CN114647426A

CN114647426A - Software upgrading method, device, equipment and storage medium

Info

Publication number: CN114647426A
Application number: CN202210223836.2A
Authority: CN
Inventors: 代冲; 谢宗宝; 王海洋; 黄海峰
Original assignee: Beijing Baidu Netcom Science and Technology Co Ltd
Current assignee: Beijing Baidu Netcom Science and Technology Co Ltd
Priority date: 2022-03-07
Filing date: 2022-03-07
Publication date: 2022-06-21

Abstract

The present disclosure provides a software upgrading method, device, equipment and storage medium, which relate to the technical field of computers, and in particular to the technical field of information security, internet of things and information flow. The specific implementation scheme is as follows: acquiring a software upgrading package of equipment to be upgraded, wherein the software upgrading package comprises: encrypting the upgrade file, the executable file and the checkpoint file, logging in the equipment to be upgraded by using the login information in the checkpoint file, copying the encrypted upgrade file and the executable file into the equipment to be upgraded, and finally executing the software upgrading process of the equipment to be upgraded by using the encrypted upgrade file and the executable file to obtain a software upgrading result. According to the technical scheme, the embedded equipment can be upgraded by external personnel, meanwhile, the information of the embedded equipment is protected from being leaked, the upgrading complexity of the embedded equipment is reduced, and the information safety is improved.

Description

Software upgrading method, device, equipment and storage medium

Technical Field

The present disclosure relates to the technical field of information security, internet of things, and information flow in the field of computer technologies, and in particular, to a method, an apparatus, a device, and a storage medium for software upgrade.

Background

With the rapid development of computer technology and internet applications, system software in the smart device is usually updated iteratively faster, and after the smart device is produced or used for a period of time, version upgrade is usually required. Software upgrading in intelligent devices, particularly embedded devices, generally employs an offline upgrade scheme in view of data security issues.

In the related art, the offline upgrade scheme of the embedded device refers to: and copying the software upgrading package to the embedded equipment through a storage medium such as a U disk and the like by a user, and executing upgrading operation. In this way, in order to ensure the data security of the embedded device, the offline upgrade scheme usually needs professional technicians to operate, and there are problems of low system upgrade efficiency and high labor cost.

Disclosure of Invention

The disclosure provides a software upgrading method, a device, equipment and a storage medium.

According to a first aspect of the present disclosure, there is provided a software upgrade method, including:

acquiring a software upgrading package of equipment to be upgraded, wherein the software upgrading package comprises: encrypting the upgrade file, the executable file and the checkpoint file;

logging in the equipment to be upgraded by using the login information in the check point file;

copying the encrypted upgrade file and the executable file to the equipment to be upgraded;

and executing the software upgrading process of the equipment to be upgraded by using the encrypted upgrading file and the executable file to obtain a software upgrading result.

According to a second aspect of the present disclosure, there is provided a software upgrading apparatus including:

the device comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a software upgrading package of equipment to be upgraded, and the software upgrading package comprises: encrypting the upgrade file, the executable file and the checkpoint file;

the login unit is used for logging in the equipment to be upgraded by using login information in the checkpoint file;

the copying unit is used for copying the encrypted upgrading file and the executable file to the equipment to be upgraded;

and the upgrading unit is used for executing the software upgrading process of the equipment to be upgraded by utilizing the encrypted upgrading file and the executable file to obtain a software upgrading result.

According to a third aspect of the present disclosure, there is provided an electronic device comprising:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,

the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of the first aspect.

According to a fourth aspect of the present disclosure, there is provided a non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method of the first aspect.

According to a fifth aspect of the present disclosure, there is provided a computer program product comprising: a computer program, stored in a readable storage medium, from which at least one processor of an electronic device can read the computer program, execution of the computer program by the at least one processor causing the electronic device to perform the method of the first aspect.

According to the technical scheme, the information of the equipment to be upgraded is protected from being leaked, the upgrading complexity of the equipment to be upgraded is reduced, and the information safety is improved.

It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.

Drawings

The drawings are included to provide a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:

FIG. 1 is a schematic diagram of an application scenario to which the disclosed embodiments are applicable;

fig. 2 is a schematic flowchart of a software upgrading method according to a first embodiment of the disclosure;

fig. 3 is a flowchart illustrating a software upgrading method according to a second embodiment of the disclosure;

FIG. 4 is a schematic diagram of a file structure after decompression and decryption of an encrypted upgrade file;

fig. 5 is a flowchart illustrating a software upgrading method according to a third embodiment of the disclosure;

FIG. 6 is a diagram illustrating a file structure after software upgrade package decompression;

fig. 7 is a flowchart illustrating a software upgrading method according to a fourth embodiment of the disclosure;

fig. 8 is a flowchart illustrating a software upgrading method according to a fifth embodiment of the disclosure;

FIG. 9 is a schematic diagram of a security scheme in a software upgrading method provided by an embodiment of the present disclosure;

fig. 10 is a schematic structural diagram of a software upgrading apparatus provided by an embodiment of the present disclosure;

FIG. 11 is a schematic block diagram of an example electronic device used to implement embodiments of the present disclosure.

Detailed Description

Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, in which various details of the embodiments of the disclosure are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.

With the continuous development of scientific technology, intelligent equipment is gradually applied to various fields, and when the system performance or the application performance of the intelligent equipment cannot meet the requirements of users, system software upgrading needs to be carried out on the intelligent equipment.

The embedded device is a device adopting an embedded system in the intelligent device, and refers to a device which does not adopt a large-capacity storage medium and can independently operate, and the embedded device comprises hardware and software running on the hardware. Embodiments of the present disclosure are explained in terms of software upgrades of embedded devices.

In practical application, because service software in the embedded device is usually updated in an iterative manner quickly, the number of the embedded devices produced from a factory is large, some devices are stored in a warehouse for a long time and sold, or after the embedded device is used for a long time, software in the embedded device may be outdated, in order to ensure subsequent normal use of the embedded device, subsequent function upgrade needs to be performed on the software in the embedded device, and some versions can be updated to the latest version only by upgrading a plurality of versions.

At present, when the smart device such as the embedded device is in a scene capable of networking, an over-the-air technology (OTA) online upgrade scheme may be adopted to perform software upgrade. Specifically, the upgrade package is downloaded from the cloud via the network, and then the upgrade operation is executed. However, this solution depends on the network, and when the system software of the embedded device changes greatly, it takes a lot of time to download the upgrade package, and the networking operation of the embedded device may also have a problem of data insecurity.

In addition, some device using mechanisms may not have networking conditions (especially, a medical mechanism considers the data security problem and is very contradictory to device networking) or only adopt an offline upgrade scheme when the network conditions are not good, specifically, a user (or an external person such as an engineer of an agent) copies a software upgrade package into the embedded device through a storage medium such as a usb disk and performs upgrade operation, for example, the software upgrade package can be upgraded to a latest version when the embedded device is installed on the ground, at this time, the operation convenience of software upgrade needs to be considered, and file security needs to be ensured (service core software and algorithms such as an Artificial Intelligence (AI) model are stored in the software upgrade package, and cannot be acquired and cracked by the external person, that is, the external person needs to log into the embedded system during the upgrade process and then can perform related operations, and when logging in to the embedded system, an account and a password are needed, but the account and the password can only be mastered by internal personnel of the company, but cannot be known by external personnel).

In view of the above technical problems, the technical idea process of the embodiment of the present disclosure is as follows: in order to ensure the data security of the embedded device (especially the embedded device in the medical field) in the upgrading process, an off-line upgrading scheme can be adopted, the upgrading tool software is loaded on the upper computer, then the upgrading tool software is used for monitoring the connection state of the upper computer and the embedded device, the embedded device is automatically logged in based on a secure communication protocol, finally, a software upgrading package in the upper computer is copied to the embedded device, the upgrading process is executed in the embedded device, so that the data security of the embedded device can be ensured on the basis of enabling external personnel to upgrade the embedded device, and meanwhile, the labor cost is reduced.

Based on the above technical concept process, the embodiments of the present disclosure provide a software upgrading method, in which a software upgrading package of a device to be upgraded is obtained, and the software upgrading package includes: encrypting the upgrade file, the executable file and the checkpoint file, logging in the equipment to be upgraded by using the login information in the checkpoint file, copying the encrypted upgrade file and the executable file into the equipment to be upgraded, and finally executing the software upgrading process of the equipment to be upgraded by using the encrypted upgrade file and the executable file to obtain a software upgrading result. According to the technical scheme, the embedded equipment can be upgraded by external personnel, meanwhile, the information of the embedded equipment is protected from being leaked, the upgrading complexity of the embedded equipment is reduced, and the information safety is improved.

The present disclosure provides a software upgrading method, device, equipment and storage medium, which are applied to the technical fields of information security, internet of things and information flow in the technical field of computers, so as to reduce the complexity of upgrading embedded equipment, improve the upgrading efficiency and reduce the labor cost on the basis of ensuring the data security of the embedded equipment.

It should be noted that the device to be upgraded in this embodiment is not a specific device of a certain class and cannot reflect information of a specific device, for example, the device to be upgraded in this embodiment of the present disclosure may be any one of computers capable of running a linux system, and this embodiment of the present disclosure is exemplified by taking the device to be upgraded as an embedded device.

In the embodiment of the present disclosure, the upgrade tool software generally runs in a windows system, and after the windows device where the upgrade tool software is located is connected to the device to be upgraded through a network cable, the upgrade tool software may log in the device to be upgraded through a certain "secure communication protocol" and perform a certain operation. For example, the secure communication protocol may be secure shell (ssh) protocol login, and the upgrade tool software may log in the linux system from the windows system by using the ssh protocol, and execute commands such as upgrading and copying files.

It is understood that the technical solution of the present disclosure may be implemented by using various languages, for example, C + + written code is used in the embodiment of the present disclosure, however, the language is only a tool for implementing the technical solution, for example, the technical solution of the present disclosure may also be implemented by writing code in java, python, and other languages, and the embodiment of the present disclosure is not limited thereto.

Accordingly, when the embodiment of the present disclosure is implemented by using C + + written code, each file related to the following embodiments of the present disclosure is commanded according to the naming convention of the C + + language environment, for example, a bdata file, a bdata _ pre file, an ota _ bin file, a checkpoint file, update _ files, update _ sh, and md5.txt are all written in the C + + language environment, which is also an exemplary description.

It should be noted that the software upgrade package in this embodiment and various files or information included in the software upgrade package are all from the public data set.

In the technical scheme of the disclosure, the collection, storage, use, processing, transmission, provision, disclosure and other processing of the personal information of the related user are all in accordance with the regulations of related laws and regulations and do not violate the good customs of the public order.

For example, fig. 1 is a schematic view of an application scenario to which the embodiment of the present disclosure is applied. As shown in fig. 1, the application scenario diagram includes: a control device 11 and a device to be upgraded 12.

In the embodiment of the present disclosure, when the device to be upgraded 12 has a software upgrade requirement, the user may perform wired connection between the control device 11 and the device to be upgraded 12 through a network cable or a USB cable, so that the control device 11 and the device to be upgraded 12 are physically connected.

Optionally, a software upgrade package of at least one device to be upgraded is stored in the control device 11, and upgrade tool software having a software upgrade function is loaded in the control device 11, and when the control device 11 and the device 12 to be upgraded are in a connected state and the upgrade tool software is in an opened state, a user may add the software upgrade package of the device 12 to be upgraded to the upgrade tool software in a dragging or selecting manner, so that the upgrade tool software executes a software upgrade scheme provided in the embodiment of the present disclosure.

In the embodiment of the present disclosure, the control device 11 is a computer that can directly issue an operation command, and may be referred to as an upper computer, and the device to be upgraded 12 is a computer that can receive the command of the control device 11 and execute a corresponding operation, and may be referred to as a lower computer, for example, an embedded device.

Optionally, in the embodiment of the present disclosure, the control device 11 may run the upgrade tool software loaded thereon, where the upgrade tool software may automatically log into the device to be upgraded 12 through a secure communication protocol such as ssh and https, and copy (or copy) the software upgrade package in the control device 11 into the device to be upgraded 12, so as to execute the software upgrade program.

Optionally, in consideration of the problems of security and the like, on the basis of the secure connection protocol, the scheme of this embodiment further adds a verification process of each process, for example, verification of an encrypted upgrade file in a software upgrade package, verification of a copy process, verification of an upgrade process, and the like, and measures of encryption, decryption, and the like of the upgrade file and the checkpoint file.

Illustratively, the control device 11 may be a device having a display function and/or a voice playback function, which may display or play the software upgrade result. Optionally, in this embodiment, if the control device does not have a display function and a voice playing function, the application scenario may further include a display device or a voice playing device.

It can be understood that the application scenario shown in fig. 1 may further include other devices, for example, a terminal device, where the terminal device may be connected to the control device, and the control device may push the obtained software upgrading result to the terminal device, so that the user may obtain the software upgrading result in time.

It should be noted that, in the embodiment of the present disclosure, the device included in fig. 1 is not limited, and the position relationship between the devices in fig. 1 is also not limited, for example, when the display device is included in fig. 1, the display function of the display device may be integrated on the control device, that is, the control device may directly display the software upgrade result after obtaining the software upgrade result, and the like, which is not described herein again.

In practical applications, both the terminal device and the server may be devices running with upgrade tool software, so that the control device in fig. 1 may be implemented by the terminal device or the server, which is not limited in the embodiments of the present disclosure, and the following explains the method for executing software upgrade by using upgrade tool software in the control device.

The software upgrading scheme provided by the embodiment of the present disclosure will be described in detail with specific embodiments in conjunction with the accompanying drawings. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments.

Fig. 2 is a schematic flowchart of a software upgrading method according to a first embodiment of the present disclosure. As shown in fig. 2, the software upgrading method may include the steps of:

s201, acquiring a software upgrading package of the equipment to be upgraded, wherein the software upgrading package comprises: the upgrade file, the executable file, and the checkpoint file are encrypted.

In this embodiment, when software upgrade is required for a certain device, an upgrade worker may connect the control device and the device to be upgraded through a network cable or a USB cable, and open an upgrade software tool in the control device when the control device and the device to be upgraded are connected, at this time, the upgrade tool software may automatically create two threads. One thread is used for continuously checking the connection state of the control equipment and the equipment to be upgraded until the software upgrading process of the equipment to be upgraded is finished, and if the connection between the control equipment and the equipment to be upgraded is disconnected, a popup window prompt (at the moment, the control equipment has a human-computer interaction interface) or a voice prompt (at the moment, the control equipment has a voice playing function) is given through the human-computer interaction interface of the control equipment; another thread is used to execute the software upgrade scheme provided by the embodiments of the present disclosure.

For example, in this embodiment, when the control device and the device to be upgraded are in a connected state and the upgrade tool software is opened, the upgrade tool software may obtain a software upgrade package selected by the upgrade person or added to the upgrade tool software in a dragging manner.

It can be understood that in practical application, the software upgrading package is a compressed package, and the upgrading tool software can obtain the encrypted upgrading file, the executable file and the checkpoint file by decompressing the compressed package.

Optionally, in a C + + language environment, the encrypted upgrade file may be represented as a bdota file, which is obtained by encrypting a bdota _ pre file, where the bdota _ pre file is a file generated by packaging all upgrade files, upgrade scripts, and check files of the device to be upgraded.

The executable file can be represented as ota _ bin file, which is specifically an executable program, and can decrypt and decompress the bdota file to obtain the original upgrade file of the device to be upgraded, because the decryption process needs the public key corresponding to the private key to decrypt, and the public key is stored in the embedded device when leaving the factory, it is ensured that the encrypted upgrade file can be decrypted only in the corresponding device to be upgraded, and the encrypted upgrade file cannot be decrypted in other environments, thereby ensuring the security of the encrypted upgrade file.

The checkpoint file may be represented as a checkpoint file, which is an encrypted text file, and login information required to log in the device to be upgraded, verification information required to verify the encrypted upgrade file, and the like are recorded in the text file.

It can be understood that the encryption methods for encrypting the upgrade file and the checkpoint file are not limited in the embodiments of the present disclosure, for example, the encryption methods for encrypting the upgrade file and the checkpoint file may be symmetric encryption or asymmetric encryption, which is not described herein again.

And S202, logging in the equipment to be upgraded by using the login information in the checkpoint file.

In this embodiment, the checkpoint file records login information required for logging in the device to be upgraded, so that when software in the device to be upgraded needs to be upgraded, the software needs to be logged in the device to be upgraded first.

For example, the login information in the checkpoint file may include an account, a password, a port number, and the like for logging in the device to be upgraded, and thus, the upgrade tool software may log in the embedded device through a secure login protocol using the account, the password, the port number, and the like for the device to be upgraded so as to perform a subsequent operation process.

S203, copying the encrypted upgrading file and the executable file to the equipment to be upgraded.

For example, if it is desired to upgrade software in a device to be upgraded, after the upgrade tool software logs in the device to be upgraded, an encrypted upgrade file and an executable file required by the software upgrade need to be copied to the device to be upgraded.

Optionally, the upgrade tool software may copy the encrypted upgrade file (bdota file) and the executable file (ota _ bin file) to the device to be upgraded via a secure copy protocol (including but not limited to secure copy (scp) protocol, etc.) using information such as the account number, password, port number, etc. of the device to be upgraded.

S204, executing the software upgrading process of the equipment to be upgraded by using the encrypted upgrading file and the executable file to obtain a software upgrading result.

Optionally, in this embodiment, after the upgrade tool software logs in the device to be upgraded and copies the encrypted upgrade file and the executable file required for upgrading to the device to be upgraded, the software upgrade process of the device to be upgraded may be executed.

That is, according to the technical scheme of this embodiment, an external person can upgrade the device to be upgraded, and meanwhile, login information such as an account number, a password, and a port number of the device to be upgraded can be protected from being leaked, so that the software upgrade package and the upgrade tool software can be opened to the outside, anyone can obtain the software upgrade package, but cannot obtain data such as service software and an AI algorithm file in the software upgrade package, and data security is ensured.

For example, the software upgrading process may be executed by running the upgrade script after the encrypted upgrade file is decompressed or encrypted by the executable file to obtain the upgrade file set and the upgrade script, and the software upgrading result may be obtained after the software upgrading process is completed.

In an embodiment of the present disclosure, by obtaining a software upgrade package of a device to be upgraded, the software upgrade package includes: encrypting the upgrade file, the executable file and the checkpoint file, logging in the equipment to be upgraded by using the login information in the checkpoint file, copying the encrypted upgrade file and the executable file into the equipment to be upgraded, and finally executing the software upgrading process of the equipment to be upgraded by using the encrypted upgrade file and the executable file to obtain a software upgrading result. According to the technical scheme, the embedded equipment can be upgraded by external personnel, meanwhile, the information of the equipment to be upgraded is protected from being leaked, the complexity of upgrading the equipment to be upgraded is reduced, and the information safety is improved.

On the basis of the embodiment shown in fig. 2, the software upgrading method provided by the embodiment of the present disclosure is described in more detail below.

Exemplarily, fig. 3 is a schematic flowchart of a software upgrading method according to a second embodiment of the present disclosure. As shown in fig. 3, in the embodiment of the present disclosure, the above S204 may be implemented by the following steps:

s301, the encrypted upgrade file is decompressed and decrypted by the executable file, and an upgrade file set, an upgrade script and a check file are obtained.

In this embodiment, the upgrade file of the device to be upgraded includes information that needs to be kept secret, such as service software and an AI algorithm model, and a bdata _ pre file may be generated by packaging all upgrade files of the device to be upgraded, so as to prevent an external person from directly obtaining the upgrade file after decompressing the bdata _ pre file, and therefore, the encrypted upgrade file is obtained by encrypting the bdata _ pre file.

Accordingly, in the embodiment of the present disclosure, after the upgrade tool software logs in the embedded device through the secure login protocol, the executable file (ota _ bin file) may be run to decompress and decrypt the encrypted upgrade file, so as to obtain the upgrade file set, the upgrade script, and the verification file required by the upgrade.

For example, in this embodiment, the step S301 may be implemented by:

a1, executing the decompressing and decrypting process of the encrypted upgrade file by running the executable file;

a2, in the process of decompressing and decrypting the encrypted upgrade file, inquiring in the equipment to be upgraded to obtain the public key file of the encrypted upgrade file;

a3, checking the public key file by using the known private key file;

and A4, responding to the verification of the public key file and ending the decompression and decryption process of the encrypted upgrade file, and obtaining an upgrade file set, an upgrade script and a verification file which are included in the encrypted upgrade file.

For example, assuming that the encryption algorithm for generating the encrypted upgrade file is an asymmetric encryption algorithm, since a public and private key pair is involved in the asymmetric encryption process, the private key file may be used to perform signature encryption processing on the bdata _ pre file to generate a bdata file, and before the device to be upgraded leaves the factory, the public key file is written into the system of the device to be upgraded.

Correspondingly, in this embodiment, in the process of decompressing and decrypting the encrypted upgrade file by using the executable file, the device to be upgraded can query to find the public key file written into the system when leaving the factory, and check the public key file by using the known private key file.

Optionally, after the verification of the public key file passes, the decompression and decryption of the encrypted upgrade file may be implemented. Illustratively, fig. 4 is a schematic diagram of a file structure after decompression and decryption of an encrypted upgrade file. As shown in fig. 4, the encrypted upgrade file 400 is decompressed and decrypted, and it can be seen that the encrypted upgrade file 400 includes three parts: an upgrade file set 401, an upgrade script 402, and a check file 403.

Optionally, in a C + + language environment, the upgrade file set 401 may be represented by update _ files, and the upgrade file set 401 includes: and all files required by the equipment to be upgraded, such as business software, AI algorithm model and other information.

Sh, the upgrade script 402 may be represented by update, and is used to copy each file in the set of upgrade files 401(update _ files) into a specified directory and perform upgrade operations (including but not limited to operations on a database, deleting or newly creating folders, modifying content in files, etc.);

the check file 403 may be represented by md5.txt, which is a text file and specifically includes: the check value of each file in the set of files is updated, for example, the md5 value of all files in update _ files is recorded.

S302, based on the upgrade file set, running an upgrade script, and determining that each file in the upgrade file set is copied to a specified directory.

For example, since the upgrade script functions to copy each file in the set of upgrade files to a specified directory and perform a corresponding upgrade operation, when the upgrade tool software is running the upgrade script, an operation of copying each file in the set of upgrade files to the specified directory may be triggered.

S303, determining the actual check value of each file in the upgrade file set.

Optionally, after each file in the upgrade file set is copied to the designated directory, whether the copying process of each file in the upgrade file set is normal may be checked, at this time, an actual check value of each file in the upgrade file set may be calculated, for example, an md5 value of each file after all files of update _ files are copied to the target directory after the upgrade is calculated.

S304, determining a software upgrading result according to the check value of each file in the upgrading file set and the theoretical check value of each file recorded in the check file.

Illustratively, the check values for the respective files in the upgrade file set may be respectively compared with theoretical check values (md5 values) recorded in the check file (md5.txt), and the check result (md5 check result) may be used as a flag indicating whether the upgrade is successful.

Exemplarily, if the verification result is failure, determining that the software upgrading result is abnormal in the software upgrading process, and giving a popup prompt; and if the verification result is successful, determining that the software upgrading process is normal and entering the subsequent operation.

In the embodiment of the disclosure, the encrypted upgrade file is decompressed and decrypted by using the executable file to obtain an upgrade file set, an upgrade script and a check file, the upgrade script is operated based on the upgrade file set to determine that each file in the upgrade file set is copied to an appointed directory, then an actual check value of each file in the upgrade file set is determined, and finally a software upgrade result is determined according to the check value of each file in the upgrade file set and the theoretical check value of each file recorded in the check file. In the technical scheme, the encrypted upgrade file can be decompressed and decrypted only in the equipment to be upgraded and cannot be unlocked in other environments, so that the safety of the upgrade file is ensured.

Exemplarily, fig. 5 is a flowchart illustrating a software upgrading method according to a third embodiment of the present disclosure. As shown in fig. 5, in an embodiment of the present disclosure, before the above S202, the software upgrading method may further include the following steps:

s501, decompressing the software upgrading package to obtain an encrypted upgrading file, an executable file and a check point file.

In the embodiment of the present disclosure, the software upgrade package is in the form of a compressed package, and thus, by decompressing the software upgrade package, the encrypted upgrade file, the executable file, and the checkpoint file contained in the software upgrade package may be obtained.

Illustratively, fig. 6 is a schematic diagram of a file structure after software upgrade package decompression. As shown in fig. 6, the software upgrade package 600 includes: upgrade file 601, executable file 602, and checkpoint file 603 are encrypted. For specific functions of the encryption upgrade file 601, the executable file 602, and the checkpoint file 603, reference may be made to the description in S201 in the embodiment shown in fig. 2, which is not described herein again.

S502, verifying the encrypted upgrade file by using the checkpoint file, and determining the validity of the encrypted upgrade file.

In this embodiment, the checkpoint file (checkpoint file) may be a symmetrically encrypted text file, in which a theoretical check value (md5 value) of the encrypted upgrade file may be stored, so as to prevent a user from generating a false encrypted upgrade file by himself or herself to perform some destructive operations.

Illustratively, this S502 may be implemented by the following steps:

b1, decrypting the check point file and acquiring the plaintext information in the check point file.

Wherein the plaintext information comprises: login information, the validity period of the software upgrading package and the theoretical check value of the encrypted upgrading file.

In this embodiment, a checkpoint file (checkpoint file) records login information such as an account number, a password, and a port number of a device to be upgraded, which cannot be known by an external person, but the upgrade tool software needs to have the information to copy a file to the device to be upgraded and log in the device to be upgraded to perform an upgrade operation. Therefore, the checkpoint file can be obtained by adopting a symmetric encryption mode, and a symmetric encryption key is stored in the upgrading tool software.

Correspondingly, the upgrade tool software may encrypt the checkpoint file by using the key stored in the upgrade tool software, to obtain plaintext information after decryption of the checkpoint file, and the encryption method specifically may include: the upgrade tool software logs in the account number, password and port number required by the device to be upgraded, and records the validity period of the software upgrade package, the theoretical check value of the encrypted upgrade file, and the like, that is, the plaintext information after the checkpoint file is decrypted can be exemplarily explained as follows:

it is understood that the specific representation form of the plaintext information decrypted by the checkpoint file is an exemplary illustration, which can be determined according to practical situations, and is not limited herein.

B2, determining whether the software upgrade package is in the validity period.

For example, in practical applications, each software upgrade package has a certain validity period, and therefore, after the validity period of the software upgrade package is obtained, the current system time of the control device may be obtained first, and then the current system time is compared with the validity period of the software upgrade package recorded in the checkpoint file, so as to determine whether the software upgrade package is within the validity period, and if the validity period is exceeded, the software upgrade package may not be used, for example, the software upgrade package needs to be purchased again for payment, and the like.

And B3, responding to the software upgrading package being in the validity period, and determining the first actual check value of the encrypted upgrading file.

And B4, determining the validity of the encrypted upgrade file according to the first actual check value and the theoretical check value of the encrypted upgrade file.

As an example, if the software upgrade package is within the validity period, it may be checked whether the encrypted upgrade file is a genuine encrypted upgrade file, at which time an actual check value of the encrypted upgrade file may be calculated, referred to herein as a first actual check value, e.g., calculating the md5 value of the encrypted upgrade file. And then, comparing the first actual check value with a theoretical check value of the encrypted upgrade file recorded in the plaintext information of the check point file, judging whether the first actual check value and the theoretical check value are consistent, if so, determining that the encrypted upgrade file is valid, otherwise, determining that the encrypted upgrade file is invalid, thus preventing a user from generating a false encrypted upgrade file to perform destructive operations.

In this embodiment, when verifying the validity of the encrypted upgrade file, S202 may be replaced by the following steps:

and responding to the validity of the encrypted upgrading file, and logging in the equipment to be upgraded by using the login information provided by the checkpoint file.

As an example, when it is determined that the encrypted upgrade file is valid, the device to be upgraded may be logged in using login information such as an account number, a password, and a port number provided by the checkpoint file. As another example, when it is determined that the encrypted upgrade file is invalid, the device to be upgraded stops logging in, and a prompt that the encrypted upgrade file is invalid is output to notify an upgrade person in time.

In the embodiment of the disclosure, the software upgrading packet is decompressed to obtain the encrypted upgrading file, the executable file and the checkpoint file, then the checkpoint file is used for verifying the encrypted upgrading file, and the validity of the encrypted upgrading file is determined, that is, the scheme of logging in the equipment to be upgraded is executed only when the encrypted upgrading file is valid, so that malicious attempts to log in the equipment to be upgraded can be avoided, and the data security of the equipment to be upgraded is effectively ensured.

Exemplarily, fig. 7 is a schematic flowchart of a software upgrading method according to a fourth embodiment of the present disclosure. As shown in fig. 7, in an embodiment of the present disclosure, before the step S203, the software upgrading method may further include the following steps:

s701, determining whether the copying process of the encrypted upgrade file and the executable file is finished.

In this embodiment, in order to improve the success rate of the software upgrading process in the device to be upgraded, the upgrade tool software may further check whether the copying process of the encrypted upgrade file and the executable file is erroneous after the copying process of the encrypted upgrade file and the executable file is finished. Thus, the upgrade tool software first needs to determine whether the copying process of the encrypted upgrade file and the executable file is finished, and perform verification of the copying process at the end of the copying process.

S702, responding to the end of the copying process, and calculating a second actual check value after the encrypted upgrading file is copied to the equipment to be upgraded.

As an example, when the upgrade tool software determines that the copying process is finished, the upgrade software tool may log in the device to be upgraded through a remote secure login protocol by using an account number, a password, and a port number obtained after decryption by the checkpoint file, and calculate a second actual verification value (md5 value) after the encrypted upgrade file is copied to the device to be upgraded.

And S703, determining whether the copying process is normal or not according to the second actual check value and the theoretical check value of the encrypted upgrade file.

Illustratively, the second actual check value can be compared with the theoretical check value of the encrypted upgrade file recorded in the plaintext information of the check point file, whether the second actual check value is consistent with the theoretical check value of the encrypted upgrade file is judged, if so, the copying process is determined to be normal, otherwise, the copying process is determined to be abnormal, illustratively, abnormal prompt information can be output, and the software upgrade equipment is prevented from executing upgrade operation by using the abnormal encrypted upgrade file, so that the success rate of the software upgrade process is improved to a certain extent.

Accordingly, in this embodiment, the above S204 can be implemented by the following steps:

and responding to the normal copying process, and executing the software upgrading process of the equipment to be upgraded by using the encrypted upgrading file and the executable file to obtain a software upgrading result.

As an example, when it is determined that the copying process is normal, the software upgrading process may be executed in the device to be upgraded by using the encrypted upgrade file and the executable file, for example, decompressing and decrypting the encrypted upgrade file by using the executable file, and running an upgrade script obtained by decompressing and decrypting, so as to execute the software upgrading process, and after the software upgrading process is executed, obtaining a software upgrading result.

In the embodiment of the disclosure, whether the copying process of the encrypted upgrade file and the executable file is finished is judged, when the copying process is finished, a second actual check value of the encrypted upgrade file copied to the equipment to be upgraded is calculated, whether the copying process is normal is determined according to the second actual check value and a theoretical check value of the encrypted upgrade file, and finally, when the copying process is normal, the software upgrading process of the equipment to be upgraded is executed by using the encrypted upgrade file and the executable file, so that a software upgrading result is obtained. According to the technical scheme, the software upgrading process is executed when the copying process is normal, the success rate of software upgrading can be improved, and the complexity of upgrading the equipment to be upgraded is reduced.

Optionally, in a possible example of the present disclosure, the software upgrading method may further include the following steps:

and C1, determining whether the software upgrading process of the device to be upgraded is completed based on the software upgrading result.

And C2, when the software upgrading process of the equipment to be upgraded is completed, detecting whether the running state of each service in the equipment to be upgraded is normal.

C3, responding to the normal running state of each service in the equipment to be upgraded, and outputting an upgrade success prompt.

According to the embodiments, the software upgrading result is that the software upgrading process is normal or abnormal. Thus, it is possible to determine whether the software upgrade process of the device to be upgraded is completed based on the software upgrade result.

As an example, when the software upgrading result is that the software upgrading process is abnormal, an incomplete software upgrading process of the device to be upgraded is determined, an incomplete upgrading process notification may be generated, and the incomplete upgrading process notification may be sent. Optionally, when the control device has a human-computer interaction interface, an upgrade failure prompt is displayed on the human-computer interaction interface, and when the control device has a voice playing function, the upgrade failure prompt may be played through the voice playing function.

As another example, when the software upgrading process is normal as a result of the software upgrading, it is determined that the software upgrading process of the device to be upgraded is completed, and at this time, it may be determined whether the software upgrading process is successful, for example, whether the software upgrading process is successful is determined by detecting whether the running states of the services in the device to be upgraded are normal.

Optionally, if various services in the device to be upgraded operate normally, it is determined that the software upgrading process is successful, and an upgrade success prompt is given, and if the device to be upgraded has abnormal (abnormal) service operation, an upgrade failure prompt is displayed on the human-computer interaction interface (at this time, the control device has a human-computer interaction interface) and/or the upgrade failure prompt is played through the voice playing function (at this time, the control device has a voice playing function).

It can be understood that the technical solutions provided by the embodiments of the present disclosure are automatically executed by the upgrade tool software in the control device, and when the checkpoint file is stored in the upgrade tool software by using the symmetric encryption and encryption/decryption keys, considering that if the upgrade tool software is decrypted by decompilation and the like, there is a certain security risk, at this time, the upgrade tool software can be protected by virtualization, shelling and other software, so that the upgrade tool software can be directly operated, but decompilation and decryption become extremely difficult, and thus the problem that the decryption key of the checkpoint file is leaked after the upgrade tool software is decrypted can be avoided, thereby avoiding the problem that the login information of the account, the password, the port number and the like of the device to be upgraded is leaked, and further ensuring the data security of the device to be upgraded.

Based on the technical solutions provided by the above embodiments of the present disclosure, a detailed description of the software upgrading process of the device to be upgraded is given below.

Exemplarily, fig. 8 is a flowchart illustrating a software upgrading method according to a fifth embodiment of the present disclosure. As shown in fig. 8, the flow of the software upgrading method may include: a login and connection section 801, a decompression and check section 802, an upload and upgrade section 803, and a status check section 804.

The login and connection part 801 may include the following steps:

s8011, account logging in.

When the device to be upgraded needs to be upgraded, when the user determines that the device to be upgraded and the control device are in the physical connection state, the user can open the upgrading tool software through the user interaction interface of the control device, log in the upgrading tool software through login information such as an account number, a password, a port number and the like, and execute S8012 after the verification is passed.

And S8012, entering an interface of the upgrading tool software.

S8013, the device connection state is continuously checked.

In this step, after the upgrade tool software continuously checks the device connection state (at this time, the device to be upgraded and the control device are in the connection state), S8014 and S8021 are respectively executed.

S8014, detecting whether the device is successfully connected; if so, S8015 is performed, and then S8014 is performed, otherwise, S8016 is performed.

And S8015, delaying for a preset time.

For example, the preset time period may be 1 second, 2 seconds or other time periods, which is not limited in this embodiment.

And S8016, outputting a state prompt.

Optionally, the decompressing and checking part 802 may include the following steps:

s8021, determining the selected software upgrading package;

s8022, decompressing a software upgrade package;

s8023, decrypting the check point file into a memory;

s8024, checking whether the MD5 and the validity period in the encrypted upgrade file meet the requirements, and if so, executing S8031; if not, go to S8025.

S8025, outputting the state prompt.

Optionally, the upload and upgrade section 803 may include the following steps:

s8031, uploading the encrypted upgrade file and the executable file to the equipment to be upgraded;

s8032, determining whether the MD5 of the encrypted upgrade file passes the verification, and if so, executing S8033 to S8035; if not, go to S8036.

S8033, decompressing, decrypting, encrypting and upgrading the file;

s8034, executing an upgrading script;

and S8035, judging whether the upgrading is finished, if so, turning to S8041, and if not, executing S8036.

S8036, outputting the state prompt.

Optionally, the status checking section 804 may include the steps of:

s8041, determining whether each service state of the equipment to be upgraded is normal, and if so, executing S8042; if not, go to S8043.

S8042, outputting an upgrade success prompt;

s8043, outputting the state prompt.

It is understood that, for the specific implementation of each step in this embodiment, reference may be made to the description in each embodiment, and details are not described herein.

Optionally, on the basis of the foregoing embodiments, fig. 9 is a schematic diagram of a security scheme in a software upgrading method provided by the embodiment of the present disclosure. As shown in fig. 9, in the present embodiment, the software upgrade package 91 may include: upgrade file 911, executable file 912, and checkpoint file 913 are encrypted.

On the basis of providing the asymmetric key B, the encrypted upgrade file 911 may be decompressed and decrypted by using the executable file 912, so as to obtain an upgrade file set 9111, an upgrade script 9112, and a check file 9113. It can be understood that, in the present embodiment, the encrypted upgrade file 911 is obtained by using an asymmetric encryption algorithm.

The checkpoint file 913 may be decrypted using the symmetric key a to obtain plaintext information of the checkpoint file 913, such as login information 9131, a validity period 9132 of the software upgrade package, and a theoretical verification value 9133 of the encrypted upgrade file.

The software upgrade package 91 may be executed by the plaintext upgrade tool software 92, but in order to avoid the plaintext upgrade tool software being cracked, the ciphertext upgrade tool software 93 may be obtained through virtualization and shell adding.

It can be understood that the schematic diagram shown in fig. 9 only shows a processing scheme for ensuring data security during a software upgrade process, and for a specific process of the scheme, reference may be made to the descriptions in the foregoing embodiments, which are not described herein again.

Fig. 10 is a schematic structural diagram of a software upgrading apparatus provided in an embodiment of the present disclosure. The software upgrading device provided by the embodiment may be the control device in fig. 1 or a device in the control device. As shown in fig. 10, a software upgrading apparatus 1000 provided by an embodiment of the present disclosure may include:

an obtaining unit 1001, configured to obtain a software upgrade package of a device to be upgraded, where the software upgrade package includes: encrypting the upgrade file, the executable file and the checkpoint file;

a login unit 1002, configured to log in the device to be upgraded by using login information in the checkpoint file;

a copying unit 1003, configured to copy the encrypted upgrade file and the executable file to the device to be upgraded;

and the upgrading unit 1004 is configured to execute the software upgrading process of the device to be upgraded by using the encrypted upgrading file and the executable file, so as to obtain a software upgrading result.

In one possible implementation of the present disclosure, the upgrade unit 1004 includes:

the analysis module is used for decompressing and decrypting the encrypted upgrade file by using the executable file to obtain an upgrade file set, an upgrade script and a check file;

the operation module is used for operating the upgrading script based on the upgrading file set and determining that each file in the upgrading file set is copied to a specified directory;

the calculation module is used for determining the actual check value of each file in the upgrade file set;

and the checking module is used for determining a software upgrading result according to the checking value of each file in the upgrading file set and the theoretical checking value of each file recorded in the checking file.

Wherein, the analysis module comprises:

the execution submodule is used for executing the decompression and decryption processes of the encrypted upgrade file by operating the executable file;

the obtaining submodule is used for inquiring in the equipment to be upgraded in the process of decompressing and decrypting the encrypted upgrade file to obtain a public key file of the encrypted upgrade file;

the verification submodule is used for verifying the public key file by utilizing a known private key file;

and the determining submodule is used for responding to that the public key file passes the verification and the decompression and decryption processes of the encrypted upgrade file are finished, and obtaining an upgrade file set, an upgrade script and a verification file which are included in the encrypted upgrade file.

In one possible implementation of the present disclosure, the software upgrading apparatus further includes:

a decompressing unit (not shown) for decompressing the software upgrade package to obtain the encrypted upgrade file, the executable file and the checkpoint file;

a first checking unit (not shown) for checking the encrypted upgrade file by using the checkpoint file to determine the validity of the encrypted upgrade file;

the login unit 1002 is specifically configured to log in the device to be upgraded by using login information provided by the checkpoint file in response to the encrypted upgrade file being valid.

Wherein, the first check unit includes:

a decryption module, configured to decrypt the checkpoint file, and obtain plaintext information in the checkpoint file, where the plaintext information includes: login information, the validity period of the software upgrading package and the theoretical verification value of the encrypted upgrading file;

the judging module is used for determining whether the software upgrading package is in the validity period;

the computing module is used for responding to the fact that the software upgrading package is within the validity period, and determining a first actual check value of the encrypted upgrading file;

and the verification module is used for determining the validity of the encrypted upgrade file according to the first actual verification value and the theoretical verification value of the encrypted upgrade file.

In one possible implementation of the present disclosure, the apparatus further includes:

a first decision unit (not shown) for determining whether the copying process of the encrypted upgrade file and the executable file is finished;

a calculating unit (not shown) for calculating a second actual verification value after the encrypted upgrade file is copied to the device to be upgraded in response to the end of the copying process;

a second checking unit (not shown) configured to determine whether the copying process is normal according to the second actual check value and the theoretical check value of the encrypted upgrade file;

the upgrading unit 1004 is specifically configured to, in response to that the copying process is normal, execute a software upgrading process of the device to be upgraded by using the encrypted upgrade file and the executable file, and obtain a software upgrading result.

the second judgment unit is used for determining whether the software upgrading process of the equipment to be upgraded is completed or not based on the software upgrading result;

the detection unit is used for responding to the completion of the software upgrading process of the equipment to be upgraded and detecting whether the running state of each service in the equipment to be upgraded is normal or not;

and the output unit is used for responding to the normal running state of each service in the equipment to be upgraded and outputting an upgrade success prompt.

The software upgrading apparatus provided in this embodiment may be configured to execute the software upgrading method executed by the control device in any method embodiment, and the implementation principle and the technical effect are similar, which are not described herein again.

The present disclosure also provides an electronic device, a readable storage medium, and a computer program product according to embodiments of the present disclosure.

According to an embodiment of the present disclosure, the present disclosure also provides a computer program product comprising: a computer program, stored in a readable storage medium, from which at least one processor of the electronic device can read the computer program, the at least one processor executing the computer program causing the electronic device to perform the solution provided by any of the embodiments described above.

FIG. 11 is a schematic block diagram of an example electronic device used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the disclosure described and/or claimed herein.

As shown in fig. 11, the device 1100 comprises a computing unit 1101, which may perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM)1102 or a computer program loaded from a storage unit 1108 into a Random Access Memory (RAM) 1103. In the RAM 1103, various programs and data necessary for the operation of the device 1100 may also be stored. The calculation unit 1101, the ROM 1102, and the RAM 1103 are connected to each other by a bus 1104. An input/output (I/O) interface 1105 is also connected to bus 1104.

A number of components in device 1100 connect to I/O interface 1105, including: an input unit 1106 such as a keyboard, a mouse, and the like; an output unit 1107 such as various types of displays, speakers, and the like; a storage unit 1108 such as a magnetic disk, optical disk, or the like; and a communication unit 1109 such as a network card, a modem, a wireless communication transceiver, and the like. The communication unit 1109 allows the device 1100 to exchange information/data with other devices through a computer network such as the internet and/or various telecommunication networks.

The computing unit 1101 can be a variety of general purpose and/or special purpose processing components having processing and computing capabilities. Some examples of the computing unit 1101 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various dedicated Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, and the like. The computing unit 1101 performs the various methods and processes described above, for example, a software upgrade method. For example, in some embodiments, the software upgrade method may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as storage unit 1108. In some embodiments, part or all of the computer program may be loaded and/or installed onto device 1100 via ROM 1102 and/or communication unit 1109. When the computer program is loaded into RAM 1103 and executed by the computing unit 1101, one or more steps of the software upgrade method described above may be performed. Alternatively, in other embodiments, the computing unit 1101 may be configured to perform the software upgrade method by any other suitable means (e.g., by means of firmware).

Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), Complex Programmable Logic Devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.

Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.

In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.

The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), and the Internet.

The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The Server can be a cloud Server, also called a cloud computing Server or a cloud host, and is a host product in a cloud computing service system, so as to solve the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service ("Virtual Private Server", or simply "VPS"). The server may also be a server of a distributed system, or a server incorporating a blockchain.

It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present disclosure may be executed in parallel, sequentially, or in different orders, as long as the desired results of the technical solutions disclosed in the present disclosure can be achieved, and the present disclosure is not limited herein.

The above detailed description should not be construed as limiting the scope of the disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the scope of protection of the present disclosure.

Claims

1. A software upgrade method, comprising:

2. The method of claim 1, wherein the executing the software upgrade process of the device to be upgraded by using the encrypted upgrade file and the executable file to obtain a software upgrade result comprises:

decompressing and decrypting the encrypted upgrade file by using the executable file to obtain an upgrade file set, an upgrade script and a check file;

running the upgrading script based on the upgrading file set, and determining that each file in the upgrading file set is copied to a specified directory;

determining an actual check value of each file in the upgrade file set;

and determining a software upgrading result according to the check value of each file in the upgrading file set and the theoretical check value of each file recorded in the check file.

3. The method of claim 2, wherein said decompressing and decrypting said encrypted upgrade file using said executable file resulting in a set of upgrade files, an upgrade script and a verification file comprises:

executing the decompression and decryption process of the encrypted upgrade file by running the executable file;

inquiring in the equipment to be upgraded in the process of decompressing and decrypting the encrypted upgrade file to obtain a public key file of the encrypted upgrade file;

verifying the public key file by using a known private key file;

and responding to the verification of the public key file and the end of the decompression and decryption processes of the encrypted upgrade file to obtain an upgrade file set, an upgrade script and a verification file which are included by the encrypted upgrade file.

4. The method according to any one of claims 1 to 3, further comprising, before said logging on the device to be upgraded with the login information in the checkpoint file:

decompressing the software upgrading packet to obtain the encrypted upgrading file, the executable file and the checkpoint file;

verifying the encrypted upgrade file by using the check point file to determine the validity of the encrypted upgrade file;

the logging in the equipment to be upgraded by using the logging in information in the check point file comprises the following steps:

and responding to the validity of the encrypted upgrading file, and logging in the equipment to be upgraded by using the login information provided by the check point file.

5. The method of claim 4, wherein said verifying the encrypted upgrade file with the checkpoint file to determine the validity of the encrypted upgrade file comprises:

decrypting the check point file to obtain plaintext information in the check point file, wherein the plaintext information comprises: login information, the validity period of the software upgrading package and the theoretical verification value of the encrypted upgrading file;

determining whether the software upgrade package is within a validity period;

determining a first actual verification value of the encrypted upgrade file in response to the software upgrade package being within a validity period;

and determining the validity of the encrypted upgrade file according to the first actual check value and the theoretical check value of the encrypted upgrade file.

6. The method of any of claims 1 to 5, further comprising, after said copying the encrypted upgrade file and the executable file into the device to be upgraded:

determining whether a copying process of the encrypted upgrade file and the executable file is finished;

responding to the end of the copying process, and calculating a second actual check value of the encrypted upgrading file copied to the equipment to be upgraded;

determining whether the copying process is normal or not according to the second actual check value and the theoretical check value of the encrypted upgrade file;

the executing the software upgrading process of the equipment to be upgraded by using the encrypted upgrading file and the executable file to obtain a software upgrading result comprises the following steps:

7. The method of any of claims 1 to 6, further comprising:

determining whether the software upgrading process of the equipment to be upgraded is completed or not based on the software upgrading result;

when the software upgrading process of the equipment to be upgraded is finished, detecting whether the running state of each service in the equipment to be upgraded is normal;

and responding to the normal running state of each service in the equipment to be upgraded, and outputting an upgrade success prompt.

8. A software upgrade apparatus comprising:

the device comprises an acquisition unit and a processing unit, wherein the acquisition unit is used for acquiring a software upgrading package of equipment to be upgraded, and the software upgrading package comprises: encrypting the upgrade file, the executable file and the checkpoint file;

9. The apparatus of claim 8, wherein the upgrade unit comprises:

10. The apparatus of claim 9, wherein the parsing module comprises:

and the determining submodule is used for responding to that the public key file passes the verification and the decompression and decryption processes of the encrypted upgrade file are finished, and obtaining an upgrade file set, an upgrade script and a verification file which are included by the encrypted upgrade file.

11. The apparatus of any of claims 8 to 10, further comprising:

the decompression unit is used for decompressing the software upgrading packet to obtain the encrypted upgrading file, the executable file and the check point file;

the first checking unit is used for checking the encrypted upgrading file by using the check point file and determining the validity of the encrypted upgrading file;

and the login unit is specifically used for responding to the validity of the encrypted upgrade file and logging in the equipment to be upgraded by using login information provided by the checkpoint file.

12. The apparatus of claim 11, wherein the first verification unit comprises:

13. The apparatus of any of claims 8 to 12, further comprising:

a first determination unit configured to determine whether a copying process of the encrypted upgrade file and the executable file is finished;

the computing unit is used for responding to the end of the copying process and computing a second actual check value after the encrypted upgrading file is copied to the equipment to be upgraded;

the second checking unit is used for determining whether the copying process is normal or not according to the second actual checking value and the theoretical checking value of the encrypted upgrade file;

and the upgrading unit is specifically used for responding to the normal copying process, and executing the software upgrading process of the equipment to be upgraded by using the encrypted upgrading file and the executable file to obtain a software upgrading result.

14. The apparatus of any of claims 8 to 13, further comprising:

the second judgment unit is used for determining whether the software upgrading process of the equipment to be upgraded is finished or not based on the software upgrading result;

15. An electronic device, comprising:

at least one processor; and

the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1 to 7.

16. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method of any one of claims 1 to 7.

17. A computer program product comprising a computer program which, when executed by a processor, carries out the steps of the method of any one of claims 1 to 7.