plaintext blocks using a predetermined encryption algorithm comprises:
reading the storage information of all the firmware sub-plaintext blocks, and screening out the firmware sub-plaintext blocks with the sizes inconsistent with the block values according to the storage information;
assigning a size of a firmware sub-plaintext block that is larger than the block value to twice the block value;
assigning a size of a firmware sub-plaintext block smaller than the block value as the block value;
and encrypting all the firmware sub-plaintext blocks by using a preset encryption algorithm.
4. The firmware encryption method according to claim 1, wherein the preset encryption algorithm comprises at least one of an AES256 encryption algorithm, a base64 encryption algorithm, an AES128 encryption algorithm, and a WRS encryption algorithm.
5. A method for decrypting firmware, comprising:
receiving an upgrade firmware data packet, and judging whether the upgrade firmware data packet is an encrypted data packet;
when the data packet is determined to be the encrypted data packet, acquiring a block value of a Flash memory;
reading ciphertext blocks of the firmware upgrading data packet according to the block values, and performing preset decryption algorithm processing on each ciphertext to obtain a plurality of firmware sub-plaintext blocks;
and utilizing a plurality of the firmware sub plaintext blocks to be spliced into a firmware plaintext block.
6. The firmware decryption method of claim 5, further comprising:
and verifying the firmware plaintext block, and executing the firmware plaintext block to perform firmware upgrading operation after the verification is passed.
7. The firmware decryption method of claim 5, wherein the preset decryption algorithm comprises at least one of an AES256 decryption algorithm, a base64 decryption algorithm, an AES128 decryption algorithm, and a WRS decryption algorithm.
8. A firmware encryption apparatus, comprising:
the block value acquisition module is used for acquiring the block value of the Flash memory of the target equipment;
the firmware plaintext segmentation module is used for segmenting the firmware plaintext blocks according to the block values to obtain a plurality of firmware sub plaintext blocks;
the sub-plaintext encryption module is used for encrypting each firmware sub-plaintext block by using a preset encryption algorithm to obtain a plurality of ciphertext blocks;
and the firmware package transmission module is used for packaging the ciphertext blocks into an upgrade firmware data package and transmitting the upgrade firmware data package to the target equipment.
9. A computer device comprising a memory and a processor, the memory storing a computer program which, when run on the processor, performs the firmware encryption method of any one of claims 1 to 4 or the firmware decryption method of any one of claims 5 to 7.
10. A readable storage medium, characterized in that it stores a computer program which, when run on a processor, performs the firmware encryption method of any one of claims 1 to 4, or the firmware decryption method of any one of claims 5 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110586968.7A CN113221149B (en) | 2021-05-27 | 2021-05-27 | Firmware encryption method, device, firmware decryption method and computer equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110586968.7A CN113221149B (en) | 2021-05-27 | 2021-05-27 | Firmware encryption method, device, firmware decryption method and computer equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113221149A true CN113221149A (en) | 2021-08-06 |
| CN113221149B CN113221149B (en) | 2024-02-09 |
Family
ID=77098868
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110586968.7A Active CN113221149B (en) | 2021-05-27 | 2021-05-27 | Firmware encryption method, device, firmware decryption method and computer equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113221149B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114266055A (en) * | 2022-03-02 | 2022-04-01 | 山东华翼微电子技术股份有限公司 | Multi-core firmware secure storage method and system |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130111455A1 (en) * | 2010-08-27 | 2013-05-02 | Huawei Device Co., Ltd. | Method for processing firmware based on firmware over the air technology, apparatus, and system |
| CN103457718A (en) * | 2013-05-28 | 2013-12-18 | 香港应用科技研究院有限公司 | Partial ciphertext update using variable-length segment and fixed grouping |
| CN104205117A (en) * | 2014-04-10 | 2014-12-10 | 华为技术有限公司 | Device file encryption and decryption method and device |
| CN105706099A (en) * | 2013-11-06 | 2016-06-22 | 三菱电机株式会社 | Software update device, and software update program |
| CN108985111A (en) * | 2017-06-01 | 2018-12-11 | 慧荣科技股份有限公司 | Data storage device and firmware encryption and decryption method |
| CN111031536A (en) * | 2019-12-26 | 2020-04-17 | 大连市共进科技有限公司 | Method and device for transmitting burning file and 5G small base station burning equipment |
| CN111832011A (en) * | 2020-07-09 | 2020-10-27 | 郑州信大捷安信息技术股份有限公司 | IAP-based firmware security upgrading method and device |
| CN112015455A (en) * | 2020-10-29 | 2020-12-01 | 上海银基信息安全技术股份有限公司 | Firmware upgrading method and device, electronic equipment and storage medium |
| CN112100624A (en) * | 2020-08-24 | 2020-12-18 | 泰斗微电子科技有限公司 | Firmware protection method and device and terminal equipment |
| CN112148334A (en) * | 2020-11-03 | 2020-12-29 | 广州彩熠灯光股份有限公司 | Firmware upgrading method, device, system, terminal, lamp and storage medium |
| CN112148337A (en) * | 2020-09-09 | 2020-12-29 | 杭州涂鸦信息技术有限公司 | Firmware upgrading method and device |
| CN112732318A (en) * | 2021-01-12 | 2021-04-30 | 武汉光庭信息技术股份有限公司 | Singlechip firmware upgrading method |
| CN112822199A (en) * | 2021-01-18 | 2021-05-18 | 吾征智能技术(北京)有限公司 | OTA (over the air) upgrading method and system based on protocol conversion |
-
2021
- 2021-05-27 CN CN202110586968.7A patent/CN113221149B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130111455A1 (en) * | 2010-08-27 | 2013-05-02 | Huawei Device Co., Ltd. | Method for processing firmware based on firmware over the air technology, apparatus, and system |
| CN103457718A (en) * | 2013-05-28 | 2013-12-18 | 香港应用科技研究院有限公司 | Partial ciphertext update using variable-length segment and fixed grouping |
| CN105706099A (en) * | 2013-11-06 | 2016-06-22 | 三菱电机株式会社 | Software update device, and software update program |
| CN104205117A (en) * | 2014-04-10 | 2014-12-10 | 华为技术有限公司 | Device file encryption and decryption method and device |
| CN108985111A (en) * | 2017-06-01 | 2018-12-11 | 慧荣科技股份有限公司 | Data storage device and firmware encryption and decryption method |
| CN111031536A (en) * | 2019-12-26 | 2020-04-17 | 大连市共进科技有限公司 | Method and device for transmitting burning file and 5G small base station burning equipment |
| CN111832011A (en) * | 2020-07-09 | 2020-10-27 | 郑州信大捷安信息技术股份有限公司 | IAP-based firmware security upgrading method and device |
| CN112100624A (en) * | 2020-08-24 | 2020-12-18 | 泰斗微电子科技有限公司 | Firmware protection method and device and terminal equipment |
| CN112148337A (en) * | 2020-09-09 | 2020-12-29 | 杭州涂鸦信息技术有限公司 | Firmware upgrading method and device |
| CN112015455A (en) * | 2020-10-29 | 2020-12-01 | 上海银基信息安全技术股份有限公司 | Firmware upgrading method and device, electronic equipment and storage medium |
| CN112148334A (en) * | 2020-11-03 | 2020-12-29 | 广州彩熠灯光股份有限公司 | Firmware upgrading method, device, system, terminal, lamp and storage medium |
| CN112732318A (en) * | 2021-01-12 | 2021-04-30 | 武汉光庭信息技术股份有限公司 | Singlechip firmware upgrading method |
| CN112822199A (en) * | 2021-01-18 | 2021-05-18 | 吾征智能技术(北京)有限公司 | OTA (over the air) upgrading method and system based on protocol conversion |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114266055A (en) * | 2022-03-02 | 2022-04-01 | 山东华翼微电子技术股份有限公司 | Multi-core firmware secure storage method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113221149B (en) | 2024-02-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109948347B (en) | Data storage method and device, server and readable storage medium | |
| US20150095652A1 (en) | Encryption and decryption processing method, apparatus, and device | |
| CN105577379A (en) | Information processing method and apparatus thereof | |
| CN110221990B (en) | Data storage method and device, storage medium and computer equipment | |
| CN103580852A (en) | Initialization of embedded secure elements | |
| CN109829294A (en) | A kind of firmware validation method, system, server and electronic equipment | |
| CN110929291A (en) | Method and device for accessing text file and computer readable storage medium | |
| CN107947917A (en) | A kind of method and device for generating whitepack key | |
| CN111258756A (en) | Load balancing method and device, computer equipment and readable storage medium | |
| CN108183796A (en) | The method and device of encryption and decryption is carried out using whitepack library file and whitepack key file | |
| CN111404682A (en) | Android environment key segmentation processing method and device | |
| CN108134673A (en) | A kind of method and device for generating whitepack library file | |
| CN108111622A (en) | A kind of method, apparatus and system for downloading whitepack library file | |
| US20200026583A1 (en) | Automatic correction of cryptographic application program interfaces | |
| CN113839780A (en) | Encryption method, decryption method, server and storage medium | |
| CN111753312B (en) | Data processing method, device, equipment and system | |
| CN113221149B (en) | Firmware encryption method, device, firmware decryption method and computer equipment | |
| KR20220074199A (en) | Computer program for dividing original file into multiple pieces, encrypting divided files and restoring original file by decrypting encrypted files, and method thereof | |
| EP2689367A1 (en) | Data protection using distributed security key | |
| CN113849859A (en) | Linux kernel modification method, terminal device and storage medium | |
| EP4084484B1 (en) | Method and device for encryption of video stream, communication equipment, and storage medium | |
| CN109189450A (en) | A kind of method and device of server firmware upgrading | |
| US20200382484A1 (en) | Password streaming | |
| CN113596031B (en) | Cable modem, information protection method, and readable storage medium | |
| US20210143978A1 (en) | Method to secure a software code performing accesses to look-up tables |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |