CN114139134A - Program upgrading method, device and equipment for terminal equipment - Google Patents

Program upgrading method, device and equipment for terminal equipment Download PDF

Info

Publication number
CN114139134A
CN114139134A CN202111491267.1A CN202111491267A CN114139134A CN 114139134 A CN114139134 A CN 114139134A CN 202111491267 A CN202111491267 A CN 202111491267A CN 114139134 A CN114139134 A CN 114139134A
Authority
CN
China
Prior art keywords
certificate
terminal
cloud server
information
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111491267.1A
Other languages
Chinese (zh)
Inventor
王侠
曹选明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sengled Co Ltd
Original Assignee
Sengled Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sengled Co Ltd filed Critical Sengled Co Ltd
Priority to CN202111491267.1A priority Critical patent/CN114139134A/en
Publication of CN114139134A publication Critical patent/CN114139134A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The application provides a program upgrading method of a terminal device. The method comprises the following steps: the method comprises the steps that a terminal device sends a file acquisition request to a cloud server, the cloud server receives the request and reads a terminal certificate in the request, the terminal certificate is verified, the cloud server certificate is sent to the terminal device after verification is passed, the terminal device verifies the legality of the cloud server certificate, feedback information is sent to the cloud server after verification is passed, and the cloud server is instructed to send a program upgrading file. And the cloud server receives the feedback message and sends a program upgrading file to the terminal equipment, and the terminal equipment carries out upgrading processing according to the program upgrading file. In the process, the cloud server and the equipment terminal perform mutual authentication through a pair of mutually authenticated certificates, so that the condition that the cloud server sends the upgrading program file to illegal equipment is avoided, the condition that the terminal equipment receives the upgrading program file sent by the illegal equipment is also prevented, and the safety of transmitting the upgrading program file is improved.

Description

Program upgrading method, device and equipment for terminal equipment
Technical Field
The embodiment of the application relates to a terminal technology, in particular to program upgrading of terminal equipment, a device and equipment.
Background
With the development of terminal devices, the terminal devices have been widely applied to the life and work of people. In the use process of the terminal device, the program of the terminal device is often required to be upgraded.
In the prior art, a terminal device may send a terminal certificate to a server; and after verifying the terminal certificate, the server feeds the upgrading program file back to the terminal equipment for upgrading.
However, in the prior art, the server only needs to verify the terminal certificate sent by the terminal device, and if the terminal certificate is stolen by an illegal device, the server sends the upgrade program file to the illegal device, the illegal device sends the upgrade program file to the terminal device after tampering, and then the illegal device damages the terminal device according to the tampered upgrade program file.
Disclosure of Invention
The application provides a program upgrading method, device, equipment and storage medium of terminal equipment, which are used for solving the problem of low safety in the upgrading process of the terminal equipment.
In one aspect, the present application provides a method for upgrading a program of a terminal device, which is applied to the terminal device, and the method includes:
sending a file acquisition request to a cloud server; the file acquisition request comprises a terminal certificate, the file acquisition request is used for indicating acquisition of an upgrade program file, and the terminal certificate is used for verifying the validity of the terminal certificate by the cloud server;
receiving a cloud server certificate sent by the cloud server after the validity verification of the terminal certificate is determined to pass; the cloud server certificates correspond to the terminal certificates one by one;
if the validity of the cloud server certificate is confirmed to pass, sending a feedback message to the cloud server;
and receiving an upgrading program file sent by the cloud server, and upgrading according to the upgrading program file.
In an optional implementation manner, the cloud server certificate includes terminal device information and server information;
before sending a feedback message to the cloud server if it is determined that the validity of the cloud server certificate passes the verification, the method further includes:
according to the terminal equipment information and the server information in the terminal certificate, carrying out validity verification on the terminal equipment information and the server information in the cloud server certificate;
and if the terminal equipment information in the terminal certificate is determined to be consistent with the terminal equipment information in the cloud server certificate, and the server information in the terminal certificate is determined to be consistent with the server information in the cloud server certificate, determining that the validity verification of the cloud server certificate is passed.
In an optional embodiment, the cloud server certificate is encrypted;
before performing validity verification on the terminal device information and the server information in the cloud server certificate according to the terminal device information and the server information in the terminal certificate, the method further includes:
and decrypting the cloud server certificate to obtain a decrypted cloud server certificate.
In an optional implementation manner, the terminal device information includes one or more of the following: the terminal equipment identification, the terminal equipment name, the terminal equipment model and the function information of the terminal equipment.
In an optional implementation manner, before performing the upgrade processing according to the upgrade program file, the method further includes:
carrying out integrity check on the upgrading program file;
if the integrity check of the upgrading program file is determined to pass, executing a step of upgrading according to the upgrading program file;
if the integrity check of the upgrade program file is determined not to pass, repeatedly executing the following steps until the upgrade processing is carried out, or until the repeated execution times are reached:
the upgrading program file is obtained from the cloud server again, and integrity check is carried out on the newly obtained upgrading program file;
if the integrity of the newly acquired upgrade program file is determined to pass the verification, upgrading according to the newly acquired upgrade program file;
and if the integrity check of the newly acquired upgrade program file is determined not to pass, executing the upgrade program file newly acquired from the cloud server.
In an optional embodiment, the method further comprises:
receiving the terminal certificate sent by the service provider equipment; the terminal certificate and the cloud server certificate are encrypted certificates generated by a certificate server, and the cloud server certificate is stored into the cloud server by the certificate server.
In a second aspect, the present application provides a method for upgrading a program of a terminal device, which is applied to a cloud server, and the method includes:
receiving a file acquisition request sent by terminal equipment; the file acquisition request comprises a terminal certificate, and is used for indicating acquisition of an upgrade program file;
carrying out validity verification on the terminal certificate;
if the terminal certificate is determined to pass the validity verification, sending a cloud server certificate to the terminal equipment; the cloud server certificates correspond to the terminal certificates one by one;
and receiving a feedback message sent by the terminal equipment after the terminal equipment determines that the validity of the cloud server certificate passes verification, and sending an upgrading program file to the terminal equipment, wherein the upgrading program file is used for upgrading.
In an optional implementation manner, the terminal certificate includes terminal device information and server information; and carrying out validity verification on the terminal certificate, wherein the validity verification comprises the following steps:
according to the stored terminal equipment information and server information in the cloud server certificate, carrying out validity verification on the terminal equipment information and the server information in the terminal certificate;
and if the terminal equipment information in the cloud server certificate is determined to be consistent with the terminal equipment information in the terminal certificate, and the server information in the cloud server certificate is determined to be consistent with the server information in the terminal certificate, determining that the terminal certificate passes the validity verification.
In an optional embodiment, the terminal certificate in the file acquisition request is encrypted; before validity verification is performed on the terminal equipment information and the server information in the terminal certificate according to the stored terminal equipment information and the stored server information in the cloud server certificate, the method further comprises the following steps:
and decrypting the terminal certificate to obtain the decrypted terminal certificate.
In an optional embodiment, the method further comprises:
receiving the cloud server certificate sent by a certificate server; the terminal certificate and the cloud server certificate are encrypted certificates generated by a certificate server, and the terminal certificate is issued to the terminal equipment by the certificate server through service provider equipment.
In a third aspect, the present application provides a program upgrading apparatus for a terminal device, where the apparatus is applied to the terminal device, and the apparatus includes:
the first sending unit is used for sending a file acquisition request to the cloud server; the file acquisition request comprises a terminal certificate, the file acquisition request is used for indicating acquisition of an upgrade program file, and the terminal certificate is used for verifying the validity of the terminal certificate by the cloud server;
the first receiving unit is used for receiving a cloud server certificate sent by the cloud server after the terminal certificate is determined to pass the validity verification; the cloud server certificates correspond to the terminal certificates one by one;
the second sending unit is used for sending a feedback message to the cloud server when the validity verification of the cloud server certificate is determined to pass;
the second receiving unit is used for receiving the upgrading program file sent by the cloud server;
and the processing unit is used for carrying out upgrading processing according to the upgrading program file.
In an optional implementation manner, the cloud server certificate includes terminal device information and server information; the device further comprises:
the verification unit is used for verifying the legality of the terminal equipment information and the server information in the cloud server certificate according to the terminal equipment information and the server information in the terminal certificate before the second sending unit determines that the legality of the cloud server certificate passes verification and sends a feedback message to the cloud server;
the first determining unit is used for determining that the validity verification of the cloud server certificate passes when the terminal equipment information in the terminal certificate is consistent with the terminal equipment information in the cloud server certificate and the server information in the terminal certificate is consistent with the server information in the cloud server certificate.
In an optional embodiment, the cloud server certificate is encrypted, and the apparatus further includes:
and the decryption unit is used for decrypting the cloud server certificate before the verification unit verifies the legality of the terminal equipment information and the server information in the cloud server certificate according to the terminal equipment information and the server information in the terminal certificate, so as to obtain the decrypted cloud server certificate.
In an optional implementation manner, the terminal device information includes one or more of the following: the terminal equipment identification, the terminal equipment name, the terminal equipment model and the function information of the terminal equipment.
In an alternative embodiment, the apparatus further comprises:
the verification unit is used for carrying out integrity verification on the upgrading program file before the processing unit carries out upgrading processing according to the upgrading program file;
a second determining unit, configured to execute the processing unit if it is determined that the integrity check of the upgrade program file passes;
a third determining unit, configured to, if it is determined that the integrity check of the upgrade program file does not pass, repeatedly perform the following steps until the upgrade processing is performed, or until the number of times of repeated execution is reached: acquiring the upgrade program file from the cloud server again, and carrying out integrity check on the newly acquired upgrade program file; if the integrity of the newly acquired upgrade program file is determined to pass the verification, upgrading according to the newly acquired upgrade program file; and if the integrity check of the newly acquired upgrade program file is determined not to pass, executing the upgrade program file newly acquired from the cloud server.
In an alternative embodiment, the apparatus further comprises:
a third receiving unit, configured to receive the terminal certificate sent by the service provider device; the terminal certificate and the cloud server certificate are encrypted certificates generated by a certificate server, and the cloud server certificate is stored into the cloud server by the certificate server.
In a fourth aspect, the present application provides a program upgrading apparatus for a terminal device, where the apparatus is applied to a cloud server, and the apparatus includes:
the first receiving unit is used for receiving a file acquisition request sent by the terminal equipment; the file acquisition request comprises a terminal certificate, and is used for indicating acquisition of an upgrade program file;
the verification unit is used for verifying the validity of the terminal certificate;
the first sending unit is used for sending a cloud server certificate to the terminal equipment when the terminal certificate passes the validity verification; the cloud server certificates correspond to the terminal certificates one by one;
the second receiving unit is used for receiving a feedback message sent by the terminal equipment after the terminal equipment determines that the validity verification of the cloud server certificate passes;
and the second sending unit is used for sending an upgrading program file to the terminal equipment, wherein the upgrading program file is used for upgrading.
In an optional implementation manner, the terminal certificate includes terminal device information and server information; the authentication unit includes:
the verification module is used for verifying the legality of the terminal equipment information and the server information in the terminal certificate according to the stored terminal equipment information and the server information in the cloud server certificate;
and the determining module is used for determining that the validity verification of the terminal certificate passes if the terminal equipment information in the cloud server certificate is consistent with the terminal equipment information in the terminal certificate and the server information in the cloud server certificate is consistent with the server information in the terminal certificate.
In an optional embodiment, the terminal certificate in the file acquisition request is encrypted; the verification unit further includes:
and the decryption module is used for decrypting the terminal certificate to obtain the decrypted terminal certificate before the verification module verifies the legality of the terminal equipment information and the server information in the terminal certificate according to the stored terminal equipment information and the server information in the cloud server certificate.
In an alternative embodiment, the apparatus further comprises:
the third receiving unit is used for receiving the cloud server certificate sent by the certificate server; the terminal certificate and the cloud server certificate are encrypted certificates generated by a certificate server, and the terminal certificate is issued to the terminal equipment by the certificate server through service provider equipment.
In a fifth aspect, the present application provides a terminal device, including: a processor and a memory;
the memory stores computer-executable instructions;
the computer executable instructions, when executed by the processor, implement the method of the first aspect.
In a sixth aspect, the present application provides a cloud server, including: a processor and a memory;
the memory stores computer-executable instructions;
the computer executable instructions, when executed by the processor, implement the method of the second aspect.
In a seventh aspect, the present application provides a computer-readable storage medium having stored thereon computer-executable instructions for implementing the method according to the first aspect when executed by a processor, or for implementing the method according to the second aspect when executed by a processor.
In an eighth aspect, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the method of the first aspect or which, when executed by a processor, implements the method of the second aspect.
When the terminal equipment is ready for program upgrading, a file acquisition request is sent to a cloud server, the cloud server receives the request, firstly reads a terminal certificate in the file acquisition request, verifies the terminal certificate, and considers that the terminal equipment is legal after verification, and then sends the cloud server certificate to the terminal equipment, and the terminal equipment verifies and receives the cloud server certificate, verifies the cloud server, and considers that the cloud server is legal after verification, and then sends feedback information to the cloud server, so that the cloud server is indicated to send the program upgrading file. And the cloud server receives the feedback message and sends a program upgrading file to the terminal equipment, and the terminal equipment receives the program upgrading file and carries out upgrading processing according to the program upgrading file. In the process, the cloud server and the equipment terminal perform mutual authentication through a pair of mutually authenticated certificates, so that the condition that the cloud server sends the upgrading program file to illegal equipment is avoided, the condition that the terminal equipment receives the upgrading program file sent by the illegal equipment is also prevented, and the safety of transmitting the upgrading program file is improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 is a schematic flowchart of a program upgrading method for a terminal device according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of another program upgrading method for a terminal device according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart of a program upgrading method for a terminal device according to an embodiment of the present application;
fig. 4 is a schematic flowchart of a program upgrading method for a terminal device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a program upgrading apparatus of a terminal device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of another program upgrading apparatus for a terminal device according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of a program upgrading apparatus of another terminal device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of a program upgrading apparatus of another terminal device according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of a terminal device according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a cloud server according to an embodiment of the present disclosure;
fig. 11 is a block diagram of a terminal device according to an embodiment of the present application;
fig. 12 is a schematic structural diagram of another cloud server according to an embodiment of the present disclosure;
fig. 13 is a schematic structural diagram of a program upgrading system of a terminal device according to an embodiment of the present application.
With the above figures, there are shown specific embodiments of the present application, which will be described in more detail below. These drawings and written description are not intended to limit the scope of the inventive concepts in any manner, but rather to illustrate the inventive concepts to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
With the development of terminal devices, the terminal devices have been widely applied to the life and work of people. In order to improve and enrich the functions of the terminal device and provide better and better services for the user of the terminal device, the terminal device is often required to be updated and upgraded. Generally, updating and upgrading of terminal equipment requires issuing an upgrading program file by means of a server, and a terminal receives the upgrading program file and executes the upgrading program file to realize upgrading of the terminal equipment.
In the prior art, in an example, when a terminal device needs to be upgraded, before a server issues an upgrade program file, the validity of the terminal device needs to be verified, and for this purpose, the terminal device needs to send a terminal certificate to the server; after the server verifies the terminal certificate, the terminal is considered to be legal, namely, the upgrading program file is fed back to the terminal equipment for upgrading processing. In another example, when the terminal device needs to be upgraded, the server issues the upgrade program file to the terminal device for upgrading.
In the prior art, when a server issues an upgrade program file to a terminal device, the server only needs to verify a terminal certificate sent by the terminal device, and in the process, if the terminal certificate is stolen by an illegal device, a hacker can easily intercept the upgrade program file according to related information in the certificate, even send a counterfeit program upgrade file to the terminal device, replace a normally-served terminal device program with a hacker program, control the terminal device through the program, steal terminal device information, even achieve the purpose of monitoring and controlling people and objects related to the terminal device, and greatly damage the safety of the device and users.
The application provides a program upgrading method, device and equipment for terminal equipment, and aims to solve the technical problems in the prior art.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Fig. 1 is a schematic flowchart of a method for upgrading a program of a terminal device according to an embodiment of the present application, where the method is applied to the terminal device, and as shown in fig. 1, the method includes:
101. sending a file acquisition request to a cloud server; the file acquisition request comprises a terminal certificate, the file acquisition request is used for indicating acquisition of the upgrade program file, and the terminal certificate is used for verifying the validity of the terminal certificate by the cloud server.
For example, the program upgrade of the terminal device needs an upgrade program file issued by the cloud server, so that when the terminal device is ready to perform the program upgrade, a file acquisition request needs to be sent to the cloud server first to indicate that the terminal device needs to acquire the upgrade program file, so that the cloud server is ready for the upgrade of the terminal device, and meanwhile, the file acquisition request also contains a terminal certificate, and the terminal device provides the terminal certificate to the cloud server, so that the cloud server can verify the validity of the terminal certificate.
102. Receiving a cloud server certificate sent by a cloud server after the validity verification of the terminal certificate is passed; the cloud server certificate and the terminal certificate are in one-to-one correspondence.
Illustratively, the cloud server verifies the validity of the terminal certificate, and after the terminal certificate passes the verification, the cloud server considers that the terminal device is real and legal, and then sends the certificate of the cloud server to the terminal device, so that the terminal device can verify the validity of the certificate of the cloud server. And the terminal equipment receives the cloud server certificate and verifies the validity of the cloud server certificate. The cloud server certificates correspond to the terminal certificates one to one, namely one terminal certificate corresponds to one cloud server certificate, and the terminal certificates of different terminal devices correspond to different cloud server certificates.
103. And if the validity of the cloud server certificate is determined to pass the verification, sending a feedback message to the cloud server.
Illustratively, the terminal device verifies the validity of the cloud server certificate, if the verification is passed, the terminal device recognizes the validity of the cloud server, and the terminal device can continue to upgrade, so that the terminal device sends a feedback message to the cloud server to prompt the cloud server to continue to perform subsequent operations, and the cloud server sends an upgrade program file to the terminal device according to the feedback message.
104. And receiving an upgrading program file sent by the cloud server, and upgrading according to the upgrading program file.
Illustratively, the terminal device receives an upgrade program file sent by the cloud server, reads the upgrade program file, and performs upgrade processing according to content information of the upgrade program file.
In this embodiment, the program upgrade of the terminal device needs an upgrade program file issued by the cloud server, so when the terminal device is ready to perform the program upgrade, the terminal device needs to send a file acquisition request to the cloud server, the cloud server receives the request, first reads a terminal certificate in the file acquisition request, verifies the terminal certificate, if the verification is passed, the terminal device is considered to be legal, and then sends a cloud server certificate to the terminal device, the terminal device verifies the received cloud server certificate, and if the verification is passed, the cloud server is considered to be legal, and then sends feedback information to the cloud server, and the cloud server is instructed to send the program upgrade file. And the cloud server receives the feedback message and sends a program upgrading file to the terminal equipment, and the terminal equipment receives the program upgrading file and carries out upgrading processing according to the program upgrading file. In the process, the cloud server and the equipment terminal perform mutual authentication through a pair of mutually authenticated certificates, so that the condition that the cloud server sends the upgrading program file to illegal equipment is avoided, the condition that the terminal equipment receives the upgrading program file sent by the illegal equipment is also prevented, and the safety of transmitting the upgrading program file is improved.
Fig. 2 is a schematic flowchart of another method for upgrading a program of a terminal device according to an embodiment of the present application, where the method is applied to the terminal device, and as shown in fig. 2, the method includes:
201. receiving a terminal certificate sent by service provider equipment; the terminal certificate and the cloud server certificate are encrypted certificates generated by the certificate server, and the cloud server certificate is stored into the cloud server by the certificate server.
For example, in order to facilitate the cloud server and the terminal device to mutually verify the validity of the other party, the certificate server generates a pair of encrypted certificates capable of mutual authentication, where the pair of certificates are a terminal certificate and a cloud server certificate, and the certificate server sends the generated terminal certificate to a service provider device, for example, a terminal device production factory, and the terminal device production factory sends the terminal certificate to the terminal device, and then the terminal device receives the terminal certificate. And the certificate server stores the generated cloud server certificate into the cloud server.
202. Sending a file acquisition request to a cloud server; the file acquisition request comprises a terminal certificate, the file acquisition request is used for indicating acquisition of the upgrade program file, and the terminal certificate is used for verifying the validity of the terminal certificate by the cloud server.
In one example, the terminal device information includes one or more of the following: the terminal equipment identification, the terminal equipment name, the terminal equipment model and the function information of the terminal equipment.
For example, the program upgrade of the terminal device needs an upgrade program file issued by the cloud server, so that when the terminal device is ready to perform the program upgrade, a file acquisition request needs to be sent to the cloud server first to indicate that the terminal device needs to acquire the upgrade program file, so that the cloud server is ready for the upgrade of the terminal device, and meanwhile, the file acquisition request also contains a terminal certificate, and the terminal device provides the terminal certificate to the cloud server, so that the cloud server can verify the validity of the terminal certificate. The terminal certificate carries server information and terminal device information of the terminal device, wherein the terminal device information includes a terminal device identifier, a terminal device name, a terminal device model, and function information of the terminal device; the cloud server verifies the terminal equipment information and the server information in the terminal certificate according to the terminal equipment information and the server information in the cloud server certificate so as to verify the validity of the terminal certificate. In this process, the terminal certificate is encrypted in order to secure the certificate.
In one example, a terminal device production factory encrypts a terminal certificate by using an Elliptic Curve Cryptography (ECC for short), and the encrypted terminal certificate is imported into an intelligent terminal device.
203. Receiving a cloud server certificate sent by a cloud server after the validity verification of the terminal certificate is passed; the cloud server certificate and the terminal certificate are in one-to-one correspondence.
For example, this embodiment may refer to step 102, which is not described again.
204. And decrypting the cloud server certificate to obtain the decrypted cloud server certificate.
For example, in order to ensure the security of the certificate, the cloud server certificate is encrypted, and when receiving the encrypted cloud server certificate, the terminal device needs to decrypt the cloud server certificate according to decryption logic preset in the terminal certificate, so as to read the terminal device information and the server information in the cloud server certificate.
205. And carrying out validity verification on the terminal equipment information and the server information in the cloud server certificate according to the terminal equipment information and the server information in the terminal certificate.
For example, the cloud server certificate and the terminal certificate include terminal device information and server information that can be verified mutually, so that the terminal device verifies the terminal device information and the server information in the cloud server certificate according to the terminal device information and the server information in the terminal certificate to verify the validity of the cloud server certificate.
206. And if the terminal equipment information in the terminal certificate is consistent with the terminal equipment information in the cloud server certificate and the server information in the terminal certificate is consistent with the server information in the cloud server certificate, determining that the validity verification of the cloud server certificate is passed.
Illustratively, if the terminal device reads the server information and the terminal device information in the cloud server certificate and compares and verifies the server information and the terminal device information with the terminal certificate information, wherein the server information in the cloud server certificate is consistent with the terminal certificate information, and the terminal device information in the cloud server certificate is consistent with the terminal certificate information, it is determined that the validity verification of the cloud server certificate is passed, and the terminal device considers that the cloud server is valid.
207. And if the validity of the cloud server certificate is confirmed to pass the verification, sending a feedback message to the cloud server.
For example, this embodiment may refer to step 103, which is not described again.
208. And receiving an upgrading program file sent by the cloud server, and carrying out integrity verification on the upgrading program file.
Illustratively, the terminal device receives an upgrade program file sent by the cloud server, reads the upgrade program file, and performs integrity check on the upgrade program file according to a preset check box in the upgrade program file, where the preset check box indicates information such as a file type, a file size, and a key field of the upgrade program file.
209. And if the integrity check of the upgrading program file is determined to pass, upgrading according to the upgrading program file.
Illustratively, if the upgrade program file passes the integrity check of the terminal device, the terminal device recognizes the real validity of the upgrade program file, and then reads the upgrade program file, and performs the upgrade process according to the content information of the upgrade program file.
210. If the integrity check of the upgrade program file is determined not to pass, repeatedly executing the following steps until the upgrade processing is carried out, or until the repeated execution times are reached: the upgrading program file is obtained from the cloud server again, and integrity verification is carried out on the newly obtained upgrading program file; if the integrity of the newly acquired upgrade program file is determined to pass the verification, upgrading according to the newly acquired upgrade program file; and if the integrity check of the newly acquired upgrade program file is determined not to pass, executing the upgrade program file newly acquired from the cloud server.
Exemplarily, if the terminal device checks the integrity of the program upgrade file, and reads that the information such as the file type, the file size, the key field and the like of the program upgrade does not accord with the information indicated by the preset check box, it is determined that the integrity check of the upgrade program file does not pass, the upgrade program file is obtained again from the cloud server, the integrity check of the newly obtained upgrade program file is carried out, the step of obtaining again and checking the integrity is repeatedly executed until the obtained upgrade program file passes the integrity check, and the upgrade processing is carried out according to the upgrade program file passing the integrity check; when the number of times of reacquiring the upgrade program file reaches the preset number of times requirement, for example, three times, and the program upgrade file still does not pass the verification, the prompt information is output to prompt that the upgrade process of the terminal equipment has a problem, so that technicians can perform manual intervention on the upgrade process.
In this embodiment, the certificate server generates a pair of encrypted terminal certificate and cloud server certificate that can be mutually authenticated, and the encrypted terminal certificate and the cloud server certificate are respectively stored in the terminal device and the cloud server, so that the cloud server and the terminal device can mutually authenticate; the method comprises the steps that a terminal device sends a file acquisition request to a cloud server to indicate that the terminal device needs to acquire an upgrading program file, meanwhile, a terminal certificate is also contained in the file acquisition request to facilitate authentication of the cloud server, and the terminal certificate carries server information and terminal device information of the terminal device, wherein the server information comprises path information, a terminal device identification, a terminal device name, a terminal device model, terminal device function information and the like; because the cloud server certificate and the terminal certificate are encrypted, when the cloud server receives the terminal certificate, the terminal certificate needs to be decrypted according to decryption logic preset in the cloud server so as to read the terminal device information and the server information in the cloud server certificate. And verifying the terminal certificate according to the server information and the terminal equipment information corresponding to the information in the cloud server certificate of the terminal certificate, and verifying the legality of the terminal certificate. Similarly, when the validity of the terminal certificate passes the verification, the terminal equipment performs validity verification on the cloud server certificate according to the steps. After mutual verification of the terminal device and the cloud server is completed, the terminal device sends a feedback message to the cloud server to instruct the cloud server to send a program upgrading file, after the terminal device receives the upgrading program file, the upgrading program file is read firstly, integrity verification is carried out on the upgrading program file according to a preset detection box in the upgrading program file, wherein the preset detection box indicates information such as the file type, the file size and key fields of the upgrading program file. And if the upgrading program file passes the integrity check, the terminal equipment carries out upgrading treatment according to the content information of the upgrading program file. If the upgrade program file does not pass the integrity check of the terminal equipment, the terminal equipment acquires the upgrade program file from the cloud server again, performs the integrity check on the newly acquired upgrade program file, repeatedly executes the steps of acquiring again and checking the integrity until the acquired upgrade program file passes the integrity check, and performs upgrade processing according to the upgrade program file passing the integrity check; when the number of times of reacquiring the upgrade program file reaches the preset number of times requirement, for example, three times, and the program upgrade file still does not pass the integrity verification, the prompt information is output to prompt that the upgrade process of the terminal equipment has a problem, so that a technician can perform manual intervention on the upgrade process.
Fig. 3 is a schematic flowchart of a program upgrading method for a terminal device according to an embodiment of the present application, where the method is applied to a cloud server, and as shown in fig. 3, the method includes:
301. receiving a file acquisition request sent by terminal equipment; the file acquisition request comprises a terminal certificate, and the file acquisition request is used for indicating acquisition of the upgrade program file.
302. And carrying out validity verification on the terminal certificate.
303. If the terminal certificate is determined to pass the validity verification, sending a cloud server certificate to the terminal equipment; the cloud server certificate and the terminal certificate are in one-to-one correspondence.
304. And receiving a feedback message sent by the terminal equipment after the terminal equipment determines that the validity of the cloud server certificate passes verification, and sending an upgrading program file to the terminal equipment, wherein the upgrading program file is used for upgrading.
For example, the present embodiment may refer to the description of the above embodiments, and is not described again.
Fig. 4 is a schematic flowchart of a program upgrading method for a terminal device according to an embodiment of the present application, where the method is applied to a cloud server, and as shown in fig. 4, the method includes:
401. receiving a cloud server certificate sent by a certificate server; the terminal certificate and the cloud server certificate are encrypted certificates generated by the certificate server, and the terminal certificate is issued to the terminal equipment by the certificate server through the service provider equipment.
402. Receiving a file acquisition request sent by terminal equipment; the file acquisition request comprises a terminal certificate, and the file acquisition request is used for indicating acquisition of the upgrade program file.
403. And decrypting the terminal certificate to obtain the decrypted terminal certificate.
404. And carrying out validity verification on the terminal certificate, wherein the terminal certificate comprises terminal equipment information and server information.
In one example, step 404 specifically includes:
and carrying out validity verification on the terminal equipment information and the server information in the terminal certificate according to the terminal equipment information and the server information in the stored cloud server certificate.
And if the terminal equipment information in the cloud server certificate is consistent with the terminal equipment information in the terminal certificate and the server information in the cloud server certificate is consistent with the server information in the terminal certificate, determining that the terminal certificate passes the validity verification.
405. If the terminal certificate is determined to pass the validity verification, sending a cloud server certificate to the terminal equipment; the cloud server certificate and the terminal certificate are in one-to-one correspondence.
406. And receiving a feedback message sent by the terminal equipment after the terminal equipment determines that the validity of the cloud server certificate passes verification, and sending an upgrading program file to the terminal equipment, wherein the upgrading program file is used for upgrading.
For example, the present embodiment may refer to the description of the above embodiments, and is not described again.
Fig. 5 is a schematic structural diagram of a program upgrading apparatus of a terminal device according to an embodiment of the present application, which is applied to the terminal device, and as shown in fig. 5, the apparatus includes:
a first sending unit 51, configured to send a file acquisition request to a cloud server; the file acquisition request comprises a terminal certificate, the file acquisition request is used for indicating acquisition of the upgrade program file, and the terminal certificate is used for verifying the validity of the terminal certificate by the cloud server.
A first receiving unit 52, configured to receive a cloud server certificate sent by the cloud server after it is determined that the terminal certificate passes the validity verification; the cloud server certificate and the terminal certificate are in one-to-one correspondence.
The second sending unit 53 is configured to send a feedback message to the cloud server when it is determined that the validity verification of the cloud server certificate passes.
The second receiving unit 54 is configured to receive the upgrade program file sent by the cloud server.
And the processing unit 55 is used for performing upgrading processing according to the upgrading program file.
Fig. 6 is a schematic structural diagram of another program upgrading apparatus for a terminal device according to an embodiment of the present application, which is applied to the terminal device, and based on the embodiment shown in fig. 5, as shown in fig. 6, the apparatus further includes:
the verification unit 61 is configured to perform validity verification on the terminal device information and the server information in the cloud server certificate according to the terminal device information and the server information in the terminal certificate before the second sending unit determines that the validity verification of the cloud server certificate passes and sends the feedback message to the cloud server.
The first determining unit 62 is configured to determine that the validity of the cloud server certificate passes when the terminal device information in the terminal certificate is consistent with the terminal device information in the cloud server certificate, and the server information in the terminal certificate is consistent with the server information in the cloud server certificate.
In one example, the apparatus provided in this embodiment further includes:
and the decryption unit 63 is configured to decrypt the cloud server certificate before the validation unit 61 performs validity validation on the terminal device information and the server information in the cloud server certificate according to the terminal device information and the server information in the terminal certificate, so as to obtain the decrypted cloud server certificate.
In one example, the terminal device information includes one or more of the following: the terminal equipment identification, the terminal equipment name, the terminal equipment model and the function information of the terminal equipment.
In one example, the apparatus provided in this embodiment further includes:
a checking unit 64, configured to perform integrity check on the upgrade program file before the processing unit 55 performs upgrade processing according to the upgrade program file.
And a second determining unit 65, configured to execute the processing unit 55 if it is determined that the integrity check of the upgrade program file passes.
A third determining unit 66, configured to, if it is determined that the integrity check of the upgrade program file does not pass, repeatedly perform the following steps until the upgrade process is performed, or until the number of times of repeated execution is reached: the upgrading program file is obtained from the cloud server again, and integrity verification is carried out on the newly obtained upgrading program file; if the integrity of the newly acquired upgrade program file is determined to pass the verification, upgrading according to the newly acquired upgrade program file; and if the integrity check of the newly acquired upgrade program file is determined not to pass, executing the upgrade program file newly acquired from the cloud server.
In one example, the apparatus provided in this embodiment further includes:
a third receiving unit 67, configured to receive the terminal certificate sent by the service provider device; the terminal certificate and the cloud server certificate are encrypted certificates generated by the certificate server, and the cloud server certificate is stored into the cloud server by the certificate server.
Fig. 7 is a schematic structural diagram of a program upgrading apparatus of a terminal device according to an embodiment of the present application, which is applied to a cloud server, and as shown in fig. 7, the apparatus includes:
a first receiving unit 71, configured to receive a file acquisition request sent by a terminal device; the file acquisition request comprises a terminal certificate, and the file acquisition request is used for indicating acquisition of the upgrade program file.
And an authentication unit 72, configured to perform validity authentication on the terminal certificate.
A first sending unit 73, configured to send a cloud server certificate to the terminal device when it is determined that the validity verification of the terminal certificate passes; the cloud server certificate and the terminal certificate are in one-to-one correspondence.
And a second receiving unit 74, configured to receive a feedback message sent by the terminal device after determining that the validity of the cloud server certificate passes verification.
And a second sending unit 75, configured to send an upgrade program file to the terminal device, where the upgrade program file is used for performing upgrade processing.
Fig. 8 is a schematic structural diagram of a program upgrading apparatus of a terminal device according to an embodiment of the present application, which is applied to a cloud server, and on the basis of the embodiment shown in fig. 7, as shown in fig. 8, the apparatus further includes:
in one example, the verification unit 72 includes:
the verification module 722 is configured to perform validity verification on the terminal device information and the server information in the terminal certificate according to the terminal device information and the server information in the stored cloud server certificate.
The determining module 723 is configured to determine that the validity of the terminal certificate passes verification if it is determined that the terminal device information in the cloud server certificate is consistent with the terminal device information in the terminal certificate, and the server information in the cloud server certificate is consistent with the server information in the terminal certificate.
In one example, the terminal certificate in the file acquisition request is encrypted.
In an example, in the apparatus provided in this embodiment, the verification unit 72 further includes:
the decryption module 721 is configured to decrypt the terminal certificate before the validation module 722 performs validity validation on the terminal device information and the server information in the terminal certificate according to the terminal device information and the server information in the stored cloud server certificate, so as to obtain a decrypted terminal certificate.
In an example, the apparatus provided in this embodiment further includes:
a third receiving unit 76, configured to receive the cloud server certificate sent by the certificate server; the terminal certificate and the cloud server certificate are encrypted certificates generated by the certificate server, and the terminal certificate is issued to the terminal equipment by the certificate server through the service provider equipment.
Fig. 9 is a schematic structural diagram of a terminal device according to an embodiment of the present application, and as shown in fig. 9, the terminal device includes: a memory 91 and a processor 92.
The memory 91: for storing computer-executable instructions.
The processor 92 is configured to perform the methods provided in the embodiments described above.
The terminal device further comprises a receiver 93 and a transmitter 94. The receiver 93 is used for receiving commands and data transmitted from an external device, and the transmitter 94 is used for transmitting commands and data to an external device.
Fig. 10 is a schematic structural diagram of a cloud server provided in an embodiment of the present application, and as shown in fig. 10, the cloud server includes: a memory 121 and a processor 122.
The memory 121: for storing computer-executable instructions.
The processor 122 is configured to perform the methods provided in the embodiments described above.
The cloud server also includes a receiver 123 and a transmitter 124. The receiver 123 is used for receiving commands and data transmitted from an external device, and the transmitter 124 is used for transmitting commands and data to the external device.
Fig. 11 is a block diagram illustrating a terminal device, which may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, an exercise device, a personal digital assistant, etc., according to one exemplary embodiment.
The apparatus 800 may include one or more of the following components: a processing component 802, a memory 804, a power component 806, a multimedia component 808, an audio component 810, an input/output (I/O) interface 812, a sensor component 814, and a communication component 816.
The processing component 802 generally controls overall operation of the device 800, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing components 802 may include one or more processors 820 to execute instructions to perform all or a portion of the steps of the methods described above. Further, the processing component 802 can include one or more modules that facilitate interaction between the processing component 802 and other components. For example, the processing component 802 can include a multimedia module to facilitate interaction between the multimedia component 808 and the processing component 802.
The memory 804 is configured to store various types of data to support operations at the apparatus 800. Examples of such data include instructions for any application or method operating on device 800, contact data, phonebook data, messages, pictures, videos, and so forth. The memory 804 may be implemented by any type or combination of volatile or non-volatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.
Power components 806 provide power to the various components of device 800. The power components 806 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the apparatus 800.
The multimedia component 808 includes a screen that provides an output interface between the device 800 and the user. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 808 includes a front facing camera and/or a rear facing camera. The front camera and/or the rear camera may receive external multimedia data when the device 800 is in an operating mode, such as a shooting mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have a focal length and optical zoom capability.
The audio component 810 is configured to output and/or input audio signals. For example, the audio component 810 includes a Microphone (MIC) configured to receive external audio signals when the apparatus 800 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signals may further be stored in the memory 804 or transmitted via the communication component 816. In some embodiments, audio component 810 also includes a speaker for outputting audio signals.
The I/O interface 812 provides an interface between the processing component 802 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: a home button, a volume button, a start button, and a lock button.
The sensor assembly 814 includes one or more sensors for providing various aspects of state assessment for the device 800. For example, the sensor assembly 814 may detect the open/closed status of the device 800, the relative positioning of the components, such as a display and keypad of the device 800, the sensor assembly 814 may also detect a change in the position of the device 800 or a component of the device 800, the presence or absence of user contact with the device 800, the orientation or acceleration/deceleration of the device 800, and a change in the temperature of the device 800. Sensor assembly 814 may include a proximity sensor configured to detect the presence of a nearby object without any physical contact. The sensor assembly 814 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 814 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
The communication component 816 is configured to facilitate communications between the apparatus 800 and other devices in a wired or wireless manner. The device 800 may access a wireless network based on a communication standard, such as WiFi, 2G or 3G, or a combination thereof. In an exemplary embodiment, the communication component 816 receives a broadcast signal or broadcast related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, communications component 816 further includes a Near Field Communications (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.
In an exemplary embodiment, the apparatus 800 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, micro-controllers, microprocessors or other electronic components for performing the above-described methods.
In an exemplary embodiment, a non-transitory computer-readable storage medium comprising instructions, such as the memory 804 comprising instructions, executable by the processor 820 of the device 800 to perform the above-described method is also provided. For example, the non-transitory computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
Fig. 12 is a schematic structural diagram of another cloud server provided in an embodiment of the present application, and as shown in fig. 12, the cloud server specifically includes: a processor 2701, memory 2702, and a communication interface 2703.
The memory 2702 is used to store computer programs.
The processor 2701 is configured to execute a computer program stored in the memory 2702 to implement the actions of the cloud server in the above embodiments, which is not described herein again.
Optionally, the cloud server may further include a bus 2704. The processor 2701, the memory 2702, and the communication interface 2703 may be connected to each other via a bus 2704; the bus 2704 may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The bus 2704 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in FIG. 6, but this is not intended to represent only one bus or type of bus.
In the embodiments of the present application, the above embodiments may be referred to and referred to by each other, and the same or similar steps and terms are not repeated.
Alternatively, part or all of the above modules may be implemented by being embedded in a chip of the monitoring device for the abnormal information in the form of an integrated circuit. And they may be implemented separately or integrated together. That is, the above modules may be configured as one or more integrated circuits implementing the above methods, for example: one or more Application Specific Integrated Circuits (ASICs), or one or more microprocessors (DSPs), or one or more Field Programmable Gate Arrays (FPGAs), among others.
The embodiment of the application also provides a non-transitory computer-readable storage medium, and when instructions in the storage medium are executed by a processor of the terminal device, the terminal device is enabled to execute the split-screen processing method of the terminal device.
An embodiment of the present application further provides a computer program product, where the computer program product includes: a computer program, stored in a readable storage medium, from which at least one processor of the electronic device can read the computer program, the at least one processor executing the computer program causing the electronic device to perform the solution provided by any of the embodiments described above.
Fig. 13 is a schematic structural diagram of a program upgrading system of a terminal device according to an embodiment of the present application, and as shown in fig. 13, the system includes:
at least one terminal device 111 for implementing the above embodiment, at least one cloud server 112 for implementing the above embodiment, and the above certificate server.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (24)

1. A program upgrading method of a terminal device is applied to the terminal device, and the method comprises the following steps:
sending a file acquisition request to a cloud server; the file acquisition request comprises a terminal certificate, the file acquisition request is used for indicating acquisition of an upgrade program file, and the terminal certificate is used for verifying the validity of the terminal certificate by the cloud server;
receiving a cloud server certificate sent by the cloud server after the validity verification of the terminal certificate is determined to pass; the cloud server certificates correspond to the terminal certificates one by one;
if the validity of the cloud server certificate is confirmed to pass, sending a feedback message to the cloud server;
and receiving an upgrading program file sent by the cloud server, and upgrading according to the upgrading program file.
2. The method of claim 1, wherein the cloud server certificate comprises terminal device information and server information;
before sending a feedback message to the cloud server if it is determined that the validity of the cloud server certificate passes the verification, the method further includes:
according to the terminal equipment information and the server information in the terminal certificate, carrying out validity verification on the terminal equipment information and the server information in the cloud server certificate;
and if the terminal equipment information in the terminal certificate is determined to be consistent with the terminal equipment information in the cloud server certificate, and the server information in the terminal certificate is determined to be consistent with the server information in the cloud server certificate, determining that the validity verification of the cloud server certificate is passed.
3. The method of claim 2, wherein the cloud server certificate is encrypted;
before performing validity verification on the terminal device information and the server information in the cloud server certificate according to the terminal device information and the server information in the terminal certificate, the method further includes:
and decrypting the cloud server certificate to obtain a decrypted cloud server certificate.
4. The method of claim 3, wherein the terminal device information comprises one or more of the following: the terminal equipment identification, the terminal equipment name, the terminal equipment model and the function information of the terminal equipment.
5. The method according to any one of claims 1 to 4, further comprising, before performing an upgrade process according to the upgrade program file:
carrying out integrity check on the upgrading program file;
if the integrity check of the upgrading program file is determined to pass, executing a step of upgrading according to the upgrading program file;
if the integrity check of the upgrade program file is determined not to pass, repeatedly executing the following steps until the upgrade processing is carried out, or until the repeated execution times are reached:
the upgrading program file is obtained from the cloud server again, and integrity check is carried out on the newly obtained upgrading program file;
if the integrity of the newly acquired upgrade program file is determined to pass the verification, upgrading according to the newly acquired upgrade program file;
and if the integrity check of the newly acquired upgrade program file is determined not to pass, executing the upgrade program file newly acquired from the cloud server.
6. The method according to any one of claims 1-4, further comprising:
receiving the terminal certificate sent by the service provider equipment; the terminal certificate and the cloud server certificate are encrypted certificates generated by a certificate server, and the cloud server certificate is stored into the cloud server by the certificate server.
7. A program upgrading method of terminal equipment is applied to a cloud server, and the method comprises the following steps:
receiving a file acquisition request sent by terminal equipment; the file acquisition request comprises a terminal certificate, and is used for indicating acquisition of an upgrade program file;
carrying out validity verification on the terminal certificate;
if the terminal certificate is determined to pass the validity verification, sending a cloud server certificate to the terminal equipment; the cloud server certificates correspond to the terminal certificates one by one;
and receiving a feedback message sent by the terminal equipment after the terminal equipment determines that the validity of the cloud server certificate passes verification, and sending an upgrading program file to the terminal equipment, wherein the upgrading program file is used for upgrading.
8. The method according to claim 7, wherein the terminal certificate includes terminal device information and server information; and carrying out validity verification on the terminal certificate, wherein the validity verification comprises the following steps:
according to the stored terminal equipment information and server information in the cloud server certificate, carrying out validity verification on the terminal equipment information and the server information in the terminal certificate;
and if the terminal equipment information in the cloud server certificate is determined to be consistent with the terminal equipment information in the terminal certificate, and the server information in the cloud server certificate is determined to be consistent with the server information in the terminal certificate, determining that the terminal certificate passes the validity verification.
9. The method according to claim 8, wherein the terminal certificate in the file acquisition request is encrypted; before validity verification is performed on the terminal equipment information and the server information in the terminal certificate according to the stored terminal equipment information and the stored server information in the cloud server certificate, the method further comprises the following steps:
and decrypting the terminal certificate to obtain the decrypted terminal certificate.
10. The method according to any one of claims 7-9, further comprising:
receiving the cloud server certificate sent by a certificate server; the terminal certificate and the cloud server certificate are encrypted certificates generated by a certificate server, and the terminal certificate is issued to the terminal equipment by the certificate server through service provider equipment.
11. A program upgrading apparatus for a terminal device, the apparatus being applied to the terminal device, the apparatus comprising:
the first sending unit is used for sending a file acquisition request to the cloud server; the file acquisition request comprises a terminal certificate, the file acquisition request is used for indicating acquisition of an upgrade program file, and the terminal certificate is used for verifying the validity of the terminal certificate by the cloud server;
the first receiving unit is used for receiving a cloud server certificate sent by the cloud server after the terminal certificate is determined to pass the validity verification; the cloud server certificates correspond to the terminal certificates one by one;
the second sending unit is used for sending a feedback message to the cloud server when the validity verification of the cloud server certificate is determined to pass;
the second receiving unit is used for receiving the upgrading program file sent by the cloud server;
and the processing unit is used for carrying out upgrading processing according to the upgrading program file.
12. The apparatus according to claim 11, wherein the cloud server certificate includes terminal device information and server information; the device further comprises:
the verification unit is used for verifying the legality of the terminal equipment information and the server information in the cloud server certificate according to the terminal equipment information and the server information in the terminal certificate before the second sending unit determines that the legality of the cloud server certificate passes verification and sends a feedback message to the cloud server;
the first determining unit is used for determining that the validity verification of the cloud server certificate passes when the terminal equipment information in the terminal certificate is consistent with the terminal equipment information in the cloud server certificate and the server information in the terminal certificate is consistent with the server information in the cloud server certificate.
13. The apparatus of claim 12, wherein the cloud server certificate is encrypted, the apparatus further comprising:
and the decryption unit is used for decrypting the cloud server certificate before the verification unit verifies the legality of the terminal equipment information and the server information in the cloud server certificate according to the terminal equipment information and the server information in the terminal certificate, so as to obtain the decrypted cloud server certificate.
14. The apparatus of claim 13, wherein the terminal device information comprises one or more of: the terminal equipment identification, the terminal equipment name, the terminal equipment model and the function information of the terminal equipment.
15. The apparatus according to any one of claims 11-14, further comprising:
the verification unit is used for carrying out integrity verification on the upgrading program file before the processing unit carries out upgrading processing according to the upgrading program file;
a second determining unit, configured to execute the processing unit if it is determined that the integrity check of the upgrade program file passes;
a third determining unit, configured to, if it is determined that the integrity check of the upgrade program file does not pass, repeatedly perform the following steps until the upgrade processing is performed, or until the number of times of repeated execution is reached: acquiring the upgrade program file from the cloud server again, and carrying out integrity check on the newly acquired upgrade program file; if the integrity of the newly acquired upgrade program file is determined to pass the verification, upgrading according to the newly acquired upgrade program file; and if the integrity check of the newly acquired upgrade program file is determined not to pass, executing the upgrade program file newly acquired from the cloud server.
16. The apparatus according to any one of claims 11-14, further comprising:
a third receiving unit, configured to receive the terminal certificate sent by the service provider device; the terminal certificate and the cloud server certificate are encrypted certificates generated by a certificate server, and the cloud server certificate is stored into the cloud server by the certificate server.
17. The program upgrading device of the terminal equipment is applied to a cloud server, and comprises the following steps:
the first receiving unit is used for receiving a file acquisition request sent by the terminal equipment; the file acquisition request comprises a terminal certificate, and is used for indicating acquisition of an upgrade program file;
the verification unit is used for verifying the validity of the terminal certificate;
the first sending unit is used for sending a cloud server certificate to the terminal equipment when the terminal certificate passes the validity verification; the cloud server certificates correspond to the terminal certificates one by one;
the second receiving unit is used for receiving a feedback message sent by the terminal equipment after the terminal equipment determines that the validity verification of the cloud server certificate passes;
and the second sending unit is used for sending an upgrading program file to the terminal equipment, wherein the upgrading program file is used for upgrading.
18. The apparatus according to claim 17, wherein the terminal certificate includes terminal device information and server information; the authentication unit includes:
the verification module is used for verifying the legality of the terminal equipment information and the server information in the terminal certificate according to the stored terminal equipment information and the server information in the cloud server certificate;
and the determining module is used for determining that the validity verification of the terminal certificate passes if the terminal equipment information in the cloud server certificate is consistent with the terminal equipment information in the terminal certificate and the server information in the cloud server certificate is consistent with the server information in the terminal certificate.
19. The apparatus according to claim 18, wherein the terminal certificate in the file acquisition request is encrypted; the verification unit further includes:
and the decryption module is used for decrypting the terminal certificate to obtain the decrypted terminal certificate before the verification module verifies the legality of the terminal equipment information and the server information in the terminal certificate according to the stored terminal equipment information and the server information in the cloud server certificate.
20. The apparatus of any one of claims 17-19, further comprising:
the third receiving unit is used for receiving the cloud server certificate sent by the certificate server; the terminal certificate and the cloud server certificate are encrypted certificates generated by a certificate server, and the terminal certificate is issued to the terminal equipment by the certificate server through service provider equipment.
21. A terminal device, comprising: a processor and a memory;
the memory stores computer-executable instructions;
the computer executable instructions, when executed by the processor, implement the method of any of claims 1-6.
22. A cloud server, comprising: a processor and a memory;
the memory stores computer-executable instructions;
the computer executable instructions, when executed by the processor, implement the method of any one of claims 7-10.
23. A computer-readable storage medium having stored therein computer-executable instructions for implementing the method of any one of claims 1-6 when executed by a processor or for implementing the method of any one of claims 7-10 when executed by a processor.
24. A computer program product, characterized in that it comprises a computer program which, when executed by a processor, implements the method of any one of claims 1-6, or which, when executed by a processor, implements the method of any one of claims 7-10.
CN202111491267.1A 2021-12-08 2021-12-08 Program upgrading method, device and equipment for terminal equipment Pending CN114139134A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111491267.1A CN114139134A (en) 2021-12-08 2021-12-08 Program upgrading method, device and equipment for terminal equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111491267.1A CN114139134A (en) 2021-12-08 2021-12-08 Program upgrading method, device and equipment for terminal equipment

Publications (1)

Publication Number Publication Date
CN114139134A true CN114139134A (en) 2022-03-04

Family

ID=80384984

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111491267.1A Pending CN114139134A (en) 2021-12-08 2021-12-08 Program upgrading method, device and equipment for terminal equipment

Country Status (1)

Country Link
CN (1) CN114139134A (en)

Similar Documents

Publication Publication Date Title
KR101855602B1 (en) Methods, apparatuses, program and recoding medium for controlling device
JP6374010B2 (en) Information communication method, apparatus, and electronic apparatus
CN109146470B (en) Method and device for generating payment code
CN104219058A (en) Identity authentication and authorization method and device
CN110049062B (en) Verification code verification method, device, system, server, electronic equipment and storage medium
KR101642019B1 (en) Method, apparatus, program, and recording medium of verifying terminal
RU2603549C2 (en) Verification method, device and system for protection against counterfeit
CN111199039B (en) Application security verification method and device and terminal equipment
EP3324662A1 (en) Identity verification method, apparatus and system, computer program and recording medium
KR20150135742A (en) Method and device for sending information in voice service
CN108696361B (en) Configuration method, generation method and device of smart card
CN107819740B (en) Terminal device verification method, terminal device, sound box, server and medium
CN111917728A (en) Password verification method and device
CN114221764A (en) Public key updating method, device and equipment based on block chain
CN106375350B (en) Flashing verification method and device
CN113055169A (en) Data encryption method and device, electronic equipment and storage medium
CN107302519B (en) Identity authentication method and device for terminal equipment, terminal equipment and server
CN114139134A (en) Program upgrading method, device and equipment for terminal equipment
CN108712384B (en) Terminal authentication method and device, terminal and server
CN108924136B (en) Authorization authentication method, device and storage medium
CN108881242B (en) Method and device for acquiring electronic identity card
CN111241522B (en) Firmware signature method and device and storage medium
CN110139230B (en) Method and device for forwarding short message and intelligent equipment
WO2023245356A1 (en) Charging method and apparatus for electronic device, and electronic device and storage medium
CN116600285A (en) Communication establishment method, device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination