CN117610083A - File verification method and device, electronic equipment and computer storage medium - Google Patents

File verification method and device, electronic equipment and computer storage medium Download PDF

Info

Publication number
CN117610083A
CN117610083A CN202311723074.3A CN202311723074A CN117610083A CN 117610083 A CN117610083 A CN 117610083A CN 202311723074 A CN202311723074 A CN 202311723074A CN 117610083 A CN117610083 A CN 117610083A
Authority
CN
China
Prior art keywords
verification
target file
file
hash value
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311723074.3A
Other languages
Chinese (zh)
Inventor
刘宇浩
赵海春
张炯明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yuanxin Information Technology Group Co ltd
Original Assignee
Yuanxin Information Technology Group Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yuanxin Information Technology Group Co ltd filed Critical Yuanxin Information Technology Group Co ltd
Priority to CN202311723074.3A priority Critical patent/CN117610083A/en
Publication of CN117610083A publication Critical patent/CN117610083A/en
Pending legal-status Critical Current

Links

Abstract

The embodiment of the application provides a file verification method, a file verification device, electronic equipment and a computer storage medium, and relates to the technical field of operating systems. The method comprises the following steps: obtaining an operation request aiming at a target file, wherein the operation request comprises an operation type, if the operation type is a write operation type, calling a preset hook function, determining whether the operation request is the first write operation of the target file, if the operation request is not the first write operation, determining a first hash value of the target file, and uploading the first hash value and a first verification value stored in the target file to a trusted execution module so that the trusted execution module determines a verification result of the target file. According to the file verification method, the trusted execution module compares the first hash value with the first verification value to complete the integrity verification of the target file, and the target file can be written after the verification is passed, so that system data is prevented from being tampered, the safety of the system data can be ensured, and the system performance is optimized.

Description

File verification method and device, electronic equipment and computer storage medium
Technical Field
The present application relates to the technical field of operating systems, and in particular, to a method and apparatus for verifying a file, an electronic device, and a computer storage medium.
Background
With the development of operating system technology, people's life is increasingly dependent on various systems, and the integrity problem of the systems is increasingly important, for example, for software popular with a public, an attacker may add malicious code to the software and then issue the malicious code onto a network, and when a user downloads and uses the tampered software, a computer virus or a Trojan horse program may silently enter into an electronic device such as a computer of the user. Therefore, it is desirable to verify the integrity of files in an operating system, i.e., file integrity verification, to ensure that data, files, or other information is not tampered with, damaged, or infected with malicious code, etc., during transmission or use.
In general, the method for checking the integrity of a system is that after each restart of an electronic device and before a user accesses a file, an operating system performs a signature verification operation on the file, so as to determine whether the file is tampered. However, the writable partition corresponding to the user data cannot be verified, and once an attacker tampers the user data, the corresponding integrity verification mechanism is not available, so that the security of the data cannot be ensured, and the system performance is poor.
Disclosure of Invention
The embodiment of the application aims to solve the problem that an operating system in the existing electronic equipment cannot carry out integrity check on files of a writable partition. The technical scheme is as follows:
in a first aspect, the present application provides a method for checking a file, including:
acquiring an operation request aiming at a target file, wherein the operation request comprises an operation type;
if the operation type is a write operation type, calling a preset hook function, and determining whether the operation request is the first write operation of the target file;
if the operation request is not the first write operation, determining a first hash value of the target file;
uploading the first hash value and the first verification value stored in the target file to a trusted execution module, so that the trusted execution module determines a verification result for the target file based on the first hash value and the first verification value; the verification result is used for representing the integrity of the target file.
In an alternative embodiment of the first aspect, the operation request further comprises written content;
the method further comprises the steps of:
if the operation request is the first writing operation, writing the writing content in the operation request into the target file;
acquiring a second hash value of the target file, and uploading the second hash value to the trusted execution module so that the trusted execution module determines a first verification value based on the second hash value and the identification of the trusted execution module;
The first verification value is stored in the target file.
In an alternative embodiment of the first aspect, determining a verification result for the target file based on the first hash value and the first verification value includes:
acquiring a second verification value based on the first hash value and the identifier of the trusted execution module;
and comparing the first verification value with the second verification value to obtain a verification result.
In an alternative embodiment of the first aspect, the method further comprises:
if the verification result is the same as the verification value, writing the target file according to the operation request to obtain an updated target file;
acquiring a third hash value of the updated target file, uploading the third hash value to a trusted execution module, and acquiring a third verification value according to the third hash value and the identification of the trusted execution module;
and updating the first verification value based on the third verification value, and storing the updated first verification value in the target file.
In an alternative embodiment of the first aspect, the method further comprises:
if the verification result is that the verification values are different, the writing operation of the target file is not allowed.
In an alternative embodiment of the first aspect, before obtaining the operation request for the target file, the method includes:
Generating a private key for the system;
determining a fourth hash value of each read-only file in the system;
for each read-only file, signing the fourth hash value by using a private key to obtain signature information;
respectively storing signature information in each read-only file; the signature information is used to verify whether a corresponding read operation is allowed for the target file.
In an alternative embodiment of the first aspect, the method further comprises:
generating a public key for the system and storing the public key in a trusted execution module;
if the operation type is a read-only operation type, a fifth hash value of the target file is obtained;
uploading the fifth hash value and the signature information in the target file to a trusted execution module, so that the trusted execution module verifies the signature information according to the public key and the fifth hash value;
if the verification is passed, performing read operation on the target file according to the operation request;
if the verification is not passed, the read operation of the target file is not allowed.
In a second aspect, there is provided a document verification apparatus, the apparatus comprising:
the acquisition module is used for acquiring an operation request aiming at the target file, wherein the operation request comprises an operation type;
the calling module is used for calling a preset hook function if the operation type is the write operation type, and determining whether the operation request is the first write operation of the target file;
The determining module is used for determining a first hash value of the target file if the operation request is not the first write operation;
the verification module is used for uploading the first hash value and the first verification value stored in the target file to the trusted execution module so that the trusted execution module can determine a verification result for the target file based on the first hash value and the first verification value; the verification result is used for representing the integrity of the target file.
In a third aspect, there is provided an electronic device comprising a memory, a processor and a computer program stored on the memory, characterized in that the processor executes the computer program to carry out the steps of the method of any one of the first aspects of the present application.
In a fourth aspect, there is provided a computer readable storage medium having stored thereon a computer program, wherein the computer program, when executed by a processor, implements the file verification method according to any one of the first aspects of the present application.
The beneficial effects that technical scheme that this application embodiment provided brought are:
according to the file verification method, through obtaining the operation request and determining the operation type, determining the operation type as the write operation type, calling a preset hook function in a kernel to determine that the operation request is the first write operation of the target file, if the operation request is the first write operation of the target file, writing the write content into the file, then obtaining a second hash value of the target file, determining a first verification value by a trusted execution module based on the second hash value and the identification of the module, and storing the verification value in the target file, if the operation request is not the first write operation, obtaining the first hash value of the target file, uploading the first verification value stored in the target file and the first hash value into the trusted execution module, and enabling the trusted execution module to compare the first verification value with the first hash value to determine a verification result, wherein the verification result represents the integrity of the target file. The method supports the integrity check of the files of the writable partition in the trusted environment, can effectively prevent the data in the writable file from being tampered, improves the safety of the file data, and optimizes the system performance.
Further, in the compiling preparation stage of the system, a fourth hash value of each read-only file in the system is obtained, a private key is generated to sign each fourth hash value, signature information is stored in a corresponding file, a public key is generated and stored in a trusted execution module, if the operation type is a read-only operation type, a fifth hash value of a target file is obtained, the signature information is verified in the trusted execution module by using the fifth hash value and the public key, and after verification, the read operation can be performed, so that the integrity verification of read-only partition files is realized.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings that are required to be used in the description of the embodiments of the present application will be briefly described below.
Fig. 1 is an application scenario schematic diagram of a file verification method provided in an embodiment of the present application;
FIG. 2 is a schematic flow chart of a method for checking files according to an embodiment of the present application;
FIG. 3 is a schematic flow chart of verifying a writable target file verification value in a file verification method according to an embodiment of the present application;
Fig. 4 is a schematic flow chart of acquiring a first verification value in a file verification method according to an embodiment of the present application;
FIG. 5 is a schematic flow chart of checking a read-only target file in a file checking method according to an embodiment of the present application;
FIG. 6 is a flowchart illustrating an example of a method for verifying a file according to an embodiment of the present application;
FIG. 7 is a schematic structural diagram of a document verification device according to an embodiment of the present disclosure;
fig. 8 is a schematic structural diagram of an electronic device suitable for the file verification method provided in the embodiment of the present application.
Detailed Description
Embodiments of the present application are described below with reference to the drawings in the present application. It should be understood that the embodiments described below with reference to the drawings are exemplary descriptions for explaining the technical solutions of the embodiments of the present application, and the technical solutions of the embodiments of the present application are not limited.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless expressly stated otherwise, as understood by those skilled in the art. It will be further understood that the terms "comprises" and "comprising," when used in this application, specify the presence of stated features, information, data, steps, operations, and components, but do not preclude the presence or addition of other features, information, data, steps, operations, components, and/or groups thereof, that may be included in the present application. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. The term "and/or" as used herein indicates that at least one of the items defined by the term, e.g., "a and/or B" may be implemented as "a", or as "B", or as "a and B".
For a better description and understanding of the solutions provided by the embodiments of the present application, some related technical terms involved in the embodiments of the present application will be first described.
Write operation: generally refers to operations that modify, update, or add to data. In an operating system, a write operation generally refers to a process of changing data or adding new data, including updating data already recorded in a file, writing new data into a file, and the like. The integrity and security of the data needs to be ensured when performing the write operation.
The trusted execution module: which may also be referred to as a Trusted Execution Environment (TEE), is a protected area in an electronic device such as a computer that provides a highly isolated trusted computing environment. TEE is typically a software and hardware solution running on top of the host processor and operating system, with the design goal of protecting sensitive data and security in performing critical tasks, preventing malware, attackers, or untrusted applications from acquiring or tampering with the data. It provides a protected execution environment such that only authorized programs can access data and resources therein.
Hash value: a fixed length string or number is calculated from the input data by a hash function. Hash is transliteration of english "Hash", also called Hash, etc., currently Hash generally refers to an algorithm design concept of compressing a message of any length into a message digest of a certain fixed length, and an algorithm capable of implementing the concept may be called Hash. The message may be any type of data and the message digest may be in the form of a string or number.
Public and private keys: the public-private key is a pair of keys used to encrypt and decrypt data. The public key may be public while the private key may only be kept by the key owner. In public-private key encryption, a sender encrypts data using a public key provided by a receiver, and the receiver decrypts the encrypted data using its own private key. Public and private keys are widely used in digital signature, data encryption, authentication and other scenarios. Wherein, the digital signature means that the hash value of the file is encrypted by a private key to prove the integrity and source non-repudiation of the file; data encryption refers to encrypting sensitive data by using a public key to ensure that the data is not stolen or tampered with during transmission; identity verification refers to the use of public and private keys to verify the identity of a user to prevent someone from impersonating other users into the system.
For the purpose of making the objects, technical solutions and advantages of the present application more apparent, the embodiments of the present application will be described in further detail below with reference to the accompanying drawings. In this application, the term system refers to an operating system unless specifically stated otherwise.
There are generally two schemes for checking system integrity, i.e., an IMA (Integrity Measurement Architecture ) native to the open-source operating system and a block check of the kernel native to the android, which are required to perform integrity checking at the time of starting the operating system. However, the IMA scheme relies on a chip, and needs to calculate a file reference value in a revision mode, then change the system to a forced mode, compare the reference value calculated in the revision mode with the current reference value of the system, and reject access if the reference value does not accord with the current reference value. This has a problem in that the file may be tampered with before setting the file reference value, and the trust chain is incomplete. The block verification of the android native kernel is performed in a system starting stage, is a coarse-granularity verification process, and after the scheme is adopted, the system cannot be upgraded by using a file-based differential packet, and resources of the electronic equipment are consumed, so that the performance of the electronic equipment is affected to a certain extent.
In the existing system integrity checking method, after restarting the electronic equipment each time and before a user accesses a file, an operating system needs to perform signature checking operation on the file so as to determine whether the file is tampered. However, for writable partitions corresponding to user data, verification cannot be performed, and once an attacker tampers the user data, no corresponding integrity verification mechanism exists, so that the security of the data cannot be ensured, and the system performance is poor.
In order to overcome the defect that the writable partition cannot be checked in the prior art, a mode that all files in the writable partition are encrypted and the files are decrypted first to finish writing operation and then encrypted is adopted. This approach does greatly increase the difficulty of tampering with the data in the writable partition file, but in many practical scenarios, encryption of all files in the writable partition is not allowed, and some of the writable files are encrypted, which may cause the electronic device to be unable to be used normally.
Aiming at least one technical problem or the place needing improvement in the related art, the application provides a file verification method, a device, electronic equipment and a computer storage medium. The method supports the integrity check of the files of the writable partition in the trusted environment, can effectively prevent the data in the writable file from being tampered, improves the safety of the file data, and optimizes the system performance.
Further, in a compiling preparation stage of the system, a fourth hash value of each read-only file in the system is obtained, a private key is generated to sign each fourth hash value, signature information is stored in the corresponding file, a public key is generated and stored in a trusted execution module, if the operation type is a read-only operation type, a fifth hash value of the target file is obtained, signature information is verified in the trusted execution module by using the fifth hash value and the public key, and after verification is passed, a read operation can be performed, so that the integrity verification of the read-only partition file is realized. The file verification method can verify the files of the read-only partition and the writable partition, and can ensure the integrity of the system integrity verification trust chain.
The technical solutions of the embodiments of the present application and technical effects produced by the technical solutions of the present application are described below by describing several exemplary embodiments. It should be noted that the following embodiments may be referred to, or combined with each other, and the description will not be repeated for the same terms, similar features, similar implementation steps, and the like in different embodiments.
Fig. 1 is an application scenario schematic diagram of a file verification method provided in an embodiment of the present application, where an application environment may include an electronic device 101, and an operating system capable of executing the file verification method is disposed on the electronic device 101.
Specifically, for an operating system deployed on the electronic device 101 and capable of executing the file verification method, an operation request for a target file is obtained, the operation request includes an operation type, if the operation type is a write operation type, a preset hook function is called, whether the operation request is a first write operation of the target file is determined, if the operation request is not the first write operation, a first hash value of the target file is determined, and the first hash value and the first verification value stored in the target file are uploaded to a trusted execution module, so that the trusted execution module determines a verification result of the target file to complete integrity verification of a writable partition file in the operating system on the electronic device 101.
Those skilled in the art will appreciate that the electronic device may be a smart phone (e.g., an Android phone, an iOS phone, etc.), a tablet computer, a notebook computer, a digital broadcast receiver, a MID (Mobile Internet Devices, a mobile internet device), a PDA (personal digital assistant), a desktop computer, a smart home appliance, a vehicle-mounted terminal (e.g., a vehicle-mounted navigation terminal, a vehicle-mounted computer, etc.), a smart speaker, a smart watch, etc.
In some possible embodiments, taking an electronic device with an operating system as an execution body as an example, the embodiment of the present application provides a file verification method, as shown in fig. 2, may include the following steps:
S201, acquiring an operation request for a target file.
The operation request may include detailed information about file operations such as operation types, operation objects, and operation contents.
In the implementation process, when a user of an operating system or a certain program in the operating system needs to open or run a certain file, the file is a target file, an operation request for the target file is obtained, what operation needs to be performed on the target file can be clearly determined, and the operation request can include relevant information of the operation needs to be performed.
S202, if the operation type is a write operation type, a preset hook function is called, and whether the operation request is the first write operation of the target file is determined.
Wherein the hooking function is provided by the operating system and is triggered upon a specific event or condition.
Specifically, if the operation type is a write operation type, the operation request is a request for operating on a file of a writable partition, a hook function is called to determine whether the operation request is a first write operation for the target file, if the operation request is the first write operation, data is written into the file, then a first verification value is generated, and if the operation request is not the first write operation, the operation request is considered to be a request for modifying or updating the data in the target file, and integrity verification is required. Wherein the writable partition file may comprise a user data file.
S203, if the operation request is not the first writing operation, determining a first hash value of the target file.
Specifically, the first hash value may be obtained based on the file content and the file name of the target file, and the method for obtaining the hash value may be adjusted according to the actual situation, and is not limited to a certain manner.
Specifically, if the operation request is not the first write operation, it is considered that the target file is to be modified or updated, the first hash value needs to be used for verification in the trusted execution module, and the operation is allowed to be performed on the target file only after the verification of the first hash value is passed.
S204, uploading the first hash value and the first verification value stored in the target file to a trusted execution module, so that the trusted execution module determines a verification result for the target file based on the first hash value and the first verification value.
And the verification result is used for representing the integrity of the target file.
In the implementation process, after the first hash value of the target file is obtained, the first verification value and the first hash value stored in the extended attribute of the target file are uploaded to the trusted execution module, and the trusted execution module performs verification to obtain a verification result. The trusted execution module may be a trusted execution environment, and the trusted execution environment may include TEE (Trusted Execution Environment), which is a safe isolation environment, usually based on a safe extension or a protected operation environment of a hardware level, and the use of the trusted execution environment may improve the security and the credibility of the whole system.
In some possible embodiments, the above-mentioned file verification method further includes:
(1) If the operation request is the first writing operation, writing the writing content in the operation request into the target file;
(2) Acquiring a second hash value of the target file, and uploading the second hash value to the trusted execution module so that the trusted execution module determines the first verification value based on the second hash value and the identification of the trusted execution module;
(3) And storing the first verification value in the target file.
Wherein the operation request may further include write content, and the second hash value is obtained based on the target file content and the file name.
Specifically, if the first writing operation is performed, writing the writing content into the target file, obtaining a second hash value of the target file after writing, transmitting the second hash value into a trusted execution module, wherein the trusted execution module has an identifier of the trusted execution module, calculating to obtain a first verification value by the trusted execution module based on the second hash value and the identifier of the trusted execution module, and storing the first verification value in an extension attribute of the target file. If the target file for the first writing operation does not exist, firstly creating the target file, and then executing subsequent writing, obtaining a first verification value and other operations.
In a specific implementation process, the step of obtaining the first verification value may be as shown in fig. 3, the number of write operations is determined in a common operating environment (i.e. the REE shown in the figure), if the write operation is the first write operation, the write content is written into the target file, if the target file does not exist, the target file is created first, the write content is written into the target file after creation, after writing, the second hash value (i.e. the hash shown in the figure) of the target file is obtained based on the content and the file name (i.e. the data and name shown in the figure) of the target file, the second hash value is transmitted into a trusted execution module (i.e. the TEE shown in the figure), the trusted execution module calculates and obtains the first verification value (i.e. the hmac1 shown in the figure) based on the second hash value and the identifier of the trusted execution module, and the step of obtaining the first verification value is performed in the extended attribute of the target file, so that the first verification value can be completed in the trusted execution module.
In some possible embodiments, determining the verification result for the target file based on the first hash value and the first verification value in step S204 includes:
(1) Acquiring a second verification value based on the first hash value and the identifier of the trusted execution module;
(2) And comparing the first verification value with the second verification value to obtain the verification result.
The identification of the trusted execution module is unique, and one trusted execution module corresponds to one identification.
Specifically, when verification is performed, a second verification value is determined according to the first hash value and the unique trusted execution module identifier, and the first verification value stored in the extended attribute of the target file is compared with the calculated second verification value to obtain a verification result. If the verification values are consistent, the operation is considered to be reliable, the operation can be performed, and if the verification values are inconsistent, the operation is not allowed.
In the specific implementation process, as shown in fig. 4, in a normal running environment (i.e. the REE shown in the figure), a first hash value (i.e. the hash shown in the figure) is determined according to the content and the name (i.e. the data and the name shown in the figure) of the target file, a second verification value (i.e. the hmac2 shown in the figure) is determined according to the first hash value and the unique trusted execution module identifier, the first verification value stored in the extended attribute of the target file is compared with the calculated second verification value (i.e. the judgment of whether hmac1 is equal to hmac2 or not) to obtain a verification result, if the verification values are consistent, the operation is considered to be reliable, the operation is allowed, and if the verification values are inconsistent, the operation is not allowed, and the verification result is returned to the normal running environment. Optionally, after the verification result is obtained, the result may be displayed to a user using the system, for example, a pop-up window warning, etc., and the specific manner is not limited in this scheme.
In some possible embodiments, the above file verification method further includes:
(1) If the verification result is the same as the verification value, writing the target file according to the operation request to obtain an updated target file;
(2) Acquiring a third hash value of the updated target file, uploading the third hash value to a trusted execution module, and acquiring a third verification value according to the third hash value and the identifier of the trusted execution module;
(3) Updating the first verification value based on the third verification value, and storing the updated first verification value in the target file.
Specifically, if the verification result is that the verification value is the same, the modification is considered to be trusted, then writing operation can be performed on the content in the target file, after the writing operation is completed, a third hash value of the target file after the content is updated is obtained, the third hash value is transmitted into a trusted execution module, the third hash value and a unique trusted execution module identifier are calculated together in the trusted execution module, a new third verification value is obtained, the first verification value is updated by using the third verification value, and the third verification value is stored in an expansion attribute of the target file; the writing operation may specifically include writing, deleting, updating, modifying data, and the like.
In some possible embodiments, the above file verification method further includes:
(1) And if the verification result is that the verification values are different, not allowing the writing operation to be performed on the target file.
Specifically, when the verification result is that the verification values are different, the current operation is considered to be unreliable, the writing operation on the target file is not allowed, and an unreliable warning of the current operation can be returned to prompt the user to solve the problem.
In the implementation process, if the verification result is that the verification values are different, the verification is not passed, the current operation is not trusted, the system refuses the write operation request to the writable file, and the refusal can be generally realized through ACL (Access Control List, implementing an access control list) or authority control. Therefore, the modification of the non-trusted operation to the writable file can be effectively limited, and the security of the system and the integrity of data are improved.
In some possible embodiments, before the operation request for the target file is obtained in step S201, the method includes:
(1) Generating a private key for the system;
(2) Determining a fourth hash value of each read-only file in the system;
(3) For each read-only file, signing the fourth hash value by using the private key to obtain signature information;
(4) Respectively storing the signature information in each read-only file; the signature information is used to verify whether a corresponding read operation is allowed for the target file.
Wherein the fourth hash value is obtained based on the content and name of the read-only file.
Specifically, a private key corresponding to the system is generated, a fourth hash value of a file which cannot be subjected to writing operation, namely a read-only file, is determined, the private key is used for signing the fourth hash value of each read-only file, signature information is obtained, and the signature information is stored in an extension attribute of the file. The process is a process of encrypting the fourth hash value using the private key, and the signature information is information that verifies to determine whether or not to permit reading of the target file when reading of the file is required.
In the specific implementation process, a public-private key pair of the system can be generated, the private key is used for encrypting data or generating a digital signature, and the public key is used for decrypting or verifying the digital signature, the public-private key pair in the steps is correspondingly generated in the compiling preparation stage of the system, and the situation that the hash value is not credible due to tampering or attack of the system between compiling and actual deployment operation can be prevented by using the public-private key pair, so that the security of the system can be improved.
In some possible embodiments, the above file verification method further includes:
(1) Generating a public key for the system and storing the public key in the trusted execution module;
(2) If the operation type is a read-only operation type, a fifth hash value of the target file is obtained;
(3) Uploading the fifth hash value and signature information in the target file to the trusted execution module so that the trusted execution module verifies the signature information according to the public key and the fifth hash value;
(4) If the verification is passed, performing read operation on the target file according to the operation request;
(5) And if the verification is not passed, not allowing the reading operation to be performed on the target file.
Wherein the public key corresponds to the private key in the above steps and can be used to decrypt information encrypted by the private key.
Specifically, the public key is stored in the trusted execution module, if the operation type is read-only operation, a hook function of the kernel is called, a corresponding fifth hash value is obtained according to the content and the name of the target file, the fifth hash value and signature information in the target file extension attribute are uploaded to the trusted execution module, the public key is used for decrypting the signature information encrypted by the private key, the hash value obtained by decryption is compared with the fifth hash value, verification information is obtained, and whether the operation on the target file is allowed or not is determined according to the verification information.
After a public key of a system is generated in a specific implementation process, the public key is stored in a trusted execution module so as to be verified safely, as shown in fig. 5, if the operation type is a read-only operation type, a hook function of a kernel is called, a corresponding fifth hash value (namely a hash shown in the figure) is obtained according to the content and the name of a target file, the fifth hash value and signature information in an expansion attribute of the target file are uploaded to the trusted execution module (namely a TEE shown in the figure), the signature information encrypted by the private key is decrypted by the public key, a fourth hash value corresponding to the target file is obtained, the fourth hash value corresponding to the target file and the fifth hash value are compared, verification information (namely a verification sign shown in the figure) is obtained, if the verification is passed, the target file is read according to an operation request, and if the verification is not passed, the target file is not allowed to be read.
In the above embodiment, by acquiring the operation request and determining the operation type, if the operation request is determined to be the write operation type, a hook function preset in the kernel is called to determine that the operation request is the first write operation of the target file, if the operation request is the first write operation of the target file, the write content is written into the file, then a second hash value of the target file is acquired, the trusted execution module determines a first verification value based on the second hash value and the identification of the module, and stores the verification value in the target file, if the operation request is not the first write operation, the first hash value of the target file is acquired, the first verification value stored in the target file and the first hash value are uploaded to the trusted execution module, so that the trusted execution module compares the first verification value with the first hash value to determine a verification result, and the verification result characterizes the integrity of the target file. The method supports the integrity check of the files of the writable partition in the trusted environment, can effectively prevent the data in the writable file from being tampered, improves the safety of the file data, and optimizes the system performance.
Further, in a compiling preparation stage of the system, a fourth hash value of each read-only file in the system is obtained, a private key is generated to sign each fourth hash value, signature information is stored in the corresponding file, a public key is generated and stored in a trusted execution module, if the operation type is a read-only operation type, a fifth hash value of the target file is obtained, signature information is verified in the trusted execution module by using the fifth hash value and the public key, and after verification is passed, a read operation can be performed, so that the integrity verification of the read-only partition file is realized. The file verification method can verify the files of the read-only partition and the writable partition, and can ensure the integrity of the system integrity verification trust chain.
In order to more clearly understand the file verification method described in the embodiments of the present application, the following will be further described in detail with reference to examples.
In one example, the file verification method of the present application, as shown in fig. 6, may include:
when the target file needs to be opened or operated, an operation request of the target file is acquired, wherein the operation request can comprise information such as types of operations to be performed, operation objects, operation contents and the like.
When the operation type is determined to be a write operation type, a hook function is invoked to determine whether the operation request is a first write operation to the target file.
If the first writing operation is the first writing operation, writing the writing content into the target file, obtaining a second hash value of the target file after writing, transmitting the second hash value into a trusted execution module (namely, the file content and the name are added to obtain a hash, and then the hash is transmitted into the TEE), wherein the trusted execution module has an identification of the trusted execution module (namely, the unique key in the TEE), the trusted execution module calculates and obtains a first verification value (namely, hmac1 shown in the figure) based on the second hash value and the identification of the trusted execution module, and the first verification value is stored in an extension attribute of the target file.
If the operation request is not the first writing operation, a first hash value is calculated and uploaded to the trusted execution module together with the first verification value, a second verification value (namely hmac2 shown in the figure) is determined according to the first hash value and the unique trusted execution module identification, and the first verification value stored in the extended attribute of the target file is compared with the calculated second verification value to obtain a verification result.
If the verification result is the same as the verification value, writing operation can be performed on the content in the target file, after the writing operation is completed, a third hash value of the target file after the content is updated is obtained, the third hash value is transmitted into the trusted execution module, the third hash value and the unique trusted execution module identifier are calculated together in the trusted execution module, a new third verification value is obtained, the first verification value is updated by using the third verification value, and the third verification value is stored in the expansion attribute of the target file; if the verification result is that the verification values are different, the writing operation of the target file is not allowed.
In addition, when the operation type is a read-only operation type, a public-private key pair is generated, a fourth hash value of each read-only file in the system is obtained in advance, the signature is carried out by using the private key, signature information is obtained, and the public key is stored in the trusted execution module.
And if the operation type is a read-only operation type, calling a hook function of the kernel, acquiring a corresponding fifth hash value according to the content and the name of the target file, uploading the fifth hash value and signature information in the target file extension attribute to a trusted execution module, decrypting the signature information encrypted by the private key by using the public key, comparing the hash value obtained by decryption with the fifth hash value, acquiring verification information, and determining whether to allow the operation on the target file according to the verification information.
If the verification is passed, the read operation is carried out on the target file according to the operation request, and if the verification is not passed, the read operation is not allowed on the target file.
According to the file verification method, the operation request is obtained and the operation type is determined, if the operation request is determined to be the write operation type, a hook function preset in a kernel is called to determine that the operation request is the first write operation of the target file, if the operation request is the first write operation of the target file, write the write content into the file, then obtain a second hash value of the target file, the trusted execution module determines a first verification value based on the second hash value and the identification of the module and stores the verification value in the target file, if the operation request is not the first write operation, the first hash value of the target file is obtained, the first verification value stored in the target file and the first hash value are uploaded to the trusted execution module, and the trusted execution module compares the first verification value with the first hash value to determine a verification result which characterizes the integrity of the target file. The method supports the integrity check of the files of the writable partition in the trusted environment, can effectively prevent the data in the writable file from being tampered, improves the safety of the file data, and optimizes the system performance.
Further, in a compiling preparation stage of the system, a fourth hash value of each read-only file in the system is obtained, a private key is generated to sign each fourth hash value, signature information is stored in the corresponding file, a public key is generated and stored in a trusted execution module, if the operation type is a read-only operation type, a fifth hash value of the target file is obtained, signature information is verified in the trusted execution module by using the fifth hash value and the public key, and after verification is passed, a read operation can be performed, so that the integrity verification of the read-only partition file is realized. The file verification method can verify the files of the read-only partition and the writable partition, and can ensure the integrity of the system integrity verification trust chain.
The embodiment of the present application provides a file verification apparatus, as shown in fig. 7, the apparatus 70 may include: an acquisition module 701, a calling module 702, a determination module 703 and a verification module 704, wherein,
an obtaining module 701, configured to obtain an operation request for a target file, where the operation request includes an operation type;
a calling module 702, configured to call a preset hook function if the operation type is a write operation type, and determine whether the operation request is a first write operation of the target file;
A determining module 703, configured to determine a first hash value of the target file if the operation request is not a first write operation;
a verification module 704, configured to upload the first hash value and a first verification value stored in the target file to a trusted execution module, so that the trusted execution module determines a verification result for the target file based on the first hash value and the first verification value; the verification result is used for representing the integrity of the target file.
In the file verification device provided by the application, the operation request is acquired, the operation type is determined, if the operation request is determined to be the write operation type, a hook function preset in a kernel is called to determine that the operation request is the first write operation of the target file, if the operation request is the first write operation of the target file, the write content is written into the file, then a second hash value of the target file is acquired, a trusted execution module determines a first verification value based on the second hash value and the identification of the module and stores the verification value in the target file, if the operation request is not the first write operation, the first hash value of the target file is acquired, the first verification value stored in the target file and the first hash value are uploaded to the trusted execution module, and the trusted execution module compares the first verification value with the first hash value to determine a verification result, wherein the verification result represents the integrity of the target file. The method supports the integrity check of the files of the writable partition in the trusted environment, can effectively prevent the data in the writable file from being tampered, improves the safety of the file data, and optimizes the system performance.
Further, in a compiling preparation stage of the system, a fourth hash value of each read-only file in the system is obtained, a private key is generated to sign each fourth hash value, signature information is stored in the corresponding file, a public key is generated and stored in a trusted execution module, if the operation type is a read-only operation type, a fifth hash value of the target file is obtained, signature information is verified in the trusted execution module by using the fifth hash value and the public key, and after verification is passed, a read operation can be performed, so that the integrity verification of the read-only partition file is realized. The file verification method can verify the files of the read-only partition and the writable partition, and can ensure the integrity of the system integrity verification trust chain.
The embodiment of the application provides an electronic device, which comprises a memory, a processor and a computer program stored on the memory, wherein the processor executes the computer program to realize the steps of a file verification method, and compared with the related art, the steps of the file verification method can be realized: and completing the integrity check of the target file before the target file is subjected to writing operation or reading operation.
In an alternative embodiment, an electronic device is provided, as shown in fig. 8, the electronic device 8000 shown in fig. 8 comprising: a processor 8008, and a memory 8003. Processor 8008 is coupled to memory 8003, such as via bus 8002. Optionally, the electronic device 8000 may also include a transceiver 8004, the transceiver 8004 may be used for data interaction between the electronic device and other electronic devices, such as transmission of data and/or reception of data. In practice, the transceiver 8004 is not limited to one, and the structure of the electronic device 8000 is not limited to the embodiment of the present application.
The processor 8008 may be a CPU (Central Processing Unit ), general purpose processor, DSP (Digital Signal Processor, data signal processor), ASIC (Application Specific Integrated Circuit ), FPGA (Field Programmable Gate Array, field programmable gate array) or other programmable logic device, transistor logic device, hardware components, or any combination thereof. Which may implement or perform the various exemplary logic blocks, modules, and circuits described in connection with this disclosure. Processor 8008 may also be a combination that performs computing functions, e.g., including one or more microprocessor combinations, a combination of a DSP and a microprocessor, etc.
Bus 8002 may include a path to transfer information between the components. Bus 8002 may be a PCI (Peripheral Component Interconnect, peripheral component interconnect standard) bus or an EISA (Extended Industry Standard Architecture ) bus, etc. Bus 8002 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one thick line is shown in fig. 8, but not only one bus or one type of bus.
Memory 8003 may be, without limitation, ROM (Read Only Memory) or other type of static storage device that can store static information and instructions, RAM (Random Access Memory ) or other type of dynamic storage device that can store information and instructions, but may also be EEPROM (Electrically Erasable Programmable Read Only Memory ), CD-ROM (Compact Disc Read Only Memory, compact disc Read Only Memory) or other optical disc storage, optical disc storage (including compact discs, laser discs, optical discs, digital versatile discs, blu-ray discs, etc.), magnetic disk storage media, other magnetic storage devices, or any other medium that can be used to carry or store a computer program and that can be Read by a computer.
The memory 8003 is used to store a computer program that executes an embodiment of the present application, and is controlled to be executed by the processor 8008. The processor 8008 is configured to execute a computer program stored in the memory 8003 to implement the steps shown in the foregoing method embodiment.
Among them, electronic devices include, but are not limited to: the terminal and the server can apply the file verification method.
Embodiments of the present application provide a computer readable storage medium having a computer program stored thereon, where the computer program, when executed by a processor, may implement the steps and corresponding content of the foregoing method embodiments.
The terms "first," "second," "third," "fourth," "1," "2," and the like in the description and in the claims of this application and in the above-described figures, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the present application described herein may be implemented in other sequences than those illustrated or otherwise described.
It should be understood that, although the flowcharts of the embodiments of the present application indicate the respective operation steps by arrows, the order of implementation of these steps is not limited to the order indicated by the arrows. In some implementations of embodiments of the present application, the implementation steps in the flowcharts may be performed in other orders as desired, unless explicitly stated herein. Furthermore, some or all of the steps in the flowcharts may include multiple sub-steps or multiple stages based on the actual implementation scenario. Some or all of these sub-steps or phases may be performed at the same time, or each of these sub-steps or phases may be performed at different times, respectively. In the case of different execution time, the execution sequence of the sub-steps or stages may be flexibly configured according to the requirement, which is not limited in the embodiment of the present application.
The foregoing is merely an optional implementation manner of the implementation scenario of the application, and it should be noted that, for those skilled in the art, other similar implementation manners based on the technical ideas of the application are adopted without departing from the technical ideas of the application, and also belong to the protection scope of the embodiments of the application.

Claims (10)

1. A method for verifying a file, comprising:
acquiring an operation request aiming at a target file, wherein the operation request comprises an operation type;
if the operation type is a write operation type, calling a preset hook function, and determining whether the operation request is the first write operation of the target file;
if the operation request is not the first write operation, determining a first hash value of the target file;
uploading the first hash value and a first verification value stored in the target file to a trusted execution module, so that the trusted execution module determines a verification result for the target file based on the first hash value and the first verification value; the verification result is used for representing the integrity of the target file.
2. The file verification method of claim 1, wherein the operation request further includes written content;
The method further comprises the steps of:
if the operation request is the first writing operation, writing the writing content in the operation request into the target file;
acquiring a second hash value of the target file, and uploading the second hash value to the trusted execution module so that the trusted execution module determines the first verification value based on the second hash value and the identification of the trusted execution module;
and storing the first verification value in the target file.
3. The method for verifying a file according to claim 1, wherein the determining a verification result for the target file based on the first hash value and the first verification value includes:
acquiring a second verification value based on the first hash value and the identifier of the trusted execution module;
and comparing the first verification value with the second verification value to obtain the verification result.
4. The method for verifying a file according to claim 1, wherein the method further comprises:
if the verification result is the same as the verification value, writing the target file according to the operation request to obtain an updated target file;
Acquiring a third hash value of the updated target file, uploading the third hash value to a trusted execution module, and acquiring a third verification value according to the third hash value and the identifier of the trusted execution module;
updating the first verification value based on the third verification value, and storing the updated first verification value in the target file.
5. The method for verifying a file according to claim 1, wherein the method further comprises:
and if the verification result is that the verification values are different, not allowing the writing operation to be performed on the target file.
6. The method for verifying a file according to claim 1, wherein before the operation request for the target file is obtained, the method comprises:
generating a private key for the system;
determining a fourth hash value of each read-only file in the system;
for each read-only file, signing the fourth hash value by using the private key to obtain signature information;
respectively storing the signature information in each read-only file; the signature information is used to verify whether a corresponding read operation is allowed for the target file.
7. The method for verifying a file of claim 6, wherein the method further comprises:
generating a public key for the system and storing the public key in the trusted execution module;
if the operation type is a read-only operation type, a fifth hash value of the target file is obtained;
uploading the fifth hash value and signature information in the target file to the trusted execution module so that the trusted execution module verifies the signature information according to the public key and the fifth hash value;
if the verification is passed, performing read operation on the target file according to the operation request;
and if the verification is not passed, not allowing the reading operation to be performed on the target file.
8. A document verification apparatus, comprising:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring an operation request aiming at a target file, and the operation request comprises an operation type;
the calling module is used for calling a preset hook function if the operation type is a write operation type, and determining whether the operation request is the first write operation of the target file;
the determining module is used for determining a first hash value of the target file if the operation request is not a first write operation;
The verification module is used for uploading the first hash value and the first verification value stored in the target file to the trusted execution module so that the trusted execution module can determine a verification result for the target file based on the first hash value and the first verification value; the verification result is used for representing the integrity of the target file.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory, characterized in that the processor executes the computer program to carry out the steps of the method according to any one of claims 1 to 7.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the file verification method of any one of claims 1 to 7.
CN202311723074.3A 2023-12-14 2023-12-14 File verification method and device, electronic equipment and computer storage medium Pending CN117610083A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311723074.3A CN117610083A (en) 2023-12-14 2023-12-14 File verification method and device, electronic equipment and computer storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311723074.3A CN117610083A (en) 2023-12-14 2023-12-14 File verification method and device, electronic equipment and computer storage medium

Publications (1)

Publication Number Publication Date
CN117610083A true CN117610083A (en) 2024-02-27

Family

ID=89956256

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311723074.3A Pending CN117610083A (en) 2023-12-14 2023-12-14 File verification method and device, electronic equipment and computer storage medium

Country Status (1)

Country Link
CN (1) CN117610083A (en)

Similar Documents

Publication Publication Date Title
CN109313690B (en) Self-contained encrypted boot policy verification
US9680648B2 (en) Securely recovering a computing device
AU2009233685B2 (en) Method and apparatus for incremental code signing
CN107679393B (en) Android integrity verification method and device based on trusted execution environment
US8127146B2 (en) Transparent trust validation of an unknown platform
US7257707B2 (en) Manifest-based trusted agent management in a trusted operating system environment
EP2210174B1 (en) Progressive boot for a wireless device
US20060236122A1 (en) Secure boot
US11321466B2 (en) Integrated circuit data protection
US8543841B2 (en) Secure hosted execution architecture
KR20060108710A (en) Trusted mobile platform architecture
JP6073320B2 (en) Authority-dependent platform secret to digitally sign
EP2051181A1 (en) Information terminal, security device, data protection method, and data protection program
EP2803011B1 (en) Detection of invalid escrow keys
CN108229144B (en) Verification method of application program, terminal equipment and storage medium
CN107924440B (en) Method, system, and computer readable medium for managing containers
CN109891425B (en) Sequence verification
CN111046440B (en) Tamper verification method and system for secure area content
CN117610083A (en) File verification method and device, electronic equipment and computer storage medium
WO2022019910A1 (en) Read protection for uefi variables
CN108416209B (en) Program security verification method and device and terminal equipment
WO2022100247A1 (en) Method for switching execution environment and related device
KR101781970B1 (en) Apparatus for defending illegal outflow of electronic documents by itself and method using the same
CN115033854A (en) Data processing method and device, electronic equipment and storage medium
CN116166277A (en) Application program management device and embedded equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination