CN118349274A - Application program upgrading method and device for vehicle, storage medium and processor - Google Patents

Application program upgrading method and device for vehicle, storage medium and processor Download PDF

Info

Publication number
CN118349274A
CN118349274A CN202410564248.4A CN202410564248A CN118349274A CN 118349274 A CN118349274 A CN 118349274A CN 202410564248 A CN202410564248 A CN 202410564248A CN 118349274 A CN118349274 A CN 118349274A
Authority
CN
China
Prior art keywords
target
upgrade
application program
version
upgrading
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410564248.4A
Other languages
Chinese (zh)
Inventor
宋雪
李木犀
杨雪珠
于欢
徐明蔚
刘晗
王梓安
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
FAW Group Corp
Original Assignee
FAW Group Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by FAW Group Corp filed Critical FAW Group Corp
Priority to CN202410564248.4A priority Critical patent/CN118349274A/en
Publication of CN118349274A publication Critical patent/CN118349274A/en
Pending legal-status Critical Current

Links

Landscapes

  • Stored Programmes (AREA)

Abstract

The invention discloses a method and a device for upgrading an application program of a vehicle, a storage medium and a processor. The method comprises the following steps: acquiring an initial upgrade package of an application program of a vehicle; encrypting the initial upgrade package by using a first encryption key to obtain a target upgrade package, wherein the first encryption key is a symmetric encryption key; signing the target upgrade package by using a second encryption key to obtain a signature verification value of the target upgrade package, wherein the second encryption key is an asymmetric encryption key; determining the target upgrade package and the signature verification value as an upgrade file corresponding to the application program, wherein the upgrade file is used for upgrading the application program; and the upgrade file is signed by utilizing a first decryption key corresponding to the second encryption key, and the application program is upgraded from the initial version to the target version based on the signed upgrade file. The invention solves the technical problem of low safety in the upgrading process of the vehicle-mounted software program.

Description

Application program upgrading method and device for vehicle, storage medium and processor
Technical Field
The present invention relates to the field of vehicles, and in particular, to a method, an apparatus, a storage medium, and a processor for upgrading an application program of a vehicle.
Background
With the rapid development of vehicle intellectualization and networking, the scale of the on-board software program is continuously increasing, and the upgrading of the on-board software program is also becoming particularly important. In the related art, an upgrade package is often directly downloaded from a cloud, and the upgrade of a vehicle-mounted software program is completed by installing the upgrade package. However, by installing an unauthorized upgrade package, the vehicle-mounted software program can be destroyed, so that the vehicle-mounted software program cannot be normally used, and the technical problem of low safety in the upgrading process of the vehicle-mounted software program is caused.
Aiming at the technical problem of low safety in the upgrading process of the vehicle-mounted software program, no effective solution is proposed at present.
Disclosure of Invention
The embodiment of the invention provides a method, a device, a storage medium and a processor for upgrading an application program of a vehicle, which are used for at least solving the technical problem of low safety in the upgrading process of a vehicle-mounted software program.
According to one aspect of the embodiment of the invention, a method for upgrading an application program of a vehicle is provided. The method comprises the following steps: acquiring an initial upgrade package of an application program of a vehicle; encrypting the initial upgrade package by using a first encryption key to obtain a target upgrade package, wherein the first encryption key is a symmetric encryption key; signing the target upgrade package by using a second encryption key to obtain a signature verification value of the target upgrade package, wherein the second encryption key is an asymmetric encryption key; determining the target upgrade package and the signature verification value as an upgrade file corresponding to the application program, wherein the upgrade file is used for upgrading the application program; and the upgrade file is signed by utilizing a first decryption key corresponding to the second encryption key, and the application program is upgraded from the initial version to the target version based on the signed upgrade file.
Optionally, signing the target upgrade package by using the second encryption key to obtain a signature verification value of the target upgrade package, including: carrying out hash processing on the target upgrade package to obtain a check value of the target upgrade package; and signing the check value by using the second encryption key to obtain a signature check value.
Optionally, the method includes the steps of signing the upgrade file with a first decryption key corresponding to the second encryption key, and upgrading the application program from the initial version to the target version based on the signed upgrade file, including: signing the signature verification value in the upgrade file by using the first decryption key to obtain a first target verification value, and carrying out hash processing on a target upgrade package in the upgrade file to obtain a second target verification value, wherein the signed upgrade file comprises the first target verification value; the application is upgraded from the initial version to the target version based on the first target check value and the second target check value.
Optionally, upgrading the application program from the initial version to the target version based on the first target check value and the second target check value includes: determining the first encryption key as the second decryption key in response to the first target verification value being the same as the first target verification value; decrypting the target upgrade package by using the second decryption key to obtain an initial upgrade package; an initial upgrade package is installed to upgrade the application program from the initial version to the target version.
Optionally, installing the initial upgrade package to upgrade the application program from the initial version to the target version includes: determining the current progress of installing the initial upgrade package; and in response to the current progress being the target installation progress, upgrading the application program from the initial version to the target version.
Optionally, the method further comprises: determining an upgraded version of the upgraded application program; and determining an upgrading result of the application program based on the upgrading version and the target version.
Optionally, determining the upgrade result of the application program based on the upgrade version and the target version includes: determining that the upgrading result is successful in upgrading the application program in response to the upgrading version being identical to the target version; and determining that the upgrading result is the application program upgrading failure in response to the upgrading version being different from the target version.
Optionally, after determining that the upgrade result is the application program upgrade failure in response to the upgrade version being different from the target version, the method further comprises: determining a fault location at which the application program is stopped to upgrade in response to the application program stopping to upgrade; the application is upgraded from the failure location to the target version.
According to an aspect of an embodiment of the present invention, there is provided an application upgrade apparatus for a vehicle. The apparatus may include: an acquisition unit configured to acquire an initial upgrade package of an application program of a vehicle; the encryption unit is used for encrypting the initial upgrade package by using a first encryption key to obtain a target upgrade package, wherein the first encryption key is a symmetric encryption key; the signature unit is used for signing the target upgrade package by using a second encryption key to obtain a signature verification value of the target upgrade package, wherein the second encryption key is an asymmetric encryption key; the first determining unit is used for determining the target upgrade package and the signature verification value as an upgrade file corresponding to the application program, wherein the upgrade file is used for upgrading the application program; and the first upgrading unit is used for performing signing-off on the upgrading file by utilizing the first decryption key corresponding to the second encryption key, and upgrading the application program from the initial version to the target version based on the signed-off upgrading file.
According to another aspect of an embodiment of the present invention, there is also provided a processor. The processor is used for running a program, wherein the program is used for executing the application program upgrading method of the vehicle when being run by the processor.
According to another aspect of an embodiment of the present invention, there is also provided an electronic apparatus including: a memory storing an executable program; and the processor is used for running a program, wherein the program executes the application program upgrading method of the vehicle in each embodiment of the invention when running.
According to another aspect of an embodiment of the present invention, there is also provided a computer-readable storage medium. The computer readable storage medium comprises a stored program, wherein the device in which the computer readable storage medium is located is controlled to execute the application program upgrading method of the vehicle according to the embodiment of the invention when the program runs.
According to another aspect of the embodiments of the present invention, there is also provided a computer program product comprising a computer program, wherein the computer program, when executed by a processor, implements the application program upgrading method of the vehicle of the embodiments of the present invention.
According to another aspect of the embodiments of the present invention, there is also provided a computer program product including a non-volatile computer readable storage medium for storing a computer program which when executed by a processor implements the application program upgrading method of the vehicle in the various embodiments of the present invention.
According to another aspect of the embodiments of the present application, there is further provided a computer program, which when executed by a processor, implements the method for upgrading an application program of a vehicle in each of the embodiments of the present application described above.
In the embodiment of the invention, when the application program of the vehicle is upgraded, an initial upgrade package of the application program of the vehicle is obtained. And encrypting the initial upgrade package by using the first encryption key to obtain a target upgrade package. And signing the obtained target upgrade package by using the second encryption key to obtain a signature verification value of the target upgrade package, and determining the obtained target upgrade package and the obtained signature verification value as an upgrade file corresponding to the application program. And the determined upgrade file is signed by utilizing the first decryption key corresponding to the second encryption key, and the application program can be upgraded from the initial version to the target version based on the signed upgrade file, so that the aim of avoiding damage to the vehicle-mounted software program is fulfilled, the technical problem of low safety of the upgrading process of the vehicle-mounted software program is solved, and the technical effect of improving the safety of the upgrading process of the vehicle-mounted software program is realized.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the description serve to explain the application and do not constitute a limitation on the application. In the drawings:
FIG. 1 is a flow chart of a method of application upgrade for a vehicle according to an embodiment of the present invention;
FIG. 2 (a) is a flowchart of a method of reinforcing an upgrade package according to an embodiment of the present invention;
FIG. 2 (b) is a flowchart of a method for verifying an upgrade package according to an embodiment of the present invention;
fig. 3 is a schematic diagram of an application upgrading apparatus of a vehicle according to an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, shall fall within the scope of the invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
According to an embodiment of the present invention, there is provided a method for upgrading an application program of a vehicle, it being noted that the steps shown in the flowchart of the drawings may be performed in a computer system such as a set of computer executable instructions, and that although a logical order is shown in the flowchart, in some cases the steps shown or described may be performed in an order different from that herein.
Fig. 1 is a flowchart of a method of upgrading an application program of a vehicle according to an embodiment of the present invention, which may include the steps of:
Step S101, an initial upgrade package of an application program of a vehicle is acquired.
In the technical solution provided in the step S101 of the present invention, the initial upgrade package may be at least used for repairing functions to be repaired in an application program of a vehicle and adding functions to be added in the application program of the vehicle.
In this embodiment, an initial upgrade package of an application program of a vehicle is acquired. That is, in the case of logging into an official website of the manufacturer of the vehicle, the initial upgrade package of the application may be downloaded and acquired, or may be transmitted and acquired through a wireless connection between the vehicle and a device that has downloaded the initial upgrade package of the application, which is merely illustrated herein and not specifically limited.
It should be noted that the above device may at least include: the mobile phone, tablet computer, notebook computer, other vehicles belonging to the same type as the vehicle, etc. are only exemplified herein, and are not particularly limited.
Step S102, encrypting the initial upgrade package by using the first encryption key to obtain a target upgrade package.
In the technical solution provided in the step S102 of the present invention, the first encryption key may be a symmetric encryption key. For example, the first encryption key may be, but is not limited to, a triple data encryption standard (TRIPLE DATA Encryption Standard, abbreviated as 3 DES) key.
In this embodiment, after the initial upgrade package of the application program of the vehicle is acquired, the initial upgrade package is encrypted with the first encryption key to obtain the target upgrade package. That is, on the basis of acquiring an initial upgrade package of an application program of a vehicle, a key type for encrypting the initial upgrade package may be determined, and a key for encrypting the initial upgrade package may be selected according to the determined key type. And if the determined key type is the symmetric encryption key type, selecting a first encryption key, and using the first encryption key to symmetrically encrypt the obtained initial upgrade package of the application program, so as to obtain a target upgrade package.
And step S103, signing the target upgrade package by using the second encryption key to obtain a signature verification value of the target upgrade package.
In the technical solution provided in the step S103 of the present invention, the second encryption key may be an asymmetric encryption key.
In this embodiment, after the initial upgrade package is encrypted by using the first encryption key to obtain the target upgrade package, the target upgrade package is signed by using the second encryption key to obtain the signature verification value of the target upgrade package. That is, on the basis of the encryption to obtain the target upgrade package, the check value of the target upgrade package may be determined, and the key type for signing the check value of the target upgrade package may be determined. And selecting an encryption key for signing the check value of the target upgrade package according to the determined signing key type. If the determined signature key type is an asymmetric encryption key type, selecting a second encryption key, and signing the obtained verification value of the target upgrade package by using the second encryption key to obtain the signature verification value of the target upgrade package.
Step S104, determining the target upgrade package and the signature verification value as an upgrade file corresponding to the application program.
In the technical solution provided in the step S104 of the present invention, the upgrade file may be used to upgrade an application program.
In this embodiment, after signing the target upgrade package with the second encryption key to obtain the signature verification value of the target upgrade package, the target upgrade package and the signature verification value are determined to be the upgrade file corresponding to the application program. That is, on the basis of the signature verification value of the target upgrade package obtained by signing, the target upgrade package obtained by encrypting and the signature verification value obtained by signing are packaged into the same file, and the file is determined to be the upgrade file corresponding to the application program.
Step S105, the upgrade file is untagged by using the first decryption key corresponding to the second encryption key, and the application program is upgraded from the initial version to the target version based on the untagged upgrade file.
In the solution provided in the step S105 of the present invention, the first decryption key may be an asymmetric decryption key, and the second encryption key and the first decryption key may be present in pairs. For example, if the second encryption Key is a private Key (PRIVATE KEY), the first decryption Key may be a Public Key (Public Key) that matches the private Key, which is given by way of example only and not limitation.
In this embodiment, after determining the target upgrade package and the signature verification value as an upgrade file corresponding to the application program, the upgrade file is untagged by using a first decryption key corresponding to the second encryption key, and the application program is upgraded from the initial version to the target version based on the untagged upgrade file. That is, on the basis of determining the upgrade file corresponding to the application program, the signature verification value in the upgrade file is signed by using the first decryption key corresponding to the second encryption key, so that a first target verification value can be obtained, and the application program can be upgraded from the initial version to the target version at least based on the first target verification value obtained by signing.
In this embodiment, on the basis of determining an upgrade file corresponding to an application program, hash processing is performed on a target upgrade package in the upgrade file to obtain a second target check value, and by judging a relationship between a first target check value obtained by signing and a second target check value obtained by hash processing, it is determined whether to upgrade the application program from an initial version to a target version. If the first target check value obtained by the signing solving is judged to be the same as the second target check value obtained by the hash processing, the application program can be upgraded from the initial version to the target version.
Optionally, if the first target check value obtained by breaking out the disapproval is different from the second target check value obtained by the hash processing, the application program is not upgraded from the initial version to the target version, and the initial upgrade package of the application program of the vehicle is reacquired. And encrypting the initial upgrade package by using the first encryption key to obtain a target upgrade package. And signing the obtained target upgrade package by using the second encryption key to obtain a signature verification value of the target upgrade package, and determining the obtained target upgrade package and the obtained signature verification value as an upgrade file corresponding to the application program. And performing signing decomposition on the signature verification value in the upgrade file by using a first decryption key corresponding to the second encryption key to obtain a first target verification value, and upgrading the application program from the initial version to the target version at least based on the first target verification value obtained by signing decomposition.
In the step S101 to step S105, when the application program of the vehicle is updated, an initial update package of the application program of the vehicle is obtained. And encrypting the initial upgrade package by using the first encryption key to obtain a target upgrade package. And signing the obtained target upgrade package by using the second encryption key to obtain a signature verification value of the target upgrade package, and determining the obtained target upgrade package and the obtained signature verification value as an upgrade file corresponding to the application program. And the determined upgrade file is signed by utilizing the first decryption key corresponding to the second encryption key, and the application program can be upgraded from the initial version to the target version based on the signed upgrade file, so that the aim of avoiding damage to the vehicle-mounted software program is fulfilled, the technical problem of low safety of the upgrading process of the vehicle-mounted software program is solved, and the technical effect of improving the safety of the upgrading process of the vehicle-mounted software program is realized.
The above-described method of this embodiment is further described below.
As an optional embodiment, step S103, signing the target upgrade package with the second encryption key to obtain a signature verification value of the target upgrade package, includes: carrying out hash processing on the target upgrade package to obtain a check value of the target upgrade package; and signing the check value by using the second encryption key to obtain a signature check value.
In this embodiment, after encrypting an initial upgrade package by using a first encryption key to obtain a target upgrade package, performing hash processing on the target upgrade package to obtain a verification value of the target upgrade package; and signing the check value by using the second encryption key to obtain a signature check value. That is, hash processing is performed on the target upgrade package on the basis of encryption to obtain the target upgrade package, a check value of the target upgrade package can be obtained, and a key type for signing the check value of the target upgrade package is determined. And selecting an encryption key for signing the check value of the target upgrade package according to the determined signing key type. If the determined signature key type is an asymmetric encryption key type, selecting a second encryption key, and signing the obtained verification value of the target upgrade package by using the second encryption key to obtain the signature verification value of the target upgrade package.
Optionally, if the second encryption key is PRIVATE KEY, the verification value of the target upgrade package obtained by the hash processing is signed by using PRIVATE KEY, so as to obtain a signature verification value of the target upgrade package, which is only illustrated herein and not specifically limited.
As an optional embodiment, step S104, performing signing-off on the upgrade file by using the first decryption key corresponding to the second encryption key, and upgrading the application program from the initial version to the target version based on the signed-off upgrade file, includes: signing the signature verification value in the upgrade file by using the first decryption key to obtain a first target verification value, and carrying out hash processing on a target upgrade package in the upgrade file to obtain a second target verification value; the application is upgraded from the initial version to the target version based on the first target check value and the second target check value.
In this embodiment, the signed upgrade file may include a first target check value.
In the embodiment, after determining the target upgrade package and the signature verification value as an upgrade file corresponding to the application program, performing signing decomposition on the signature verification value in the upgrade file by using a first decryption key to obtain a first target verification value, and performing hash processing on the target upgrade package in the upgrade file to obtain a second target verification value; the application is upgraded from the initial version to the target version based on the first target check value and the second target check value. That is, on the basis of determining the upgrade file corresponding to the application program, the signature verification value in the upgrade file is signed by using the first decryption key corresponding to the second encryption key, so that a first target verification value can be obtained, the target upgrade package in the upgrade file is hashed, a second target verification value can be obtained, and whether the application program is upgraded from the initial version to the target version can be determined by judging the relation between the first target verification value obtained by signing and the second target verification value obtained by hashing. If the first target check value obtained by the signing solving is judged to be the same as the second target check value obtained by the hash processing, the application program can be upgraded from the initial version to the target version.
In this embodiment, if it is determined that the first target check value obtained by signing is the same as the second target check value obtained by hashing, the first encryption key is determined to be the second decryption key, and the target upgrade package in the upgrade file is decrypted by using the second decryption key, so that the application program is upgraded from the initial version to the target version.
As an alternative embodiment, upgrading the application from the initial version to the target version based on the first target check value and the second target check value includes: determining the first encryption key as the second decryption key in response to the first target verification value being the same as the first target verification value; decrypting the target upgrade package by using the second decryption key to obtain an initial upgrade package; an initial upgrade package is installed to upgrade the application program from the initial version to the target version.
In this embodiment, if the first encryption key is a 3DES key, the second decryption key is also a 3DES key, which is illustrated herein by way of example and not limitation.
In the embodiment, a signature verification value in an upgrade file is signed by using a first decryption key to obtain a first target verification value, hash processing is performed on a target upgrade package in the upgrade file to obtain a second target verification value, and after the first target verification value is the same as the first target verification value, the first encryption key is determined to be the second decryption key; decrypting the target upgrade package by using the second decryption key to obtain an initial upgrade package; an initial upgrade package is installed to upgrade the application program from the initial version to the target version. That is, by judging the relationship between the first target verification value obtained by signing and the second target verification value obtained by hashing, it is possible to determine whether to upgrade the application program from the initial version to the target version. If the first target check value obtained by signing solving is the same as the second target check value obtained by hash processing, the first encryption key can be determined to be the second decryption key, the target upgrade package in the upgrade file is decrypted by using the second decryption key, an initial upgrade package can be obtained, and the application program can be upgraded from the initial version to the target version through installing the obtained initial upgrade package.
As an alternative embodiment, installing an initial upgrade package to upgrade an application program from an initial version to a target version includes: determining the current progress of installing the initial upgrade package; and in response to the current progress being the target installation progress, upgrading the application program from the initial version to the target version.
In this embodiment, the target installation progress may be expressed in terms of a percentage, for example, the target installation progress may be 100%, which is merely illustrated herein and not particularly limited.
In this embodiment, after decrypting the target upgrade package with the second decryption key to obtain the initial upgrade package, determining a current progress of installing the initial upgrade package; and in response to the current progress being the target installation progress, upgrading the application program from the initial version to the target version. That is, the process of installing the initial upgrade package is monitored in real time, the current progress of installing the initial upgrade package can be obtained, the relation between the current progress of installing the initial upgrade package and the target installation progress is judged, and if the current progress of installing the initial upgrade package is judged to be the target installation progress, it is determined that the application program has been upgraded from the initial version to the target version.
Optionally, if the current progress of the initial upgrade package is not the target installation progress, the application program is not upgraded from the initial version to the target version, the initial upgrade package is reinstalled, the process of installing the initial upgrade package is monitored in real time, the current progress of the initial upgrade package can be obtained, the relationship between the current progress of the initial upgrade package and the target installation progress is judged, and the application program is upgraded from the initial version to the target version until the current progress of the initial upgrade package is judged to be the target installation progress.
As an alternative embodiment, the method further comprises: determining an upgraded version of the upgraded application program; and determining an upgrading result of the application program based on the upgrading version and the target version.
In this embodiment, the upgrade result may be success of the upgrade of the application program or failure of the upgrade of the application program, which is only illustrated herein and not specifically limited.
In this embodiment, an upgraded version of the upgraded application program is determined; and determining an upgrading result of the application program based on the upgrading version and the target version. That is, the updated version of the updated application program can be obtained by detecting the version of the updated application program, and the relationship between the updated version of the updated application program and the target version can be judged, so that the upgrading result of the application program can be determined. If the updated version of the application program is the same as the target version, the updated result can be determined as successful update of the application program; if the updated version of the application program is different from the target version, the updating result can be determined to be the failure of the updating of the application program.
As an alternative embodiment, determining an upgrade result of the application program based on the upgrade version and the target version includes: determining that the upgrading result is successful in upgrading the application program in response to the upgrading version being identical to the target version; and determining that the upgrading result is the application program upgrading failure in response to the upgrading version being different from the target version.
In the embodiment, after determining the updated version of the updated application program, determining that the updated result is that the application program is successfully updated in response to the updated version being the same as the target version; and determining that the upgrading result is the application program upgrading failure in response to the upgrading version being different from the target version. That is, the relationship between the upgraded version of the upgraded application program and the target version is judged, and the upgrade result of the application program can be determined. If the updated version of the application program is the same as the target version, the updated result can be determined as successful update of the application program; if the updated version of the application program is different from the target version, the updating result can be determined to be the failure of the updating of the application program.
As an alternative embodiment, after determining that the upgrade result is the application program upgrade failure in response to the upgrade version being different from the target version, the method further includes: determining a fault location at which the application program is stopped to upgrade in response to the application program stopping to upgrade; the application is upgraded from the failure location to the target version.
In this embodiment, responsive to the application stopping the upgrade, determining a failure location at which the application stopped the upgrade; the application is upgraded from the failure location to the target version. That is, in response to the application program stopping the upgrade, by searching the log file of the application program, a fault location where the application program stopping the upgrade can be obtained, and a fault occurring at the fault location is repaired, after the fault repair, the application program is restored to the upgrade from the fault location until the application program is upgraded from the initial version to the target version.
Alternatively, if the failover fails, the application is rolled back to the original version before the upgrade and the application is upgraded from the original version to the target version by reinstalling the original upgrade package.
In the embodiment of the invention, when the application program of the vehicle is upgraded, an initial upgrade package of the application program of the vehicle is obtained. And encrypting the initial upgrade package by using the first encryption key to obtain a target upgrade package. And signing the obtained target upgrade package by using the second encryption key to obtain a signature verification value of the target upgrade package, and determining the obtained target upgrade package and the obtained signature verification value as an upgrade file corresponding to the application program. And the determined upgrade file is signed by utilizing the first decryption key corresponding to the second encryption key, and the application program can be upgraded from the initial version to the target version based on the signed upgrade file, so that the aim of avoiding damage to the vehicle-mounted software program is fulfilled, the technical problem of low safety of the upgrading process of the vehicle-mounted software program is solved, and the technical effect of improving the safety of the upgrading process of the vehicle-mounted software program is realized.
Example 2
The technical solution of the embodiment of the present invention will be illustrated in the following with reference to a preferred embodiment.
With the rapid development of vehicle intellectualization and networking, the scale of the on-board software program is continuously increasing, and the upgrading of the on-board software program is also becoming particularly important. In the related art, an upgrade package is often directly downloaded from a cloud, and the upgrade of a vehicle-mounted software program is completed by installing the upgrade package. However, by installing an unauthorized upgrade package, the vehicle-mounted software program can be destroyed, so that the vehicle-mounted software program cannot be normally used, and the technical problem of low safety in the upgrading process of the vehicle-mounted software program is caused.
In order to solve the technical problems, the embodiment of the invention provides a method for upgrading an application program of a vehicle, which is characterized in that an upgrade package is encrypted by utilizing a symmetric encryption key, then the upgrade package is signed and reinforced by utilizing an asymmetric encryption key, and then the upgrade package is checked by utilizing an asymmetric decryption key, so that the software of the vehicle is controlled to be safely upgraded, the aim of avoiding damage to the vehicle-mounted software program is achieved, the technical problem of low safety of the upgrading process of the vehicle-mounted software program is solved, and the technical effect of improving the safety of the upgrading process of the vehicle-mounted software program is realized.
In this embodiment, the initial upgrade package of the application program of the vehicle may be reinforced by the reinforcement method of the upgrade package, for example, fig. 2 (a) is a flowchart of a reinforcement method of the upgrade package according to an embodiment of the present invention, and as shown in fig. 2 (a), the method may include the steps of:
In step S201, an upgrade package corresponding to the vehicle is encrypted using an advanced encryption standard Key (Advanced Encryption STANDARD KEY, abbreviated as AES Key).
After encrypting the upgrade package corresponding to the vehicle, step S202 is entered, and the integrity calculation is performed on the encrypted upgrade package by using a hash algorithm, so as to obtain an encrypted upgrade package check value.
After obtaining the encrypted upgrade package check value, the process proceeds to step S203, and the encrypted upgrade package signature check value may be obtained by signing the encrypted upgrade package check value using PRIVATE KEY.
After obtaining the signature verification value of the encrypted upgrade package, step S204 is performed, where the encrypted upgrade package and the signature verification value of the encrypted upgrade package are used as upgrade files corresponding to the application program of the vehicle, and the upgrade files are sent to the vehicle end.
In this embodiment, by the verification method of the upgrade package, the upgrade file corresponding to the application program of the vehicle may be verified, for example, fig. 2 (b) is a flowchart of a verification method of the upgrade package according to an embodiment of the present invention, and as shown in fig. 2 (b), the method may include the following steps:
Step S211, the upgrade file is received by the vehicle end.
After the upgrade file is received by the vehicle end, the method proceeds to step S212 and step S213, and the encrypted upgrade package signature verification value in the upgrade file is checked by using the Public Key to obtain an encrypted upgrade package verification value attached to the upgrade file, and the integrity of the encrypted upgrade package in the upgrade file is verified by using a hash algorithm to obtain the digest value of the upgrade file to be compared.
After obtaining the check value of the encrypted upgrade package attached to the upgrade file and the digest value of the upgrade file to be compared, step S214 is performed to compare whether the check value of the encrypted upgrade package attached to the upgrade file and the digest value of the upgrade file to be compared are the same, so as to obtain a comparison result.
If the obtained comparison result is that the check value of the encrypted upgrade package attached to the upgrade file is different from the digest value of the upgrade file to be compared, step S215 is entered, the upgrade package is checked to be failed, an error log is recorded, the current upgrade package is discarded, and the security upgrade is failed. If the obtained comparison result is that the check value of the encrypted upgrade package attached to the upgrade file is the same as the abstract value of the upgrade file to be compared, step S216 is entered, the upgrade package is checked successfully, the safe upgrade is continued, and the upgrade package is saved to the target area corresponding to the vehicle.
After the upgrade package is stored in the target area corresponding to the vehicle, step S217 is entered, the encrypted upgrade package in the upgrade file is decrypted using the AES Key, and the vehicle-mounted software program is upgraded by installing the decrypted upgrade package, and the software refreshing process is performed.
In this embodiment, a software upgrading method for a vehicle is provided, in which an upgrade package is encrypted by using a symmetric encryption key, then the upgrade package is signed and reinforced by using an asymmetric encryption key, and then the upgrade package is checked by using an asymmetric decryption key, so that the software of the vehicle is controlled to be safely upgraded, the purpose of avoiding damage to a vehicle-mounted software program is achieved, the technical problem of low safety in the upgrading process of the vehicle-mounted software program is solved, and the technical effect of improving the safety in the upgrading process of the vehicle-mounted software program is achieved.
Example 3
According to the embodiment of the invention, an application program upgrading device of the vehicle is also provided. It should be noted that the application program upgrading apparatus of the vehicle may be used to execute the application program upgrading method of the vehicle in embodiment 1.
Fig. 3 is a schematic diagram of an application upgrading apparatus of a vehicle according to an embodiment of the present invention. As shown in fig. 3, the application upgrade apparatus 300 of the vehicle may include: an acquisition unit 301, an encryption unit 302, a signature unit 303, a first determination unit 304, and a first upgrade unit 305.
An acquiring unit 301, configured to acquire an initial upgrade package of an application program of a vehicle.
The encrypting unit 302 is configured to encrypt the initial upgrade package with a first encryption key to obtain a target upgrade package, where the first encryption key is a symmetric encryption key.
And a signing unit 303, configured to sign the target upgrade package by using a second encryption key, to obtain a signature verification value of the target upgrade package, where the second encryption key is an asymmetric encryption key.
The first determining unit 304 is configured to determine the target upgrade package and the signature verification value as an upgrade file corresponding to the application program, where the upgrade file is used to upgrade the application program.
The first upgrade unit 305 is configured to sign the upgrade file with a first decryption key corresponding to the second encryption key, and upgrade the application program from the initial version to the target version based on the signed upgrade file.
Alternatively, the signature unit 303 may include: the first processing module is used for carrying out hash processing on the target upgrade package to obtain a check value of the target upgrade package; and the signature module is used for signing the check value by using the second encryption key to obtain a signature check value.
Alternatively, the first upgrade unit 305 may include: the second processing module is used for signing the signature verification value in the upgrade file by utilizing the first decryption key to obtain a first target verification value, and carrying out hash processing on a target upgrade package in the upgrade file to obtain a second target verification value, wherein the signed upgrade file comprises the first target verification value; and the upgrading module is used for upgrading the application program from the initial version to the target version based on the first target check value and the second target check value.
Optionally, the upgrade module may include: the determining submodule is used for determining the first encryption key as the second decryption key in response to the fact that the first target check value is identical to the first target check value; the decryption sub-module is used for decrypting the target upgrade package by using the second decryption key to obtain an initial upgrade package; and the upgrading sub-module is used for installing an initial upgrading package so as to upgrade the application program from the initial version to the target version.
Alternatively, the upgrade sub-module may install the initial upgrade package to upgrade the application program from the initial version to the target version by performing the steps of: determining the current progress of installing the initial upgrade package; and in response to the current progress being the target installation progress, upgrading the application program from the initial version to the target version.
Alternatively, the application upgrade apparatus 300 of the vehicle may include: the second determining unit is used for determining the updated version of the updated application program; and the third determining unit is used for determining the upgrading result of the application program based on the upgrading version and the target version.
Alternatively, the third determining unit may include: the first determining module is used for determining that the upgrading result is that the application program is successfully upgraded in response to the fact that the upgrading version is the same as the target version; and the second determining module is used for determining that the upgrading result is the upgrading failure of the application program in response to the upgrading version being different from the target version.
Alternatively, the application upgrade apparatus 300 of the vehicle may include: a fourth determining unit configured to determine a failure location at which the application program stops upgrading in response to the application program stopping upgrading; and the second upgrading unit is used for upgrading the application program from the fault position to the target version.
In this embodiment, an acquisition unit that acquires an initial upgrade package of an application program of a vehicle; the encryption unit is used for encrypting the initial upgrade package by using a first encryption key to obtain a target upgrade package, wherein the first encryption key is a symmetric encryption key; the signature unit is used for signing the target upgrade package by using a second encryption key to obtain a signature verification value of the target upgrade package, wherein the second encryption key is an asymmetric encryption key; the first determining unit is used for determining the target upgrade package and the signature verification value as an upgrade file corresponding to the application program, wherein the upgrade file is used for upgrading the application program; the first upgrading unit is used for signing the upgrading file by utilizing the first decryption key corresponding to the second encryption key, and upgrading the application program from the initial version to the target version based on the signed upgrading file, so that the aim of avoiding damage to the vehicle-mounted software program is fulfilled, the technical problem of low safety of the upgrading process of the vehicle-mounted software program is solved, and the technical effect of improving the safety of the upgrading process of the vehicle-mounted software program is realized.
Example 4
According to an embodiment of the present invention, there is also provided a processor for running a program, wherein the program when run by the processor performs the application program upgrading method of the vehicle in each embodiment.
Example 5
According to an embodiment of the present invention, there is also provided an electronic device including: a memory storing an executable program; and the processor is used for running a program, wherein the program runs to execute the application program upgrading method of the vehicle in each embodiment.
Example 6
According to another aspect of an embodiment of the present invention, there is also provided a computer-readable storage medium. The computer readable storage medium includes a stored program, wherein the program when run controls a device in which the computer readable storage medium resides to execute the application program upgrade method of the vehicle in each embodiment.
Example 7
According to an embodiment of the present invention, there is also provided a computer program product including a computer program, wherein the computer program, when executed by a processor, implements the application program upgrade method of the vehicle in each embodiment.
Example 8
According to an embodiment of the present invention, there is also provided a computer program product including a non-volatile computer-readable storage medium storing a computer program which, when executed by a processor, implements the application program upgrading method of the vehicle in each embodiment.
Example 9
According to an embodiment of the present invention, there is also provided a computer program, which when executed by a processor, implements an application program upgrading method of the vehicle in each embodiment.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
In the foregoing embodiments of the present invention, the descriptions of the embodiments are emphasized, and for a portion of this disclosure that is not described in detail in this embodiment, reference is made to the related descriptions of other embodiments.
In the several embodiments provided in the present application, it should be understood that the disclosed technology may be implemented in other manners. The above-described embodiments of the apparatus are merely exemplary, and the division of units may be a logic function division, and there may be another division manner in actual implementation, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interfaces, units or modules, or may be in electrical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be essentially or a part contributing to the related art or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods of the embodiments of the present invention. And the aforementioned storage medium includes: a usb disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely a preferred embodiment of the present invention and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present invention, which are intended to be comprehended within the scope of the present invention.

Claims (13)

1. A method for upgrading an application program of a vehicle, comprising:
Acquiring an initial upgrade package of an application program of a vehicle;
encrypting the initial upgrade package by using a first encryption key to obtain a target upgrade package, wherein the first encryption key is a symmetric encryption key;
signing the target upgrade package by using a second encryption key to obtain a signature verification value of the target upgrade package, wherein the second encryption key is an asymmetric encryption key;
Determining the target upgrade package and the signature verification value as an upgrade file corresponding to the application program, wherein the upgrade file is used for upgrading the application program;
and performing signing-off on the upgrade file by using a first decryption key corresponding to the second encryption key, and upgrading the application program from an initial version to a target version based on the signed-off upgrade file.
2. The method of claim 1, wherein signing the target upgrade package with the second encryption key results in a signature verification value for the target upgrade package, comprising:
Carrying out hash processing on the target upgrade package to obtain a check value of the target upgrade package;
and signing the verification value by using the second encryption key to obtain the signature verification value.
3. The method of claim 1, wherein disapproval the upgrade file with a first decryption key corresponding to the second encryption key and upgrading the application from an initial version to a target version based on the disapproval upgrade file, comprises:
Performing signing decomposition on the signature verification value in the upgrade file by using the first decryption key to obtain a first target verification value, and performing hash processing on the target upgrade package in the upgrade file to obtain a second target verification value, wherein the signed upgrade file comprises the first target verification value;
The application program is upgraded from the initial version to the target version based on the first target check value and the second target check value.
4. The method of claim 3, wherein upgrading the application from the initial version to the target version based on the first target check value and the second target check value comprises:
determining the first encryption key as a second decryption key in response to the first target verification value being the same as the first target verification value;
Decrypting the target upgrade package by using the second decryption key to obtain the initial upgrade package;
Installing the initial upgrade package to upgrade the application program from the initial version to the target version.
5. The method of claim 4, wherein installing the initial upgrade package to upgrade the application program from the initial version to the target version comprises:
determining the current progress of installing the initial upgrade package;
And in response to the current progress being a target installation progress, upgrading the application program from the initial version to the target version.
6. The method according to any one of claims 1 to 5, further comprising:
determining an upgraded version of the upgraded application program;
and determining an upgrading result of the application program based on the upgrading version and the target version.
7. The method of claim 6, wherein determining an upgrade result for the application program based on the upgrade version and the target version comprises:
Determining that the upgrading result is successful in upgrading the application program in response to the upgrading version being the same as the target version;
And determining that the upgrading result is the upgrading failure of the application program in response to the upgrading version being different from the target version.
8. The method of claim 7, wherein after determining that the upgrade result is the application program upgrade failure in response to the upgrade version being different from the target version, the method further comprises:
determining a fault location at which the application program is stopped to upgrade in response to the application program stopping to upgrade;
And upgrading the application program from the fault position to the target version.
9. An application upgrade apparatus for a vehicle, comprising:
An acquisition unit configured to acquire an initial upgrade package of an application program of a vehicle;
The encryption unit is used for encrypting the initial upgrade package by using a first encryption key to obtain a target upgrade package, wherein the first encryption key is a symmetric encryption key;
the signature unit is used for signing the target upgrade package by using a second encryption key to obtain a signature verification value of the target upgrade package, wherein the second encryption key is an asymmetric encryption key;
The first determining unit is used for determining the target upgrade package and the signature verification value as an upgrade file corresponding to the application program, wherein the upgrade file is used for upgrading the application program;
And the first upgrading unit is used for performing signing-off on the upgrading file by utilizing a first decryption key corresponding to the second encryption key, and upgrading the application program from the initial version to the target version based on the upgrading file after signing-off.
10. A processor for running a program, wherein the program when run by the processor performs the application upgrade method of the vehicle of any one of claims 1 to 8.
11. An electronic device, comprising:
A memory storing an executable program;
A processor for running the program, wherein the program runs to execute the application program upgrading method of the vehicle according to any one of claims 1 to 8.
12. A computer-readable storage medium, characterized in that the computer-readable storage medium comprises a stored executable program, wherein the executable program, when run, controls a device in which the storage medium is located to perform the application program upgrading method of the vehicle according to any one of claims 1 to 8.
13. A computer program product comprising a computer program, characterized in that the computer program, when executed by a processor, implements the method for upgrading an application of a vehicle according to any of claims 1 to 8.
CN202410564248.4A 2024-05-08 2024-05-08 Application program upgrading method and device for vehicle, storage medium and processor Pending CN118349274A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410564248.4A CN118349274A (en) 2024-05-08 2024-05-08 Application program upgrading method and device for vehicle, storage medium and processor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410564248.4A CN118349274A (en) 2024-05-08 2024-05-08 Application program upgrading method and device for vehicle, storage medium and processor

Publications (1)

Publication Number Publication Date
CN118349274A true CN118349274A (en) 2024-07-16

Family

ID=91819369

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410564248.4A Pending CN118349274A (en) 2024-05-08 2024-05-08 Application program upgrading method and device for vehicle, storage medium and processor

Country Status (1)

Country Link
CN (1) CN118349274A (en)

Similar Documents

Publication Publication Date Title
CN110225063B (en) Upgrading method and system of automobile-mounted system, server and vehicle-mounted terminal
CN105989306B (en) File signature method and device and file verification method and device for operating system
US10157050B2 (en) Method for confirming correction program and information processing apparatus
US11151241B2 (en) Validation of software residing on remote computing devices
US9720782B2 (en) Authenticating a backup image with bifurcated storage
US8756414B2 (en) Information processing apparatus, software verification method, and software verification program
CN106293691A (en) Automatic discovery and installation of secure boot credentials
CN102880828B (en) Intrusion detection and recovery system aiming at virtualization support environment
CN109240731B (en) Safe upgrading method and system for TBox
CN108427888A (en) File signature method, file verification method and corresponding intrument and equipment
CN115643564A (en) FOTA upgrading method, device, equipment and storage medium for automobile safety
CN113360914A (en) BIOS updating method, system, equipment and medium
CN104572169B (en) A kind of software distribution and installation system based on UEFI
EP3706387B1 (en) Vehicle control device, vehicle control device start-up method, and recording medium
CN115244534A (en) Information processing apparatus and program startup method
CN115357908B (en) Network equipment kernel credibility measurement and automatic restoration method
CN116775145A (en) Method, device, equipment and storage medium for starting and recovering server
CN118349274A (en) Application program upgrading method and device for vehicle, storage medium and processor
CN111400771A (en) Target partition checking method and device, storage medium and computer equipment
CN112347467B (en) Starting method and system of vehicle-mounted controller
CN112416407A (en) Software upgrading method, device, equipment and computer readable storage medium
CN111427607A (en) Configuration file repair method, device and computer-readable storage medium
CN113495729A (en) Software upgrading method and device
CN114327657B (en) Large mirror image division downloading and signature verification method based on Fastboot and storage medium thereof
US12124557B2 (en) Validation of software residing on remote computing devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination