CN117932622B - FOTA upgrading method, device and equipment of embedded equipment and storage medium - Google Patents
FOTA upgrading method, device and equipment of embedded equipment and storage medium Download PDFInfo
- Publication number
- CN117932622B CN117932622B CN202410319700.0A CN202410319700A CN117932622B CN 117932622 B CN117932622 B CN 117932622B CN 202410319700 A CN202410319700 A CN 202410319700A CN 117932622 B CN117932622 B CN 117932622B
- Authority
- CN
- China
- Prior art keywords
- upgrade package
- upgrade
- version number
- file
- embedded
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 65
- 238000012795 verification Methods 0.000 claims abstract description 23
- 101100217298 Mus musculus Aspm gene Proteins 0.000 claims abstract description 17
- 230000008569 process Effects 0.000 claims abstract description 16
- 238000011161 development Methods 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 8
- 238000004422 calculation algorithm Methods 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 5
- 238000004519 manufacturing process Methods 0.000 claims description 5
- 230000001680 brushing effect Effects 0.000 claims description 4
- 238000004891 communication Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Stored Programmes (AREA)
Abstract
The application provides a FOTA upgrading method, device, equipment and storage medium of embedded equipment. In the whole FOTA upgrading process, the upgrading package adopts the private key signature and the public key signature verification to ensure the authenticity and non-repudiation of the upgrading package, and meanwhile, the upgrading package is also checked by adopting the SHA1 to ensure the integrity of the upgrading package. The whole downloading process uses HTTPS to carry out encryption downloading, and meanwhile, the downloaded upgrade package uses a one-machine one-encryption AES256 encryption mode to ensure that each upgrade package is different, other users cannot acquire key information from the upgrade package and tamper the upgrade package content, and even version rollback cannot be carried out, so that the safety of FOTA upgrade is ensured.
Description
Technical Field
The application relates to the technical field of the Internet of things, in particular to a FOTA upgrading method, device and equipment of embedded equipment and a storage medium.
Background
At present, most automobiles are provided with embedded equipment such as a remote control module and the like, and the functions such as remote upgrading and the like are realized through a network. FOTA (Firmware Over-The-Air) is a method for providing Firmware upgrade service for devices with networking function through cloud upgrade technology.
Currently, the embedded internet of things FOTA upgrading technology is an end cloud integrated upgrading technology integrating an embedded equipment terminal, an internet of things cloud platform and the like. And downloading the FOTA upgrade package through a network to finish the upgrade of the application software of the equipment. The FOTA upgrading software package content of the embedded device may be tampered, key information in the upgrading package may be intercepted, or a software version of the device may be rolled back to an old version, so that the device becomes unsafe, and a safe FOTA upgrading method is very important.
Disclosure of Invention
The application aims to provide a FOTA upgrading method and device of embedded equipment, electronic equipment and a storage medium, which can ensure the safety of the FOTA upgrading of the embedded equipment.
In a first aspect, an embodiment of the present application provides a FOTA upgrading method for an embedded device, where an internal flash memory of the embedded device includes a boot program area and an internal program area, and an external flash memory externally hung on the embedded device is divided into an upgrade package storage area and a parameter storage area, where the method includes:
The method comprises the steps that after the embedded equipment is powered on and initialized, the embedded equipment is connected to a cloud server, equipment information of the embedded equipment is reported to the cloud server, and the equipment information comprises an integrated circuit card identification code and a software version number of the equipment;
Receiving an upgrade package address issued by a cloud server, enabling the cloud server to generate a symmetric AES256 key through an MD5 algorithm according to the integrated circuit card identification code and fixed fields agreed by the two parties, encrypting the non-file header of the upgrade package by using the AES256 key, and generating an SHA1 check code;
Downloading an upgrade package to the upgrade package storage area according to the upgrade package address, setting an upgrade flag bit as 1, and checking an SHA1 check code of the upgrade package after the downloading is completed; if the verification is passed, comparing the version number of the upgrade package with the version number of the software, if the version number of the upgrade package is smaller than the version number of the software, feeding back failure of upgrading the cloud server, and setting an upgrade flag bit to be 0; if the version number of the upgrade package is larger than the version number of the software, continuing upgrading;
Decrypting the upgrade package by using the AES256 key, decrypting the data with the preset threshold value at most each time, and simultaneously performing signature calculation by using a public key in the embedded equipment according to the decrypted data until all signature values after decryption are obtained, and comparing signature fields of the file header;
After the signature verification is passed, restarting the device, entering a Bootloader to decrypt the upgrade package again, brushing the upgrade package stored in the upgrade package storage area to the internal program area, generating a verification value, setting an upgrade flag bit to be 0, and waiting for the next upgrade.
In some embodiments of the present application, the generation process of the upgrade package is as follows:
Compiling and generating a first upgrade package file in an embedded development platform, and generating an asymmetric public key and a private key pair by an internal server, wherein the private key is encrypted and stored in the internal server;
Writing the public key into an embedded device;
uploading the first upgrade package file to an internal server, signing the first upgrade package file by the internal server by using the private key, writing the private key signature into the head of the first upgrade package file, and generating a new second upgrade package file with the private key signature;
And the internal server uploads the second upgrade package file with the private key signature to the cloud server as an upgrade package.
In some embodiments of the present application, the header information of the second upgrade package file includes an upgrade package version number and a private key signature value.
In some embodiments of the application, writing the public key into the embedded device comprises:
and writing the public key into the embedded device through a PC production line encryption tool.
In a second aspect, an embodiment of the present application provides an FOTA upgrading apparatus for an embedded device, where an internal flash memory of the embedded device includes a boot program area and an internal program area, and an external flash memory of the embedded device is divided into an upgrade package storage area and a parameter storage area, where the apparatus includes:
The device comprises a reporting module, a cloud server and a control module, wherein the reporting module is used for connecting the embedded device to the cloud server after power-on initialization of the embedded device, and reporting device information of the embedded device to the cloud server, wherein the device information comprises an integrated circuit card identification code and a software version number of the device;
The receiving module is used for receiving the upgrade package address issued by the cloud server, simultaneously enabling the cloud server to generate a symmetric AES256 key through an MD5 algorithm according to the integrated circuit card identification code and the fixed field agreed by the two parties, encrypting the non-file head of the upgrade package by using the AES256 key and generating an SHA1 check code;
The downloading module is used for downloading the upgrade package to the upgrade package storage area according to the upgrade package address, setting the upgrade flag bit as 1, and checking the SHA1 check code of the upgrade package after the downloading is completed; if the verification is passed, comparing the version number of the upgrade package with the version number of the software, if the version number of the upgrade package is smaller than the version number of the software, feeding back failure of upgrading the cloud server, and setting an upgrade flag bit to be 0; if the version number of the upgrade package is larger than the version number of the software, continuing upgrading;
The decryption module is used for decrypting the upgrade package by using the AES256 key, decrypting the data with the preset threshold value at most each time, and simultaneously performing signature calculation by using a public key in the embedded equipment according to the decrypted data until all signature values after decryption are obtained, and comparing signature fields of the file header;
And the refreshing module is used for restarting the equipment after signature verification is passed, entering a Bootloader to decrypt the upgrade package again, refreshing the upgrade package stored in the upgrade package storage area to the internal program area, generating a verification value, setting an upgrade flag bit to be 0, and waiting for next upgrade.
In some embodiments of the present application, the generation process of the upgrade package is as follows:
Compiling and generating a first upgrade package file in an embedded development platform, and generating an asymmetric public key and a private key pair by an internal server, wherein the private key is encrypted and stored in the internal server;
Writing the public key into an embedded device;
uploading the first upgrade package file to an internal server, signing the first upgrade package file by the internal server by using the private key, writing the private key signature into the head of the first upgrade package file, and generating a new second upgrade package file with the private key signature;
And the internal server uploads the second upgrade package file with the private key signature to the cloud server as an upgrade package.
In a third aspect, the present application provides an electronic device, comprising: a memory, a processor and a computer program stored on the memory and executable on the processor, the processor executing the computer program to perform the method according to the first aspect.
In a fourth aspect, the present application provides a computer readable storage medium having stored thereon computer readable instructions executable by a processor to implement the method according to the first aspect.
Compared with the prior art, the FOTA upgrading method of the embedded equipment provided by the application has the advantages that the private key signature and the public key signature are adopted in the upgrading process of the FOTA, the authenticity and the non-repudiation of the upgrading package are ensured, and meanwhile, the SHA1 is also adopted for verifying the upgrading package to ensure the integrity of the upgrading package. The whole downloading process uses HTTPS to carry out encryption downloading, and meanwhile, the downloaded upgrade package uses a one-machine one-encryption AES256 encryption mode to ensure that each upgrade package is different, other users cannot acquire key information from the upgrade package and tamper the upgrade package content, and even version rollback cannot be carried out, so that the safety of FOTA upgrade is ensured.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the application. Also, like reference numerals are used to designate like parts throughout the figures. In the drawings:
Fig. 1 shows a flowchart of a FOTA upgrading method of an embedded device according to an embodiment of the present application;
Fig. 2 shows a flowchart of a FOTA upgrading method of a specific embedded device according to an embodiment of the present application;
Fig. 3 is a schematic diagram of an FOTA upgrading device of an embedded device according to an embodiment of the present application;
Fig. 4 shows a schematic diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
It is noted that unless otherwise indicated, technical or scientific terms used herein should be given the ordinary meaning as understood by one of ordinary skill in the art to which this application belongs.
In addition, the terms "first" and "second" etc. are used to distinguish different objects and are not used to describe a particular order. Furthermore, the terms "comprise" and "have," as well as any variations thereof, are intended to cover a non-exclusive inclusion. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed steps or elements but may include other steps or elements not listed or inherent to such process, method, article, or apparatus.
Referring to fig. 1, fig. 1 is a flowchart of an FOTA upgrading method of an embedded device according to an embodiment of the present application, where the method is applied to an embedded device, especially an embedded device without an operating system. The internal FLASH memory (internal FLASH) of the embedded device comprises a boot program area (BootLoader) and an internal program area, and the external FLASH memory (plug-in FLASH) of the embedded device is divided into an upgrade package storage area and a parameter storage area.
Table 1 below shows the memory partition table for the embedded device. Because the internal memory space of MCU (micro controller) of the embedded device is insufficient (the complex code amount of the function is large), the use of plug-in FLASH expands the usability of the memory resource, reserves enough space for downloading the upgrade package.
TABLE 1
The Bootloader is used for completing secure boot, internal program region data verification, update package refreshing, application program backup and recovery. The internal program area is an application running area. The upgrade package storage area of the plug-in FLASH is used for storing upgrade packages of the remote OTA downloading completion. The parameter storage area is used to store user information, configuration information, and the like.
The method comprises the following steps S101-S105:
S101, connecting the embedded device to a cloud server after power-on initialization, wherein the cloud server is an Internet of things cloud platform and can be connected to the cloud server through HTTPS TLS 1.2 protocol, the embedded device reports device information of the embedded device to the cloud server, the device information comprises an integrated circuit card identification code ICCID and a software version number of the device, and information such as a hardware version number and the like can be reported to the cloud server. And the cloud server judges the uploaded software version number, and can issue an upgrade task if the reported software version number is lower than the upgrade package version number. And if the upgrade is required, the cloud server transmits the URL address of the upgrade package to the embedded equipment.
S102, receiving an upgrade package address issued by a cloud server, enabling the cloud server to generate a symmetric AES256 key through an MD5 algorithm according to the integrated circuit card identification code and a fixed field agreed by both sides, encrypting a non-file header of the upgrade package by using the AES256 key, and generating an SHA1 check code;
S103, downloading an upgrade package to an upgrade package storage area of the plug-in FLASH according to the upgrade package address, setting an upgrade flag bit to be 1, and checking an SHA1 check code of the upgrade package after the upgrade package is downloaded so as to check the integrity of the upgrade package; if the verification is passed, comparing the version number of the upgrade package with the version number of the software, if the version number of the upgrade package is smaller than the version number of the software, feeding back failure of the cloud server, carrying a failure reason, and setting an upgrade flag bit to be 0; if the version number of the upgrade package is larger than the version number of the software, continuing upgrading;
specifically, the generation process of the upgrade package is as follows:
compiling and generating a first upgrade package file in an embedded development platform, and generating an asymmetric public key and a private key pair by an internal server, wherein the private key is encrypted and stored in the internal server; specifically, a user uploads an upgrade package source code to an embedded development platform, a compiler on the embedded development platform compiles the upgrade package source code into an executable machine code, and a binary bin file is generated, wherein the first upgrade package file is a bin file.
Writing the public key into an embedded device; the public key can be written into the embedded equipment through a PC production line encryption tool;
Uploading the first upgrade package file to an internal server, signing the first upgrade package file by the internal server by using the private key, writing the private key signature into the head of the first upgrade package file, and generating a new second upgrade package file with the private key signature; the header information of the second upgrade package file includes an upgrade package version number and a private key signature value. Specifically, as shown in the following table 2, header (Header) information of the upgrade package file includes the file Header magic numbers (0 x33 ), info area (hardware version number, upgrade package version number, private key signature value, etc.); in table 2, payload refers to valid data within the upgrade package.
TABLE 2
And the internal server uploads the second upgrade package file with the private key signature to the cloud server as an upgrade package.
Table 2 is an upgrade package structure of the embedded device, after the embedded platform compiles the upgrade package bin1 file, the upgrade package bin1 file is uploaded to an internal server to generate a bin2 file, and the internal server reads the content of the bin2 file to generate a message header of the bin2 file, including an upgrade package version number, a hardware version number, a private key signature value and the like. The internal server and the cloud server are 2 different servers, and in order to ensure the security of the secret key and the security of generating the bin2 file, the internal server is deployed in the intranet of a company, is an independent server, is not connected with the Internet, and can be used for uploading the file by a specific user.
S104, decrypting the upgrade package by using the AES256 key, decrypting the data with the preset threshold value at most each time, and simultaneously performing signature calculation by using a public key in the embedded equipment according to the decrypted data until all signature values after decryption are obtained, and comparing signature fields of the file header;
Specifically, since the upgrade package file is larger, and the memory space in the MCU of the embedded device is limited, only data with a preset threshold size is decrypted at maximum each time, for example, only 4K data is decrypted at maximum each time.
S105, after signature verification is passed, restarting the equipment, entering a Bootloader to decrypt the upgrade package again, brushing the upgrade package stored in the upgrade package storage area of the plug-in FLASH to an internal program area, generating a verification value, setting an upgrade flag bit to be 0, and waiting for next upgrade.
Specifically, after the internal program verification and comparison pass, the internal program jumps from the Bootloader to the internal program area for operation, and the upgrading result is reported. If the power-off restarting occurs in the upgrading process, the embedded equipment MCU judges that the upgrading flag bit is 1, and then the data is continuously read from the upgrading package storage area of the plug-in FLASH again to brush the internal program area.
In order to facilitate understanding, a specific FOTA upgrading flowchart of the embedded device shown in fig. 2 is provided, and the technical scheme and the design steps of the present invention are described in detail. The following describes the steps of the present invention in its implementation with reference to fig. 2.
Step 1: compiling a bin1 file of the generating program in the embedded development platform. The internal server generates an asymmetric public key and private key pair, and the private key is stored in the internal server in an encrypted manner.
Step 2: and (3) writing the public key generated in the step (1) into the embedded equipment through a PC production line encryption tool. For information interaction security, the PC tool and the embedded device use an authentication method (UDS 27 service) and a DID method to write into the embedded device.
Step 3: uploading the generated bin1 file to an internal server, and signing the firmware application bin1 file by the internal server by using the private key generated in the step 1 for the uploaded upgrade package file, and simultaneously writing the upgrade package file header to generate a new upgrade package bin2 with the private key signature. The bin2 upgrade package file header information includes the file header magic numbers 0x33, info area (hardware version number, upgrade package version number, private key signature value, etc.).
Step 4: and uploading the bin2 file with the private key signature to an Internet of things cloud server.
Step 5: and the device is electrified and initialized, the embedded device is connected to the Internet of things cloud platform through TLS1.2, and meanwhile ICCID, software and hardware version numbers and the like of the device are reported to the cloud server.
Step 6: and the cloud server judges the uploaded software version number, and can issue an upgrade task if the reported version number is lower than the version number of the current upgrade package.
Step 7: and on the basis of the step 6, if the upgrade is required, issuing the URL address of the upgrade package to the embedded equipment. Meanwhile, according to ICCID reported by the equipment and fixed fields agreed by both parties, a secret key is generated through MD5 algorithm and used as a symmetric AES256 secret key, the non-file header of the upgrade package is encrypted, and a new upgrade package (message header + encrypted program) and SHA1 check code after encryption are generated.
Step 8: the embedded equipment downloads an upgrade package to an upgrade package storage area of the plug-in FLASH, sets an upgrade flag bit to be 1, checks an SHA1 check code of the upgrade package after the download is completed, judges that the software version number of the header of the file package is compared with the current software version number if the upgrade package passes, feeds back failure of upgrading the cloud platform if the upgrade package version number is smaller than the current version, brings a failure reason, and sets the upgrade flag bit to be 0.
Step 9: because the upgrade file package bin2 is larger, the MCU decrypts only 4K at maximum each time, the key decrypts by using the AES256 key generated in the same mode in the step 7, meanwhile, the decrypted data is continuously calculated by using the public key signature inside the embedded device each time until all signature values after decryption are finished, and signature verification and comparison are carried out on the signature field of the file header.
And 10, restarting the equipment after the signature verification is passed, entering a Bootloader to decrypt the upgrade package again, brushing the FOTA program stored in the external FLASH to the internal program, generating a verification value, and setting the upgrade flag bit to be 0.
Step 11: after the internal program check comparison is passed, jumping from the Bootloader to the internal program area to run, reporting the upgrading result, and waiting for the next upgrading.
As described above, in the whole FOTA upgrading process, the upgrading package adopts the private key signature, the public key signature verification ensures the authenticity and non-repudiation of the upgrading package, and meanwhile, the upgrading package is also checked by adopting the SHA1 to ensure the integrity of the upgrading package. The whole downloading process uses HTTPS to carry out encryption downloading, and meanwhile, the downloaded upgrade package uses a one-machine one-encryption AES256 encryption mode to ensure that each upgrade package is different, other users cannot acquire key information from the upgrade package and tamper the upgrade package content, and even version rollback cannot be carried out, so that the safety of FOTA upgrade is ensured. Therefore, through the scheme adopted by the invention, the FOTA upgrading process of the embedded equipment can be safer.
In the above embodiment, a FOTA upgrading method of an embedded device is provided, and correspondingly, the application also provides a FOTA upgrading device of the embedded device. The FOTA upgrading device of the embedded device provided by the embodiment of the application can implement the FOTA upgrading method of the embedded device, and the FOTA upgrading device of the embedded device can be realized in a mode of software, hardware or combination of software and hardware. For example, the FOTA upgrade apparatus of the embedded device may include integrated or separate functional modules or units to perform the corresponding steps in the methods described above. Referring to fig. 3, an FOTA upgrading apparatus 10 of an embedded device includes:
The reporting module 101 is configured to connect to a cloud server after power-on initialization of an embedded device, and report device information of the embedded device to the cloud server, where the device information includes an integrated circuit card identification code and a software version number of the device;
the receiving module 102 is configured to receive an upgrade package address issued by a cloud server, and simultaneously enable the cloud server to generate a symmetric AES256 key through an MD5 algorithm according to the integrated circuit card identification code plus a fixed field agreed by both parties, encrypt a non-file header of the upgrade package by using the AES256 key, and generate a SHA1 check code;
A downloading module 103, configured to download an upgrade package to the upgrade package storage area according to the upgrade package address, set an upgrade flag bit to 1, and check an SHA1 check code of the upgrade package after the downloading is completed; if the verification is passed, comparing the version number of the upgrade package with the version number of the software, if the version number of the upgrade package is smaller than the version number of the software, feeding back failure of upgrading the cloud server, and setting an upgrade flag bit to be 0; if the version number of the upgrade package is larger than the version number of the software, continuing upgrading;
The decryption module 104 is configured to decrypt the upgrade package by using the AES256 key, decrypt only data with a preset threshold value at each time, and perform signature computation by using a public key inside the embedded device according to the decrypted data until all signature values after decryption are obtained, and check and compare signature fields of the file header;
and the refreshing module 105 is used for restarting the equipment after the signature verification is passed, entering a Bootloader to decrypt the upgrade package again, refreshing the upgrade package stored in the upgrade package storage area to the internal program area, generating a verification value, setting an upgrade flag bit to be 0, and waiting for the next upgrade.
In some embodiments of the present application, the generation process of the upgrade package is as follows:
Compiling and generating a first upgrade package file in an embedded development platform, and generating an asymmetric public key and a private key pair by an internal server, wherein the private key is encrypted and stored in the internal server;
Writing the public key into an embedded device; specifically, the public key is written into the embedded equipment through a PC production line encryption tool;
Uploading the first upgrade package file to an internal server, signing the first upgrade package file by the internal server by using the private key, writing the private key signature into the head of the first upgrade package file, and generating a new second upgrade package file with the private key signature; the header information of the second upgrade package file comprises an upgrade package version number and a private key signature value;
And the internal server uploads the second upgrade package file with the private key signature to the cloud server as an upgrade package.
The FOTA upgrading device of the embedded device provided by the embodiment of the application and the FOTA upgrading method of the embedded device provided by the embodiment of the application have the same beneficial effects as the method adopted, operated or realized by the same application conception.
The embodiment of the application also provides an electronic device corresponding to the method provided by the embodiment, wherein the electronic device can be an electronic device for a client, such as a mobile phone, a notebook computer, a tablet computer, a desktop computer and the like, so as to execute the FOTA upgrading method of the embedded device.
Referring to fig. 4, a schematic diagram of an electronic device according to some embodiments of the present application is shown. As shown in fig. 4, the electronic device 20 includes: a processor 200, a memory 201, a bus 202 and a communication interface 203, the processor 200, the communication interface 203 and the memory 201 being connected by the bus 202; the memory 201 stores a computer program that can be executed on the processor 200, and when the processor 200 executes the computer program, the FOTA upgrading method of the embedded device provided in any of the foregoing embodiments of the present application is executed.
The memory 201 may include a high-speed random access memory (RAM: random Access Memory), and may further include a non-volatile memory (non-volatile memory), such as at least one disk memory. The communication connection between the system network element and at least one other network element is implemented via at least one communication interface 203 (which may be wired or wireless), the internet, a wide area network, a local network, a metropolitan area network, etc. may be used.
Bus 202 may be an ISA bus, a PCI bus, an EISA bus, or the like. The buses may be classified as address buses, data buses, control buses, etc. The memory 201 is configured to store a program, and the processor 200 executes the program after receiving an execution instruction, and the FOTA upgrading method of the embedded device disclosed in any of the foregoing embodiments of the present application may be applied to the processor 200 or implemented by the processor 200.
The processor 200 may be an integrated circuit chip with signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in the processor 200 or by instructions in the form of software. The processor 200 may be a general-purpose processor, including a central processing unit (Central Processing Unit, abbreviated as CPU), a network processor (Network Processor, abbreviated as NP), etc.; but may also be a Digital Signal Processor (DSP), application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in the memory 201, and the processor 200 reads the information in the memory 201, and in combination with its hardware, performs the steps of the above method.
The electronic equipment provided by the embodiment of the application and the FOTA upgrading method of the embedded equipment provided by the embodiment of the application have the same beneficial effects as the method adopted, operated or realized by the same application conception.
The embodiment of the present application also provides a computer readable storage medium corresponding to the FOTA upgrading method of the embedded device provided in the foregoing embodiment, where a computer program (i.e. a program product) is stored, where the computer program, when executed by a processor, performs the FOTA upgrading method of the embedded device provided in any of the foregoing embodiments.
It should be noted that examples of the computer readable storage medium may also include, but are not limited to, a phase change memory (PRAM), a Static Random Access Memory (SRAM), a Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a flash memory, or other optical or magnetic storage medium, which will not be described in detail herein.
The computer readable storage medium provided by the above embodiment of the present application has the same beneficial effects as the method adopted, operated or implemented by the application program stored in the same inventive concept as the FOTA upgrading method of the embedded device provided by the embodiment of the present application.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present application, and not for limiting the same; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the application, and are intended to be included within the scope of the appended claims and description.
Claims (8)
1. The FOTA upgrading method of the embedded equipment is characterized in that an internal flash memory of the embedded equipment comprises a boot program area and an internal program area, and an external flash memory hung outside the embedded equipment is divided into an upgrade package storage area and a parameter storage area, and the method comprises the following steps:
The method comprises the steps that after the embedded equipment is powered on and initialized, the embedded equipment is connected to a cloud server, equipment information of the embedded equipment is reported to the cloud server, and the equipment information comprises an integrated circuit card identification code and a software version number of the equipment;
Receiving an upgrade package address issued by a cloud server, enabling the cloud server to generate a symmetric AES256 key through an MD5 algorithm according to the integrated circuit card identification code and fixed fields agreed by the two parties, encrypting the non-file header of the upgrade package by using the AES256 key, and generating an SHA1 check code;
Downloading an upgrade package to the upgrade package storage area according to the upgrade package address, setting an upgrade flag bit as 1, and checking an SHA1 check code of the upgrade package after the downloading is completed; if the verification is passed, comparing the version number of the upgrade package with the version number of the software, if the version number of the upgrade package is smaller than the version number of the software, feeding back failure of upgrading the cloud server, and setting an upgrade flag bit to be 0; if the version number of the upgrade package is larger than the version number of the software, continuing upgrading;
Decrypting the upgrade package by using the AES256 key, decrypting the data with the preset threshold value at most each time, and simultaneously performing signature calculation by using a public key in the embedded equipment according to the decrypted data until all signature values after decryption are obtained, and comparing signature fields of the file header;
After the signature verification is passed, restarting the device, entering a Bootloader to decrypt the upgrade package again, brushing the upgrade package stored in the upgrade package storage area to the internal program area, generating a verification value, setting an upgrade flag bit to be 0, and waiting for the next upgrade.
2. The method of claim 1, wherein the generation process of the upgrade package is as follows:
Compiling and generating a first upgrade package file in an embedded development platform, and generating an asymmetric public key and a private key pair by an internal server, wherein the private key is encrypted and stored in the internal server;
Writing the public key into an embedded device;
uploading the first upgrade package file to an internal server, signing the first upgrade package file by the internal server by using the private key, writing the private key signature into the head of the first upgrade package file, and generating a new second upgrade package file with the private key signature;
And the internal server uploads the second upgrade package file with the private key signature to the cloud server as an upgrade package.
3. The method of claim 2, wherein the header information of the second upgrade package file includes an upgrade package version number and a private key signature value.
4. The method of claim 2, wherein writing the public key to the embedded device comprises:
and writing the public key into the embedded device through a PC production line encryption tool.
5. An FOTA upgrade apparatus for an embedded device, wherein an internal flash memory of the embedded device includes a boot program area and an internal program area, and an external flash memory of the embedded device is divided into an upgrade package storage area and a parameter storage area, the apparatus comprising:
The device comprises a reporting module, a cloud server and a control module, wherein the reporting module is used for connecting the embedded device to the cloud server after power-on initialization of the embedded device, and reporting device information of the embedded device to the cloud server, wherein the device information comprises an integrated circuit card identification code and a software version number of the device;
The receiving module is used for receiving the upgrade package address issued by the cloud server, simultaneously enabling the cloud server to generate a symmetric AES256 key through an MD5 algorithm according to the integrated circuit card identification code and the fixed field agreed by the two parties, encrypting the non-file head of the upgrade package by using the AES256 key and generating an SHA1 check code;
The downloading module is used for downloading the upgrade package to the upgrade package storage area according to the upgrade package address, setting the upgrade flag bit as 1, and checking the SHA1 check code of the upgrade package after the downloading is completed; if the verification is passed, comparing the version number of the upgrade package with the version number of the software, if the version number of the upgrade package is smaller than the version number of the software, feeding back failure of upgrading the cloud server, and setting an upgrade flag bit to be 0; if the version number of the upgrade package is larger than the version number of the software, continuing upgrading;
The decryption module is used for decrypting the upgrade package by using the AES256 key, decrypting the data with the preset threshold value at most each time, and simultaneously performing signature calculation by using a public key in the embedded equipment according to the decrypted data until all signature values after decryption are obtained, and comparing signature fields of the file header;
And the refreshing module is used for restarting the equipment after signature verification is passed, entering a Bootloader to decrypt the upgrade package again, refreshing the upgrade package stored in the upgrade package storage area to the internal program area, generating a verification value, setting an upgrade flag bit to be 0, and waiting for next upgrade.
6. The apparatus of claim 5, wherein the generation process of the upgrade package is as follows:
Compiling and generating a first upgrade package file in an embedded development platform, and generating an asymmetric public key and a private key pair by an internal server, wherein the private key is encrypted and stored in the internal server;
Writing the public key into an embedded device;
uploading the first upgrade package file to an internal server, signing the first upgrade package file by the internal server by using the private key, writing the private key signature into the head of the first upgrade package file, and generating a new second upgrade package file with the private key signature;
And the internal server uploads the second upgrade package file with the private key signature to the cloud server as an upgrade package.
7. An electronic device, comprising: a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor runs the computer program to implement the method according to any one of claims 1 to 4.
8. A computer readable storage medium having stored thereon computer readable instructions executable by a processor to implement the method of any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410319700.0A CN117932622B (en) | 2024-03-20 | 2024-03-20 | FOTA upgrading method, device and equipment of embedded equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410319700.0A CN117932622B (en) | 2024-03-20 | 2024-03-20 | FOTA upgrading method, device and equipment of embedded equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117932622A CN117932622A (en) | 2024-04-26 |
| CN117932622B true CN117932622B (en) | 2024-05-28 |
Family
ID=90770619
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410319700.0A Active CN117932622B (en) | 2024-03-20 | 2024-03-20 | FOTA upgrading method, device and equipment of embedded equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117932622B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110378153A (en) * | 2019-07-18 | 2019-10-25 | 上海擎感智能科技有限公司 | A kind of upgrade package safety downloading method and system |
| CN115643564A (en) * | 2022-09-27 | 2023-01-24 | 上汽通用五菱汽车股份有限公司 | FOTA upgrading method, device, equipment and storage medium for automobile safety |
| CN116193436A (en) * | 2023-02-28 | 2023-05-30 | 东风汽车集团股份有限公司 | OTA upgrade package issuing method and system for vehicle-mounted equipment |
| CN116954648A (en) * | 2023-06-21 | 2023-10-27 | 南京酷沃智行科技有限公司 | Whole vehicle ECU upgrading system and method based on OTA upgrading packet encryption |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA3152085C (en) * | 2019-09-25 | 2022-10-18 | Michael A. Weigand | Passive monitoring and prevention of unauthorized firmware or software upgrades between computing devices |
-
2024
- 2024-03-20 CN CN202410319700.0A patent/CN117932622B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110378153A (en) * | 2019-07-18 | 2019-10-25 | 上海擎感智能科技有限公司 | A kind of upgrade package safety downloading method and system |
| CN115643564A (en) * | 2022-09-27 | 2023-01-24 | 上汽通用五菱汽车股份有限公司 | FOTA upgrading method, device, equipment and storage medium for automobile safety |
| CN116193436A (en) * | 2023-02-28 | 2023-05-30 | 东风汽车集团股份有限公司 | OTA upgrade package issuing method and system for vehicle-mounted equipment |
| CN116954648A (en) * | 2023-06-21 | 2023-10-27 | 南京酷沃智行科技有限公司 | Whole vehicle ECU upgrading system and method based on OTA upgrading packet encryption |
Non-Patent Citations (1)
| Title |
|---|
| 车载OTA技术研究;万开明;洪雷;;时代汽车;20200605(第11期);12-13 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117932622A (en) | 2024-04-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI709056B (en) | Firmware upgrade method and device | |
| WO2018176733A1 (en) | Firmware upgrade method, terminal and computer-readable non-volatile storage medium | |
| KR100792287B1 (en) | Method for security and the security apparatus thereof | |
| TW201820132A (en) | Unified programming environment for programmable devices | |
| US20120166781A1 (en) | Single security model in booting a computing device | |
| US20220405392A1 (en) | Secure and flexible boot firmware update for devices with a primary platform | |
| CN112187544B (en) | Firmware upgrading method, device, computer equipment and storage medium | |
| US20150095652A1 (en) | Encryption and decryption processing method, apparatus, and device | |
| CN101316168B (en) | Authentification device and method | |
| CN110688660B (en) | Method and device for safely starting terminal and storage medium | |
| US20220075873A1 (en) | Firmware security verification method and device | |
| CN109814934B (en) | Data processing method, device, readable medium and system | |
| CN111596938A (en) | Embedded equipment firmware safety upgrading method, system, terminal and storage medium | |
| CN111628863B (en) | Data signature method and device, electronic equipment and storage medium | |
| CN105279441A (en) | Methods and architecture for encrypting and decrypting data | |
| CN111026419A (en) | Application program upgrading method, device and system of single chip microcomputer | |
| CN108170461B (en) | Differential upgrade package generation method, differential upgrade method and device | |
| CN110175478A (en) | A kind of mainboard powering method, system and programming device | |
| CN102831357B (en) | Encryption and authentication protection method and system of secondary development embedded type application program | |
| CN115242413A (en) | Internet of things equipment firmware safety upgrading method and device, electronic equipment and medium | |
| CN117932622B (en) | FOTA upgrading method, device and equipment of embedded equipment and storage medium | |
| CN110880965A (en) | Outgoing electronic document encryption method, system, terminal and storage medium | |
| CN112817615B (en) | File processing method, device, system and storage medium | |
| Gedeon et al. | Secure boot and firmware update on a microcontroller-based embedded board | |
| CN117063176A (en) | Configuration control apparatus and method for configuring electronic components of electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |