WO2020042778A1 - Firmware upgrade method and device - Google Patents

Firmware upgrade method and device Download PDF

Info

Publication number
WO2020042778A1
WO2020042778A1 PCT/CN2019/095580 CN2019095580W WO2020042778A1 WO 2020042778 A1 WO2020042778 A1 WO 2020042778A1 CN 2019095580 W CN2019095580 W CN 2019095580W WO 2020042778 A1 WO2020042778 A1 WO 2020042778A1
Authority
WO
WIPO (PCT)
Prior art keywords
firmware
firmware file
key
file
terminal device
Prior art date
Application number
PCT/CN2019/095580
Other languages
French (fr)
Chinese (zh)
Inventor
黄凯明
孙健康
王林青
邹启蒙
姚四海
曾晓东
林锋
Original Assignee
阿里巴巴集团控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2020042778A1 publication Critical patent/WO2020042778A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Definitions

  • the present application relates to the field of electronic technology, and in particular, to a method and a device for upgrading firmware.
  • Firmware refers to the device "driver" stored inside the device, which is responsible for the most basic and lowest-level work of the operating system. Through the firmware, the operating system can achieve the operation of a specific machine in accordance with the standard device driver. It can be seen that among hardware devices, firmware is the soul of hardware devices and determines the functions and performance of hardware devices.
  • the device's firmware is upgraded.
  • the confidentiality of related firmware files is low, and it is easy to be tampered or cracked, and there is a large security risk.
  • the purpose of the embodiments of this specification is to provide a method and a device for upgrading firmware.
  • the embodiments of this specification are implemented as follows:
  • a method for upgrading firmware is provided, which is applied to a server.
  • the method includes:
  • the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
  • a firmware upgrade method which is applied to a terminal device, and the method includes:
  • the firmware upgrade instruction carrying a download address of a second firmware file, a second key, and a first check value
  • the second firmware file uses a second key to pair the first
  • the firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file.
  • the first key obtained by verification is a private key;
  • the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
  • a firmware upgrade device is provided and applied to a server.
  • the device includes:
  • An obtaining module configured to obtain a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
  • An encryption module configured to encrypt the first firmware file by using a second key to obtain a second firmware file
  • a first verification module configured to verify the second firmware file by using a preset verification algorithm to obtain a first verification value
  • a sending module is configured to send a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file and the second The key and the first check value.
  • a firmware upgrade device is provided and is applied to a terminal device.
  • the device includes:
  • An instruction receiving module is configured to receive a firmware upgrade instruction sent by a server.
  • the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value.
  • the second firmware file uses the first firmware file.
  • the two keys are obtained by encrypting the first firmware file.
  • the first firmware file is obtained by encrypting the source firmware file by using the first key.
  • the first verification value is obtained by using a preset verification algorithm.
  • the second firmware file is obtained through verification, and the first key is a private key;
  • a downloading module configured to obtain the second firmware file according to the download address of the second firmware file
  • a second verification module configured to verify the second firmware file by using the preset verification algorithm to obtain a second verification value
  • a decryption module configured to decrypt the second firmware file by using the second key when the second check value matches the first check value to obtain the first firmware file, And decrypting the first firmware file by using a pre-stored third key to obtain the source firmware file, where the third key is a public key corresponding to the first key;
  • An upgrade module is configured to use the source firmware file to upgrade the firmware of the terminal device.
  • an electronic device including:
  • a memory arranged to store computer-executable instructions that, when executed, cause the processor to perform the following operations:
  • the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
  • an electronic device including:
  • a memory arranged to store computer-executable instructions that, when executed, cause the processor to perform the following operations:
  • the firmware upgrade instruction carrying a download address of a second firmware file, a second key, and a first check value
  • the second firmware file uses a second key to pair the first
  • the firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file.
  • the first key obtained by verification is a private key;
  • the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
  • a computer storage medium stores one or more programs, and the one or more programs, when executed by an electronic device including a plurality of application programs, cause the electronic The device does the following:
  • the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
  • a computer storage medium stores one or more programs, and the one or more programs, when executed by an electronic device including multiple application programs, cause the electronic The device does the following:
  • the firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file.
  • the first key obtained by verification is a private key;
  • the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
  • the new firmware file (that is, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure the firmware file during the firmware upgrade process.
  • the content is not cracked and tampered with high security.
  • FIG. 1 is an application scenario diagram of a firmware upgrade method according to an embodiment of the present specification
  • FIG. 2 is a flowchart of a firmware upgrade method according to an embodiment of the present specification
  • FIG. 3 is a flowchart of a firmware upgrade method according to another embodiment of the present specification.
  • FIG. 4 is a schematic structural diagram of a firmware upgrade device according to an embodiment of the present specification.
  • FIG. 5 is a schematic structural diagram of a firmware upgrade device according to another embodiment of the present specification.
  • FIG. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present specification.
  • FIG. 7 is a schematic structural diagram of an electronic device according to another embodiment of the present specification.
  • the embodiments of the present specification provide a method and a device for upgrading firmware.
  • Over-the-air (OTA) technology refers to the use of a variety of over-the-air transmission methods (including not limited to WiFi, ZigBee, BLE, etc.) to distribute resources or configuration upgrades to embedded terminal devices, enabling terminal devices to perform automatic Update the upgraded technology.
  • OTA Over-the-air
  • the firmware upgrade of terminal equipment is mainly realized through OTA.
  • Message Queue Telemetry Transmission It is an instant messaging protocol developed by IBM and belongs to a lightweight transmission protocol.
  • Asymmetric encryption algorithm is a kind of key confidentiality method, involving public key and private key. Among them, public key and private key are a pair. If you use the private key to encrypt data, only It can be decrypted with the corresponding public key; if the data is encrypted with the public key, it can only be decrypted with the corresponding private key.
  • Symmetric encryption A symmetric encryption algorithm is a method of key confidentiality. It uses single-key encryption. The same key can be used for data encryption and decryption at the same time.
  • a digital digest is a message of any length into a fixed-length short message. It is similar to a function whose argument is a message, that is, a hash function.
  • the digital digest uses a one-way hash function to "digest" the plaintext that needs to be encrypted into a series of ciphertexts of fixed length (for example, 128 bits). This series of ciphertexts is also called digital fingerprints. It has a fixed length, and different The result of ciphertext is always different, and the abstract of the same plaintext must be consistent.
  • BootLoader It is the first piece of code that the embedded system executes after power-on. After it completes the initialization of the CPU and related hardware, it loads the operating system image or solidified embedded application into memory and then Jump to the space where the operating system is located and start the operating system.
  • the application scenarios include: a development environment, a management center, a server, and a terminal device; wherein a developer develops a firmware file in the development environment, and the firmware file developed by the developer is called "source firmware" File ", the source firmware file is used for the firmware upgrade of the terminal device; the management center is used to store and version information management of the source firmware file developed by the developer. After the developer develops a new source firmware file, the management center will update the new The source firmware file is entered into the management center. In order to ensure the legitimacy of the source firmware file, the management center will asymmetrically encrypt the new source firmware and provide the asymmetrically encrypted firmware file to the server.
  • the download address of the processed firmware file is provided to the terminal device; the terminal device downloads the firmware file according to the firmware file download address from the server, and verifies the downloaded firmware file , Decryption, if the check passes, and the decryption is successful, then Source files to obtain the firmware, the firmware file using the source terminal of the firmware upgrade.
  • FIG. 2 is a flowchart of a firmware upgrade method according to an embodiment of the present specification. The method is applied to a server. As shown in FIG. 2, the method may include the following steps: step 202, step 204, step 206, and step 208, where ,
  • step 202 a first firmware file is obtained, where the first firmware file is obtained by encrypting the source firmware file with a first key, and the first key is a private key.
  • the source firmware file is a firmware file developed by a developer in a development environment, and the source firmware file is a non-encrypted file.
  • the management center After a developer develops (or compiles) a new source firmware file in a development environment, it will be entered into the management center for storage, and the management center will asymmetrically encrypt the source firmware file to obtain the The symmetrically encrypted firmware file is the first firmware file.
  • the management center may use the private key of the RSA encryption algorithm to encrypt the source firmware file to obtain the first firmware file.
  • the server obtains the first firmware file from the management center.
  • step 204 the first firmware file is encrypted by using the second key to obtain a second firmware file.
  • the server in order to avoid the leakage of data and business logic of the firmware file during transmission, the server encrypts the first firmware file.
  • the AES encryption algorithm has the advantages of fast operation speed, high security, and low resource consumption, it may be preferred to use the AES encryption algorithm to encrypt the first firmware.
  • the second key is the AES key.
  • step 206 the second firmware file is verified by using a preset verification algorithm to obtain a first verification value.
  • the server verifies the second firmware file.
  • the verification algorithm may include: SHA256 verification algorithm, SHA128 verification algorithm, or MD5 verification algorithm.
  • the verification algorithm is a SHA256 verification algorithm
  • the first verification value is a 256-bit string
  • the verification algorithm is a SHA128 verification algorithm
  • the first verification value is a 128-bit character
  • the verification algorithm is an MD5 verification algorithm
  • the first verification value is a 128-bit character string.
  • a firmware upgrade instruction is sent to the terminal device.
  • the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade.
  • the firmware upgrade instruction carries the download address of the second firmware file, the second key, and the first check value. .
  • a firmware upgrade instruction is sent to the terminal device.
  • the firmware upgrade instruction may be sent to the terminal device through a lightweight transmission protocol; wherein the lightweight transmission protocol may include: MQTT protocol or CoAP protocol .
  • the server can receive status information reported by the terminal device, where the status information may include at least one of the following: firmware version information and firmware installation progress information, and the firmware version information is used to determine whether the terminal device is A firmware upgrade is required.
  • the server can locate the error according to the installation progress information of the firmware.
  • the server may issue a firmware upgrade instruction again when the terminal device restarts.
  • the new firmware file (ie, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure that the content of the firmware file is not cracked and tampered during the firmware upgrade , Higher security.
  • FIG. 3 is a flowchart of a firmware upgrade method according to another embodiment of the present specification. The method is applied to a terminal device. As shown in FIG. 3, the method may include the following steps: step 302, step 304, step 306, step 308, and Step 310, wherein
  • a firmware upgrade instruction sent by a server is received, wherein the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value, and the second firmware file uses the second key
  • the first firmware file is encrypted.
  • the first firmware file is obtained by encrypting the source firmware file with a first key.
  • the first verification value is obtained by verifying the second firmware file with a preset verification algorithm. Yes, the first key is a private key.
  • step 304 a second firmware file is acquired according to the download address of the second firmware file.
  • step 304 is specific. It can include the following steps:
  • the certificate corresponding to the download address of the second firmware file can be obtained, and the obtained certificate is verified through the root certificate of the legal download address stored in advance; if the verification is passed, the download address of the second firmware file is obtained.
  • the root certificate of the legal download address is embedded in the terminal device.
  • the host that is, the server
  • Certificate use the preset verification algorithm and the embedded root certificate to verify the host ’s certificate. If the verification is successful, it indicates that the host is legitimate. At this time, download the corresponding firmware file from the download address. If the verification fails, , It means that the host is illegal, and the corresponding firmware file is not downloaded from the download address at this time.
  • step 306 the second firmware file is verified by using a preset verification algorithm to obtain a second verification value.
  • the terminal device checks the downloaded firmware file to obtain a check value, and compares the check value with the check value carried in the firmware upgrade instruction. To determine the legitimacy of the firmware file; if the two match (that is, the same), the firmware file is legal and has not been tampered with; if the two do not match (that is, the same), the firmware file is Illegal, has been tampered with, in this case, the subsequent upgrade operation of the firmware file is no longer performed.
  • step 308 if the second check value matches the first check value, the second firmware file is decrypted using the second key to obtain the first firmware file, and the first stored file is used to decrypt the first firmware file.
  • the firmware file is decrypted to obtain the source firmware file, and the third key is a public key corresponding to the first key.
  • the terminal device stores a public key (ie, a third key) and a private key (ie, a first key) used for firmware file signing in advance.
  • a public key ie, a third key
  • a private key ie, a first key
  • the downloaded firmware file is decrypted using the key carried in the firmware upgrade instruction to obtain the decrypted firmware file. Because the firmware file decrypted by using the key carried in the firmware upgrade instruction is still an encrypted firmware file, and is a firmware file encrypted with a private key, and the terminal device locally maintains the public key corresponding to the private key, The terminal device can use the corresponding public key to decrypt the aforementioned firmware file. If the decryption fails, it means that the firmware file is illegal and has been tampered with. In this case, the subsequent upgrade operation of the firmware file is no longer performed; if If the decryption is successful, the terminal device is firmware upgraded according to the decrypted firmware file (that is, the source firmware file).
  • step 310 the terminal device is firmware upgraded using the source firmware file.
  • the source firmware file may be written into the flash memory of the terminal device. After the source firmware file is written into the flash memory of the terminal device, the terminal device can be restarted immediately to complete the firmware upgrade; or the terminal device can be restarted to complete the firmware upgrade after a preset time period or when a preset time point is reached.
  • the flash memory of the terminal device may be encrypted to ensure the security of the data stored in the flash memory. Specifically, if the flash memory of the terminal device is encrypted, when writing data to the flash memory, the flash memory needs to be decrypted first, and then the data is written; and when reading data from the flash memory, the flash memory needs to be decrypted first, and then Read the data.
  • the fourth key may be used to encrypt the boot loader of the terminal device, and the encrypted boot loader is verified to obtain a third check value;
  • the third verification value is stored in the flash memory of the terminal device, so that when the terminal device is restarted, the BootLoader needs to be verified, and it can be started only after the verification is passed; in this case, the third key can be stored in advance In BootLoader, to ensure the security of the third key.
  • the fourth key may be a 256-bit character string generated after Security Boot is turned on. The character string may be used as an AES key to encrypt the BootLoader, and the third check value may be stored at a position starting at 0x0 in the flash memory.
  • the terminal device may report status information to the server, where the status information includes at least one of the following: firmware version information and firmware installation progress information, and the firmware version information is used to determine whether the terminal device needs to perform Firmware upgrade, firmware installation progress information is used by the server to locate firmware upgrade errors.
  • the new firmware file (that is, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure that the content of the firmware file is not cracked and tampered during the firmware upgrade process. , Higher security.
  • FIG. 4 is a schematic structural diagram of a firmware upgrade device according to an embodiment of the present specification.
  • the firmware upgrade device is applied to a server.
  • the firmware upgrade device 400 may include an acquisition module 401, an encryption module 402, A first verification module 403 and a sending module 404, where:
  • An obtaining module 401 is configured to obtain a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
  • An encryption module 402 configured to encrypt the first firmware file by using a second key to obtain a second firmware file
  • a first verification module 403, configured to verify the second firmware file by using a preset verification algorithm to obtain a first verification value
  • a sending module 404 is configured to send a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the first Two keys and the first check value.
  • the new firmware file (that is, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure that the content of the firmware file is not cracked and tampered during the firmware upgrade process. , Higher security.
  • the sending module 404 may include:
  • An instruction sending submodule is configured to send a firmware upgrade instruction to the terminal device through a lightweight transmission protocol.
  • the second key includes an AES key.
  • the preset verification algorithm includes: a SHA256 verification algorithm, a SHA128 verification algorithm, or an MD5 verification algorithm.
  • the firmware upgrading apparatus 400 may further include:
  • the firmware upgrade apparatus 500 may include an instruction receiving module 501 and a download module. 502, a second verification module 503, a decryption module 504, and an upgrade module 505, where:
  • An instruction receiving module 501 is configured to receive a firmware upgrade instruction sent by a server, where the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value.
  • the second firmware file is The second key is obtained by encrypting the first firmware file.
  • the first firmware file is obtained by encrypting the source firmware file by using the first key.
  • the first verification value is obtained by using a preset verification algorithm. Obtained by performing verification on the second firmware file, and the first key is a private key;
  • a second verification module 503, configured to verify the second firmware file by using the preset verification algorithm to obtain a second verification value
  • a decryption module 504 configured to decrypt the second firmware file by using the second key when the second verification value matches the first verification value to obtain the first firmware file. And decrypting the first firmware file by using a pre-stored third key to obtain the source firmware file, where the third key is a public key corresponding to the first key;
  • An upgrade module 505 is configured to use the source firmware file to upgrade the firmware of the terminal device.
  • the new firmware file (that is, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure that the content of the firmware file is not cracked and tampered during the firmware upgrade process. , Higher security.
  • the download module 502 may include:
  • a certificate obtaining submodule configured to obtain a certificate corresponding to the download address of the second firmware file
  • the firmware file download sub-module is configured to obtain the second firmware file from a download address of the second firmware file if the verification succeeds.
  • the firmware upgrading apparatus 500 may further include:
  • An encryption submodule configured to use the fourth key to encrypt the BootLoader of the terminal device, and verify the encrypted BootLoader to obtain a third check value
  • a storage submodule configured to store the third check value in a flash memory of the terminal device.
  • the third key is stored in the BootLoader in advance.
  • the upgrade module 505 may include:
  • An upgrade submodule is configured to write the source firmware file into a flash memory of the terminal device.
  • the firmware upgrading apparatus 500 may further include:
  • the reporting module is configured to report status information to the server, the status information includes at least one of the following: firmware version information and firmware installation progress information.
  • FIG. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present specification.
  • the electronic device may be a server.
  • the electronic device includes a processor, and optionally an internal bus and network Interface, memory.
  • the memory may include a memory, such as a high-speed random access memory (Random-Access Memory, RAM), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory.
  • RAM random access memory
  • non-volatile memory such as at least one disk memory.
  • the electronic device may also include hardware required for other services.
  • the processor, network interface and memory can be connected to each other through an internal bus, which can be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect) bus, or an EISA (Extended Industry Standard Architecture (Extended Industry Standard Architecture) bus and so on.
  • the bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only a two-way arrow is used in FIG. 6, but it does not mean that there is only one bus or one type of bus.
  • the program may include program code, where the program code includes a computer operation instruction.
  • the memory may include memory and non-volatile memory, and provide instructions and data to the processor.
  • the processor reads the corresponding computer program from the non-volatile memory into the memory and then runs it to form a firmware upgrade device on a logical level.
  • the processor executes a program stored in the memory, and is specifically used to perform the following operations:
  • the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
  • the sending a firmware upgrade instruction to the terminal device includes:
  • the second key includes an AES key.
  • the preset verification algorithm includes: a SHA256 verification algorithm, a SHA128 verification algorithm, or an MD5 verification algorithm.
  • the method further includes:
  • the method performed by the firmware upgrading apparatus disclosed in the embodiment shown in FIG. 6 of the present specification may be applied to a processor, or implemented by a processor.
  • the processor may be an integrated circuit chip with signal processing capabilities.
  • each step of the above method may be completed by an integrated logic circuit of hardware in a processor or an instruction in a form of software.
  • the aforementioned processor may be a general-purpose processor, including a central processing unit (CPU), a network processor (NP), etc .; it may also be a digital signal processor (DSP), special integration Circuit (Application Specific Integrated Circuit, ASIC), Field Programmable Gate Array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
  • a general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
  • the steps of the method disclosed in combination with the embodiments of the present specification may be directly embodied as being executed by a hardware decoding processor, or may be executed and completed by using a combination of hardware and software modules in the decoding processor.
  • the software module may be located in a mature storage medium such as a random access memory, a flash memory, a read-only memory, a programmable read-only memory, or an electrically erasable programmable memory, a register, and the like.
  • the storage medium is located in a memory, and the processor reads the information in the memory and completes the steps of the foregoing method in combination with its hardware.
  • the electronic device can also execute the method in FIG. 2 and implement the functions of the firmware upgrade device in the embodiment shown in FIG. 2, which will not be described in detail in the embodiment of this specification.
  • FIG. 7 is a schematic structural diagram of an electronic device according to another embodiment of the present specification.
  • the electronic device may be a terminal device.
  • the electronic device includes a processor, and optionally an internal bus, Network interface, storage.
  • the memory may include a memory, such as a high-speed random access memory (Random-Access Memory, RAM), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory.
  • RAM random access memory
  • non-volatile memory non-volatile memory
  • the electronic device may also include hardware required for other services.
  • the processor, network interface and memory can be connected to each other through an internal bus, which can be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect) bus, or an EISA (Extended Industry Standard Architecture (Extended Industry Standard Architecture) bus and so on.
  • the bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only a two-way arrow is used in FIG. 7, but it does not mean that there is only one bus or one type of bus.
  • the program may include program code, where the program code includes a computer operation instruction.
  • the memory may include memory and non-volatile memory, and provide instructions and data to the processor.
  • the processor reads the corresponding computer program from the non-volatile memory into the memory and then runs it to form a firmware upgrade device on a logical level.
  • the processor executes a program stored in the memory, and is specifically used to perform the following operations:
  • the firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file.
  • the first key obtained by verification is a private key;
  • the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
  • the obtaining the second firmware file according to the download address of the second firmware file includes:
  • the method further includes:
  • the third key is stored in the BootLoader in advance.
  • the using the source firmware file to perform firmware upgrade on the terminal device includes:
  • the method further includes:
  • the method performed by the firmware upgrading apparatus disclosed in the embodiment shown in FIG. 7 of the present specification may be applied to a processor, or implemented by a processor.
  • the processor may be an integrated circuit chip with signal processing capabilities.
  • each step of the above method may be completed by an integrated logic circuit of hardware in a processor or an instruction in a form of software.
  • the aforementioned processor may be a general-purpose processor, including a central processing unit (CPU), a network processor (NP), etc .; it may also be a digital signal processor (DSP), special integration Circuit (Application Specific Integrated Circuit, ASIC), Field Programmable Gate Array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
  • DSP digital signal processor
  • ASIC Application Specific Integrated Circuit
  • FPGA Field Programmable Gate Array
  • a general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
  • the steps of the method disclosed in combination with the embodiments of the present specification may be directly embodied as being executed by a hardware decoding processor, or may be executed and completed by using a combination of hardware and software modules in the decoding processor.
  • the software module may be located in a mature storage medium such as a random access memory, a flash memory, a read-only memory, a programmable read-only memory, or an electrically erasable programmable memory, a register, and the like.
  • the storage medium is located in a memory, and the processor reads the information in the memory and completes the steps of the foregoing method in combination with its hardware.
  • the electronic device can also execute the method in FIG. 3 and implement the functions of the firmware upgrade device in the embodiment shown in FIG.
  • An embodiment of the present specification also provides a computer-readable storage medium, where the computer-readable storage medium stores one or more programs, the one or more programs include instructions, and the instructions should be portable electronic devices that include multiple application programs When executed, the portable electronic device can be caused to execute the method in the embodiment shown in FIG. 2, and is specifically configured to execute the following method:
  • the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
  • An embodiment of the present specification also provides a computer-readable storage medium, where the computer-readable storage medium stores one or more programs, the one or more programs include instructions, and the instructions should be portable electronic devices that include multiple application programs When executed, the portable electronic device can be caused to execute the method in the embodiment shown in FIG. 3, and is specifically configured to execute the following method:
  • the firmware upgrade instruction carrying a download address of a second firmware file, a second key, and a first check value
  • the second firmware file uses a second key to pair the first
  • the firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file.
  • the first key obtained by verification is a private key;
  • the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
  • the system, device, module, or unit described in the foregoing embodiments may be specifically implemented by a computer chip or entity, or a product with a certain function.
  • a typical implementation device is a computer.
  • the computer may be, for example, a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or A combination of any of these devices.
  • Computer-readable media includes both permanent and non-persistent, removable and non-removable media.
  • Information can be stored by any method or technology.
  • Information may be computer-readable instructions, data structures, modules of a program, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), and read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, read-only disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, Magnetic tape cartridges, magnetic tape magnetic disk storage or other magnetic storage devices or any other non-transmission media may be used to store information that can be accessed by computing devices.
  • computer-readable media does not include temporary computer-readable media, such as modulated data signals and carrier waves.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Stored Programmes (AREA)

Abstract

Provided are a firmware upgrade method and device in embodiments of the description, wherein the method comprises: obtaining, by a server, a first firmware file, wherein the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key; encrypting the first firmware file with a second key to obtain a second firmware file; checking the second firmware file by using a preset check algorithm to obtain a first check value; sending a firmware upgrade instruction to the terminal device, wherein the firmware upgrade instruction is used for instructing the terminal device to upgrade the firmware, and the firmware upgrade instruction carries a download address of the second firmware file, the second key and the first check value. Hence, in the embodiments of the description, a new firmware file (equivalent to a source firmware file) developed by a developer is encrypted and checked for many times, to ensure that the contents of the firmware file are not cracked and tampered during firmware upgrading, and thus the security is high.

Description

固件升级方法及装置Method and device for upgrading firmware 技术领域Technical field
本申请涉及电子技术领域,尤其涉及一种固件升级方法及装置。The present application relates to the field of electronic technology, and in particular, to a method and a device for upgrading firmware.
背景技术Background technique
固件(Firmware)是指设备内部保存的设备“驱动程序”,承担着操作系统最基础最底层的工作,通过固件,操作系统才能按照标准的设备驱动实现特定机器的运行动作。可见,在硬件设备中,固件就是硬件设备的灵魂,决定着硬件设备的功能及性能。Firmware refers to the device "driver" stored inside the device, which is responsible for the most basic and lowest-level work of the operating system. Through the firmware, the operating system can achieve the operation of a specific machine in accordance with the standard device driver. It can be seen that among hardware devices, firmware is the soul of hardware devices and determines the functions and performance of hardware devices.
为了修复产品缺陷、满足不断变化的需求和新功能、以及缩短产品周期,会对设备的固件进行升级。目前,在对固件进行升级的过程中,相关固件文件的保密程度较低,易于被篡改或破解,存在较大的安全隐患。To fix product defects, meet changing needs and new features, and shorten product cycles, the device's firmware is upgraded. At present, in the process of upgrading the firmware, the confidentiality of related firmware files is low, and it is easy to be tampered or cracked, and there is a large security risk.
为解决上述技术问题,需要提出一种安全性较高的固件升级方法。In order to solve the above technical problems, it is necessary to propose a highly secure firmware upgrade method.
发明内容Summary of the Invention
本说明书实施例的目的是提供一种固件升级方法及装置,本说明书实施例是这样实现的:The purpose of the embodiments of this specification is to provide a method and a device for upgrading firmware. The embodiments of this specification are implemented as follows:
第一方面,提供了一种固件升级方法,应用于服务端,所述方法包括:In a first aspect, a method for upgrading firmware is provided, which is applied to a server. The method includes:
获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;Obtaining a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;Encrypting the first firmware file by using a second key to obtain a second firmware file;
采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;Verifying the second firmware file by using a preset verification algorithm to obtain a first verification value;
向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。Sending a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the second key, and the First check value.
第二方面,提供了一种固件升级方法,应用于终端设备,所述方法包括:In a second aspect, a firmware upgrade method is provided, which is applied to a terminal device, and the method includes:
接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地 址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;Receiving a firmware upgrade instruction sent by a server, the firmware upgrade instruction carrying a download address of a second firmware file, a second key, and a first check value, where the second firmware file uses a second key to pair the first The firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file. The first key obtained by verification is a private key;
根据所述第二固件文件的下载地址,获取所述第二固件文件;Obtaining the second firmware file according to the download address of the second firmware file;
采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;Verifying the second firmware file by using the preset verification algorithm to obtain a second verification value;
如果所述第二校验值与所述第一校验值匹配,则采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;If the second check value matches the first check value, the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
使用所述源固件文件对所述终端设备进行固件升级。Use the source firmware file to perform firmware upgrade on the terminal device.
第三方面,提供了一种固件升级装置,应用于服务端,所述装置包括:According to a third aspect, a firmware upgrade device is provided and applied to a server. The device includes:
获取模块,用于获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;An obtaining module, configured to obtain a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
加密模块,用于采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;An encryption module, configured to encrypt the first firmware file by using a second key to obtain a second firmware file;
第一校验模块,用于采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;A first verification module, configured to verify the second firmware file by using a preset verification algorithm to obtain a first verification value;
发送模块,用于向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。A sending module is configured to send a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file and the second The key and the first check value.
第四方面,提供了一种固件升级装置,应用于终端设备,所述装置包括:According to a fourth aspect, a firmware upgrade device is provided and is applied to a terminal device. The device includes:
指令接收模块,用于接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;An instruction receiving module is configured to receive a firmware upgrade instruction sent by a server. The firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value. The second firmware file uses the first firmware file. The two keys are obtained by encrypting the first firmware file. The first firmware file is obtained by encrypting the source firmware file by using the first key. The first verification value is obtained by using a preset verification algorithm. The second firmware file is obtained through verification, and the first key is a private key;
下载模块,用于根据所述第二固件文件的下载地址,获取所述第二固件文件;A downloading module, configured to obtain the second firmware file according to the download address of the second firmware file;
第二校验模块,用于采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;A second verification module, configured to verify the second firmware file by using the preset verification algorithm to obtain a second verification value;
解密模块,用于在所述第二校验值与所述第一校验值匹配的情况下,采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;A decryption module, configured to decrypt the second firmware file by using the second key when the second check value matches the first check value to obtain the first firmware file, And decrypting the first firmware file by using a pre-stored third key to obtain the source firmware file, where the third key is a public key corresponding to the first key;
升级模块,用于使用所述源固件文件对所述终端设备进行固件升级。An upgrade module is configured to use the source firmware file to upgrade the firmware of the terminal device.
第五方面,提供了一种电子设备,包括:In a fifth aspect, an electronic device is provided, including:
处理器;以及Processor; and
被安排成存储计算机可执行指令的存储器,所述可执行指令在被执行时使所述处理器执行以下操作:A memory arranged to store computer-executable instructions that, when executed, cause the processor to perform the following operations:
获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;Obtaining a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;Encrypting the first firmware file by using a second key to obtain a second firmware file;
采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;Verifying the second firmware file by using a preset verification algorithm to obtain a first verification value;
向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。Sending a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the second key, and the First check value.
第六方面,提供了一种电子设备,包括:According to a sixth aspect, an electronic device is provided, including:
处理器;以及Processor; and
被安排成存储计算机可执行指令的存储器,所述可执行指令在被执行时使所述处理器执行以下操作:A memory arranged to store computer-executable instructions that, when executed, cause the processor to perform the following operations:
接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;Receiving a firmware upgrade instruction sent by a server, the firmware upgrade instruction carrying a download address of a second firmware file, a second key, and a first check value, where the second firmware file uses a second key to pair the first The firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file. The first key obtained by verification is a private key;
根据所述第二固件文件的下载地址,获取所述第二固件文件;Obtaining the second firmware file according to the download address of the second firmware file;
采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;Verifying the second firmware file by using the preset verification algorithm to obtain a second verification value;
如果所述第二校验值与所述第一校验值匹配,则采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;If the second check value matches the first check value, the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
使用所述源固件文件对所述终端设备进行固件升级。Use the source firmware file to perform firmware upgrade on the terminal device.
第七方面,提供了一种计算机存储介质,所述计算机可读存储介质存储一个或多个程序,所述一个或多个程序当被包括多个应用程序的电子设备执行时,使得所述电子设备执行以下操作:According to a seventh aspect, a computer storage medium is provided. The computer-readable storage medium stores one or more programs, and the one or more programs, when executed by an electronic device including a plurality of application programs, cause the electronic The device does the following:
获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;Obtaining a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;Encrypting the first firmware file by using a second key to obtain a second firmware file;
采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;Verifying the second firmware file by using a preset verification algorithm to obtain a first verification value;
向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。Sending a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the second key, and the First check value.
第八方面,提供了一种计算机存储介质,所述计算机可读存储介质存储一个或多个程序,所述一个或多个程序当被包括多个应用程序的电子设备执行时,使得所述电子设备执行以下操作:According to an eighth aspect, a computer storage medium is provided. The computer-readable storage medium stores one or more programs, and the one or more programs, when executed by an electronic device including multiple application programs, cause the electronic The device does the following:
接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;Receiving a firmware upgrade instruction sent by a server, where the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value; The firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file. The first key obtained by verification is a private key;
根据所述第二固件文件的下载地址,获取所述第二固件文件;Obtaining the second firmware file according to the download address of the second firmware file;
采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;Verifying the second firmware file by using the preset verification algorithm to obtain a second verification value;
如果所述第二校验值与所述第一校验值匹配,则采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;If the second check value matches the first check value, the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
使用所述源固件文件对所述终端设备进行固件升级。Use the source firmware file to perform firmware upgrade on the terminal device.
由以上本说明书实施例提供的技术方案可见,本说明书实施例中,通过对开发人员开发出的新固件文件(即源固件文件)进行多次加密和校验,来确保固件升级过程中固件文件的内容不被破解和篡改,安全性较高。As can be seen from the technical solutions provided by the embodiments of the present specification, in the embodiments of the present specification, the new firmware file (that is, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure the firmware file during the firmware upgrade process. The content is not cracked and tampered with high security.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
为了更清楚地说明本说明书实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本说明书中记载的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly explain the embodiments of the present specification or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly introduced below. Obviously, the drawings in the following description are merely These are some of the embodiments described in this specification. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without paying creative labor.
图1是本说明书的一个实施例的固件升级方法的应用场景图;FIG. 1 is an application scenario diagram of a firmware upgrade method according to an embodiment of the present specification; FIG.
图2是本说明书的一个实施例的固件升级方法的流程图;2 is a flowchart of a firmware upgrade method according to an embodiment of the present specification;
图3是本说明书的另一个实施例的固件升级方法的流程图;3 is a flowchart of a firmware upgrade method according to another embodiment of the present specification;
图4是本说明书的一个实施例的固件升级装置的结构示意图;4 is a schematic structural diagram of a firmware upgrade device according to an embodiment of the present specification;
图5是本说明书的另一个实施例的固件升级装置的结构示意图;5 is a schematic structural diagram of a firmware upgrade device according to another embodiment of the present specification;
图6是本说明书的一个实施例的电子设备的结构示意图;6 is a schematic structural diagram of an electronic device according to an embodiment of the present specification;
图7是本说明书的另一个实施例的电子设备的结构示意图。FIG. 7 is a schematic structural diagram of an electronic device according to another embodiment of the present specification.
具体实施方式detailed description
为了使本技术领域的人员更好地理解本说明书中的技术方案,下面将结合本说明书实施例中的附图,对本说明书实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅是本说明书一部分实施例,而不是全部的实施例。基于本说明书中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都应当属于本说明书保护的范围。In order to enable those skilled in the art to better understand the technical solutions in the present specification, the technical solutions in the embodiments of the present specification will be clearly and completely described with reference to the accompanying drawings in the embodiments of the present specification. Obviously, the described The examples are only a part of the examples of this specification, but not all the examples. Based on the embodiments in this specification, all other embodiments obtained by a person of ordinary skill in the art without creative efforts should fall within the protection scope of this specification.
本说明书实施例提供了一种固件升级方法及装置。The embodiments of the present specification provide a method and a device for upgrading firmware.
为了便于理解,下面首先对本说明书实施例中涉及到的一些概念及应用场景进行介绍。In order to facilitate understanding, the following first introduces some concepts and application scenarios involved in the embodiments of this specification.
空中下载技术(Over The Air,OTA):是指通过多样化的空中传输方法(包括不限于WiFi、ZigBee和BLE等)将需要升级资源或配置分发到嵌入式终端设备上,使终端 设备进行自动更新升级的技术。目前,终端设备的固件升级主要通过OTA实现。Over-the-air (OTA) technology: refers to the use of a variety of over-the-air transmission methods (including not limited to WiFi, ZigBee, BLE, etc.) to distribute resources or configuration upgrades to embedded terminal devices, enabling terminal devices to perform automatic Update the upgraded technology. At present, the firmware upgrade of terminal equipment is mainly realized through OTA.
消息队列遥测传输(Message Queuing Telemetry Transport,MQTT):是IBM开发的一个即时通讯协议,属于轻量级传输协议。Message Queue Telemetry Transmission (MQTT): It is an instant messaging protocol developed by IBM and belongs to a lightweight transmission protocol.
非对称加密:非对称加密算法是一种密钥的保密方法,涉及公开密钥和私有密钥,其中,公开密钥与私有密钥是一对,如果用私有密钥对数据进行加密,只有用对应的公开密钥才能解密;如果用公开密钥对数据进行加密,只有用对应的私有密钥才能解密。Asymmetric encryption: Asymmetric encryption algorithm is a kind of key confidentiality method, involving public key and private key. Among them, public key and private key are a pair. If you use the private key to encrypt data, only It can be decrypted with the corresponding public key; if the data is encrypted with the public key, it can only be decrypted with the corresponding private key.
对称加密:对称加密算法是一种密钥的保密方法,采用单钥密钥加密,同一个密钥可以同时用作数据的加密和解密,也称为单密钥加密。Symmetric encryption: A symmetric encryption algorithm is a method of key confidentiality. It uses single-key encryption. The same key can be used for data encryption and decryption at the same time.
数字摘要:数字摘要是将任意长度的消息变成固定长度的短消息,它类似于一个自变量是消息的函数,也就是Hash函数。数字摘要采用单向Hash函数将需要加密的明文“摘要”成一串固定长度(例如128位)的密文这一串密文又称为数字指纹,它有固定的长度,而且不同的明文摘要成密文,其结果总是不同的,而同样的明文其摘要必定一致。Digital digest: A digital digest is a message of any length into a fixed-length short message. It is similar to a function whose argument is a message, that is, a hash function. The digital digest uses a one-way hash function to "digest" the plaintext that needs to be encrypted into a series of ciphertexts of fixed length (for example, 128 bits). This series of ciphertexts is also called digital fingerprints. It has a fixed length, and different The result of ciphertext is always different, and the abstract of the same plaintext must be consistent.
启动装载(BootLoader):是嵌入式系统在加电后执行的第一段代码,在它完成CPU和相关硬件的初始化之后,再将操作系统映像或固化的嵌入式应用程序装在到内存中然后跳转到操作系统所在的空间,启动操作系统运行。BootLoader: It is the first piece of code that the embedded system executes after power-on. After it completes the initialization of the CPU and related hardware, it loads the operating system image or solidified embedded application into memory and then Jump to the space where the operating system is located and start the operating system.
本说明书实施例技术方案的应用场景:应用场景中包括:开发环境、管理中心、服务端和终端设备;其中,开发人员在开发环境中开发固件文件,开发人员开发的固件文件称为“源固件文件”,源固件文件用于终端设备的固件升级;管理中心用于对开发人员开发的源固件文件进行存储和版本信息管理,在开发人员开发出新的源固件文件后,管理中心会将新的源固件文件录入到该管理中心中,为了确保源固件文件的合法性,管理中心会对新的源固件进行非对称加密,并将非对称加密得到的固件文件提供给服务端;服务端对来自管理中心的固件文件进行一系列处理后,将处理后的固件文件的下载地址提供给终端设备;终端设备根据来自服务端的固件文件下载地址去下载固件文件,对下载得到的固件文件进行校验、解密,如果校验通过、且解密成功,则会得到源固件文件,使用源固件文件对终端设备的固件进行升级。Application scenarios of the technical solutions of the embodiments of the present specification: The application scenarios include: a development environment, a management center, a server, and a terminal device; wherein a developer develops a firmware file in the development environment, and the firmware file developed by the developer is called "source firmware" File ", the source firmware file is used for the firmware upgrade of the terminal device; the management center is used to store and version information management of the source firmware file developed by the developer. After the developer develops a new source firmware file, the management center will update the new The source firmware file is entered into the management center. In order to ensure the legitimacy of the source firmware file, the management center will asymmetrically encrypt the new source firmware and provide the asymmetrically encrypted firmware file to the server. After a series of processing of the firmware file from the management center, the download address of the processed firmware file is provided to the terminal device; the terminal device downloads the firmware file according to the firmware file download address from the server, and verifies the downloaded firmware file , Decryption, if the check passes, and the decryption is successful, then Source files to obtain the firmware, the firmware file using the source terminal of the firmware upgrade.
接下来对本说明书实施例提供的一种固件升级方法进行介绍。Next, a method for upgrading firmware provided by an embodiment of this specification is described.
图2是本说明书的一个实施例的固件升级方法的流程图,该方法应用于服务端,如图2所示,该方法可以包括以下步骤:步骤202、步骤204、步骤206和步骤208,其中,FIG. 2 is a flowchart of a firmware upgrade method according to an embodiment of the present specification. The method is applied to a server. As shown in FIG. 2, the method may include the following steps: step 202, step 204, step 206, and step 208, where ,
在步骤202中,获取第一固件文件,其中,第一固件文件是采用第一密钥对源固件 文件进行加密得到的,第一密钥为私有密钥。In step 202, a first firmware file is obtained, where the first firmware file is obtained by encrypting the source firmware file with a first key, and the first key is a private key.
本说明书实施例中,源固件文件为开发人员在开发环境中开发的固件文件,源固件文件为非加密的文件。In the embodiment of the present specification, the source firmware file is a firmware file developed by a developer in a development environment, and the source firmware file is a non-encrypted file.
本说明书实施例中,在开发人员在开发环境中开发(或编译)出新的源固件文件后,会将其录入管理中心中进行存储,管理中心会对源固件文件进行非对称加密,得到非对称加密后的固件文件,即第一固件文件;具体的,管理中心可以采用RSA加密算法的私有密钥对源固件文件进行加密,得到第一固件文件。相应的,服务端从管理中心中获取第一固件文件。In the embodiment of this specification, after a developer develops (or compiles) a new source firmware file in a development environment, it will be entered into the management center for storage, and the management center will asymmetrically encrypt the source firmware file to obtain the The symmetrically encrypted firmware file is the first firmware file. Specifically, the management center may use the private key of the RSA encryption algorithm to encrypt the source firmware file to obtain the first firmware file. Correspondingly, the server obtains the first firmware file from the management center.
在步骤204中,采用第二密钥对第一固件文件进行加密,得到第二固件文件。In step 204, the first firmware file is encrypted by using the second key to obtain a second firmware file.
本说明书实施例中,为了避免传输过程中固件文件的数据和业务逻辑的泄露,服务端会对第一固件文件进行加密。考虑到AES加密算法具备运算速度快,安全性高以及资源消耗少等优点,因此,可以优先选择采用AES加密算法对第一固件进行加密,此时,第二密钥为AES密钥。In the embodiment of the present specification, in order to avoid the leakage of data and business logic of the firmware file during transmission, the server encrypts the first firmware file. Considering that the AES encryption algorithm has the advantages of fast operation speed, high security, and low resource consumption, it may be preferred to use the AES encryption algorithm to encrypt the first firmware. At this time, the second key is the AES key.
在步骤206中,采用预设校验算法对第二固件文件进行校验,得到第一校验值。In step 206, the second firmware file is verified by using a preset verification algorithm to obtain a first verification value.
本说明书实施例中,保证固件升级过程的安全性,服务端会对第二固件文件进行校验,其中,校验算法可以包括:SHA256校验算法、SHA128校验算法或MD5校验算法。具体的,当校验算法为SHA256校验算法时,第一校验值为256位的字符串;具体的,当校验算法为SHA128校验算法时,第一校验值为128位的字符串;具体的,当校验算法为MD5校验算法时,第一校验值为128位的字符串。In the embodiment of this specification, to ensure the security of the firmware upgrade process, the server verifies the second firmware file. The verification algorithm may include: SHA256 verification algorithm, SHA128 verification algorithm, or MD5 verification algorithm. Specifically, when the verification algorithm is a SHA256 verification algorithm, the first verification value is a 256-bit string; specifically, when the verification algorithm is a SHA128 verification algorithm, the first verification value is a 128-bit character. Specifically, when the verification algorithm is an MD5 verification algorithm, the first verification value is a 128-bit character string.
在步骤208中,向终端设备发送固件升级指令,其中,固件升级指令用于指示终端设备进行固件升级,固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值。In step 208, a firmware upgrade instruction is sent to the terminal device. The firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade. The firmware upgrade instruction carries the download address of the second firmware file, the second key, and the first check value. .
本说明书实施例中,当检测到终端设备中的固件版本低于源固件文件的版本时,向该终端设备发送固件升级指令。In the embodiment of the present specification, when it is detected that the firmware version in the terminal device is lower than the version of the source firmware file, a firmware upgrade instruction is sent to the terminal device.
考虑到固件升级指令中携带的数据量比较小,本说明书实施例中,可以通过轻量级传输协议,向终端设备发送固件升级指令;其中,轻量级传输协议可以包括:MQTT协议或CoAP协议。Considering that the amount of data carried in the firmware upgrade instruction is relatively small, in the embodiment of the present specification, the firmware upgrade instruction may be sent to the terminal device through a lightweight transmission protocol; wherein the lightweight transmission protocol may include: MQTT protocol or CoAP protocol .
本说明书实施例中,服务端可以接收终端设备上报的状态信息,其中,状态信息可 以包括下述至少一项:固件的版本信息和固件的安装进度信息,固件的版本信息用于确定终端设备是否需要进行固件升级。In the embodiment of the present specification, the server can receive status information reported by the terminal device, where the status information may include at least one of the following: firmware version information and firmware installation progress information, and the firmware version information is used to determine whether the terminal device is A firmware upgrade is required.
本说明书实施例中,如果终端设备在固件升级过程中发生错误,则服务端可以根据固件的安装进度信息进行错误定位。In the embodiment of this specification, if an error occurs in the terminal device during the firmware upgrade process, the server can locate the error according to the installation progress information of the firmware.
本说明书实施例中,如果终端设备的固件升级失败,则服务端可以在终端设备重启时再次下发固件升级指令。In the embodiment of this specification, if the firmware upgrade of the terminal device fails, the server may issue a firmware upgrade instruction again when the terminal device restarts.
由上述实施例可见,该实施例中,通过对开发人员开发出的新固件文件(即源固件文件)进行多次加密和校验,来确保固件升级过程中固件文件的内容不被破解和篡改,安全性较高。It can be seen from the above embodiment that in this embodiment, the new firmware file (ie, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure that the content of the firmware file is not cracked and tampered during the firmware upgrade , Higher security.
图3是本说明书的另一个实施例的固件升级方法的流程图,该方法应用于终端设备,如图3所示,该方法可以包括以下步骤:步骤302、步骤304、步骤306、步骤308和步骤310,其中,FIG. 3 is a flowchart of a firmware upgrade method according to another embodiment of the present specification. The method is applied to a terminal device. As shown in FIG. 3, the method may include the following steps: step 302, step 304, step 306, step 308, and Step 310, wherein
在步骤302中,接收服务端发送的固件升级指令,其中,固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,第二固件文件是采用第二密钥对第一固件文件进行加密得到的,第一固件文件是采用第一密钥对源固件文件进行加密得到的,第一校验值是采用预设校验算法对第二固件文件进行校验得到的,第一密钥为私有密钥。In step 302, a firmware upgrade instruction sent by a server is received, wherein the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value, and the second firmware file uses the second key The first firmware file is encrypted. The first firmware file is obtained by encrypting the source firmware file with a first key. The first verification value is obtained by verifying the second firmware file with a preset verification algorithm. Yes, the first key is a private key.
在步骤304中,根据第二固件文件的下载地址,获取第二固件文件。In step 304, a second firmware file is acquired according to the download address of the second firmware file.
本说明书实施例中,通过可以HTTPS证书认证的方式,验证固件文件的下载地址的合法性,从而确保固件升级指令中的固件文件下载地址和校验值未被篡改,相应的,上述步骤304具体可以包括以下步骤:In the embodiment of the present specification, the legality of the download address of the firmware file is verified by means of HTTPS certificate authentication, so as to ensure that the download address and check value of the firmware file in the firmware upgrade instruction have not been tampered with. Accordingly, the above step 304 is specific. It can include the following steps:
获取第二固件文件的下载地址对应的数字证书;Obtaining a digital certificate corresponding to the download address of the second firmware file;
判断数字证书是否处于预设白名单中,如果数字证书处于预设白名单中,则从第二固件文件的下载地址获取第二固件文件,其中,预设白名单中的数字证书为合法数字证书。Determine whether the digital certificate is in the preset white list. If the digital certificate is in the preset white list, obtain the second firmware file from the download address of the second firmware file, where the digital certificate in the preset white list is a valid digital certificate. .
本说明书实施例中,可以获取第二固件文件的下载地址对应的证书,通过预先存储的合法下载地址的根证书对所获取的证书进行验证;如果验证通过,则从第二固件文件的下载地址获取第二固件文件。具体的,在终端设备中预埋合法下载地址的根证书,当需要从下载地址获取固件文件(即需要与服务端进行通信)时,通过下载地址中包括的 主机域名,获取主机(即服务端)的证书,使用预设的验证算法和预埋的根证书,对主机的证书进行验证,如果验证通过,则表明主机是合法的,此时从下载地址下载相应的固件文件,如果验证未通过,则表明主机是非法的,此时不从下载地址下载相应的固件文件。In the embodiment of the present specification, the certificate corresponding to the download address of the second firmware file can be obtained, and the obtained certificate is verified through the root certificate of the legal download address stored in advance; if the verification is passed, the download address of the second firmware file is obtained. Obtain a second firmware file. Specifically, the root certificate of the legal download address is embedded in the terminal device. When the firmware file needs to be obtained from the download address (that is, communication with the server is required), the host (that is, the server) is obtained through the host domain name included in the download address. ) Certificate, use the preset verification algorithm and the embedded root certificate to verify the host ’s certificate. If the verification is successful, it indicates that the host is legitimate. At this time, download the corresponding firmware file from the download address. If the verification fails, , It means that the host is illegal, and the corresponding firmware file is not downloaded from the download address at this time.
在步骤306中,采用预设校验算法对第二固件文件进行校验,得到第二校验值。In step 306, the second firmware file is verified by using a preset verification algorithm to obtain a second verification value.
本说明书实施例中,为了确保固件文件的合法性,终端设备会对下载得到的固件文件进行校验,得到校验值,通过将该校验值与固件升级指令中携带的校验值进行比较,确定该固件文件的合法性;其中,如果两者匹配(即相同),则表明该固件文件是合法的,未被篡改;如果两者不匹配(即不相同),则表明该固件文件是非法的,已被篡改,这种情况下,不再执行该固件文件的后续升级操作。In the embodiment of this specification, in order to ensure the legality of the firmware file, the terminal device checks the downloaded firmware file to obtain a check value, and compares the check value with the check value carried in the firmware upgrade instruction. To determine the legitimacy of the firmware file; if the two match (that is, the same), the firmware file is legal and has not been tampered with; if the two do not match (that is, the same), the firmware file is Illegal, has been tampered with, in this case, the subsequent upgrade operation of the firmware file is no longer performed.
在步骤308中,如果第二校验值与第一校验值匹配,则采用第二密钥对第二固件文件进行解密得到第一固件文件,以及采用预先存储的第三密钥对第一固件文件进行解密得到源固件文件,第三密钥为第一密钥对应的公开密钥。In step 308, if the second check value matches the first check value, the second firmware file is decrypted using the second key to obtain the first firmware file, and the first stored file is used to decrypt the first firmware file. The firmware file is decrypted to obtain the source firmware file, and the third key is a public key corresponding to the first key.
本说明书实施例中,终端设备会预先存储用于固件文件签名的公开密钥(即第三密钥)和私有密钥(即第一密钥)。In the embodiment of the present specification, the terminal device stores a public key (ie, a third key) and a private key (ie, a first key) used for firmware file signing in advance.
本说明书实施例中,使用固件升级指令中携带的密钥对下载得到的固件文件进行解密,得到解密后的固件文件。由于使用固件升级指令中携带的密钥解密得到的固件文件仍然为加密的固件文件、且是使用私有密钥加密的固件文件、且终端设备本地维护了该私有密钥对应的公开密钥,因此终端设备可以使用对应的公开密钥对前述固件文件进行解密,如果解密失败,则说明固件文件为非法的,已被篡改,在这种情况下,不再执行该固件文件的后续升级操作;如果解密成功,则根据解密得到的固件文件(即源固件文件)对终端设备进行固件升级。In the embodiment of the present specification, the downloaded firmware file is decrypted using the key carried in the firmware upgrade instruction to obtain the decrypted firmware file. Because the firmware file decrypted by using the key carried in the firmware upgrade instruction is still an encrypted firmware file, and is a firmware file encrypted with a private key, and the terminal device locally maintains the public key corresponding to the private key, The terminal device can use the corresponding public key to decrypt the aforementioned firmware file. If the decryption fails, it means that the firmware file is illegal and has been tampered with. In this case, the subsequent upgrade operation of the firmware file is no longer performed; if If the decryption is successful, the terminal device is firmware upgraded according to the decrypted firmware file (that is, the source firmware file).
在步骤310中,使用源固件文件对终端设备进行固件升级。In step 310, the terminal device is firmware upgraded using the source firmware file.
本说明书实施例中,可以将源固件文件写入终端设备的闪存中。在将源固件文件写入终端设备的闪存中后,可以立即重启终端设备以完成固件的升级;也可以设置预设时长后或到达预设时间点时,重启终端设备以完成固件的升级。In the embodiment of the present specification, the source firmware file may be written into the flash memory of the terminal device. After the source firmware file is written into the flash memory of the terminal device, the terminal device can be restarted immediately to complete the firmware upgrade; or the terminal device can be restarted to complete the firmware upgrade after a preset time period or when a preset time point is reached.
本说明书实施例中,可以对终端设备的闪存进行加密,以确保闪存中所存储数据的安全性。具体的,如果终端设备的闪存为加密的,则向闪存中写入数据时需要先对闪存进行解密,之后再写入数据;以及从闪存中读取数据时需要先对闪存进行解密,之 后再读取数据。In the embodiment of the present specification, the flash memory of the terminal device may be encrypted to ensure the security of the data stored in the flash memory. Specifically, if the flash memory of the terminal device is encrypted, when writing data to the flash memory, the flash memory needs to be decrypted first, and then the data is written; and when reading data from the flash memory, the flash memory needs to be decrypted first, and then Read the data.
本说明书实施例中,为了保证终端设备的启动装载BootLoader不被篡改,可以采用第四密钥对终端设备的BootLoader进行加密,并对加密后的BootLoader进行校验,得到第三校验值;将第三校验值存储至终端设备的闪存中,以便当终端设备再次启动时需要对BootLoader进行校验,只校验通过后才可以启动;在这种情况下,可以将第三密钥预先存储在BootLoader中,以确保第三密钥的安全性。其中,第四密钥可以为Security Boot开启后生成的一个256位的字符串,可以将该字符串作为AES密钥对BootLoader进行加密,可以将第三校验值存储在闪存0x0开始的位置。In the embodiment of the present specification, in order to ensure that the boot loader of the terminal device cannot be tampered with, the fourth key may be used to encrypt the boot loader of the terminal device, and the encrypted boot loader is verified to obtain a third check value; The third verification value is stored in the flash memory of the terminal device, so that when the terminal device is restarted, the BootLoader needs to be verified, and it can be started only after the verification is passed; in this case, the third key can be stored in advance In BootLoader, to ensure the security of the third key. The fourth key may be a 256-bit character string generated after Security Boot is turned on. The character string may be used as an AES key to encrypt the BootLoader, and the third check value may be stored at a position starting at 0x0 in the flash memory.
本说明书实施例中,终端设备可以向服务端上报状态信息,其中,状态信息包括下述至少一项:固件的版本信息和固件的安装进度信息,固件的版本信息用于确定终端设备是否需要进行固件升级,固件的安装进度信息用于服务端进行固件升级错误的定位。In the embodiment of the present specification, the terminal device may report status information to the server, where the status information includes at least one of the following: firmware version information and firmware installation progress information, and the firmware version information is used to determine whether the terminal device needs to perform Firmware upgrade, firmware installation progress information is used by the server to locate firmware upgrade errors.
由上述实施例可见,该实施例中,通过对开发人员开发出的新固件文件(即源固件文件)进行多次加密和校验,来确保固件升级过程中固件文件的内容不被破解和篡改,安全性较高。It can be seen from the above embodiment that in this embodiment, the new firmware file (that is, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure that the content of the firmware file is not cracked and tampered during the firmware upgrade process. , Higher security.
图4是本说明书的一个实施例的固件升级装置的结构示意图,该固件升级装置应用于服务端,在一种软件实施方式中,固件升级装置400,可以包括:获取模块401、加密模块402、第一校验模块403和发送模块404,其中,FIG. 4 is a schematic structural diagram of a firmware upgrade device according to an embodiment of the present specification. The firmware upgrade device is applied to a server. In a software implementation, the firmware upgrade device 400 may include an acquisition module 401, an encryption module 402, A first verification module 403 and a sending module 404, where:
获取模块401,用于获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;An obtaining module 401 is configured to obtain a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
加密模块402,用于采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;An encryption module 402, configured to encrypt the first firmware file by using a second key to obtain a second firmware file;
第一校验模块403,用于采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;A first verification module 403, configured to verify the second firmware file by using a preset verification algorithm to obtain a first verification value;
发送模块404,用于向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。A sending module 404 is configured to send a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the first Two keys and the first check value.
由上述实施例可见,该实施例中,通过对开发人员开发出的新固件文件(即源固件文件)进行多次加密和校验,来确保固件升级过程中固件文件的内容不被破解和篡 改,安全性较高。It can be seen from the above embodiment that in this embodiment, the new firmware file (that is, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure that the content of the firmware file is not cracked and tampered during the firmware upgrade process. , Higher security.
可选地,作为一个实施例,所述发送模块404,可以包括:Optionally, as an embodiment, the sending module 404 may include:
指令发送子模块,用于通过轻量级传输协议,向所述终端设备发送固件升级指令。An instruction sending submodule is configured to send a firmware upgrade instruction to the terminal device through a lightweight transmission protocol.
可选地,作为一个实施例,所述第二密钥包括:AES密钥。Optionally, as an embodiment, the second key includes an AES key.
可选地,作为一个实施例,所述预设校验算法包括:SHA256校验算法、SHA128校验算法或MD5校验算法。Optionally, as an embodiment, the preset verification algorithm includes: a SHA256 verification algorithm, a SHA128 verification algorithm, or an MD5 verification algorithm.
可选地,作为一个实施例,所述固件升级装置400,还可以包括:Optionally, as an embodiment, the firmware upgrading apparatus 400 may further include:
接收所述终端设备上报的状态信息,所述状态信息包括下述至少一项:固件的版本信息和固件的安装进度信息。Receiving status information reported by the terminal device, where the status information includes at least one of the following: firmware version information and firmware installation progress information.
图5是本说明书的另一个实施例的固件升级装置的结构示意图,该固件升级装置应用于终端设备,在一种软件实施方式中,固件升级装置500,可以包括:指令接收模块501、下载模块502、第二校验模块503、解密模块504和升级模块505,其中,5 is a schematic structural diagram of a firmware upgrade apparatus according to another embodiment of the present specification. The firmware upgrade apparatus is applied to a terminal device. In a software implementation, the firmware upgrade apparatus 500 may include an instruction receiving module 501 and a download module. 502, a second verification module 503, a decryption module 504, and an upgrade module 505, where:
指令接收模块501,用于接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;An instruction receiving module 501 is configured to receive a firmware upgrade instruction sent by a server, where the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value. The second firmware file is The second key is obtained by encrypting the first firmware file. The first firmware file is obtained by encrypting the source firmware file by using the first key. The first verification value is obtained by using a preset verification algorithm. Obtained by performing verification on the second firmware file, and the first key is a private key;
下载模块502,用于根据所述第二固件文件的下载地址,获取所述第二固件文件;A downloading module 502, configured to obtain the second firmware file according to the download address of the second firmware file;
第二校验模块503,用于采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;A second verification module 503, configured to verify the second firmware file by using the preset verification algorithm to obtain a second verification value;
解密模块504,用于在所述第二校验值与所述第一校验值匹配的情况下,采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;A decryption module 504, configured to decrypt the second firmware file by using the second key when the second verification value matches the first verification value to obtain the first firmware file. And decrypting the first firmware file by using a pre-stored third key to obtain the source firmware file, where the third key is a public key corresponding to the first key;
升级模块505,用于使用所述源固件文件对所述终端设备进行固件升级。An upgrade module 505 is configured to use the source firmware file to upgrade the firmware of the terminal device.
由上述实施例可见,该实施例中,通过对开发人员开发出的新固件文件(即源固件文件)进行多次加密和校验,来确保固件升级过程中固件文件的内容不被破解和篡 改,安全性较高。It can be seen from the above embodiment that in this embodiment, the new firmware file (that is, the source firmware file) developed by the developer is encrypted and verified multiple times to ensure that the content of the firmware file is not cracked and tampered during the firmware upgrade process. , Higher security.
可选地,作为一个实施例,所述下载模块502,可以包括:Optionally, as an embodiment, the download module 502 may include:
证书获取子模块,用于获取所述第二固件文件的下载地址对应的证书;A certificate obtaining submodule, configured to obtain a certificate corresponding to the download address of the second firmware file;
验证子模块,用于通过预先存储的合法下载地址的根证书对所获取的证书进行验证;A verification sub-module for verifying the obtained certificate through a pre-stored root certificate of a legal download address;
固件文件下载子模块,用于在验证通过的情况下,从所述第二固件文件的下载地址获取所述第二固件文件。The firmware file download sub-module is configured to obtain the second firmware file from a download address of the second firmware file if the verification succeeds.
可选地,作为一个实施例,所述固件升级装置500,还可以包括:Optionally, as an embodiment, the firmware upgrading apparatus 500 may further include:
加密子模块,用于采用第四密钥对所述终端设备的BootLoader进行加密,并对加密后的BootLoader进行校验,得到第三校验值;An encryption submodule, configured to use the fourth key to encrypt the BootLoader of the terminal device, and verify the encrypted BootLoader to obtain a third check value;
存储子模块,用于将所述第三校验值存储至所述终端设备的闪存中。A storage submodule, configured to store the third check value in a flash memory of the terminal device.
可选地,作为一个实施例,所述第三密钥预先存储在所述BootLoader中。Optionally, as an embodiment, the third key is stored in the BootLoader in advance.
可选地,作为一个实施例,所述升级模块505,可以包括:Optionally, as an embodiment, the upgrade module 505 may include:
升级子模块,用于将所述源固件文件写入所述终端设备的闪存中。An upgrade submodule is configured to write the source firmware file into a flash memory of the terminal device.
可选地,作为一个实施例,所述固件升级装置500,还可以包括:Optionally, as an embodiment, the firmware upgrading apparatus 500 may further include:
上报模块,用于向所述服务端上报状态信息,所述状态信息包括下述至少一项:固件的版本信息和固件的安装进度信息。The reporting module is configured to report status information to the server, the status information includes at least one of the following: firmware version information and firmware installation progress information.
图6是本说明书的一个实施例的电子设备的结构示意图,该电子设备可以为服务端,如图6所示,在硬件层面,该电子设备包括处理器,可选地还包括内部总线、网络接口、存储器。其中,存储器可能包含内存,例如高速随机存取存储器(Random-Access Memory,RAM),也可能还包括非易失性存储器(non-volatile memory),例如至少1个磁盘存储器等。当然,该电子设备还可能包括其他业务所需要的硬件。FIG. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present specification. The electronic device may be a server. As shown in FIG. 6, at the hardware level, the electronic device includes a processor, and optionally an internal bus and network Interface, memory. The memory may include a memory, such as a high-speed random access memory (Random-Access Memory, RAM), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory. Of course, the electronic device may also include hardware required for other services.
处理器、网络接口和存储器可以通过内部总线相互连接,该内部总线可以是ISA(Industry Standard Architecture,工业标准体系结构)总线、PCI(Peripheral Component Interconnect,外设部件互连标准)总线或EISA(Extended Industry Standard Architecture,扩展工业标准结构)总线等。所述总线可以分为地址总线、数据总线、控制总线等。为便于表示,图6中仅用一个双向箭头表示,但并不表示仅有一根总线或一种类型的总线。The processor, network interface and memory can be connected to each other through an internal bus, which can be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect) bus, or an EISA (Extended Industry Standard Architecture (Extended Industry Standard Architecture) bus and so on. The bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only a two-way arrow is used in FIG. 6, but it does not mean that there is only one bus or one type of bus.
存储器,用于存放程序。具体地,程序可以包括程序代码,所述程序代码包括计算机操作指令。存储器可以包括内存和非易失性存储器,并向处理器提供指令和数据。Memory for storing programs. Specifically, the program may include program code, where the program code includes a computer operation instruction. The memory may include memory and non-volatile memory, and provide instructions and data to the processor.
处理器从非易失性存储器中读取对应的计算机程序到内存中然后运行,在逻辑层面上形成固件升级装置。处理器,执行存储器所存放的程序,并具体用于执行以下操作:The processor reads the corresponding computer program from the non-volatile memory into the memory and then runs it to form a firmware upgrade device on a logical level. The processor executes a program stored in the memory, and is specifically used to perform the following operations:
获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;Obtaining a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;Encrypting the first firmware file by using a second key to obtain a second firmware file;
采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;Verifying the second firmware file by using a preset verification algorithm to obtain a first verification value;
向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。Sending a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the second key, and the First check value.
可选地,作为一个实施例,所述向所述终端设备发送固件升级指令,包括:Optionally, as an embodiment, the sending a firmware upgrade instruction to the terminal device includes:
通过轻量级传输协议,向所述终端设备发送固件升级指令。Sending a firmware upgrade instruction to the terminal device through a lightweight transmission protocol.
可选地,作为一个实施例,所述第二密钥包括:AES密钥。Optionally, as an embodiment, the second key includes an AES key.
可选地,作为一个实施例,所述预设校验算法包括:SHA256校验算法、SHA128校验算法或MD5校验算法。Optionally, as an embodiment, the preset verification algorithm includes: a SHA256 verification algorithm, a SHA128 verification algorithm, or an MD5 verification algorithm.
可选地,作为一个实施例,所述方法还包括:Optionally, as an embodiment, the method further includes:
接收所述终端设备上报的状态信息,所述状态信息包括下述至少一项:固件的版本信息和固件的安装进度信息。Receiving status information reported by the terminal device, where the status information includes at least one of the following: firmware version information and firmware installation progress information.
上述如本说明书图6所示实施例揭示的固件升级装置执行的方法可以应用于处理器中,或者由处理器实现。处理器可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述方法的各步骤可以通过处理器中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器可以是通用处理器,包括中央处理器(Central Processing Unit,CPU)、网络处理器(Network Processor,NP)等;还可以是数字信号处理器(Digital Signal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现场可编程门阵列(Field-Programmable Gate Array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。可以实现或者执行本说明书实施例中的公 开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。结合本说明书实施例所公开的方法的步骤可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器,处理器读取存储器中的信息,结合其硬件完成上述方法的步骤。The method performed by the firmware upgrading apparatus disclosed in the embodiment shown in FIG. 6 of the present specification may be applied to a processor, or implemented by a processor. The processor may be an integrated circuit chip with signal processing capabilities. In the implementation process, each step of the above method may be completed by an integrated logic circuit of hardware in a processor or an instruction in a form of software. The aforementioned processor may be a general-purpose processor, including a central processing unit (CPU), a network processor (NP), etc .; it may also be a digital signal processor (DSP), special integration Circuit (Application Specific Integrated Circuit, ASIC), Field Programmable Gate Array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components. Various methods, steps, and logical block diagrams disclosed in the embodiments of this specification can be implemented or executed. A general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in combination with the embodiments of the present specification may be directly embodied as being executed by a hardware decoding processor, or may be executed and completed by using a combination of hardware and software modules in the decoding processor. The software module may be located in a mature storage medium such as a random access memory, a flash memory, a read-only memory, a programmable read-only memory, or an electrically erasable programmable memory, a register, and the like. The storage medium is located in a memory, and the processor reads the information in the memory and completes the steps of the foregoing method in combination with its hardware.
该电子设备还可执行图2的方法,并实现固件升级装置在图2所示实施例的功能,本说明书实施例在此不再赘述。The electronic device can also execute the method in FIG. 2 and implement the functions of the firmware upgrade device in the embodiment shown in FIG. 2, which will not be described in detail in the embodiment of this specification.
图7是本说明书的另一个实施例的电子设备的结构示意图,该电子设备可以为终端设备,如图7所示,在硬件层面,该电子设备包括处理器,可选地还包括内部总线、网络接口、存储器。其中,存储器可能包含内存,例如高速随机存取存储器(Random-Access Memory,RAM),也可能还包括非易失性存储器(non-volatile memory),例如至少1个磁盘存储器等。当然,该电子设备还可能包括其他业务所需要的硬件。FIG. 7 is a schematic structural diagram of an electronic device according to another embodiment of the present specification. The electronic device may be a terminal device. As shown in FIG. 7, at the hardware level, the electronic device includes a processor, and optionally an internal bus, Network interface, storage. The memory may include a memory, such as a high-speed random access memory (Random-Access Memory, RAM), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory. Of course, the electronic device may also include hardware required for other services.
处理器、网络接口和存储器可以通过内部总线相互连接,该内部总线可以是ISA(Industry Standard Architecture,工业标准体系结构)总线、PCI(Peripheral Component Interconnect,外设部件互连标准)总线或EISA(Extended Industry Standard Architecture,扩展工业标准结构)总线等。所述总线可以分为地址总线、数据总线、控制总线等。为便于表示,图7中仅用一个双向箭头表示,但并不表示仅有一根总线或一种类型的总线。The processor, network interface and memory can be connected to each other through an internal bus, which can be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect) bus, or an EISA (Extended Industry Standard Architecture (Extended Industry Standard Architecture) bus and so on. The bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only a two-way arrow is used in FIG. 7, but it does not mean that there is only one bus or one type of bus.
存储器,用于存放程序。具体地,程序可以包括程序代码,所述程序代码包括计算机操作指令。存储器可以包括内存和非易失性存储器,并向处理器提供指令和数据。Memory for storing programs. Specifically, the program may include program code, where the program code includes a computer operation instruction. The memory may include memory and non-volatile memory, and provide instructions and data to the processor.
处理器从非易失性存储器中读取对应的计算机程序到内存中然后运行,在逻辑层面上形成固件升级装置。处理器,执行存储器所存放的程序,并具体用于执行以下操作:The processor reads the corresponding computer program from the non-volatile memory into the memory and then runs it to form a firmware upgrade device on a logical level. The processor executes a program stored in the memory, and is specifically used to perform the following operations:
接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;Receiving a firmware upgrade instruction sent by a server, where the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value; The firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file. The first key obtained by verification is a private key;
根据所述第二固件文件的下载地址,获取所述第二固件文件;Obtaining the second firmware file according to the download address of the second firmware file;
采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;Verifying the second firmware file by using the preset verification algorithm to obtain a second verification value;
如果所述第二校验值与所述第一校验值匹配,则采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;If the second check value matches the first check value, the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
使用所述源固件文件对所述终端设备进行固件升级。Use the source firmware file to perform firmware upgrade on the terminal device.
可选地,作为一个实施例,所述根据所述第二固件文件的下载地址,获取所述第二固件文件,包括:Optionally, as an embodiment, the obtaining the second firmware file according to the download address of the second firmware file includes:
获取所述第二固件文件的下载地址对应的证书;Obtaining a certificate corresponding to the download address of the second firmware file;
通过预先存储的合法下载地址的根证书对所获取的证书进行验证;Verify the obtained certificate through the pre-stored root certificate of the legal download address;
如果验证通过,则从所述第二固件文件的下载地址获取所述第二固件文件。If the verification is successful, obtain the second firmware file from the download address of the second firmware file.
可选地,作为一个实施例,所述方法还包括:Optionally, as an embodiment, the method further includes:
采用第四密钥对所述终端设备的BootLoader进行加密,并对加密后的BootLoader进行校验,得到第三校验值;Using a fourth key to encrypt the BootLoader of the terminal device, and verifying the encrypted BootLoader to obtain a third check value;
将所述第三校验值存储至所述终端设备的闪存中。Storing the third check value in a flash memory of the terminal device.
可选地,作为一个实施例,所述第三密钥预先存储在所述BootLoader中。Optionally, as an embodiment, the third key is stored in the BootLoader in advance.
可选地,作为一个实施例,所述使用所述源固件文件对所述终端设备进行固件升级,包括:Optionally, as an embodiment, the using the source firmware file to perform firmware upgrade on the terminal device includes:
将所述源固件文件写入所述终端设备的闪存中。Writing the source firmware file into a flash memory of the terminal device.
可选地,作为一个实施例,所述方法还包括:Optionally, as an embodiment, the method further includes:
向所述服务端上报状态信息,所述状态信息包括下述至少一项:固件的版本信息和固件的安装进度信息。Report status information to the server, where the status information includes at least one of the following: firmware version information and firmware installation progress information.
上述如本说明书图7所示实施例揭示的固件升级装置执行的方法可以应用于处理器中,或者由处理器实现。处理器可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述方法的各步骤可以通过处理器中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器可以是通用处理器,包括中央处理器(Central Processing Unit,CPU)、网络处理器(Network Processor,NP)等;还可以是数字信号处理器(Digital Signal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、 现场可编程门阵列(Field-Programmable Gate Array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。可以实现或者执行本说明书实施例中的公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。结合本说明书实施例所公开的方法的步骤可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器,处理器读取存储器中的信息,结合其硬件完成上述方法的步骤。The method performed by the firmware upgrading apparatus disclosed in the embodiment shown in FIG. 7 of the present specification may be applied to a processor, or implemented by a processor. The processor may be an integrated circuit chip with signal processing capabilities. In the implementation process, each step of the above method may be completed by an integrated logic circuit of hardware in a processor or an instruction in a form of software. The aforementioned processor may be a general-purpose processor, including a central processing unit (CPU), a network processor (NP), etc .; it may also be a digital signal processor (DSP), special integration Circuit (Application Specific Integrated Circuit, ASIC), Field Programmable Gate Array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components. Various methods, steps, and logical block diagrams disclosed in the embodiments of this specification may be implemented or executed. A general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in combination with the embodiments of the present specification may be directly embodied as being executed by a hardware decoding processor, or may be executed and completed by using a combination of hardware and software modules in the decoding processor. The software module may be located in a mature storage medium such as a random access memory, a flash memory, a read-only memory, a programmable read-only memory, or an electrically erasable programmable memory, a register, and the like. The storage medium is located in a memory, and the processor reads the information in the memory and completes the steps of the foregoing method in combination with its hardware.
该电子设备还可执行图3的方法,并实现固件升级装置在图3所示实施例的功能,本说明书实施例在此不再赘述。The electronic device can also execute the method in FIG. 3 and implement the functions of the firmware upgrade device in the embodiment shown in FIG.
本说明书实施例还提供了一种计算机可读存储介质,该计算机可读存储介质存储一个或多个程序,该一个或多个程序包括指令,该指令当被包括多个应用程序的便携式电子设备执行时,能够使该便携式电子设备执行图2所示实施例的方法,并具体用于执行以下方法:An embodiment of the present specification also provides a computer-readable storage medium, where the computer-readable storage medium stores one or more programs, the one or more programs include instructions, and the instructions should be portable electronic devices that include multiple application programs When executed, the portable electronic device can be caused to execute the method in the embodiment shown in FIG. 2, and is specifically configured to execute the following method:
获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;Obtaining a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;Encrypting the first firmware file by using a second key to obtain a second firmware file;
采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;Verifying the second firmware file by using a preset verification algorithm to obtain a first verification value;
向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。Sending a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the second key, and the First check value.
本说明书实施例还提供了一种计算机可读存储介质,该计算机可读存储介质存储一个或多个程序,该一个或多个程序包括指令,该指令当被包括多个应用程序的便携式电子设备执行时,能够使该便携式电子设备执行图3所示实施例的方法,并具体用于执行以下方法:An embodiment of the present specification also provides a computer-readable storage medium, where the computer-readable storage medium stores one or more programs, the one or more programs include instructions, and the instructions should be portable electronic devices that include multiple application programs When executed, the portable electronic device can be caused to execute the method in the embodiment shown in FIG. 3, and is specifically configured to execute the following method:
接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为 私有密钥;Receiving a firmware upgrade instruction sent by a server, the firmware upgrade instruction carrying a download address of a second firmware file, a second key, and a first check value, where the second firmware file uses a second key to pair the first The firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file. The first key obtained by verification is a private key;
根据所述第二固件文件的下载地址,获取所述第二固件文件;Obtaining the second firmware file according to the download address of the second firmware file;
采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;Verifying the second firmware file by using the preset verification algorithm to obtain a second verification value;
如果所述第二校验值与所述第一校验值匹配,则采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;If the second check value matches the first check value, the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
使用所述源固件文件对所述终端设备进行固件升级。Use the source firmware file to perform firmware upgrade on the terminal device.
总之,以上所述仅为本说明书的较佳实施例而已,并非用于限定本说明书的保护范围。凡在本说明书的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本说明书的保护范围之内。In short, the above descriptions are merely preferred embodiments of the present specification, and are not intended to limit the protection scope of the present specification. Any modification, equivalent replacement, or improvement made within the spirit and principle of this specification shall be included in the protection scope of this specification.
上述实施例阐明的系统、装置、模块或单元,具体可以由计算机芯片或实体实现,或者由具有某种功能的产品来实现。一种典型的实现设备为计算机。具体的,计算机例如可以为个人计算机、膝上型计算机、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件设备、游戏控制台、平板计算机、可穿戴设备或者这些设备中的任何设备的组合。The system, device, module, or unit described in the foregoing embodiments may be specifically implemented by a computer chip or entity, or a product with a certain function. A typical implementation device is a computer. Specifically, the computer may be, for example, a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or A combination of any of these devices.
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带磁磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。Computer-readable media includes both permanent and non-persistent, removable and non-removable media. Information can be stored by any method or technology. Information may be computer-readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), and read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, read-only disc read-only memory (CD-ROM), digital versatile disc (DVD) or other optical storage, Magnetic tape cartridges, magnetic tape magnetic disk storage or other magnetic storage devices or any other non-transmission media may be used to store information that can be accessed by computing devices. As defined herein, computer-readable media does not include temporary computer-readable media, such as modulated data signals and carrier waves.
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。It should also be noted that the terms "including," "including," or any other variation thereof are intended to encompass non-exclusive inclusion, so that a process, method, product, or device that includes a range of elements includes not only those elements, but also Other elements not explicitly listed, or those that are inherent to such a process, method, product, or device. Without more restrictions, the elements defined by the sentence "including a ..." do not exclude the existence of other identical elements in the process, method, product or equipment including the elements.
本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于系统实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。Each embodiment in this specification is described in a progressive manner, and the same or similar parts between the various embodiments can be referred to each other. Each embodiment focuses on the differences from other embodiments. In particular, for the system embodiment, since it is basically similar to the method embodiment, the description is relatively simple. For the relevant part, refer to the description of the method embodiment.

Claims (17)

  1. 一种固件升级方法,应用于服务端,所述方法包括:A firmware upgrade method applied to a server, the method includes:
    获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;Obtaining a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
    采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;Encrypting the first firmware file by using a second key to obtain a second firmware file;
    采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;Verifying the second firmware file by using a preset verification algorithm to obtain a first verification value;
    向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。Sending a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the second key, and the First check value.
  2. 根据权利要求1所述的方法,所述向所述终端设备发送固件升级指令,包括:The method according to claim 1, wherein the sending a firmware upgrade instruction to the terminal device comprises:
    通过轻量级传输协议,向所述终端设备发送固件升级指令。Sending a firmware upgrade instruction to the terminal device through a lightweight transmission protocol.
  3. 根据权利要求1所述的方法,所述第二密钥包括:AES密钥。The method according to claim 1, the second key comprises: an AES key.
  4. 根据权利要求1所述的方法,所述预设校验算法包括:SHA256校验算法、SHA128校验算法或MD5校验算法。The method according to claim 1, wherein the preset verification algorithm comprises: a SHA256 verification algorithm, a SHA128 verification algorithm, or an MD5 verification algorithm.
  5. 根据权利要求1所述的方法,所述方法还包括:The method according to claim 1, further comprising:
    接收所述终端设备上报的状态信息,所述状态信息包括下述至少一项:固件的版本信息和固件的安装进度信息。Receiving status information reported by the terminal device, where the status information includes at least one of the following: firmware version information and firmware installation progress information.
  6. 一种固件升级方法,应用于终端设备,所述方法包括:A firmware upgrade method applied to a terminal device, the method includes:
    接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;Receiving a firmware upgrade instruction sent by a server, where the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value; The firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file. The first key obtained by verification is a private key;
    根据所述第二固件文件的下载地址,获取所述第二固件文件;Obtaining the second firmware file according to the download address of the second firmware file;
    采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;Verifying the second firmware file by using the preset verification algorithm to obtain a second verification value;
    如果所述第二校验值与所述第一校验值匹配,则采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;If the second check value matches the first check value, the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
    使用所述源固件文件对所述终端设备进行固件升级。Use the source firmware file to perform firmware upgrade on the terminal device.
  7. 根据权利要求6所述的方法,所述根据所述第二固件文件的下载地址,获取所述第二固件文件,包括:The method according to claim 6, wherein the obtaining the second firmware file according to a download address of the second firmware file comprises:
    获取所述第二固件文件的下载地址对应的证书;Obtaining a certificate corresponding to the download address of the second firmware file;
    通过预先存储的合法下载地址的根证书对所获取的证书进行验证;Verify the obtained certificate through the pre-stored root certificate of the legal download address;
    如果验证通过,则从所述第二固件文件的下载地址获取所述第二固件文件。If the verification is successful, obtain the second firmware file from the download address of the second firmware file.
  8. 根据权利要求6所述的方法,所述方法还包括:The method according to claim 6, further comprising:
    采用第四密钥对所述终端设备的启动装载BootLoader进行加密,并对加密后的BootLoader进行校验,得到第三校验值;Using a fourth key to encrypt the boot loader BootLoader of the terminal device, and verify the encrypted BootLoader to obtain a third check value;
    将所述第三校验值存储至所述终端设备的闪存中。Storing the third check value in a flash memory of the terminal device.
  9. 根据权利要求8所述方法,所述第三密钥预先存储在所述BootLoader中。The method according to claim 8, wherein the third key is stored in the BootLoader in advance.
  10. 根据权利要求6所述的方法,所述使用所述源固件文件对所述终端设备进行固件升级,包括:The method according to claim 6, wherein the using the source firmware file to upgrade the terminal device firmware comprises:
    将所述源固件文件写入所述终端设备的闪存中。Writing the source firmware file into a flash memory of the terminal device.
  11. 根据权利要求6所述的方法,所述方法还包括:The method according to claim 6, further comprising:
    向所述服务端上报状态信息,所述状态信息包括下述至少一项:固件的版本信息和固件的安装进度信息。Report status information to the server, where the status information includes at least one of the following: firmware version information and firmware installation progress information.
  12. 一种固件升级装置,应用于服务端,所述装置包括:A firmware upgrade device applied to a server, the device includes:
    获取模块,用于获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;An obtaining module, configured to obtain a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
    加密模块,用于采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;An encryption module, configured to encrypt the first firmware file by using a second key to obtain a second firmware file;
    第一校验模块,用于采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;A first verification module, configured to verify the second firmware file by using a preset verification algorithm to obtain a first verification value;
    发送模块,用于向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。A sending module is configured to send a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file and the second The key and the first check value.
  13. 一种固件升级装置,应用于终端设备,所述装置包括:A firmware upgrade device applied to a terminal device, the device includes:
    指令接收模块,用于接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;An instruction receiving module is configured to receive a firmware upgrade instruction sent by a server. The firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value. The second firmware file uses the first firmware file. The two keys are obtained by encrypting the first firmware file. The first firmware file is obtained by encrypting the source firmware file by using the first key. The first verification value is obtained by using a preset verification algorithm. The second firmware file is obtained through verification, and the first key is a private key;
    下载模块,用于根据所述第二固件文件的下载地址,获取所述第二固件文件;A downloading module, configured to obtain the second firmware file according to the download address of the second firmware file;
    第二校验模块,用于采用所述预设校验算法对所述第二固件文件进行校验,得到第 二校验值;A second verification module, configured to verify the second firmware file by using the preset verification algorithm to obtain a second verification value;
    解密模块,用于在所述第二校验值与所述第一校验值匹配的情况下,采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;A decryption module, configured to decrypt the second firmware file by using the second key when the second check value matches the first check value to obtain the first firmware file, And decrypting the first firmware file by using a pre-stored third key to obtain the source firmware file, where the third key is a public key corresponding to the first key;
    升级模块,用于使用所述源固件文件对所述终端设备进行固件升级。An upgrade module is configured to use the source firmware file to upgrade the firmware of the terminal device.
  14. 一种电子设备,包括:An electronic device includes:
    处理器;以及Processor; and
    被安排成存储计算机可执行指令的存储器,所述可执行指令在被执行时使所述处理器执行以下操作:A memory arranged to store computer-executable instructions that, when executed, cause the processor to perform the following operations:
    获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;Obtaining a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
    采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;Encrypting the first firmware file by using a second key to obtain a second firmware file;
    采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;Verifying the second firmware file by using a preset verification algorithm to obtain a first verification value;
    向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。Sending a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the second key, and the First check value.
  15. 一种电子设备,包括:An electronic device includes:
    处理器;以及Processor; and
    被安排成存储计算机可执行指令的存储器,所述可执行指令在被执行时使所述处理器执行以下操作:A memory arranged to store computer-executable instructions that, when executed, cause the processor to perform the following operations:
    接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;Receiving a firmware upgrade instruction sent by a server, where the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value; The firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file. The first key obtained by verification is a private key;
    根据所述第二固件文件的下载地址,获取所述第二固件文件;Obtaining the second firmware file according to the download address of the second firmware file;
    采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;Verifying the second firmware file by using the preset verification algorithm to obtain a second verification value;
    如果所述第二校验值与所述第一校验值匹配,则采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;If the second check value matches the first check value, the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
    使用所述源固件文件对所述终端设备进行固件升级。Use the source firmware file to perform firmware upgrade on the terminal device.
  16. 一种计算机存储介质,所述计算机可读存储介质存储一个或多个程序,所述一个或多个程序当被包括多个应用程序的电子设备执行时,使得所述电子设备执行以下操作:A computer storage medium stores one or more programs, and the one or more programs, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform the following operations:
    获取第一固件文件,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一密钥为私有密钥;Obtaining a first firmware file, where the first firmware file is obtained by encrypting a source firmware file with a first key, and the first key is a private key;
    采用第二密钥对所述第一固件文件进行加密,得到第二固件文件;Encrypting the first firmware file by using a second key to obtain a second firmware file;
    采用预设校验算法对所述第二固件文件进行校验,得到第一校验值;Verifying the second firmware file by using a preset verification algorithm to obtain a first verification value;
    向终端设备发送固件升级指令,所述固件升级指令用于指示所述终端设备进行固件升级,所述固件升级指令中携带所述第二固件文件的下载地址、所述第二密钥和所述第一校验值。Sending a firmware upgrade instruction to a terminal device, where the firmware upgrade instruction is used to instruct the terminal device to perform a firmware upgrade, and the firmware upgrade instruction carries a download address of the second firmware file, the second key, and the First check value.
  17. 一种计算机存储介质,所述计算机可读存储介质存储一个或多个程序,所述一个或多个程序当被包括多个应用程序的电子设备执行时,使得所述电子设备执行以下操作:A computer storage medium stores one or more programs, and the one or more programs, when executed by an electronic device including a plurality of application programs, cause the electronic device to perform the following operations:
    接收服务端发送的固件升级指令,所述固件升级指令中携带第二固件文件的下载地址、第二密钥和第一校验值,所述第二固件文件是采用第二密钥对第一固件文件进行加密得到的,所述第一固件文件是采用第一密钥对源固件文件进行加密得到的,所述第一校验值是采用预设校验算法对所述第二固件文件进行校验得到的,所述第一密钥为私有密钥;Receiving a firmware upgrade instruction sent by a server, where the firmware upgrade instruction carries a download address of a second firmware file, a second key, and a first check value; The firmware file is encrypted, the first firmware file is obtained by encrypting the source firmware file with a first key, and the first check value is obtained by performing a preset verification algorithm on the second firmware file. The first key obtained by verification is a private key;
    根据所述第二固件文件的下载地址,获取所述第二固件文件;Obtaining the second firmware file according to the download address of the second firmware file;
    采用所述预设校验算法对所述第二固件文件进行校验,得到第二校验值;Verifying the second firmware file by using the preset verification algorithm to obtain a second verification value;
    如果所述第二校验值与所述第一校验值匹配,则采用所述第二密钥对所述第二固件文件进行解密得到所述第一固件文件,以及采用预先存储的第三密钥对所述第一固件文件进行解密得到所述源固件文件,所述第三密钥为所述第一密钥对应的公开密钥;If the second check value matches the first check value, the second firmware file is decrypted by using the second key to obtain the first firmware file, and a pre-stored third firmware file is used. Decrypt the first firmware file with a key to obtain the source firmware file, and the third key is a public key corresponding to the first key;
    使用所述源固件文件对所述终端设备进行固件升级。Use the source firmware file to perform firmware upgrade on the terminal device.
PCT/CN2019/095580 2018-08-27 2019-07-11 Firmware upgrade method and device WO2020042778A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810981834.3 2018-08-27
CN201810981834.3A CN109214168B (en) 2018-08-27 2018-08-27 Firmware upgrading method and device

Publications (1)

Publication Number Publication Date
WO2020042778A1 true WO2020042778A1 (en) 2020-03-05

Family

ID=64989729

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/095580 WO2020042778A1 (en) 2018-08-27 2019-07-11 Firmware upgrade method and device

Country Status (3)

Country Link
CN (2) CN111832013A (en)
TW (1) TWI709056B (en)
WO (1) WO2020042778A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11372977B2 (en) * 2018-11-12 2022-06-28 Thirdwayv, Inc. Secure over-the-air firmware upgrade

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111832013A (en) * 2018-08-27 2020-10-27 创新先进技术有限公司 Firmware upgrading method and device
JP7334492B2 (en) * 2019-01-28 2023-08-29 オムロン株式会社 Safety system and maintenance method
CN111819540A (en) * 2019-02-02 2020-10-23 深圳市大疆创新科技有限公司 Firmware upgrading method, radar system, terminal equipment and firmware upgrading system
WO2020211016A1 (en) * 2019-04-17 2020-10-22 华为技术有限公司 Device upgrade method and related device
CN110333882B (en) * 2019-05-09 2023-03-14 阿波罗智联(北京)科技有限公司 System upgrading method, device, equipment and computer readable medium
CN110311773B (en) * 2019-06-28 2022-05-17 兆讯恒达科技股份有限公司 Method for preventing injection type attack of advanced encryption standard coprocessor
CN110417871A (en) * 2019-07-05 2019-11-05 青岛海信智慧家居系统股份有限公司 A kind of smart machine upgrade method
CN110377307A (en) * 2019-07-18 2019-10-25 上海擎感智能科技有限公司 A kind of car body controller firmware upgrade method, terminal, system
CN110928564B (en) * 2019-11-11 2020-10-09 中科有讯(北京)科技有限公司 Method for safely updating application, service server, cluster and storage medium
CN111142902B (en) * 2019-12-21 2023-05-16 广州小鹏汽车科技有限公司 Method and device for protecting upgrading firmware of processor and vehicle
CN111159717A (en) * 2019-12-25 2020-05-15 合肥联宝信息技术有限公司 Starting method and device for electronic equipment
CN111176696B (en) * 2019-12-31 2023-10-27 泰斗微电子科技有限公司 Memory chip upgrading method and device, terminal equipment and medium
CN111382397B (en) * 2020-02-26 2023-03-24 浙江大华技术股份有限公司 Configuration method of upgrade software package, software upgrade method, equipment and storage device
CN111596938A (en) * 2020-05-15 2020-08-28 青岛海米飞驰智能科技有限公司 Embedded equipment firmware safety upgrading method, system, terminal and storage medium
US20220012046A1 (en) * 2020-07-10 2022-01-13 Generalplus Technology Inc. Os-independent peripheral plug-and-play and driver update method for embedded systems and firmware data transmission method for embedded system platform
CN112416716A (en) * 2020-11-25 2021-02-26 宁波阶梯教育科技有限公司 Automatic firmware checking method and equipment
CN112612499A (en) * 2020-12-31 2021-04-06 京东数科海益信息科技有限公司 Application program upgrading method and device, electronic equipment and storage medium
CN113365244A (en) * 2021-05-10 2021-09-07 中国汽车技术研究中心有限公司 OTA (over the air) upgrading method and device for whole vehicle, electronic equipment, medium and signature method
CN113515747B (en) * 2021-05-17 2024-02-09 深圳市友华通信技术有限公司 Equipment upgrading method, device, equipment and storage medium
CN113626792B (en) * 2021-07-09 2023-07-14 苏州浪潮智能科技有限公司 PCIe Switch firmware secure execution method, device, terminal and storage medium
CN113721965B (en) * 2021-08-02 2024-05-03 国创移动能源创新中心(江苏)有限公司 Upgrading method of charging pile based on safety firmware
CN114143198B (en) * 2021-11-30 2023-06-13 四川启睿克科技有限公司 Firmware upgrading method
TWI815263B (en) * 2021-12-28 2023-09-11 尚承科技股份有限公司 Processing system and method for online firmware update
TWI797932B (en) * 2021-12-30 2023-04-01 新唐科技股份有限公司 Firmware verification system and firmware verification method
CN114928551B (en) * 2022-04-30 2024-03-12 苏州浪潮智能科技有限公司 System configuration method, device and storage medium
CN115374488B (en) * 2022-10-25 2023-03-24 广州万协通信息技术有限公司 Vehicle-mounted terminal program checking method and device
CN117609965B (en) * 2024-01-19 2024-06-25 深圳前海深蕾半导体有限公司 Upgrade data packet acquisition method of intelligent device, intelligent device and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090150681A1 (en) * 2007-12-07 2009-06-11 Atmel Corporation Secure Software Download
CN101924607A (en) * 2010-08-27 2010-12-22 华为终端有限公司 Firmware processing method based on firmware air transmission technology, device and system thereof
CN103679004A (en) * 2012-09-19 2014-03-26 Nxp股份有限公司 Method and system for securely updating firmware in a computing device
CN107688463A (en) * 2017-09-21 2018-02-13 杭州全维技术股份有限公司 A kind of method of embedded device version file packing
CN109214168A (en) * 2018-08-27 2019-01-15 阿里巴巴集团控股有限公司 Firmware upgrade method and device

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8181020B2 (en) * 2005-02-02 2012-05-15 Insyde Software Corp. System and method for securely storing firmware
CN101436141B (en) * 2008-11-21 2012-07-18 深圳创维数字技术股份有限公司 Firmware upgrading and encapsulating method and device based on digital signing
CN102955700A (en) * 2011-08-18 2013-03-06 腾讯科技(深圳)有限公司 System and method for upgrading software
KR101286711B1 (en) * 2013-03-28 2013-07-16 주식회사 이스턴웨어 System and method for preventing malicious codes of mobile terminal
US9965270B2 (en) * 2015-07-01 2018-05-08 Quanta Computer Inc. Updating computer firmware
CN105812570B (en) * 2016-04-21 2019-05-03 深圳市旭子科技有限公司 Terminal firmware update method and device
CN106203071A (en) * 2016-06-30 2016-12-07 浪潮(北京)电子信息产业有限公司 A kind of firmware upgrade method and device
CN108121915A (en) * 2016-11-30 2018-06-05 北京忆芯科技有限公司 The method of electronic equipment production, the method and system started
CN108196867A (en) * 2018-03-08 2018-06-22 深圳市文鼎创数据科技有限公司 Device for upgrading firmware, equipment and its firmware upgrade method of equipment
CN108418893A (en) * 2018-03-20 2018-08-17 深圳市闪联信息技术有限公司 A kind of method of smart machine firmware safety upgrade

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090150681A1 (en) * 2007-12-07 2009-06-11 Atmel Corporation Secure Software Download
CN101924607A (en) * 2010-08-27 2010-12-22 华为终端有限公司 Firmware processing method based on firmware air transmission technology, device and system thereof
CN103679004A (en) * 2012-09-19 2014-03-26 Nxp股份有限公司 Method and system for securely updating firmware in a computing device
CN107688463A (en) * 2017-09-21 2018-02-13 杭州全维技术股份有限公司 A kind of method of embedded device version file packing
CN109214168A (en) * 2018-08-27 2019-01-15 阿里巴巴集团控股有限公司 Firmware upgrade method and device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11372977B2 (en) * 2018-11-12 2022-06-28 Thirdwayv, Inc. Secure over-the-air firmware upgrade

Also Published As

Publication number Publication date
CN111832013A (en) 2020-10-27
TW202009778A (en) 2020-03-01
TWI709056B (en) 2020-11-01
CN109214168A (en) 2019-01-15
CN109214168B (en) 2020-08-18

Similar Documents

Publication Publication Date Title
TWI709056B (en) Firmware upgrade method and device
US10721080B2 (en) Key-attestation-contingent certificate issuance
CN109313690B (en) Self-contained encrypted boot policy verification
US8560820B2 (en) Single security model in booting a computing device
US8560823B1 (en) Trusted modular firmware update using digital certificate
CN110287654B (en) Media client device authentication using hardware trust root
RU2601862C2 (en) Method, unit and device for processing encryption and decryption
US20090259855A1 (en) Code Image Personalization For A Computing Device
JP6371919B2 (en) Secure software authentication and verification
JP6073320B2 (en) Authority-dependent platform secret to digitally sign
CN104462965A (en) Method for verifying integrity of application program and network device
CN111201553B (en) Safety element and related equipment
WO2017045627A1 (en) Control board secure start method, and software package upgrade method and device
CN108710500A (en) Resource issuing method, update method and device
KR20170089352A (en) Firmware integrity verification for performing the virtualization system
CN114499892B (en) Firmware starting method and device, computer equipment and readable storage medium
JP6199712B2 (en) Communication terminal device, communication terminal association method, and computer program
US9948632B2 (en) Sharing data between sandboxed applications with certificates
CN112115430A (en) Apk reinforcement method, electronic equipment and storage medium
CN116680687A (en) Data processing method, device, equipment and storage medium
JP7230598B2 (en) Information processing device, decryption method for encrypted data, and electronic device
US11784978B2 (en) Method for establishing remote work environment to ensure security of remote work user terminal and apparatus using the same
CN116578315A (en) Method and device for safely brushing vehicle ECU
CN115437673A (en) Vehicle-mounted MCU (microprogrammed control Unit) upgrading method, vehicle-mounted MCU upgrading system and server group

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19854138

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19854138

Country of ref document: EP

Kind code of ref document: A1