CN117578655A

CN117578655A - Charging authentication method, device, electronic equipment and storage medium

Info

Publication number: CN117578655A
Application number: CN202311523521.0A
Authority: CN
Inventors: 李志杰
Original assignee: Guangdong Oppo Mobile Telecommunications Corp Ltd
Current assignee: Guangdong Oppo Mobile Telecommunications Corp Ltd
Priority date: 2023-11-15
Filing date: 2023-11-15
Publication date: 2024-02-20

Abstract

The application relates to a charging authentication method, a charging authentication device, electronic equipment and a storage medium. The method comprises the following steps: transmitting a first ciphertext to the connected power supply device; the first ciphertext is part of an authentication key ciphertext; the first ciphertext is used for indicating the power supply equipment to trigger the execution of the authentication process; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the second ciphertext is the rest of the authentication key ciphertext from which the first ciphertext is removed; and responding to the received first authentication encryption value returned by the power supply equipment, authenticating the first authentication encryption value to obtain an authentication result. The method and the device can optimize the storage of the authentication key at the power supply equipment side, prevent the authentication key of the encryption authentication from being revealed, and improve the security of the encryption authentication.

Description

Charging authentication method, device, electronic equipment and storage medium

Technical Field

The present disclosure relates to the field of charging technologies, and in particular, to a charging authentication method, a device, an electronic device, and a storage medium.

Background

With the development of the fast charging technology, more and more electronic devices are charged by adopting the fast charging technology. The charging medium can be divided into wireless charging and wired charging, whether the wireless charging or the wired charging is realized, the electronic equipment and the adapter are required to carry out encryption authentication action for realizing high-power charging, and the action is to enable the electronic equipment and the adapter to carry out identity mutual identification, so that the high-power charging can be carried out under the condition of successful identification. However, the current encryption authentication method has the risk of disclosure.

Disclosure of Invention

Based on the foregoing, it is necessary to provide a charging authentication method, apparatus, electronic device and storage medium capable of ensuring encryption authentication security.

In a first aspect, the present application provides a charging authentication method, applied to a charging device, where the method includes:

transmitting a first ciphertext to the connected power supply device; the first ciphertext is part of an authentication key ciphertext; the first ciphertext is used for indicating the power supply equipment to trigger the execution of the authentication process; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the second ciphertext is the rest of the authentication key ciphertext from which the first ciphertext is removed;

and responding to the received first authentication encryption value returned by the power supply equipment, authenticating the first authentication encryption value to obtain an authentication result.

In one embodiment, the second ciphertext includes a first sub-ciphertext and a second sub-ciphertext;

the first ciphertext is used for indicating the power supply equipment to call a function prototype of the corresponding library file, and the first ciphertext and the first sub-ciphertext are sent to the function prototype; the authentication process comprises the steps of decrypting the first ciphertext, the first sub-ciphertext and the second sub-ciphertext in the library file by utilizing the function prototype to obtain a first authentication key.

In one embodiment, the first ciphertext is one third of the ciphertext length of the authentication key; the ciphertext length of the first sub-ciphertext is the same as that of the second sub-ciphertext.

In one embodiment, transmitting a first ciphertext to a connected power supply apparatus comprises:

in response to receiving identity information sent by the power supply device, determining a first ciphertext based on the identity information and a decryption key for the authentication key ciphertext;

transmitting a communication packet indicating authentication data to the power supply device; the authentication data includes a random number, a first ciphertext, and a decryption key; the authentication process comprises the steps of decrypting the first ciphertext and the second ciphertext by adopting a decryption key to obtain an authentication key, and encrypting the random number and the first authentication key according to a corresponding encryption algorithm to obtain a first authentication encryption value.

In one embodiment, the method further comprises:

when the power supply device is electrically connected with the power supply device, a first request message is sent to the power supply device; the first request message is used for indicating the power supply equipment to return authorization information;

responding to the received authorization information, and if the power supply equipment is confirmed to belong to the authorization equipment according to the authorization information, sending a second request message to the power supply equipment; the second request message is used for indicating the power supply equipment to return the identity information.

In one embodiment, authenticating the first authentication encryption value to obtain an authentication result includes:

determining a second authentication key through the identity information, and encrypting the random number and the second authentication key according to a corresponding encryption algorithm to obtain a second authentication encryption value;

when the first authentication encryption value is the same as the second authentication encryption value, determining an authentication result as authentication encryption success;

and when the first authentication encryption value is different from the second authentication encryption value, determining the authentication result as authentication encryption failure.

In one embodiment, the second authentication key is determined through the identity information, and the random number and the second authentication key are encrypted according to an encryption algorithm of the corresponding power supply device to obtain a second authentication encryption value, including:

and calling a preset program library, selecting a second authentication key according to the identity information by using the program library, and generating a second authentication encryption value.

In a second aspect, the present application further provides a charging authentication method, applied to a power supply device, where the method includes:

triggering and executing an authentication process in response to receiving a first ciphertext sent by the connected charging equipment; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the first ciphertext is part of an authentication key ciphertext; the second ciphertext is the rest of the authentication key ciphertext from which the first ciphertext is removed;

Transmitting the first authentication encryption value to the charging equipment; the first authentication encryption value is used for indicating the charging equipment to carry out authentication to obtain an authentication result.

triggering and executing an authentication process, comprising:

calling a function prototype of the corresponding library file, and transmitting the first ciphertext and the first sub-ciphertext to the function prototype; the authentication flow comprises the step of decrypting the first ciphertext, the first sub-ciphertext and the second sub-ciphertext in the library file by using the function prototype to obtain a first authentication key.

In one embodiment, the method further comprises:

transmitting identity information to a charging device; the identity information is used for indicating the charging equipment to determine a first ciphertext and a decryption key aiming at the authentication key ciphertext;

receiving a communication packet which is returned by the charging equipment and indicates authentication data; the authentication data includes a random number, a first ciphertext, and a decryption key; the authentication process comprises the steps of decrypting the first ciphertext and the second ciphertext by adopting a decryption key to obtain an authentication key, and encrypting the random number and the first authentication key according to a corresponding encryption algorithm to obtain a first authentication encryption value.

In one embodiment, sending identity information to a charging device includes:

when the charging device is electrically connected with the charging device, transmitting authorization information to the charging device in response to receiving a first request message transmitted by the charging device; the authorization information is used for indicating the charging equipment to return a second request message under the condition that the power supply equipment is confirmed to belong to the authorization equipment;

and transmitting identity information to the charging device in response to receiving the second request message.

In a third aspect, the present application provides a charging authentication device, applied to a charging apparatus, where the device includes:

the ciphertext sending module is used for sending a first ciphertext to the connected power supply equipment; the first ciphertext is part of an authentication key ciphertext; the first ciphertext is used for indicating the power supply equipment to trigger the execution of the authentication process; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the second ciphertext is the rest of the authentication key ciphertext from which the first ciphertext is removed;

and the authentication module is used for responding to the received first authentication encryption value returned by the power supply equipment, and authenticating the first authentication encryption value to obtain an authentication result.

In a fourth aspect, the present application further provides a charging authentication device, applied to a power supply device, where the device includes:

the triggering authentication module is used for responding to the first ciphertext sent by the connected charging equipment and triggering and executing an authentication flow; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the first ciphertext is part of an authentication key ciphertext; the second ciphertext is the rest of the authentication key ciphertext from which the first ciphertext is removed;

the encryption value sending module is used for sending the first authentication encryption value to the charging equipment; the first authentication encryption value is used for indicating the charging equipment to carry out authentication to obtain an authentication result.

In a fifth aspect, the present application provides an electronic device, including a memory and a processor, where the memory stores a computer program, and the processor implements the steps of the charging authentication method implemented from the charging device perspective or the steps of the charging authentication method implemented from the power supply device perspective when executing the computer program.

In a sixth aspect, the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the charging authentication method implemented from the charging device perspective or the steps of the charging authentication method implemented from the power supply device perspective.

In a seventh aspect, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the steps of the charging authentication method described above as implemented from the charging device perspective, or the steps of the charging authentication method described above as implemented from the power supply device perspective.

The charging authentication method, the charging authentication device, the electronic equipment and the storage medium are characterized in that the charging equipment sends a first ciphertext to the connected power supply equipment, the first ciphertext is a part of an authentication key ciphertext, the power supply equipment further triggers an authentication process based on the first ciphertext, the authentication process comprises the steps of decrypting the first ciphertext and a second ciphertext local to the power supply equipment to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the second ciphertext is the rest part of the authentication key ciphertext except the first ciphertext; after receiving the first authentication encryption value returned by the power supply equipment, the charging equipment can authenticate the first authentication encryption value to obtain an authentication result. In the encryption authentication process, the charging equipment sends the authentication key ciphertext of the rest part to the power supply equipment for encryption authentication, so that the storage of the authentication key at the power supply equipment side can be optimized, the authentication key of encryption authentication is prevented from being revealed, and the security of encryption authentication is improved.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the related art, the drawings that are required to be used in the embodiments or the related technical descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to the drawings without inventive effort for a person having ordinary skill in the art.

FIG. 1 is a diagram of an application environment for a charge authentication method in one embodiment;

FIG. 2 is a flow chart of a charging authentication method according to an embodiment;

FIG. 3 is a flow chart illustrating steps for sending authentication data in one embodiment;

FIG. 4 is a flow diagram of obtaining identity information in one embodiment;

FIG. 5 is a flow chart of a charging authentication method according to another embodiment;

fig. 6 is a block diagram of a charging authentication device in one embodiment;

fig. 7 is a block diagram of a charging authentication device according to another embodiment;

fig. 8 is an internal structural diagram of an electronic device in one embodiment.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.

Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs. The terminology used herein is for the purpose of describing embodiments of the present application only and is not intended to be limiting of the present application.

It should be appreciated that terms such as "first," "second," and the like in this application are used merely to distinguish similar objects and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. The "connection" in the embodiments of the present application refers to various connection manners such as direct connection or indirect connection, so as to implement communication between devices, which is not limited in any way in the embodiments of the present application.

It is understood that "at least one" means one or more and "a plurality" means two or more.

As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," and/or the like, specify the presence of stated features, integers, steps, operations, elements, components, or groups thereof, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, or groups thereof. Also, the term "and/or" as used in this specification includes any and all combinations of the associated listed items.

Currently, qi wireless quick charging protocol is used for quick charging, and the quick charging protocol of wired charging is SVOOC (SuperVOOC, super flash charging) \pps (Programmable Power Supply, programmable power source)_fcs (Universal Fast Charging Specification, universal quick charging protocol) and the like, so that the electronic equipment and the adapter are required to perform encryption authentication actions for realizing high-power private quick charging, no matter wireless quick charging or wired quick charging, the actions are that the electronic equipment and the adapter are mutually identified, and the high-power quick charging can be performed under the condition of successful identification.

Taking electronic equipment as a mobile phone as an example, the algorithms used by the adapter and the mobile phone end for encryption and authentication are numerous, but no matter what encryption is, three elements are basically separated: the key + random + algorithm, the adapter and the mobile phone end use the same three elements to calculate, obtain the ciphertexts of the respective authentication, then compare whether the ciphertexts of the two authentication are equal, if equal, the encryption authentication is successful, if unequal, the encryption authentication is failed. In the process, the storage of the secret key (authentication secret key) is crucial (because the algorithm is open source, the random number is dynamically random and variable), in order to avoid the leakage of the secret key, the secret key plaintext is not directly transmitted between the mobile phone and the adapter, the secret key storage at the mobile phone end is safer (the secret key is not stored in a plaintext form, but the secret key is encrypted into a ciphertext, the key required for decrypting the ciphertext needs to be called and acquired by using the TA (Trusted Application) side of the biological security module, the ciphertext is restored into the secret key after the acquisition, then the secret key+the random number+the algorithm is calculated into the authenticated ciphertext, and the series of operations are all made into an SO (Shared Object) library file, SO that specific code processing logic details cannot be acquired by others.

However, in the conventional scheme, the storage key at the adapter end is all in plain text, and the adapter is directly delegated and authorized to the provider, that is, the provider can directly see the specific key number, because the key is provided to the provider of the adapter in plain text, there is a risk of being compromised technically, and once the key provided to the provider in plain text is compromised, the like products of the provider have a risk of being plausible, such as UFCS adapter\pps adapter.

The embodiment of the application provides a charging authentication method, and an execution subject of the charging authentication method may be a charging device provided by the embodiment of the application, or a power supply device integrated with a chip, for example, an electronic device integrated with a chip. It should be noted that, the chip in the embodiment of the present application may include a single chip microcomputer control chip, that is, a chip running a simple code program of a non-operating system, and is suitable for a power supply device, for example, an adapter.

The charging authentication method provided by the embodiment of the application can be applied to an application environment shown in fig. 1. Taking the terminal device 102 as a charging device and the adapter 104 as a power supply device as an example, the terminal device 102 and the adapter 104 may be connected through a charging interface in the terminal device 102, and the adapter 104 may be connected to an external power source. Further, when the terminal device 102 needs to be charged, the user may connect the terminal device 102, the adapter 104 and the charging cord in the manner shown in fig. 1, and plug the adapter 104 into the socket to charge the terminal device.

Optionally, the power supply device may be a charger, a charging head, a charging device, an adapter, and the charging device may be a mobile phone, a tablet computer, a watch, and other various terminal devices. Illustratively, the terminal device 102 includes a battery, and the terminal device 102 is any device that needs to charge the battery; illustratively, the terminal device 102 may be an electronic device, which may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices, and portable wearable devices, and the internet of things devices may be smart speakers, smart televisions, smart air conditioners, smart vehicle devices, and the like. The portable wearable device may be a smart watch, smart bracelet, headset, or the like.

Optionally, the adapter 104 may support a charging protocol of VOOC2.0, VOOC3.0, SUPERVOOC, UFCS, or other fast charging technologies, and the embodiments of the present application do not limit the charging protocols supported by the adapter 104.

Further, the power supply device and the charging device each support a plurality of charging protocols, and the power supply device and the charging device can select a charging protocol supported by both the power supply device and the charging device from the plurality of charging protocols supported by both the power supply device and the charging device to charge. Taking a terminal device as a mobile phone and a power supply device as an adapter as examples, the encryption algorithms used by the adapter and the mobile phone end for encryption authentication can be a lot, such as wireless private quick charging, the adapter and the mobile phone are used for DES (Data Encryption Standard ) \AES (Advanced Encryption Standard, advanced encryption standard) algorithm encryption, SVOOC is used for encryption by using a corresponding function, PPS and UFCS are used for encryption by using SHA256 (Secure Hash Algorithm ), and the embodiment of the application is not limited to this.

In an exemplary embodiment, as shown in fig. 2, a charging authentication method is provided, and an example of application of the method to the charging device in fig. 1 is described, including the following steps 202 to 204. Wherein:

step 202, sending a first ciphertext to a connected power supply device; the first ciphertext is part of an authentication key ciphertext; the first ciphertext is used for indicating the power supply equipment to trigger the execution of the authentication process; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the second ciphertext is the remainder of the authentication key ciphertext that has removed the first ciphertext.

The authentication key ciphertext refers to an authentication key in a ciphertext form, namely, a ciphertext of the authentication key; and the authentication key is a key for the charging device and the power supply device to perform encryption authentication. The first authentication key refers to an authentication key at the power supply device side, and may be an authentication key obtained by the power supply device through an authentication procedure, that is, an authentication key obtained by decrypting a first ciphertext and a second ciphertext local to the power supply device. Optionally, the first authentication encryption value refers to an authentication encryption ciphertext of the power supply device side, which can be understood as a power supply device side encryption value returned to the charging device by the power supply device for encryption authentication, and the subsequent charging device can obtain an authentication result by comparing the power supply device side encryption value with the charging device side encryption value.

Specifically, after the charging device is connected with the power supply device, the charging device may send a first ciphertext to the power supply device, where the first ciphertext is a part of the ciphertext of the authentication key, that is, a part of the ciphertext of the authentication key, and for example, the first ciphertext may be a ciphertext of a last 1/3 length of the authentication key; illustratively, the ciphertext length of the first ciphertext may be determined according to a length ratio, which may be custom.

In the embodiment of the application, the power supply equipment only holds part of the authentication key ciphertext (second ciphertext), so that the leakage of the authentication key can be prevented, and the risk of being divulged is reduced. The second ciphertext is a ciphertext released to the power supply device and belonging to the power supply device locally, namely the second ciphertext is a part of authentication key ciphertext released to the manufacturer. The first ciphertext is a part of the authentication key ciphertext, the second ciphertext is the rest part of the authentication key ciphertext except the first ciphertext, and the charging equipment sends the rest part of the authentication key ciphertext (the first ciphertext) to the power supply equipment when performing authentication encryption each time, so that the safe execution of encryption authentication is ensured under the condition of optimizing the storage of the authentication key at the power supply equipment side.

Optionally, under the condition that the first ciphertext sent by the charging device is received, the power supply device can trigger to execute an authentication process, the authentication process can refer to a series of action combinations executed by related functions called by the power supply device, and then the specific actions in the authentication process are realized by the related functions, so that the power supply device cannot know the specific realization process of the actions, and further the storage of the authentication key at the power supply device side can be optimized, the authentication key is prevented from being leaked, and the security of encryption authentication is improved.

It should be noted that, for simplicity, the implementation of the authentication procedure described above is described as a series of action combinations. However, those skilled in the art will appreciate that the embodiments of the application are not limited by the order of acts described. Certain steps or operations may be performed in other orders or concurrently, according to embodiments of the present application. Moreover, those skilled in the art will appreciate that the embodiments described in the specification are exemplary embodiments and that the acts and functions referred to are not necessarily required in the present application.

In one exemplary embodiment, the second ciphertext may include a first sub-ciphertext and a second sub-ciphertext;

Specifically, the ciphertext length of the first ciphertext may be determined according to a length ratio, which is custom. Further, the second ciphertext may include two parts, namely a first sub-ciphertext and a second sub-ciphertext, and ciphertext lengths of the first sub-ciphertext and the second sub-ciphertext may also be determined according to a length ratio, where the length ratio is customized.

The first sub ciphertext can be a partial authentication key ciphertext directly released to the power supply equipment, the second sub ciphertext can be a partial authentication key ciphertext integrated into the library file, and the power supply equipment uses the library file through the function prototype, so that the storage of the authentication key at the power supply equipment side can be further optimized, and the authentication key is prevented from being leaked.

For example, related functions such as encryption and decryption may be compiled into a library file, the library file and a function prototype in the library file may be sent to a provider (e.g., a vendor) of the power supply device, and then the power supply device may use the functions in the library file according to the function prototype, but a specific implementation procedure of the functions in the library file is not known. Alternatively, the library file may refer to an SO library file, and the function prototype may refer to an encod function.

Taking the example that the power supply equipment is provided with a singlechip control chip, the computer equipment (such as a PC, personal Computer and a personal computer) compiles related functions such as encryption and decryption into an SO library file by using software, and sends the SO library file and a function prototype corresponding to the SO library file to a provider of the power supply equipment in a mail mode, the power supply equipment can use the functions in the SO library file according to the function prototype, but does not know the specific implementation of the functions (in short, the power supply equipment knows what actions are in the SO library file, namely the names of the actions, and the power supply equipment can directly call the actions in the SO library file according to the names, but does not know the specific implementation of the actions). The compiling software may be keil singlechip software, which is not limited in this embodiment of the present application.

Under the condition that the power supply equipment receives the first ciphertext, the power supply equipment can call a function prototype corresponding to the library file, and send the first ciphertext and the first sub-ciphertext to the function prototype, and further the library file can comprise the following actions: and decrypting the first ciphertext, the first sub-ciphertext and the second sub-ciphertext in the library file through the function prototype to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key. The charging device may also send data such as a decryption key and a random number of the authentication key ciphertext to the power supply device, so as to trigger the power supply device to send the decryption key, the first ciphertext and the first sub-ciphertext to the function prototype, thereby obtaining the first authentication key and the first authentication encryption value.

Specifically, taking the authentication key as a key d as an example, the first sub-ciphertext d1 is 1/3 of the length of the ciphertext of the key d, where the first sub-ciphertext d1 may be released to the vendor of the power supply device in a plaintext form. The 1/3 length of the middle of the secret key d can refer to a second sub-ciphertext d2, and the second sub-ciphertext d2 can be integrated into an SO library file, namely the authentication secret key ciphertext released to a manufacturer is a d1+SO library file; the last 1/3 of the length d3 of the key d may refer to the first ciphertext that is to be sent by the charging device to the power supply device each time it is encrypted.

It should be noted that in the embodiment of the present application, the lengths of d1, d2, and d3 may not be fixed, and the length ratio may be defined.

And step 204, in response to receiving the first authentication encryption value returned by the power supply equipment, authenticating the first authentication encryption value to obtain an authentication result.

Specifically, the charging device may authenticate the first authentication encryption value under the condition that the charging device receives the first authentication encryption value sent by the power supply device, so as to obtain an authentication result.

For example, taking the authentication encryption value of the charging equipment side as the second authentication encryption value as an example, the charging equipment can acquire a comparison result of the first authentication encryption value and the second authentication encryption value, the comparison result is used for representing whether the authentication encryption ciphertext of the power supply equipment side is identical to the authentication encryption ciphertext of the charging equipment side, and the authentication result is determined to be successful authentication encryption under the condition that the comparison result represents that the authentication encryption ciphertext of the power supply equipment side is identical to the authentication encryption ciphertext of the charging equipment side; and under the condition that the comparison result represents that the authentication encryption ciphertext of the power supply equipment side is different from the authentication encryption ciphertext of the charging equipment side, determining that the authentication result is authentication encryption failure.

In an exemplary embodiment, authenticating the first authentication encryption value to obtain an authentication result includes:

Specifically, the charging device may acquire identity information of the power supply device, where the identity information represents information of a manufacturer of the power supply device, such as a product_id, and based on the identity information, the charging device may enable confirmation of related data for performing encryption authentication on the power supply device, such as an authentication key, a first ciphertext, a decryption key, and the like on the charging device side; the power supply device providing the identity information is an authorized device, that is, an authorized manufacturer of the power supply device belongs to a target manufacturer, and the charging device can confirm whether the power supply device belongs to the authorized device or not by acquiring the authorization information of the power supply device, so as to further ensure charging safety.

Under the condition that the charging equipment acquires the identity information of the power supply equipment, a corresponding authentication key (second authentication key) can be selected according to the identity information, the second authentication key can be understood as an authentication key of the charging equipment side, the charging equipment can encrypt the random number and the second authentication key according to a corresponding encryption algorithm to obtain a second authentication encryption value, and then the first authentication encryption value and the second authentication encryption value are compared. When the first authentication encryption value is the same as the second authentication encryption value, determining an authentication result as authentication encryption success; and when the first authentication encryption value is different from the second authentication encryption value, determining the authentication result as authentication encryption failure.

It should be noted that, the encryption algorithm in the embodiment of the present application may refer to a specific algorithm for calculating the authentication encryption ciphertext determined according to a protocol type between the power supply device and the charging device, taking the mobile phone and the adapter encrypt based on SVOOC using a corresponding function as an example, the encryption algorithm may refer to a shift operation, where the mobile phone end shifts bits or overturns bits of data, and sends the data to the adapter in disorder, the adapter restores the data to the mobile phone through the same shift or overturns corresponding reverse operation, and the mobile phone compares the data.

In an exemplary embodiment, determining the second authentication key through the identity information, encrypting the random number and the second authentication key according to an encryption algorithm of the corresponding power supply device, and obtaining the second authentication encryption value includes:

Specifically, when the charging device obtains the identity information of the power supply device, a preset program library, such as an SO library, may be called, the program library is used to select the second authentication key (i.e., the authentication key at the charging device side) according to the identity information, and the program library is used to encrypt the random number and the second authentication key according to the corresponding encryption algorithm, SO as to obtain the second authentication encryption value. The charging equipment generates an authentication encryption ciphertext at the charging equipment side by calling the program library, so that the safety of the secret key can be ensured, and the secret key is prevented from being revealed.

The program library is suitable for an operating system, such as an android operating system. Taking the charging equipment as a mobile phone and the power supply equipment as an adapter as an example, the SCM of the adapter controls a simple code program of a non-operating system running in a chip, and an SO library of the mobile phone is suitable for an android operating system but cannot run in the SCM of the adapter. According to the embodiment of the application, related functions such as encryption and decryption are compiled into the SO library file, SO that the power supply equipment can obtain the authentication encryption ciphertext of the power supply equipment side under the condition that an authentication key is not revealed by calling a function prototype corresponding to the SO library file and based on the partial authentication key ciphertext sent by the charging equipment, and the charging equipment can complete charging authentication.

The mobile phone receives an authentication encryption value S (first authentication encryption value) sent by the adapter, then starts an authentication encryption function of the mobile phone terminal, picks a corresponding key c (namely a second authentication key which is equal to a key d in the adapter, namely the first authentication key) in an SO library of the mobile phone terminal through a product_id, calculates an authentication encryption value S1 (second authentication encryption value) through a key c+random number B+encryption algorithm, compares whether S and S1 are equal, successfully authenticates encryption when S and S1 are equal, and fails authentication encryption when S and S1 are not equal.

In the charging authentication method, the second ciphertext is used as a part of the authentication key ciphertext provided for the power supply equipment, and in the encryption authentication process, the charging equipment sends the rest part of the authentication key ciphertext (the first ciphertext) to the power supply equipment for encryption authentication, so that the storage of the authentication key at the power supply equipment side can be optimized, the leakage of the authentication key of the encryption authentication is prevented, and the security of the encryption authentication is improved. The method and the device weaken the risk of leakage of the authentication key to a certain extent, and ensure the charging safety more reliably and effectively.

In an exemplary embodiment, as shown in FIG. 3, step 202 includes steps 302 through 304.

Wherein:

step 302, in response to receiving identity information sent by the power supply device, determining a first ciphertext based on the identity information and a decryption key for the authentication key ciphertext;

specifically, the identity information represents information of a manufacturer of the power supply apparatus, such as a product_id; under the condition that the charging equipment acquires the identity information of the power supply equipment, the first ciphertext corresponding to the power supply equipment and the decryption key aiming at the authentication key ciphertext can be determined through the identity information.

For example, the charging device may select a key a and d3 ciphertext (first ciphertext) corresponding to the key decryption according to the product id, and transmit the key a, the random number B, and the ciphertext d3 to the adapter.

Step 304, sending a communication packet indicating authentication data to the power supply device; the authentication data includes a random number, a first ciphertext, and a decryption key; the authentication process comprises the steps of decrypting the first ciphertext and the second ciphertext by adopting a decryption key to obtain an authentication key, and encrypting the random number and the first authentication key according to a corresponding encryption algorithm to obtain a first authentication encryption value.

Specifically, the charging device may send authentication data such as a decryption key, a first ciphertext, a random number, and the like to the power supply device through the communication packet, trigger the power supply device to call a function prototype corresponding to the library file, send the authentication data to the function prototype, decrypt the first ciphertext, the first sub-ciphertext, and a second sub-ciphertext in the library file through the decryption key by using the function prototype, obtain a first authentication key, and generate a first authentication encryption value based on a corresponding encryption algorithm, the random number, and the first authentication key by using the function prototype. Wherein, the decryption key refers to a key required for decrypting the ciphertext of the authentication key.

Taking charging equipment as a mobile phone and power supply equipment as an adapter as an example, the adapter receives the communication packet, analyzes a key A, a random number B and a ciphertext d3, then performs encryption authentication, and transmits the key A, the random number B and the received ciphertext d3 as well as a key ciphertext d1 (first sub-ciphertext) stored by a manufacturer into an encode function in an SO library file; in the SO library file: firstly, a key ciphertext d2 (second sub ciphertext) +received ciphertext d3 is stored by using an incoming key A and a key ciphertext d1+SO library file, and an A+d1+d2+d3+decryption algorithm=d (first authentication key); then, an authentication encryption value S (first authentication encryption value) is calculated using the calculated key d+ random number b+ encryption algorithm. Namely, the library file can contain two actions, namely, a key A (decryption key) of a key transmitted by the mobile phone, a ciphertext of d1+d2+d3 is restored to a key d, then an authentication encryption value S is calculated by using a random number B+ encryption algorithm transmitted by the key d+mobile phone, and then the encryption value S is packaged and transmitted to the mobile phone terminal.

In one embodiment, as shown in FIG. 4, the method may further include steps 402 through 404.

Wherein:

step 402, when the power supply device is electrically connected with the power supply device, a first request message is sent to the power supply device; the first request message is used for indicating the power supply equipment to return authorization information;

specifically, in the case where the charging device is electrically connected to the power supply device (e.g., the mobile phone is plugged into the adapter), the charging device may send first request information to the power supply device to instruct the power supply device to return authorization information, which may be used to indicate information of an authorized manufacturer of the power supply device.

Taking the power supply device as an adapter and the charging device as a mobile phone as an example, the first request information may be a get device info communication packet, and the device info communication packet carries authorization information; and under the condition that the get device info communication packet is received, the adapter integrates the information of the authorization vendor_id of the adapter into the device info communication packet and sends the device info communication packet to the mobile phone terminal.

Step 404, in response to receiving the authorization information, if the power supply device is confirmed to belong to the authorization device according to the authorization information, a second request message is sent to the power supply device; the second request message is used for indicating the power supply equipment to return the identity information.

Specifically, the charging device receives the authorization information returned by the power supply device, and can confirm whether the power supply device belongs to the authorization device based on the authorization information, and if the power supply device is confirmed to belong to the authorization device, a second request message is sent to the power supply device to instruct the power supply device to return the identity information. For example, the identity information may be used to represent information of a manufacturer of the power supply device.

Taking power supply equipment as an adapter and charging equipment as a mobile phone as an example, the second request information can be a get source info communication packet, and the source info communication packet carries identity information; the mobile phone receives the device info communication packet sent by the adapter, analyzes the device info communication to obtain a vendor_id (authorization information), and further confirms whether the adapter belongs to the authorization device according to the vendor_id, for example, if the adapter is authorized by the target vendor, the vendor_id is the ID of the target vendor. When the adapter is confirmed to belong to the authorized equipment, the mobile phone sends a get source info communication packet to the adapter, the adapter receives the get source info communication packet, integrates the information of the production product id of the adapter into the source info communication packet, sends the source info communication packet to the mobile phone terminal, and analyzes the source info communication to obtain the product_id after receiving the source info communication packet sent by the adapter.

In the charging authentication method, only part of the authentication key ciphertext is provided for the power supply equipment, in the encryption authentication process, the charging equipment sends the rest part of the authentication key ciphertext to the power supply equipment for encryption authentication, so that the storage of the authentication key at the power supply equipment side can be optimized, the leakage of the authentication key of the encryption authentication is avoided, the security of the encryption authentication is improved, and the like product of a provider can be prevented from being broken and raised.

In an exemplary embodiment, as shown in fig. 5, a charging authentication method is provided, and an example of application of the method to the power supply apparatus in fig. 1 is described, including the following steps 502 to 504. Wherein:

step 502, triggering and executing an authentication process in response to receiving a first ciphertext sent by a connected charging device; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the first ciphertext is part of an authentication key ciphertext; the second ciphertext is the rest of the authentication key ciphertext from which the first ciphertext is removed;

specifically, a part of the authentication key ciphertext, namely the second ciphertext, is released to the power supply device, a part of the ciphertext in the second ciphertext may be a manufacturer of the plaintext released to the power supply device, and the rest of the authentication key ciphertext, namely the first ciphertext, may be transmitted to the power supply device by the charging device each time the ciphertext is encrypted. And the power supply device may trigger the execution of the authentication procedure to obtain the first authentication encryption value.

The authentication flow can be understood as a series of action combinations executed by related functions called by the power supply equipment, namely, the specific actions in the authentication flow are realized by the related functions, the power supply equipment cannot know the specific realization process of the actions, and further, the storage of the authentication key at the power supply equipment side can be optimized, the authentication key is prevented from being leaked, and the security of encryption and authentication is improved.

Step 504, the first authentication encryption value is sent to the charging equipment; the first authentication encryption value is used for indicating the charging equipment to carry out authentication to obtain an authentication result.

Specifically, the power supply device may send the first authentication encryption value to the charging device, so that the charging device performs authentication to obtain an authentication result.

In one exemplary embodiment, the second ciphertext may include a first sub-ciphertext and a second sub-ciphertext; triggering the execution of the authentication procedure may include:

Specifically, the first sub-ciphertext is a partial authentication key ciphertext directly released to the power supply equipment, and the second sub-ciphertext is a partial authentication key ciphertext integrated into the library file. It should be noted that, in the embodiment of the present application, the lengths of the first sub-ciphertext, the second sub-ciphertext, and the first ciphertext may not be fixed, and the length ratio may be customized.

By compiling related functions such as encryption and decryption into a library file, the library file and a function prototype in the library file are sent to a manufacturer of the power supply device, so that the power supply device can use the functions in the library file according to the function prototype, but the specific implementation process of the functions in the library file is not known. Alternatively, the library file may refer to an SO library file, and the function prototype may refer to an encod function.

In one exemplary embodiment, the first ciphertext is one third of the length of the authentication key ciphertext; the ciphertext length of the first sub-ciphertext is the same as that of the second sub-ciphertext.

Specifically, taking the power supply device as an adapter and the charging device as a mobile phone as an example, d1 with 1/3 length of ciphertext of the key d released to the adapter is released to a manufacturer in the clear, d2 with 1/3 length in the middle is integrated into an SO library file, that is, the d1+so library file is released to the manufacturer, after that, the adapter can enter a waiting state to wait for the mobile phone to send a message (for example, after the adapter is inserted into the mobile phone, the mobile phone sends a get device info communication packet to the adapter), and d3 with 1/3 length is transmitted to the adapter by the mobile phone when each encryption is performed. Based on the function prototype corresponding to the SO library file, the authentication flow may include two actions, one is to restore the cipher text of d2+d3 to the key d by the key a of the key transmitted by the mobile phone, and then calculate the authentication encryption cipher text S by using the key d+the random number b+algorithm transmitted by the mobile phone.

In an exemplary embodiment, the method further comprises:

Specifically, the power supply device may respond to the request information sent by the charging device, and feed back identity information, where the identity information may represent information of a manufacturer of the power supply device, for example, product_id, and based on the identity information, the charging device may enable confirmation of relevant data for performing encryption authentication on the power supply device, for example, an authentication key, a first ciphertext, a decryption key, and the like on the side of the charging device.

After the power supply equipment acquires the authentication data, the power supply equipment can further acquire a first authentication encryption value by calling a function prototype of the library file.

In one exemplary embodiment, sending identity information to a charging device includes:

Specifically, in the case where the power supply device is electrically connected to the charging device (for example, the adapter is plugged into the mobile phone), the power supply device may respond to the first request information sent by the charging device, and return authorization information, which may be used to indicate information of an authorized manufacturer of the power supply device. The charging device can confirm whether the power supply device belongs to the authorized device or not, and further returns second request information for acquiring the identity information. The power supply device returns the identity information in response to the second request information.

It should be noted that, in the foregoing charging authentication method implemented from the power supply device perspective, the implementation process of specific steps may refer to descriptions of each step in the foregoing charging authentication method implemented from the charging device perspective, which is not described herein again.

In the encryption authentication process, the power supply equipment receives the authentication key ciphertext of the rest part sent by the charging equipment to carry out encryption authentication, so that the storage of the authentication key at the power supply equipment side can be optimized, the authentication key of encryption authentication is prevented from being revealed, and the security of encryption authentication is improved.

It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.

Based on the same inventive concept, the embodiment of the application also provides a charging authentication device for realizing the charging authentication method. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in the embodiments of the charging authentication device or devices provided below may be referred to the limitation of the charging authentication method hereinabove, and will not be described herein.

In an exemplary embodiment, as shown in fig. 6, a charging authentication apparatus 600 is provided, which is applied to a charging device, and includes a ciphertext sending module 601 and an authentication module 602, where:

a ciphertext transmitting module 601, configured to transmit a first ciphertext to a connected power supply apparatus; the first ciphertext is part of an authentication key ciphertext; the first ciphertext is used for indicating the power supply equipment to trigger the execution of the authentication process; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the second ciphertext is the rest of the authentication key ciphertext from which the first ciphertext is removed;

and the authentication module 602 is configured to, in response to receiving the first authentication encryption value returned by the power supply device, authenticate the first authentication encryption value, and obtain an authentication result.

In one embodiment, the ciphertext transmitting module 601 includes:

the authentication data determining module is used for determining a first ciphertext based on the identity information and a decryption key aiming at the authentication key ciphertext in response to receiving the identity information sent by the power supply equipment;

the communication packet sending module is used for sending a communication packet indicating authentication data to the power supply equipment; the authentication data includes a random number, a first ciphertext, and a decryption key; the authentication process comprises the steps of decrypting the first ciphertext and the second ciphertext by adopting a decryption key to obtain an authentication key, and encrypting the random number and the first authentication key according to a corresponding encryption algorithm to obtain a first authentication encryption value.

In one embodiment, the apparatus 600 further comprises:

the first request module is used for sending a first request message to the power supply equipment when the first request module is electrically connected with the power supply equipment; the first request message is used for indicating the power supply equipment to return authorization information;

the second request module is used for responding to the received authorization information, and if the power supply equipment is confirmed to belong to the authorization equipment according to the authorization information, a second request message is sent to the power supply equipment; the second request message is used for indicating the power supply equipment to return the identity information.

In one embodiment, the authentication module 602 is configured to determine a second authentication key through the identity information, encrypt the random number and the second authentication key according to a corresponding encryption algorithm, and obtain a second authentication encryption value; when the first authentication encryption value is the same as the second authentication encryption value, determining an authentication result as authentication encryption success; and determining the authentication result as authentication encryption failure when the first authentication encryption value is different from the second authentication encryption value.

In one embodiment, the authentication module 602 is configured to call a preset program library, select a second authentication key according to the identity information by using the program library, and generate a second authentication encryption value.

In an exemplary embodiment, as shown in fig. 7, a charging authentication apparatus 700 is provided, which is applied to a power supply device, and includes a trigger authentication module 701 and an encryption value sending module 702, where:

a trigger authentication module 701, configured to trigger an authentication procedure to be performed in response to receiving a first ciphertext sent by a connected charging device; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the first ciphertext is part of an authentication key ciphertext; the second ciphertext is the rest of the authentication key ciphertext from which the first ciphertext is removed;

An encryption value transmitting module 702, configured to transmit the first authentication encryption value to the charging device; the first authentication encryption value is used for indicating the charging equipment to carry out authentication to obtain an authentication result.

In one embodiment, the second ciphertext includes a first sub-ciphertext and a second sub-ciphertext; the trigger authentication module 701 is configured to invoke a function prototype of the corresponding library file, and send a first ciphertext and a first sub-ciphertext to the function prototype; the authentication flow comprises the step of decrypting the first ciphertext, the first sub-ciphertext and the second sub-ciphertext in the library file by using the function prototype to obtain a first authentication key.

In one embodiment, the apparatus 700 further comprises:

the information sending module is used for sending the identity information to the charging equipment; the identity information is used for indicating the charging equipment to determine a first ciphertext and a decryption key aiming at the authentication key ciphertext;

the communication packet receiving module is used for receiving a communication packet which is returned by the charging equipment and indicates authentication data; the authentication data includes a random number, a first ciphertext, and a decryption key; the authentication process comprises the steps of decrypting the first ciphertext and the second ciphertext by adopting a decryption key to obtain an authentication key, and encrypting the random number and the first authentication key according to a corresponding encryption algorithm to obtain a first authentication encryption value.

In one embodiment, the information sending module includes:

the authorization information sending module is used for sending authorization information to the charging equipment in response to receiving a first request message sent by the charging equipment when the authorization information sending module is electrically connected with the charging equipment; the authorization information is used for indicating the charging equipment to return a second request message under the condition that the power supply equipment is confirmed to belong to the authorization equipment;

and the identity information sending module is used for sending the identity information to the charging equipment in response to receiving the second request message.

The above-mentioned respective modules in the charging authentication device may be implemented in whole or in part by software, hardware, and a combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.

In an exemplary embodiment, an electronic device, which may be a terminal, is provided, and an internal structure thereof may be as shown in fig. 8. The electronic device includes a processor, a memory, an input/output interface, a communication interface, a display unit, and an input device. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface, the display unit and the input device are connected to the system bus through the input/output interface. Wherein the processor of the electronic device is configured to provide computing and control capabilities. The memory of the electronic device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The input/output interface of the electronic device is used to exchange information between the processor and the external device. The communication interface of the electronic device is used for conducting wired or wireless communication with an external terminal, and the wireless communication can be realized through WIFI, a mobile cellular network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement a charging authentication method. The display unit of the electronic device is used for forming a visual picture, and can be a display screen, a projection device or a virtual reality imaging device. The display screen can be a liquid crystal display screen or an electronic ink display screen, and the input device of the electronic equipment can be a touch layer covered on the display screen, can also be keys, a track ball or a touch pad arranged on the shell of the electronic equipment, and can also be an external keyboard, a touch pad or a mouse and the like.

It will be appreciated by those skilled in the art that the structure shown in fig. 8 is merely a block diagram of a portion of the structure associated with the present application and is not limiting of the electronic device to which the present application is applied, and that a particular electronic device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.

In an exemplary embodiment, an electronic device is provided, comprising a memory storing a computer program and a processor implementing the steps of the above-described charge authentication method when the processor executes the computer program.

In one embodiment, a computer readable storage medium is provided, on which a computer program is stored which, when executed by a processor, implements the steps of the charge authentication method described above.

In an embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, implements the steps of the charging authentication method described above.

Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the various embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the various embodiments provided herein may include at least one of relational databases and non-relational databases. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic units, quantum computing-based data processing logic units, etc., without being limited thereto.

The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.

The above examples only represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the present application. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application shall be subject to the appended claims.

Claims

1. A charging authentication method, applied to a charging device, the method comprising:

transmitting a first ciphertext to the connected power supply device; the first ciphertext is part of an authentication key ciphertext; the first ciphertext is used for indicating the power supply equipment to trigger the execution of an authentication process; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the second ciphertext is the remainder of the authentication key ciphertext from which the first ciphertext was removed;

And responding to the received first authentication encryption value returned by the power supply equipment, and authenticating the first authentication encryption value to obtain an authentication result.

2. The method of claim 1, wherein the second ciphertext comprises a first sub-ciphertext and a second sub-ciphertext;

the first ciphertext is used for indicating the power supply equipment to call a function prototype of a corresponding library file, and the first ciphertext and the first sub-ciphertext are sent to the function prototype; the authentication process includes decrypting the first ciphertext, the first sub-ciphertext, and the second sub-ciphertext in the library file by using the function prototype to obtain the first authentication key.

3. The method of claim 2, wherein the first ciphertext is one third of the authentication key ciphertext length; the ciphertext lengths of the first sub ciphertext and the second sub ciphertext are the same.

4. A method according to any one of claims 1 to 3, wherein said sending a first ciphertext to a connected power supply device comprises:

in response to receiving identity information sent by the power supply device, determining the first ciphertext based on the identity information and a decryption key for the authentication key ciphertext;

Transmitting a communication packet indicating authentication data to the power supply device; the authentication data includes a random number, the first ciphertext, and the decryption key; the authentication process comprises the steps of decrypting the first ciphertext and the second ciphertext by adopting the decryption key to obtain the authentication key, and encrypting the random number and the first authentication key according to a corresponding encryption algorithm to obtain the first authentication encryption value.

5. The method according to claim 4, wherein the method further comprises:

6. The method of claim 4, wherein authenticating the first authentication encryption value to obtain an authentication result comprises:

when the first authentication encryption value is the same as the second authentication encryption value, determining the authentication result as authentication encryption success;

7. The method of claim 6, wherein the determining the second authentication key from the identity information encrypts the random number and the second authentication key according to an encryption algorithm corresponding to the power supply device to obtain a second authentication encryption value, comprising:

and calling a preset program library, selecting the second authentication key according to the identity information by using the program library, and generating the second authentication encryption value.

8. A charging authentication method, applied to a power supply device, the method comprising:

triggering and executing an authentication process in response to receiving a first ciphertext sent by the connected charging equipment; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the first ciphertext is part of an authentication key ciphertext; the second ciphertext is the remainder of the authentication key ciphertext from which the first ciphertext was removed;

9. The method of claim 8, wherein the second ciphertext comprises a first sub-ciphertext and a second sub-ciphertext;

the triggering execution authentication process comprises the following steps:

invoking a function prototype of a corresponding library file, and transmitting the first ciphertext and the first sub-ciphertext to the function prototype; the authentication process comprises the step of decrypting the first ciphertext, the first sub-ciphertext and the second sub-ciphertext in the library file by using the function prototype to obtain the first authentication key.

10. The method of claim 9, wherein the first ciphertext is one third of the authentication key ciphertext length; the ciphertext lengths of the first sub ciphertext and the second sub ciphertext are the same.

11. The method according to any one of claims 8 to 10, further comprising:

transmitting identity information to the charging device; the identity information is used for indicating the charging equipment to determine the first ciphertext and a decryption key aiming at the authentication key ciphertext;

Receiving a communication packet which is returned by the charging equipment and indicates authentication data; the authentication data includes a random number, the first ciphertext, and the decryption key; the authentication process comprises the steps of decrypting the first ciphertext and the second ciphertext by adopting the decryption key to obtain the authentication key, and encrypting the random number and the first authentication key according to a corresponding encryption algorithm to obtain the first authentication encryption value.

12. The method of claim 11, wherein the sending identity information to the charging device comprises:

and in response to receiving the second request message, sending the identity information to the charging device.

13. A charging authentication apparatus, characterized by being applied to a charging device, the apparatus comprising:

the ciphertext sending module is used for sending a first ciphertext to the connected power supply equipment; the first ciphertext is part of an authentication key ciphertext; the first ciphertext is used for indicating the power supply equipment to trigger the execution of an authentication process; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the second ciphertext is the remainder of the authentication key ciphertext from which the first ciphertext was removed;

14. A charging authentication apparatus, characterized by being applied to a power supply device, the apparatus comprising:

the triggering authentication module is used for responding to the first ciphertext sent by the connected charging equipment and triggering and executing an authentication flow; the authentication process comprises the steps of decrypting the first ciphertext and the local second ciphertext to obtain a first authentication key, and generating a first authentication encryption value according to the first authentication key; the first ciphertext is part of an authentication key ciphertext; the second ciphertext is the remainder of the authentication key ciphertext from which the first ciphertext was removed;

15. An electronic device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of any one of claims 1 to 7 or the steps of the method of any one of claims 8 to 12.

16. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any one of claims 1 to 7, or the steps of the method of any one of claims 8 to 12.

17. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any one of claims 1 to 7 or the steps of the method of any one of claims 8 to 12.