CN116830625A - Digital key synchronization method and device and storage medium - Google Patents
Digital key synchronization method and device and storage medium Download PDFInfo
- Publication number
- CN116830625A CN116830625A CN202380009094.6A CN202380009094A CN116830625A CN 116830625 A CN116830625 A CN 116830625A CN 202380009094 A CN202380009094 A CN 202380009094A CN 116830625 A CN116830625 A CN 116830625A
- Authority
- CN
- China
- Prior art keywords
- tee
- information
- digital key
- secure channel
- establishing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 81
- 238000003860 storage Methods 0.000 title claims abstract description 11
- 230000004044 response Effects 0.000 claims description 35
- 238000004891 communication Methods 0.000 claims description 14
- 238000004590 computer program Methods 0.000 claims description 4
- 230000007246 mechanism Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 10
- 230000003993 interaction Effects 0.000 description 8
- 230000008569 process Effects 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 5
- 230000005236 sound signal Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 230000001360 synchronised effect Effects 0.000 description 3
- 230000001133 acceleration Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000003384 imaging method Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The disclosure provides a digital key synchronization method and device and a storage medium, wherein the method comprises the following steps: establishing a first secure channel between the trusted execution environment TEE and the secure element SE; and writing the digital key information in the TEE into the SE through the first secure channel. In the method, the terminal equipment can control the vehicle in an NFC mode by writing the digital key of the SE, so that the use scene of the digital key is expanded, and the availability of the digital key is improved.
Description
Technical Field
The disclosure relates to the field of digital keys, and in particular relates to a digital key synchronization method and device and a storage medium.
Background
The current digital keying protocols mainly include: the internet of vehicles alliance (Car Connectivity Consortium, CCC) digital key specification, the smart car co-production industry ecological alliance (Intelligent Car Connectivity Industry Ecosystem Alliance, ICCE) digital key specification, and the smart car alliance open alliance (Intelligent CarConnectivity Open Alliance, ICCOA) digital key specification.
The trusted execution environment (Trusted execution environment, TEE) realizes the security computation based on memory isolation based on a hardware security central processing unit (Central Processing Unit, CPU), and many intelligent devices on the market today meet the security of vehicle control by creating a digital car key in the TEE.
A Security Element (SE) is a device unit on an intelligent terminal device. While on smart terminal devices, SE is typically integral with a near field communication (Near Field Communication, NFC) module.
However, many intelligent terminal devices on the market at present do not support NFC, and how to control a vehicle through NFC is a problem to be solved.
Disclosure of Invention
In order to overcome the problems in the related art, embodiments of the present disclosure provide a digital key synchronization method, a device, and a storage medium.
According to a first aspect of embodiments of the present disclosure, there is provided a digital key synchronization method, which is performed by a terminal device, including:
establishing a first secure channel between the trusted execution environment TEE and the secure element SE;
and writing the digital key information in the TEE into the SE through the first secure channel.
Optionally, before establishing the first secure channel between the trusted execution environment TEE and the secure element SE, the method further comprises:
acquiring, by the SE, first information for establishing the first secure channel, an
And acquiring second information for establishing the first secure channel by the TEE.
Optionally, the acquiring, by the SE, first information for establishing the first secure channel includes:
Establishing a second secure channel between the SE and a device server of the terminal device;
the first information provided by the device server is obtained by the SE through the second secure channel.
Optionally, the acquiring, by the TEE, second information for establishing the first secure channel includes at least one of:
acquiring a control mechanism CA-KLCC public key of an OCE certificate of an entity outside a secret key loading card of the TEE;
generating an OCE key pair by the TEE;
and acquiring an OCE public key certificate provided by a device server of the terminal device and containing the OCE public key certificate used for key negotiation.
Optionally, the method further comprises:
sending, by the TEE, a certificate signing request, CSR, message to the appliance server to cause the appliance server to provide the OCE public key certificate to the terminal based on the CSR request message.
Optionally, the establishing a first secure channel between the trusted execution environment TEE and the secure element SE includes:
the first secure channel is established between the TEE and the SE based on a secure channel protocol SCP.
Optionally, after writing the digital key information in the TEE to the SE through the first secure channel, the method further includes:
In response to determining that the digital key information in the TEE is updated, synchronizing, by a trusted application TA of the TEE, the updated digital key information to an applet of the SE through the first secure channel.
Optionally, the method further comprises:
a first Application Protocol Data Unit (APDU) is interacted with a vehicle in a Bluetooth mode, wherein the first APDU is at least used for authenticating the digital key information in the TEE; and/or
Interacting a second APDU with the vehicle in a Near Field Communication (NFC) mode, wherein the second APDU is at least used for authenticating the digital key information in the SE;
wherein the second APDU has the same format as the first APDU, and the data content included in the second APDU is the same as the data content included in the first APDU.
According to a second aspect of embodiments of the present disclosure, there is provided a digital key synchronization method, the method being performed by a device server, comprising:
sending first information to SE of terminal equipment, wherein the first information is used for establishing a first secure channel between the SE and a Trusted Execution Environment (TEE) of the terminal equipment; and
and sending at least part of second information to the TEE, wherein the second information is used for establishing the first secure channel between the TEE and the SE.
Optionally, the sending the first information to the SE of the terminal device includes:
establishing a second secure channel with the SE;
and sending the first information to the SE through the second secure channel.
Optionally, the sending at least part of the second information to the TEE includes:
and in response to receiving a Certificate Signing (CSR) request message sent by the TEE, sending an OCE public key certificate containing an off-card entity for key agreement to the TEE based on the CSR request message.
According to a third aspect of the embodiments of the present disclosure, there is provided a digital key synchronization apparatus, which is applied to a terminal device, including:
the channel establishing module is used for establishing a first secure channel between the trusted execution environment TEE and the secure element SE;
an execution module configured to write digital key information in the TEE to the SE through the first secure channel.
According to a fourth aspect of embodiments of the present disclosure, there is provided a digital key synchronization apparatus, the apparatus being applied to a device server, comprising:
the device comprises a first sending module, a second sending module and a third sending module, wherein the first sending module is used for sending first information to SE of terminal equipment, and the first information is used for establishing a first secure channel between the SE and a trusted execution environment TEE of the terminal equipment; and
And sending at least part of second information to the TEE, wherein the second information is used for establishing the first secure channel between the TEE and the SE.
According to a fifth aspect of embodiments of the present disclosure, there is provided a computer-readable storage medium storing a computer program for performing the digital key synchronization method of any one of the above.
According to a sixth aspect of embodiments of the present disclosure, there is provided a digital key synchronization apparatus including:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to perform the digital key synchronization method of any of the above.
The technical scheme provided by the embodiment of the disclosure can comprise the following beneficial effects:
in the embodiment of the disclosure, the digital key information in the terminal equipment TEE can be written into the SE through the first secure channel between the TEE and the SE, so that the security of the digital key copying process is ensured, and the terminal equipment can control the vehicle in an NFC mode by writing the digital key of the SE, so that the use scene of the digital key is expanded, and the availability of the digital key is improved.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
Fig. 1 is a flow chart of a digital key synchronization method according to an exemplary embodiment.
Fig. 2 is a flow chart of another digital key synchronization method according to an exemplary embodiment.
Fig. 3 is a flow chart of another digital key synchronization method according to an exemplary embodiment.
Fig. 4 is a flow chart of another digital key synchronization method according to an exemplary embodiment.
Fig. 5A is a schematic diagram illustrating a standard transaction flow according to an exemplary embodiment.
Fig. 5B is a schematic diagram illustrating a fast transaction flow according to an exemplary embodiment.
Fig. 6 is a flow chart of another digital key synchronization method according to an exemplary embodiment.
Fig. 7 is a flow chart of another digital key synchronization method according to an exemplary embodiment.
Fig. 8 is a block diagram of a digital key synchronization device, according to an example embodiment.
Fig. 9 is a block diagram of another digital key synchronization device, according to an example embodiment.
Fig. 10 is a schematic diagram of a digital key synchronization device according to an exemplary embodiment of the present disclosure.
Fig. 11 is a schematic diagram of a digital key synchronization device according to an exemplary embodiment of the present disclosure.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the invention. Rather, they are merely examples of apparatus and methods consistent with aspects of the invention as detailed in the accompanying claims.
The terminology used in the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used in this disclosure and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of at least one of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in this disclosure to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present disclosure. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "responsive to a determination", depending on the context.
In the related art, after a digital car key is created in a TEE of an intelligent device, it can support control of a car through a bluetooth manner.
However, if the intelligent device is in a low-power state or in a power-off state, the intelligent device cannot control the vehicle in a Bluetooth mode. Considering that NFC is not limited by the electric quantity of the device or whether the device is started up, and NFC is more suitable for wearable devices, the use scene of the digital key can be expanded, and the use scene of the digital key can be expanded to the NFC scene. Since many intelligent devices do not support NFC at present, how to control a vehicle through NFC is obviously a problem to be solved.
In order to solve the technical problems, the present disclosure provides a digital key synchronization method, a device and a storage medium, which ensure the security of a digital key copying process, and a terminal device can control a vehicle through an NFC mode by writing in a digital key of an SE, so that the use scene of the digital key is expanded, and the availability of the digital key is improved.
The digital key synchronization method provided by the present disclosure is first described from the terminal device side.
The embodiment of the disclosure provides a digital key synchronization method, referring to fig. 1, fig. 1 is a flowchart of a digital key synchronization method according to an embodiment, and the digital key synchronization method may be performed by a terminal device, where the terminal device may be a vehicle owner device or a friend device, and the vehicle owner device is a terminal device of a vehicle owner authorized to use a digital key, and the method may include, as shown in fig. 1, the following steps:
in step 101, a first secure channel is established between the trusted execution environment TEE and the secure element SE.
In an embodiment of the present disclosure, the first secure channel may be established between the TEE and the SE based on a secure channel protocol (Secure Channel Protocol, SCP). Of course, the first secure channel may also be established between the TEE and the SE based on other protocols, which is not limited by the present disclosure.
In particular, the SCP may be a global platform (GlobalPlatform, GP) SCP11a protocol.
In one possible implementation, a GET DATA (GET DATA) message may be sent by the TEE to the SE, which returns a GET DATA response (GET DATA Response) message to the TEE, which may carry a Secure Digital (SD) public key certificate containing the key agreement. Wherein the SD public key certificate is issued by a control authority (Controlling Authority for Confidential Key Loading Card Certificates, CA-KLCC) that secret key loads the card certificate.
Further, the TEE sends a secure operations on execution (Perform Security Operation, PSO) message to the SE, where the PSO message may carry an Off Card Entity (OCE) public key certificate containing the key agreement. The OCE public key certificate may be issued by a control authority (Controlling Authority for Confidential Key Loading OCE certificates, CA-KLOC) that loads the OCE certificate with a secret key. The SE returns a PSO response message to the TEE.
Still further, the TEE may send a mutual authentication message to the SE, carrying the OCE temporary public key for key agreement. The SE returns a mutual authentication response message carrying the SD temporary public key for key agreement.
Still further, the first secure channel is established by performing an application protocol data unit (ApplicationProtocolDataUnit, APDU) interaction with the SE via SCP03 secure messages using an advanced encryption standard (Advanced Encryption Standard, AES) session key.
In the embodiment of the disclosure, the CA-KLOC and the CA-KLCC may be device servers of the terminal device. The device server may be a server provided by a terminal device manufacturer or may be a server provided by a third party, which is not limited in this disclosure.
In step 102, digital key information in the TEE is written to the SE through the first secure channel.
In an embodiment of the present disclosure, the digital key information includes, but is not limited to, at least one of: key information of the digital key; certificate information of the digital key; time limit information of the digital key; rights information of the digital key; status information of the digital key, etc. The status information may include, but is not limited to, suspend, delete, resume, etc. The present disclosure is not limited in this regard.
In the embodiment of the disclosure, the digital key information in the TEE may be written into the SE through the first secure channel. The synchronization process automatically occurs between the TEE and SE of the terminal device, and the digital keys stored on the same terminal device are the same for the user or vehicle.
In the above embodiment, the synchronization process of the digital key information occurs between the security hardware and the security hardware, and the synchronization of the digital key information is performed through the first security channel between the security hardware, so that the security of the digital key copying process is ensured. In addition, the digital key information on the TEE is written into the SE, the digital key supporting Bluetooth is not required to be improved, the digital key can be expanded to a scene of controlling the vehicle by using an NFC mode, the use scene of the digital key is expanded, and the usability of the digital key is improved.
In some alternative embodiments, referring to fig. 2, fig. 2 is a flowchart of a digital key synchronization method according to an embodiment, which may be performed by a terminal device, wherein the terminal device may be a vehicle owner device or a friend device, including but not limited to a mobile phone, a notebook computer, a desktop computer, a tablet computer, a wearable device, etc., as shown in fig. 2, the method may include the following steps:
In step 201, first information for establishing the first secure channel is acquired by the SE, and second information for establishing the first secure channel is acquired by the TEE.
The first security channel is a channel established between the TEE and the SE based on the SCP and used for synchronizing digital key information.
In one possible implementation, the first information includes, but is not limited to, at least one of: CA-KLOC public key; including SD public key certificates for key agreement; SD private key for key agreement.
Wherein the CA-KLOC public key is used to verify that the OCE public key certificate for key agreement is included.
In the embodiment of the disclosure, the second secure channel may be established between the SE and the device server, and after the SE obtains the first information provided by the device server through the second secure channel, the SE writes the first information into the SE.
In one possible implementation, the second information includes, but is not limited to, at least one of: CA-KLCC public key; an OCE key pair; containing the OCE public key certificate for key agreement.
Wherein the CA-KLCC public key is used to verify that the SD public key certificate for key agreement is included.
Wherein the OCE key pair comprises: an OCE private key for key agreement and an OCE public key for key agreement.
In the embodiment of the disclosure, the CA-KLCC public key may be written in the TEE in advance, for example, when the terminal equipment leaves the factory.
In the disclosed embodiments, the OCE key pair may be generated by the TEE itself.
In an embodiment of the disclosure, the TEE may send a certificate signing request (Certificate Signing Request, CSR) message to the device server, which retrieves the device server based on the OCE public key certificate provided by the CSR message, and writes the OCE public key certificate to the TEE. Wherein, the CSR message may carry the OCE public key for key agreement.
It should be noted that, step 201 needs to be performed only once, and step 201 need not be performed after the first secure channel is established between the TEE and the SE.
In step 202, a first secure channel is established between the TEE and the SE.
In the embodiment of the disclosure, the SE may set up the first security channel based on the SCP between the SE and the TEE according to the first information and the second information. The process of establishing the first secure channel is similar to the above-mentioned step 101, and will not be described here again.
In step 203, digital key information in the TEE is written to the SE through the first secure channel.
The implementation of step 203 is similar to that of step 102 described above, and will not be described again here.
In the above embodiment, the SE and the TEE may acquire at least part of the first information and the second information from the device server, so that the SE and the TEE establish a first secure channel, and subsequently, the digital key information on the TEE may be written into the SE through the first secure channel, which is simple and convenient to implement and has high availability.
In some alternative embodiments, referring to fig. 3, fig. 3 is a flowchart of a digital key synchronization method according to an embodiment, which may be performed by a terminal device, wherein the terminal device may be a vehicle owner device or a friend device, including but not limited to a mobile phone, a notebook computer, a desktop computer, a tablet computer, a wearable device, etc., as shown in fig. 3, the method may include the following steps:
in step 301, a first secure channel is established between the trusted execution environment TEE and the secure element SE.
The implementation of step 301 is similar to that of step 101, and will not be described again here.
In step 302, digital key information in the TEE is written to the SE through the first secure channel.
The implementation of step 302 is similar to that of step 102 described above, and will not be described again here.
In step 303, in response to determining that the digital key information in the TEE is updated, the updated digital key information is synchronized by the trusted application TA of the TEE to the applet of the SE through the first secure channel.
In the embodiment of the disclosure, if the terminal detects that the user updates the digital key information in the TEE, the updated digital key information may be synchronized to an applet (applet) of the SE by a trusted application (Trusted Application, TA) of the TEE through the first secure channel established above.
In one possible implementation, the digital key information includes, but is not limited to, at least one of: key information of the digital key; certificate information of the digital key; time limit information of the digital key; rights information of the digital key; status information of the digital key, etc. The present disclosure is not limited in this regard.
In one possible implementation, the updating of the digital key information includes, but is not limited to, at least one of: updating a digital key; updating the digital key certificate; updating the digital key authority; updating the validity period of the digital key; digital key status update.
Wherein the digital key status update includes, but is not limited to, the digital key being hung up, restored, deleted, etc. The digital key is suspended, which means that the digital key is temporarily unavailable, and the digital key recovery means that the suspended digital key is recovered for use.
In the above embodiment, the TA of the TEE can ensure that the digital key information in the TEE and the SE are synchronous, which expands the use scenario of the digital key and improves the usability of the digital key.
In some alternative embodiments, referring to fig. 4, fig. 4 is a flowchart of a digital key synchronization method according to an embodiment, which may be performed by a terminal device, wherein the terminal device may be a vehicle owner device or a friend device, including but not limited to a mobile phone, a notebook computer, a desktop computer, a tablet computer, a wearable device, etc., as shown in fig. 4, the method may include the steps of:
in step 401, a first secure channel is established between the trusted execution environment TEE and the secure element SE.
The implementation of step 401 is similar to that of step 101 described above, and will not be described again here.
In step 402, digital key information in the TEE is written to the SE through the first secure channel.
The implementation of step 402 is similar to that of step 102 described above, and will not be described again here.
In step 403, a first application protocol data unit APDU is interacted with the vehicle by means of bluetooth and/or the second APDU is interacted with the vehicle by means of NFC.
In an embodiment of the present disclosure, a first APDU may be used at least for authenticating the digital key information in the TEE, and a second APDU may be used at least for authenticating the digital key information in the SE.
Wherein the second APDU has the same format as the first APDU, and the data content included in the second APDU is the same as the data content included in the first APDU.
Specifically, the format of the second APDU and the format of the first APDU are the same, which means that the APDU on the terminal device is compatible with bluetooth and NFC for authentication.
Specifically, the data information included in the second APDU is the same as the data information included in the first APDU, which means that relevant information for the same digital key is stored on the TEE and SE of the terminal device. In the above embodiment, the APDU provided by the present disclosure may be compatible with bluetooth and NFC, so as to authenticate a digital key, thereby improving usability of the digital key.
In some alternative embodiments, the disclosure provides, for step 403 above, an APDU for NFC mode, where the data portion of the APDU is compatible with the data packet authenticated using bluetooth mode. The digital key is authenticated between the terminal equipment and the vehicle in a Bluetooth mode or an NFC mode, the authenticated data content and the authenticated data packet format are the same, and the digital key is expanded to wearable equipment. I.e. a first APDU is used for authenticating the digital key information in the TEE and a second APDU is used for authenticating the digital key information in the SE. Wherein the second APDU has the same format as the first APDU, and the data information included in the second APDU is the same as the data information included in the first APDU.
It should be further noted that, when the terminal device is a wearable device, for example, a smart watch, a smart bracelet, etc., the quality of creating a digital key and deleting a digital key may be defined separately, and other instructions, for example, instructions for configuring the validity period, authority, etc. of the digital key or authenticating the digital key by performing a transaction with a vehicle, etc. may be multiplexed with the following procedures and APDUs provided by the present disclosure:
referring to fig. 5A, fig. 5A is a flowchart illustrating a standard transaction performed by a terminal device with a vehicle according to an embodiment, including the steps of:
in step 501, the vehicle sends a SELECT instruction to the terminal device.
In step 502, the terminal device sends a SELECT response (SELECT response) instruction to the vehicle.
And the information interaction is completed between the vehicle and the terminal equipment through interaction of the SELECT instruction and the SELECT response instruction.
In step 503, the vehicle sends a perfect keyless EXCHANGE (EXCHANGE Perfectly Keyless, EXCHANGE PK) instruction to the terminal device.
The EXCHANGE PK instructions are used to EXCHANGE temporary public key information between the vehicle and the SE applet of the terminal, and can only be used for wireless (wireless) interfaces, and can be used for non-secure channels.
In step 504, the terminal device sends an exchange response (EXCHANGE response) instruction to the vehicle.
In step 505, the vehicle sends a STANDARD authentication (stand AUTH) instruction to the terminal device.
The stand AUTH instruction is used for a vehicle to initiate STANDARD transaction requests, can only be used for a wireless interface, and can be used for non-secure channels.
In step 506, the terminal device sends a standard response (STANDARD response) instruction to the vehicle.
In step 507, the vehicle sends a FLOW CONTROL (CONTROL FLOW) instruction to the terminal device.
When the CONTROL FLOW instruction is used for transaction, the vehicle synchronizes the authentication state of the terminal equipment.
In step 508, the terminal device sends a flow control response (CONTROL FLOW response) instruction to the vehicle.
Referring to fig. 5B, fig. 5B is a flowchart illustrating a quick transaction between a terminal device and a vehicle according to an embodiment, including the following steps:
in step 501', the vehicle sends a SELECT command to the terminal device.
In step 502', the terminal device sends a SELECT response instruction to the vehicle.
And the information interaction is completed between the vehicle and the terminal equipment through interaction of the SELECT instruction and the SELECT response instruction.
In step 503', the vehicle sends an EXCHANGE PK command to the terminal device.
The EXCHANGE PK commands are used to EXCHANGE temporary public key information between the vehicle and the SE applet of the terminal, and can only be used for a wireless interface, and can be used for a non-secure channel.
In step 504', the terminal device sends EXCHANGE response instructions to the vehicle.
In step 505', the vehicle sends a FAST authentication (FAST AUTH) instruction to the terminal device.
The FAST AUTH instruction is used for the vehicle to initiate a FAST transaction request, can only be used for a wireless interface, and can be used for an unsafe channel.
In step 506', the terminal device sends a FAST response (FAST response) instruction to the vehicle.
In step 507', the vehicle sends a CONTROL FLOW instruction to the terminal device.
When the CONTROL FLOW instruction is used for transaction, the vehicle synchronizes the authentication state of the terminal equipment.
In step 508', the terminal device sends CONTROL FLOW response instructions to the vehicle.
Specifically, the APDUs used in fig. 5A or 5B described above are as follows:
in step 503 or step 503', the vehicle sends an EXCHANGE PK instruction to the terminal device, and the format of the command message is as follows:
80 61 00P2 Lc data Le
wherein, data is a data field, and a Tag Length Value (TLV) format may be adopted, for example, as shown in table 1.
TABLE 1
In step 504 or step 504', the terminal device sends EXCHANGE response instructions to the vehicle, and the format of the response message is as follows:
[ data Domain ]9000
The data field may also be represented in TLV format, such as shown in table 2.
TABLE 2
| Label (Tag) | Length (Length) | Value (Value) | Whether or not to useIs a necessary option |
| Tag_eDK.PK | 65 | Temporary public key of digital key | Must choose |
| Tag_crypt | 16 | Terminal equipment rapid authentication data | Optionally, a |
| Tag_kId(0x83) | 16 | Digital key identification | Must choose |
In step 505, the vehicle sends a stand AUTH instruction to the terminal device, and the format of the command message is as follows:
80 62 00P2 Lc [ data ] [ cmd mac ] Le
The data fields may be represented in TLV format, such as shown in table 3.
TABLE 3 Table 3
| Label (Tag) | Length (Length) | Value (Value) | Whether or not to be a necessary option |
| Tag_V.sig | 64 | Vehicle signature information | Must choose |
In step 506, the terminal device sends STANDARD response instructions to the vehicle, and the format of the command message is as follows:
[ encrypted data ]9000
The data fields may be represented in TLV format, such as shown in table 4.
TABLE 4 Table 4
| Label (Tag) | Length (Length) | Value (Value) | Whether or not to be a necessary option |
| Tag_DK.sig | 64 | Digital key signature information | Must choose |
In step 505', the vehicle sends a FAST AUTH instruction to the terminal device, and the format of the command message is as follows:
84 63 00P2 Lc [ encrypted data ] [ cmd mac ] Le
The data fields may be represented in TLV format, such as shown in table 5.
TABLE 5
| Label (Tag) | Length (Length) | Value (Value) | Whether or not to be a necessary option |
| Tag_cypt | 16 | Vehicle quick authentication data | Must choose |
In step 506', the terminal device sends a FAST response instruction to the vehicle, and the format of the response message is as follows:
[ encrypted data ]9000
The data field may be represented in TLV format, which is the same as the content of the vehicle rapid authentication return data field, and will not be described herein.
In step 507 or step 507', the vehicle sends a CONTROL FLOW instruction to the terminal device, and the format of the command message is as follows:
80 64P1 P2 Lc data 00
in step 508 or step 508', the vehicle terminal device sends CONTROL FLOW response instructions to the vehicle, and the format of the response message is as follows:
9000
it will be appreciated that each of the elements in tables 1 through 5 are independent, and are illustratively listed in the same table, but do not represent that all elements in the table must exist simultaneously in accordance with what is shown in the table. Wherein the value of each element is independent of any other element value in the table. It will be appreciated by those skilled in the art that the value of each element in the table is an independent embodiment.
The foregoing is merely exemplary, and other message formats may be used for command messages or response messages in standard transactions or fast transactions, which are not limited in this disclosure.
In the embodiment, the use scene of the digital key is expanded, and the usability of the digital key is improved.
The digital key synchronization method provided by the present disclosure will be described from the device server side.
An embodiment of the present disclosure provides a digital key synchronization method, referring to fig. 6, fig. 6 is a flowchart of a digital key synchronization method according to an embodiment, and the digital key synchronization method may be performed by a device server, which may be a server provided by a manufacturer of the terminal device, or may be a server provided by a third party, which is not limited in this disclosure, and as shown in fig. 6, the method may include the following steps:
in step 601, first information is sent to an SE of a terminal device, where the first information is used to establish a first secure channel between the SE and a trusted execution environment TEE of the terminal device.
In the embodiment of the disclosure, the device server may establish a second secure channel with the SE of the terminal device, and further, the device server provides the first information to the terminal device through the second secure channel, so that the terminal device writes the first information in the SE.
In one possible implementation, the first information includes, but is not limited to, at least one of: CA-KLOC public key; including SD public key certificates for key agreement; SD private key for key agreement.
In step 602, at least part of second information is sent to the TEE, the second information being used to establish the first secure channel between the TEE and the SE.
In the embodiment of the disclosure, after receiving the CSR request message sent by the TEE, the device server may send an OCE public key certificate including information for key negotiation to the terminal device, so that the terminal device writes the OCE public key certificate into the TEE.
In one possible implementation, the second information includes, but is not limited to, at least one of: CA-KLCC public key; an OCE key pair; containing the OCE public key certificate for key agreement.
Wherein the CA-KLCC public key is used to verify that the SD public key certificate for key agreement is included.
Wherein the OCE key pair comprises: an OCE private key for key agreement and an OCE public key for key agreement.
In the embodiment of the disclosure, the CA-KLCC public key may be written in the TEE in advance, for example, when the terminal equipment leaves the factory.
In the disclosed embodiments, the OCE key pair may be generated by the TEE itself.
In the embodiment of the disclosure, after receiving the CSR message sent by the TEE, the device server sends the OCE public key certificate to the TEE, so that the terminal device writes the OCE public key certificate into the TEE. Wherein, the CSR message may carry the OCE public key for key agreement.
In the above steps, the device server may serve as a CA-KLOC and a CA-KLCC to provide corresponding information for the SE and the TEE.
In the above embodiment, the device server may provide at least part of the first information and the second information for the SE and the TEE of the terminal device, so that the SE and the TEE establish the first secure channel, which is simple to implement and has high availability.
In some alternative embodiments, referring to fig. 7, fig. 7 is a flow chart of a digital key synchronization method according to an embodiment, comprising the steps of:
in step 701, the device server establishes a second secure channel with the SE of the terminal device, and writes the first information into the SE.
The implementation of step 701 is similar to that of step 601 described above, and will not be described again here.
In step 702, the TEE pre-writes the CA-KLCC public key in the TEE, which generates an OCE key pair.
In step 703, the TEE sends a CSR message to the device server.
The CSR message may carry the OCE public key for key agreement.
In step 704, the device server returns an OCE public key certificate to the TEE.
The implementation of step 704 is similar to step 602 described above, and will not be described again.
The above steps 701 to 704 correspond to a key and certificate preparation phase for the TEE and SE to prepare keys and certificates for establishing the first secure channel, and the above steps 701 to 704 need not be performed again after the first secure channel is established between the TEE and SE.
In step 705, the TEE sends a get data message to the SE.
In step 706, the SE sends a get data response message to the TEE.
In step 707, the TEE sends a secure operation execution message to the SE.
In step 708, the SE sends a secure operation performed response message to the TEE.
In step 709, the TEE sends a mutual authentication message to the SE.
In step 710, the SE sends a mutual authentication response message to the TEE.
In step 711, APDUs are exchanged between TEE and SE.
Steps 705 to 711 correspond to the first secure channel stage.
In step 712, the TEE writes the digital key information to the SE.
Furthermore, after the digital key information is written into the SE, the TA of the TEE is responsible for synchronizing the digital key information of the TEE with the digital key information in the SE.
Specifically, when the user hangs up, resumes, deletes the digital key in the TEE, the TA of the TEE should ensure that the digital key in the SE applet is also correspondingly hung up, resumed, deleted.
Or when the user changes the information of the validity period, the authority configuration and the like of the digital key in the TEE, the TA of the TEE should ensure that the information of the validity period, the authority configuration and the like of the digital key in the SE applet is also correspondingly changed.
In the above embodiment, the synchronization process of the digital key information occurs between the security hardware and the security hardware, and the synchronization of the digital key information is performed through the first security channel between the security hardware, so that the security of the digital key copying process is ensured. In addition, the digital key information on the TEE and the SE points to the same digital key, so that the complexity and the space consumption of vehicle realization are reduced, the Bluetooth-supported digital key can be expanded to a scene of controlling the vehicle by using an NFC mode without improvement, the use scene of the digital key is expanded, and the availability of the digital key is improved.
Corresponding to the foregoing embodiment of the application function implementation method, the present disclosure further provides an embodiment of the application function implementation apparatus.
Referring to fig. 8, fig. 8 is a block diagram of a digital key synchronization apparatus according to an exemplary embodiment, the apparatus being applied to a terminal device, including:
a channel establishing module 801, configured to establish a first secure channel between the trusted execution environment TEE and the secure element SE;
an execution module 802 is configured to write digital key information in the TEE to the SE through the first secure channel.
The specific implementation is similar to the implementation of the embodiment shown in fig. 1 and will not be described here again.
Optionally, the apparatus further comprises (not shown in fig. 8):
an acquisition module for acquiring, by the SE, first information for establishing the first secure channel, an
And acquiring second information for establishing the first secure channel by the TEE.
Optionally, the acquiring module includes:
a second establishing sub-module, configured to establish a second secure channel between the SE and a device server of the terminal device;
and the first acquisition submodule is used for acquiring the first information provided by the equipment server through the second secure channel by the SE.
Optionally, the acquisition module includes at least one of:
the second acquisition sub-module is used for acquiring a control mechanism CA-KLCC public key of an OCE certificate of an entity outside the secret key loading card of the TEE;
a generation sub-module for generating an OCE key pair by the TEE;
and the third acquisition sub-module is used for acquiring the OCE public key certificate which is provided by the equipment server of the terminal equipment and contains the OCE public key certificate used for key negotiation.
Optionally, the apparatus further comprises (not shown in fig. 8):
and the second sending module is used for sending a Certificate Signing Request (CSR) message to the equipment server by the TEE so that the equipment server provides the OCE public key certificate to the terminal based on the CSR request message.
The specific implementation is similar to the implementation of the embodiment shown in fig. 2 and will not be described here again.
Optionally, the channel establishment module includes:
a first establishing sub-module, configured to establish the first secure channel between the TEE and the SE based on a secure channel protocol SCP.
Optionally, the apparatus further comprises (not shown in fig. 8):
and the synchronization module is used for responding to the determination that the digital key information in the TEE is updated, and synchronizing the updated digital key information to the applet of the SE through the first secure channel by the trusted application program TA of the TEE.
The specific implementation is similar to the implementation of the embodiment shown in fig. 3 and will not be described here again.
Optionally, the apparatus further comprises (not shown in fig. 8):
the interaction module is used for interacting a first Application Protocol Data Unit (APDU) with the vehicle in a Bluetooth mode, and the first APDU is at least used for authenticating the digital key information in the TEE; and/or
Interacting a second APDU with the vehicle in a Near Field Communication (NFC) mode, wherein the second APDU is at least used for authenticating the digital key information in the SE;
wherein the second APDU has the same format as the first APDU, and the data content included in the second APDU is the same as the data content included in the first APDU.
The specific implementation is similar to the implementation of the embodiments shown in fig. 4, 5A and 5B, and will not be described herein.
Referring to fig. 9, fig. 9 is a block diagram of a digital key synchronization apparatus according to an exemplary embodiment, the apparatus being applied to a device server, comprising:
a first sending module 901, configured to send first information to an SE of a terminal device, where the first information is used to establish a first secure channel between the SE and a trusted execution environment TEE of the terminal device; and
And sending at least part of second information to the TEE, wherein the second information is used for establishing the first secure channel between the TEE and the SE.
Optionally, the first sending module includes:
a third establishing sub-module, configured to establish a second secure channel with the SE;
and the first sending submodule is used for sending the first information to the SE through the second secure channel.
Optionally, the first sending module includes:
and the second sending submodule is used for responding to the received certificate signature CSR request message sent by the TEE and sending an OCE public key certificate containing an off-card entity for key negotiation to the TEE based on the CSR request message.
The specific implementation is similar to the implementation of the embodiment shown in fig. 6 and will not be described here again.
For the device embodiments, reference is made to the description of the method embodiments for the relevant points, since they essentially correspond to the method embodiments. The apparatus embodiments described above are merely illustrative, wherein the elements described above as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the objectives of the disclosed solution. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
Accordingly, the present disclosure also provides a computer readable storage medium storing a computer program for executing the digital key synchronization method described in any one of the above terminal device sides.
Accordingly, the present disclosure also provides a computer-readable storage medium storing a computer program for executing the digital key synchronization method described in any one of the above device server sides.
Correspondingly, the disclosure also provides a digital key synchronization device, which comprises:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to perform the digital key synchronization method described in any one of the above terminal device sides.
Fig. 10 is a block diagram illustrating a digital key synchronization device 1000 according to an exemplary embodiment. For example, the apparatus 1000 may be a mobile phone, a tablet computer, an electronic book reader, a multimedia playing device, a wearable device, an in-vehicle user device, ipad, a smart television, or the like. The terminal can be used as the terminal equipment to be shared and/or the main terminal equipment.
Referring to fig. 10, the apparatus 1000 may include one or more of the following components: a processing component 1002, a memory 1004, a power component 1006, a multimedia component 1008, an audio component 1010, an input/output (I/O) interface 1012, a sensor component 1016, and a communication component 1018.
The processing component 1002 generally controls overall operation of the apparatus 1000, such as operations associated with display, telephone call, data digital key synchronization, camera operations, and recording operations. The processing component 1002 can include one or more processors 1020 to execute instructions to perform all or part of the steps of the digital key synchronization method described above. Further, the processing component 1002 can include one or more modules that facilitate interaction between the processing component 1002 and other components. For example, the processing component 1002 can include a multimedia module to facilitate interaction between the multimedia component 1008 and the processing component 1002. As another example, the processing component 1002 can read executable instructions from a memory to implement the steps of a digital key synchronization method provided by the above embodiments.
The memory 1004 is configured to store various types of data to support operations at the apparatus 1000. Examples of such data include instructions for any application or method operating on the device 1000, contact data, phonebook data, messages, pictures, videos, and the like. The memory 1004 may be implemented by any type or combination of volatile or nonvolatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk.
The power supply component 1006 provides power to the various components of the device 1000. The power components 1006 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the device 1000.
The multimedia component 1008 includes a display screen between the device 1000 and the user that provides an output interface. In some embodiments, the multimedia assembly 1008 includes a front-facing camera and/or a rear-facing camera. The front camera and/or the rear camera may receive external multimedia data when the apparatus 1000 is in an operation mode, such as a photographing mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have focal length and optical zoom capabilities.
The audio component 1010 is configured to output and/or input audio signals. For example, the audio component 1010 includes a Microphone (MIC) configured to receive external audio signals when the device 1000 is in an operational mode, such as a call mode, a recording mode, and a speech recognition mode. The received audio signals may be further stored in the memory 1004 or transmitted via the communication component 1018. In some embodiments, the audio component 1010 further comprises a speaker for outputting audio signals.
The I/O interface 1012 provides an interface between the processing assembly 1002 and peripheral interface modules, which may be a keyboard, click wheel, buttons, and the like. These buttons may include, but are not limited to: homepage button, volume button, start button, and lock button.
The sensor assembly 1016 includes one or more sensors for providing status assessment of various aspects of the device 1000. For example, the sensor assembly 1016 may detect an on/off state of the device 1000, a relative positioning of the components, such as a display and keypad of the device 1000, a change in position of the device 1000 or a component of the device 1000, the presence or absence of user contact with the device 1000, an orientation or acceleration/deceleration of the device 1000, and a change in temperature of the device 1000. The sensor assembly 1016 may include a proximity sensor configured to detect the presence of nearby objects without any physical contact. The sensor assembly 1016 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 1016 may also include an acceleration sensor, a gyroscopic sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
The communication component 1018 is configured to facilitate communication between the apparatus 1000 and other devices in a wired or wireless manner. The apparatus 1000 may access a wireless network based on a communication standard, such as Wi-Fi,2G,3G,4G,5G, or 6G, or a combination thereof. In one exemplary embodiment, the communication component 1018 receives broadcast signals or broadcast-related information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, the communication component 1018 further comprises a Near Field Communication (NFC) module to facilitate short range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, ultra Wideband (UWB) technology, bluetooth (BT) technology, and other technologies.
In an exemplary embodiment, the apparatus 1000 may be implemented by one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors or other electronic elements for performing the digital key synchronization method described in any one of the above-mentioned devices to be shared or the master device side.
Correspondingly, the disclosure also provides a digital key synchronization device, which comprises:
A processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to perform the digital key synchronization method of any of the above-described device server sides.
As shown in fig. 11, fig. 11 is a schematic diagram illustrating a digital key synchronization device 1100 according to an exemplary embodiment. The apparatus 1100 may be provided as a device server. Referring to fig. 11, the apparatus 1100 includes a processing component 1122, a wireless transmit/receive component 1124, an antenna component 1126, and a signal processing portion specific to a wireless interface, which processing component 1122 may further include at least one processor.
One of the processors in processing component 1122 may be configured to perform the digital key synchronization method described in any of the device server side.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any adaptations, uses, or adaptations of the disclosure following the general principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (15)
1. A digital key synchronization method, the method being performed by a terminal device and comprising:
establishing a first secure channel between the trusted execution environment TEE and the secure element SE;
and writing the digital key information in the TEE into the SE through the first secure channel.
2. The method according to claim 1, characterized in that before establishing the first secure channel between the trusted execution environment TEE and the secure element SE, the method further comprises:
acquiring, by the SE, first information for establishing the first secure channel, an
And acquiring second information for establishing the first secure channel by the TEE.
3. The method of claim 2, wherein the obtaining, by the SE, first information for establishing the first secure channel comprises:
establishing a second secure channel with a device server of the terminal device by the SE;
the first information provided by the device server is obtained by the SE through the second secure channel.
4. The method of claim 2, wherein the obtaining, by the TEE, second information for establishing the first secure channel comprises at least one of:
acquiring a control mechanism CA-KLCC public key of an OCE certificate of an entity outside a secret key loading card of the TEE;
generating an OCE key pair by the TEE;
and acquiring an OCE public key certificate provided by a device server of the terminal device and containing the OCE public key certificate used for key negotiation.
5. The method according to claim 4, wherein the method further comprises:
sending, by the TEE, a certificate signing request, CSR, message to the appliance server to cause the appliance server to provide the OCE public key certificate to the terminal based on the CSR request message.
6. The method according to claim 1, wherein said establishing a first secure channel between the trusted execution environment TEE and the secure element SE comprises:
the first secure channel is established between the TEE and the SE based on a secure channel protocol SCP.
7. The method of claim 1, wherein after writing digital key information in the TEE to the SE through the first secure channel, the method further comprises:
In response to determining that the digital key information in the TEE is updated, synchronizing, by a trusted application TA of the TEE, the updated digital key information to an applet of the SE through the first secure channel.
8. The method according to claim 1, wherein the method further comprises:
a first Application Protocol Data Unit (APDU) is interacted with a vehicle in a Bluetooth mode, wherein the first APDU is at least used for authenticating the digital key information in the TEE; and/or
Interacting a second APDU with the vehicle in a Near Field Communication (NFC) mode, wherein the second APDU is at least used for authenticating the digital key information in the SE;
wherein the second APDU has the same format as the first APDU, and the data content included in the second APDU is the same as the data content included in the first APDU.
9. A digital key synchronization method, the method performed by a device server, comprising:
sending first information to SE of terminal equipment, wherein the first information is used for establishing a first secure channel between the SE and a Trusted Execution Environment (TEE) of the terminal equipment; and
and sending at least part of second information to the TEE, wherein the second information is used for establishing the first secure channel between the TEE and the SE.
10. The method of claim 9, wherein the sending the first information to the SE of the terminal device comprises:
establishing a second secure channel with the SE;
and sending the first information to the SE through the second secure channel.
11. The method of claim 9, wherein the sending at least a portion of the second information to the TEE comprises:
and in response to receiving a Certificate Signing (CSR) request message sent by the TEE, sending an OCE public key certificate containing an off-card entity for key agreement to the TEE based on the CSR request message.
12. A digital key synchronization device, characterized in that the device is applied to a terminal device, comprising:
the channel establishing module is used for establishing a first secure channel between the trusted execution environment TEE and the secure element SE;
an execution module configured to write digital key information in the TEE to the SE through the first secure channel.
13. A digital key synchronization device, the device being applied to a device server, comprising:
the device comprises a first sending module, a second sending module and a third sending module, wherein the first sending module is used for sending first information to SE of terminal equipment, and the first information is used for establishing a first secure channel between the SE and a trusted execution environment TEE of the terminal equipment; and
And sending at least part of second information to the TEE, wherein the second information is used for establishing the first secure channel between the TEE and the SE.
14. A computer readable storage medium, characterized in that the storage medium stores a computer program for executing the digital key synchronization method according to any one of the preceding claims 1-8 or 9-11.
15. A digital key synchronization device, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to perform the digital key synchronization method of any of the preceding claims 1-8 or 9-11.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2023088526 | 2023-04-14 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116830625A true CN116830625A (en) | 2023-09-29 |
Family
ID=88143323
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202380009094.6A Pending CN116830625A (en) | 2023-04-14 | 2023-04-14 | Digital key synchronization method and device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116830625A (en) |
-
2023
- 2023-04-14 CN CN202380009094.6A patent/CN116830625A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109548018B (en) | Wireless network access method, device, equipment and system | |
| CN110912880B (en) | Network distribution method and device, electronic equipment and storage medium | |
| EP3151507B1 (en) | Methods and apparatuses for controlling device | |
| EP3276910B1 (en) | Bluetooth-based identity recognition method and device | |
| KR20210049913A (en) | Login method, token sending method and device | |
| US20110029671A1 (en) | Terminal and method for managing secure devices | |
| KR20160003992A (en) | METHOD AND APPARATUS FOR PROFILE DOWNLOAD FOR eUICC | |
| US9860738B2 (en) | Method for processing multiple pieces of SIM information and electronic device thereof | |
| CN113343212B (en) | Device registration method and apparatus, electronic device, and storage medium | |
| US20150026772A1 (en) | Media based authentication and authorization for secure services | |
| US10891599B2 (en) | Use of state objects in near field communication (NFC) transactions | |
| US11395132B2 (en) | Method for transferring subscription and electronic device for supporting the same | |
| JP6101863B2 (en) | Information transmission method, apparatus, program, and recording medium for voice service | |
| CN111512618B (en) | Electronic device for transmitting and receiving message including emoticon and control method thereof | |
| CN106886416B (en) | Multi-user spatial processing method and device | |
| CN108696361B (en) | Configuration method, generation method and device of smart card | |
| CN110826103A (en) | Block chain-based document authority processing method, device, equipment and storage medium | |
| CN103548373A (en) | Methods and apparatuses for lawful interception through a subscription manager | |
| KR20190099820A (en) | Electronic apparatus and operating method thereof | |
| US20220408238A1 (en) | Verification information processing method and apparatus, terminal device and storage medium | |
| CN111030897A (en) | Wired network distribution method and device, electronic equipment and storage medium | |
| CN112383532B (en) | Device networking method and device, electronic device and storage medium | |
| CN116830625A (en) | Digital key synchronization method and device and storage medium | |
| CN105376399A (en) | A method and a device for controlling a smart device | |
| CN108668267B (en) | Smart card generation method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |