WO2019127276A1 - 诊断设备的诊断接头升级验证方法、装置及诊断接头 - Google Patents
诊断设备的诊断接头升级验证方法、装置及诊断接头 Download PDFInfo
- Publication number
- WO2019127276A1 WO2019127276A1 PCT/CN2017/119572 CN2017119572W WO2019127276A1 WO 2019127276 A1 WO2019127276 A1 WO 2019127276A1 CN 2017119572 W CN2017119572 W CN 2017119572W WO 2019127276 A1 WO2019127276 A1 WO 2019127276A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- diagnostic
- upgrade
- upgrade file
- connector
- verification
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/88—Medical equipments
Definitions
- the invention relates to the technical field of automobile electronics, in particular to a diagnostic joint upgrade verification method, device and diagnostic joint of a diagnostic device.
- the core of the diagnostic equipment of the car is the diagnostic connector
- the lower computer program in the diagnostic connector is the core of the core. How to protect the lower computer program from being illegally used is more and more important.
- the lower computer program of the diagnostic module needs to be upgraded to support the diagnosis of the new car.
- the criminals have illegally upgraded the diagnostic interface of the diagnostic device by cloning, so that the diagnostic connector is used for illegal operation, and the diagnostic tape for the car is given. Come to safety risks.
- the embodiment of the invention provides a diagnostic connector upgrade verification method, device and diagnostic connector for the diagnostic device, which can prevent the illegal linker from illegally upgrading the diagnostic interface of the diagnostic device and reduce the security risk of the diagnostic device.
- a diagnostic joint upgrade verification method for a diagnostic device is provided, and the diagnostic joint upgrade verification method is applied to a diagnostic connector of a diagnostic device, including:
- upgrade file data sent by a host computer of the diagnostic device, where the upgrade file data includes a joint upgrade file and signature information, where the signature information is generated in advance according to unique identification information of the specified joint and the joint upgrade file, where the designated joint is Point to the diagnostic connector corresponding to the requester that the server requests to provide the connector upgrade file;
- Signature verification of the signature information in the upgrade file data according to the unique identification information of the diagnostic connector to be upgraded and the joint upgrade file;
- the joint upgrade file is used to upgrade the diagnostic connector to be upgraded
- the upgrade file data sent by the upper computer of the obtaining diagnostic device includes:
- the method further includes:
- signature verification is performed on the signature information in the upgrade file data according to the unique identification information of the upgraded diagnostic connector and the joint upgrade file;
- the method before acquiring the upgrade file data sent by the upper computer of the diagnostic device, the method further includes:
- the upper computer is allowed to send the upgrade file data
- the host computer is rejected from transmitting the upgrade file data.
- a diagnostic connector upgrade verification device for a diagnostic device including:
- An upgrade data acquisition module configured to acquire upgrade file data sent by a host computer of the diagnostic device, where the upgrade file data includes a joint upgrade file and signature information, where the signature information is pre-determined according to the unique identification information of the specified connector and the joint upgrade file.
- the specified connector is a diagnostic connector corresponding to a requesting party requesting to provide a connector upgrade file by the server;
- a signature verification module configured to perform signature verification on the signature information in the upgrade file data according to the unique identification information of the diagnostic connector to be upgraded and the joint upgrade file;
- the upgrade module is rejected, and if the verification result of the signature verification module is not passed, the upgrade of the diagnostic connector to be upgraded is refused by using the joint upgrade file.
- the upgrade data obtaining module includes:
- the encrypted file obtaining unit is configured to obtain an encrypted upgrade file sent by the upper computer of the diagnostic device, where the encrypted upgrade file is generated by encrypting the joint upgrade file carrying the signature information;
- a file decryption unit configured to decrypt the encrypted upgrade file, to obtain the upgrade file data.
- the diagnostic connector upgrade verification device further includes:
- the working time verification module is configured to perform signature verification on the signature information in the upgrade file data according to the unique identification information of the upgraded diagnostic connector and the joint upgrade file when receiving the instruction to start the work;
- the working module is configured to allow the upgraded diagnostic connector to work if the verification result of the verification module is passed during the working;
- the working module is stopped, and if the verification result of the verification module is not passed during the working, the upgraded diagnostic connector is stopped.
- the diagnostic connector upgrade verification device further includes:
- An access request receiving module configured to receive an access request sent by a host computer of the diagnostic device
- a legality verification module configured to verify validity of the access request
- the sending module is configured to allow the host computer to send the upgrade file data if the validity check module passes the check;
- a diagnostic connector for a diagnostic device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor implementing the computer program The steps of the diagnostic connector upgrade verification method of the above diagnostic device.
- a computer readable storage medium storing a computer program, the computer program being executed by a processor to implement the steps of the diagnostic connector upgrade verification method of the diagnostic device.
- the diagnostic connector to be upgraded first acquires upgrade file data sent by the host computer of the diagnostic device, and the upgrade file data includes a joint upgrade file and signature information, and the signature information is based on the unique identification information of the designated connector in advance.
- the joint upgrade file is generated, and the specified joint is a diagnostic joint corresponding to a requester that requests the server to provide the joint upgrade file; and then the upgrade is performed according to the unique identification information of the diagnostic joint to be upgraded and the joint upgrade file.
- the signature information in the file data is used for signature verification; if the signature verification is passed, the diagnostic upgrade link to be upgraded is upgraded by using the joint upgrade file; if the signature verification fails, the joint upgrade file is rejected.
- the diagnostic connector to be upgraded is upgraded.
- the signature information is verified by using the unique identification information of the diagnostic connector to be upgraded. If the signature verification is passed, the diagnostic connector to be upgraded is the same as the diagnostic connector corresponding to the requesting party, and the server is provided.
- a joint upgrade file is only used to upgrade a corresponding diagnostic connector, which prevents the illegal elements from illegally upgrading the diagnostic interface of the diagnostic device by cloning, thereby reducing the security risk of the diagnostic device.
- FIG. 1 is a flow chart of an embodiment of a diagnostic joint upgrade verification method for a diagnostic device according to an embodiment of the present invention
- FIG. 2 is a flowchart of an embodiment of a method for processing an upgrade file of a diagnostic connector according to an embodiment of the present invention
- FIG. 3 is a schematic flowchart of verifying the legality of access of a host computer in an application scenario according to an authentication verification method for a diagnostic connector of a diagnostic device according to an embodiment of the present invention
- FIG. 4 is a schematic flowchart of verifying a working process after an upgrade in an application scenario according to an embodiment of the present invention
- FIG. 5 is a structural diagram of an embodiment of a diagnostic joint upgrade and verification device for a diagnostic device according to an embodiment of the present invention
- FIG. 6 is a schematic diagram of a diagnostic connector of a diagnostic device according to an embodiment of the present invention.
- the embodiment of the invention provides a diagnostic joint upgrade verification method, device and diagnostic connector for a diagnostic device, which are used for solving the problem that the illegal interface is illegally upgraded by the illegal molecule by means of cloning.
- an embodiment of a diagnostic joint upgrade verification method for a diagnostic device includes:
- the connector is a diagnostic connector corresponding to the requester that requests the server to provide the connector upgrade file;
- the diagnostic connector upgrade verification method of the diagnostic device is applied to the diagnostic connector of the diagnostic device. It can be understood that, when the diagnostic connector needs to be upgraded, the user sends the upgrade file data to the diagnostic connector of the diagnostic device through the upper computer of the diagnostic device, so that the upgraded connector can obtain the upgrade file data.
- the communication between the host computer and the diagnostic connector can adopt USB, WIFI, Bluetooth, RJ45 and other communication methods.
- the upgrade file data includes a joint upgrade file and signature information, and the signature information is generated according to the unique identification information of the specified joint and the joint upgrade file, and the specified joint is a request for the server to provide the joint upgrade file.
- the diagnostic connector corresponding to the party.
- the unique identification information described above may include the serial number of the designated connector and the unique ID of the designated connector chip.
- an embodiment of an upgrade file processing method for a diagnostic connector provided by the present invention includes:
- the requesting party (such as a client used by the user) initiates a request to the server to obtain a joint upgrade file, that is, the first request.
- the server can receive the first request.
- the joint upgrade file may be generated in advance by the compiling software and then uploaded to the server for storage.
- the BIN file does not carry the signature information and uploads the BIN file to the server.
- the server referred to in this embodiment may be a designated software version publishing platform, or a website published by a third party software, and the like.
- the server After receiving the first request, the server needs to obtain the unique identification information of the diagnostic connector corresponding to the requesting party.
- the unique identification information referred to herein refers to the serial number of the diagnostic connector and the unique ID of the diagnostic connector chip.
- the server may require that the requesting party register the login account on the server before initiating the request, and provide the relevant information of the diagnostic connector corresponding to the requesting party, including the unique identification information, when registering the account.
- the server may perform MD5 (the joint upgrade file corresponding to the first request, and the unique identification information of the diagnostic connector corresponding to the requesting party (the serial number of the diagnostic connector and the unique ID of the chip).
- the message digest algorithm fifth edition calculates, obtains the calculation result, and then signs the calculation result by using the signature private key, and uses the result of the signature as the signature information.
- the algorithm used by the signature may specifically be an RSA digital signature algorithm.
- the above-mentioned signature private key is pre-assigned to the server, and the corresponding public key is pre-assigned to the diagnostic device.
- the server may associate the signature information with the joint upgrade file and then send it to the requesting party.
- the signature information can be appended to the end of the joint upgrade file to generate a joint upgrade file with signature information, and then the file is sent to the requesting party.
- the server may further encrypt the joint upgrade file and the signature information corresponding to the first request to generate an encryption before sending the file to the requesting party. Upgrade the file and then send the encrypted upgrade file to the requesting party.
- the encryption process may use an encryption algorithm such as AES symmetric encryption algorithm or asymmetric encryption algorithm.
- the upgrade file data that the user obtains through the client may be encrypted. Therefore, the foregoing step 101 may include: firstly, obtaining the upper device of the diagnostic device.
- the encrypted upgrade file is generated by encrypting the joint upgrade file carrying the signature information; and then decrypting the encrypted upgrade file to obtain the upgrade file data.
- the diagnostic connector can also verify the legality of the access of the upper computer, including:
- step 302 verify the validity of the access request, if the verification passes, step 303 is performed, if the verification fails, step 304 is performed;
- the host computer of the diagnostic device needs to send an access request to the diagnostic connector of the diagnostic device.
- the diagnostic connector verifies the validity of the access request. If the verification passes, the upper computer is allowed to send the upgrade file data to the diagnostic connector, and vice versa, the access request of the upper computer is rejected. Further, after the verification is passed, generally, the upper computer also needs to send an instruction request for upgrading the lower computer to the diagnostic connector. After the instruction requests to go to the diagnostic connector, if the instruction request is successfully executed, the diagnostic connector enters the upgrade lower computer. After the status is successful, the subsequent steps can be performed, so that the upper computer is allowed to send the upgrade file data, otherwise, the upgrade operation is ended.
- Step 102 Perform signature verification on the signature information in the upgrade file data according to the unique identification information of the diagnostic connector to be upgraded and the joint upgrade file. If the signature verification is passed, step 103 is performed, and if the signature verification fails, the execution is performed. Step 104;
- the diagnostic connector performs MD5 calculation on the received data other than the signature information and the unique identification information of the diagnostic connector to be upgraded, and the obtained calculation result is recorded as the first calculation result.
- the unique identification information of the diagnostic connector to be upgraded may specifically refer to the serial number of the diagnostic connector to be upgraded and the unique ID of the diagnostic connector chip to be upgraded.
- the diagnostic connector verifies the signature information and the first calculation result by using a preset public key. If the verification is passed, the diagnostic connector to be upgraded and the designated connector corresponding to the connector upgrade file belong to the same diagnostic connector, thereby It can be upgraded. If the verification fails, the specified connector corresponding to the connector upgrade file does not belong to the same diagnostic connector, and the connector upgrade file is rejected. The connector is upgraded.
- the joint upgrade file may be temporarily cached in the temporary cache area, and after the signature verification is passed, the temporary buffer area is executed.
- the connector upgrade file in the middle is written to the flash of the diagnostic connector to complete the upgrade. If the signature verification fails, you can clear these joint upgrade files and related data in the temporary cache.
- the upgrade is completed, and the above verification process is skipped.
- the full working process after the upgrade of the diagnostic connector can be verified. Only when the verification is passed can the diagnostic connector continue to work. As shown in Figure 4, it includes:
- steps 401 to 403 it can be understood that the verification process is similar to the above steps 102 to 104. The difference is that steps 401 to 403 are to verify and monitor the working process after the upgrade of the diagnostic connector, and step 102 is performed. ⁇ 104 is to verify the legality of the connector upgrade file before the diagnostic connector is upgraded.
- the diagnostic connector to be upgraded first acquires upgrade file data sent by the host computer of the diagnostic device, and the upgrade file data includes a joint upgrade file and signature information, and the signature information is based on the unique identification information and the specified connector in advance.
- the joint upgrade file is generated, and the specified joint is a diagnostic joint corresponding to the requester that requests the server to provide the joint upgrade file; and then, according to the unique identification information of the diagnostic joint to be upgraded and the joint upgrade file, the upgrade file is The signature information in the data is verified by the signature; if the signature verification is passed, the diagnostic upgrade file to be upgraded is upgraded by using the joint upgrade file; if the signature verification fails, the joint upgrade file is rejected.
- the upgraded diagnostic connector is upgraded.
- the signature information is verified by using the unique identification information of the diagnostic connector to be upgraded. If the signature verification is passed, the diagnostic connector to be upgraded is the same as the diagnostic connector corresponding to the requester, and the server provides the same A connector upgrade file is only used to upgrade a corresponding diagnostic connector, which prevents the illegal elements from illegally upgrading the diagnostic interface of the diagnostic device by cloning, thereby reducing the security risks of the diagnostic device.
- a diagnostic connector upgrade verification method for a diagnostic device will be described in detail below.
- FIG. 5 is a structural diagram showing an embodiment of a diagnostic joint upgrade verification apparatus for a diagnostic apparatus according to an embodiment of the present invention.
- a diagnostic connector upgrade verification device of the diagnostic device is installed in the diagnostic connector of the diagnostic device, and includes:
- the upgrade data obtaining module 501 is configured to acquire upgrade file data sent by the upper computer of the diagnostic device, where the upgrade file data includes a joint upgrade file and signature information, where the signature information is pre-upgraded according to the unique identification information of the specified connector and the joint.
- File generation, the specified connector is a diagnostic connector corresponding to a requester that requests a connection upgrade file from the server;
- the signature verification module 502 is configured to perform signature verification on the signature information in the upgrade file data according to the unique identification information of the diagnostic connector to be upgraded and the joint upgrade file.
- the upgrade module 503 is configured to upgrade the diagnostic connector to be upgraded by using the joint upgrade file if the verification result of the signature verification module is passed;
- the refusal upgrade module 504 is configured to: if the verification result of the signature verification module is not passed, refuse to use the joint upgrade file to upgrade the diagnostic connector to be upgraded.
- the upgrade data acquisition module may include:
- the encrypted file obtaining unit is configured to obtain an encrypted upgrade file sent by the upper computer of the diagnostic device, where the encrypted upgrade file is generated by encrypting the joint upgrade file carrying the signature information;
- a file decryption unit configured to decrypt the encrypted upgrade file, to obtain the upgrade file data.
- diagnostic connector upgrade verification device may further include:
- the working time verification module is configured to perform signature verification on the signature information in the upgrade file data according to the unique identification information of the upgraded diagnostic connector and the joint upgrade file when receiving the instruction to start the work;
- the working module is configured to allow the upgraded diagnostic connector to work if the verification result of the verification module is passed during the working;
- the working module is stopped, and if the verification result of the verification module is not passed during the working, the upgraded diagnostic connector is stopped.
- diagnostic connector upgrade verification device may further include:
- An access request receiving module configured to receive an access request sent by a host computer of the diagnostic device
- a legality verification module configured to verify validity of the access request
- the upgrade module is rejected, and if the verification fails, the host computer is rejected to send the upgrade file data.
- FIG. 6 is a schematic diagram of a diagnostic connector of a diagnostic device according to an embodiment of the invention.
- the diagnostic connector 6 of the diagnostic device of this embodiment includes a processor 60, a memory 61, and a computer program 62 stored in the memory 61 and operable on the processor 60, for example, performing the above The procedure for diagnosing the device's diagnostic connector upgrade verification method.
- upgrade file data sent by a host computer of the diagnostic device, where the upgrade file data includes a joint upgrade file and signature information, where the signature information is generated in advance according to unique identification information of the specified joint and the joint upgrade file, where the designated joint is Point to the diagnostic connector corresponding to the requester that the server requests to provide the connector upgrade file;
- Signature verification of the signature information in the upgrade file data according to the unique identification information of the diagnostic connector to be upgraded and the joint upgrade file;
- the joint upgrade file is used to upgrade the diagnostic connector to be upgraded
- the upgrade file data sent by the upper computer of the obtaining diagnostic device includes:
- the method further includes:
- signature verification is performed on the signature information in the upgrade file data according to the unique identification information of the upgraded diagnostic connector and the joint upgrade file;
- the processor 60 when acquiring the upgrade file data sent by the host computer of the diagnostic device, when the processor 60 executes the computer program 62, further includes:
- the upper computer is allowed to send the upgrade file data
- the host computer is rejected from transmitting the upgrade file data.
- the computer program 62 can be partitioned into one or more modules/units that are stored in the memory 61 and executed by the processor 60 to complete this invention.
- the one or more modules/units may be a series of computer program instructions that are capable of performing a particular function, the instruction segments being used to describe the execution of the computer program 62 in the diagnostic connector 6 of the diagnostic device.
- the diagnostic connector of the diagnostic device can include, but is not limited to, processor 60, memory 61. It will be understood by those skilled in the art that FIG. 6 is merely an example of the diagnostic connector 6 of the diagnostic device, does not constitute a definition of the diagnostic connector 6 of the diagnostic device, may include more or fewer components than illustrated, or may combine certain The components, or different components, such as the diagnostic connector of the diagnostic device, may also include input and output devices, network access devices, buses, and the like.
- the processor 60 can be a central processing unit (Central Processing Unit, CPU), can also be other general-purpose processors, digital signal processors (DSP), application specific integrated circuits (Application Specific Integrated Circuit (ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, etc.
- the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
- the memory 61 may be an internal storage unit of the diagnostic connector 6 of the diagnostic device, such as a hard disk or memory of the diagnostic connector 6 of the diagnostic device.
- the memory 61 can also be an external storage device of the diagnostic connector 6 of the diagnostic device, such as a plug-in hard disk equipped with a diagnostic connector 6 of the diagnostic device, a smart memory card (SMC), a secure digital device. (Secure Digital, SD) card, flash card (Flash Card) and so on.
- the memory 61 may also include an internal storage unit of the diagnostic connector 6 of the diagnostic device as well as an external storage device.
- the memory 61 is used to store the computer program and other programs and data required for the diagnostic connector of the diagnostic device.
- the memory 61 can also be used to temporarily store data that has been output or is about to be output.
- the functional units in the various embodiments of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
- the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
- the integrated unit if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium. Based on such understanding, the present invention implements all or part of the processes in the foregoing embodiments, and may also be completed by a computer program to instruct related hardware.
- the computer program may be stored in a computer readable storage medium. When the program is executed by the processor, the following steps can be implemented:
- upgrade file data sent by a host computer of the diagnostic device, where the upgrade file data includes a joint upgrade file and signature information, where the signature information is generated in advance according to unique identification information of the specified joint and the joint upgrade file, where the designated joint is Point to the diagnostic connector corresponding to the requester that the server requests to provide the connector upgrade file;
- Signature verification of the signature information in the upgrade file data according to the unique identification information of the diagnostic connector to be upgraded and the joint upgrade file;
- the joint upgrade file is used to upgrade the diagnostic connector to be upgraded
- the upgrade file data sent by the upper computer of the obtaining diagnostic device includes:
- the computer program when executed by the processor, further includes:
- signature verification is performed on the signature information in the upgrade file data according to the unique identification information of the upgraded diagnostic connector and the joint upgrade file;
- the computer program when executed by the processor, further includes:
- the upper computer is allowed to send the upgrade file data
- the host computer is rejected from transmitting the upgrade file data.
- the computer program comprises computer program code, which may be in the form of source code, object code form, executable file or some intermediate form.
- the computer readable medium can include any entity or device capable of carrying the computer program code, a recording medium, a USB flash drive, a removable hard drive, a magnetic disk, an optical disk, a computer memory, a read only memory (ROM, Read-Only) Memory), random access memory (RAM, Random) Access Memory), electrical carrier signals, telecommunications signals, and software distribution media.
- ROM Read Only memory
- RAM Random Access Memory
- electrical carrier signals telecommunications signals
- software distribution media the content contained in the computer readable medium may be appropriately increased or decreased according to the requirements of legislation and patent practice in a jurisdiction, for example, in some jurisdictions, according to legislation and patent practice, computer readable media Does not include electrical carrier signals and telecommunication signals.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Computing Systems (AREA)
- Stored Programmes (AREA)
Abstract
一种诊断设备的诊断接头升级验证方法,用于解决不法分子通过克隆的方式对诊断设备的诊断接口完成非法升级的问题。该方法包括:获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;若签名验证通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;若签名验证不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。
Description
本发明涉及汽车电子技术领域,尤其涉及诊断设备的诊断接头升级验证方法、装置及诊断接头。
随着汽车的高速发展,汽车型号、技术的迭代更新,汽车的诊断设备也层出不穷。其中,汽车的诊断设备的核心是诊断接头,而诊断接头中的下位机程序则是核心中的核心,如何保护下位机程序不被非法使用显得越来越重要。
然而,诊断模块的下位机程序是需要升级来支持新型汽车的诊断工作的,不法分子通过克隆的方式对诊断设备的诊断接口完成非法升级,以致诊断接头被用于非法操作,给汽车的诊断带来安全隐患。
本发明实施例提供了一种诊断设备的诊断接头升级验证方法、装置及诊断接头,能够防止不法分子通过克隆的方式对诊断设备的诊断接口进行非法升级,减少诊断设备的安全隐患。
第一方面,提供了一种诊断设备的诊断接头升级验证方法,所述诊断接头升级验证方法应用于诊断设备的诊断接头,包括:
获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;
根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
若签名验证通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;
若签名验证不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。
可选地,所述获取诊断设备的上位机发送的升级文件数据包括:
获取诊断设备的上位机发送的加密升级文件,所述加密升级文件是由携带有签名信息的接头升级文件加密后生成;
解密所述加密升级文件,得到所述升级文件数据。
可选地,在采用所述接头升级文件对所述待升级的诊断接头进行升级之后,还包括:
在接收到开始工作的指令时,根据升级后的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
若签名验证通过,则允许所述升级后的诊断接头工作;
若签名验证不通过,则停止所述升级后的诊断接头工作。
可选地,在获取诊断设备的上位机发送的升级文件数据之前,还包括:
接收所述诊断设备的上位机发送的接入请求;
校验所述接入请求的合法性;
若校验通过,则允许所述上位机发送所述升级文件数据;
若校验不通过,则拒绝所述上位机发送所述升级文件数据。
第二方面,提供了一种诊断设备的诊断接头升级验证装置,所述诊断接头升级验证装置安装于诊断设备的诊断接头,包括:
升级数据获取模块,用于获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;
签名验证模块,用于根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
进行升级模块,用于若所述签名验证模块的验证结果为通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;
拒绝升级模块,用于若所述签名验证模块的验证结果为不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。
可选地,所述升级数据获取模块包括:
加密文件获取单元,用于获取诊断设备的上位机发送的加密升级文件,所述加密升级文件是由携带有签名信息的接头升级文件加密后生成;
文件解密单元,用于解密所述加密升级文件,得到所述升级文件数据。
可选地,所述诊断接头升级验证装置还包括:
工作时验证模块,用于在接收到开始工作的指令时,根据升级后的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
允许工作模块,用于若所述工作时验证模块的验证结果为通过,则允许所述升级后的诊断接头工作;
停止工作模块,用于若所述工作时验证模块的验证结果为不通过,则停止所述升级后的诊断接头工作。
可选地,所述诊断接头升级验证装置还包括:
接入请求接收模块,用于接收所述诊断设备的上位机发送的接入请求;
合法性校验模块,用于校验所述接入请求的合法性;
允许发送模块,用于若所述合法性校验模块校验通过,则允许所述上位机发送所述升级文件数据;
拒绝发送模块,用于若所述合法性校验模块校验不通过,则拒绝所述上位机发送所述升级文件数据。
第三方面,提供了一种诊断设备的诊断接头,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现上述诊断设备的诊断接头升级验证方法的步骤。
第四方面,提供了一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,所述计算机程序被处理器执行时实现上述诊断设备的诊断接头升级验证方法的步骤。
从以上技术方案可以看出,本发明实施例具有以下优点:
本发明实施例中,待升级的诊断接头首先获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;然后,根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;若签名验证通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;若签名验证不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。在本发明实施例中,采用待升级的诊断接头的唯一标识信息对签名信息进行签名验证,如果签名验证通过,则说明该待升级的诊断接头与请求方对应的诊断接头相同,保证了服务器提供的一个接头升级文件仅用于升级对应的一个诊断接头,防止了不法分子通过克隆的方式对诊断设备的诊断接口进行非法升级,减少了诊断设备的安全隐患。
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。
图1为本发明实施例中一种诊断设备的诊断接头升级验证方法一个实施例流程图;
图2为本发明实施例中一种诊断接头的升级文件处理方法一个实施例流程图;
图3为本发明实施例中一种诊断设备的诊断接头升级验证方法一个应用场景下对上位机接入的合法性进行校验的流程示意图;
图4为本发明实施例中一种诊断设备的诊断接头升级验证方法一个应用场景下在升级后对工作过程进行校验的流程示意图;
图5为本发明实施例中一种诊断设备的诊断接头升级验证装置一个实施例结构图;
图6为本发明一实施例提供的诊断设备的诊断接头的示意图。
本发明实施例提供了一种诊断设备的诊断接头升级验证方法、装置及诊断接头,用于解决不法分子通过克隆的方式对诊断设备的诊断接口完成非法升级的问题。
为使得本发明的发明目的、特征、优点能够更加的明显和易懂,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,下面所描述的实施例仅仅是本发明一部分实施例,而非全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本发明保护的范围。
请参阅图1,本发明实施例中一种诊断设备的诊断接头升级验证方法一个实施例包括:
101、获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;
本实施例中,该诊断设备的诊断接头升级验证方法应用于诊断设备的诊断接头。可以理解的是,在需要对诊断接头进行升级时,用户通过诊断设备的上位机将升级文件数据发送给诊断设备的诊断接头,从而该待升级的诊断接头可以获取到该升级文件数据。
需要说明的是,上位机与诊断接头之间的通讯可以采用USB、WIFI、Bluetooth、RJ45等通讯方式。
其中,该升级文件数据包括接头升级文件和签名信息,所述签名信息是预先根据指定接头的唯一标识信息和所述接头升级文件生成的,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头。上述的唯一标识信息可以包括指定接头的序列号和指定接头芯片的唯一ID。为便于理解该升级文件数据的来历,下面将通过一个应用场景对升级文件数据的生成过程进行描述。
请参阅图2,本发明提供的一种诊断接头的升级文件处理方法一个实施例包括:
201、接收请求方获取接头升级文件的第一请求;
202、获取所述请求方所对应的诊断接头的唯一标识信息;
203、根据所述请求方所对应的诊断接头的唯一标识信息和所述第一请求对应的接头升级文件生成签名信息;
204、将所述第一请求对应的接头升级文件和所述签名信息发送给所述请求方。
对于上述步骤201,可以理解的是,请求方(比如用户使用的客户端)向服务器发起一个要求获取接头升级文件的请求,即该第一请求。从而,服务器可以接收到该第一请求。
需要说明的是,接头升级文件可以是预先通过编译软件生成,然后上传至该服务器中存储的。例如,可以使用IAR Embedded
Workbench IDE、Keil Embedded Development Tools for Arm等编译软件生成诊断接头的BIN文件,该BIN文件不带有签名信息,并将该BIN文件上传至服务器中。
本实施例中所说的服务器可以是指定的软件版本发布平台、或者第三方软件发布的网站,等等。
对于上述步骤202,服务器在接收到第一请求之后,需要获取该请求方所对应的诊断接头的唯一标识信息。这里说的唯一标识信息是指该诊断接头的序列号和该诊断接头芯片的唯一ID。比如,服务器可以要求,请求方在发起请求之前,需要预先在服务器上注册登录账户,并在注册账户时一并提供该请求方所对应的诊断接头的相关信息,包括该唯一标识信息。
对于上述步骤203,具体地,服务器可以对该第一请求对应的接头升级文件、以及所述请求方所对应的诊断接头的唯一标识信息(诊断接头的序列号和芯片的唯一ID)进行MD5(消息摘要算法第五版)计算,得到计算结果,然后采用签名私钥对该计算结果进行签名,将签名的结果作为该签名信息。其中,签名使用的算法具体可以是RSA数字签名算法。上述的签名私钥是预先分配给服务器的,相应的公钥则预先分配给诊断设备。
对于上述步骤204,服务器在生成签名信息后,可以将签名信息与接头升级文件关联在一起,然后发送给请求方。具体地,可以将签名信息追加到接头升级文件的末尾,生成带有签名信息的接头升级文件,然后将此文件发送给请求方。
优选地,对于上述步骤204,为了进一步提高数据的安全性,服务器在将文件发送给请求方之前,还可以对所述第一请求对应的接头升级文件和所述签名信息进行加密处理,生成加密升级文件,然后将该加密升级文件发送给请求方。其中,加密处理可以采用AES对称加密算法、非对称加密算法等加密算法。
进一步地,为了提高升级文件数据的安全性,用户通过客户端获取到的升级文件数据可能是经过加密的,因此,上述步骤101在一个应用场景下可以包括:首选,获取诊断设备的上位机发送的加密升级文件,所述加密升级文件是由携带有签名信息的接头升级文件加密后生成;然后,解密所述加密升级文件,得到所述升级文件数据。
进一步地,如图3所示,在步骤101之前,诊断接头还可以对上位机接入的合法性进行校验,具体包括:
301、接收所述诊断设备的上位机发送的接入请求;
302、校验所述接入请求的合法性,若校验通过,则执行步骤303,若校验不通过,则执行步骤304;
303、允许所述上位机发送所述升级文件数据;
304、拒绝所述上位机发送所述升级文件数据。
对于上述步骤301~304,可以理解的是,上位机需要对诊断设备的下位机进行程序升级时,需要获取一定的进入权限,比如BOOT接入。因此,该诊断设备的上位机需要发送接入请求给该诊断设备的诊断接头。诊断接头接收到该接入请求后,校验该接入请求的合法性,如果校验通过,则允许该上位机向诊断接头发送升级文件数据,反之,则拒绝该上位机的接入请求。更进一步地,在校验通过后,一般来说,上位机还需要向诊断接头发送升级下位机的指令请求,该指令请求去到诊断接头之后,若指令请求执行成功,诊断接头进入升级下位机状态成功后,则可以执行后续步骤,从而才允许该上位机发送升级文件数据,否则,结束升级操作。
102、根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证,若签名验证通过,则执行步骤103,若签名验证不通过,则执行步骤104;
103、采用所述接头升级文件对所述待升级的诊断接头进行升级;
104、拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。
对于上述步骤102~104,具体地,诊断接头对接收到的除该签名信息以外的数据与该待升级的诊断接头的唯一标识信息进行MD5计算,得到的计算结果记为第一计算结果。上述的该待升级的诊断接头的唯一标识信息具体可以是指待升级的诊断接头的序列号、以及待升级的诊断接头芯片的唯一ID。
诊断接头使用预设的公钥对该签名信息和该第一计算结果进行验证,如果验证通过,则可以认为该待升级的诊断接头与该接头升级文件对应的指定接头属于同一个诊断接头,从而可以对其进行升级操作;如果验证不通过,则可以认为该待升级的诊断接头与该接头升级文件对应的指定接头不属于同一个诊断接头,从而拒绝采用该接头升级文件对该待升级的诊断接头进行升级。
需要说明的是,在步骤102~104中,诊断接头获取到接头升级文件后,可以暂时将该接头升级文件缓存在临时缓存区中,在签名验证通过后执行步骤103时,再将临时缓存区中的该接头升级文件写入到诊断接头的Flash中,完成升级。而若签名验证不通过,则可以清除临时缓存区中的这些接头升级文件和相关数据。
进一步地,在采用所述接头升级文件对所述待升级的诊断接头进行升级之后,为了防止接头升级文件是通过非法途径写入到诊断接头完成升级的,并跳过了上述的校验流程的,本实施例还可以对诊断接头升级后的全工作流程进行校验,只有校验通过,才能允许诊断接头继续工作。如图4所示,包括:
401、在接收到开始工作的指令时,根据升级后的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
402、若签名验证通过,则允许所述升级后的诊断接头工作;
403、若签名验证不通过,则停止所述升级后的诊断接头工作。
对于上述步骤401~403,可以理解的是,其校验的过程与上述步骤102~104原理类似,区别在于步骤401~403是对诊断接头升级后的工作过程进行校验、监控,而步骤102~104是对诊断接头升级前的接头升级文件的合法性进行校验。
本实施例中,待升级的诊断接头首先获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;然后,根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;若签名验证通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;若签名验证不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。在本实施例中,采用待升级的诊断接头的唯一标识信息对签名信息进行签名验证,如果签名验证通过,则说明该待升级的诊断接头与请求方对应的诊断接头相同,保证了服务器提供的一个接头升级文件仅用于升级对应的一个诊断接头,防止了不法分子通过克隆的方式对诊断设备的诊断接口进行非法升级,减少了诊断设备的安全隐患。
应理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本发明实施例的实施过程构成任何限定。
上面主要描述了一种诊断设备的诊断接头升级验证方法,下面将对一种诊断设备的诊断接头升级验证装置进行详细描述。
图5示出了本发明实施例中一种诊断设备的诊断接头升级验证装置一个实施例结构图。
本实施例中,一种诊断设备的诊断接头升级验证装置,所述诊断接头升级验证装置安装于诊断设备的诊断接头,包括:
升级数据获取模块501,用于获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;
签名验证模块502,用于根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
进行升级模块503,用于若所述签名验证模块的验证结果为通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;
拒绝升级模块504,用于若所述签名验证模块的验证结果为不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。
进一步地,所述升级数据获取模块可以包括:
加密文件获取单元,用于获取诊断设备的上位机发送的加密升级文件,所述加密升级文件是由携带有签名信息的接头升级文件加密后生成;
文件解密单元,用于解密所述加密升级文件,得到所述升级文件数据。
进一步地,所述诊断接头升级验证装置还可以包括:
工作时验证模块,用于在接收到开始工作的指令时,根据升级后的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
允许工作模块,用于若所述工作时验证模块的验证结果为通过,则允许所述升级后的诊断接头工作;
停止工作模块,用于若所述工作时验证模块的验证结果为不通过,则停止所述升级后的诊断接头工作。
进一步地,所述诊断接头升级验证装置还可以包括:
接入请求接收模块,用于接收所述诊断设备的上位机发送的接入请求;
合法性校验模块,用于校验所述接入请求的合法性;
允许升级模块,用于若校验通过,则允许所述上位机发送所述升级文件数据;
拒绝升级模块,用于若校验不通过,则拒绝所述上位机发送所述升级文件数据。
图6是本发明一实施例提供的诊断设备的诊断接头的示意图。如图6所示,该实施例的诊断设备的诊断接头6包括:处理器60、存储器61以及存储在所述存储器61中并可在所述处理器60上运行的计算机程序62,例如执行上述诊断设备的诊断接头升级验证方法的程序。
所述处理器60执行所述计算机程序62时实现如下步骤:
获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;
根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
若签名验证通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;
若签名验证不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。
可选地,所述获取诊断设备的上位机发送的升级文件数据包括:
获取诊断设备的上位机发送的加密升级文件,所述加密升级文件是由携带有签名信息的接头升级文件加密后生成;
解密所述加密升级文件,得到所述升级文件数据。
可选地,在采用所述接头升级文件对所述待升级的诊断接头进行升级之后,所述处理器60执行所述计算机程序62时还包括:
在接收到开始工作的指令时,根据升级后的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
若签名验证通过,则允许所述升级后的诊断接头工作;
若签名验证不通过,则停止所述升级后的诊断接头工作。
可选地,在获取诊断设备的上位机发送的升级文件数据之前,所述处理器60执行所述计算机程序62时还包括:
接收所述诊断设备的上位机发送的接入请求;
校验所述接入请求的合法性;
若校验通过,则允许所述上位机发送所述升级文件数据;
若校验不通过,则拒绝所述上位机发送所述升级文件数据。
示例性的,所述计算机程序62可以被分割成一个或多个模块/单元,所述一个或者多个模块/单元被存储在所述存储器61中,并由所述处理器60执行,以完成本发明。所述一个或多个模块/单元可以是能够完成特定功能的一系列计算机程序指令段,该指令段用于描述所述计算机程序62在所述诊断设备的诊断接头6中的执行过程。
所述诊断设备的诊断接头可包括,但不仅限于,处理器60、存储器61。本领域技术人员可以理解,图6仅仅是诊断设备的诊断接头6的示例,并不构成对诊断设备的诊断接头6的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件,例如所述诊断设备的诊断接头还可以包括输入输出设备、网络接入设备、总线等。
所述处理器60可以是中央处理单元(Central
Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器 (Digital Signal Processor,DSP)、专用集成电路 (Application
Specific Integrated Circuit,ASIC)、现成可编程门阵列 (Field-Programmable Gate Array,FPGA) 或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。
所述存储器61可以是所述诊断设备的诊断接头6的内部存储单元,例如诊断设备的诊断接头6的硬盘或内存。所述存储器61也可以是所述诊断设备的诊断接头6的外部存储设备,例如所述诊断设备的诊断接头6上配备的插接式硬盘,智能存储卡(Smart Media Card, SMC),安全数字(Secure Digital, SD)卡,闪存卡(Flash
Card)等。进一步地,所述存储器61还可以既包括所述诊断设备的诊断接头6的内部存储单元也包括外部存储设备。所述存储器61用于存储所述计算机程序以及所述诊断设备的诊断接头所需的其他程序和数据。所述存储器61还可以用于暂时地存储已经输出或者将要输出的数据。
在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明实现上述实施例方法中的全部或部分流程,也可以通过计算机程序来指令相关的硬件来完成,所述的计算机程序可存储于一计算机可读存储介质中,该计算机程序在被处理器执行时,可实现如下步骤:
获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;
根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
若签名验证通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;
若签名验证不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。
可选地,所述获取诊断设备的上位机发送的升级文件数据包括:
获取诊断设备的上位机发送的加密升级文件,所述加密升级文件是由携带有签名信息的接头升级文件加密后生成;
解密所述加密升级文件,得到所述升级文件数据。
可选地,在采用所述接头升级文件对所述待升级的诊断接头进行升级之后,该计算机程序在被处理器执行时还包括:
在接收到开始工作的指令时,根据升级后的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;
若签名验证通过,则允许所述升级后的诊断接头工作;
若签名验证不通过,则停止所述升级后的诊断接头工作。
可选地,在获取诊断设备的上位机发送的升级文件数据之前,该计算机程序在被处理器执行时还包括:
接收所述诊断设备的上位机发送的接入请求;
校验所述接入请求的合法性;
若校验通过,则允许所述上位机发送所述升级文件数据;
若校验不通过,则拒绝所述上位机发送所述升级文件数据。
其中,所述计算机程序包括计算机程序代码,所述计算机程序代码可以为源代码形式、对象代码形式、可执行文件或某些中间形式等。所述计算机可读介质可以包括:能够携带所述计算机程序代码的任何实体或装置、记录介质、U盘、移动硬盘、磁碟、光盘、计算机存储器、只读存储器(ROM,Read-Only
Memory)、随机存取存储器(RAM,Random
Access Memory)、电载波信号、电信信号以及软件分发介质等。需要说明的是,所述计算机可读介质包含的内容可以根据司法管辖区内立法和专利实践的要求进行适当的增减,例如在某些司法管辖区,根据立法和专利实践,计算机可读介质不包括电载波信号和电信信号。
以上所述,以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。
Claims (10)
- 一种诊断设备的诊断接头升级验证方法,其特征在于,所述诊断接头升级验证方法应用于诊断设备的诊断接头,包括:获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;若签名验证通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;若签名验证不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。
- 根据权利要求1所述的诊断接头升级验证方法,其特征在于,所述获取诊断设备的上位机发送的升级文件数据包括:获取诊断设备的上位机发送的加密升级文件,所述加密升级文件是由携带有签名信息的接头升级文件加密后生成;解密所述加密升级文件,得到所述升级文件数据。
- 根据权利要求1所述的诊断接头升级验证方法,其特征在于,在采用所述接头升级文件对所述待升级的诊断接头进行升级之后,还包括:在接收到开始工作的指令时,根据升级后的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;若签名验证通过,则允许所述升级后的诊断接头工作;若签名验证不通过,则停止所述升级后的诊断接头工作。
- 根据权利要求1至3中任一项所述的诊断接头升级验证方法,其特征在于,在获取诊断设备的上位机发送的升级文件数据之前,还包括:接收所述诊断设备的上位机发送的接入请求;校验所述接入请求的合法性;若校验通过,则允许所述上位机发送所述升级文件数据;若校验不通过,则拒绝所述上位机发送所述升级文件数据。
- 一种诊断设备的诊断接头升级验证装置,其特征在于,所述诊断接头升级验证装置安装于诊断设备的诊断接头,包括:升级数据获取模块,用于获取诊断设备的上位机发送的升级文件数据,所述升级文件数据包括接头升级文件和签名信息,所述签名信息预先根据指定接头的唯一标识信息和所述接头升级文件生成,所述指定接头是指向服务器请求提供接头升级文件的请求方所对应的诊断接头;签名验证模块,用于根据待升级的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;进行升级模块,用于若所述签名验证模块的验证结果为通过,则采用所述接头升级文件对所述待升级的诊断接头进行升级;拒绝升级模块,用于若所述签名验证模块的验证结果为不通过,则拒绝采用所述接头升级文件对所述待升级的诊断接头进行升级。
- 根据权利要求5所述的诊断接头升级验证装置,其特征在于,所述升级数据获取模块包括:加密文件获取单元,用于获取诊断设备的上位机发送的加密升级文件,所述加密升级文件是由携带有签名信息的接头升级文件加密后生成;文件解密单元,用于解密所述加密升级文件,得到所述升级文件数据。
- 根据权利要求5所述的诊断接头升级验证装置,其特征在于,所述诊断接头升级验证装置还包括:工作时验证模块,用于在接收到开始工作的指令时,根据升级后的诊断接头的唯一标识信息和所述接头升级文件对所述升级文件数据中的签名信息进行签名验证;允许工作模块,用于若所述工作时验证模块的验证结果为通过,则允许所述升级后的诊断接头工作;停止工作模块,用于若所述工作时验证模块的验证结果为不通过,则停止所述升级后的诊断接头工作。
- 根据权利要求5至7中任一项所述的诊断接头升级验证装置,其特征在于,所述诊断接头升级验证装置还包括:接入请求接收模块,用于接收所述诊断设备的上位机发送的接入请求;合法性校验模块,用于校验所述接入请求的合法性;允许发送模块,用于若所述合法性校验模块校验通过,则允许所述上位机发送所述升级文件数据;拒绝发送模块,用于若所述合法性校验模块校验不通过,则拒绝所述上位机发送所述升级文件数据。
- 一种诊断设备的诊断接头,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现如权利要求1至4中任一项所述诊断设备的诊断接头升级验证方法的步骤。
- 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现如权利要求1至4中任一项所述诊断设备的诊断接头升级验证方法的步骤。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201780002286.9A CN108124491B (zh) | 2017-12-28 | 2017-12-28 | 诊断设备的诊断接头升级验证方法、装置及诊断接头 |
EP17832029.7A EP3531322A4 (en) | 2017-12-28 | 2017-12-28 | METHOD AND DEVICE FOR CHECKING THE UPDATE OF A DIAGNOSTIC PLUG OF A DIAGNOSTIC DEVICE AND DIAGNOSTIC PLUG |
PCT/CN2017/119572 WO2019127276A1 (zh) | 2017-12-28 | 2017-12-28 | 诊断设备的诊断接头升级验证方法、装置及诊断接头 |
US15/871,884 US10726130B2 (en) | 2017-12-28 | 2018-01-15 | Method and device for verifying upgrade of diagnosis connector of diagnostic equipment, and diagnosis connector |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2017/119572 WO2019127276A1 (zh) | 2017-12-28 | 2017-12-28 | 诊断设备的诊断接头升级验证方法、装置及诊断接头 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/871,884 Continuation-In-Part US10726130B2 (en) | 2017-12-28 | 2018-01-15 | Method and device for verifying upgrade of diagnosis connector of diagnostic equipment, and diagnosis connector |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019127276A1 true WO2019127276A1 (zh) | 2019-07-04 |
Family
ID=62233677
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2017/119572 WO2019127276A1 (zh) | 2017-12-28 | 2017-12-28 | 诊断设备的诊断接头升级验证方法、装置及诊断接头 |
Country Status (4)
Country | Link |
---|---|
US (1) | US10726130B2 (zh) |
EP (1) | EP3531322A4 (zh) |
CN (1) | CN108124491B (zh) |
WO (1) | WO2019127276A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115967502A (zh) * | 2023-01-03 | 2023-04-14 | 重庆长安汽车股份有限公司 | 终端的安全升级方法及系统、电子设备、可读存储介质 |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109740309B (zh) * | 2018-12-28 | 2023-06-30 | 深圳市元征科技股份有限公司 | 一种文件保护方法以及装置 |
US11417155B2 (en) * | 2019-09-10 | 2022-08-16 | Ford Global Technologies, Llc | On-board data request approval management |
CN113495729A (zh) * | 2020-03-20 | 2021-10-12 | 株洲中车时代电气股份有限公司 | 一种软件升级方法及装置 |
CN113377384A (zh) * | 2021-06-04 | 2021-09-10 | 东软睿驰汽车技术(沈阳)有限公司 | 一种程序烧录方法、装置、车载终端及介质 |
CN113835729B (zh) * | 2021-09-23 | 2024-01-05 | 深圳市元征科技股份有限公司 | 升级方法、装置、终端设备及计算机可读存储介质 |
CN114491595A (zh) * | 2022-01-25 | 2022-05-13 | 合众新能源汽车有限公司 | 一种基于uds安全刷新的升级包及其启动校验方法和刷新校验方法 |
CN114679445A (zh) * | 2022-03-14 | 2022-06-28 | 煤炭科学技术研究院有限公司 | 煤矿传感器的升级方法及装置 |
CN115017529B (zh) * | 2022-08-05 | 2022-11-15 | 深圳市星卡软件技术开发有限公司 | 一种汽车诊断软件的加密方法 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7913242B2 (en) * | 2003-11-04 | 2011-03-22 | Gm Global Technology Operations, Inc. | Low cost, open approach for vehicle software installation/updating and on-board diagnostics |
CN103577233A (zh) * | 2013-11-07 | 2014-02-12 | 深圳市元征科技股份有限公司 | 一种obdii读码卡设备、设备升级系统及方法 |
CN104732138A (zh) * | 2014-12-31 | 2015-06-24 | 深圳市元征科技股份有限公司 | 一种诊断设备的升级方法及设备 |
CN105468385A (zh) * | 2014-08-27 | 2016-04-06 | 比亚迪股份有限公司 | 车载电子设备软件的更新系统和方法 |
CN106458112A (zh) * | 2014-11-12 | 2017-02-22 | 松下电器(美国)知识产权公司 | 更新管理方法、更新管理装置以及控制程序 |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9183393B2 (en) * | 2012-01-12 | 2015-11-10 | Facebook, Inc. | Multiple system images for over-the-air updates |
CN102981881B (zh) * | 2012-12-10 | 2018-03-27 | 中兴通讯股份有限公司 | 一种防止移动终端升级到非法固件版本的方法及系统 |
US9916151B2 (en) * | 2015-08-25 | 2018-03-13 | Ford Global Technologies, Llc | Multiple-stage secure vehicle software updating |
JP6675271B2 (ja) * | 2015-09-14 | 2020-04-01 | パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America | ゲートウェイ装置、車載ネットワークシステム及びファームウェア更新方法 |
WO2017049539A1 (en) * | 2015-09-24 | 2017-03-30 | Intel Corporation | Techniques for coordinating device boot security |
US10171478B2 (en) * | 2016-06-30 | 2019-01-01 | Faraday & Future Inc. | Efficient and secure method and apparatus for firmware update |
-
2017
- 2017-12-28 EP EP17832029.7A patent/EP3531322A4/en not_active Ceased
- 2017-12-28 CN CN201780002286.9A patent/CN108124491B/zh active Active
- 2017-12-28 WO PCT/CN2017/119572 patent/WO2019127276A1/zh active Application Filing
-
2018
- 2018-01-15 US US15/871,884 patent/US10726130B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7913242B2 (en) * | 2003-11-04 | 2011-03-22 | Gm Global Technology Operations, Inc. | Low cost, open approach for vehicle software installation/updating and on-board diagnostics |
CN103577233A (zh) * | 2013-11-07 | 2014-02-12 | 深圳市元征科技股份有限公司 | 一种obdii读码卡设备、设备升级系统及方法 |
CN105468385A (zh) * | 2014-08-27 | 2016-04-06 | 比亚迪股份有限公司 | 车载电子设备软件的更新系统和方法 |
CN106458112A (zh) * | 2014-11-12 | 2017-02-22 | 松下电器(美国)知识产权公司 | 更新管理方法、更新管理装置以及控制程序 |
CN104732138A (zh) * | 2014-12-31 | 2015-06-24 | 深圳市元征科技股份有限公司 | 一种诊断设备的升级方法及设备 |
Non-Patent Citations (1)
Title |
---|
See also references of EP3531322A4 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115967502A (zh) * | 2023-01-03 | 2023-04-14 | 重庆长安汽车股份有限公司 | 终端的安全升级方法及系统、电子设备、可读存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN108124491A (zh) | 2018-06-05 |
EP3531322A1 (en) | 2019-08-28 |
EP3531322A4 (en) | 2020-01-22 |
CN108124491B (zh) | 2022-11-11 |
US20190205539A1 (en) | 2019-07-04 |
US10726130B2 (en) | 2020-07-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2019127276A1 (zh) | 诊断设备的诊断接头升级验证方法、装置及诊断接头 | |
TWI709056B (zh) | 韌體升級方法及裝置 | |
WO2020093214A1 (zh) | 一种应用程序登录方法、应用程序登录装置及移动终端 | |
EP2659373B1 (en) | System and method for secure software update | |
CN112187544B (zh) | 固件升级方法、装置、计算机设备及存储介质 | |
CN106936577B (zh) | 一种用于证书申请的方法、终端和系统 | |
CN109194625B (zh) | 一种基于云端服务器的客户端应用保护方法、装置及存储介质 | |
US8495383B2 (en) | Method for the secure storing of program state data in an electronic device | |
CN107743067B (zh) | 数字证书的颁发方法、系统、终端以及存储介质 | |
WO2019127275A1 (zh) | 诊断设备的指令验证方法、装置和下位机 | |
KR101729960B1 (ko) | 신뢰 보안 플랫폼 모듈을 이용한 보안 애플리케이션 인증 및 관리 방법 및 장치 | |
EP3025235B1 (en) | Anti-piracy protection for software | |
CN110933109B (zh) | 小程序动态认证方法及装置 | |
CN113472720A (zh) | 数字证书密钥处理方法、装置、终端设备及存储介质 | |
CN108199827B (zh) | 客户端代码完整性校验方法、存储介质、电子设备及系统 | |
KR20130101964A (ko) | 플랫폼 컴포넌트들의 보안 업그레이드 또는 다운그레이드를 위한 방법 및 시스템 | |
CN109150811B (zh) | 一种实现可信会话的方法及装置、计算设备 | |
CN110399706B (zh) | 授权认证方法、装置和计算机系统 | |
CN112632481A (zh) | 用于对软件进行授权的方法、终端设备及存储介质 | |
CN109063422B (zh) | 一种付费应用的下载运行方法、加固方法和服务器 | |
KR101711024B1 (ko) | 부정조작방지 장치 접근 방법 및 그 방법을 채용한 단말 장치 | |
CN111030816A (zh) | 一种取证设备接入平台的认证方法、装置及存储介质 | |
CN114584324B (zh) | 一种基于区块链的身份授权方法和系统 | |
CN112929871B (zh) | Ota升级包的获取方法、电子设备以及存储介质 | |
CN114640491A (zh) | 通信方法和系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 2017832029 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2017832029 Country of ref document: EP Effective date: 20180129 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |