CN113836560A - Information processing method, device, equipment and storage medium - Google Patents
Information processing method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN113836560A CN113836560A CN202111141468.9A CN202111141468A CN113836560A CN 113836560 A CN113836560 A CN 113836560A CN 202111141468 A CN202111141468 A CN 202111141468A CN 113836560 A CN113836560 A CN 113836560A
- Authority
- CN
- China
- Prior art keywords
- information
- authorization
- key
- bsw
- configuration tool
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000010365 information processing Effects 0.000 title claims abstract description 44
- 238000003672 processing method Methods 0.000 title claims abstract description 31
- 238000013475 authorization Methods 0.000 claims abstract description 268
- 238000000034 method Methods 0.000 claims abstract description 30
- 238000012795 verification Methods 0.000 claims description 16
- 230000008569 process Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 9
- 238000012545 processing Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000008676 import Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 239000013256 coordination polymer Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000012827 research and development Methods 0.000 description 2
- 239000000243 solution Substances 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 238000004886 process control Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 239000012086 standard solution Substances 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/53—Decompilation; Disassembly
Abstract
The application relates to an information processing method, an information processing device, equipment and a storage medium, wherein when the method is applied to an authorization server of a BSW configuration tool, the method comprises the following steps: receiving authorization request information, wherein the authorization request information comprises an identifier of a request terminal and functional characteristics in a BSW configuration tool requesting to be granted; encrypting the authorization request information to obtain encrypted authorization information and key information; sending key information and encryption authorization information to the request terminal based on the identifier of the request terminal; the request terminal is used for decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information, and verifying according to the authorization information when the functional characteristics in the BSW configuration tool granted by the request are used. Thus, the security of the BSW configuration tool can be improved.
Description
Technical Field
The present application relates to the field of automotive electronics, and in particular, to an information processing method, apparatus, device, and storage medium.
Background
From the initial application of the electronic technology in the middle of the 50 s to the 70 s of the 20 th century to the automobile, almost any new technology can not be generated from the figure of the electronic technology of the automobile in the process of the 'electromotion, networking, intellectualization and sharing' of the current automobile.
Due to the diversity of automobile electronic hardware systems, the development of ECU software is restricted by the hardware systems, so that the ECU software is rewritten or modified in a large scale every time the hardware needs to be updated, and then a series of tests are carried out, thereby causing high research and development cost and long research and development period. An automotive Open System architecture (automotive Open System architecture) standard solution comes from the beginning, and compared with a traditional ECU software architecture, the software and hardware coupling degree of an automotive embedded System is greatly reduced due to the high abstraction of the automotive Open System architecture.
The Classic AUTOSAR Platform (AUTOSAR Classic Platform, CP) is mainly targeted at the Electronic Control Unit (ECU) of the process control system. The Software architecture defined in the AUTOSAR CP has a three-Layer structure, respectively Application Software Layer, Runtime Environment (RTE), Basic Software Layer (BSW), where BSW is a Layer that provides functions commonly used by ECUs.
BSW configuration typically uses BSW configuration tools provided by software vendors, rather than being developed by the automotive manufacturer or vendor itself. The BSW configuration phase requires a developer to configure various ECU-related parameters, verify and generate executable code through a BSW configuration tool. The OEM can be directly matched with the configuration output by the same BSW configuration tool in the OEM or among multiple manufacturers, and the OEM is one of software reuse of the whole automobile industry caused by standardization.
The BSW configuration tool mainly provides functions of ECU-level AUTOSAR project creation, ARXML file editing, Module editing, configuration verification, code generation, DBC file import and the like. Because AUTOSAR is an open alliance, BSW configuration tools in the industry are developed based on an Artop open source framework at present, Artop provides some customized interfaces for operating an AUTOTOSAR meta-model, and the Artop is an open source JAVA project. Therefore, at present, BSW configuration tools in the industry are developed based on Eclipse plug-ins, and are developed based on JAVA language, so that the BSW configuration tools are easy to be viewed by reverse engineering decompilation for code. The current BSW configuration tool has the following problems:
1. the License authorization file of the BSW configuration tool is used for a long time, and the use is continued by modifying the system time.
2. And (4) not applying for a License authorization file of the BSW configuration tool, analyzing and positioning a License check code of the BSW configuration tool according to the key information by decompiling the code, and then modifying the code to compile and replacing an original JAR (java script object) package of the BSW configuration tool to bypass prompting, warning and checking of the License of the BSW configuration tool.
3. And modifying License authorization files of the BSW configuration tool, adjusting key information and opening more core functional characteristics of the BSW configuration tool.
The ECU software development under the Classic AUTOSAR platform, the BSW configuration is a link which cannot go around, and the safety requirement of the BSW configuration tool is very important. Therefore, in order to solve the above problems of the BSW configuration tool, it is necessary to provide a License control method for the BSW configuration tool to improve the security of the BSW configuration tool.
Disclosure of Invention
The embodiment of the application provides an information processing method, an information processing device, information processing equipment and a storage medium, and can improve the safety of a BSW configuration tool.
In one aspect, an embodiment of the present application provides an information processing method, which is applied to an authorization server of a BSW configuration tool, and includes:
receiving authorization request information, wherein the authorization request information comprises an identifier of a request terminal and functional characteristics in a BSW configuration tool requesting to be granted;
encrypting the authorization request information to obtain encrypted authorization information and key information;
sending key information and encryption authorization information to the request terminal based on the identifier of the request terminal; and the request terminal is used for decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information and verifying according to the authorization information when the functional characteristics in the BSW configuration tool requested to be granted are used.
Optionally, encrypting the authorization request information to obtain encrypted authorization information and key information includes:
generating a first key and a second key according to a key generation algorithm; the second key comprises a public key and a private key;
encrypting the authorization request information based on the first key to obtain encrypted authorization information;
encrypting the first key based on the public key to obtain encryption key information;
the private key and the encryption key information are used as key information.
On the other hand, an embodiment of the present application provides an information processing method, which is applied to a request terminal of a BSW configuration tool, and includes:
sending authorization request information to an authorization server, wherein the authorization request information comprises the identification of a request terminal and the functional characteristics in the BSW configuration tool requested to be granted;
receiving key information and encrypted authorization information sent by an authorization server; the key information and the encrypted authorization information are obtained by encrypting the authorization request information by the authorization server;
and when the functional characteristics in the BSW configuration tool requested to be granted are used, decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information, and verifying according to the authorization information.
Optionally, the key information includes a private key and encryption key information; decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information, wherein the decrypting comprises the following steps:
decrypting the encrypted key information according to the private key to obtain a first key;
and decrypting the encrypted authorization information according to the first key to obtain decrypted authorization information.
Optionally, before sending the authorization request information to the authorization server, the method includes:
when the BSW configuration tool is started, verifying the BSW configuration tool;
and when the verification is passed, starting the BSW configuration tool.
Optionally, the checking the BSW configuration tool includes:
acquiring a default check code of a BSW configuration tool;
determining a check code to be checked of the current BSW configuration tool;
determining a matching degree value of a default check code and a check code to be checked;
when the verification is passed, starting a BSW configuration tool, comprising:
and starting the BSW configuration tool when the matching degree value is greater than or equal to the preset value.
On the other hand, an embodiment of the present application provides an information processing apparatus, which is applied to an authorization server of a BSW configuration tool, and includes:
a receiving module configured to perform receiving authorization request information, the authorization request information including an identification of a requesting terminal and a functional characteristic in a BSW configuration tool requesting a grant;
the encryption module is configured to encrypt the authorization request information to obtain encrypted authorization information and key information;
a sending module configured to execute sending of key information and encryption authorization information to the requesting terminal based on the identification of the requesting terminal; and the request terminal is used for decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information and verifying according to the authorization information when the functional characteristics in the BSW configuration tool requested to be granted are used.
On the other hand, an embodiment of the present application provides an information processing apparatus, which is applied to a request terminal of a BSW configuration tool, and includes:
a sending module configured to execute sending authorization request information to an authorization server, wherein the authorization request information includes an identifier of a requesting terminal and a functional characteristic in a BSW configuration tool requesting to be granted;
the receiving module is configured to execute receiving of the key information and the encryption authorization information sent by the authorization server; the key information and the encrypted authorization information are obtained by encrypting the authorization request information by the authorization server;
and the decryption module is configured to decrypt the encrypted authorization information according to the key information when the functional characteristics in the BSW configuration tool granted by the request are used, obtain decrypted authorization information and verify according to the authorization information.
In another aspect, an embodiment of the present application provides an apparatus, where the apparatus includes a processor and a memory, where the memory stores at least one instruction or at least one program, and the at least one instruction or the at least one program is loaded by the processor and executes the information processing method described above.
In another aspect, an embodiment of the present application provides a computer storage medium, where at least one instruction or at least one program is stored in the storage medium, and the at least one instruction or the at least one program is loaded and executed by a processor to implement the information processing method described above.
The information processing method, the device, the equipment and the storage medium provided by the embodiment of the application have the following beneficial effects:
the authorization server receives authorization request information, wherein the authorization request information comprises the identification of a request terminal and the functional characteristics in the BSW configuration tool requesting to be granted; encrypting the authorization request information to obtain encrypted authorization information and key information; sending key information and encryption authorization information to the request terminal based on the identifier of the request terminal; and the request terminal is used for decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information and verifying according to the authorization information when the functional characteristics in the BSW configuration tool requested to be granted are used. Thus, the security of the BSW configuration tool can be improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic diagram of an application scenario provided in an embodiment of the present application;
fig. 2 is a schematic flowchart of an information processing method provided in an embodiment of the present application;
fig. 3 is a schematic flowchart of a process of encrypting authorization request information to obtain encrypted authorization information and key information according to an embodiment of the present application;
FIG. 4 is a schematic flow chart diagram of another information processing method provided in the embodiments of the present application;
fig. 5 is a schematic flowchart of a process of decrypting encrypted authorization information according to key information to obtain decrypted authorization information according to an embodiment of the present application;
FIG. 6 is a schematic flowchart of another information processing method provided in the embodiments of the present application;
fig. 7 is a schematic structural diagram of an information processing apparatus according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of another information processing apparatus provided in an embodiment of the present application;
fig. 9 is a block diagram of a hardware structure of a server according to an information processing method provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or server that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Referring to fig. 1, fig. 1 is a schematic diagram of an application scenario provided in an embodiment of the present application, including an authorization server 110 of a BSW configuration tool and a requesting terminal 120 of the BSW configuration tool, where the requesting terminal 120 needs to obtain authorization information from the authorization server 110, so that when a corresponding functional feature in the BSW configuration tool is operated, verification is performed according to the authorization information.
In an optional embodiment, the requesting terminal 120 sends authorization request information to the authorization server 110, where the authorization request information includes an identifier of the requesting terminal 120 and a functional characteristic in the BSW configuration tool requesting to be granted; the authorization server 110 receives the authorization request information, and then encrypts the authorization request information to obtain encrypted authorization information and key information; the authorization server 110 transmits key information and encrypted authorization information to the requesting terminal 120 based on the identification of the requesting terminal 120; the requesting terminal 120 receives the key information and the encrypted authorization information sent by the authorization server 110, decrypts the encrypted authorization information according to the key information when using the functional characteristics in the BSW configuration tool requested to be granted, obtains the decrypted authorization information, and performs authentication according to the authorization information.
In an optional embodiment, the authorization server 110 may be an independent physical server, may also be a server cluster or a distributed system formed by a plurality of physical servers, and may also be a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a CDN (Content Delivery Network), a big data and artificial intelligence platform, and the like. Alternatively, the operating system running on the authorization server 110 may include, but is not limited to, IOS, Linux, Windows, Unix, Android systems, and the like.
In an alternative embodiment, the requesting terminal 120 may include, but is not limited to, a smart phone, a desktop computer, a tablet computer, a laptop computer, a smart wearable device, and the like; the operating system running on the electronic device may include, but is not limited to, an android system, an IOS system, linux, windows, and the like.
In addition, it should be noted that fig. 1 shows only one application environment of the information processing method provided by the present disclosure, and in practical applications, other application environments may also be included.
Fig. 2 is a schematic flowchart of an information processing method provided in an embodiment of the present application, and as shown in fig. 2, taking the information processing method as an example for being used in the authorization server in fig. 1, the method includes the following steps:
in step S201, authorization request information is received, the authorization request information including an identification of the requesting terminal and a functional characteristic in the BSW configuration tool that requests the grant.
In the embodiment of the application, the authorization server receives authorization request information sent by the request terminal, wherein the authorization request information comprises an identifier of the request terminal and a functional characteristic in a BSW configuration tool requesting to be granted.
The functional characteristics in the BSW configuration tool comprise ECU-level AUTOSAR project creation, ARXML file editing, Module editing, configuration verification, code generation, DBC file import and the like; when the request terminal needs to use any one of the functional characteristics in the BSW configuration tool, authentication needs to be performed based on the authorization information sent by the authorization server, and the corresponding functional characteristic can be used only when the authentication is passed, so that the security of the BSW configuration tool can be improved, and the rights and interests of developers of the BSW configuration tool can be maintained.
In the embodiment of the present application, the identifier of the requesting terminal is used to characterize the uniqueness of the requesting terminal, for example, the identifier of the requesting terminal may include, but is not limited to, a MAC address, a CPU ID, and a serial number of a hard disk.
In an optional embodiment, the authorization request information further includes valid usage time information of the functional feature in the BSW configuration tool requesting the authorization; the authorization request information is received by the authorization server in a file form, that is, the authorization request information is a License application file, the format of the License application file is a binary c2s format, and the License application file includes, but is not limited to, the identifier of the requesting terminal and the functional characteristics in the BSW configuration tool requested to be granted, and the valid use time information.
In step S203, the authorization request information is encrypted, and encrypted authorization information and key information are obtained.
In the embodiment of the application, the authorization server encrypts the authorization request information to obtain encrypted authorization information and key information.
In an optional implementation manner, the encrypting the authorization request information to obtain the encrypted authorization information and the key information may include the following steps as shown in fig. 3:
in step S301, a first key and a second key are generated according to a key generation algorithm; the second key includes a public key and a private key.
In step S303, the authorization request information is encrypted based on the first key, so as to obtain encrypted authorization information.
In step S305, the first key is encrypted based on the public key, resulting in encrypted key information.
In step S307, the private key and the encryption key information are taken as key information.
Specifically, the first key comprises an AES key, and the second key comprises an RSA public-private key pair; the AES key and RSA public-private key pair may be generated by the authorization server according to a preset key generation algorithm. Corresponding to the above alternative embodiment, the encrypted authorization information may include an encrypted License file, where the License file includes the content of the License application file, and the format of the License file is a binary s2c format. The encryption key information may include an encrypted AES key file. The authorization server firstly encrypts the License application file by using an AES key to obtain an encrypted License file; then, encrypting the AES key file containing the AES key by using the RSA public key to obtain an encrypted AES key file; then, the RSA private key and the encrypted AES key file are used as the key information, and then the key information and the encrypted License file are sent to the request terminal.
In the above embodiment, in the process of processing the License file of the BSW configuration tool, the RSA + AES key algorithm is used to perform multiple protection on the authorization information, so that the problems that the BSW configuration tool is easily decompiled and the replacement file bypasses the authorization authentication can be solved.
In step S205, key information and encryption authorization information are transmitted to the requesting terminal based on the identifier of the requesting terminal; and the request terminal is used for decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information and verifying according to the authorization information when the functional characteristics in the BSW configuration tool requested to be granted are used.
In the embodiment of the application, the authorization server sends the key information and the encrypted authorization information to the request terminal based on the identifier of the request terminal, so that the request terminal decrypts the encrypted authorization information according to the received key information when using the functional characteristics in the BSW configuration tool granted by the request, so as to obtain the decrypted authorization information, and verifies according to the authorization information.
Fig. 4 is a schematic flowchart of another information processing method provided in an embodiment of the present application, and as shown in fig. 4, taking the information processing method as an example for being used in the request terminal in fig. 1, the method includes the following steps:
in step S401, authorization request information is sent to the authorization server, where the authorization request information includes the identity of the requesting terminal and the functional characteristics in the BSW configuration tool that requested the grant.
In the embodiment of the application, the request terminal sends authorization request information to the authorization server, wherein the authorization request information comprises the identifier of the request terminal and the functional characteristics in the BSW configuration tool requesting to be granted.
In an alternative embodiment, the identification of the requesting terminal is used to characterize the uniqueness of the requesting terminal, for example, the identification of the requesting terminal may include, but is not limited to, a MAC address, a CPU ID, and a hard disk serial number. The authorization request information may be sent to the authorization server in a file form, specifically, the requesting terminal generates a License application file based on any one or more of the above identifiers and the functional characteristics in the BSW configuration tool to be requested to be granted, and then sends the License application file to the authorization server. The format of the License application file is a binary c2s format. Of course, the License application document may also include the effective usage time information of the functional features in the BSW configuration tool requested to be granted.
In step S403, receiving key information and encrypted authorization information sent by an authorization server; the key information and the encrypted authorization information are obtained by encrypting the authorization request information by the authorization server.
In the embodiment of the present application, the request terminal receives the key information and the encrypted authorization information sent by the authorization server, where the key information and the encrypted authorization information are obtained after the authorization request information is encrypted by the authorization server, and a specific encryption manner is as shown in the above embodiments and is not described here again.
In step S405, when the functional characteristics in the BSW configuration tool requested to be granted are used, the encrypted authorization information is decrypted according to the key information, so as to obtain decrypted authorization information, and verification is performed according to the authorization information.
In the embodiment of the application, the request terminal decrypts the encrypted authorization information according to the key information when using a certain functional characteristic to obtain the decrypted authorization information. The requesting terminal performs authentication based on the authorization information (such as the License file mentioned above), and the functional feature can be normally used only when the authentication is passed.
In an alternative embodiment, the key information includes a private key and encryption key information; the decrypting the encrypted authorization information according to the key information to obtain the decrypted authorization information may include the following steps as shown in fig. 5:
in step S501, the encrypted key information is decrypted according to the private key to obtain a first key.
In step S503, the encrypted authorization information is decrypted according to the first key, so as to obtain the decrypted authorization information.
Specifically, the private key is an RSA private key, the encryption key information includes an encrypted AES key file, and the encryption authorization information includes an encrypted License file. The request terminal decrypts the encrypted AES key file according to the RSA private key to obtain an AES key; and then, decrypting the encrypted License file by using the AES key to obtain the decrypted License file.
In an optional implementation manner, before the requesting terminal sends the authorization request information to the authorization server, the information processing method according to the embodiment of the present application may further include the following steps:
when the BSW configuration tool is started, the BSW configuration tool is verified.
And when the verification is passed, starting the BSW configuration tool.
Specifically, the BSW configuration tool jar package can use MD5 to check the file sum, which can ensure that the code file for calling the BSW configuration tool to verify the authorization information cannot be modified and replaced after random decompilation. Correspondingly, the verifying the BSW configuration tool may include:
acquiring a default check code of a BSW configuration tool;
determining a check code to be checked of the current BSW configuration tool;
and determining the matching degree value of the default check code and the check code to be checked.
Correspondingly, the starting the BSW configuration tool when the verification passes may include:
and starting the BSW configuration tool when the matching degree value is greater than or equal to the preset value.
Wherein the preset value may be 1. The default check code of the BSW configuration tool, that is, the default MD5 value, may be provided by a developer of the BSW configuration tool, the check code to be checked, that is, the MD5 value to be checked, may be calculated by the requesting terminal based on the current BSW configuration tool, when the requesting terminal starts the BSW configuration tool, by calculating a matching degree value between the default MD5 value and the MD5 value to be checked, when the default MD5 value and the MD5 value to be checked are completely consistent, the BSW configuration tool is started, so that it may be ensured that the current BSW configuration tool is not tampered, so that the subsequent authorization verification process may be performed normally.
Fig. 6 is a schematic flowchart of another information processing method provided in an embodiment of the present application, and as shown in fig. 6, taking the information processing method as an example for being used in the authorization server and the request terminal in fig. 1, the method includes the following steps:
in step S601, the requesting terminal sends authorization request information to the authorization server, where the authorization request information includes an identifier of the requesting terminal and a functional characteristic in the BSW configuration tool requesting the grant.
In step S603, the authorization server receives the authorization request information, and encrypts the authorization request information to obtain encrypted authorization information and key information.
In step S605, the authorization server transmits key information and encrypted authorization information to the requesting terminal based on the identification of the requesting terminal.
In step S607, the requesting terminal receives the key information and the encrypted authorization information sent by the authorization server, decrypts the encrypted authorization information according to the key information when using the functional characteristics in the BSW configuration tool requested to be granted, obtains the decrypted authorization information, and performs authentication according to the authorization information.
In this embodiment, an interaction process between the authorization server and the request terminal in an actual application scenario is described, and reference may be made to the above embodiment for implementation manners in which various steps are optional, and details are not described here.
In the embodiment of the present application, the core functional characteristics of the BSW configuration tool are, for example, the code generation and the DBC file import described above, the core logics of the BSW configuration tool are implemented by C + +, the process of verifying according to the authorization information by the request terminal is also implemented by C + +, and specifically, the authorization information (License file) is called to perform authorization verification when the functional characteristics are used. Therefore, the possibility of decompiling jar packages of the BSW configuration tool and the possibility of cracking License files of the BSW configuration tool to tamper the content of the BSW configuration tool can be effectively reduced. The embodiment of the application provides an information processing method, and for a BSW configuration tool in a Classic AUTOSAR platform, the safety of the BSW configuration tool can be greatly improved, and the rights and interests of a developer of the BSW configuration tool can be guaranteed.
An embodiment of the present application further provides an information processing apparatus, which is applied to an authorization server of a BSW configuration tool, and fig. 7 is a schematic structural diagram of the information processing apparatus provided in the embodiment of the present application, and as shown in fig. 7, the apparatus includes:
a receiving module 701 configured to perform receiving authorization request information, the authorization request information including an identifier of a requesting terminal and a functional characteristic in a BSW configuration tool requesting a grant;
an encryption module 702 configured to perform encryption on the authorization request information to obtain encrypted authorization information and key information;
a sending module 703 configured to perform sending of the key information and the encryption authorization information to the requesting terminal based on the identifier of the requesting terminal; and the request terminal is used for decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information and verifying according to the authorization information when the functional characteristics in the BSW configuration tool requested to be granted are used.
In an alternative embodiment, the encryption module 702 is configured to perform:
generating a first key and a second key according to a key generation algorithm; the second key comprises a public key and a private key;
encrypting the authorization request information based on the first key to obtain encrypted authorization information;
encrypting the first key based on the public key to obtain encryption key information;
the private key and the encryption key information are used as key information.
The device and method embodiments in the embodiments of the present application are based on the same application concept.
An embodiment of the present application further provides an information processing apparatus, which is applied to an authorization server of a BSW configuration tool, fig. 8 is a schematic structural diagram of another information processing apparatus provided in the embodiment of the present application, and as shown in fig. 8, the apparatus includes:
a sending module 801 configured to perform sending of authorization request information to an authorization server, the authorization request information including an identification of a requesting terminal and a functional characteristic in a BSW configuration tool requesting a grant;
a receiving module 802 configured to perform receiving key information and encryption authorization information sent by an authorization server; the key information and the encrypted authorization information are obtained by encrypting the authorization request information by the authorization server;
and the decryption module 803 is configured to decrypt the encrypted authorization information according to the key information when the functional characteristics in the BSW configuration tool granted by the request are used, obtain decrypted authorization information, and perform verification according to the authorization information.
In an alternative embodiment, the key information includes a private key and encryption key information; a decryption module 803 configured to perform:
decrypting the encrypted key information according to the private key to obtain a first key;
and decrypting the encrypted authorization information according to the first key to obtain decrypted authorization information.
In an alternative embodiment, an apparatus includes a verification module configured to perform:
when the BSW configuration tool is started, verifying the BSW configuration tool;
and when the verification is passed, starting the BSW configuration tool.
In an alternative embodiment, the verification module is configured to perform:
acquiring a default check code of a BSW configuration tool;
determining a check code to be checked of the current BSW configuration tool;
determining a matching degree value of a default check code and a check code to be checked;
and starting the BSW configuration tool when the matching degree value is greater than or equal to the preset value.
The device and method embodiments in the embodiments of the present application are based on the same application concept.
The method provided by the embodiment of the application can be executed in a computer terminal, a server or a similar operation device. Taking an example of the server running on the server, fig. 9 is a hardware configuration block diagram of the server of the information processing method provided in the embodiment of the present application. As shown in fig. 9, the server 900 may have a relatively large difference due to different configurations or performances, and may include one or more Central Processing Units (CPUs) 910 (the processor 910 may include but is not limited to a Processing device such as a microprocessor NCU or a programmable logic device FPGA), a memory 930 for storing data, and one or more storage media 920 (e.g., one or more mass storage devices) for storing applications 923 or data 922. Memory 930 and storage media 920 may be, among other things, transient or persistent storage. The program stored in the storage medium 920 may include one or more modules, each of which may include a series of instruction operations in a server. Still further, the central processor 910 may be configured to communicate with the storage medium 920, and execute a series of instruction operations in the storage medium 920 on the server 900. The server 900 may also include one or more power supplies 960, one or more wired or wireless network interfaces 950, one or more input-output interfaces 940, and/or one or more operating systems 921, such as Windows, Mac OS, Unix, Linux, FreeBSD, etc.
The input/output interface 940 may be used to receive or transmit data via a network. Specific examples of the network described above may include a wireless network provided by a communication provider of the server 900. In one example, the input/output Interface 940 includes a Network adapter (NIC) that can be connected to other Network devices through a base station to communicate with the internet. In one example, the input/output interface 940 may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
It will be understood by those skilled in the art that the structure shown in fig. 9 is only an illustration and is not intended to limit the structure of the electronic device. For example, server 900 may also include more or fewer components than shown in FIG. 9, or have a different configuration than shown in FIG. 9.
Embodiments of the present application also provide a storage medium that can be disposed in a server to store at least one instruction, at least one program, a code set, or a set of instructions related to implementing an information processing method in the method embodiments, where the at least one instruction, the at least one program, the code set, or the set of instructions is loaded and executed by the processor to implement the information processing method.
Alternatively, in this embodiment, the storage medium may be located in at least one network server of a plurality of network servers of a computer network. Optionally, in this embodiment, the storage medium may include, but is not limited to: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
As can be seen from the embodiments of the information processing method, apparatus, device, and storage medium provided in the present application, an authorization server receives authorization request information, where the authorization request information includes an identifier of a requesting terminal and a functional characteristic in a BSW configuration tool requesting for authorization; encrypting the authorization request information to obtain encrypted authorization information and key information; sending key information and encryption authorization information to the request terminal based on the identifier of the request terminal; and the request terminal is used for decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information and verifying according to the authorization information when the functional characteristics in the BSW configuration tool requested to be granted are used. Thus, the security of the BSW configuration tool can be improved.
It should be noted that: the sequence of the embodiments of the present application is only for description, and does not represent the advantages and disadvantages of the embodiments. And specific embodiments thereof have been described above. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the protection scope of the present application.
Claims (10)
1. An information processing method, applied to an authorization server of a BSW configuration tool, includes:
receiving authorization request information, wherein the authorization request information comprises an identifier of a request terminal and functional characteristics in a BSW configuration tool requesting to be granted;
encrypting the authorization request information to obtain encrypted authorization information and key information;
sending the key information and the encryption authorization information to the request terminal based on the identifier of the request terminal; and the request terminal is used for decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information and verifying according to the authorization information when the functional characteristics in the BSW configuration tool granted by the request are used.
2. The method of claim 1, wherein the encrypting the authorization request message to obtain an encrypted authorization message and a key message comprises:
generating a first key and a second key according to a key generation algorithm; the second key comprises a public key and a private key;
encrypting the authorization request information based on the first key to obtain the encrypted authorization information;
encrypting the first key based on the public key to obtain encryption key information;
and taking the private key and the encryption key information as the key information.
3. An information processing method, applied to a request terminal of a BSW configuration tool, includes:
sending authorization request information to an authorization server, wherein the authorization request information comprises the identification of the request terminal and the functional characteristics in the BSW configuration tool requesting to be granted;
receiving key information and encrypted authorization information sent by the authorization server; the key information and the encrypted authorization information are obtained by encrypting the authorization request information by the authorization server;
and when the functional characteristics in the BSW configuration tool granted by the request are used, decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information, and verifying according to the authorization information.
4. The method of claim 3, wherein the key information comprises a private key and encryption key information; the decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information includes:
decrypting the encrypted key information according to the private key to obtain a first key;
and decrypting the encrypted authorization information according to the first key to obtain the decrypted authorization information.
5. The method of claim 3, wherein before sending the authorization request message to the authorization server, the method comprises:
when the BSW configuration tool is started, verifying the BSW configuration tool;
and when the verification is passed, starting the BSW configuration tool.
6. The method of claim 5, wherein the verifying the BSW configuration tool comprises:
acquiring a default check code of the BSW configuration tool;
determining a check code to be checked of the current BSW configuration tool;
determining a matching degree value of the default check code and the check code to be checked;
when the verification is passed, starting the BSW configuration tool, including:
and starting the BSW configuration tool when the matching degree value is greater than or equal to a preset value.
7. An information processing apparatus, characterized by an authorization server applied to a BSW configuration tool, comprising:
a receiving module configured to perform receiving authorization request information including an identification of a requesting terminal and a functional characteristic in a BSW configuration tool requesting a grant;
the encryption module is configured to encrypt the authorization request information to obtain encrypted authorization information and key information;
a sending module configured to execute sending the key information and the encryption authorization information to the requesting terminal based on the identification of the requesting terminal; and the request terminal is used for decrypting the encrypted authorization information according to the key information to obtain decrypted authorization information and verifying according to the authorization information when the functional characteristics in the BSW configuration tool granted by the request are used.
8. An information processing apparatus, characterized by a requesting terminal applied to a BSW configuration tool, comprising:
a sending module configured to execute sending authorization request information to an authorization server, wherein the authorization request information includes the identification of the requesting terminal and the functional characteristics in the BSW configuration tool requesting to be granted;
a receiving module configured to perform receiving the key information and the encrypted authorization information sent by the authorization server; the key information and the encrypted authorization information are obtained by encrypting the authorization request information by the authorization server;
and the decryption module is configured to decrypt the encrypted authorization information according to the key information when the functional characteristics in the BSW configuration tool granted by the request are used, obtain decrypted authorization information and verify according to the authorization information.
9. An apparatus comprising a processor and a memory, wherein at least one instruction or at least one program is stored in the memory, and the at least one instruction or the at least one program is loaded by the processor and executes the information processing method according to any one of claims 1-2 or 3-6.
10. A computer storage medium, in which at least one instruction or at least one program is stored, which is loaded and executed by a processor to implement the information processing method according to any one of claims 1 to 2 or 3 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111141468.9A CN113836560A (en) | 2021-09-28 | 2021-09-28 | Information processing method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111141468.9A CN113836560A (en) | 2021-09-28 | 2021-09-28 | Information processing method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113836560A true CN113836560A (en) | 2021-12-24 |
Family
ID=78970902
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111141468.9A Pending CN113836560A (en) | 2021-09-28 | 2021-09-28 | Information processing method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113836560A (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102819695A (en) * | 2011-09-20 | 2012-12-12 | 金蝶软件(中国)有限公司 | Authorization method and application server based on java archive (Jar) |
| CN102867138A (en) * | 2012-08-23 | 2013-01-09 | 深圳市同洲电子股份有限公司 | Copyright protection method and device for STB (set top box) middleware |
| CN103906054A (en) * | 2012-12-28 | 2014-07-02 | 上海农业信息有限公司 | Method and system for authorization of software function modules of internet of things |
| CN109284586A (en) * | 2018-08-27 | 2019-01-29 | 武汉达梦数据库有限公司 | A kind of soft ware authorization license implementation method and device |
| CN109684790A (en) * | 2018-12-26 | 2019-04-26 | 佛山市瑞德物联科技有限公司 | Software start-up method, soft ware authorization verification method, equipment and storage medium |
| CN110555300A (en) * | 2019-09-06 | 2019-12-10 | 北京字节跳动网络技术有限公司 | application program authorization method, client, server, terminal device and medium |
| CN110855426A (en) * | 2019-11-08 | 2020-02-28 | 北京握奇智能科技有限公司 | Method for software use authorization |
| CN113268715A (en) * | 2020-02-14 | 2021-08-17 | 中移(苏州)软件技术有限公司 | Software encryption method, device, equipment and storage medium |
-
2021
- 2021-09-28 CN CN202111141468.9A patent/CN113836560A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102819695A (en) * | 2011-09-20 | 2012-12-12 | 金蝶软件(中国)有限公司 | Authorization method and application server based on java archive (Jar) |
| CN102867138A (en) * | 2012-08-23 | 2013-01-09 | 深圳市同洲电子股份有限公司 | Copyright protection method and device for STB (set top box) middleware |
| CN103906054A (en) * | 2012-12-28 | 2014-07-02 | 上海农业信息有限公司 | Method and system for authorization of software function modules of internet of things |
| CN109284586A (en) * | 2018-08-27 | 2019-01-29 | 武汉达梦数据库有限公司 | A kind of soft ware authorization license implementation method and device |
| CN109684790A (en) * | 2018-12-26 | 2019-04-26 | 佛山市瑞德物联科技有限公司 | Software start-up method, soft ware authorization verification method, equipment and storage medium |
| CN110555300A (en) * | 2019-09-06 | 2019-12-10 | 北京字节跳动网络技术有限公司 | application program authorization method, client, server, terminal device and medium |
| CN110855426A (en) * | 2019-11-08 | 2020-02-28 | 北京握奇智能科技有限公司 | Method for software use authorization |
| CN113268715A (en) * | 2020-02-14 | 2021-08-17 | 中移(苏州)软件技术有限公司 | Software encryption method, device, equipment and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 天君 著: "《区块链进化史:26个故事讲透区块链前世今生》", 企业管理出版社, pages: 39 - 40 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109214168B (en) | Firmware upgrading method and device | |
| US20220114249A1 (en) | Systems and methods for secure and fast machine learning inference in a trusted execution environment | |
| US8959659B2 (en) | Software authorization system and method | |
| CN108683712B (en) | Method and device for generating application program verification and verification key and storage medium | |
| CN110621014B (en) | Vehicle-mounted equipment, program upgrading method thereof and server | |
| CN111666564B (en) | Application program safe starting method and device, computer equipment and storage medium | |
| CN110326266B (en) | Data processing method and device | |
| CN103248495B (en) | A kind of method, server, client and system applying interior paying | |
| CN112800393B (en) | Authorization authentication method, software development kit generation method, device and electronic equipment | |
| US20180067777A1 (en) | Application protection method, server, and terminal | |
| CN110688660A (en) | Method and device for safely starting terminal and storage medium | |
| CN111414640B (en) | Key access control method and device | |
| EP3048553B1 (en) | Method for distributing applets, and entities for distributing applets | |
| CN110708310B (en) | Tenant-level authority management method, device and equipment | |
| CN111399867B (en) | Software upgrading method, device, equipment and computer readable storage medium | |
| CN115150821A (en) | Offline package transmission and storage method and device | |
| CN110837643B (en) | Activation method and device of trusted execution environment | |
| CN109995534B (en) | Method and device for carrying out security authentication on application program | |
| CN112817615B (en) | File processing method, device, system and storage medium | |
| US20150082026A1 (en) | Systems and methods for locking an application to device without storing device information on server | |
| CN113489723B (en) | Data transmission method, system, computer device and storage medium | |
| CN113836560A (en) | Information processing method, device, equipment and storage medium | |
| US11799641B2 (en) | System functionality activation using distributed ledger | |
| CN109614114B (en) | License file acquisition method and device, readable storage medium and electronic equipment | |
| US20230205919A1 (en) | Multi-platform use case implementations to securely provision a secure data asset to a target device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |