CN116248282A - Firmware downloading method, electronic device, encryption machine and computer readable storage medium - Google Patents
Firmware downloading method, electronic device, encryption machine and computer readable storage medium Download PDFInfo
- Publication number
- CN116248282A CN116248282A CN202211535930.8A CN202211535930A CN116248282A CN 116248282 A CN116248282 A CN 116248282A CN 202211535930 A CN202211535930 A CN 202211535930A CN 116248282 A CN116248282 A CN 116248282A
- Authority
- CN
- China
- Prior art keywords
- firmware
- license
- key
- download
- control device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000003860 storage Methods 0.000 title claims abstract description 22
- 238000009826 distribution Methods 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 5
- 238000012546 transfer Methods 0.000 claims description 3
- 238000004519 manufacturing process Methods 0.000 abstract description 22
- 230000000694 effects Effects 0.000 abstract description 4
- 238000004891 communication Methods 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000006399 behavior Effects 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000001010 compromised effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides a firmware downloading method, an encryption machine and a computer readable storage medium, and relates to the technical field of firmware protection; the control device checks whether the first license meets the downloading condition; under the condition that the first license meets the downloading condition, the control device encrypts the firmware by using the public key of the downloading key to obtain a firmware downloading package; the control means sends the firmware download package to the smart device so that the smart device can decrypt the firmware download package using the private key of the download key to obtain the firmware. The firmware downloading method can be applied to the intelligent equipment industry, effectively constrains the production side of intelligent equipment, and has the effects of good safety and good controllability.
Description
Technical Field
The present disclosure relates to the field of firmware protection, and in particular, to a firmware downloading method, an electronic device, an encryptor, and a computer readable storage medium.
Background
Currently, in the smart device industry, a consignor often needs to consignee an external factory to produce a device, and intellectual property such as firmware or software of the device belongs to the consignor, but needs to download the device in a trusted external factory.
In order to protect intellectual property rights of trusted parties, some intelligent devices currently on the market use a security chip as a master. Secure chips typically use a fixed symmetric key to enable encrypted downloads of firmware that can be protected from leakage. But the controllability of the scheme is still low, and economic losses are caused to the consignor.
Accordingly, there is a need for an improved firmware download scheme to improve upon the above-described technical problems.
Disclosure of Invention
Accordingly, an objective of the present invention is to provide a method and apparatus for downloading firmware with security and controllability, so as to improve the above technical problems.
In a first aspect, an embodiment of the present invention provides a firmware downloading method, including: the control device receives a public key of a download key, and a private key of the download key is held by the intelligent equipment; the control device checks whether a first license is in accordance with a download condition, wherein the first license is issued to the control device by an owner of the firmware, and the first license is at least used for indicating the download times or valid time limits of the firmware which the control device is allowed to download for the intelligent device; when the first license meets the download condition, the control device encrypts the firmware by using the public key of the download key to obtain a firmware download package; the control device sends the firmware download package to the intelligent device, so that the intelligent device can decrypt the firmware download package by using the private key of the download key to obtain the firmware.
With reference to the first aspect, an embodiment of the present invention provides a first possible implementation manner of the first aspect, where before the step of checking, by the control device, whether the first license meets the download condition, the method further includes: the control device obtains a public key of a license key, a private key of the license key being held by an owner of the firmware; the control device receives a first license carrying a first signature, wherein the first signature is obtained by signing the first license by using a private key of a license key; the control device stores the first license when the first signature passes by using a public key of the license key.
With reference to the first possible implementation manner of the first aspect, the embodiment of the present invention provides a second possible implementation manner of the first aspect, where the first license further includes a first serial number that has a unique correspondence, and the control device stores the first license if the first signature passes by using a public key of the license key and the first serial number is greater than a second serial number stored by the control device.
With reference to the first aspect, an embodiment of the present invention provides a third possible implementation manner of the first aspect, where the controlling device checks whether the first license meets a download condition, including: determining whether the value of the download times indicated by the first permission is larger than 0; or determining whether the current time is within the valid time limit of the first permission indication.
With reference to the second possible implementation manner of the first aspect, an embodiment of the present invention provides a fourth possible implementation manner of the first aspect, where the controlling device checks whether the first license meets a download condition, and further includes: and reducing the number of downloads indicated by the first license when the first license meets the download condition.
With reference to the first aspect, an embodiment of the present invention provides a fifth possible implementation manner of the first aspect, where a private key of the control key is preset in the control device; the control device receiving a firmware distribution packet from an owner of the firmware, the firmware distribution packet including firmware encrypted using a public key of a control key; the control device decrypts the firmware distribution packet by using the private key of the control key to obtain the firmware.
With reference to the first aspect, an embodiment of the present invention provides a sixth possible implementation manner of the first aspect, where the control device receives, by a file transmission manner or a network data streaming manner, a public key of the download key, a firmware release package, or the first license.
In a second aspect, an embodiment of the present invention provides an encryption apparatus, including a main control module and a storage module, where the main control module is configured to: obtaining a public key of a download key; checking whether the first license meets the download condition; encrypting the firmware by using the public key of the download key to obtain a firmware download package when the first license meets the download condition; transmitting the firmware download package to the intelligent device, so that the intelligent device can decrypt the firmware download package by using the private key of the download key to obtain the firmware; wherein the private key of the download key is held by the smart device, the first license is issued to the control device by the owner of the firmware, and the first license is at least used for indicating the download times or valid time limits of the firmware which the control device is allowed to download for the smart device; the storage module is used for storing the first license.
With reference to the second aspect, an embodiment of the present invention provides a first possible implementation manner of the second aspect, where the storage module is further configured to store a private key of the control key and a public key of the license key.
In a third aspect, an embodiment of the invention provides a computer readable storage medium having a computer program stored thereon, which when executed by a processor performs the steps of any of the firmware download methods described above.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
In order to make the above objects, features and advantages of the present invention more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the description below are some embodiments of the invention and that other drawings may be obtained from these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of a firmware downloading method according to an embodiment of the present invention;
FIG. 2 is a flowchart of another firmware downloading method according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a portion of a license issuing procedure of a firmware download method according to an embodiment of the present invention;
FIG. 4 is a flowchart illustrating a part of a firmware issuing process of a firmware downloading method according to an embodiment of the present invention;
fig. 5 is a schematic diagram of an exemplary application scenario of a firmware downloading method according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The inventor has analyzed that the manner in which the smart device uses a secure chip to effect the downloading of firmware is still less controllable, mainly due to the fact that the production behaviour of the trusted party is difficult to control. Specifically, the trusted party (the owner of the firmware) encrypts the firmware with a fixed symmetric key and delivers the encrypted firmware to the trusted party, and the trusted party transmits the encrypted firmware to the intelligent device when the intelligent device is produced, and the secure chip of the intelligent device is responsible for decryption, so that the intelligent device downloads the firmware. In this process, while the firmware is not compromised outside the smart device, the trusted party may conduct unauthorized production activities because the symmetric keys used for its decryption are the same for multiple smart devices. For example, the consigner only entrusts to produce 1 ten thousand intelligent devices, but the consignee actually produces 1.5 ten thousand intelligent devices, and downloads firmware in the 1.5 ten thousand intelligent devices, so as to produce 1.5 ten thousand intelligent devices, and 0.5 ten thousand of the produced intelligent devices are unauthorized devices of the consignee. These devices are all the same for purchasers and are not known to be genuine or genuine, but suffer from economic losses for trusted parties.
Therefore, the firmware downloading scheme is characterized in that the control device is introduced to the production side of the intelligent equipment, the production side is restrained by the control device, the firmware of the intelligent equipment can be prevented from being leaked, the firmware downloading behavior of the production side can be controlled, the possible unauthorized production behavior is avoided, and the rights and interests of owners of the firmware are guaranteed.
An exemplary application scenario of the firmware downloading method according to the embodiments of the present application is first described below, and then the firmware downloading method and the corresponding product are described.
Referring to fig. 5, fig. 5 is a schematic diagram of an exemplary application scenario of the firmware downloading method according to the embodiment of the present application. The scenario may include a device of the owner of the firmware, a control device, and an intelligent device.
A device of an owner of firmware refers to an electronic device used by the owner of the firmware (e.g., an enterprise developer, a personal developer, etc.). By way of example, the device may be a personal computer, a mobile phone, a tablet, a server, etc., and the present application is not limited to a specific product form/type of electronic device.
The device of the owner of the firmware can be connected in direct or indirect communication with the control device, so that the developed firmware is transmitted to the control device. The device of the owner of the firmware may not be communicatively connected to the control device, but the firmware may be transferred to the control device via a storage medium (e.g., a hard disk or the like).
The owner of the firmware holds a license key, which may be an asymmetric key. The private key of the license key is held by the owner of the firmware, and the public key of the license key can be transmitted to the control device. It will be appreciated that the owner of the firmware may store the private key of the license key in the aforementioned electronic device, as well as in other possible electronic devices or storage media, for use when a license needs to be issued for a certain control device.
The control device and the intelligent equipment are positioned on the production side and can be in communication connection. The production side here may be exemplified by an external factory or a production department inside the owner of the firmware, etc., and a firmware download method will be described later taking the external factory as an example. Illustratively, the control device may be a personal computer, a local server, an encryptor, or the like.
The control device is preset with a control key which can be an asymmetric key. The private key of the control key is stored by the control device itself, and the public key of the control key may be transmitted to the owner of the firmware. It will be appreciated that there may be one or more such control devices on the production side, and that different external plants may also have their own control devices. The preset control keys may be different or the same for different control devices. That is, each control device may have its own unique corresponding control key, or a plurality of control devices may preset the same control key. For example, the control device in each factory may be preset with the same control key for different external factories, but the control keys in the control devices of different factories may be different so that the owners of the firmware can issue the firmware issue packages separately for different factories. For another example, the control device in each product line may be preset with the same control key for a plurality of product lines of one external factory, but the control keys in the control devices of different product lines may be different, so that the owners of the firmware may issue the firmware issuing packages separately for different product lines in one factory.
The smart device may be, for example, an air sterilizer, a smart door lock, a smart camera, etc., and the specific product form/type of the smart device is not limited in this application.
The intelligent device is preset with a download key, and the download key can be an asymmetric key. The private key of the download key is stored by the smart device itself, and the public key of the download key may be transmitted to other devices, such as the control means, when needed. It will be appreciated that there may be a plurality of such smart devices on the production side, with preset download keys being different for different smart devices. That is, each smart device may have a unique corresponding download key.
The application provides a firmware downloading method, which is used for transmitting firmware to intelligent settings through a control device at a production side (such as an external factory). As shown in fig. 1-4, the firmware download method may include the following steps.
S102, the control device receives a public key of the download key, and a private key of the download key is held by the intelligent device.
The public key of the download key may be obtained directly from the smart device or from a storage location external to the smart device, such as a database, storage medium, etc. The public key of the download key may be sent to the control device by file transfer, network data streaming, etc.
S104, the control device checks whether the first license meets the downloading condition.
Wherein the first license is issued to the control device by an owner of the firmware, the first license being at least used to indicate a number of downloads or a valid time limit for which the control device is allowed to download the firmware for the smart device.
As previously mentioned, the owner of the firmware may be an enterprise developer, such as an enterprise, or may be a personal developer. The owner of the firmware may issue the license directly to the control device or may issue the license indirectly. For example, when the owner of the firmware is an enterprise, it may have an internal production authority responsible for issuing permissions to the control device.
In some possible implementations, the first license may include download times information therein, e.g., 1000 times. The first license may include valid time limit information, such as 2022.05.01-2022.12.31. Of course, the first license may include both types of information.
It will be appreciated that one or more of the other necessary information may also be included in the first license, such as a license ID (e.g., a first serial number hereinafter) for uniquely identifying the first license, an owner ID for uniquely identifying the owner of the firmware, a control device ID for uniquely identifying the control device, a producer ID for uniquely identifying an external factory or production department or production line, etc.
In some possible implementations, for multiple control devices in the same external factory or multiple control devices in the same production line of one factory, if they have different control keys, different first permissions may be issued separately to control the conditions under which each control device is able to download firmware for the smart device separately. If they have the same control key, the same first license may be issued to batch control the conditions under which the control devices in the same factory or in the same production line are able to download firmware for the smart device. Of course, even if these control devices have the same control key, the owners of the firmware can issue different first permissions respectively thereto.
The download conditions are mainly used to describe the reference requirements that the control device is allowed to download the firmware for the smart device. Illustratively, the download conditions may include: the number of remaining downloads is > 0. When the control device needs to download firmware for a certain intelligent device, the value of the download times indicated by the first license can be acquired, and the value is given to the remaining download times, so that whether the first license meets the download conditions is determined. Also illustratively, the download conditions may include: the current time is within the active time limit. When the control device needs to download firmware for a certain intelligent device, the value of the current time of the control device can be acquired, and whether the value is within the valid time limit indicated by the first permission is judged. For example, the current time is 2022.09.01, which is within 2022.05.01-2022.12.31 of the first license indication, it may be determined that the first license meets the download condition, otherwise it is determined that the first license does not meet the download condition.
If the control device checks that the first license does not meet the downloading condition, stopping the downloading flow; if so, continuing the downloading flow.
And S106, when the first license meets the downloading condition, the control device encrypts the firmware by using the public key of the downloading key to obtain a firmware downloading package.
The control device may have firmware stored therein, which may be issued by an owner of the firmware. In some possible implementations, the owner of the firmware may publish the firmware based on the firmware publication flow, thereby causing the control device to obtain the firmware. As shown in fig. 4, the steps performed by the control device may further include the following steps S302 to S304.
S302, the control device receives a firmware release packet from an owner of the firmware, wherein the firmware release packet comprises the firmware encrypted by using a public key of the control key;
s304, the control device decrypts the firmware release package by using the private key of the control key to obtain the firmware.
It should be appreciated that the firmware release package may be replaced by the owner of the firmware itself or authorized to other legitimate users/devices for release. The control device may obtain the firmware release packet through file transmission, network data streaming, or other possible manners. Other possible information may be included in the firmware distribution package, such as information of an owner of the firmware, information of a firmware distributor, information of a specific control device, an ID of the firmware, etc., so that the control device can know information of a source, etc., of the currently received firmware distribution package based on some or all of the information, and determine whether the currently received firmware distribution package is distributed for itself.
It should also be understood that the control device may acquire and store the decrypted firmware in advance, or may acquire the firmware when it is required to download the firmware for the smart device, which is not limited in this application. That is, the steps of receiving and decrypting the firmware distribution package by the control device may be performed before the steps of S102 or S104, or may be performed thereafter or simultaneously therewith, and the order of execution is not limited as long as there is no logical contradiction.
In some implementations, when the control device receives an instruction that a specific firmware needs to be downloaded for the smart device, it may first look up locally at the control device whether the specific firmware is already stored. If already stored, the firmware release package corresponding to the firmware does not need to be obtained repeatedly, and if not stored locally, the server is instructed to obtain or other possible ways are instructed to obtain the firmware release package corresponding to the firmware.
It should also be appreciated that the firmware download package may also include other possible information, such as information of the owner of the firmware, information of the control device, the ID of the firmware, etc., so that the smart device can learn information about the source of the firmware in the currently received firmware download package, etc., based on some or all of these information, and determine whether the currently received firmware download package is intended for itself.
And S108, the control device sends the firmware download package obtained in the S106 to the intelligent device so that the intelligent device can decrypt the firmware download package by using the private key of the download key to obtain the firmware.
It should be noted that, the control device may send the firmware download packet to the smart device through file transmission, network data stream transmission, or other possible manners.
Optionally, before the step of checking whether the first license meets the download condition by the control device in S104, a procedure of issuing a license for the control device by the owner of the firmware is further included, so that the control device can acquire the corresponding license. As shown in fig. 3, the steps performed by the control device may further include the following steps S202 to S208.
S202: the control device obtains a public key of the license key, a private key of the license key being held by an owner of the firmware.
It will be appreciated that the control device may acquire and store the public key of the license key in advance, or may acquire the public key of the license key when the first license needs to be verified, which is not limited in this application.
S204: the control device receives a first license carrying a first signature, the first signature being obtained by signing the first license with a private key of a license key.
As previously described, the first license may include download times information, validity time limit information, and other possible information. The firmware owner may sign some or all of the above information using the private key of the license key to obtain a corresponding first signature, which is then sent to the control device with or carried in the first license. The control means may receive the first license carrying the first signature by means of file transfer, network data streaming, etc. or possibly by other means.
S206: verifying the first signature by using the public key of the license key, if the verification is not passed, the license addition fails, and ending the flow; in the case where the first signature is verified to pass using the public key of the license key, S210 or S208 may be performed.
S210: the control means stores the first license.
By verifying the first signature it can be ensured that the first license currently received by the control device is issued by the firmware owner and has not been tampered with.
S208: the first license further includes a first serial number having a unique correspondence, and if the first signature passes by using the public key of the license key and the first serial number is greater than the second serial number stored in the control device, the control device stores the first license (S2081), and if the first serial number is not greater than the second serial number stored in the control device, the process ends (S2082).
In some possible implementations, the second sequence number may be a preset initial value, and may be exemplary 0, in the case where the control device has not previously received the grant. In the case where the control device has previously received a license, the second sequence number may be a license sequence number uniquely corresponding to the last received license. The license numbers corresponding to the licenses are generally changed in a certain order, and may be incremented, for example. When the control device receives a new license, the old license can be updated in this way, the license number of the last received license is reserved and stored as a second license, so as to further judge whether the currently received license is an updated valid license, thereby avoiding the situation that the number of times of downloading firmware is increased by intercepting and resending the license which has been validated.
Optionally, in S104, the controlling means checking whether the first license meets the download condition further includes:
s1041: determining whether the value of the download times of the first permission indication is greater than 0; alternatively, it is determined whether the current time is within the validity time limit of the first permission indication.
Optionally, in the case where the first license meets the download condition, S105 is further included: the number of downloads of the first permission indication is reduced. When the first license includes a limitation on the number of downloads, when the downloading process is continued, the number of downloads is reduced by one, so that when the control device needs to download firmware for other intelligent devices, the updated number of downloads can be used for judging whether the control device meets the downloading condition.
In the firmware downloading method of this embodiment, the external factory and the like transmit the firmware to the intelligent setting through the control device, and the firmware is developed by the firmware owner and encrypted by using the public key of the specific control key, so that only the control device holding the private key of the corresponding control key can decrypt and obtain the plaintext of the firmware. The owner of the firmware issues a first license to the control device, the first license indicating at least a number of downloads or a valid time limit for which the control device is allowed to download the firmware for the smart device. The owner of the firmware controls the number and time limit of the production side firmware downloads by issuing the license. When downloading the firmware for the intelligent device, the control means is configured to detect whether the first license meets the download condition, and if the first license meets the download condition, encrypt the firmware using the public key of the download key, and generate a firmware download package for each device. This ensures that only the control device holding a valid first license is able to generate the firmware download package. The firmware download package is generated by the control device encrypting the firmware by using the public key of the download key, and only the intelligent device with the public key of the corresponding download key can successfully decrypt and acquire the plaintext of the firmware. By the method, even if the external factory intercepts the firmware release package, the first license which is not effective cannot generate the firmware download package aiming at the specific intelligent device, even if the firmware download package is intercepted, the firmware download package cannot be used on other intelligent devices, so that the leakage of the firmware is avoided, the safety and the controllability of the firmware download are ensured, and the rights of the entrusters are ensured.
The embodiment also provides an electronic device comprising at least one processor and at least one memory; the at least one processor is configured to: obtaining a public key of a download key; checking whether the first license meets the download condition; under the condition that the first license accords with the downloading condition, encrypting the firmware by using the public key of the downloading key to obtain a firmware downloading package; transmitting the firmware download package to the intelligent device so that the intelligent device can decrypt the firmware download package by using a private key of the download key to obtain the firmware; wherein the private key of the download key is held by the smart device, the first license is issued to the control device by the owner of the firmware, and the first license is at least used for indicating the download times or valid time limit of the firmware which is allowed to be downloaded for the smart device by the control device; the at least one memory is configured to: the first license is stored.
The electronic device or the control device may be an encryption machine in practical applications, for example. The embodiment also comprises an encryption machine which comprises a main control module and a storage module. The main control module is used for: obtaining a public key of a download key; checking whether the first license meets the download condition; under the condition that the first license accords with the downloading condition, encrypting the firmware by using the public key of the downloading key to obtain a firmware downloading package; transmitting the firmware download package to the intelligent device so that the intelligent device can decrypt the firmware download package using the private key of the download key to obtain the firmware; the private key of the downloading key is held by the intelligent device, a first license is issued to the control device by an owner of the firmware, and the first license is at least used for indicating the downloading times or the effective time limit of the firmware which is allowed to be downloaded by the control device for the intelligent device; and the storage module is used for storing the first license.
Optionally, the storage module is further configured to store a private key of the control key, and a public key of the license key.
In this embodiment, the above technical scheme is described by taking an intelligent device as an example of an intelligent door lock. The intelligent door lock function is mainly realized by firmware in the main control MCU. The main control MCU adopts a safety chip to prevent the internal firmware from being maliciously read and tampered. Before downloading firmware, the main control MCU presets a bootloader program for downloading the firmware, a public key pub_dl of a downloading key and a private key Pri_dl of the downloading key.
The control device of the embodiment can be a special encryption machine, and the inside of the control device comprises a safety main control and a safety storage. A private key pri_c of the control key and a public key pub_ lic of the license key are preset. The public key pub_c of the corresponding control key is held by the firmware development side (i.e., the owner of the firmware), and the private key pri_ lic of the license key is held by the production management department of the production side. The license key, the control key and the download key are all RSA algorithm keys.
The encryptor records a license number serial_s, and the initial value is 0.
During production, the intelligent door lock equipment is connected with the encryption machine through a network.
The technical scheme of the embodiment mainly comprises a firmware release process, a license release process and a firmware downloading process.
Firmware release flow: the firmware developer encrypts the firmware by using pub_c to obtain a firmware release packet Enc (pub_c, firmware); introducing Enc (pub_c, norm) to the encryptor by a file mode; the encryptor decrypts Enc (pub_c, norm) using pri_c to obtain norm, and saves norm.
License issuing flow: a license Lic is generated, which includes the number limit Num and the Serial number Serial. The Lic is signed using pri_ Lic to yield lic_signed. And importing the Lic_signed into the encryption machine in a file mode. The encryptor verifies lic_signed using pub_ Lic. If the verification is not passed, the license addition fails, and the process is ended; if the verification is passed, the flow is continued. The encryptor compares the Serial number Serial in the license with the internally stored Serial number serial_s. If the Serial > serial_s, continuing to execute the flow; otherwise, the flow is ended. The limit number of times in Lic is saved, and the serial_s is updated to the value of Serial.
Firmware download flow: pub dl is read from the intelligent door lock. And the data is sent to the encryptor in a network data stream mode. The encryptor checks the stored Num. If num=0, the download flow is aborted; otherwise, continuing the downloading flow. The encryptor updates and saves Num after subtracting 1. The encryptor encrypts the firmware using pub_dl to obtain a firmware download packet Enc (pub_dl, firmware). The encryptor sends Enc (pub_dl, firmware) to the intelligent door lock in a network data stream. The intelligent door lock decrypts Enc (pub_dl, firmware) by using Pri_dl to obtain firmware, saves the firmware, and finishes downloading.
In still another possible implementation manner, the embodiment of the present invention further provides an electronic device, and fig. 6 shows a schematic structural diagram of an electronic device provided by the embodiment of the present invention, and referring to fig. 6, the electronic device includes: a processor 400, a memory 401, a data bus 402 and a communication interface 403, the processor 400, the memory 401, the communication interface 403 and being connected by the data bus 402; the processor 400 is arranged to execute executable modules, such as computer programs, stored in the memory 401.
Wherein the memory 401 stores computer executable instructions capable of being executed by the processor 400, the processor 400 executing the computer executable instructions to implement the method as described above.
Further, the memory 401 may include a high-speed random access memory (RAM, random AccessMemory), and may further include a non-volatile memory (non-volatile memory), such as at least one disk memory. The communication connection between the system network element and at least one other network element is implemented via at least one communication interface 403 (which may be wired or wireless), which may use the internet, a wide area network, a local network, a metropolitan area network, etc.
Data bus 402 may be an ISA data bus, a PCI data bus, or an EISA data bus, among others. The data bus may be classified into an address data bus, a data bus, a control data bus, and the like. For ease of illustration, only one double-headed arrow is shown in FIG. 6, but not only one data bus or one type of data bus.
The memory 401 is used for storing a program, and the processor 400 executes the program after receiving a program execution instruction, and a firmware downloading method disclosed in any of the foregoing embodiments of the present invention may be applied to the processor 400 or implemented by the processor 400.
Further, the processor 400 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in the processor 400 or by instructions in the form of software. The processor 400 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but may also be a digital signal processor (DigitalSignal Processing, DSP for short), application specific integrated circuit (Application Specific IntegratedCircuit, ASIC for short), off-the-shelf programmable gate array (Field-Programmable GateArray, FPGA for short), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in the memory 401, and the processor 400 reads the information in the memory 401, and in combination with its hardware, performs the steps of the above method.
In yet another possible implementation, the present embodiments also provide a computer-readable storage medium storing computer-executable instructions that, when invoked and executed by a processor, cause the processor to implement the method described above.
The firmware downloading device provided by the embodiment of the invention has the same technical characteristics as the firmware downloading method provided by the embodiment, so that the same technical problems can be solved, and the same technical effects can be achieved.
The computer program product of the firmware downloading method and apparatus provided in the embodiments of the present invention includes a computer readable storage medium storing program codes, where the instructions included in the program codes may be used to execute the method in the foregoing method embodiment, and specific implementation may refer to the method embodiment and will not be described herein.
It will be clear to those skilled in the art that, for convenience and brevity of description, reference may be made to the corresponding process in the foregoing method embodiment for the specific working process of the apparatus described above, which is not described herein again.
In the description of the present invention, it should be noted that the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
Finally, it should be noted that: the above examples are only specific embodiments of the present invention for illustrating the technical solution of the present invention, but not for limiting the scope of the present invention, and although the present invention has been described in detail with reference to the foregoing examples, it will be understood by those skilled in the art that the present invention is not limited thereto: any person skilled in the art may modify or easily conceive of the technical solution described in the foregoing embodiments, or perform equivalent substitution of some of the technical features, while remaining within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention, and are intended to be included in the scope of the present invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.
Claims (10)
1. A method of firmware download, comprising:
the control device receives a public key of a download key, wherein a private key of the download key is held by the intelligent equipment;
the control device checks whether a first license is in accordance with a downloading condition, wherein the first license is issued to the control device by an owner of the firmware, and the first license is at least used for indicating the download times or valid time limit of the firmware which is allowed to be downloaded for the intelligent device by the control device;
under the condition that the first license accords with the downloading condition, the control device encrypts the firmware by using the public key of the downloading key to obtain a firmware downloading package;
the control device sends the firmware download package to the intelligent device, so that the intelligent device can decrypt the firmware download package by using the private key of the download key to obtain the firmware.
2. The firmware download method as set forth in claim 1, further comprising, before the step of the control device checking whether the first license meets a download condition:
the control device obtains a public key of a license key, a private key of the license key being held by an owner of the firmware;
the control device receives a first license carrying a first signature, wherein the first signature is obtained by signing the first license by using a private key of a license key;
in the case where the first signature passes by using the public key of the license key, the control device stores the first license.
3. The firmware download method as in claim 1, wherein the first license further comprises a first serial number having a unique correspondence, the control device storing the first license if the first signature is verified using a public key of the license key and the first serial number is greater than a second serial number stored by the control device.
4. The firmware download method as set forth in claim 1, wherein the control means checking whether the first license meets a download condition includes:
determining whether the value of the download times indicated by the first license is greater than 0; or,
it is determined whether the current time is within a valid time limit of the first permission indication.
5. The firmware download method as set forth in claim 4, further comprising:
and reducing the value of the downloading times indicated by the first license under the condition that the first license meets the downloading condition.
6. The firmware download method according to any one of claims 1 to 5, wherein a private key of a control key is preset in the control device;
the control device receives a firmware distribution packet from an owner of firmware, the firmware distribution packet including firmware encrypted using a public key of a control key;
and the control device decrypts the firmware release packet by using the private key of the control key to obtain the firmware.
7. The firmware download method as claimed in any one of claims 1 to 5, wherein the control device receives the public key of the download key, the firmware distribution package, or the first license through a file transfer method or a network data streaming method.
8. An electronic device comprising at least one processor and at least one memory, the at least one memory having stored therein computer-executable instructions for executing the computer-executable instructions to implement the method of any one of claims 1 to 7.
9. An encryption machine is characterized by comprising a main control module and a storage module,
the main control module is used for: obtaining a public key of a download key; checking whether the first license meets the download condition; under the condition that the first license accords with the downloading condition, encrypting the firmware by using the public key of the downloading key to obtain a firmware downloading package; transmitting the firmware download package to the intelligent device so that the intelligent device can decrypt the firmware download package by using a private key of the download key to obtain the firmware;
wherein the private key of the download key is held by the smart device, the first license is issued to the control device by the owner of the firmware, and the first license is at least used for indicating the download times or valid time limit of the firmware which is allowed to be downloaded for the smart device by the control device;
the storage module is used for storing the first license.
10. A computer readable storage medium having stored thereon a computer program, characterized in that the computer program when executed by a processor performs the steps of the firmware download method according to any of the preceding claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211535930.8A CN116248282B (en) | 2022-12-02 | 2022-12-02 | Firmware downloading method, electronic device, control device and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211535930.8A CN116248282B (en) | 2022-12-02 | 2022-12-02 | Firmware downloading method, electronic device, control device and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116248282A true CN116248282A (en) | 2023-06-09 |
| CN116248282B CN116248282B (en) | 2024-05-17 |
Family
ID=86623057
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211535930.8A Active CN116248282B (en) | 2022-12-02 | 2022-12-02 | Firmware downloading method, electronic device, control device and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116248282B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101179379A (en) * | 2007-12-11 | 2008-05-14 | 中兴通讯股份有限公司 | Firmware security management method for microwave access global intercommunication system |
| CN107871068A (en) * | 2017-10-27 | 2018-04-03 | 深圳怡化电脑股份有限公司 | Firmware burning method, cd-rom recorder and computer-readable recording medium |
| CN109697085A (en) * | 2018-11-22 | 2019-04-30 | 北京深思数盾科技股份有限公司 | A kind of production optimization method and equipment of embedded electronic product |
| CN110362965A (en) * | 2019-06-12 | 2019-10-22 | 创芯工坊科技(深圳)有限公司 | Firmware processing method, device, system, equipment and the medium of IC chip |
| CN113014444A (en) * | 2020-11-23 | 2021-06-22 | 杭州安芯物联网安全技术有限公司 | Internet of things equipment production test system and safety protection method |
| US20220075873A1 (en) * | 2020-09-08 | 2022-03-10 | Innogrit Technologies Co., Ltd. | Firmware security verification method and device |
-
2022
- 2022-12-02 CN CN202211535930.8A patent/CN116248282B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101179379A (en) * | 2007-12-11 | 2008-05-14 | 中兴通讯股份有限公司 | Firmware security management method for microwave access global intercommunication system |
| CN107871068A (en) * | 2017-10-27 | 2018-04-03 | 深圳怡化电脑股份有限公司 | Firmware burning method, cd-rom recorder and computer-readable recording medium |
| CN109697085A (en) * | 2018-11-22 | 2019-04-30 | 北京深思数盾科技股份有限公司 | A kind of production optimization method and equipment of embedded electronic product |
| CN110362965A (en) * | 2019-06-12 | 2019-10-22 | 创芯工坊科技(深圳)有限公司 | Firmware processing method, device, system, equipment and the medium of IC chip |
| US20220075873A1 (en) * | 2020-09-08 | 2022-03-10 | Innogrit Technologies Co., Ltd. | Firmware security verification method and device |
| CN113014444A (en) * | 2020-11-23 | 2021-06-22 | 杭州安芯物联网安全技术有限公司 | Internet of things equipment production test system and safety protection method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116248282B (en) | 2024-05-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11218299B2 (en) | Software encryption | |
| US8677144B2 (en) | Secure software and hardware association technique | |
| US8966248B2 (en) | Secure software file transfer systems and methods for vehicle control modules | |
| CN110050437B (en) | Apparatus and method for distributed certificate registration | |
| KR20020075439A (en) | Method and apparatus for providing secure control of software or firmware code downloading and secure operation of a computing device receiving downloaded code | |
| US20180204004A1 (en) | Authentication method and apparatus for reinforced software | |
| CN107534551B (en) | Method, computing device and computer readable medium for providing encrypted data | |
| CN112882750A (en) | OTA upgrade package processing method and device and electronic equipment | |
| US20170353315A1 (en) | Secure electronic entity, electronic apparatus and method for verifying the integrity of data stored in such a secure electronic entity | |
| CN116226886B (en) | Information security management method and system for software information system | |
| JP2017011491A (en) | Authentication system | |
| US20200351108A1 (en) | Semiconductor device, update data-providing method, update data-receiving method, and program | |
| WO2021170049A1 (en) | Method and apparatus for recording access behavior | |
| CN108923910A (en) | Mobile application APK tamper-proofing method | |
| CN110619194B (en) | Upgrade package encryption and decryption methods and devices | |
| CN112910641A (en) | Verification method and device for cross-link transaction supervision, relay link node and medium | |
| CN116248282B (en) | Firmware downloading method, electronic device, control device and computer readable storage medium | |
| CN108242997B (en) | Method and apparatus for secure communication | |
| CN115766270A (en) | File decryption method, file encryption method, key management method, device and equipment | |
| CN111542050B (en) | TEE-based method for guaranteeing remote initialization safety of virtual SIM card | |
| CN114331648A (en) | Bid file processing method, device, equipment and storage medium | |
| JP4593207B2 (en) | Software defined radio system | |
| CN115412244B (en) | Method, system and equipment for updating encrypted firmware on line | |
| CN105790931B (en) | A kind of cryptographic key distribution method, the network equipment, terminal device and system | |
| CN112583605B (en) | Block chain-based secret-free authentication method, system, terminal and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |