CN116032484A - Method and device for safely starting communication equipment and electronic equipment - Google Patents
Method and device for safely starting communication equipment and electronic equipment Download PDFInfo
- Publication number
- CN116032484A CN116032484A CN202211579002.1A CN202211579002A CN116032484A CN 116032484 A CN116032484 A CN 116032484A CN 202211579002 A CN202211579002 A CN 202211579002A CN 116032484 A CN116032484 A CN 116032484A
- Authority
- CN
- China
- Prior art keywords
- hash value
- public key
- signature
- signed entity
- content
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The embodiment of the invention discloses a method and a device for safely starting communication equipment and electronic equipment. The embodiment of the invention obtains the first public key, the first pre-stored hash value, the first signature and the content of the signed entity; determining that initial security verification is successful according to the first public key, the first pre-stored hash value, the first signature and the content of the signed entity; acquiring at least one group of a second public key, a second pre-stored hash value and a second signature; and determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature content and the content of the signed entity, and starting the signed entity. By the method, the signed entity is started after at least two times of security verification, so that the security of the communication equipment of the signed entity in the use process can be improved.
Description
Technical Field
The present invention relates to the field of data processing technologies, and in particular, to a method and an apparatus for securely starting a communication device, and an electronic device.
Background
With the development of technology, a large number of communication devices are required in the communication process, and due to the specificity of the communication devices, when a telecom operator purchases communication devices such as Radio Units (RU) from a communication device provider, a large number of RU devices are exposed and installed in an outdoor public space, and due to the complex and changeable installation environment and operation environment of the communication devices, the telecom operator cannot monitor the external state of the external communication devices anytime and anywhere, so that the situations that the communication devices are illegally invaded or illegal firmware or software is operated may occur.
In the prior art, in order to ensure the security of a communication device, the integrity and correctness of firmware or software in RU devices are checked by a Secure Boot (Secure Boot) technique, for example, a digital signature is first added to the firmware or software, and then the encrypted firmware or software is decrypted and checked, so as to ensure that the communication device is not damaged or tampered by illegal intrusion. Specifically, the digital signature may be implemented by a built-in digital signature of a main control chip of the communication device, but considering that the service life of the communication device is generally longer than 10 years, a main control chip signature technology loophole may occur during the period, personnel variation may also occur, and the situation of digital signature key leakage and the like may result, so that the communication device has lower security in a longer service life.
In summary, how to improve the security of the communication device is a problem to be solved at present.
Disclosure of Invention
In view of this, the embodiments of the present invention provide a method, an apparatus, and an electronic device for securely starting a communication device, which can improve the security of the communication device in the use process.
In a first aspect, an embodiment of the present invention provides a method for securely starting up a communication device, where the method includes:
acquiring a first public key, a first pre-stored hash value, a first signature and the content of a signed entity;
determining that initial security verification is successful according to the first public key, the first pre-stored hash value, the first signature and the content of the signed entity;
acquiring at least one group of a second public key, a second pre-stored hash value and a second signature;
and determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature content and the content of the signed entity, and starting the signed entity.
Optionally, the determining that the initial security check is successful according to the first public key, the first pre-stored hash value, the first signature and the content of the signed entity includes:
acquiring a first public key and a first pre-stored hash value, wherein the first public key is stored in a signature part of a signed entity;
determining a first hash value according to the first public key;
acquiring a first signature in response to the first hash value being the same as the first pre-stored hash value;
performing RSA check calculation on the first signature and the first public key to obtain a first check hash value;
calculating a first current hash value of the signed entity according to the content of the signed entity;
and in response to the first current hash value being the same as the first verification hash value, initially verifying successfully.
Optionally, the determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature and the content of the signed entity, and starting the signed entity, includes:
acquiring a second public key and a second pre-stored hash value, wherein the second public key is stored in a signature part of the signed entity;
determining a second hash value according to the second public key;
acquiring a second signature in response to the second hash value being the same as the second pre-stored hash value;
performing RSA verification calculation on the second signature content and the second public key to obtain a second verification hash value;
calculating a second current hash value of the signed entity according to the content of the signed entity;
and responding to the fact that the second current hash value is the same as the second verification hash value, and finally, successfully verifying, and safely starting the signed entity.
Optionally, the first public key is an internal public key or an external public key, and the second public key is an external public key.
Optionally, in response to the first public key being a built-in public key, the first pre-stored hash value is read from an eFUSE through a dedicated secure interface, wherein the eFUSE is a memory of built-in secure hardware; or alternatively, the process may be performed,
and in response to the first public key being an external public key, the first pre-stored hash value is read from the trusted platform module through a special security interface.
Optionally, the calculating the first current hash value of the signed entity specifically includes:
and acquiring the content of the signed entity, performing hash calculation according to the content of the signed entity, and determining a first current hash value of the signed entity.
Optionally, the calculating the second current hash value of the signed entity specifically includes:
and acquiring the content of the signed entity, performing hash calculation according to the content of the signed entity, and determining a second current hash value of the signed entity.
In a second aspect, an embodiment of the present invention provides an apparatus for securely starting a communication device, where the apparatus includes:
a first obtaining unit, configured to obtain a first public key, a first pre-stored hash value, a first signature, and content of a signed entity;
a first determining unit, configured to determine that an initial security check is successful according to the first public key, the first pre-stored hash value, the first signature, and the content of the signed entity;
the second acquisition unit is used for acquiring at least one group of second public keys, second pre-stored hash values and second signatures;
and the second determining unit is used for determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature content and the content of the signed entity, and starting the signed entity.
Optionally, the first determining unit is specifically configured to:
acquiring a first public key and a first pre-stored hash value, wherein the first public key is stored in a signature part of a signed entity;
determining a first hash value according to the first public key;
acquiring a first signature in response to the first hash value being the same as the first pre-stored hash value;
performing RSA check calculation on the first signature and the first public key to obtain a first check hash value;
calculating a first current hash value of the signed entity according to the content of the signed entity;
and in response to the first current hash value being the same as the first verification hash value, initially verifying successfully.
Optionally, the second determining unit is specifically configured to:
acquiring a second public key and a second pre-stored hash value, wherein the second public key is stored in a signature part of the signed entity;
determining a second hash value according to the second public key;
acquiring a second signature in response to the second hash value being the same as the second pre-stored hash value;
performing RSA verification calculation on the second signature and the second public key to obtain a second verification hash value;
calculating a second current hash value of the signed entity according to the content of the signed entity;
and responding to the fact that the second current hash value is the same as the second verification hash value, and finally, successfully verifying, and safely starting the signed entity.
Optionally, the first public key is an internal public key or an external public key, and the second public key is an external public key.
Optionally, in response to the first public key being a built-in public key, the first pre-stored hash value is read from an eFUSE through a dedicated secure interface, wherein the eFUSE is a memory of built-in secure hardware; or alternatively, the process may be performed,
and in response to the first public key being an external public key, the first pre-stored hash value is read from the trusted platform module through a special security interface.
Optionally, the first determining unit is specifically further configured to:
and acquiring the content of the signed entity, performing hash calculation according to the content of the signed entity, and determining a first current hash value of the signed entity.
Optionally, the second determining unit is specifically further configured to:
and acquiring the content of the signed entity, performing hash calculation according to the content of the signed entity, and determining a second current hash value of the signed entity.
In a third aspect, embodiments of the present invention provide a computer readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement a method as in the first aspect or any of the possibilities of the first aspect.
In a fourth aspect, an embodiment of the present invention provides an electronic device comprising a memory and a processor, the memory storing one or more computer program instructions, wherein the one or more computer program instructions are executable by the processor to implement the method of the first aspect or any one of the possibilities of the first aspect.
The embodiment of the invention obtains the first public key, the first pre-stored hash value, the first signature and the content of the signed entity; determining that initial security verification is successful according to the first public key, the first pre-stored hash value, the first signature and the content of the signed entity; acquiring at least one group of a second public key, a second pre-stored hash value and a second signature; and determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature content and the content of the signed entity, and starting the signed entity. By the method, the signed entity is started after at least two times of security verification, so that the security of the communication equipment of the signed entity in the use process can be improved.
Drawings
The above and other objects, features and advantages of the present invention will become more apparent from the following description of embodiments of the present invention with reference to the accompanying drawings, in which:
fig. 1 is a schematic structural view of an RU device of the prior art;
fig. 2 is a schematic structural diagram of an RU device according to an embodiment of the present invention;
FIG. 3 is a flow chart of a method for secure booting of a communication device in accordance with an embodiment of the invention;
FIG. 4 is a flow chart of another method for secure booting of a communication device in accordance with an embodiment of the invention;
FIG. 5 is a flow chart of a method for secure booting of a communication device in accordance with an embodiment of the invention;
FIG. 6 is a flow chart of a method of signed entity production in accordance with an embodiment of the present invention;
FIG. 7 is a schematic diagram of an apparatus for secure initiation of a communication device according to an embodiment of the present invention;
fig. 8 is a schematic diagram of an electronic device according to an embodiment of the invention.
Detailed Description
The present disclosure is described below based on examples, but the present disclosure is not limited to only these examples. In the following detailed description of the present disclosure, certain specific details are set forth in detail. The present disclosure may be fully understood by those skilled in the art without a review of these details. Well-known methods, procedures, flows, components and circuits have not been described in detail so as not to obscure the nature of the disclosure.
Moreover, those of ordinary skill in the art will appreciate that the drawings are provided herein for illustrative purposes and that the drawings are not necessarily drawn to scale.
Unless the context clearly requires otherwise, the words "comprise," "comprising," and the like throughout the application are to be construed as including but not being exclusive or exhaustive; that is, it is the meaning of "including but not limited to".
In the description of the present disclosure, it is to be understood that the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. Furthermore, in the description of the present disclosure, unless otherwise indicated, the meaning of "a plurality" is two or more.
In general, in the prior art, in order to ensure the security of a communication device, the integrity and correctness of firmware or software in an RU device are verified by a Secure Boot (Secure Boot) technology, specifically, a schematic structural diagram of a first RU device in the prior art is shown in fig. 1, where the first RU device includes firmware or software 101 and a main control chip 102, where the firmware or software 101 includes a signature part, the signature part includes a built-in public key and a first signature, the main control chip 102 includes built-in Secure hardware and eFUSEs, and the built-in Secure hardware stores a Hash (Hash) value of the built-in public key used by the signature part in an eFUSE area of the main control chip, where the Hash (Hash) value is written by a provider of the main control chip during production and cannot be modified later. When the firmware or software performs security verification, firstly, a main control chip reads a signature part of the firmware or software, a built-in public key is taken out and then a Hash value is calculated by built-in security hardware, the Hash value stored in advance in eFUSEs is read through a special security interface, the calculated Hash value of the built-in security hardware is compared with the Hash value stored in advance in the eFUSEs, if the calculated Hash value is consistent with the Hash value stored in advance in the eFUSEs, RSA verification calculation is performed on a first signature and the built-in public key through the built-in security hardware, then the Hash value generated by the firmware or the software is compared with the Hash value obtained by the RSA verification calculation, and if the calculated Hash value is consistent with the Hash value, the security verification is successful (can also be called verification). In the prior art, the communication equipment is not damaged or tampered by illegal invasion through the method, but considering that the service life of the communication equipment is generally longer than 10 years, the main control chip signature technology loopholes can occur during the period, personnel variation can also occur, and the conditions of leakage of a digital signature key (such as a built-in public key or a private key for generating the built-in public key) and the like can be caused, so that the communication equipment has lower safety in a longer service life. In summary, how to improve the security of the communication device is a problem to be solved at present.
In order to further improve the security level of the communication device and meet the security requirement of the communication device on the service life, a dual-authentication method is adopted to effectively improve the security level of the device, specifically, a structure diagram of a second RU device with dual signature firmware or software is designed, which is generated on the basis of the dual signature firmware or software, is shown in fig. 2, the second RU device comprises firmware or software 201, a main control chip 202 and a trusted platform module (Trusted Platform Module, TPM) 203, wherein the firmware or software 201 comprises a signature part, the signature part comprises an internal public key, a first signature, an external public key and a second signature, the main control chip 202 comprises internal security hardware and an efe, the main control chip 203 comprises external security hardware and an encrypted Hash storage area of the external public key, the dual-authentication is performed on the basis, and the secure startup of the RU device is performed after the authentication is successful.
In the embodiment of the present invention, the signature part is stored in any part of the head, tail or middle of the content of the firmware or software, which is not limited by the embodiment of the present invention.
In the embodiment of the present invention, the firmware or the software may also be referred to as a signed entity, where the firmware may be application firmware of an operating system, firmware configured by a chip, and the software may be start-up software, software of an operating system, and the like, and the embodiment of the present invention is not limited to this.
In the embodiment of the present invention, fig. 3 is a flowchart of a method for securely starting up a communication device in the embodiment of the present invention. As shown in fig. 3, the method specifically comprises the following steps:
step S300, a first public key, a first pre-stored hash value, a first signature and the content of a signed entity are obtained.
Specifically, when the first public key is a built-in public key, the first pre-stored hash value is generated through hash calculation according to the first public key, and the first pre-stored hash value is stored in an eFUSE area of the main control chip.
In one possible implementation manner, the first public key is an internal public key or an external public key, and when the first public key is the internal public key, the first public key and the first signature correspond to a main control chip, and the first pre-stored hash value is stored in an eFUSE area of the main control chip; when the first public key is an external public key, the first public key and the first signature correspond to a TPM, and the first pre-stored Hash value is stored in an encrypted external public key Hash storage area of the TPM.
Step S301, determining that the initial security check is successful according to the first public key, the first pre-stored hash value, the first signature and the content of the signed entity.
Specifically, the determining that the initial security check is successful according to the first public key, the first pre-stored hash value, the first signature and the content of the signed entity includes the following steps, as shown in fig. 4:
step S3011, obtaining a first public key and a first pre-stored hash value, where the first public key is stored in a signature part of the signed entity.
Specifically, in response to the first public key being a built-in public key, the built-in security hardware of the main control chip reads a first pre-stored hash value in the eFUSE area through a special security interface, wherein the first pre-stored hash value is obtained by the first public key according to hash calculation.
Step S3012, determining a first hash value according to the first public key.
Specifically, the first public key determines a first hash value through hash calculation.
Step S3013, acquiring a first signature in response to the first hash value being the same as the first pre-stored hash value.
In one possible implementation, if the first hash value and the first pre-stored hash value are different, the verification fails.
Step S3014, performing RSA verification calculation on the first signature and the first public key, to obtain a first verification hash value.
Step S3015, calculating a first current hash value of the signed entity according to the content of the signed entity.
Specifically, the content of the signed entity is obtained, hash calculation is performed according to the content of the signed entity, and the first current hash value of the signed entity is determined.
Step S3016, in response to the first current hash value being the same as the first check hash value, the initial check is successful.
In one possible implementation, if the first hash value and the first check hash value are different, the check fails.
In the embodiment of the present invention, the initial verification is completed in steps S3011 to S3016, and the verification is successfully performed at least once.
Step S302, at least one set of second public key, second pre-stored hash value and second signature are obtained.
Specifically, when the second public key is an external public key, the second pre-stored Hash value is generated through Hash calculation according to the second public key, and the second pre-stored Hash value is stored in an encrypted external public key Hash storage area of the TPM.
Step 303, determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature and the content of the signed entity, and starting the signed entity.
Specifically, the determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature and the content of the signed entity, and starting the signed entity, includes the following steps, as shown in fig. 5:
step S3031, a second public key and a second pre-stored hash value are obtained, wherein the second public key is stored in the signature part of the signed entity.
Specifically, in response to the second public key being an external public key, the external secure hardware of the TPM obtains a second pre-stored Hash value in the encrypted external public key Hash save area through secure TPM access, where the second pre-stored Hash value is obtained by Hash calculation of the second public key.
Step S3032, determining a second hash value according to the second public key.
Specifically, the second public key determines a second hash value through hash calculation.
Step S3033, a second signature is obtained in response to the second hash value being the same as the second pre-stored hash value.
In one possible implementation, if the second hash value and the second pre-stored hash value are different, the verification fails.
And step S3034, RSA verification calculation is carried out on the second signature content and the second public key to obtain a second verification hash value.
Step S3035, a second current hash value of the signed entity is calculated according to the content of the signed entity.
Specifically, the content of the signed entity is obtained, hash calculation is performed according to the content of the signed entity, and a second current hash value of the signed entity is determined.
Step S3036, in response to the second current hash value being the same as the second verification hash value, the final verification is successful, and the signed entity is started safely.
In one possible implementation, if the second hash value and the second verification hash value are different, verification fails.
In the embodiment of the present invention, the step S3031 to the step S3036 complete the re-verification, and the verification is successful and the verification is continued to be performed at least once, or the signed entity is started safely.
In the embodiment of the invention, if verification fails, that is, the secure start cannot be performed, the signed entity is proved to be possibly tampered or harmful firmware or software.
In one possible implementation, the second signature may be used to verify whether the user has authorization to use certain functions, if the same communication device is distributed to different operators, but the operators may be distributed with different firmware or software of the second signature to distinguish whether the communication device is authorized or purchases certain sets of functions when running, considering that different operators have different requirements or different purchases.
In one possible implementation, in response to the first public key being a built-in public key, the first pre-stored hash value is read from eFUSEs through a dedicated secure interface, wherein the eFUSEs are memories of built-in secure hardware; or, in response to the first public key being an external public key, the first pre-stored hash value is read from the trusted platform module through a dedicated secure interface.
In the embodiment of the present invention, since the communication device needs to perform double-authentication, a signed entity (firmware or software) included in the communication device needs to be generated in advance, and fig. 6 is a flowchart of a method for producing a signed entity in the embodiment of the present invention. As shown in fig. 6, the method specifically comprises the following steps:
step S600, a certification authority (Certification Authority, CA) server generates two groups of independent key pairs, wherein one group of the two groups of independent key pairs is an internal key pair, the internal key pair comprises an internal public key and an internal private key, the other group of the two groups of independent key pairs is an external key pair, and the external key pair comprises an external public key and an external private key.
Specifically, the built-in key is used for generating a first signature, the external key is used for generating a second signature, and the two independent key pairs are stored on the CA server to be kept secret.
Step S601, calculating an external public key hash value through the external public key, and simultaneously calculating an internal public key hash value through the internal public key.
Specifically, the external public key generates an external public key Hash value through Hash calculation, the internal public key generates an internal public key Hash value through Hash calculation, and the external public key Hash value and the internal public key Hash value are stored on the CA server to keep secret.
Step S602, calculating an RSA signature of the signed entity using the external private key, and attaching the RSA signature to the location of the second signature, and simultaneously, calculating an RSA signature of the signed entity using the internal private key, and attaching the RSA signature to the location of the first signature.
In one possible implementation manner, the method further includes burning the external public key Hash value obtained by calculating the external public key into an eFUSE area of the main control chip, and burning the internal public key Hash value obtained by calculating the internal public key into an encrypted external public key Hash storage area of the TPM.
In the embodiment of the present invention, besides the above-mentioned communication device for generating double-authentication, a communication device for three or more authentications may be generated, which is not limited by the embodiment of the present invention.
Fig. 7 is a schematic diagram of an apparatus for securely starting up a communication device according to an embodiment of the present invention. As shown in fig. 7, the apparatus of the present embodiment includes a first acquisition unit 701, a first determination unit 702, a second acquisition unit 703, and a second determination unit 704.
The first obtaining unit 701 is configured to obtain a first public key, a first pre-stored hash value, a first signature, and content of a signed entity; a first determining unit 702, configured to determine that an initial security check is successful according to the first public key, the first pre-stored hash value, the first signature, and the content of the signed entity; a second obtaining unit 703, configured to obtain at least one set of a second public key, a second pre-stored hash value, and a second signature; a second determining unit 704, configured to determine that the final security check is successful according to the second public key, the second pre-stored hash value, the second signed content, and the content of the signed entity, and start the signed entity.
Further, the first determining unit is specifically configured to:
acquiring a first public key and a first pre-stored hash value, wherein the first public key is stored in a signature part of a signed entity;
determining a first hash value according to the first public key;
acquiring a first signature in response to the first hash value being the same as the first pre-stored hash value;
performing RSA check calculation on the first signature and the first public key to obtain a first check hash value;
calculating a first current hash value of the signed entity according to the content of the signed entity;
and in response to the first current hash value being the same as the first verification hash value, initially verifying successfully.
Further, the second determining unit is specifically configured to:
acquiring a second public key and a second pre-stored hash value, wherein the second public key is stored in a signature part of the signed entity;
determining a second hash value according to the second public key;
acquiring a second signature in response to the second hash value being the same as the second pre-stored hash value;
performing RSA verification calculation on the second signature and the second public key to obtain a second verification hash value;
calculating a second current hash value of the signed entity according to the content of the signed entity;
and responding to the fact that the second current hash value is the same as the second verification hash value, and finally, successfully verifying, and safely starting the signed entity.
Further, the first public key is an internal public key or an external public key, and the second public key is an external public key.
Further, in response to the first public key being a built-in public key, the first pre-stored hash value is read from eFUSEs through a dedicated secure interface, wherein the eFUSEs are memories of built-in secure hardware; or alternatively, the process may be performed,
and in response to the first public key being an external public key, the first pre-stored hash value is read from the trusted platform module through a special security interface.
Further, the first determining unit is specifically further configured to:
and acquiring the content of the signed entity, performing hash calculation according to the content of the signed entity, and determining a first current hash value of the signed entity.
Further, the second determining unit is specifically further configured to:
and acquiring the content of the signed entity, performing hash calculation according to the content of the signed entity, and determining a second current hash value of the signed entity.
Fig. 8 is a schematic diagram of an electronic device according to an embodiment of the invention. As shown in fig. 8, the electronic device shown in fig. 8 is a device for securely starting up a communication device, and includes a general-purpose computer hardware structure including at least a processor 801 and a memory 802. The processor 801 and the memory 802 are connected by a bus 803. The memory 802 is adapted to store instructions or programs executable by the processor 801. The processor 801 may be a stand-alone microprocessor or may be a set of one or more microprocessors. Thus, the processor 801 performs the process of processing data and control of other devices by executing instructions stored in the memory 802, thereby performing the method flow of the embodiment of the present invention as described above. The bus 803 connects the above-described components together, while connecting the above-described components to a display controller 804 and a display device and an input/output (I/O) device 805. Input/output (I/O) devices 805 may be a mouse, keyboard, modem, network interface, touch input device, somatosensory input device, printer, and other devices known in the art. Typically, the input/output devices 805 are connected to the system through input/output (I/O) controllers 806.
Wherein the instructions stored by the memory 802 are executable by the at least one processor 801 to implement: acquiring a first public key, a first pre-stored hash value, a first signature and the content of a signed entity; determining that initial security verification is successful according to the first public key, the first pre-stored hash value, the first signature and the content of the signed entity; acquiring at least one group of a second public key, a second pre-stored hash value and a second signature; and determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature content and the content of the signed entity, and starting the signed entity.
Specifically, the electronic device includes: one or more processors 801, and memory 802, fig. 8 illustrates one processor 801. The processor 801, the memory 802 may be connected by a bus or other means, for example in fig. 8. Memory 802, as a non-volatile computer-readable storage medium, may be used to store non-volatile software programs, non-volatile computer-executable programs, and modules. The processor 801 executes various functional applications of the device and data processing, i.e., a method of implementing the secure booting of the communication device, by running non-volatile software programs, instructions and modules stored in the memory 802.
Memory 802 may include a storage program area that may store an operating system, at least one application program required for functionality, and a storage data area; the storage data area may store a list of options, etc. In addition, memory 802 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some embodiments, memory 802 may optionally include memory located remotely from processor 801, which may be connected to an external device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
One or more modules are stored in the memory 802 that, when executed by the one or more processors 801, perform the method of securely booting a communication device in any of the method embodiments described above.
The product may perform the method provided by the embodiment of the present application, and have corresponding functional modules and beneficial effects of the performing method, and technical details not described in detail in the embodiment of the present application may be referred to the method provided by the embodiment of the present application.
Embodiments of the present invention relate to a non-volatile storage medium for storing a computer-readable program for causing a computer to execute some or all of the above-described method embodiments.
That is, it will be understood by those skilled in the art that all or part of the steps in implementing the methods of the embodiments described above may be implemented by a program stored in a storage medium, where the program includes several instructions for causing a device (which may be a single-chip microcomputer, a chip or the like) or a processor (processor) to perform all or part of the steps in the methods of the embodiments described herein. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
It will be understood by those of ordinary skill in the art that the foregoing embodiments are specific examples of carrying out the invention and that various changes in form and details may be made therein without departing from the spirit and scope of the invention.
Claims (10)
1. A method for secure initiation of a communication device, the method comprising:
acquiring a first public key, a first pre-stored hash value, a first signature and the content of a signed entity;
determining that initial security verification is successful according to the first public key, the first pre-stored hash value, the first signature and the content of the signed entity;
acquiring at least one group of a second public key, a second pre-stored hash value and a second signature;
and determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature content and the content of the signed entity, and starting the signed entity.
2. The method of claim 1, wherein said determining that initial security check was successful based on the first public key, the first pre-stored hash value, the first signature, and the content of the signed entity comprises:
acquiring a first public key and a first pre-stored hash value, wherein the first public key is stored in a signature part of a signed entity;
determining a first hash value according to the first public key;
acquiring a first signature in response to the first hash value being the same as the first pre-stored hash value;
performing RSA check calculation on the first signature and the first public key to obtain a first check hash value;
calculating a first current hash value of the signed entity according to the content of the signed entity;
and in response to the first current hash value being the same as the first verification hash value, initially verifying successfully.
3. The method of claim 1, wherein said determining that a final security check was successful based on the second public key, the second pre-stored hash value, the second signature, and the content of the signed entity, initiating the signed entity, has comprising:
acquiring a second public key and a second pre-stored hash value, wherein the second public key is stored in a signature part of the signed entity;
determining a second hash value according to the second public key;
acquiring a second signature in response to the second hash value being the same as the second pre-stored hash value;
performing RSA verification calculation on the second signature and the second public key to obtain a second verification hash value;
calculating a second current hash value of the signed entity according to the content of the signed entity;
and responding to the fact that the second current hash value is the same as the second verification hash value, and finally, successfully verifying, and safely starting the signed entity.
4. The method of claim 1, wherein the first public key is an internal public key or an external public key and the second public key is an external public key.
5. The method of claim 4, wherein in response to the first public key being a built-in public key, the first pre-stored hash value is read from eFUSEs via a dedicated secure interface, wherein the eFUSEs are memory of built-in secure hardware; or alternatively, the process may be performed,
and in response to the first public key being an external public key, the first pre-stored hash value is read from the trusted platform module through a special security interface.
6. The method according to claim 2, wherein said calculating a first current hash value of said signed entity, in particular comprises:
and acquiring the content of the signed entity, performing hash calculation according to the content of the signed entity, and determining a first current hash value of the signed entity.
7. A method according to claim 3, wherein said calculating a second current hash value of said signed entity comprises:
and acquiring the content of the signed entity, performing hash calculation according to the content of the signed entity, and determining a second current hash value of the signed entity.
8. An apparatus for secure initiation of a communication device, the apparatus comprising:
a first obtaining unit, configured to obtain a first public key, a first pre-stored hash value, a first signature, and content of a signed entity;
a first determining unit, configured to determine that an initial security check is successful according to the first public key, the first pre-stored hash value, the first signature, and the content of the signed entity;
the second acquisition unit is used for acquiring at least one group of second public keys, second pre-stored hash values and second signatures;
and the second determining unit is used for determining that the final security check is successful according to the second public key, the second pre-stored hash value, the second signature content and the content of the signed entity, and starting the signed entity.
9. A computer readable storage medium, on which computer program instructions are stored, which computer program instructions, when executed by a processor, implement the method of any of claims 1-7.
10. An electronic device comprising a memory and a processor, wherein the memory is configured to store one or more computer program instructions, wherein the one or more computer program instructions are executed by the processor to implement the method of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211579002.1A CN116032484A (en) | 2022-12-07 | 2022-12-07 | Method and device for safely starting communication equipment and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211579002.1A CN116032484A (en) | 2022-12-07 | 2022-12-07 | Method and device for safely starting communication equipment and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116032484A true CN116032484A (en) | 2023-04-28 |
Family
ID=86080386
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211579002.1A Pending CN116032484A (en) | 2022-12-07 | 2022-12-07 | Method and device for safely starting communication equipment and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116032484A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117193863A (en) * | 2023-09-08 | 2023-12-08 | 上海合芯数字科技有限公司 | Method, device, system and processor for starting host bootstrap program |
-
2022
- 2022-12-07 CN CN202211579002.1A patent/CN116032484A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117193863A (en) * | 2023-09-08 | 2023-12-08 | 上海合芯数字科技有限公司 | Method, device, system and processor for starting host bootstrap program |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11637707B2 (en) | System and method for managing installation of an application package requiring high-risk permission access | |
| CN109710315B (en) | BIOS (basic input output System) flash writing method and BIOS mirror image file processing method | |
| US11861372B2 (en) | Integrity manifest certificate | |
| US7725703B2 (en) | Systems and methods for securely booting a computer with a trusted processing module | |
| CN109714303B (en) | BIOS starting method and data processing method | |
| US20130055335A1 (en) | Security enhancement methods and systems | |
| JPH10282884A (en) | Data processing method and its system | |
| CN106156635A (en) | Method for starting terminal and device | |
| CN106355081A (en) | Android program start verification method and device | |
| WO2017133559A1 (en) | Secure boot method and device | |
| JP2023512428A (en) | Using hardware enclaves to protect commercial off-the-shelf program binaries from theft | |
| US20090287917A1 (en) | Secure software distribution | |
| CN110795126A (en) | Firmware safety upgrading system | |
| JP5861597B2 (en) | Authentication system and authentication method | |
| KR102063033B1 (en) | User terminal for using cloud service, integrated security management server of user terminal and method thereof | |
| KR20170089352A (en) | Firmware integrity verification for performing the virtualization system | |
| CN108345805B (en) | Method and device for verifying firmware | |
| CN112511306A (en) | Safe operation environment construction method based on mixed trust model | |
| CN112148314A (en) | Mirror image verification method, device, equipment and storage medium of embedded system | |
| CN116032484A (en) | Method and device for safely starting communication equipment and electronic equipment | |
| CN106372523B (en) | Modem file security protection method and system | |
| CN116956240A (en) | Bypass Google safe net authentication method and related components | |
| CN116561734A (en) | Verification method, verification device, computer and computer configuration system | |
| CN112861137A (en) | Secure firmware | |
| CN112579374B (en) | System and method for secure debugging of embedded device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |