WO2020173332A1 - Trusted execution environment-based application activation method and apparatus - Google Patents

Trusted execution environment-based application activation method and apparatus Download PDF

Info

Publication number
WO2020173332A1
WO2020173332A1 PCT/CN2020/075688 CN2020075688W WO2020173332A1 WO 2020173332 A1 WO2020173332 A1 WO 2020173332A1 CN 2020075688 W CN2020075688 W CN 2020075688W WO 2020173332 A1 WO2020173332 A1 WO 2020173332A1
Authority
WO
WIPO (PCT)
Prior art keywords
trusted
activation
terminal device
key
code
Prior art date
Application number
PCT/CN2020/075688
Other languages
French (fr)
Chinese (zh)
Inventor
黄腾
成亮
李海东
Original Assignee
阿里巴巴集团控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 阿里巴巴集团控股有限公司 filed Critical 阿里巴巴集团控股有限公司
Publication of WO2020173332A1 publication Critical patent/WO2020173332A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Definitions

  • the present invention relates to the technical field of application security, and in particular to an application activation method and device based on a trusted execution environment. Background technique
  • the registration code file is not encrypted and stored in the device, so that it can be copied to other devices in plain text, and the software installed on other devices can be illegally cracked.
  • the content of the registration code file may be tampered with by users to illegally extend the number of uses or validity period of the software.
  • the registration code file is not bound to the device, so that the registration code file can be used in different devices, and the software installed on other devices is illegally cracked.
  • the present invention provides an application activation method and device based on a trusted execution environment to try to solve or at least alleviate the above problems.
  • a method for activating a trusted execution environment where the trusted execution environment is deployed in a terminal device, and the method includes: receiving a terminal device identifier sent by the terminal device; A trusted identity identifier and a trusted key corresponding to the terminal device identifier, and an activation code is generated according to the terminal device identifier; the trusted identity identifier, the trusted key, and the activation code are encrypted to generate activation information; The activation information is sent to the terminal device, so that the terminal device: decrypts the activation information to obtain a trusted identity, a trusted key, and an activation code, and transmits the trusted identity to the trusted The key and activation code are encrypted and stored in a secure storage space.
  • an activation verification method of a trusted execution environment which is executed in a trusted execution environment of a terminal device, and the method includes: obtaining a trusted identity, a trusted key, and a trusted The activation code of the execution environment, where the activation code includes use authority information and verification information of the trusted execution environment, and the verification information includes using the trusted key to pair the trusted identity, use authority information, and terminal
  • the ciphertext generated by encrypting the device identification; obtaining the terminal device identification, and encrypting the trusted identity, usage authority information, and terminal device identification with a trusted key to generate a first ciphertext; if the first ciphertext is If the text is consistent with the verification information, and the current use environment of the terminal device matches the use authority information, the trusted execution environment is activated successfully.
  • a terminal device wherein a trusted execution environment is deployed on the terminal device, the trusted execution environment includes an activation management application, and the activation management application is adapted to execute the above A trusted execution environment activation method, a trusted execution environment activation verification method, a trusted execution environment-based application activation method, and a trusted execution environment-based application activation verification method.
  • a server including: at least one processor; and a memory storing program instructions, wherein the program instructions are configured to be executed by the at least one processor, so
  • the program instructions include instructions for executing the trusted execution environment activation method and the application activation method based on the trusted execution environment as described above.
  • an application activation system based on a trusted execution environment including: the terminal device as described above; and the server as described above.
  • the invention provides an application activation scheme based on a trusted execution environment.
  • the trusted execution environment is an independent and trusted environment with an isolated hardware environment and an independent operating system, which can be used to store, process, and protect sensitive data.
  • the trusted execution environment in the terminal device is activated.
  • the trusted execution environment can provide trusted application activation to other applications of the terminal device.
  • the verification service to ensure the safety of other applications.
  • the activation code of the trusted execution environment and the registration code of the application are encrypted and stored in the secure storage space through the trusted execution environment.
  • the data in the secure storage space can only be read by the activation management application in the trusted execution environment, which ensures that Will not be illegally obtained and tampered with.
  • the server In the process of activating the trusted execution environment, the server generates the trusted identity and the trusted key of the terminal device. Subsequently, the trusted key is applied to the encrypted transmission process of the activation code of the trusted execution environment and the registration code of the application.
  • the trusted key is transmitted only once between the terminal device and the server, that is, during and only during the process of activating the trusted execution environment, the server encrypts the generated trusted key and transmits it to the terminal device.
  • the trusted key In the process of activating the application by the trusted execution environment, the trusted key is no longer transmitted. Therefore, the trusted key is only stored in the terminal device and the server. Even if other devices monitor the registration information transmitted between the terminal device and the server, since the trusted key cannot be obtained, it cannot decrypt the registration information.
  • the registration code is obtained, thereby further improving the transmission security of the application registration code.
  • Both the activation code of the trusted execution environment and the registration code of the application are embedded with the trusted identity of the terminal device, thereby ensuring the uniqueness and non-copyability of the activation code and registration code of each terminal device. If the activation code and registration code are maliciously tampered with, the activation verification of the trusted execution environment of the terminal device and the application will fail. In addition, even if the activation code and registration code are copied to other terminal devices, they cannot be used to activate the trusted execution environment or applications of other terminal devices.
  • Fig. 1 shows a schematic diagram of a trusted execution environment activation system 100 according to an embodiment of the present invention
  • Fig. 2 shows a schematic diagram of an application activation system 200 based on a trusted execution environment according to an embodiment of the present invention
  • FIG. 3 shows a flowchart of a method 300 (terminal device side) for activating a trusted execution environment according to an embodiment of the present invention
  • Fig. 9 shows a schematic diagram of an application activation process based on a trusted execution environment according to an embodiment of the present invention
  • Fig. 10 shows an application activation method 1000 based on a trusted execution environment according to an embodiment of the present invention (server side ) Flow chart;
  • FIG. 11 shows a method 1100 for verifying application activation based on a trusted execution environment according to an embodiment of the present invention Flow chart of;
  • Fig. 12 shows a schematic diagram of an application activation verification process based on a trusted execution environment according to an embodiment of the present invention. detailed description
  • the invention provides an application activation scheme based on a trusted execution environment.
  • the trusted execution environment in the terminal device is activated.
  • the trusted execution environment can provide trusted application activation to other applications of the terminal device. And activate the verification service to ensure the safety of other applications.
  • Fig. 1 shows a schematic diagram of a trusted execution environment activation system 100 according to an embodiment of the present invention.
  • the system 100 includes a terminal device 110 and a server 120.
  • the system 100 shown in FIG. 1 only includes one terminal device 110 and one server 120, those skilled in the art will understand that in practice, the system 100 may include any number of terminal devices 110 and server 120.
  • the present invention does not limit the number of terminal devices 110 and server 120 included in the system 100.
  • the terminal device 110 may be specifically implemented as any device, such as a mobile phone, a tablet computer, a smart wearable device, a smart home appliance, a car machine, a drone, etc., but is not limited thereto.
  • a trusted execution environment (TEE for short) and a rich execution environment (REE for short) are deployed in the terminal device 110.
  • the trusted execution environment and the rich execution environment have mutually isolated hardware and independent operating systems to meet the operating requirements of applications with different security levels.
  • the hardware isolation between the trusted execution environment and the rich execution environment can be realized by, for example, the security extension technology of ARM TrustZone or C-SKY, but is not limited to this.
  • Trusted applications cannot directly communicate with external parties (such as servers, other terminal devices, users, etc.), and It is necessary to use the common application in the rich execution environment as a communication relay, that is, the trusted application in the trusted execution environment communicates with the outside via the common application in the rich execution environment.
  • the server 120 may be any device that is used to provide a trusted execution environment online activation service to the terminal device 110, such as a physical server, or a computing instance deployed in the physical server, but is not limited to this.
  • the server 120 is used to provide the terminal device 110 with an online activation service of a trusted execution environment. After the trusted execution environment is activated, the terminal device 110 can use the trusted execution environment to process and protect sensitive data.
  • the trusted execution environment includes an activation management application 112, and the activation management application 112 communicates with the server 120 via an interface application 113 deployed in the rich execution environment, and is used to activate the trusted execution environment.
  • the activation management application 112 reads the terminal device identification, and sends the terminal device identification to the server 120 via the interface application 113.
  • the server 120 generates an activation code according to the terminal device identifier, generates a trusted identity identifier and a trusted key of the terminal device, and stores the trusted identity identifier and trusted key in association with the terminal device identifier.
  • the trusted identity identifier is a character string that can represent the uniqueness of the device.
  • the trusted key is a character string derived through a specific algorithm according to a trusted identity, and is used to encrypt key information related to the terminal device 110.
  • the server 120 encrypts the trusted identity, the trusted key, and the activation code to generate activation information, and sends the activation information to the activation management application 112 via the interface application 113.
  • the activation management application 112 decrypts the activation information to obtain the trusted identity, the trusted key, and the activation code, and then encrypts and stores the trusted identity, the trusted key, and the activation code in the secure storage space 111.
  • Common applications in the rich execution environment can call trusted applications in the trusted execution environment.
  • the called trusted application will further call the activation management application 112 to trigger the activation verification of the trusted execution environment.
  • the activation management application 112 reads the trusted identity, the trusted key, and the activation code from the secure storage space 111, and verifies whether the trusted execution environment is successfully activated according to the trusted identity, the trusted key, and the activation code. Then, The verification result is returned to the trusted application called by the ordinary application. If the verification activation is successful, the called trusted application executes the call of the normal application, and returns the call result to the normal application.
  • the first common application 114 in the rich execution environment is a shopping application
  • the first trusted application 115 is an electronic payment application.
  • the first common application 114 calls the first trusted application 115 to implement the electronic payment function.
  • First Trusted Application 115 After being called, the activation management application 112 is triggered to perform activation verification of the trusted execution environment.
  • the activation management application 112 reads the trusted identity, trusted key, and activation code from the secure storage space 111, verifies whether the trusted execution environment is successfully activated according to the trusted identity, trusted key, and activation code, and The verification result is returned to the first trusted application. If the verification activation is successful, the first trusted application 115 executes the call of the first common application 114 to implement the electronic payment function, and returns the call result (whether the payment is successful) to the first common application 114.
  • FIG. 2 shows a schematic diagram of an application activation system 200 based on a trusted execution environment according to an embodiment of the present invention.
  • the system 200 includes a terminal device 110 and a server 120.
  • a trusted execution environment and a rich execution environment are deployed in the terminal device 110, and a second common application 116 is deployed in the rich execution environment.
  • the second common application 116 may be activated based on the trusted execution environment.
  • the server 120 further includes an application server 122 and an authentication server 124.
  • the application server 122 is a server that provides methods and data calls to the second ordinary application 116, and can generate usage permission information (such as effective time, expiration time, available times, etc.) for activating the second ordinary application 116.
  • the authentication server 124 is used to verify the identity of the terminal device 110, generate verification information according to the use authority information, and encrypt the use authority information and the verification information, and so on.
  • the second common application 116 triggers the activation management application 112 to verify whether the trusted execution environment is successfully activated, and in the case that the trusted execution environment is successfully activated, sends the trusted identity of the terminal device to the application server 122.
  • the application server 122 sends the trusted identity to the authentication server 124.
  • the authentication server 124 verifies the identity of the terminal device 110, and returns the verification result to the application server 122. In the case that the authentication server 124 passes the verification, the application server 122 generates the use permission information of the second common application 116, and sends the use permission information to the authentication server 124.
  • step S310 the terminal device identifier is sent to the server.
  • the terminal device identifier is used to uniquely identify a terminal device. Since the terminal device identifier is unique, it can also be called a device fingerprint.
  • the terminal device identification can be, for example, the MAC (Media Access Control) address, CPU serial number, hard disk serial number and other information of the terminal device, or the calculation result obtained by processing the MAC address and CPU serial number of the terminal device, etc. , But not limited to this.
  • the present invention does not limit the specific content of the terminal equipment identification.
  • the terminal device identification is obtained by calling a corresponding data interface, and the data interface is usually provided by the manufacturer of the terminal device.
  • step S310 is executed by the activation management application in the trusted execution environment.
  • the activation management application 112 cannot directly communicate with the server, but sends the terminal device identification to the server via the interface application 113 in the rich execution environment.
  • an authentication code in addition to sending the terminal device identification to the server, an authentication code can also be generated according to the terminal device identification, and the authentication code is sent to the server together, so that the server can verify the authentication code. After the code verification is passed, an activation code is generated according to the terminal device identification.
  • the authentication code includes a preset key, a first cipher text, and a first mapping value, where the first cipher text is a cipher generated by using the preset key to encrypt the session key and the terminal device identifier.
  • the first mapping value is a value obtained by using a preset mapping function to map the session key and the terminal device identifier.
  • the preset key is one of the configuration information of the activation management application 112, and accordingly, the value of the preset key can be read from the configuration information of the activation management application.
  • the session key is generated by the terminal device, for example, by the activation management application 112.
  • the activation management application 112 when the activation management application 112 communicates with the server, the activation management application 112 will generate a token for this communication, the token including the preset key read from the configuration information And the generated session key. According to the preset key and the session key in the token, the first ciphertext can be determined, and then the authentication code can be generated.
  • the token may also include other information, such as the application identifier of the activation management application 112, the version number of the activation management application 112, and the purpose of the preset key. , Preset key types, etc. The present invention does not limit the specific information included in the token.
  • the encryption algorithm used to generate the first ciphertext and the mapping function used to generate the first mapping value can be set by those skilled in the art, and the present invention does not limit this.
  • the encryption algorithm used to generate the first ciphertext may be an AES encryption algorithm
  • the mapping function used to generate the first mapping value may be a hash algorithm, but is not limited to this.
  • the server can verify the authentication code according to the following method: read a preset key from the authentication code, and use the preset key to decrypt the first cipher text in the authentication code to obtain Session key and terminal device identification. Subsequently, the preset mapping function is used to calculate the second mapping value of the session key and the terminal device identifier, and if the second mapping value is consistent with the first mapping value in the authentication code, the authentication code verification is passed.
  • the preset key is Provisioning Key1
  • the first cipher text is Pro vis Encryp t (Session Key + Dev_FP), that is, the first cipher text is the provisioning key Provisioning Key1 used to pair the session key Session Key
  • the ciphertext obtained by encrypting with the terminal device identifier Dev_FP.
  • the first mapping value is Hash_Sha256 (Session Key + Dev_FP), that is, the first mapping value is the hash value of the session key Session Key calculated by using the SHA256 algorithm and the terminal device identifier Dev_FP.
  • the authentication code AuthCode1 may also include other fields, such as the application identifier of the activation management application 112, the version number of the activation management application 112, and the preset password.
  • the present invention does not limit the number and types of fields included in the authentication code.
  • the server After sending the authentication code AuthCode1 and the terminal device identification Dev_FP shown in Table 1 to the server, the server will verify the authentication code: first, read the provisioning key Provisioning Key1 from the authentication code AuthCode1. Subsequently, the Provisioning Key is used to decrypt the first ciphertext Provis io ning_Key_Encrypt (Session Key + Dev_FP) to recover the Session Key. Finally, the SHA256 algorithm is used to calculate the hash value of the recovered session key Session Key and the terminal device identification Dev_FP. If the hash value is the same as the first in AuthCode1 If the mapping values are consistent, the AuthCode1 verification is successful.
  • step S320 the activation information returned by the server is received, the activation information includes the encrypted trusted identity, the trusted key, and the activation code, where the trusted identity, the trusted key, and the terminal device identity are the same Correspondingly, the activation code is generated according to the terminal device identification.
  • the trusted identity and the trusted key are generated by the server.
  • the server generates a trusted identity and a trusted key, and stores the trusted identity and the trusted key in association with the terminal device identity.
  • a trusted identity identifier is a string that can represent the uniqueness of a device. It is used to uniquely identify a terminal device, and it has the security attributes of being non-tamperable, non-forgeable, and globally unique.
  • the trusted key is a character string derived through a specific algorithm based on the trusted identity, which is used to encrypt key information related to the terminal device corresponding to the trusted identity.
  • the activation code is generated according to the terminal device identification, and is used to activate the trusted execution environment of the terminal device. According to an embodiment, the activation code includes use permission information and verification information of the trusted execution environment.
  • the usage authority information can be configured, and it can include at least one of effective time, expiry time, and available times, and can also include other information except effective time, expiry time, and available times.
  • the invention does not limit the specific content included in the usage right information.
  • the verification information is used to verify the activation code to ensure that the activation code has not been illegally tampered with.
  • the verification information includes a cipher text generated by encrypting the trusted identity identifier, the use authority information, and the terminal device identifier using a trusted key.
  • the present invention does not limit the specific encryption algorithm used to generate the verification information.
  • the encryption algorithm used to generate the verification information may be, for example, the HMAC (Hash-based Message Authentication Code) algorithm, but is not limited thereto.
  • the activation code ActiCode may also include other fields, such as the algorithm used to encrypt the activation code ActiCode using a trusted key IDkey, The key check value KCV (Key Checksum Value) for verifying whether the trusted key IDkey has been tampered with, and the algorithm for generating the key check value KCV, etc.
  • the present invention is concerned with the number and types of fields included in the activation code There are no restrictions.
  • the activation information includes an encrypted trusted identity, a trusted key, and an activation code.
  • the activation information may be generated according to the following steps: encrypt the activation code with a trusted key to generate the activation code ciphertext; use the session key to encrypt the trusted identity, the trusted key, and the activation code
  • the text is encrypted to generate activation information.
  • the session key is determined in advance by the terminal device and the server. For example, the session key can be agreed upon in advance by the terminal device and the server before the terminal device transmits the terminal device identification and authentication code to the server; for another example, see Table 1. Session Key Session Key can be implicit in the authentication code AuthCode1 and transferred to the server; etc.
  • the steps for generating activation information are as follows: First, use the trusted key IDkey to encrypt the activation code ActiCode to generate the activation code ciphertext ActiCode’. Subsequently, the session key Session Key determined from the authentication code AuthCode1 is used to encrypt the trusted identity ID, the trusted key IDkey, and the activation code ciphertext ActiCode' to generate activation information.
  • step S330 is executed.
  • the decryption process of the activation information is as follows: First, the session key Session Key is used to decrypt the activation information to obtain the trusted identity ID, the trusted key IDkey, and the activation code ciphertext ActiCode'. Subsequently, the trusted key IDkey is used to decrypt the activation code ciphertext ActiCode' to obtain the activation code ActiCode.
  • step S340 is executed.
  • step S340 the trusted identity, the trusted key, and the activation code are encrypted and stored in a secure storage space.
  • the data in the secure storage space can only be read by the activation management application 112 in the trusted execution environment, which ensures that the data therein will not be illegally obtained or tampered with.
  • the trusted identity, trusted key, and activation code in step S330 instead of directly encrypting and storing the trusted identity, trusted key, and activation code in a secure storage space,
  • the activation code is first verified according to the terminal device identification to ensure that the activation information has not been illegally tampered with during the transmission process between the server and the terminal device. After the activation code is verified, the trusted identity, the trusted key and the activation code are encrypted and stored in the secure storage space.
  • the trusted execution environment of the terminal device is activated.
  • the trusted identity, trusted key, and activation code in the secure storage space 111 can only be read by the activation management application 112 in the trusted execution environment.
  • step S401 the user triggers the activation management application 112 to perform the trusted execution environment through the interface application 113 Activation verification.
  • step S402 and S403 the activation management application 112 reads the activation code ActiCode of the trusted execution environment from the secure storage space 111, verifies the ActiCode, and sends the verification result to the interface application 113 in step S404. If ActiCode is not stored in the secure storage space 111 or the activation management application 112 fails to verify the ActiCode, then in step S404, the activation management application 112 will return to the interface application 113 a result that the trusted execution environment is not activated. Subsequently, step S405 is executed.
  • step S405 the interface application 113 triggers the activation management application 112 to activate the trusted execution environment.
  • step S406 the activation management application 112 obtains the terminal device identifier Dev_FP through the interface provided by the terminal device manufacturer, obtains the preset key Provisioning Key1, and generates the session key Session Key.
  • step S407 the activation management application 112 generates an authentication code according to the terminal device identifier Dev_FP
  • AuthCode1 includes a preset key Provisioning Key1, a first ciphertext Pro vis io ning_Ke y_Encrypt (S es io n Key + Dev_FP), and a first mapping value Has h_S ha256 (S es s io n Key + Dev_FP)
  • step S410 the server 120 verifies the authentication code AuthCode1: First, read the preset key Provisioning Key1 from the authentication code AuthCode1. Subsequently, the Provisioning Key1 is used to decrypt the first cipher text Provisioning_Key_Encrypt (Session Key + Dev_FP) to recover the session key Session Key. Finally, the SHA256 algorithm is used to calculate the hash value of the recovered session key Session Key and the terminal device identifier Dev_FP. If the hash value is consistent with the first mapping value in AuthCode1, the authentication of AuthCode1 is successful. Subsequently, step S411 is executed.
  • step S411 the server 120 generates a trusted identity ID and a trusted key IDkey, and stores the trusted identity ID and the trusted key IDkey in association with the terminal device identity Dev_FP.
  • step S412 the server 120 generates the activation code ActiCode according to the terminal device identifier Dev_FP.
  • the ActiCode includes the effective time Stimel, the expiration time Etimel, the available times Timesl, and the verification information HMAC (IDkey, Dev_FP + ID + Stimel). + Etimel +Timesl ).
  • Use the trusted key IDkey to encrypt the activation code ActiCode to generate the activation code ciphertext ActiCode'; use the session key Session Key to encrypt the trusted identity ID, the trusted key IDkey, and the activation code ciphertext ActiCode', Generate activation information.
  • the server 120 sends the activation information to the interface application 113.
  • step S414 the interface application 113 sends the activation information to the activation management application 112.
  • step S415 the activation management application 112 uses the Session Key to decrypt the activation information to obtain the trusted identity ID, the trusted key IDkey, and the activation code ciphertext ActiCode'. Subsequently, the trusted key IDkey is used to decrypt the activation code ciphertext ActiCode' to obtain the activation code ActiCode.
  • step S416 the activation management application 112 obtains the terminal device identifier Dev_FP through the data interface provided by the manufacturer of the terminal device. Based on the HMAC algorithm, a trusted key IDkey is used to encrypt the terminal device identifier Dev_FP, the trusted identity identifier ID, the effective time Stimel, the expiration time Etimel, and the available times Times 1, to generate the second ciphertext. If they are consistent with the activation of the second ciphertext verification information is verified by the activation code, step S417 o
  • the activation management application 112 encrypts and stores the trusted identity ID, the trusted key IDkey, and the activation code ActiCode in the secure storage space 111, and the trusted execution environment is successfully activated.
  • step S419 the activation management application 112 feeds back the result of successful activation of the trusted execution environment to the interface application
  • the method 500 is executed in the server (for example, the server 120 shown in FIG. 1), which corresponds to the aforementioned method 300 executed in the terminal device. As shown in FIG. 5, the method 500 starts at step S510.
  • step S510 the terminal device identifier sent by the terminal device is received.
  • step S510 the server receives the terminal device identifier from the interface application 113.
  • step S510 in addition to receiving the terminal device identification, the authentication code sent by the terminal device is also received, and the authentication code is generated according to the terminal device identification.
  • the authentication code is verified, and after the authentication code is verified, step S520 is executed to generate an activation code according to the terminal device identifier.
  • the authentication code includes a preset key, a first cipher text, and a first mapping value, where the first cipher text is a cipher generated by using the preset key to encrypt the session key and the terminal device identifier.
  • the first mapping value is a value obtained by using a preset mapping function to map the session key and the terminal device identifier.
  • the server can verify the authentication code according to the following method: read the preset key from the authentication code, and use the preset key to decrypt the first cipher text in the authentication code to obtain the session key And terminal device identification. Subsequently, the preset mapping function is used to calculate the second mapping value of the session key and the terminal device identification, if the second mapping value is compared with the first mapping in the authentication code If the values are consistent, the authentication code verification is passed.
  • step S310 For the specific implementation steps of the generation and verification of the authentication code, please refer to the relevant description of the aforementioned step S310, which will not be repeated here.
  • step S520 a trusted identity identifier and a trusted key corresponding to the terminal device identifier are generated, and an activation code is generated according to the terminal device identifier.
  • the trusted identity identifier is used to uniquely identify a terminal device, and it has security attributes that cannot be tampered with, cannot be forged, and are globally unique.
  • the trusted key is a key corresponding to a trusted identity, which is used to encrypt key information.
  • the server can generate the trusted identity and the trusted key according to any algorithm, and the present invention does not limit the specific algorithm used to generate the trusted identity and the trusted key. After the trusted identity and the trusted key are generated, the trusted identity and the trusted key are associated and stored.
  • the activation code is generated according to the terminal device identification, and is used to activate the trusted execution environment of the terminal device. According to an embodiment, the activation code includes use permission information and verification information of the trusted execution environment.
  • the use authority information of the trusted execution environment is used to mark the use authority of the trusted execution environment.
  • the usage authority information may include, for example, effective time, expiration time, and available times, but is not limited to this.
  • the verification information is used to verify the activation code to ensure that the activation code has not been illegally tampered with.
  • the verification information includes a cipher text generated by encrypting the trusted identity identifier, the use authority information, and the terminal device identifier using a trusted key.
  • the present invention does not limit the specific encryption algorithm used to generate the verification information.
  • the encryption algorithm used to generate the verification information may be, for example, the HMAC algorithm, but is not limited thereto.
  • the activation code ActiCode please refer to Table 2 above, and will not be repeated here.
  • step S530 the trusted identity, the trusted key and the activation code are encrypted to generate activation information.
  • the activation code is encrypted with a trusted key to generate the activation code ciphertext; the session key is used to encrypt the trusted identity, the trusted key, and the activation code ciphertext to generate activation information .
  • the session key is used to encrypt the trusted identity, the trusted key, and the activation code ciphertext to generate activation information .
  • step S540 the activation information is sent to the terminal device, so that the terminal device: decrypts the activation information to obtain the trusted identity, the trusted key, and the activation code, and the trusted identity, the trusted key And the activation code are encrypted and stored in a secure storage space.
  • step S540 For the specific implementation process of step S540, reference may be made to the relevant descriptions of the foregoing steps S330 and 340, which are not repeated here.
  • Common applications in the rich execution environment can call trusted applications in the trusted execution environment. When a trusted application is called, the called trusted application will further call the activation management application 112 to trigger the activation of the trusted execution environment Verification.
  • FIG. 6 shows a flowchart of a method 600 for verifying activation of a trusted execution environment according to an embodiment of the present invention.
  • the method 600 is executed in the trusted execution environment of the terminal device, for example, executed by the activation management application 112 in the trusted execution environment. As shown in FIG. 6, the method 600 starts at step S610.
  • a trusted identity, a trusted key, and an activation code of a trusted execution environment are obtained.
  • the activation code includes use authority information and verification information of the trusted execution environment, and the verification information includes using a trusted key pair
  • the activation management application 112 reads the trusted identity ID, the trusted key IDkey, and the activation code ActiCode of the trusted execution environment from the secure storage space 111.
  • the activation code ActiCode further includes usage authority information.
  • the activation code ActiCode includes the effective time Stimel, the expiration time Etimel, and the available times Times 1, and the verification information HMAC (IDkey, Dev_FP + ID + Stimel + Etimel + Timesl) o
  • the verification information is based on the HMAC algorithm, using a trusted key IDkey to encrypt the terminal device ID Dev_FP, trusted identity ID, effective time Stimel, expiration time Etimel and available times Time si The generated message digest.
  • step S620 the terminal device identifier is obtained, and the trusted identity identifier, the use right information, and the terminal device identifier are encrypted by using the trusted key to generate a third ciphertext.
  • the terminal device identifier Dev_FP is obtained through the data interface provided by the terminal device manufacturer, and based on the HMAC algorithm, the trusted key IDkey is used to identify the trusted identity ID, effective time Stimel, expiration time Etimel, and available times Times 1 and the terminal device identifier Dev_FP are encrypted to generate the third ciphertext.
  • step S630 if the third ciphertext is consistent with the verification information, and the current use environment of the terminal device matches the use authority information, the trusted execution environment is activated successfully.
  • the activation management application 112 reads the trusted identity ID, the trusted key IDkey, and the activation code ActiCode of the trusted execution environment from the secure storage space 111. As shown in Table 2, ActiCode comprising effective time Stimel, expiration time Etimel, the available number of check information Times 1 and HMAC (IDkey, Dev_FP + ID + Stimel + Etimel + Timesl) o
  • step S705 the activation management application 112 obtains the terminal device identifier Dev_FP through the data interface provided by the manufacturer of the terminal device. Based on the HMAC algorithm, a trusted key IDkey is used to encrypt the trusted identity ID, the expiration time Stimel, the expiration time Etimel, the available times Timesl, and the terminal device identity Dev_FP to generate the third ciphertext. If the third cipher text is consistent with the verification information in the activation code, the activation code verification is passed, and the trusted execution environment has been activated.
  • step S706 the activation management application 112 sends the result that the trusted execution environment has been activated to the first trusted application 115.
  • step S707 the first trusted application 115 executes the call requested by the first normal application 114.
  • step S708 the first trusted application 115 returns the call result to the first normal application 114.
  • the trusted execution environment can provide activation and activation verification services to other applications of the terminal device 110, thereby ensuring the security of other applications.
  • FIG. 8 shows a flowchart of a method 800 for application activation based on a trusted execution environment according to an embodiment of the present invention.
  • the method 800 is executed in the trusted execution environment of the terminal device, for example, executed by the activation management application 112 in the trusted execution environment.
  • the method 200 can be used to activate common applications in a rich execution environment, such as the second common application 116 shown in FIG. 2. As shown in FIG. 8, the method 800 starts at step S810.
  • step S810 the trusted identity of the terminal device is sent to the server.
  • the trusted identity is stored in the secure storage space 111 of the terminal device, and it can only be read by a specific trusted application in the trusted execution environment, such as the activation management application 112. After the activation management application 112 obtains the trusted identity, it sends the trusted identity to the server 120 through the application to be activated in the rich execution environment (for example, the second common application 116 in FIG. 2).
  • the trusted identity of the terminal device before sending the trusted identity to the server, it is necessary to verify whether the trusted execution environment is successfully activated; in the case that the trusted execution environment is successfully activated, then the trusted identity of the terminal device is sent To the server.
  • the steps shown in the foregoing method 600 can be followed to verify whether the trusted execution environment is successfully activated. If If the trusted execution environment is successfully activated, the trusted execution environment is available, and the application to be activated can be activated based on the trusted execution environment. If the activation of the trusted execution environment fails, the trusted execution environment is unavailable. At this time, the aforementioned method 300 needs to be executed to activate the trusted execution environment. After the trusted execution environment is activated, the method 800 of the present invention can be executed.
  • step S810 in addition to sending the trusted identity to the server, step S810 also generates an authentication code based on the trusted identity, and sends the authentication code and the trusted identity to the server, so that the server can pair The authentication code is verified, and after the authentication code is verified, the registration code is generated according to the trusted identity.
  • the authentication code includes a preset key, a fourth cipher text, and a third mapping value, where the fourth cipher text is a cipher text generated by using the preset key to encrypt the trusted identity, and the first The three-mapping value is a value obtained by using a preset mapping function to map the trusted identity.
  • the preset key is one of the configuration information of the activation management application 112, and accordingly, the value of the preset key can be read from the configuration information of the activation management application.
  • the activation management application 112 when the activation management application 112 communicates with the server, the activation management application 112 will generate a token for this communication, the token including the preset key read from the configuration information .
  • the fourth ciphertext can be determined, and then the authentication code can be generated.
  • the token may also include other information, such as the application identifier of the activation management application 112, the version number of the activation management application 112, and the purpose of the preset key. , Preset key types, etc.
  • the present invention does not limit the specific information included in the token.
  • the encryption algorithm used to generate the fourth ciphertext and the mapping function used to generate the third mapping value can be set by those skilled in the art, and the present invention does not limit this.
  • the encryption algorithm used to generate the fourth ciphertext may be an AES encryption algorithm
  • the mapping function used to generate the third mapping value may be a hash algorithm, but is not limited to this.
  • the server can verify the authentication code to ensure that the authentication code and the trusted identity are not tampered with during transmission.
  • the server can verify the authentication code according to the following method:
  • Table 3 shows an example of the authentication code AuthCode2 in the application activation process based on the trusted execution environment: table 3
  • the preset key is Provisioning Key2
  • the fourth ciphertext is Provisioning_Key_Encrypt(ID)
  • SP the fourth ciphertext is the ciphertext obtained by using the provisioning key Provisioning Key2 to encrypt the trusted identity ID.
  • the third mapping value is Hash_Sha256(ID), that is, the third mapping value is the hash value of the trusted identity ID calculated using the SHA256 algorithm.
  • the authentication code AuthCode2 may also include other fields, such as the application identifier of the activation management application 112, the version number of the activation management application 112, and the preset secret.
  • the present invention does not limit the number and types of fields included in the authentication code.
  • the server After sending the authentication code AuthCode2 shown in Table 3 to the server, the server will verify the authentication code: First, read the provisioning key Provisioning Key2 from the authentication code AuthCode2. Subsequently, the fourth cipher text Provisioning_Key_Encrypt (ID) is decrypted using Provisioning Key2 to obtain a trusted identity ID. Finally, the SHA256 algorithm is used to calculate the hash value of the trusted identity ID. If the hash value is consistent with the third mapping value in AuthCode2, the AuthCode2 verification is successful.
  • step S820 the registration information returned by the server is received, the registration information includes the registration code encrypted with the trusted key corresponding to the trusted identity, and the registration code is generated based on the trusted identity.
  • the registration code is generated according to the trusted identity and used to activate the application to be activated.
  • the registration code includes usage permission information and verification information of the application to be activated.
  • the usage permission information of the application is used to mark the usage permission of the application.
  • the usage authority information may include, for example, effective time, expiration time, and available times, but is not limited thereto.
  • the usage authority information includes effective time and expiration time
  • the user can use the application normally only within the time range of effective time to expiration time, and the application is not available outside the time range of effective time to expiration time.
  • the usage permission information includes the available times
  • the usage permission information includes the available times, the user can only use the application within the available times. If the user uses the application for the available times, the application is no longer available.
  • the usage authority information can be configured, and it can include at least one of effective time, expiration time, and available times, and can also include other information except effective time, expiration time, and available times.
  • the invention does not limit the specific content included in the usage permission information of the application.
  • the verification information is used to verify the registration code to ensure that the registration code has not been illegally tampered with.
  • the verification information includes a cipher text generated by using a trusted key to encrypt the trusted identity and usage authority information.
  • the present invention does not limit the specific encryption algorithm used to generate the verification information.
  • the encryption algorithm used to generate the verification information may be, for example, the HMAC (Hash-based Message Authentication Code) algorithm, but is not limited thereto.
  • Table 4 shows an example of the registration code License:
  • the usage authority information of the application includes the effective time Stime2, the expiration time Etime2, and the available times Times2.
  • the verification information is HMAC (IDkey, ID + Stime2 + Etime2 + Times2), that is, the verification information is based on the HMAC algorithm, using a trusted key IDkey to identify the trusted identity ID, effective time Stime2, expiration time Etime2, and available times
  • the message digest generated by Times2 encryption is HMAC (IDkey, ID + Stime2 + Etime2 + Times2), that is, the verification information is based on the HMAC algorithm, using a trusted key IDkey to identify the trusted identity ID, effective time Stime2, expiration time Etime2, and available times.
  • the registration information includes the registration code encrypted with the trusted key corresponding to the trusted identity. That is, the server first determines the trusted key corresponding to the trusted identity, and then uses the trusted key to encrypt the registration code to generate registration information.
  • the process of encrypting the registration code to generate registration information in method 800 is slightly different from the process of encrypting the activation code to generate activation information in method 300.
  • the activation code is double-encrypted by the trusted key and the session key; in the method 800, the registration code is only single-encrypted by the trusted key. This is because in the method 300, the trusted key is generated for the first time, and the trusted key needs to be sent to the terminal device along with the activation code.
  • the session key to encrypt the trusted key to make the trusted key invisible to the outside.
  • the trusted key is not transmitted, but is only stored in the terminal device and the server. Even if other devices monitor the registration information transmitted between the terminal device and the server, since the trusted key cannot be obtained, It also cannot decrypt the registration information to obtain the registration code. Therefore, in the method 800, the security of the registration code can be ensured by only single-encrypting the registration code with the trusted key, and there is no need to use the session key for secondary encryption.
  • step S830 the trusted key is used to decrypt the registration information to obtain the registration code.
  • step S840 the registration code is encrypted and stored in a secure storage space.
  • the data in the secure storage space can only be read by the activation management application 112 in the trusted execution environment, which ensures that the data in it will not be illegally obtained. And tampering.
  • the registration code is not directly encrypted and stored in a secure storage space, but the registration code is first verified according to the trusted identity identifier to ensure that the registration information is on the server and the terminal device. No illegal tampering during the transmission. After the registration code is verified, the registration code is encrypted and stored in the secure storage space.
  • the verification process of the registration code license is as follows: Obtain the trusted key IDkey, based on the HMAC algorithm, use the trusted key IDkey to perform the trusted identity ID, effective time Stime2, expiration time Etime2, and available times Times2 Encrypt and generate the fifth ciphertext. If the fifth cipher text is consistent with the verification information in the registration code, the registration code verification is passed. Otherwise, the verification fails.
  • the registration code of the application to be activated is encrypted and stored in the secure storage space 111
  • the activation of the application to be activated is completed.
  • the registration code in the secure storage space 111 can only be read by the activation management application 112 in the trusted execution environment.
  • Fig. 9 shows a schematic diagram of an application activation process based on a trusted execution environment according to an embodiment of the present invention.
  • the secure storage space 111, the activation management application 112, and the second common application 116 are located in the terminal device, the activation management application 112 is a trusted application in a trusted execution environment, and the second common application 116 is a trusted application in a rich execution environment.
  • the application server 122 and the authentication server 124 are located on the server.
  • the application server 122 is used to provide methods and data calls to the second ordinary application 116, and generate use permission information of the second ordinary application 116 (for example, effective time, expiration time, available times, etc.).
  • the authentication server 124 is used to verify the identity of the terminal device 110, and to encrypt related data.
  • step S901 the second normal application 116 initiates a request to the activation management application 112 to initialize the trusted execution environment.
  • the activation management application 112 performs activation verification on the trusted execution environment based on the request. If the trusted execution environment activation verification is successful, step S902 is executed.
  • the activation management application 112 reads the trusted identity identification ID and the trusted key IDkey from the secure storage space 111.
  • step S904 the activation management application 112 generates the authentication code AuthCode2 according to the trusted identity ID.
  • AuthCode2 includes the preset key Provisioning Key2, the fourth cipher text ProvisioninLKey_Encrypt(ID), and the third mapping value. Hash_Sha256(ID).
  • step S905 the activation management application 112 sends the trusted identity ID and the authentication code AuthCode2 to The second general application 116.
  • step S906 the second common application 116 sends the trusted identity ID and the authentication code AuthCode2 to the application server 122.
  • step S907 the application server 122 to the trusted identity ID and the authentication code to the authentication server transmits AuthCode2 124 o
  • step S908 the authentication server 124 verifies the authentication code AuthCode2: First, read the preset key Provisioning Key2 from the authentication code AuthCode2. Subsequently, the fourth cipher text Provisioning_Key_Encrypt (ID) is decrypted using Provisioning Key2 to obtain a trusted identity ID. Finally, the SHA256 algorithm is used to calculate the hash value of the trusted identity ID. If the hash value is consistent with the third mapping value in AuthCode2, the AuthCode2 verification is successful.
  • step S909 the authentication server 124 returns the successful verification result of the authentication code AuthCode2 to the application server 122.
  • step S910 the application server 122 generates the use permission information of the second common application 116, referring to Table 4.
  • the use permission information includes the effective time Stime2, the expiration time Etime2, and the available times Times2.
  • step S911 the application server 122 sends the generated usage authority information to the authentication server 124.
  • step S912 the authentication server 124 generates verification information, referring to Table 4, the verification information is HMAC (IDkey, ID + Stime2 + Etime2 + Times2). Subsequently, the use permission information and verification information are combined to form the registration code License. Look up the trusted key IDkey corresponding to the trusted identity ID, and use the IDkey to encrypt the License to generate registration information.
  • the authentication server 124 sequentially passes through the application server 122 and the second common application 116, and sends the registration information to the activation management application 112.
  • step S916 the activation management application 112 uses the trusted key IDkey to decrypt the registration information to obtain the registration code License. Use the trusted key IDkey to encrypt the trusted identity ID, the effective time Stime2, the expiration time Etime2, and the available times Times2 to generate the fifth ciphertext. If the fifth ciphertext is consistent with the verification information in the License, the registration code verification is passed, and step S917 is executed.
  • the activation management application 112 encrypts and stores the registration code License in the secure storage space 111, and the second common application 116 is successfully activated.
  • step S919 the activation management application 112 feeds back the result of the successful activation of the second common application 116 to the second common application 116.
  • FIG. 10 shows a flow of an application activation method 1000 based on a trusted execution environment according to an embodiment of the present invention Cheng Tu.
  • the method 100 is executed in the server (for example, the server 120 shown in FIG. 2), and corresponds to the method 800 executed in the terminal device, and is suitable for the application to be activated (for example, the second ordinary application 116 shown in FIG. 2). ) To activate.
  • the server further includes an application server (for example, the application server 122 shown in FIG. 2) and an authentication server (for example, the authentication server 124 shown in FIG. 2), and the application server and the authentication server have a division of labor Collaborate to achieve application activation based on a trusted execution environment.
  • the application server can directly communicate with the application to be activated, and is used to provide methods and data calls to the application to be activated, and generate usage permission information of the application to be activated (for example, effective time, expiration time, available times, etc.).
  • the authentication server usually does not directly communicate with the application to be activated, and is used to verify the identity of the terminal device 110, and to encrypt related data.
  • the method begins at step 101000 S lOlO o
  • step S1010 the trusted identity sent by the terminal device is received.
  • the trusted identity is stored in the secure storage space 111 of the terminal device, and it can only be read by a specific trusted application in the trusted execution environment, such as the activation management application 112. After the activation management application 112 obtains the trusted identity, it is sent to the application server through the application to be activated. Correspondingly, the application server receives the trusted identity sent by the application to be activated.
  • step S1010 in addition to receiving the trusted identity, the authentication code sent by the terminal device is also accepted, and the authentication code is generated according to the trusted identity.
  • the authentication code is verified, and after the authentication code is verified, step S520 is executed to generate a registration code according to the trusted identity.
  • the application server 122 after the application server 122 receives the trusted identity and the authentication code sent by the second common application 116, it forwards the trusted identity and the authentication code to the authentication server 124, and the authentication server 124 To verify the authentication code.
  • the application server 122 After the application server 122 receives the trusted identity and the authentication code sent by the second common application 116, it forwards the trusted identity and the authentication code to the authentication server 124, and the authentication server 124 To verify the authentication code.
  • the application server 122 After the application server 122 receives the trusted identity and the authentication code sent by the second common application 116, it forwards the trusted identity and the authentication code to the authentication server 124, and the authentication server 124 To verify the authentication code.
  • step S1020 a registration code is generated according to the trusted identity.
  • the registration code includes use permission information and verification information of the application to be activated, where the use permission information is used to mark the use permission of the application, which may include, for example, effective time, expiration time, available times, etc. But it is not limited to this.
  • the verification information is used to verify the registration code to ensure that the registration code has not been illegally tampered with.
  • the verification information includes a cipher text generated by using a trusted key to encrypt the trusted identity identifier and the use authority information.
  • the usage permission information in the registration code is generated by the application server 122.
  • the application server 122 After the application server 122 generates the usage permission information, it sends the usage permission information to the authentication server 124, which is generated by the authentication server 124 Into the verification information.
  • the authentication server 124 For the specific generation process of the usage authority information and the verification information, reference may be made to the relevant description of the foregoing step S820, which is not repeated here.
  • step S1030 the trusted key corresponding to the trusted identity is used to encrypt the registration code to generate registration information.
  • step S1030 is performed by the authentication server 124.
  • step S1040 the registration information is sent to the terminal device, so that the terminal device: decrypts the registration information with the trusted key to obtain the registration code; and encrypts the registration code and stores it in a secure storage space.
  • step S1040 the authentication server 124 sequentially passes through the application 122 and the application to be activated, and sends the registration information to the activation management application 112 in the terminal device.
  • the activation management application 112 uses the trusted key to decrypt the registration information to obtain the registration code; and encrypts and stores the registration code in a secure storage space.
  • step S1040 For the specific implementation process of step S1040, reference may be made to the related descriptions of the foregoing steps S830 and S840, which will not be repeated here.
  • the activation verification of the application will be triggered. Only when it is verified that the application activation is successful, the user can use the application; if the verification of the application activation fails, the application is not available to the user.
  • FIG. 11 shows a flowchart of a method 1100 for verifying application activation based on a trusted execution environment according to an embodiment of the present invention.
  • the method 1100 is executed in the trusted execution environment of the terminal device, for example, executed by the activation management application 112 in the trusted execution environment.
  • the method l loo starts with step smo.
  • step smo the trusted identity, the trusted key, and the registration code of the application to be verified are obtained.
  • the registration code includes usage authority information and verification information, and the verification information is the use of the trusted key to the trusted identity, Use permission information to encrypt the generated ciphertext.
  • the activation verification application 112 obtains the trusted identity, the trusted key, and the registration code of the application to be verified from the secure storage space 111.
  • step S1120 a trusted key is used to encrypt the trusted identity and usage authority information to generate a sixth ciphertext.
  • step S1130 if the sixth ciphertext is consistent with the verification information, the registration code is sent to the application to be verified, so that the application determines whether the activation is successful according to whether the current use environment matches the use permission information.
  • the use permission information includes effective time, expiration time, and available times.
  • the current use environment of the application includes information such as time and used times. If the current time is within the range of effective time to expiration time, and the used times of the application are less than or equal to the available times, the current use environment matches the use permission information, and the application is successfully activated.
  • Fig. 12 shows a schematic diagram of an application activation verification process based on a trusted execution environment according to an embodiment of the present invention.
  • the secure storage space 111, the activation management application 112, and the second common application 116 are all located in the terminal device 110
  • the activation management application 112 is a trusted application in a trusted execution environment
  • the second common application 116 is a rich execution environment Common applications in.
  • step S1201 when the user uses the second common application 116, the second common application 116 initiates an activation verification request to the activation management application 112.
  • the activation management application 112 obtains the trusted identity ID, the trusted key IDkey, and the activation code ActiCode of the trusted execution environment from the secure storage space 111.
  • step S 1204 the activation management application 112 verifies whether the trusted execution environment is successfully activated according to the trusted identity ID, the trusted key IDkey, and the activation code ActiCode. In the case that the trusted execution environment is successfully activated, step S 1205 is continued.
  • the activation management application 112 obtains the registration code License from the secure storage space 111. See Table 4.
  • the License includes the effective time Stime2, the expiration time Etime2, the available times Times2, and the verification information HMAC (IDkey, ID + Stime2 + Etime2 + Times2).
  • step S 1207 the activation management application 112 uses the trusted key IDkey to encrypt the trusted identity ID, the effective time Stime2, the expiration time Etime2, and the available times Times2 to generate a sixth ciphertext. If the sixth ciphertext is consistent with the verification information in the License, step S1208 is executed.
  • step S 1208 the activation management application 112 sends the registration code to the second common application 116.
  • step S 1209 the second common application 116 obtains the current use environment, and the current use environment includes the current time and the number of times the second common application 116 has been used.
  • the various technologies described here can be implemented in combination with hardware or software, or a combination of them. Therefore, the method and device of the present invention, or some aspects or parts of the method and device of the present invention may be embedded in a tangible medium, such as a removable hard disk, U disk, floppy disk, CD-ROM, or any other machine-readable storage medium
  • a tangible medium such as a removable hard disk, U disk, floppy disk, CD-ROM, or any other machine-readable storage medium
  • program code ie instructions
  • the computing device When the program code is executed on a programmable computer, the computing device generally includes a processor, Read storage medium (including volatile and non-volatile memory and/or storage element), at least one input device, and at least one output device.
  • the memory is configured to store program code; the processor is configured to execute the application activation method based on the trusted execution environment of the present invention according to instructions in the program code stored in the memory.
  • readable media include readable storage media and communication media.
  • the readable storage medium stores information such as computer readable instructions, data structures, program modules, or other data.
  • Communication media generally embody computer-readable instructions, data structures, program modules, or other data by modulated data signals such as carrier waves or other transmission mechanisms, and include any information delivery media. Combinations of any of the above are also included in the scope of readable media.
  • modules or units or components of the device in the example disclosed herein can be arranged in the device as described in this embodiment, or alternatively can be positioned differently from the device in this example In one or more devices.
  • the modules in the preceding examples can be combined into one module or can be divided into multiple sub-modules.
  • modules or units or components in the embodiments can be combined into one module or unit or component, and in addition, they can be divided into multiple sub-modules or sub-units Or subcomponents. Except that at least some of such features and/or processes or units are mutually exclusive, any combination can be used to compare all features disclosed in this specification (including the accompanying claims, abstract and drawings) and any method or methods disclosed in this manner or All the processes or units of the equipment are combined. Unless expressly stated otherwise, each feature disclosed in this specification (including the accompanying claims, abstract and drawings) may be replaced by an alternative feature providing the same, equivalent or similar purpose.
  • a processor with the necessary instructions for implementing the method or method element forms a device for implementing the method or method element.
  • the elements of the device embodiment described herein are examples of the device: The device is used to implement the function performed by the element for the purpose of implementing the invention.

Abstract

Disclosed in the present invention is a trusted execution environment activation method, wherein the trusted execution environment is deployed in a terminal device. The method comprises: sending a terminal device identifier to a server; receiving activation information returned by a server, the activation information comprising an encrypted trusted identity identifier, a trusted key and an activation code, the trusted identity identifier and the trusted key corresponding to the terminal device identifier, and the activation code being generated according to the terminal device identifier; decrypting the activation information to obtain the trusted identity identifier, the trusted key and the activation code; and encrypting and storing the trusted identity identifier, the trusted key, and the activation code into a secure storage space. Also disclosed in the present invention are a trusted execution environment activation verification method, trusted execution environment-based application activation and activation verification methods, and corresponding apparatuses.

Description

基于可信执行环境的应用激活方法及装置 Application activation method and device based on trusted execution environment
本申请要求 2019年 02月 27日递交的申请号为 201910145498.3、发明名称为“基于 可信执行环境的应用激活方法及装置” 的中国专利申请的优先权, 其全部内容通过引用 结合在本申请中。 技术领域 This application claims the priority of the Chinese patent application filed on February 27, 2019 with the application number 201910145498.3 and the invention title "Application activation method and device based on trusted execution environment", the entire content of which is incorporated into this application by reference . Technical field
本发明涉及应用安全技术领域, 尤其涉及一种基于可信执行环境的应用激活方法及 装置。 背景技术 The present invention relates to the technical field of application security, and in particular to an application activation method and device based on a trusted execution environment. Background technique
软件发布后, 需要一种方式来防止软件被破解和盗用, 以保证软件开发商自身的利 益。 目前, 通常采用注册码的方式来对软件进行保护, 即, 用户先下载安装试用版软件, 然后通过向服务器申请注册码的方式来激活软件。 之后, 当用户使用该软件时, 软件会 读取注册码文件, 根据注册码文件来判断该软件是否可用。 After the software is released, a way is needed to prevent the software from being cracked and misappropriated to ensure the software developers' own interests. Currently, the software is usually protected by a registration code, that is, the user first downloads and installs the trial version of the software, and then activates the software by applying for the registration code from the server. Later, when the user uses the software, the software will read the registration code file and judge whether the software is available according to the registration code file.
上述软件激活方案存在一些问题: There are some problems with the above software activation scheme:
1、 注册码文件在设备中未加密存储, 导致其可以被明文拷贝至其他设备, 使其他设 备上安装的软件被非法破解。 此外, 注册码文件的内容可能被用户篡改, 以非法延长软 件的使用次数或有效期。 1. The registration code file is not encrypted and stored in the device, so that it can be copied to other devices in plain text, and the software installed on other devices can be illegally cracked. In addition, the content of the registration code file may be tampered with by users to illegally extend the number of uses or validity period of the software.
2、 注册码文件未与设备绑定, 导致注册码文件可以在不同的设备中使用, 使其他设 备上安装的软件被非法破解。 2. The registration code file is not bound to the device, so that the registration code file can be used in different devices, and the software installed on other devices is illegally cracked.
3、 服务器在向设备传输注册码的过程中, 注册码文件的内容未加密, 导致注册码文 件容易被监听或伪造。 3. When the server transmits the registration code to the device, the content of the registration code file is not encrypted, which makes the registration code file easy to be monitored or forged.
因此, 需要提供一种更加安全的软件激活方法。 发明内容 Therefore, it is necessary to provide a more secure software activation method. Summary of the invention
为此, 本发明提供一种基于可信执行环境的应用激活方法及装置, 以力图解决或至 少缓解上面存在的问题。 To this end, the present invention provides an application activation method and device based on a trusted execution environment to try to solve or at least alleviate the above problems.
根据本发明的第一个方面, 提供一种可信执行环境的激活方法, 所述可信执行环境 部署于终端设备中, 所述方法包括: 将终端设备标识发送至服务端; 接收服务端返回的 激活信息, 所述激活信息包括加密后的可信身份标识、 可信密钥和激活码, 所述可信身 份标识、可信密钥与所述终端设备标识相对应, 所述激活码根据所述终端设备标识生成; 对所述激活信息进行解密, 以得到可信身份标识、 可信密钥和激活码; 将所述可信身份 标识、 可信密钥和激活码加密存储至安全存储空间。 According to a first aspect of the present invention, there is provided a method for activating a trusted execution environment, the trusted execution environment being deployed in a terminal device, and the method includes: sending a terminal device identifier to a server; receiving a return from the server Activation information, the activation information includes an encrypted trusted identity, a trusted key, and an activation code, the trusted identity The share identifier and the trusted key correspond to the terminal device identifier, and the activation code is generated according to the terminal device identifier; the activation information is decrypted to obtain the trusted identity identifier, the trusted key, and the activation code ; Encrypting and storing the trusted identity, trusted key and activation code in a secure storage space.
根据本发明的第二个方面, 提供一种可信执行环境的激活方法, 所述可信执行环境 部署于终端设备中, 所述方法包括: 接收终端设备发送的终端设备标识; 生成与所述终 端设备标识相对应的可信身份标识和可信密钥,以及根据所述终端设备标识生成激活码; 对所述可信身份标识、 可信密钥和激活码进行加密以生成激活信息; 将所述激活信息发 送至所述终端设备, 以便所述终端设备: 对所述激活信息进行解密以得到可信身份标识、 可信密钥和激活码, 以及将所述可信身份标识、 可信密钥和激活码加密存储至安全存储 空间。 According to a second aspect of the present invention, there is provided a method for activating a trusted execution environment, where the trusted execution environment is deployed in a terminal device, and the method includes: receiving a terminal device identifier sent by the terminal device; A trusted identity identifier and a trusted key corresponding to the terminal device identifier, and an activation code is generated according to the terminal device identifier; the trusted identity identifier, the trusted key, and the activation code are encrypted to generate activation information; The activation information is sent to the terminal device, so that the terminal device: decrypts the activation information to obtain a trusted identity, a trusted key, and an activation code, and transmits the trusted identity to the trusted The key and activation code are encrypted and stored in a secure storage space.
根据本发明的第三个方面, 提供一种可信执行环境的激活验证方法, 在终端设备的 可信执行环境中执行, 所述方法包括: 获取可信身份标识、 可信密钥和可信执行环境的 激活码, 所述激活码包括可信执行环境的使用权限信息和校验信息, 所述校验信息包括 采用所述可信密钥对所述可信身份标识、 使用权限信息、 终端设备标识进行加密所生成 的密文; 获取终端设备标识, 采用可信密钥对所述可信身份标识、 使用权限信息、 终端 设备标识进行加密, 生成第一密文; 若所述第一密文与所述校验信息一致, 且终端设备 当前的使用环境与所述使用权限信息匹配, 则所述可信执行环境激活成功。 According to a third aspect of the present invention, there is provided an activation verification method of a trusted execution environment, which is executed in a trusted execution environment of a terminal device, and the method includes: obtaining a trusted identity, a trusted key, and a trusted The activation code of the execution environment, where the activation code includes use authority information and verification information of the trusted execution environment, and the verification information includes using the trusted key to pair the trusted identity, use authority information, and terminal The ciphertext generated by encrypting the device identification; obtaining the terminal device identification, and encrypting the trusted identity, usage authority information, and terminal device identification with a trusted key to generate a first ciphertext; if the first ciphertext is If the text is consistent with the verification information, and the current use environment of the terminal device matches the use authority information, the trusted execution environment is activated successfully.
根据本发明的第四个方面, 提供一种基于可信执行环境的应用激活方法, 所述可信 执行环境部署于终端设备中,所述方法包括: 将终端设备的可信身份标识发送至服务端: 接收服务端返回的注册信息, 所述注册信息包括采用所述可信身份标识所对应的可信密 钥加密后的注册码, 所述注册码根据所述可信身份标识生成; 采用可信密钥对所述注册 信息进行解密, 以得到注册码; 将所述注册码加密存储至安全存储空间。 According to a fourth aspect of the present invention, an application activation method based on a trusted execution environment is provided. The trusted execution environment is deployed in a terminal device, and the method includes: sending a trusted identity of the terminal device to a service End: receiving registration information returned by the server, where the registration information includes a registration code encrypted with a trusted key corresponding to the trusted identity, and the registration code is generated according to the trusted identity; Decrypt the registration information with the trust key to obtain a registration code; encrypt and store the registration code in a secure storage space.
根据本发明的第五个方面, 提供一种基于可信执行环境的应用激活方法, 所述可信 执行环境部署于终端设备中, 所述方法包括: 接收终端设备发送的可信身份标识; 根据 所述可信身份标识生成注册码; 采用所述可信身份标识所对应的可信密钥来加密所述注 册码, 以生成注册信息; 将所述注册信息发送至所述终端设备, 以便所述终端设备: 采 用可信密钥对所述注册信息进行解密, 以得到注册码; 以及将所述注册码加密存储至安 全存储空间。 According to a fifth aspect of the present invention, an application activation method based on a trusted execution environment is provided, the trusted execution environment is deployed in a terminal device, and the method includes: receiving a trusted identity sent by the terminal device; The trusted identity identifier generates a registration code; the trusted key corresponding to the trusted identity identifier is used to encrypt the registration code to generate registration information; and the registration information is sent to the terminal device so that The terminal device: decrypts the registration information with a trusted key to obtain a registration code; and encrypts and stores the registration code in a secure storage space.
根据本发明的第六个方面, 提供一种基于可信执行环境的应用激活验证方法, 在终 端设备的可信执行环境中执行, 所述方法包括: 获取可信身份标识、 可信密钥和待验证 的应用的注册码, 所述注册码包括使用权限信息和校验信息, 所述校验信息为采用所述 可信密钥对所述可信身份标识、 使用权限信息进行加密所生成的密文; 采用所述可信密 钥对所述可信身份标识、 使用权限信息进行加密, 生成第一密文; 若所述第一密文与所 述校验信息一致, 则将所述注册码发送至待验证的应用, 以便所述应用根据当前使用环 境与所述使用权限信息是否匹配来确定其是否激活成功。 According to a sixth aspect of the present invention, an application activation verification method based on a trusted execution environment is provided, which is executed in the trusted execution environment of a terminal device, and the method includes: obtaining a trusted identity, a trusted key, and To be verified The registration code of the application, where the registration code includes usage authority information and verification information, and the verification information is a ciphertext generated by using the trusted key to encrypt the trusted identity and usage authority information Use the trusted key to encrypt the trusted identity and use authority information to generate a first ciphertext; if the first ciphertext is consistent with the verification information, send the registration code To the application to be verified, so that the application determines whether the activation is successful according to whether the current use environment matches the use permission information.
根据本发明的第七个方面, 提供一种终端设备, 所述终端设备上部署有可信执行环 境, 所述可信执行环境包括激活管理应用, 所述激活管理应用适于执行如上所述的可信 执行环境的激活方法、 可信执行环境的激活验证方法、 基于可信执行环境的应用激活方 法以及基于可信执行环境的应用激活验证方法。 According to a seventh aspect of the present invention, there is provided a terminal device, wherein a trusted execution environment is deployed on the terminal device, the trusted execution environment includes an activation management application, and the activation management application is adapted to execute the above A trusted execution environment activation method, a trusted execution environment activation verification method, a trusted execution environment-based application activation method, and a trusted execution environment-based application activation verification method.
根据本发明的第八个方面, 提供一种服务器, 包括: 至少一个处理器; 和存储有程 序指令的存储器, 其中, 所述程序指令被配置为适于由所述至少一个处理器执行, 所述 程序指令包括用于执行如上所述的可信执行环境的激活方法、 基于可信执行环境的应用 激活方法的指令。 According to an eighth aspect of the present invention, there is provided a server, including: at least one processor; and a memory storing program instructions, wherein the program instructions are configured to be executed by the at least one processor, so The program instructions include instructions for executing the trusted execution environment activation method and the application activation method based on the trusted execution environment as described above.
根据本发明的第九个方面, 提供一种基于可信执行环境的应用激活系统, 包括: 如 上所述的终端设备; 以及如上所述的服务器。 According to a ninth aspect of the present invention, an application activation system based on a trusted execution environment is provided, including: the terminal device as described above; and the server as described above.
本发明提供一种基于可信执行环境的应用激活方案。 可信执行环境是一个独立、 可 信的环境, 其具有隔离的硬件环境和独立的操作系统, 可用于存储、 处理和保护敏感数 据。 在本发明的技术方案中, 首先, 对终端设备中的可信执行环境进行激活, 在可信执 行环境已激活的基础上, 可信执行环境可以向终端设备的其他应用提供可信的应用激活 及激活验证服务, 从而保证其他应用的安全。 可信执行环境的激活码、 应用的注册码均 通过可信执行环境加密存储至安全存储空间中, 安全存储空间中的数据只能被可信执行 环境中的激活管理应用读取, 保证了其不会被非法获取以及篡改。 The invention provides an application activation scheme based on a trusted execution environment. The trusted execution environment is an independent and trusted environment with an isolated hardware environment and an independent operating system, which can be used to store, process, and protect sensitive data. In the technical solution of the present invention, firstly, the trusted execution environment in the terminal device is activated. After the trusted execution environment has been activated, the trusted execution environment can provide trusted application activation to other applications of the terminal device. And activate the verification service to ensure the safety of other applications. The activation code of the trusted execution environment and the registration code of the application are encrypted and stored in the secure storage space through the trusted execution environment. The data in the secure storage space can only be read by the activation management application in the trusted execution environment, which ensures that Will not be illegally obtained and tampered with.
在激活可信执行环境的过程中, 服务端生成终端设备的可信身份标识和可信密钥。 随后, 将可信密钥应用于可信执行环境的激活码、 以及应用的注册码的加密传输过程。 可信密钥在终端设备与服务端中仅传输一次, S卩,在且仅在激活可信执行环境的过程中, 服务端将生成的可信密钥加密传输至终端设备, 在后续基于可信执行环境对应用进行激 活的过程中, 可信密钥不再进行传输。 因此, 可信密钥仅存储于终端设备和服务端, 即 使其他设备监听到终端设备与服务端之间传输的注册信息, 由于无法获取到可信密钥, 其也无法对注册信息进行解密以获取注册码, 从而进一步提高了应用注册码的传输安全 性。 可信执行环境的激活码以及应用的注册码中均嵌入了终端设备的可信身份标识, 从 而保证了每台终端设备的激活码、 注册码的唯一性和不可复制性。 若激活码、 注册码被 恶意篡改, 则终端设备的可信执行环境、 应用的激活验证会失败。 此外, 即使激活码、 注册码被拷贝至其他终端设备中,也无法用于激活其他终端设备的可信执行环境或应用。 In the process of activating the trusted execution environment, the server generates the trusted identity and the trusted key of the terminal device. Subsequently, the trusted key is applied to the encrypted transmission process of the activation code of the trusted execution environment and the registration code of the application. The trusted key is transmitted only once between the terminal device and the server, that is, during and only during the process of activating the trusted execution environment, the server encrypts the generated trusted key and transmits it to the terminal device. In the process of activating the application by the trusted execution environment, the trusted key is no longer transmitted. Therefore, the trusted key is only stored in the terminal device and the server. Even if other devices monitor the registration information transmitted between the terminal device and the server, since the trusted key cannot be obtained, it cannot decrypt the registration information. The registration code is obtained, thereby further improving the transmission security of the application registration code. Both the activation code of the trusted execution environment and the registration code of the application are embedded with the trusted identity of the terminal device, thereby ensuring the uniqueness and non-copyability of the activation code and registration code of each terminal device. If the activation code and registration code are maliciously tampered with, the activation verification of the trusted execution environment of the terminal device and the application will fail. In addition, even if the activation code and registration code are copied to other terminal devices, they cannot be used to activate the trusted execution environment or applications of other terminal devices.
上述说明仅是本发明技术方案的概述, 为了能够更清楚了解本发明的技术手段, 而 可依照说明书的内容予以实施, 并且为了让本发明的上述和其它目的、 特征和优点能够 更明显易懂, 以下特举本发明的具体实施方式。 附图说明 The above description is only an overview of the technical solution of the present invention. In order to understand the technical means of the present invention more clearly, it can be implemented in accordance with the content of the specification, and to make the above and other objectives, features and advantages of the present invention more obvious and understandable. In the following, specific embodiments of the present invention are specifically cited. Description of the drawings
为了实现上述以及相关目的, 本文结合下面的描述和附图来描述某些说明性方面, 这些方面指示了可以实践本文所公开的原理的各种方式, 并且所有方面及其等效方面旨 在落入所要求保护的主题的范围内。 通过结合附图阅读下面的详细描述, 本公开的上述 以及其它目的、 特征和优势将变得更加明显。 遍及本公开, 相同的附图标记通常指代相 同的部件或元素。 In order to achieve the above and related purposes, this article describes certain illustrative aspects in conjunction with the following description and drawings. These aspects indicate various ways in which the principles disclosed herein may be practiced, and all aspects and their equivalents are intended to be Into the scope of the claimed subject matter. By reading the following detailed description in conjunction with the accompanying drawings, the above and other objectives, features and advantages of the present disclosure will become more apparent. Throughout this disclosure, the same reference numerals generally refer to the same parts or elements.
图 1示出了根据本发明一个实施例的可信执行环境的激活系统 100的示意图; 图 2示出了根据本发明一个实施例的基于可信执行环境的应用激活系统 200的示意 图; Fig. 1 shows a schematic diagram of a trusted execution environment activation system 100 according to an embodiment of the present invention; Fig. 2 shows a schematic diagram of an application activation system 200 based on a trusted execution environment according to an embodiment of the present invention;
图 3示出了根据本发明一个实施例的可信执行环境的激活方法 300 (终端设备侧) 的流程图; FIG. 3 shows a flowchart of a method 300 (terminal device side) for activating a trusted execution environment according to an embodiment of the present invention;
图 4示出了根据本发明一个实施例的可信执行环境的激活过程的示意图; 图 5示出了根据本发明一个实施例的可信执行环境的激活方法 500 (服务端侧) 的 流程图; FIG. 4 shows a schematic diagram of the activation process of a trusted execution environment according to an embodiment of the present invention; FIG. 5 shows a flowchart of a trusted execution environment activation method 500 (server side) according to an embodiment of the present invention ;
图 6示出了根据本发明一个实施例的可信执行环境的激活验证方法 600的流程图; 图 7示出了根据本发明一个实施例的可信执行环境的激活验证过程的示意图; 图 8示出了根据本发明一个实施例的基于可信执行环境的应用激活方法 800 (终端 设备侧) 的流程图; Fig. 6 shows a flowchart of a method 600 for activation verification of a trusted execution environment according to an embodiment of the present invention; Fig. 7 shows a schematic diagram of an activation verification process of a trusted execution environment according to an embodiment of the present invention; Fig. 8 Shows a flowchart of an application activation method 800 (on the terminal device side) based on a trusted execution environment according to an embodiment of the present invention;
图 9示出了根据本发明一个实施例的基于可信执行环境的应用激活过程的示意图; 图 10示出了根据本发明一个实施例的基于可信执行环境的应用激活方法 1000 (服 务端侧) 的流程图; Fig. 9 shows a schematic diagram of an application activation process based on a trusted execution environment according to an embodiment of the present invention; Fig. 10 shows an application activation method 1000 based on a trusted execution environment according to an embodiment of the present invention (server side ) Flow chart;
图 11示出了根据本发明一个实施例的基于可信执行环境的应用激活验证方法 1100 的流程图; 以及 FIG. 11 shows a method 1100 for verifying application activation based on a trusted execution environment according to an embodiment of the present invention Flow chart of; and
图 12 示出了根据本发明一个实施例的基于可信执行环境的应用激活验证过程的示 意图。 具体实施方式 Fig. 12 shows a schematic diagram of an application activation verification process based on a trusted execution environment according to an embodiment of the present invention. detailed description
下面将参照附图更详细地描述本公开的示例性实施例。 虽然附图中显示了本公开的 示例性实施例, 然而应当理解, 可以以各种形式实现本公开而不应被这里阐述的实施例 所限制。 相反, 提供这些实施例是为了能够更透彻地理解本公开, 并且能够将本公开的 范围完整的传达给本领域的技术人员。 Hereinafter, exemplary embodiments of the present disclosure will be described in more detail with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure can be implemented in various forms and should not be limited by the embodiments set forth herein. On the contrary, these embodiments are provided to enable a more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.
本发明提供一种基于可信执行环境的应用激活方案。在本发明的技术方案中, 首先, 对终端设备中的可信执行环境进行激活, 在可信执行环境已激活的基础上, 可信执行环 境可以向终端设备的其他应用提供可信的应用激活及激活验证服务, 从而保证其他应用 的安全。 The invention provides an application activation scheme based on a trusted execution environment. In the technical solution of the present invention, firstly, the trusted execution environment in the terminal device is activated. After the trusted execution environment has been activated, the trusted execution environment can provide trusted application activation to other applications of the terminal device. And activate the verification service to ensure the safety of other applications.
图 1示出了根据本发明一个实施例的可信执行环境的激活系统 100的示意图。 如图 1所示, 系统 100包括终端设备 110和服务端 120。 应当指出, 虽然图 1所示的系统 100 仅包括一个终端设备 110和一个服务端 120, 但是, 本领域技术人员可以理解, 在实践 中, 系统 100可以包括任意数量的终端设备 110和服务端 120, 本发明对系统 100所包 括的终端设备 110、 服务端 120的数量均不做限制。 Fig. 1 shows a schematic diagram of a trusted execution environment activation system 100 according to an embodiment of the present invention. As shown in FIG. 1, the system 100 includes a terminal device 110 and a server 120. It should be noted that although the system 100 shown in FIG. 1 only includes one terminal device 110 and one server 120, those skilled in the art will understand that in practice, the system 100 may include any number of terminal devices 110 and server 120. The present invention does not limit the number of terminal devices 110 and server 120 included in the system 100.
终端设备 110具体可以实现为任意设备, 例如手机、 平板电脑、 智能可穿戴设备、 智能家电、 车机、 无人机等, 但不限于此。 如图 1所示, 终端设备 110中部署有可信执 行环境 ( Trusted Execution Environment , 简称 TEE ) 和富执行环境 ( Rich Execution Environment, 简称 REE) 。 可信执行环境与富执行环境具有相互隔离的硬件、 以及独立 的操作系统, 用于满足不同安全级别的应用的运行要求。 可信执行环境与富执行环境的 硬件隔离例如可以通过 ARM TrustZone或 C-SKY的安全扩展技术来实现, 但不限于此。 The terminal device 110 may be specifically implemented as any device, such as a mobile phone, a tablet computer, a smart wearable device, a smart home appliance, a car machine, a drone, etc., but is not limited thereto. As shown in FIG. 1, a trusted execution environment (TEE for short) and a rich execution environment (REE for short) are deployed in the terminal device 110. The trusted execution environment and the rich execution environment have mutually isolated hardware and independent operating systems to meet the operating requirements of applications with different security levels. The hardware isolation between the trusted execution environment and the rich execution environment can be realized by, for example, the security extension technology of ARM TrustZone or C-SKY, but is not limited to this.
富执行环境的操作系统可以是 Android、 iOS、 RTOS实时操作系统等通用操作系统, 该操作系统上可以运行对安全性要求不高的普通应用, 例如即时通讯、 拍照、 天气查询 等。 可信执行环境的操作系统通常为一个封闭的、 功能相对简单的安全操作系统, 在该 操作系统上运行对安全性要求较高的可信应用, 例如指纹识别、 身份认证、 电子支付、 智能锁等。 可信执行环境中的可信应用可以被富执行环境中的普通应用调用以实现相应 功能。 可信应用不可直接与外部 (例如服务器、 其他终端设备、 用户等) 进行通信, 而 需要以富执行环境中的普通应用为通信中转, 即, 可信执行环境中的可信应用经由富执 行环境中的普通应用来与外部进行通信。 The operating system of the rich execution environment may be a general operating system such as Android, iOS, RTOS real-time operating system, etc., on which ordinary applications that do not require high security, such as instant messaging, photographing, and weather query, can be run. The operating system of the trusted execution environment is usually a closed, relatively simple secure operating system. Trusted applications with high security requirements are run on the operating system, such as fingerprint recognition, identity authentication, electronic payment, and smart locks. Wait. Trusted applications in the trusted execution environment can be called by ordinary applications in the rich execution environment to implement corresponding functions. Trusted applications cannot directly communicate with external parties (such as servers, other terminal devices, users, etc.), and It is necessary to use the common application in the rich execution environment as a communication relay, that is, the trusted application in the trusted execution environment communicates with the outside via the common application in the rich execution environment.
服务端 120可以是任意用于向终端设备 110提供可信执行环境在线激活服务的设备, 例如物理服务器、 或部署于物理服务器中的计算实例等, 但不限于此。 服务端 120用于 向终端设备 110提供可信执行环境的在线激活服务。 在可信执行环境被激活后, 终端设 备 110才可以使用可信执行环境来处理和保护敏感数据。 The server 120 may be any device that is used to provide a trusted execution environment online activation service to the terminal device 110, such as a physical server, or a computing instance deployed in the physical server, but is not limited to this. The server 120 is used to provide the terminal device 110 with an online activation service of a trusted execution environment. After the trusted execution environment is activated, the terminal device 110 can use the trusted execution environment to process and protect sensitive data.
在本发明的实施例中, 可信执行环境包括激活管理应用 112, 激活管理应用 112经 由部署于富执行环境中的接口应用 113与服务端 120通信, 用于对可信执行环境进行激 活。 具体地, 激活管理应用 112读取终端设备标识, 将终端设备标识经由接口应用 113 发送至服务端 120。 服务端 120根据终端设备标识生成激活码, 并且生成终端设备的可 信身份标识和可信密钥, 将可信身份标识和可信密钥与终端设备标识关联存储。 可信身 份标识是一个可以代表设备唯一性的字符串, 其用于唯一标识终端设备 110, 且具备不 可篡改、 不可伪造、 全球唯一的安全属性。 可信密钥为根据可信身份标识通过特定算法 派生出来的字符串, 其用于对与终端设备 110相关的关键信息进行加密。 服务端 120将 可信身份标识、 可信密钥和激活码加密后生成激活信息, 经由接口应用 113将激活信息 发送至激活管理应用 112。 激活管理应用 112对激活信息进行解密, 得出可信身份标识、 可信密钥和激活码后,将可信身份标识、可信密钥和激活码加密存储至安全存储空间 111。 安全存储空间 111为用于存储文件的指定空间,文件采用可信密钥加密后存储到该位置。 在本发明的实施例中, 安全存储空间 111能且仅能被激活管理应用 112访问。 在将可信 身份标识、 可信密钥和激活码加密存储至安全存储空间 111后, 终端设备 110的可信执 行环境激活完成。 In the embodiment of the present invention, the trusted execution environment includes an activation management application 112, and the activation management application 112 communicates with the server 120 via an interface application 113 deployed in the rich execution environment, and is used to activate the trusted execution environment. Specifically, the activation management application 112 reads the terminal device identification, and sends the terminal device identification to the server 120 via the interface application 113. The server 120 generates an activation code according to the terminal device identifier, generates a trusted identity identifier and a trusted key of the terminal device, and stores the trusted identity identifier and trusted key in association with the terminal device identifier. The trusted identity identifier is a character string that can represent the uniqueness of the device. It is used to uniquely identify the terminal device 110, and has the security attributes of being non-tamperable, non-forgeable, and globally unique. The trusted key is a character string derived through a specific algorithm according to a trusted identity, and is used to encrypt key information related to the terminal device 110. The server 120 encrypts the trusted identity, the trusted key, and the activation code to generate activation information, and sends the activation information to the activation management application 112 via the interface application 113. The activation management application 112 decrypts the activation information to obtain the trusted identity, the trusted key, and the activation code, and then encrypts and stores the trusted identity, the trusted key, and the activation code in the secure storage space 111. The secure storage space 111 is a designated space for storing files, and the files are stored in this location after being encrypted with a trusted key. In the embodiment of the present invention, the secure storage space 111 can and can only be accessed by the activation management application 112. After the trusted identity, the trusted key, and the activation code are encrypted and stored in the secure storage space 111, the trusted execution environment of the terminal device 110 is activated.
富执行环境中的普通应用可以调用可信执行环境中的可信应用。 当可信应用被调用 时, 该被调用的可信应用将进一步调用激活管理应用 112, 以触发可信执行环境的激活 验证。激活管理应用 112从安全存储空间 111中读取可信身份标识、可信密钥和激活码, 根据可信身份标识、 可信密钥和激活码来验证可信执行环境是否激活成功, 随后, 将验 证结果返回给被普通应用调用的可信应用。 若验证激活成功, 则被调用的可信应用执行 普通应用的调用, 并将调用结果返回给普通应用。 Common applications in the rich execution environment can call trusted applications in the trusted execution environment. When the trusted application is called, the called trusted application will further call the activation management application 112 to trigger the activation verification of the trusted execution environment. The activation management application 112 reads the trusted identity, the trusted key, and the activation code from the secure storage space 111, and verifies whether the trusted execution environment is successfully activated according to the trusted identity, the trusted key, and the activation code. Then, The verification result is returned to the trusted application called by the ordinary application. If the verification activation is successful, the called trusted application executes the call of the normal application, and returns the call result to the normal application.
例如, 如图 1所示, 富执行环境中的第一普通应用 114为购物应用, 第一可信应用 115为电子支付应用。 当用户在第一普通应用 114中选中某些商品, 需要付款进行购买 时, 第一普通应用 114调用第一可信应用 115来实现电子支付功能。 第一可信应用 115 被调用后, 触发激活管理应用 112进行可信执行环境的激活验证。 激活管理应用 112从 安全存储空间 111中读取可信身份标识、 可信密钥和激活码, 根据可信身份标识、 可信 密钥和激活码来验证可信执行环境是否激活成功, 并将验证结果返回给第一可信应用。 若验证激活成功, 则第一可信应用 115执行第一普通应用 114的调用以实现电子支付功 能, 并将调用结果 (是否支付成功) 返回给第一普通应用 114。 For example, as shown in FIG. 1, the first common application 114 in the rich execution environment is a shopping application, and the first trusted application 115 is an electronic payment application. When the user selects some commodities in the first common application 114 and requires payment for purchase, the first common application 114 calls the first trusted application 115 to implement the electronic payment function. First Trusted Application 115 After being called, the activation management application 112 is triggered to perform activation verification of the trusted execution environment. The activation management application 112 reads the trusted identity, trusted key, and activation code from the secure storage space 111, verifies whether the trusted execution environment is successfully activated according to the trusted identity, trusted key, and activation code, and The verification result is returned to the first trusted application. If the verification activation is successful, the first trusted application 115 executes the call of the first common application 114 to implement the electronic payment function, and returns the call result (whether the payment is successful) to the first common application 114.
在可信执行环境已激活的基础上, 可信执行环境可以向终端设备 110的其他应用提 供应用激活及激活验证服务, 从而保证其他应用的安全。 图 2示出了根据本发明一个实 施例的基于可信执行环境的应用激活系统 200的示意图。 如图 2所示, 系统 200包括终 端设备 110和服务端 120, 终端设备 110中部署有可信执行环境和富执行环境, 富执行 环境中部署有第二普通应用 116。 在终端设备 110的可信执行环境已激活的基础上, 可 以基于可信执行环境来激活第二普通应用 116。 After the trusted execution environment has been activated, the trusted execution environment can provide activation and activation verification services to other applications of the terminal device 110, thereby ensuring the security of other applications. Fig. 2 shows a schematic diagram of an application activation system 200 based on a trusted execution environment according to an embodiment of the present invention. As shown in FIG. 2, the system 200 includes a terminal device 110 and a server 120. A trusted execution environment and a rich execution environment are deployed in the terminal device 110, and a second common application 116 is deployed in the rich execution environment. After the trusted execution environment of the terminal device 110 has been activated, the second common application 116 may be activated based on the trusted execution environment.
服务端 120进一步包括应用服务端 122和认证服务端 124。 应用服务端 122为向第 二普通应用 116提供方法及数据调用的服务端, 其可以生成用于激活第二普通应用 116 的使用权限信息 (例如生效时间、 失效时间、 可用次数等) 。 认证服务端 124用于验证 终端设备 110的身份, 根据使用权限信息来生成校验信息, 以及对使用权限信息、 校验 信息进行加密等。 The server 120 further includes an application server 122 and an authentication server 124. The application server 122 is a server that provides methods and data calls to the second ordinary application 116, and can generate usage permission information (such as effective time, expiration time, available times, etc.) for activating the second ordinary application 116. The authentication server 124 is used to verify the identity of the terminal device 110, generate verification information according to the use authority information, and encrypt the use authority information and the verification information, and so on.
具体地, 第二普通应用 116触发激活管理应用 112来验证可信执行环境是否激活成 功, 在可信执行环境激活成功的情况下, 将终端设备的可信身份标识发送至应用服务端 122。 应用服务端 122将可信身份标识发送至认证服务端 124。 认证服务端 124对终端设 备 110的身份进行验证, 并将验证结果返回给应用服务端 122。 在认证服务端 124验证 通过的情况下, 应用服务端 122生成第二普通应用 116的使用权限信息, 并将使用权限 信息发送至认证服务端 124。 认证服务端 124根据使用权限信息和可信身份标识来生成 校验信息, 将使用权限信息和校验信息组合成注册码, 获取可信身份标识所对应的可信 密钥, 采用可信密钥对注册码进行加密, 生成注册信息, 并将加密后的注册信息依次经 由应用服务端 122、第二普通应用 116发送至激活管理应用 112。激活管理应用 112从安 全存储空间 111中获取可信密钥, 采用可信密钥对注册信息进行解密以得到注册码, 并 将注册码加密存储至安全存储空间 111。 在将注册码加密存储至安全存储空间 111后, 第二普通应用 116激活完成。 Specifically, the second common application 116 triggers the activation management application 112 to verify whether the trusted execution environment is successfully activated, and in the case that the trusted execution environment is successfully activated, sends the trusted identity of the terminal device to the application server 122. The application server 122 sends the trusted identity to the authentication server 124. The authentication server 124 verifies the identity of the terminal device 110, and returns the verification result to the application server 122. In the case that the authentication server 124 passes the verification, the application server 122 generates the use permission information of the second common application 116, and sends the use permission information to the authentication server 124. The authentication server 124 generates verification information according to the use permission information and the trusted identity, combines the use permission information and the verification information into a registration code, obtains the trusted key corresponding to the trusted identity, and uses the trusted key The registration code is encrypted to generate registration information, and the encrypted registration information is sent to the activation management application 112 via the application server 122 and the second common application 116 in sequence. The activation management application 112 obtains the trusted key from the secure storage space 111, uses the trusted key to decrypt the registration information to obtain the registration code, and encrypts and stores the registration code in the secure storage space 111. After the registration code is encrypted and stored in the secure storage space 111, the activation of the second common application 116 is completed.
图 3示出了根据本发明一个实施例的可信执行环境的激活方法 300的流程图。 方法 300在终端设备 (例如前述终端设备 110) 的可信执行环境中执行, 例如, 由可信执行环 境中的激活管理应用 112来执行。 如图 3所示, 方法 300始于步骤 S310。 FIG. 3 shows a flowchart of a method 300 for activating a trusted execution environment according to an embodiment of the present invention. The method 300 is executed in a trusted execution environment of a terminal device (for example, the aforementioned terminal device 110), for example, by the trusted execution ring The activation management application 112 in the environment is executed. As shown in FIG. 3, the method 300 starts at step S310.
在步骤 S310中, 将终端设备标识发送至服务端。 In step S310, the terminal device identifier is sent to the server.
终端设备标识用于唯一标识一个终端设备。 由于终端设备标识具有唯一性, 因此, 也可将其称为设备指纹。 终端设备标识例如可以是终端设备的 MAC ( Media Access Control)地址、 CPU序列号、硬盘序列号等信息, 或者是对终端设备的 MAC地址、 CPU 序列号等信息进行加工处理所得到的计算结果等, 但不限于此。 本发明对终端设备标识 的具体内容不做限制。根据一种实施例, 通过调用相应的数据接口来获取终端设备标识, 该数据接口通常由终端设备的生产厂商提供。 The terminal device identifier is used to uniquely identify a terminal device. Since the terminal device identifier is unique, it can also be called a device fingerprint. The terminal device identification can be, for example, the MAC (Media Access Control) address, CPU serial number, hard disk serial number and other information of the terminal device, or the calculation result obtained by processing the MAC address and CPU serial number of the terminal device, etc. , But not limited to this. The present invention does not limit the specific content of the terminal equipment identification. According to an embodiment, the terminal device identification is obtained by calling a corresponding data interface, and the data interface is usually provided by the manufacturer of the terminal device.
具体地, 步骤 S310 由可信执行环境中的激活管理应用来执行。 激活管理应用 112 不可直接与服务端进行通信, 而是经由富执行环境中的接口应用 113来将终端设备标识 发送至服务端。 Specifically, step S310 is executed by the activation management application in the trusted execution environment. The activation management application 112 cannot directly communicate with the server, but sends the terminal device identification to the server via the interface application 113 in the rich execution environment.
根据一种实施例, 除了将终端设备标识发送至服务端之外, 还可以根据终端设备标 识来生成认证码, 将认证码一并发送至服务端, 以便服务端对认证码进行验证, 在认证 码验证通过后, 再根据终端设备标识来生成激活码。 According to an embodiment, in addition to sending the terminal device identification to the server, an authentication code can also be generated according to the terminal device identification, and the authentication code is sent to the server together, so that the server can verify the authentication code. After the code verification is passed, an activation code is generated according to the terminal device identification.
根据一种实施例, 认证码包括预置密钥、 第一密文和第一映射值, 其中, 第一密文 为采用预置密钥对会话密钥和终端设备标识进行加密所生成的密文, 第一映射值为采用 预设的映射函数对会话密钥和终端设备标识进行映射所得到的值。 根据一种实施例, 预 置密钥是激活管理应用 112的配置信息之一, 相应地, 预置密钥的值可以从激活管理应 用的配置信息中读取。 会话密钥由终端设备生成, 例如, 由激活管理应用 112来生成。 根据一种实施例, 当激活管理应用 112与服务端通信时, 激活管理应用 112将生成用于 本次通信的令牌 (Token),该令牌包括从配置信息中读取的预置密钥和生成的会话密钥。 根据令牌中的预置密钥和会话密钥, 可以确定第一密文, 进而生成认证码。 本领域技术 人员可以理解, 除预置密钥和会话密钥之外, 令牌中还可以包括其他信息, 例如激活管 理应用 112的应用标识、 激活管理应用 112的版本号、 预置密钥用途、 预置密钥类型等, 本发明对令牌中所包括的具体信息不做限制。 According to an embodiment, the authentication code includes a preset key, a first cipher text, and a first mapping value, where the first cipher text is a cipher generated by using the preset key to encrypt the session key and the terminal device identifier. Here, the first mapping value is a value obtained by using a preset mapping function to map the session key and the terminal device identifier. According to an embodiment, the preset key is one of the configuration information of the activation management application 112, and accordingly, the value of the preset key can be read from the configuration information of the activation management application. The session key is generated by the terminal device, for example, by the activation management application 112. According to an embodiment, when the activation management application 112 communicates with the server, the activation management application 112 will generate a token for this communication, the token including the preset key read from the configuration information And the generated session key. According to the preset key and the session key in the token, the first ciphertext can be determined, and then the authentication code can be generated. Those skilled in the art can understand that in addition to the preset key and the session key, the token may also include other information, such as the application identifier of the activation management application 112, the version number of the activation management application 112, and the purpose of the preset key. , Preset key types, etc. The present invention does not limit the specific information included in the token.
另外, 需要说明的是, 生成第一密文所采用的加密算法, 以及生成第一映射值所采 用的映射函数均可以由本领域技术人员自行设置, 本发明对此不做限制。 例如, 生成第 一密文所采用的加密算法可以是 AES加密算法,生成第一映射值所采用的映射函数可以 是哈希算法, 但不限于此。 In addition, it should be noted that the encryption algorithm used to generate the first ciphertext and the mapping function used to generate the first mapping value can be set by those skilled in the art, and the present invention does not limit this. For example, the encryption algorithm used to generate the first ciphertext may be an AES encryption algorithm, and the mapping function used to generate the first mapping value may be a hash algorithm, but is not limited to this.
在生成认证码后, 将认证码和终端设备标识一并发送至服务端, 以便服务端对认证 码进行验证, 从中恢复出会话密钥, 并保证认证码和终端设备标识在传输过程中没有被 截获或恶意篡改。 根据一种实施例, 服务端可以按照以下方法来对认证码进行验证: 从认证码中读取预置密钥, 采用预置密钥来对认证码中的第一密文进行解密, 以得 到会话密钥和终端设备标识。 随后, 采用预设的映射函数来计算会话密钥和终端设备标 识的第二映射值, 若第二映射值与认证码中的第一映射值一致, 则认证码验证通过。 After the authentication code is generated, the authentication code and the terminal device identification are sent to the server side so that the server side can authenticate The code is verified, the session key is recovered from it, and it is ensured that the authentication code and the terminal device identifier are not intercepted or maliciously tampered with during the transmission process. According to an embodiment, the server can verify the authentication code according to the following method: read a preset key from the authentication code, and use the preset key to decrypt the first cipher text in the authentication code to obtain Session key and terminal device identification. Subsequently, the preset mapping function is used to calculate the second mapping value of the session key and the terminal device identifier, and if the second mapping value is consistent with the first mapping value in the authentication code, the authentication code verification is passed.
本领域技术人员可以理解, 为了使服务端能够对认证码进行验证, 需要在终端设备 与服务端之间公开某些算法参数, 例如生成第一密文所采用的加密算法、 生成第一映射 值所采用的映射函数等。 这些参数可以在终端设备向服务端传输终端设备标识与认证码 之前, 由终端设备与服务端事先达成一致; 也可以将这些参数作为认证码的字段, 随认 证码一同传输至服务端; 等。 本发明对终端设备与服务端同步算法参数的具体方法不做 限制。 Those skilled in the art can understand that in order to enable the server to verify the authentication code, certain algorithm parameters need to be disclosed between the terminal device and the server, such as the encryption algorithm used to generate the first ciphertext, and the first mapping value to be generated. The mapping function used, etc. These parameters can be agreed upon in advance by the terminal device and the server before the terminal device transmits the terminal device identification and authentication code to the server; these parameters can also be used as fields of the authentication code and transmitted to the server together with the authentication code; etc. The present invention does not limit the specific method for synchronizing algorithm parameters between the terminal equipment and the server.
表 1示出了可信执行环境激活过程中的认证码 AuthCodel的一个示例: Table 1 shows an example of the authentication code AuthCode1 in the activation process of the trusted execution environment:
表 1
Figure imgf000011_0001
Table 1
Figure imgf000011_0001
表 1中,预置密钥为 Provisioning Keyl,第一密文为 Pro vis Encryp t(Session Key + Dev_FP), S卩, 第一密文为采用预置密钥 Provisioning Keyl来对会话密钥 Session Key和终端设备标识 Dev_FP进行加密所得到的密文。第一映射值为 Hash_Sha256(Session Key + Dev_FP), S卩, 第一映射值为采用 SHA256算法计算出的会话密钥 Session Key和 终端设备标识 Dev_FP的哈希值。 In Table 1, the preset key is Provisioning Key1, and the first cipher text is Pro vis Encryp t (Session Key + Dev_FP), that is, the first cipher text is the provisioning key Provisioning Key1 used to pair the session key Session Key The ciphertext obtained by encrypting with the terminal device identifier Dev_FP. The first mapping value is Hash_Sha256 (Session Key + Dev_FP), that is, the first mapping value is the hash value of the session key Session Key calculated by using the SHA256 algorithm and the terminal device identifier Dev_FP.
本领域技术人员可以理解, 在实践中, 除表 1 中所列的字段外, 认证码 AuthCodel 还可以包括其他字段, 例如激活管理应用 112的应用标识、激活管理应用 112的版本号、 预置密钥用途、 预置密钥类型等, 本发明对认证码中所包括的字段的数量及种类均不做 限制。 Those skilled in the art can understand that in practice, in addition to the fields listed in Table 1, the authentication code AuthCode1 may also include other fields, such as the application identifier of the activation management application 112, the version number of the activation management application 112, and the preset password. For key usage, preset key types, etc., the present invention does not limit the number and types of fields included in the authentication code.
在将表 1所示的认证码 AuthCodel和终端设备标识 Dev_FP发送至服务端后, 服务 端将对该认证码进行验证:首先,从认证码 AuthCodel中读取预置密钥 Provisioning Keyl。 随后,采用 Provisioning Keyl对第一密文 Pro vis io ning_Key_Enc rypt(Session Key + Dev_FP) 进行解密, 以恢复出会话密钥 Session Key。 最后, 采用 SHA256算法来计算恢复出的会 话密钥 Session Key和终端设备标识 Dev_FP的哈希值,若该哈希值与 AuthCodel中的第 一映射值一致, 则 AuthCodel验证成功。 After sending the authentication code AuthCode1 and the terminal device identification Dev_FP shown in Table 1 to the server, the server will verify the authentication code: first, read the provisioning key Provisioning Key1 from the authentication code AuthCode1. Subsequently, the Provisioning Key is used to decrypt the first ciphertext Provis io ning_Key_Encrypt (Session Key + Dev_FP) to recover the Session Key. Finally, the SHA256 algorithm is used to calculate the hash value of the recovered session key Session Key and the terminal device identification Dev_FP. If the hash value is the same as the first in AuthCode1 If the mapping values are consistent, the AuthCode1 verification is successful.
随后, 在步骤 S320中, 接收服务端返回的激活信息, 激活信息包括加密后的可信身 份标识、 可信密钥和激活码, 其中, 可信身份标识、 可信密钥与终端设备标识相对应, 激活码根据终端设备标识生成。 Subsequently, in step S320, the activation information returned by the server is received, the activation information includes the encrypted trusted identity, the trusted key, and the activation code, where the trusted identity, the trusted key, and the terminal device identity are the same Correspondingly, the activation code is generated according to the terminal device identification.
可信身份标识和可信密钥由服务端生成。 服务端生成可信身份标识和可信密钥, 并 将可信身份标识和可信密钥与终端设备标识关联存储。 可信身份标识是一个可以代表设 备唯一性的字符串, 用于唯一标识一个终端设备, 且其具备不可篡改、 不可伪造、 全球 唯一的安全属性。 可信密钥为根据可信身份标识通过特定算法派生出来的字符串, 其用 于对与可信身份标识所对应的终端设备相关的关键信息进行加密。 The trusted identity and the trusted key are generated by the server. The server generates a trusted identity and a trusted key, and stores the trusted identity and the trusted key in association with the terminal device identity. A trusted identity identifier is a string that can represent the uniqueness of a device. It is used to uniquely identify a terminal device, and it has the security attributes of being non-tamperable, non-forgeable, and globally unique. The trusted key is a character string derived through a specific algorithm based on the trusted identity, which is used to encrypt key information related to the terminal device corresponding to the trusted identity.
激活码根据终端设备标识生成, 用于对终端设备的可信执行环境进行激活。 根据一 种实施例, 激活码包括可信执行环境的使用权限信息和校验信息。 The activation code is generated according to the terminal device identification, and is used to activate the trusted execution environment of the terminal device. According to an embodiment, the activation code includes use permission information and verification information of the trusted execution environment.
可信执行环境的使用权限信息用于标记可信执行环境的使用权限。 使用权限信息例 如可以包括生效时间、 失效时间、 可用次数等, 但不限于此。 当使用权限信息包括生效 时间、失效时间时, 终端设备仅在生效时间〜失效时间的时间范围内能够正常使用可信执 行环境, 在生效时间 ~失效时间的时间范围之外, 终端设备的可信执行环境处于未激活状 态, 可信执行环境不可用。 当使用权限信息包括可用次数时, 终端设备仅可以在可用次 数以内来调用可信执行环境, 若终端设备调用可信执行环境的次数达到可用次数后, 可 信执行环境将处于未激活状态, 可信执行环境不可用。 本领域技术人员可以理解, 使用 权限信息可以进行配置, 其可以包括生效时间、 失效时间、 可用次数中的至少一项, 也 可以包括除生效时间、 失效时间、 可用次数之外的其他信息, 本发明对使用权限信息所 包括的具体内容不做限制。 The use authority information of the trusted execution environment is used to mark the use authority of the trusted execution environment. The usage authority information may include, for example, effective time, expiration time, and available times, but is not limited to this. When the usage authority information includes effective time and expiration time, the terminal device can use the trusted execution environment normally only within the time range from effective time to expiration time. Outside the time range from effective time to expiration time, the terminal device is trusted The execution environment is in an inactive state, and the trusted execution environment is not available. When the use authority information includes the available times, the terminal device can only call the trusted execution environment within the available times. If the terminal device calls the trusted execution environment for the available times, the trusted execution environment will be in an inactive state. The letter execution environment is not available. Those skilled in the art can understand that the usage authority information can be configured, and it can include at least one of effective time, expiry time, and available times, and can also include other information except effective time, expiry time, and available times. The invention does not limit the specific content included in the usage right information.
校验信息用于对激活码进行校验, 以保证激活码没有被非法篡改。根据一种实施例, 校验信息包括采用可信密钥对可信身份标识、 使用权限信息、 终端设备标识进行加密所 生成的密文。 本发明对生成校验信息所采用的具体加密算法不做限制, 例如, 生成校验 信息所采用的加密算法例如可以是 HMAC (Hash-based Message Authentication Code )算 法, 但不限于此。 The verification information is used to verify the activation code to ensure that the activation code has not been illegally tampered with. According to an embodiment, the verification information includes a cipher text generated by encrypting the trusted identity identifier, the use authority information, and the terminal device identifier using a trusted key. The present invention does not limit the specific encryption algorithm used to generate the verification information. For example, the encryption algorithm used to generate the verification information may be, for example, the HMAC (Hash-based Message Authentication Code) algorithm, but is not limited thereto.
表 2示出了激活码 ActiCode的一个示例: 表 2 Table 2 shows an example of the activation code ActiCode: Table 2
Figure imgf000013_0001
Figure imgf000013_0001
表 2中, 使用权限信息包括生效时间 Stimel、 失效时间 Etimel和可用次数 Timesl。 校验信息为 HMAC(IDkey, Dev_FP + ID + Stimel + Etimel +Timesl ), S卩, 校验信息为基 于 HMAC算法, 采用可信密钥 IDkey对终端设备标识 Dev_FP、 可信身份标识 ID、 生效 时间 Stimel、 失效时间 Etimel和可用次数 Timesl进行加密所生成的消息摘要。 In Table 2, the usage authority information includes effective time Stimel, expiration time Etimel, and available times Timesl. The verification information is HMAC (IDkey, Dev_FP + ID + Stimel + Etimel + Timesl), that is, the verification information is based on the HMAC algorithm, using the trusted key IDkey to identify the terminal device Dev_FP, the trusted identity ID, and the effective time Stimel, expiration time Etimel, and available times Timesl are encrypted message digests generated.
本领域技术人员可以理解, 在实践中, 除表 2中所列的字段外, 激活码 ActiCode还 可以包括其他字段,例如采用可信密钥 IDkey对激活码 ActiCode进行加密所采用的算法、 用于验证可信密钥 IDkey是否被篡改的密钥校验值 KCV ( Key Checksum Value ) 、 以及 生成密钥校验值 KCV的算法,等等,本发明对激活码中所包括的字段的数量及种类均不 做限制。 Those skilled in the art can understand that, in practice, in addition to the fields listed in Table 2, the activation code ActiCode may also include other fields, such as the algorithm used to encrypt the activation code ActiCode using a trusted key IDkey, The key check value KCV (Key Checksum Value) for verifying whether the trusted key IDkey has been tampered with, and the algorithm for generating the key check value KCV, etc., the present invention is concerned with the number and types of fields included in the activation code There are no restrictions.
在步骤 S320中, 激活信息包括加密后的可信身份标识、 可信密钥和激活码。根据一 种实施例, 激活信息可以按照以下步骤生成: 采用可信密钥对激活码进行加密, 以生成 激活码密文; 采用会话密钥对可信身份标识、 可信密钥、 激活码密文进行加密, 以生成 激活信息。 会话密钥由终端设备与服务端事先确定, 例如, 会话密钥可以在终端设备向 服务端传输终端设备标识与认证码之前, 由终端设备与服务端事先达成一致; 又例如, 参见表 1, 会话密钥 Session Key可以隐含于认证码 AuthCodel中, 传递至服务端; 等。 本发明对会话密钥的生成及会话密钥在终端设备与服务端之间的传递方法均不做限制。 此外, 生成激活码密文以及生成激活信息所采用的加密算法可以是任意加密算法, 本发 明对此亦不做限制。 In step S320, the activation information includes an encrypted trusted identity, a trusted key, and an activation code. According to an embodiment, the activation information may be generated according to the following steps: encrypt the activation code with a trusted key to generate the activation code ciphertext; use the session key to encrypt the trusted identity, the trusted key, and the activation code The text is encrypted to generate activation information. The session key is determined in advance by the terminal device and the server. For example, the session key can be agreed upon in advance by the terminal device and the server before the terminal device transmits the terminal device identification and authentication code to the server; for another example, see Table 1. Session Key Session Key can be implicit in the authentication code AuthCode1 and transferred to the server; etc. The invention does not limit the generation of the session key and the transfer method of the session key between the terminal device and the server. In addition, the encryption algorithm used to generate the activation code ciphertext and the activation information can be any encryption algorithm, and the present invention does not limit this.
以表 1、 表 2为例, 激活信息的生成步骤如下: 首先, 采用可信密钥 IDkey对激活 码 ActiCode进行加密, 生成激活码密文 ActiCode’ 。 随后, 采用从认证码 AuthCodel 中确定的会话密钥 Session Key来对可信身份标识 ID、 可信密钥 IDkey、 激活码密文 ActiCode’ 进行加密, 生成激活信息。 Taking Table 1 and Table 2 as examples, the steps for generating activation information are as follows: First, use the trusted key IDkey to encrypt the activation code ActiCode to generate the activation code ciphertext ActiCode’. Subsequently, the session key Session Key determined from the authentication code AuthCode1 is used to encrypt the trusted identity ID, the trusted key IDkey, and the activation code ciphertext ActiCode' to generate activation information.
在步骤 S320接收到激活信息后, 执行步骤 S330。 After the activation information is received in step S320, step S330 is executed.
在步骤 S330中, 对激活信息进行解密, 以得到可信身份标识、 可信密钥和激活码。 对激活信息进行解密的过程与服务端加密生成激活信息的过程相反。 根据一种实施 例, 按照以下步骤对激活信息进行解密: 首先, 采用会话密钥对激活信息进行解密, 以 得到可信身份标识、 可信密钥和激活码密文; 随后, 采用可信密钥对激活码密文进行解 密, 以得到激活码。 In step S330, the activation information is decrypted to obtain a trusted identity, a trusted key, and an activation code. The process of decrypting the activation information is opposite to the process of encrypting the activation information on the server side. According to an implementation For example, the activation information is decrypted according to the following steps: First, the activation information is decrypted using the session key to obtain the trusted identity, the trusted key, and the activation code cipher; then, the trusted key is used to pair the activation code The ciphertext is decrypted to obtain the activation code.
以表 2为例, 激活信息的解密过程如下: 首先, 采用会话密钥 Session Key来对激活 信息进行解密, 以得到可信身份标识 ID、 可信密钥 IDkey、 激活码密文 ActiCode’ 。 随 后, 采用可信密钥 IDkey来对激活码密文 ActiCode’进行解密, 以得到激活码 ActiCode。 Taking Table 2 as an example, the decryption process of the activation information is as follows: First, the session key Session Key is used to decrypt the activation information to obtain the trusted identity ID, the trusted key IDkey, and the activation code ciphertext ActiCode'. Subsequently, the trusted key IDkey is used to decrypt the activation code ciphertext ActiCode' to obtain the activation code ActiCode.
在步骤 S330得到可信身份标识、 可信密钥和激活码后, 执行步骤 S340。 After the trusted identity, the trusted key and the activation code are obtained in step S330, step S340 is executed.
在步骤 S340中, 将可信身份标识、 可信密钥和激活码加密存储至安全存储空间。安 全存储空间中的数据只能被可信执行环境中的激活管理应用 112读取, 保证了其中的数 据不会被非法获取以及篡改。 In step S340, the trusted identity, the trusted key, and the activation code are encrypted and stored in a secure storage space. The data in the secure storage space can only be read by the activation management application 112 in the trusted execution environment, which ensures that the data therein will not be illegally obtained or tampered with.
根据一种实施例, 在步骤 S330中得到可信身份标识、 可信密钥和激活码后, 不是直 接将可信身份标识、 可信密钥和激活码直接加密存储至安全存储空间, 而是先根据终端 设备标识来验证激活码, 以保证激活信息在服务端与终端设备的传输过程中没有被非法 篡改。 在激活码验证通过后, 再将可信身份标识、 可信密钥和激活码加密存储至安全存 储空间。 According to an embodiment, after obtaining the trusted identity, trusted key, and activation code in step S330, instead of directly encrypting and storing the trusted identity, trusted key, and activation code in a secure storage space, The activation code is first verified according to the terminal device identification to ensure that the activation information has not been illegally tampered with during the transmission process between the server and the terminal device. After the activation code is verified, the trusted identity, the trusted key and the activation code are encrypted and stored in the secure storage space.
根据一种实施例, 可以按照以下步骤来验证激活码: 采用可信密钥对可信身份标识、 使用权限信息、 终端设备标识进行加密, 生成第二密文; 若第二密文与激活码中的校验 信息一致, 则激活码验证通过。 According to an embodiment, the activation code can be verified according to the following steps: using a trusted key to encrypt the trusted identity identifier, usage authority information, and terminal device identifier to generate a second cipher text; if the second cipher text is associated with the activation code If the verification information in is consistent, the activation code verification is passed.
以表 2为例, 激活码 ActiCode的验证过程如下: 获取终端设备标识 Dev_FP (例如 通过终端设备的生产厂商所提供的数据接口获取) 。 基于 HMAC 算法, 采用可信密钥 IDkey对终端设备标识 Dev_FP、 可信身份标识 ID、 生效时间 Stimel、 失效时间 Etimel 和可用次数 Times 1进行加密, 生成第二密文。 若第二密文与激活码中的校验信息一致, 则激活码验证通过。 否则, 则验证未通过。 Taking Table 2 as an example, the verification process of the activation code ActiCode is as follows: Obtain the terminal device identification Dev_FP (for example, obtain it through the data interface provided by the terminal device manufacturer). Based on the HMAC algorithm, the terminal device identifier Dev_FP, the trusted identity identifier ID, the effective time Stimel, the expiration time Etimel, and the available times Times 1 are encrypted using the trusted key IDkey to generate the second ciphertext. If the second cipher text is consistent with the verification information in the activation code, the activation code verification is passed. Otherwise, the verification fails.
在将可信身份标识、 可信密钥和激活码加密存储至安全存储空间 111后, 终端设备 的可信执行环境激活完成。 安全存储空间 111中的可信身份标识、 可信密钥、 激活码均 仅能由可信执行环境中的激活管理应用 112读取。 After the trusted identity, the trusted key, and the activation code are encrypted and stored in the secure storage space 111, the trusted execution environment of the terminal device is activated. The trusted identity, trusted key, and activation code in the secure storage space 111 can only be read by the activation management application 112 in the trusted execution environment.
图 4示出了根据本发明一个实施例的可信执行环境的激活过程的示意图。 图 4中, 安全存储空间 111、激活管理应用 112、 接口应用 113均位于终端设备 110中, 激活管理 应用 112为可信执行环境中的可信应用, 接口应用 113为富执行环境中的普通应用。 Fig. 4 shows a schematic diagram of an activation process of a trusted execution environment according to an embodiment of the present invention. In FIG. 4, the secure storage space 111, the activation management application 112, and the interface application 113 are all located in the terminal device 110, the activation management application 112 is a trusted application in a trusted execution environment, and the interface application 113 is a normal application in a rich execution environment .
在步骤 S401中,用户通过接口应用 113来触发激活管理应用 112进行可信执行环境 的激活验证。 In step S401, the user triggers the activation management application 112 to perform the trusted execution environment through the interface application 113 Activation verification.
在步骤 S402和 S403中, 激活管理应用 112从安全存储空间 111中读取可信执行环 境的激活码 ActiCode, 对 ActiCode进行验证, 并在步骤 S404中将验证结果发送给接口 应用 113。若安全存储空间 111中未存储有 ActiCode或激活管理应用 112对 ActiCode验 证失败, 则在步骤 S404中, 激活管理应用 112将向接口应用 113返回可信执行环境未激 活的结果。 随后, 执行步骤 S405。 In steps S402 and S403, the activation management application 112 reads the activation code ActiCode of the trusted execution environment from the secure storage space 111, verifies the ActiCode, and sends the verification result to the interface application 113 in step S404. If ActiCode is not stored in the secure storage space 111 or the activation management application 112 fails to verify the ActiCode, then in step S404, the activation management application 112 will return to the interface application 113 a result that the trusted execution environment is not activated. Subsequently, step S405 is executed.
在步骤 S405中, 接口应用 113触发激活管理应用 112来对可信执行环境进行激活。 在步骤 S406中,激活管理应用 112通过终端设备厂商提供的接口获取终端设备标识 Dev_FP, 获取预置密钥 Provisioning Keyl, 并生成会话密钥 Session Key。 In step S405, the interface application 113 triggers the activation management application 112 to activate the trusted execution environment. In step S406, the activation management application 112 obtains the terminal device identifier Dev_FP through the interface provided by the terminal device manufacturer, obtains the preset key Provisioning Key1, and generates the session key Session Key.
在步骤 S407 中, 激活管理应用 112 根据终端设备标识 Dev_FP 来生成认证码 In step S407, the activation management application 112 generates an authentication code according to the terminal device identifier Dev_FP
AuthCodel, 如前述表 1 所示, AuthCodel 包括预置密钥 Provisioning Keyl、 第一密文 Pro vis io ning_Ke y_Enc rypt (S es s io n Key + Dev_FP)、 以及第一映射值 Has h_S ha256 (S es s io n Key + Dev_FP) AuthCode1, as shown in Table 1, AuthCode1 includes a preset key Provisioning Key1, a first ciphertext Pro vis io ning_Ke y_Encrypt (S es io n Key + Dev_FP), and a first mapping value Has h_S ha256 (S es s io n Key + Dev_FP)
在步骤 S408中,激活管理应用 112将终端设备标识 Dev_FP和认证码 AuthCodel发 送至接口应用 113。 In step S408, the activation management application 112 sends the terminal device identification Dev_FP and the authentication code AuthCode1 to the interface application 113.
在步骤 S409中,接口应用 113将终端设备标识 Dev_FP和认证码 AuthCodel发送至 服务端 120 o In step S409, the interface application 113 and the terminal device identification Dev_FP AuthCodel authentication code transmitted to the server 120 o
在步骤 S410 中, 服务端 120 对认证码 AuthCodel 进行验证: 首先, 从认证码 AuthCodel中读取预置密钥 Provisioning Keyl。 随后, 采用 Provisioning Keyl对第一密 文 Provisioning_Key_Encrypt(Session Key + Dev_FP)进行解密,以恢复出会话密钥 Session Key。 最后, 采用 SHA256算法来计算恢复出的会话密钥 Session Key和终端设备标识 Dev_FP的哈希值, 若该哈希值与 AuthCodel中的第一映射值一致, 则 AuthCodel验证 成功。 随后, 执行步骤 S411。 In step S410, the server 120 verifies the authentication code AuthCode1: First, read the preset key Provisioning Key1 from the authentication code AuthCode1. Subsequently, the Provisioning Key1 is used to decrypt the first cipher text Provisioning_Key_Encrypt (Session Key + Dev_FP) to recover the session key Session Key. Finally, the SHA256 algorithm is used to calculate the hash value of the recovered session key Session Key and the terminal device identifier Dev_FP. If the hash value is consistent with the first mapping value in AuthCode1, the authentication of AuthCode1 is successful. Subsequently, step S411 is executed.
在步骤 S411中, 服务端 120生成可信身份标识 ID和可信密钥 IDkey, 并将可信身 份标识 ID和可信密钥 IDkey与终端设备标识 Dev_FP关联存储。 In step S411, the server 120 generates a trusted identity ID and a trusted key IDkey, and stores the trusted identity ID and the trusted key IDkey in association with the terminal device identity Dev_FP.
在步骤 S412中, 服务端 120根据终端设备标识 Dev_FP生成激活码 ActiCode, 如表 2所示, ActiCode包括生效时间 Stimel、 失效时间 Etimel、 可用次数 Timesl和校验信息 HMAC(IDkey, Dev_FP + ID + Stimel + Etimel +Timesl )。 采用可信密钥 IDkey对激活码 ActiCode进行加密, 生成激活码密文 ActiCode’ ; 采用会话密钥 Session Key来对可信身 份标识 ID、 可信密钥 IDkey、 激活码密文 ActiCode’ 进行加密, 生成激活信息。 在步骤 S413中, 服务端 120将激活信息发送至接口应用 113。 In step S412, the server 120 generates the activation code ActiCode according to the terminal device identifier Dev_FP. As shown in Table 2, the ActiCode includes the effective time Stimel, the expiration time Etimel, the available times Timesl, and the verification information HMAC (IDkey, Dev_FP + ID + Stimel). + Etimel +Timesl ). Use the trusted key IDkey to encrypt the activation code ActiCode to generate the activation code ciphertext ActiCode'; use the session key Session Key to encrypt the trusted identity ID, the trusted key IDkey, and the activation code ciphertext ActiCode', Generate activation information. In step S413, the server 120 sends the activation information to the interface application 113.
在步骤 S414中, 接口应用 113将激活信息发送至激活管理应用 112。 In step S414, the interface application 113 sends the activation information to the activation management application 112.
在步骤 S415中, 激活管理应用 112采用会话密钥 Session Key来对激活信息进行解 密, 以得到可信身份标识 ID、 可信密钥 IDkey、 激活码密文 ActiCode’ 。 随后, 采用可 信密钥 IDkey来对激活码密文 ActiCode’ 进行解密, 以得到激活码 ActiCode。 In step S415, the activation management application 112 uses the Session Key to decrypt the activation information to obtain the trusted identity ID, the trusted key IDkey, and the activation code ciphertext ActiCode'. Subsequently, the trusted key IDkey is used to decrypt the activation code ciphertext ActiCode' to obtain the activation code ActiCode.
在步骤 S416中,激活管理应用 112通过终端设备的生产厂商所提供的数据接口获取 终端设备标识 Dev_FP。基于 HMAC算法,采用可信密钥 IDkey对终端设备标识 Dev_FP、 可信身份标识 ID、 生效时间 Stimel、 失效时间 Etimel和可用次数 Times 1进行加密, 生 成第二密文。 若第二密文与激活码中的校验信息一致, 则激活码验证通过, 执行步骤 S417o In step S416, the activation management application 112 obtains the terminal device identifier Dev_FP through the data interface provided by the manufacturer of the terminal device. Based on the HMAC algorithm, a trusted key IDkey is used to encrypt the terminal device identifier Dev_FP, the trusted identity identifier ID, the effective time Stimel, the expiration time Etimel, and the available times Times 1, to generate the second ciphertext. If they are consistent with the activation of the second ciphertext verification information is verified by the activation code, step S417 o
在步骤 S417和 S418中, 激活管理应用 112将可信身份标识 ID、 可信密钥 IDkey和 激活码 ActiCode加密存储至安全存储空间 111, 可信执行环境激活成功。 In steps S417 and S418, the activation management application 112 encrypts and stores the trusted identity ID, the trusted key IDkey, and the activation code ActiCode in the secure storage space 111, and the trusted execution environment is successfully activated.
在步骤 S419中,激活管理应用 112将可信执行环境激活成功的结果反馈至接口应用 In step S419, the activation management application 112 feeds back the result of successful activation of the trusted execution environment to the interface application
113。 113.
图 5示出了根据本发明一个实施例的可信执行环境的激活方法 500的流程图。 方法 Fig. 5 shows a flowchart of a method 500 for activating a trusted execution environment according to an embodiment of the present invention. method
500在服务端 (例如图 1 所示的服务端 120) 中执行, 与前述在终端设备中执行的方法 300相对应。 如图 5所示, 方法 500始于步骤 S510。 500 is executed in the server (for example, the server 120 shown in FIG. 1), which corresponds to the aforementioned method 300 executed in the terminal device. As shown in FIG. 5, the method 500 starts at step S510.
在步骤 S510中, 接收终端设备发送的终端设备标识。 In step S510, the terminal device identifier sent by the terminal device is received.
由于激活管理应用 112不可直接与服务端进行通信, 而需要经由富执行环境中的接 口应用 113来与服务端进行通信, 因此, 在步骤 S510中, 服务端从接口应用 113处接收 终端设备标识。 Since the activation management application 112 cannot directly communicate with the server, but needs to communicate with the server via the interface application 113 in the rich execution environment. Therefore, in step S510, the server receives the terminal device identifier from the interface application 113.
根据一种实施例, 在步骤 S510中, 除了接收终端设备标识之外, 还接收终端设备发 送的认证码, 认证码根据终端设备标识生成。对认证码进行验证, 在认证码验证通过后, 再执行步骤 S520, 根据终端设备标识生成激活码。 According to an embodiment, in step S510, in addition to receiving the terminal device identification, the authentication code sent by the terminal device is also received, and the authentication code is generated according to the terminal device identification. The authentication code is verified, and after the authentication code is verified, step S520 is executed to generate an activation code according to the terminal device identifier.
根据一种实施例, 认证码包括预置密钥、 第一密文和第一映射值, 其中, 第一密文 为采用预置密钥对会话密钥和终端设备标识进行加密所生成的密文, 第一映射值为采用 预设的映射函数对会话密钥和终端设备标识进行映射所得到的值。 相应地, 服务端可以 按照以下方法来对认证码进行验证: 从认证码中读取预置密钥, 采用预置密钥来对认证 码中的第一密文进行解密, 以得到会话密钥和终端设备标识。 随后, 采用预设的映射函 数来计算会话密钥和终端设备标识的第二映射值, 若第二映射值与认证码中的第一映射 值一致, 则认证码验证通过。 According to an embodiment, the authentication code includes a preset key, a first cipher text, and a first mapping value, where the first cipher text is a cipher generated by using the preset key to encrypt the session key and the terminal device identifier. Here, the first mapping value is a value obtained by using a preset mapping function to map the session key and the terminal device identifier. Correspondingly, the server can verify the authentication code according to the following method: read the preset key from the authentication code, and use the preset key to decrypt the first cipher text in the authentication code to obtain the session key And terminal device identification. Subsequently, the preset mapping function is used to calculate the second mapping value of the session key and the terminal device identification, if the second mapping value is compared with the first mapping in the authentication code If the values are consistent, the authentication code verification is passed.
认证码的生成及验证的具体实施步骤可以参考前述步骤 S310的相关描述,此处不再 赘述。 For the specific implementation steps of the generation and verification of the authentication code, please refer to the relevant description of the aforementioned step S310, which will not be repeated here.
随后, 在步骤 S520中, 生成与终端设备标识相对应的可信身份标识和可信密钥, 以 及根据终端设备标识生成激活码。 Subsequently, in step S520, a trusted identity identifier and a trusted key corresponding to the terminal device identifier are generated, and an activation code is generated according to the terminal device identifier.
可信身份标识用于唯一标识一个终端设备, 且其具备不可篡改、 不可伪造、 全球唯 一的安全属性。可信密钥为与可信身份标识相对应的密钥, 其用于对关键信息进行加密。 服务端可以按照任意算法来生成可信身份标识和可信密钥, 本发明对生成可信身份标识 和可信密钥所采用的具体算法不做限制。 在生成可信身份标识和可信密钥后, 将可信身 份标识和可信密钥关联存储。 The trusted identity identifier is used to uniquely identify a terminal device, and it has security attributes that cannot be tampered with, cannot be forged, and are globally unique. The trusted key is a key corresponding to a trusted identity, which is used to encrypt key information. The server can generate the trusted identity and the trusted key according to any algorithm, and the present invention does not limit the specific algorithm used to generate the trusted identity and the trusted key. After the trusted identity and the trusted key are generated, the trusted identity and the trusted key are associated and stored.
激活码根据终端设备标识生成, 用于对终端设备的可信执行环境进行激活。 根据一 种实施例, 激活码包括可信执行环境的使用权限信息和校验信息。 The activation code is generated according to the terminal device identification, and is used to activate the trusted execution environment of the terminal device. According to an embodiment, the activation code includes use permission information and verification information of the trusted execution environment.
可信执行环境的使用权限信息用于标记可信执行环境的使用权限。 使用权限信息例 如可以包括生效时间、 失效时间、 可用次数等, 但不限于此。 The use authority information of the trusted execution environment is used to mark the use authority of the trusted execution environment. The usage authority information may include, for example, effective time, expiration time, and available times, but is not limited to this.
校验信息用于对激活码进行校验, 以保证激活码没有被非法篡改。根据一种实施例, 校验信息包括采用可信密钥对可信身份标识、 使用权限信息、 终端设备标识进行加密所 生成的密文。 本发明对生成校验信息所采用的具体加密算法不做限制, 例如, 生成校验 信息所采用的加密算法例如可以是 HMAC算法, 但不限于此。 激活码 ActiCode的一个 示例可以参考前述表 2, 此处不再赘述。 The verification information is used to verify the activation code to ensure that the activation code has not been illegally tampered with. According to an embodiment, the verification information includes a cipher text generated by encrypting the trusted identity identifier, the use authority information, and the terminal device identifier using a trusted key. The present invention does not limit the specific encryption algorithm used to generate the verification information. For example, the encryption algorithm used to generate the verification information may be, for example, the HMAC algorithm, but is not limited thereto. For an example of the activation code ActiCode, please refer to Table 2 above, and will not be repeated here.
随后, 在步骤 S530中, 对可信身份标识、 可信密钥和激活码进行加密以生成激活信 息。 Subsequently, in step S530, the trusted identity, the trusted key and the activation code are encrypted to generate activation information.
根据一种实施例, 采用可信密钥对激活码进行加密, 以生成激活码密文; 采用会话 密钥对可信身份标识、 可信密钥、 激活码密文进行加密, 以生成激活信息。 激活信息的 具体生成步骤可以参考前述对步骤 S320的相关描述, 此处不再赘述。 According to one embodiment, the activation code is encrypted with a trusted key to generate the activation code ciphertext; the session key is used to encrypt the trusted identity, the trusted key, and the activation code ciphertext to generate activation information . For the specific steps of generating the activation information, reference may be made to the aforementioned related description of step S320, which will not be repeated here.
随后, 在步骤 S540中, 将激活信息发送至终端设备, 以便终端设备: 对激活信息进 行解密以得到可信身份标识、 可信密钥和激活码, 以及将可信身份标识、 可信密钥和激 活码加密存储至安全存储空间。 Subsequently, in step S540, the activation information is sent to the terminal device, so that the terminal device: decrypts the activation information to obtain the trusted identity, the trusted key, and the activation code, and the trusted identity, the trusted key And the activation code are encrypted and stored in a secure storage space.
步骤 S540的具体实施过程可以参考前述步骤 S330、340的相关描述,此处不再赘述。 富执行环境中的普通应用可以调用可信执行环境中的可信应用。 当可信应用被调用 时, 该被调用的可信应用将进一步调用激活管理应用 112, 以触发可信执行环境的激活 验证。 For the specific implementation process of step S540, reference may be made to the relevant descriptions of the foregoing steps S330 and 340, which are not repeated here. Common applications in the rich execution environment can call trusted applications in the trusted execution environment. When a trusted application is called, the called trusted application will further call the activation management application 112 to trigger the activation of the trusted execution environment Verification.
图 6示出了根据本发明一个实施例的可信执行环境的激活验证方法 600的流程图。 方法 600在终端设备的可信执行环境中执行, 例如, 由可信执行环境中的激活管理应用 112来执行。 如图 6所示, 方法 600始于步骤 S610。 FIG. 6 shows a flowchart of a method 600 for verifying activation of a trusted execution environment according to an embodiment of the present invention. The method 600 is executed in the trusted execution environment of the terminal device, for example, executed by the activation management application 112 in the trusted execution environment. As shown in FIG. 6, the method 600 starts at step S610.
在步骤 S610中, 获取可信身份标识、 可信密钥和可信执行环境的激活码, 激活码包 括可信执行环境的使用权限信息和校验信息, 校验信息包括采用可信密钥对可信身份标 识、 使用权限信息、 终端设备标识进行加密所生成的密文。 In step S610, a trusted identity, a trusted key, and an activation code of a trusted execution environment are obtained. The activation code includes use authority information and verification information of the trusted execution environment, and the verification information includes using a trusted key pair The ciphertext generated by encrypting the trusted identity identifier, usage authority information, and terminal device identifier.
根据一种实施例, 激活管理应用 112从安全存储空间 111中读取可信身份标识 ID、 可信密钥 IDkey和可信执行环境的激活码 ActiCode。激活码 ActiCode进一步包括使用权 限信息, 例如, 如表 2所示, 激活码 ActiCode, 包括生效时间 Stimel、 失效时间 Etimel 和可用次数 Times 1 三项使用权限信息, 以及校验信息 HMAC(IDkey, Dev_FP + ID + Stimel + Etimel +Timesl) o校验信息为基于 HMAC算法, 采用可信密钥 IDkey对终端设 备标识 Dev_FP、可信身份标识 ID、生效时间 Stimel、失效时间 Etimel和可用次数 Time si 进行加密所生成的消息摘要。 According to an embodiment, the activation management application 112 reads the trusted identity ID, the trusted key IDkey, and the activation code ActiCode of the trusted execution environment from the secure storage space 111. The activation code ActiCode further includes usage authority information. For example, as shown in Table 2, the activation code ActiCode includes the effective time Stimel, the expiration time Etimel, and the available times Times 1, and the verification information HMAC (IDkey, Dev_FP + ID + Stimel + Etimel + Timesl) o The verification information is based on the HMAC algorithm, using a trusted key IDkey to encrypt the terminal device ID Dev_FP, trusted identity ID, effective time Stimel, expiration time Etimel and available times Time si The generated message digest.
随后, 在步骤 S620中, 获取终端设备标识, 采用可信密钥对可信身份标识、 使用权 限信息、 终端设备标识进行加密, 生成第三密文。 Subsequently, in step S620, the terminal device identifier is obtained, and the trusted identity identifier, the use right information, and the terminal device identifier are encrypted by using the trusted key to generate a third ciphertext.
根据一种实施例, 通过终端设备的生产厂商所提供的数据接口获取终端设备标识 Dev_FP, 基于 HMAC算法, 采用可信密钥 IDkey对可信身份标识 ID、生效时间 Stimel、 失效时间 Etimel、 可用次数 Times 1和终端设备标识 Dev_FP进行加密, 生成第三密文。 According to an embodiment, the terminal device identifier Dev_FP is obtained through the data interface provided by the terminal device manufacturer, and based on the HMAC algorithm, the trusted key IDkey is used to identify the trusted identity ID, effective time Stimel, expiration time Etimel, and available times Times 1 and the terminal device identifier Dev_FP are encrypted to generate the third ciphertext.
随后, 在步骤 S630中, 若第三密文与校验信息一致, 且终端设备当前的使用环境与 使用权限信息匹配, 则可信执行环境激活成功。 Subsequently, in step S630, if the third ciphertext is consistent with the verification information, and the current use environment of the terminal device matches the use authority information, the trusted execution environment is activated successfully.
例如, 使用权限信息包括生效时间、 失效时间和可用次数, 相应地, 终端设备当前 的使用环境包括时间、 已用次数等信息。若终端设备当前的时间在生效时间 ~失效时间的 范围内, 且已用次数小于等于可用次数, 则终端设备当前的使用环境与使用权限信息匹 配。 For example, the use authority information includes effective time, expiration time, and available times. Accordingly, the current use environment of the terminal device includes information such as time and used times. If the current time of the terminal device is within the range of effective time to expiration time, and the number of times used is less than or equal to the number of available times, the current use environment of the terminal device matches the use authority information.
图 7示出了根据本发明一个实施例的可信执行环境的激活验证过程的示意图。 图 7 中, 安全存储空间 111、 激活管理应用 112、 第一可信应用 115、 第一普通应用 114均位 于终端设备 110中, 激活管理应用 112、 第一可信应用 115为可信执行环境中的可信应 用, 第一普通应用 114为富执行环境中的普通应用。 Fig. 7 shows a schematic diagram of an activation verification process of a trusted execution environment according to an embodiment of the present invention. In FIG. 7, the secure storage space 111, the activation management application 112, the first trusted application 115, and the first common application 114 are all located in the terminal device 110, and the activation management application 112 and the first trusted application 115 are in a trusted execution environment The first common application 114 is a common application in a rich execution environment.
在步骤 S701中, 第一普通应用 114向第一可信应用 115发起调用请求。 在步骤 S702中,第一可信应用 115触发激活管理应用 112进行可信执行环境的激活 验证。 In step S701, the first normal application 114 initiates a call request to the first trusted application 115. In step S702, the first trusted application 115 triggers the activation management application 112 to perform activation verification of the trusted execution environment.
在步骤 S703和 S704中, 激活管理应用 112从安全存储空间 111中读取可信身份标 识 ID、 可信密钥 IDkey和可信执行环境的激活码 ActiCode。 如表 2所示, ActiCode包括 生效时间 Stimel、失效时间 Etimel、可用次数 Times 1和校验信息 HMAC(IDkey, Dev_FP + ID + Stimel + Etimel +Timesl)o In steps S703 and S704, the activation management application 112 reads the trusted identity ID, the trusted key IDkey, and the activation code ActiCode of the trusted execution environment from the secure storage space 111. As shown in Table 2, ActiCode comprising effective time Stimel, expiration time Etimel, the available number of check information Times 1 and HMAC (IDkey, Dev_FP + ID + Stimel + Etimel + Timesl) o
在步骤 S705中,激活管理应用 112通过终端设备的生产厂商所提供的数据接口获取 终端设备标识 Dev_FP。 基于 HMAC算法, 采用可信密钥 IDkey对可信身份标识 ID、 生 效时间 Stimel、 失效时间 Etimel、 可用次数 Timesl和终端设备标识 Dev_FP进行加密, 生成第三密文。 若第三密文与激活码中的校验信息一致, 则激活码验证通过, 可信执行 环境已激活。 In step S705, the activation management application 112 obtains the terminal device identifier Dev_FP through the data interface provided by the manufacturer of the terminal device. Based on the HMAC algorithm, a trusted key IDkey is used to encrypt the trusted identity ID, the expiration time Stimel, the expiration time Etimel, the available times Timesl, and the terminal device identity Dev_FP to generate the third ciphertext. If the third cipher text is consistent with the verification information in the activation code, the activation code verification is passed, and the trusted execution environment has been activated.
在步骤 S706中,激活管理应用 112将可信执行环境已激活的结果发送至第一可信应 用 115。 In step S706, the activation management application 112 sends the result that the trusted execution environment has been activated to the first trusted application 115.
在步骤 S707中, 第一可信应用 115执行第一普通应用 114所请求的调用。 In step S707, the first trusted application 115 executes the call requested by the first normal application 114.
在步骤 S708中, 第一可信应用 115将调用结果返回给第一普通应用 114。 In step S708, the first trusted application 115 returns the call result to the first normal application 114.
在可信执行环境已激活的基础上, 可信执行环境可以向终端设备 110的其他应用提 供应用激活及激活验证服务, 从而保证其他应用的安全。 After the trusted execution environment has been activated, the trusted execution environment can provide activation and activation verification services to other applications of the terminal device 110, thereby ensuring the security of other applications.
图 8示出了根据本发明一个实施例的基于可信执行环境的应用激活方法 800的流程 图。 方法 800在终端设备的可信执行环境中执行, 例如, 由可信执行环境中的激活管理 应用 112来执行。 方法 200可用于激活富执行环境中的普通应用, 例如图 2中所示的第 二普通应用 116。 如图 8所示, 方法 800始于步骤 S810。 FIG. 8 shows a flowchart of a method 800 for application activation based on a trusted execution environment according to an embodiment of the present invention. The method 800 is executed in the trusted execution environment of the terminal device, for example, executed by the activation management application 112 in the trusted execution environment. The method 200 can be used to activate common applications in a rich execution environment, such as the second common application 116 shown in FIG. 2. As shown in FIG. 8, the method 800 starts at step S810.
在步骤 S810中, 将终端设备的可信身份标识发送至服务端。 In step S810, the trusted identity of the terminal device is sent to the server.
可信身份标识存储于终端设备的安全存储空间 111中, 其仅能被可信执行环境中的 特定可信应用, 例如激活管理应用 112读取。 激活管理应用 112获取可信身份标识后, 通过富执行环境中的待激活的应用 (例如图 2中的第二普通应用 116) 将可信身份标识 发送至服务端 120。 The trusted identity is stored in the secure storage space 111 of the terminal device, and it can only be read by a specific trusted application in the trusted execution environment, such as the activation management application 112. After the activation management application 112 obtains the trusted identity, it sends the trusted identity to the server 120 through the application to be activated in the rich execution environment (for example, the second common application 116 in FIG. 2).
根据一种实施例, 在将可信身份标识发送至服务端之前, 需要先验证可信执行环境 是否激活成功; 在可信执行环境激活成功的情况下, 再将终端设备的可信身份标识发送 至服务端。 According to an embodiment, before sending the trusted identity to the server, it is necessary to verify whether the trusted execution environment is successfully activated; in the case that the trusted execution environment is successfully activated, then the trusted identity of the terminal device is sent To the server.
具体地, 可以按照前述方法 600所示的步骤来验证可信执行环境是否激活成功。 若 可信执行环境激活成功, 则可信执行环境可用, 可以基于可信执行环境来对待激活的应 用进行激活。 若可信执行环境激活失败, 则可信执行环境不可用, 这时, 需要先执行前 述方法 300来激活可信执行环境,在可信执行环境激活后,才可以执行本发明的方法 800。 Specifically, the steps shown in the foregoing method 600 can be followed to verify whether the trusted execution environment is successfully activated. If If the trusted execution environment is successfully activated, the trusted execution environment is available, and the application to be activated can be activated based on the trusted execution environment. If the activation of the trusted execution environment fails, the trusted execution environment is unavailable. At this time, the aforementioned method 300 needs to be executed to activate the trusted execution environment. After the trusted execution environment is activated, the method 800 of the present invention can be executed.
根据一种实施例, 步骤 S810除了将可信身份标识发送至服务端之外, 还根据可信身 份标识生成认证码, 将认证码与可信身份标识一并发送至服务端, 以便服务端对认证码 进行验证, 在认证码验证通过后, 根据可信身份标识来生成注册码。 According to one embodiment, in addition to sending the trusted identity to the server, step S810 also generates an authentication code based on the trusted identity, and sends the authentication code and the trusted identity to the server, so that the server can pair The authentication code is verified, and after the authentication code is verified, the registration code is generated according to the trusted identity.
根据一种实施例, 认证码包括预置密钥、 第四密文和第三映射值, 其中, 第四密文 为采用预置密钥对可信身份标识进行加密所生成的密文, 第三映射值为采用预设的映射 函数对可信身份标识进行映射所得到的值。 根据一种实施例, 预置密钥是激活管理应用 112 的配置信息之一, 相应地, 预置密钥的值可以从激活管理应用的配置信息中读取。 根据一种实施例, 当激活管理应用 112与服务端通信时, 激活管理应用 112将生成用于 本次通信的令牌(Token), 该令牌包括从配置信息中读取的预置密钥。根据令牌中的预 置密钥, 可以确定第四密文, 进而生成认证码。 本领域技术人员可以理解, 除预置密钥 和会话密钥之外, 令牌中还可以包括其他信息, 例如激活管理应用 112的应用标识、 激 活管理应用 112的版本号、 预置密钥用途、 预置密钥类型等, 本发明对令牌中所包括的 具体信息不做限制。 According to an embodiment, the authentication code includes a preset key, a fourth cipher text, and a third mapping value, where the fourth cipher text is a cipher text generated by using the preset key to encrypt the trusted identity, and the first The three-mapping value is a value obtained by using a preset mapping function to map the trusted identity. According to an embodiment, the preset key is one of the configuration information of the activation management application 112, and accordingly, the value of the preset key can be read from the configuration information of the activation management application. According to an embodiment, when the activation management application 112 communicates with the server, the activation management application 112 will generate a token for this communication, the token including the preset key read from the configuration information . According to the preset key in the token, the fourth ciphertext can be determined, and then the authentication code can be generated. Those skilled in the art can understand that in addition to the preset key and the session key, the token may also include other information, such as the application identifier of the activation management application 112, the version number of the activation management application 112, and the purpose of the preset key. , Preset key types, etc. The present invention does not limit the specific information included in the token.
另外, 需要说明的是, 生成第四密文所采用的加密算法, 以及生成第三映射值所采 用的映射函数均可以由本领域技术人员自行设置, 本发明对此不做限制。 例如, 生成第 四密文所采用的加密算法可以是 AES加密算法,生成第三映射值所采用的映射函数可以 是哈希算法, 但不限于此。 In addition, it should be noted that the encryption algorithm used to generate the fourth ciphertext and the mapping function used to generate the third mapping value can be set by those skilled in the art, and the present invention does not limit this. For example, the encryption algorithm used to generate the fourth ciphertext may be an AES encryption algorithm, and the mapping function used to generate the third mapping value may be a hash algorithm, but is not limited to this.
在生成认证码后, 将认证码和可信身份标识一并发送至服务端, 以便服务端对认证 码进行验证, 保证认证码和可信身份标识在传输过程中没有被篡改。 根据一种实施例, 服务端可以按照以下方法来对认证码进行验证: After the authentication code is generated, the authentication code and the trusted identity are sent to the server side, so that the server can verify the authentication code to ensure that the authentication code and the trusted identity are not tampered with during transmission. According to an embodiment, the server can verify the authentication code according to the following method:
从认证码中读取预置密钥,采用预置密钥对第四密文进行解密以得到可信身份标识, 采用预设的映射函数来计算可信身份标识的第四映射值, 若第四映射值与认证码中的第 三映射值一致, 则认证码验证通过。 Read the preset key from the authentication code, use the preset key to decrypt the fourth cipher text to obtain the trusted identity, and use the preset mapping function to calculate the fourth mapping value of the trusted identity. The fourth mapping value is consistent with the third mapping value in the authentication code, and the authentication code verification is passed.
表 3示出了基于可信执行环境的应用激活过程中的认证码 AuthCode2的一个示例: 表 3 Table 3 shows an example of the authentication code AuthCode2 in the application activation process based on the trusted execution environment: table 3
Figure imgf000021_0001
Figure imgf000021_0001
表 3中, 预置密钥为 Provisioning Key2, 第四密文为 Provisioning_Key_Encrypt(ID), SP,第四密文为采用预置密钥 Provisioning Key2来对可信身份标识 ID进行加密所得到的 密文。第三映射值为 Hash_Sha256(ID), S卩, 第三映射值为采用 SHA256算法计算出的可 信身份标识 ID的哈希值。 In Table 3, the preset key is Provisioning Key2, the fourth ciphertext is Provisioning_Key_Encrypt(ID), SP, and the fourth ciphertext is the ciphertext obtained by using the provisioning key Provisioning Key2 to encrypt the trusted identity ID. . The third mapping value is Hash_Sha256(ID), that is, the third mapping value is the hash value of the trusted identity ID calculated using the SHA256 algorithm.
本领域技术人员可以理解, 在实践中, 除表 3 中所列的字段外, 认证码 AuthCode2 还可以包括其他字段, 例如激活管理应用 112的应用标识、激活管理应用 112的版本号、 预置密钥用途、 预置密钥类型等, 本发明对认证码中所包括的字段的数量及种类均不做 限制。 Those skilled in the art can understand that, in practice, in addition to the fields listed in Table 3, the authentication code AuthCode2 may also include other fields, such as the application identifier of the activation management application 112, the version number of the activation management application 112, and the preset secret. For key usage, preset key types, etc., the present invention does not limit the number and types of fields included in the authentication code.
在将表 3中所示的认证码 AuthCode2发送至服务端后, 服务端将对该认证码进行验 证:首先,从认证码 AuthCode2中读取预置密钥 Provisioning Key2。随后,采用 Provisioning Key2对第四密文 Provisioning_Key_Encrypt(ID)进行解密,以得到可信身份标识 ID。最后, 采用 SHA256算法来计算可信身份标识 ID的哈希值, 若该哈希值与 AuthCode2中的第 三映射值一致, 则 AuthCode2验证成功。 After sending the authentication code AuthCode2 shown in Table 3 to the server, the server will verify the authentication code: First, read the provisioning key Provisioning Key2 from the authentication code AuthCode2. Subsequently, the fourth cipher text Provisioning_Key_Encrypt (ID) is decrypted using Provisioning Key2 to obtain a trusted identity ID. Finally, the SHA256 algorithm is used to calculate the hash value of the trusted identity ID. If the hash value is consistent with the third mapping value in AuthCode2, the AuthCode2 verification is successful.
随后, 在步骤 S820中, 接收服务端返回的注册信息, 注册信息包括采用可信身份标 识所对应的可信密钥加密后的注册码, 注册码根据可信身份标识生成。 Subsequently, in step S820, the registration information returned by the server is received, the registration information includes the registration code encrypted with the trusted key corresponding to the trusted identity, and the registration code is generated based on the trusted identity.
注册码根据可信身份标识生成, 用于对待激活的应用进行激活。 根据一种实施例, 注册码包括待激活的应用的使用权限信息和校验信息。 The registration code is generated according to the trusted identity and used to activate the application to be activated. According to an embodiment, the registration code includes usage permission information and verification information of the application to be activated.
应用的使用权限信息用于标记该应用的使用权限。 使用权限信息例如可以包括生效 时间、 失效时间、 可用次数等, 但不限于此。 当使用权限信息包括生效时间、 失效时间 时, 用户仅在生效时间~失效时间的时间范围内能够正常使用该应用, 在生效时间~失效 时间的时间范围之外, 该应用不可用。 当使用权限信息包括可用次数时, 用户仅可以在 可用次数以内来使用该应用, 若用户使用该应用的次数达到可用次数后, 该应用不再可 用。 本领域技术人员可以理解, 使用权限信息可以进行配置, 其可以包括生效时间、 失 效时间、 可用次数中的至少一项, 也可以包括除生效时间、 失效时间、 可用次数之外的 其他信息, 本发明对应用的使用权限信息所包括的具体内容不做限制。 The usage permission information of the application is used to mark the usage permission of the application. The usage authority information may include, for example, effective time, expiration time, and available times, but is not limited thereto. When the usage authority information includes effective time and expiration time, the user can use the application normally only within the time range of effective time to expiration time, and the application is not available outside the time range of effective time to expiration time. When the usage permission information includes the available times, the user can only use the application within the available times. If the user uses the application for the available times, the application is no longer available. Those skilled in the art can understand that the usage authority information can be configured, and it can include at least one of effective time, expiration time, and available times, and can also include other information except effective time, expiration time, and available times. The invention does not limit the specific content included in the usage permission information of the application.
校验信息用于对注册码进行校验, 以保证注册码没有被非法篡改。根据一种实施例, 校验信息包括采用可信密钥对可信身份标识和使用权限信息进行加密所生成的密文。 本 发明对生成校验信息所采用的具体加密算法不做限制, 例如, 生成校验信息所采用的加 密算法例如可以是 HMAC ( Hash-based Message Authentication Code)算法, 但不限于此。 The verification information is used to verify the registration code to ensure that the registration code has not been illegally tampered with. According to one embodiment, The verification information includes a cipher text generated by using a trusted key to encrypt the trusted identity and usage authority information. The present invention does not limit the specific encryption algorithm used to generate the verification information. For example, the encryption algorithm used to generate the verification information may be, for example, the HMAC (Hash-based Message Authentication Code) algorithm, but is not limited thereto.
表 4示出了注册码 License的一个示例: Table 4 shows an example of the registration code License:
表 4 Table 4
Figure imgf000022_0001
Figure imgf000022_0001
表 4中, 应用的使用权限信息包括生效时间 Stime2、 失效时间 Etime2和可用次数 Times2。校验信息为 HMAC(IDkey, ID + Stime2 + Etime2 +Times2), 即, 校验信息为基于 HMAC算法,采用可信密钥 IDkey对可信身份标识 ID、生效时间 Stime2、失效时间 Etime2 和可用次数 Times2进行加密所生成的消息摘要。 In Table 4, the usage authority information of the application includes the effective time Stime2, the expiration time Etime2, and the available times Times2. The verification information is HMAC (IDkey, ID + Stime2 + Etime2 + Times2), that is, the verification information is based on the HMAC algorithm, using a trusted key IDkey to identify the trusted identity ID, effective time Stime2, expiration time Etime2, and available times The message digest generated by Times2 encryption.
在步骤 S820 中, 注册信息包括采用可信身份标识所对应的可信密钥加密后的注册 码。 即, 服务端首先确定可信身份标识所对应的可信密钥, 随后, 采用可信密钥对注册 码进行加密, 生成注册信息。 In step S820, the registration information includes the registration code encrypted with the trusted key corresponding to the trusted identity. That is, the server first determines the trusted key corresponding to the trusted identity, and then uses the trusted key to encrypt the registration code to generate registration information.
需要说明的是, 方法 800中将注册码加密生成注册信息的过程与方法 300中将激活 码加密生成激活信息的过程略有不同。 在方法 300中, 激活码经过了可信密钥、 会话密 钥的双重加密; 在方法 800中, 注册码仅经过可信密钥的单重加密。 这是因为, 在方法 300 中, 可信密钥为初次生成, 需要将可信密钥随激活码一同发送至终端设备。 而为了 保证可信密钥不被截获、 篡改, 在采用可信密钥对激活码进行加密后, 还需要采用会话 密钥来对可信密钥加密, 使可信密钥对外部不可见。 在方法 800中, 可信密钥未进行传 输, 而仅分别存储于终端设备和服务端, 即使其他设备监听到终端设备与服务端之间传 输的注册信息, 由于无法获取到可信密钥, 其也无法对注册信息进行解密以获取注册码。 因此, 在方法 800中, 仅采用可信密钥对注册码进行单重加密即可保证注册码的安全, 无需再用会话密钥进行二次加密。 It should be noted that the process of encrypting the registration code to generate registration information in method 800 is slightly different from the process of encrypting the activation code to generate activation information in method 300. In the method 300, the activation code is double-encrypted by the trusted key and the session key; in the method 800, the registration code is only single-encrypted by the trusted key. This is because in the method 300, the trusted key is generated for the first time, and the trusted key needs to be sent to the terminal device along with the activation code. In order to ensure that the trusted key is not intercepted or tampered with, after using the trusted key to encrypt the activation code, it is also necessary to use the session key to encrypt the trusted key to make the trusted key invisible to the outside. In method 800, the trusted key is not transmitted, but is only stored in the terminal device and the server. Even if other devices monitor the registration information transmitted between the terminal device and the server, since the trusted key cannot be obtained, It also cannot decrypt the registration information to obtain the registration code. Therefore, in the method 800, the security of the registration code can be ensured by only single-encrypting the registration code with the trusted key, and there is no need to use the session key for secondary encryption.
随后, 在步骤 S830中, 采用可信密钥对注册信息进行解密, 以得到注册码。 Subsequently, in step S830, the trusted key is used to decrypt the registration information to obtain the registration code.
随后, 在步骤 S840中, 将注册码加密存储至安全存储空间。 安全存储空间中的数据 只能被可信执行环境中的激活管理应用 112读取, 保证了其中的数据不会被非法获取以 及篡改。 Subsequently, in step S840, the registration code is encrypted and stored in a secure storage space. The data in the secure storage space can only be read by the activation management application 112 in the trusted execution environment, which ensures that the data in it will not be illegally obtained. And tampering.
根据一种实施例, 在步骤 S830中得到注册码后, 不是直接将注册码加密存储至安全 存储空间, 而是先根据可信身份标识来验证注册码, 以保证注册信息在服务端与终端设 备的传输过程中没有被非法篡改。 在注册码验证通过后, 再将注册码加密存储至安全存 储空间。 According to one embodiment, after the registration code is obtained in step S830, the registration code is not directly encrypted and stored in a secure storage space, but the registration code is first verified according to the trusted identity identifier to ensure that the registration information is on the server and the terminal device. No illegal tampering during the transmission. After the registration code is verified, the registration code is encrypted and stored in the secure storage space.
根据一种实施例, 可以按照以下步骤来验证注册码: 采用可信密钥对可信身份标识、 使用权限信息进行加密, 生成第五密文; 若第五密文与注册码中的校验信息一致, 则注 册码验证通过。 According to an embodiment, the registration code can be verified according to the following steps: a trusted key is used to encrypt the trusted identity and usage authority information to generate a fifth cipher text; if the fifth cipher text is verified with the registration code If the information is consistent, the registration code verification is passed.
以表 4为例, 注册码 License的验证过程如下: 获取可信密钥 IDkey, 基于 HMAC 算法, 采用可信密钥 IDkey对可信身份标识 ID、 生效时间 Stime2、 失效时间 Etime2和 可用次数 Times2进行加密, 生成第五密文。若第五密文与注册码中的校验信息一致, 则 注册码验证通过。 否则, 则验证未通过。 Taking Table 4 as an example, the verification process of the registration code license is as follows: Obtain the trusted key IDkey, based on the HMAC algorithm, use the trusted key IDkey to perform the trusted identity ID, effective time Stime2, expiration time Etime2, and available times Times2 Encrypt and generate the fifth ciphertext. If the fifth cipher text is consistent with the verification information in the registration code, the registration code verification is passed. Otherwise, the verification fails.
在将待激活的应用的注册码加密存储至安全存储空间 111后, 待激活的应用激活完 成。 安全存储空间 111中的注册码仅能由可信执行环境中的激活管理应用 112读取。 After the registration code of the application to be activated is encrypted and stored in the secure storage space 111, the activation of the application to be activated is completed. The registration code in the secure storage space 111 can only be read by the activation management application 112 in the trusted execution environment.
图 9示出了根据本发明一个实施例的基于可信执行环境的应用激活过程的示意图。 图 9中, 安全存储空间 111、 激活管理应用 112、 第二普通应用 116位于终端设备中, 激 活管理应用 112为可信执行环境中的可信应用, 第二普通应用 116为富执行环境中的待 激活的应用。 应用服务端 122、 认证服务端 124位于服务端。 应用服务端 122用于向第 二普通应用 116提供方法及数据调用, 生成第二普通应用 116的使用权限信息 (例如生 效时间、 失效时间、 可用次数等) 。 认证服务端 124用于验证终端设备 110的身份, 以 及对相关数据进行加密等。 Fig. 9 shows a schematic diagram of an application activation process based on a trusted execution environment according to an embodiment of the present invention. In FIG. 9, the secure storage space 111, the activation management application 112, and the second common application 116 are located in the terminal device, the activation management application 112 is a trusted application in a trusted execution environment, and the second common application 116 is a trusted application in a rich execution environment. The application to be activated. The application server 122 and the authentication server 124 are located on the server. The application server 122 is used to provide methods and data calls to the second ordinary application 116, and generate use permission information of the second ordinary application 116 (for example, effective time, expiration time, available times, etc.). The authentication server 124 is used to verify the identity of the terminal device 110, and to encrypt related data.
在步骤 S901中,第二普通应用 116向激活管理应用 112发起初始化可信执行环境的 请求。 激活管理应用 112基于该请求, 对可信执行环境进行激活验证。 若可信执行环境 激活验证成功, 则执行步骤 S902。 In step S901, the second normal application 116 initiates a request to the activation management application 112 to initialize the trusted execution environment. The activation management application 112 performs activation verification on the trusted execution environment based on the request. If the trusted execution environment activation verification is successful, step S902 is executed.
在步骤 S902和 S903中, 激活管理应用 112从安全存储空间 111中读取可信身份标 识 ID和可信密钥 IDkey。 In steps S902 and S903, the activation management application 112 reads the trusted identity identification ID and the trusted key IDkey from the secure storage space 111.
在步骤 S904中,激活管理应用 112根据可信身份标识 ID来生成认证码 AuthCode2, 如前述表 3 所示, AuthCode2 包括预置密钥 Provisioning Key2, 第四密文 ProvisioninLKey_Encrypt(ID)和第三映射值 Hash_Sha256(ID)。 In step S904, the activation management application 112 generates the authentication code AuthCode2 according to the trusted identity ID. As shown in Table 3, AuthCode2 includes the preset key Provisioning Key2, the fourth cipher text ProvisioninLKey_Encrypt(ID), and the third mapping value. Hash_Sha256(ID).
在步骤 S905中, 激活管理应用 112将可信身份标识 ID和认证码 AuthCode2发送至 第二普通应用 116。 In step S905, the activation management application 112 sends the trusted identity ID and the authentication code AuthCode2 to The second general application 116.
在步骤 S906中, 第二普通应用 116将可信身份标识 ID和认证码 AuthCode2发送至 应用服务端 122。 In step S906, the second common application 116 sends the trusted identity ID and the authentication code AuthCode2 to the application server 122.
在步骤 S907中, 应用服务端 122将可信身份标识 ID和认证码 AuthCode2发送至认 证服务端 124 o In step S907, the application server 122 to the trusted identity ID and the authentication code to the authentication server transmits AuthCode2 124 o
在步骤 S908中, 认证服务端 124对认证码 AuthCode2进行验证: 首先, 从认证码 AuthCode2中读取预置密钥 Provisioning Key2。 随后, 采用 Provisioning Key2对第四密 文 Provisioning_Key_Encrypt(ID)进行解密, 以得到可信身份标识 ID。最后,采用 SHA256 算法来计算可信身份标识 ID的哈希值, 若该哈希值与 AuthCode2中的第三映射值一致, 则 AuthCode2验证成功。 In step S908, the authentication server 124 verifies the authentication code AuthCode2: First, read the preset key Provisioning Key2 from the authentication code AuthCode2. Subsequently, the fourth cipher text Provisioning_Key_Encrypt (ID) is decrypted using Provisioning Key2 to obtain a trusted identity ID. Finally, the SHA256 algorithm is used to calculate the hash value of the trusted identity ID. If the hash value is consistent with the third mapping value in AuthCode2, the AuthCode2 verification is successful.
在步骤 S909中, 认证服务端 124将认证码 AuthCode2验证成功的结果返回给应用 服务端 122。 In step S909, the authentication server 124 returns the successful verification result of the authentication code AuthCode2 to the application server 122.
在步骤 S910中,应用服务端 122生成第二普通应用 116的使用权限信息,参见表 4, 使用权限信息包括生效时间 Stime2、 失效时间 Etime2和可用次数 Times2。 In step S910, the application server 122 generates the use permission information of the second common application 116, referring to Table 4. The use permission information includes the effective time Stime2, the expiration time Etime2, and the available times Times2.
在步骤 S911中, 应用服务端 122将生成的使用权限信息发送至认证服务端 124。 在步骤 S912中,认证服务端 124生成校验信息,参见表 4,校验信息为 HMAC(IDkey, ID + Stime2 + Etime2 +Times2)。 随后, 将使用权限信息和校验信息组合形成注册码 License。 查找可信身份标识 ID所对应的可信密钥 IDkey, 采用 IDkey对 License进行加 密, 生成注册信息。 In step S911, the application server 122 sends the generated usage authority information to the authentication server 124. In step S912, the authentication server 124 generates verification information, referring to Table 4, the verification information is HMAC (IDkey, ID + Stime2 + Etime2 + Times2). Subsequently, the use permission information and verification information are combined to form the registration code License. Look up the trusted key IDkey corresponding to the trusted identity ID, and use the IDkey to encrypt the License to generate registration information.
在步骤 S913-S915中,认证服务端 124依次经过应用服务端 122、第二普通应用 116, 将注册信息发送至激活管理应用 112。 In steps S913-S915, the authentication server 124 sequentially passes through the application server 122 and the second common application 116, and sends the registration information to the activation management application 112.
在步骤 S916中, 激活管理应用 112采用可信密钥 IDkey对注册信息进行解密,得到 注册码 License。 采用可信密钥 IDkey对可信身份标识 ID、 生效时间 Stime2、 失效时间 Etime2和可用次数 Times2进行加密, 生成第五密文。 若第五密文与 License中的校验信 息一致, 则注册码验证通过, 执行步骤 S917。 In step S916, the activation management application 112 uses the trusted key IDkey to decrypt the registration information to obtain the registration code License. Use the trusted key IDkey to encrypt the trusted identity ID, the effective time Stime2, the expiration time Etime2, and the available times Times2 to generate the fifth ciphertext. If the fifth ciphertext is consistent with the verification information in the License, the registration code verification is passed, and step S917 is executed.
在步骤 S917和 S918中, 激活管理应用 112将注册码 License加密存储至安全存储 空间 111, 第二普通应用 116激活成功。 In steps S917 and S918, the activation management application 112 encrypts and stores the registration code License in the secure storage space 111, and the second common application 116 is successfully activated.
在步骤 S919中,激活管理应用 112将第二普通应用 116激活成功的结果反馈至第二 普通应用 116。 In step S919, the activation management application 112 feeds back the result of the successful activation of the second common application 116 to the second common application 116.
图 10示出了根据本发明一个实施例的基于可信执行环境的应用激活方法 1000的流 程图。 方法 100在服务端 (例如图 2所示的服务端 120) 中执行, 与前述在终端设备中 执行的方法 800相对应, 适于对待激活的应用 (例如图 2所示的第二普通应用 116) 进 行激活。 FIG. 10 shows a flow of an application activation method 1000 based on a trusted execution environment according to an embodiment of the present invention Cheng Tu. The method 100 is executed in the server (for example, the server 120 shown in FIG. 2), and corresponds to the method 800 executed in the terminal device, and is suitable for the application to be activated (for example, the second ordinary application 116 shown in FIG. 2). ) To activate.
根据一种实施例, 服务端进一步包括应用服务端 (例如图 2所示的应用服务端 122) 和认证服务端 (例如图 2所示的认证服务端 124) , 应用服务端和认证服务端分工协作, 以实现基于可信执行环境的应用激活。 应用服务端可与待激活的应用直接通信, 用于向 待激活的应用提供方法及数据调用, 生成待激活的应用的使用权限信息(例如生效时间、 失效时间、 可用次数等) 。 认证服务端通常不与待激活的应用直接通信, 用于验证终端 设备 110的身份, 以及对相关数据进行加密等。 According to an embodiment, the server further includes an application server (for example, the application server 122 shown in FIG. 2) and an authentication server (for example, the authentication server 124 shown in FIG. 2), and the application server and the authentication server have a division of labor Collaborate to achieve application activation based on a trusted execution environment. The application server can directly communicate with the application to be activated, and is used to provide methods and data calls to the application to be activated, and generate usage permission information of the application to be activated (for example, effective time, expiration time, available times, etc.). The authentication server usually does not directly communicate with the application to be activated, and is used to verify the identity of the terminal device 110, and to encrypt related data.
如图 10所示, 方法 1000始于步骤 S lOlOo As shown, the method begins at step 101000 S lOlO o
在步骤 S 1010中, 接收终端设备发送的可信身份标识。 In step S1010, the trusted identity sent by the terminal device is received.
可信身份标识存储于终端设备的安全存储空间 111中, 其仅能被可信执行环境中的 特定可信应用, 例如激活管理应用 112读取。 激活管理应用 112获取可信身份标识后, 通过待激活的应用发送至应用服务端。 相应地, 应用服务端接收待激活的应用发来的可 信身份标识。 The trusted identity is stored in the secure storage space 111 of the terminal device, and it can only be read by a specific trusted application in the trusted execution environment, such as the activation management application 112. After the activation management application 112 obtains the trusted identity, it is sent to the application server through the application to be activated. Correspondingly, the application server receives the trusted identity sent by the application to be activated.
根据一种实施例, 在步骤 S 1010中, 除了接收可信身份标识之外, 还接受终端设备 发送的认证码, 认证码根据可信身份标识生成。 对认证码进行验证, 在认证码验证通过 后, 再执行步骤 S520, 根据可信身份标识生成注册码。 According to an embodiment, in step S1010, in addition to receiving the trusted identity, the authentication code sent by the terminal device is also accepted, and the authentication code is generated according to the trusted identity. The authentication code is verified, and after the authentication code is verified, step S520 is executed to generate a registration code according to the trusted identity.
根据一种实施例, 应用服务端 122在接收到第二普通应用 116发来的可信身份标识 和认证码后, 将可信身份标识和认证码转发至认证服务端 124, 由认证服务端 124来对 认证码进行验证。认证码的具体验证过程可以参考前述步骤 S810的相关描述, 此处不再 赘述。 According to an embodiment, after the application server 122 receives the trusted identity and the authentication code sent by the second common application 116, it forwards the trusted identity and the authentication code to the authentication server 124, and the authentication server 124 To verify the authentication code. For the specific verification process of the authentication code, reference may be made to the relevant description of the foregoing step S810, which is not repeated here.
随后, 在步骤 S 1020中, 根据可信身份标识生成注册码。 Subsequently, in step S1020, a registration code is generated according to the trusted identity.
根据一种实施例, 注册码包括待激活的应用的使用权限信息和校验信息, 其中, 使 用权限信息用于标记该应用的使用权限, 其例如可以包括生效时间、 失效时间、 可用次 数等, 但不限于此。 校验信息用于对注册码进行校验, 以保证注册码没有被非法篡改。 根据一种实施例, 校验信息包括采用可信密钥对可信身份标识和使用权限信息进行加密 所生成的密文。 According to an embodiment, the registration code includes use permission information and verification information of the application to be activated, where the use permission information is used to mark the use permission of the application, which may include, for example, effective time, expiration time, available times, etc. But it is not limited to this. The verification information is used to verify the registration code to ensure that the registration code has not been illegally tampered with. According to an embodiment, the verification information includes a cipher text generated by using a trusted key to encrypt the trusted identity identifier and the use authority information.
根据一种实施例,注册码中的使用权限信息由应用服务端 122生成。应用服务端 122 生成使用权限信息后, 将使用权限信息发送至认证服务端 124, 由认证服务端 124来生 成校验信息。使用权限信息、校验信息的具体生成过程可以参考前述步骤 S820的相关描 述, 此处不再赘述。 According to an embodiment, the usage permission information in the registration code is generated by the application server 122. After the application server 122 generates the usage permission information, it sends the usage permission information to the authentication server 124, which is generated by the authentication server 124 Into the verification information. For the specific generation process of the usage authority information and the verification information, reference may be made to the relevant description of the foregoing step S820, which is not repeated here.
随后, 在步骤 S1030中, 采用可信身份标识所对应的可信密钥来加密注册码, 以生 成注册信息。 Subsequently, in step S1030, the trusted key corresponding to the trusted identity is used to encrypt the registration code to generate registration information.
根据一种实施例, 步骤 S1030由认证服务端 124执行。 According to an embodiment, step S1030 is performed by the authentication server 124.
随后, 在步骤 S1040中, 将注册信息发送至终端设备, 以便终端设备: 采用可信密 钥对注册信息进行解密, 以得到注册码; 以及将注册码加密存储至安全存储空间。 Subsequently, in step S1040, the registration information is sent to the terminal device, so that the terminal device: decrypts the registration information with the trusted key to obtain the registration code; and encrypts the registration code and stores it in a secure storage space.
在步骤 S1040中, 认证服务端 124依次经过应用端 122、 待激活的应用, 将注册信 息发送至终端设备中的激活管理应用 112。 激活管理应用 112采用可信密钥对注册信息 进行解密, 以得到注册码; 以及将注册码加密存储至安全存储空间。 In step S1040, the authentication server 124 sequentially passes through the application 122 and the application to be activated, and sends the registration information to the activation management application 112 in the terminal device. The activation management application 112 uses the trusted key to decrypt the registration information to obtain the registration code; and encrypts and stores the registration code in a secure storage space.
步骤 S1040的具体实施过程可以参考前述步骤 S830、 S840的相关描述, 此处不再 赘述。 For the specific implementation process of step S1040, reference may be made to the related descriptions of the foregoing steps S830 and S840, which will not be repeated here.
当用户使用某一应用时, 将会触发该应用的激活验证。 只有当验证该应用激活成功 时, 用户才可以使用该应用; 若验证该应用激活失败, 则该应用对用户不可用。 When a user uses an application, the activation verification of the application will be triggered. Only when it is verified that the application activation is successful, the user can use the application; if the verification of the application activation fails, the application is not available to the user.
图 11示出了根据本发明一个实施例的基于可信执行环境的应用激活验证方法 1100 的流程图。方法 1100在终端设备的可信执行环境中执行, 例如, 由可信执行环境中的激 活管理应用 112来执行。 如图 11所示, 方法 l loo始于步骤 smo。 FIG. 11 shows a flowchart of a method 1100 for verifying application activation based on a trusted execution environment according to an embodiment of the present invention. The method 1100 is executed in the trusted execution environment of the terminal device, for example, executed by the activation management application 112 in the trusted execution environment. As shown in Figure 11, the method l loo starts with step smo.
在步骤 smo中, 获取可信身份标识、 可信密钥和待验证的应用的注册码, 注册码 包括使用权限信息和校验信息, 校验信息为采用可信密钥对可信身份标识、 使用权限信 息进行加密所生成的密文。 In step smo, the trusted identity, the trusted key, and the registration code of the application to be verified are obtained. The registration code includes usage authority information and verification information, and the verification information is the use of the trusted key to the trusted identity, Use permission information to encrypt the generated ciphertext.
根据一种实施例, 激活验证应用 112从安全存储空间 111中获取可信身份标识、 可 信密钥和待验证的应用的注册码。 According to an embodiment, the activation verification application 112 obtains the trusted identity, the trusted key, and the registration code of the application to be verified from the secure storage space 111.
随后, 在步骤 S1120中, 采用可信密钥对可信身份标识、 使用权限信息进行加密, 生成第六密文。 Subsequently, in step S1120, a trusted key is used to encrypt the trusted identity and usage authority information to generate a sixth ciphertext.
随后, 在步骤 S1130中, 若第六密文与校验信息一致, 则将注册码发送至待验证的 应用, 以便该应用根据当前使用环境与使用权限信息是否匹配来确定其是否激活成功。 Subsequently, in step S1130, if the sixth ciphertext is consistent with the verification information, the registration code is sent to the application to be verified, so that the application determines whether the activation is successful according to whether the current use environment matches the use permission information.
例如, 使用权限信息包括生效时间、 失效时间和可用次数, 相应地, 该应用当前的 使用环境包括时间、 已用次数等信息。若当前的时间在生效时间〜失效时间的范围内, 且 该应用的已用次数小于等于可用次数, 则当前的使用环境与使用权限信息匹配, 该应用 激活成功。 图 12 示出了根据本发明一个实施例的基于可信执行环境的应用激活验证过程的示 意图。 图 12中, 安全存储空间 111、 激活管理应用 112、 第二普通应用 116均位于终端 设备 110中, 激活管理应用 112为可信执行环境中的可信应用, 第二普通应用 116为富 执行环境中的普通应用。 For example, the use permission information includes effective time, expiration time, and available times. Accordingly, the current use environment of the application includes information such as time and used times. If the current time is within the range of effective time to expiration time, and the used times of the application are less than or equal to the available times, the current use environment matches the use permission information, and the application is successfully activated. Fig. 12 shows a schematic diagram of an application activation verification process based on a trusted execution environment according to an embodiment of the present invention. In FIG. 12, the secure storage space 111, the activation management application 112, and the second common application 116 are all located in the terminal device 110, the activation management application 112 is a trusted application in a trusted execution environment, and the second common application 116 is a rich execution environment Common applications in.
在步骤 S 1201中, 当用户使用第二普通应用 116时, 第二普通应用 116向激活管理 应用 112发起激活验证请求。 In step S1201, when the user uses the second common application 116, the second common application 116 initiates an activation verification request to the activation management application 112.
在步骤 S 1202和 S 1203中, 激活管理应用 112从安全存储空间 111中获取可信身份 标识 ID、 可信密钥 IDkey和可信执行环境的激活码 ActiCode。 In steps S1202 and S1203, the activation management application 112 obtains the trusted identity ID, the trusted key IDkey, and the activation code ActiCode of the trusted execution environment from the secure storage space 111.
在步骤 S 1204中, 激活管理应用 112根据可信身份标识 ID、 可信密钥 IDkey和激活 码 ActiCode来验证可信执行环境是否激活成功。 在可信执行环境激活成功的情况下, 继 续执行步骤 S 1205。 In step S 1204, the activation management application 112 verifies whether the trusted execution environment is successfully activated according to the trusted identity ID, the trusted key IDkey, and the activation code ActiCode. In the case that the trusted execution environment is successfully activated, step S 1205 is continued.
在步骤 S 1205和 S 1206中, 激活管理应用 112从安全存储空间 111 中获取注册码 License。 参见表 4, License包括生效时间 Stime2、 失效时间 Etime2、 可用次数 Times2 和校验信息 HMAC(IDkey, ID + Stime2 + Etime2 +Times2)。 In steps S 1205 and S 1206, the activation management application 112 obtains the registration code License from the secure storage space 111. See Table 4. The License includes the effective time Stime2, the expiration time Etime2, the available times Times2, and the verification information HMAC (IDkey, ID + Stime2 + Etime2 + Times2).
在步骤 S 1207中, 激活管理应用 112采用可信密钥 IDkey对可信身份标识 ID、 生效 时间 Stime2、 失效时间 Etime2和可用次数 Times2进行加密, 生成第六密文。 若第六密 文与 License中的校验信息一致, 则执行步骤 S 1208。 In step S 1207, the activation management application 112 uses the trusted key IDkey to encrypt the trusted identity ID, the effective time Stime2, the expiration time Etime2, and the available times Times2 to generate a sixth ciphertext. If the sixth ciphertext is consistent with the verification information in the License, step S1208 is executed.
在步骤 S 1208中, 激活管理应用 112将注册码发送至第二普通应用 116。 In step S 1208, the activation management application 112 sends the registration code to the second common application 116.
在步骤 S 1209中, 第二普通应用 116获取当前使用环境, 当前使用环境包括当前时 间和第二普通应用 116的已用次数。读取注册码中的生效时间 Stime2、失效时间 Etime2、 可用次数 Times2。判断当前时间是否在生效时间 Stime2~ 效时间 Etime2的时间范围内, 以及已用次数是否小于等于可用次数 Times2。 若当前时间在生效时间 Stime2〜失效时间 Etime2的时间范围内, 且已用次数小于等于可用次数 Times2, 则第二普通应用 116激活 成功。 In step S 1209, the second common application 116 obtains the current use environment, and the current use environment includes the current time and the number of times the second common application 116 has been used. Read the effective time Stime2, the expiration time Etime2, and the available times Times2 in the registration code. Determine whether the current time is within the effective time Stime2~effective time Etime2, and whether the used times are less than or equal to the available times Times2. If the current time is within the time range from the effective time Stime2 to the expiration time Etime2, and the used times are less than or equal to the available times Times2, the second common application 116 is successfully activated.
这里描述的各种技术可结合硬件或软件, 或者它们的组合一起实现。 从而, 本发明 的方法和设备, 或者本发明的方法和设备的某些方面或部分可采取嵌入有形媒介, 例如 可移动硬盘、 U盘、 软盘、 CD-ROM或者其它任意机器可读的存储介质中的程序代码 (即 指令)的形式, 其中当程序被载入诸如计算机之类的机器, 并被所述机器执行时, 所述机 器变成实践本发明的设备。 The various technologies described here can be implemented in combination with hardware or software, or a combination of them. Therefore, the method and device of the present invention, or some aspects or parts of the method and device of the present invention may be embedded in a tangible medium, such as a removable hard disk, U disk, floppy disk, CD-ROM, or any other machine-readable storage medium In the form of program code (ie instructions) in, when the program is loaded into a machine such as a computer and executed by the machine, the machine becomes a device for practicing the present invention.
在程序代码在可编程计算机上执行的情况下, 计算设备一般包括处理器、 处理器可 读的存储介质(包括易失性和非易失性存储器和 /或存储元件), 至少一个输入装置, 和至 少一个输出装置。 其中, 存储器被配置用于存储程序代码; 处理器被配置用于根据该存 储器中存储的所述程序代码中的指令,执行本发明的基于可信执行环境的应用激活方法。 When the program code is executed on a programmable computer, the computing device generally includes a processor, Read storage medium (including volatile and non-volatile memory and/or storage element), at least one input device, and at least one output device. The memory is configured to store program code; the processor is configured to execute the application activation method based on the trusted execution environment of the present invention according to instructions in the program code stored in the memory.
以示例而非限制的方式, 可读介质包括可读存储介质和通信介质。 可读存储介质存 储诸如计算机可读指令、 数据结构、 程序模块或其它数据等信息。 通信介质一般以诸如 载波或其它传输机制等已调制数据信号来体现计算机可读指令、 数据结构、 程序模块或 其它数据, 并且包括任何信息传递介质。 以上的任一种的组合也包括在可读介质的范围 之内。 By way of example and not limitation, readable media include readable storage media and communication media. The readable storage medium stores information such as computer readable instructions, data structures, program modules, or other data. Communication media generally embody computer-readable instructions, data structures, program modules, or other data by modulated data signals such as carrier waves or other transmission mechanisms, and include any information delivery media. Combinations of any of the above are also included in the scope of readable media.
在此处所提供的说明书中, 算法和显示不与任何特定计算机、 虚拟系统或者其它设 备固有相关。 各种通用系统也可以与本发明的示例一起使用。 根据上面的描述, 构造这 类系统所要求的结构是显而易见的。 此外, 本发明也不针对任何特定编程语言。 应当明 白, 可以利用各种编程语言实现在此描述的本发明的内容, 并且上面对特定语言所做的 描述是为了披露本发明的最佳实施方式。 In the instructions provided here, the algorithms and displays are not inherently related to any particular computer, virtual system or other equipment. Various general-purpose systems can also be used with the examples of the present invention. From the above description, the structure required to construct this type of system is obvious. In addition, the present invention is not directed to any specific programming language. It should be understood that various programming languages can be used to implement the content of the present invention described herein, and the above description of a specific language is for disclosing the best embodiment of the present invention.
在此处所提供的说明书中, 说明了大量具体细节。 然而, 能够理解, 本发明的实施 例可以在没有这些具体细节的情况下被实践。在一些实例中, 并未详细示出公知的方法、 结构和技术, 以便不模糊对本说明书的理解。 In the instructions provided here, a lot of specific details are explained. However, it can be understood that the embodiments of the present invention can be practiced without these specific details. In some examples, well-known methods, structures and technologies are not shown in detail, so as not to obscure the understanding of this specification.
类似地, 应当理解, 为了精简本公开并帮助理解各个发明方面中的一个或多个, 在 上面对本发明的示例性实施例的描述中, 本发明的各个特征有时被一起分组到单个实施 例、 图、 或者对其的描述中。 然而, 并不应将该公开的方法解释成反映如下意图: 即所 要求保护的本发明要求比在每个权利要求中所明确记载的特征更多特征。 更确切地说, 如下面的权利要求书所反映的那样, 发明方面在于少于前面公开的单个实施例的所有特 征。 因此, 遵循具体实施方式的权利要求书由此明确地并入该具体实施方式, 其中每个 权利要求本身都作为本发明的单独实施例。 Similarly, it should be understood that in order to simplify the present disclosure and help understand one or more of the various aspects of the invention, in the above description of the exemplary embodiments of the present invention, the various features of the present invention are sometimes grouped together into a single embodiment. Figure, or its description. However, the disclosed method should not be interpreted as reflecting the following intention: That is, the claimed invention requires more features than the features explicitly recorded in each claim. More precisely, as reflected in the following claims, the inventive aspect lies in less than all the features of a single embodiment disclosed previously. Therefore, the claims following the specific embodiment are hereby explicitly incorporated into the specific embodiment, wherein each claim itself serves as a separate embodiment of the present invention.
本领域那些技术人员应当理解在本文所公开的示例中的设备的模块或单元或组件可 以布置在如该实施例中所描述的设备中, 或者可替换地可以定位在与该示例中的设备不 同的一个或多个设备中。 前述示例中的模块可以组合为一个模块或者此外可以分成多个 子模块。 Those skilled in the art should understand that the modules or units or components of the device in the example disclosed herein can be arranged in the device as described in this embodiment, or alternatively can be positioned differently from the device in this example In one or more devices. The modules in the preceding examples can be combined into one module or can be divided into multiple sub-modules.
本领域那些技术人员可以理解, 可以对实施例中的设备中的模块进行自适应性地改 变并且把它们设置在与该实施例不同的一个或多个设备中。 可以把实施例中的模块或单 元或组件组合成一个模块或单元或组件, 以及此外可以把它们分成多个子模块或子单元 或子组件。 除了这样的特征和 /或过程或者单元中的至少一些是相互排斥之外, 可以采用 任何组合对本说明书 (包括伴随的权利要求、 摘要和附图) 中公开的所有特征以及如此 公开的任何方法或者设备的所有过程或单元进行组合。除非另外明确陈述,本说明书(包 括伴随的权利要求、 摘要和附图) 中公开的每个特征可以由提供相同、 等同或相似目的 的替代特征来代替。 Those skilled in the art can understand that it is possible to adaptively change the modules in the device in the embodiment and set them in one or more devices different from the embodiment. The modules or units or components in the embodiments can be combined into one module or unit or component, and in addition, they can be divided into multiple sub-modules or sub-units Or subcomponents. Except that at least some of such features and/or processes or units are mutually exclusive, any combination can be used to compare all features disclosed in this specification (including the accompanying claims, abstract and drawings) and any method or methods disclosed in this manner or All the processes or units of the equipment are combined. Unless expressly stated otherwise, each feature disclosed in this specification (including the accompanying claims, abstract and drawings) may be replaced by an alternative feature providing the same, equivalent or similar purpose.
此外, 本领域的技术人员能够理解, 尽管在此所述的一些实施例包括其它实施例中 所包括的某些特征而不是其它特征, 但是不同实施例的特征的组合意味着处于本发明的 范围之内并且形成不同的实施例。 例如, 在下面的权利要求书中, 所要求保护的实施例 的任意之一都可以以任意的组合方式来使用。 In addition, those skilled in the art can understand that although some embodiments described herein include certain features included in other embodiments but not other features, the combination of features of different embodiments means that they are within the scope of the present invention. Within and form different embodiments. For example, in the following claims, any one of the claimed embodiments can be used in any combination.
此外, 所述实施例中的一些在此被描述成可以由计算机系统的处理器或者由执行所 述功能的其它装置实施的方法或方法元素的组合。 因此, 具有用于实施所述方法或方法 元素的必要指令的处理器形成用于实施该方法或方法元素的装置。 此外, 装置实施例的 在此所述的元素是如下装置的例子: 该装置用于实施由为了实施该发明的目的的元素所 执行的功能。 In addition, some of the described embodiments are described herein as methods or combinations of method elements that can be implemented by a processor of a computer system or by other devices that perform the described functions. Therefore, a processor with the necessary instructions for implementing the method or method element forms a device for implementing the method or method element. In addition, the elements of the device embodiment described herein are examples of the device: The device is used to implement the function performed by the element for the purpose of implementing the invention.
如在此所使用的那样, 除非另行规定, 使用序数词“第一” 、 “第二” 、 “第三” 等等来描述普通对象仅仅表示涉及类似对象的不同实例, 并且并不意图暗示这样被描述 的对象必须具有时间上、 空间上、 排序方面或者以任意其它方式的给定顺序。 As used herein, unless otherwise specified, the use of ordinal numbers "first", "second", "third", etc. to describe ordinary objects merely means different instances of similar objects, and is not intended to imply such The described objects must have a given order in terms of time, space, order, or in any other way.
尽管根据有限数量的实施例描述了本发明, 但是受益于上面的描述, 本技术领域内 的技术人员明白, 在由此描述的本发明的范围内, 可以设想其它实施例。 此外, 应当注 意, 本说明书中使用的语言主要是为了可读性和教导的目的而选择的, 而不是为了解释 或者限定本发明的主题而选择的。 因此, 在不偏离所附权利要求书的范围和精神的情况 下, 对于本技术领域的普通技术人员来说许多修改和变更都是显而易见的。 对于本发明 的范围, 对本发明所做的公开是说明性的而非限制性的, 本发明的范围由所附权利要求 书限定。 Although the present invention has been described in terms of a limited number of embodiments, benefiting from the above description, those skilled in the art will understand that other embodiments can be envisaged within the scope of the invention thus described. In addition, it should be noted that the language used in this specification is mainly selected for readability and teaching purposes, not for explaining or limiting the subject of the present invention. Therefore, without departing from the scope and spirit of the appended claims, many modifications and changes are obvious to those of ordinary skill in the art. As for the scope of the present invention, the disclosure of the present invention is illustrative rather than restrictive, and the scope of the present invention is defined by the appended claims.

Claims

权 利 要 求 书 Claims
1. 一种可信执行环境的激活方法,所述可信执行环境部署于终端设备中,所述方法 包括: 1. A method for activating a trusted execution environment, the trusted execution environment being deployed in a terminal device, the method including:
将终端设备标识发送至服务端; Send the terminal equipment identification to the server;
接收服务端返回的激活信息, 所述激活信息包括加密后的可信身份标识、 可信密钥 和激活码, 所述可信身份标识、 可信密钥与所述终端设备标识相对应, 所述激活码根据 所述终端设备标识生成; Receive activation information returned by the server, where the activation information includes an encrypted trusted identity, a trusted key, and an activation code, and the trusted identity and the trusted key correspond to the terminal device identity, so The activation code is generated according to the terminal device identification;
对所述激活信息进行解密, 以得到可信身份标识、 可信密钥和激活码; Decrypt the activation information to obtain a trusted identity, a trusted key, and an activation code;
将所述可信身份标识、 可信密钥和激活码加密存储至安全存储空间。 The trusted identity, the trusted key, and the activation code are encrypted and stored in a secure storage space.
2. 如权利要求 1所述的方法,其中,所述激活信息包括采用会话密钥对所述可信身 份标识、 可信密钥、 激活码密文进行加密所生成的密文, 所述激活码密文为采用所述可 信密钥对所述激活码进行加密所生成的密文。 2. The method according to claim 1, wherein the activation information comprises a ciphertext generated by encrypting the trusted identity identifier, the trusted key, and the activation code ciphertext using a session key, and the activation The code ciphertext is a ciphertext generated by encrypting the activation code using the trusted key.
3. 如权利要求 2所述的方法, 其中, 所述对所述激活信息进行解密, 以得到可信身 份标识、 可信密钥和激活码的步骤包括: 3. The method according to claim 2, wherein the step of decrypting the activation information to obtain a trusted identity identifier, a trusted key and an activation code comprises:
采用会话密钥对所述激活信息进行解密, 以得到可信身份标识、 可信密钥和激活码 密文; Decrypt the activation information by using the session key to obtain the trusted identity, the trusted key, and the ciphertext of the activation code;
采用可信密钥对所述激活码密文进行解密, 以得到激活码。 Use the trusted key to decrypt the activation code cipher text to obtain the activation code.
4. 如权利要求 1所述的方法, 其中, 在所述对所述激活信息进行解密的步骤之后, 还包括: 4. The method according to claim 1, wherein after the step of decrypting the activation information, the method further comprises:
根据所述终端设备标识来验证所述激活码, 在激活码验证通过后, 将所述可信身份 标识、 可信密钥和激活码加密存储至安全存储空间。 The activation code is verified according to the terminal device identifier, and after the activation code is verified, the trusted identity identifier, the trusted key and the activation code are encrypted and stored in a secure storage space.
5. 如权利要求 4所述的方法,其中,所述激活码包括可信执行环境的使用权限信息 和校验信息,所述校验信息包括采用所述可信密钥对所述可信身份标识、使用权限信息、 终端设备标识进行加密所生成的密文; 5. The method according to claim 4, wherein the activation code includes use permission information and verification information of a trusted execution environment, and the verification information includes using the trusted key to verify the trusted identity The ciphertext generated by encrypting the identification, use authority information, and terminal device identification;
所述根据所述终端设备标识来验证所述激活码的步骤包括: The step of verifying the activation code according to the terminal device identifier includes:
采用可信密钥对所述可信身份标识、 使用权限信息、 终端设备标识进行加密, 生成 第一密文; Encrypting the trusted identity identifier, use authority information, and terminal device identifier by using a trusted key to generate a first ciphertext;
若所述第一密文与所述校验信息一致, 则激活码验证通过。 If the first ciphertext is consistent with the verification information, the activation code verification is passed.
6. 如权利要求 5所述的方法, 其中, 所述使用权限信息包括生效时间、 失效时间、 可用次数。 6. The method of claim 5, wherein the usage authority information includes effective time, expiration time, and available times.
7. 如权利要求 1所述的方法, 还包括: 7. The method according to claim 1, further comprising:
根据终端设备标识生成认证码; Generate an authentication code according to the terminal device identification;
将所述认证码发送至服务端, 以便服务端对所述认证码进行验证, 并在认证码验证 通过后, 根据所述终端设备标识生成激活码。 The authentication code is sent to the server, so that the server verifies the authentication code, and after the authentication code is verified, an activation code is generated according to the terminal device identification.
8. 如权利要求 7所述的方法, 其中, 所述认证码包括预置密钥、 第二密文和第一映 射值, 所述第二密文为采用预置密钥对会话密钥和终端设备标识进行加密所生成的密 文, 所述第一映射值为采用预设的映射函数对会话密钥和终端设备标识进行映射所得到 的值; 8. The method according to claim 7, wherein the authentication code includes a preset key, a second ciphertext, and a first mapping value, and the second ciphertext is a pair of session key and A ciphertext generated by encrypting the terminal device identifier, where the first mapping value is a value obtained by mapping the session key and the terminal device identifier using a preset mapping function;
所述服务端适于按照以下方法来对认证码进行验证: The server is suitable for verifying the authentication code according to the following method:
采用所述预置密钥来对所述第二密文进行解密以得到所述会话密钥和所述终端设 备标识, 采用所述预设的映射函数来计算所述会话密钥和所述终端设备标识的第二映射 值, 若第二映射值与所述第一映射值一致, 则认证码验证通过。 Use the preset key to decrypt the second ciphertext to obtain the session key and the terminal device identifier, and use the preset mapping function to calculate the session key and the terminal If the second mapping value of the device identifier is consistent with the first mapping value, the authentication code verification is passed.
9. 如权利要求 1所述的方法, 由所述可信执行环境中的激活管理应用执行,所述安 全存储空间仅能被所述激活管理应用访问。 9. The method of claim 1, executed by an activation management application in the trusted execution environment, and the secure storage space can only be accessed by the activation management application.
10. 如权利要求 9所述的方法, 其中, 所述激活管理应用经由位于富执行环境中的 接口应用与所述服务端通信。 10. The method of claim 9, wherein the activation management application communicates with the server via an interface application located in a rich execution environment.
11. 一种可信执行环境的激活方法, 所述可信执行环境部署于终端设备中, 所述方 法包括: 11. A method for activating a trusted execution environment, the trusted execution environment being deployed in a terminal device, the method comprising:
接收终端设备发送的终端设备标识; Receiving the terminal device identifier sent by the terminal device;
生成与所述终端设备标识相对应的可信身份标识和可信密钥, 以及根据所述终端设 备标识生成激活码; Generating a trusted identity identifier and a trusted key corresponding to the terminal device identifier, and generating an activation code according to the terminal device identifier;
对所述可信身份标识、 可信密钥和激活码进行加密以生成激活信息; Encrypting the trusted identity, the trusted key and the activation code to generate activation information;
将所述激活信息发送至所述终端设备, 以便所述终端设备: 对所述激活信息进行解 密以得到可信身份标识、 可信密钥和激活码, 以及将所述可信身份标识、 可信密钥和激 活码加密存储至安全存储空间。 The activation information is sent to the terminal device, so that the terminal device: decrypts the activation information to obtain a trusted identity, a trusted key, and an activation code, and transmits the trusted identity to The letter key and activation code are encrypted and stored in a secure storage space.
12. 如权利要求 11所述的方法, 其中, 所述激活信息按照以下步骤生成: 采用所述可信密钥对所述激活码进行加密, 以生成激活码密文; 12. The method according to claim 11, wherein the activation information is generated according to the following steps: encrypting the activation code with the trusted key to generate an activation code ciphertext;
采用会话密钥对所述可信身份标识、 可信密钥、 激活码密文进行加密, 以生成激活 The session key is used to encrypt the trusted identity, the trusted key, and the cipher text of the activation code to generate activation
13. 如权利要求 11所述的方法,其中,所述激活码包括可信执行环境的使用权限信 息和校验信息, 所述校验信息包括采用所述可信密钥对所述可信身份标识、 使用权限信 息、 终端设备标识进行加密所生成的密文。 13. The method of claim 11, wherein the activation code includes a trusted execution environment usage authority letter Information and verification information, where the verification information includes a cipher text generated by encrypting the trusted identity identifier, usage authority information, and terminal device identifier using the trusted key.
14. 如权利要求 13所述的方法,其中,所述使用权限信息包括生效时间、失效时间、 可用次数。 14. The method of claim 13, wherein the usage authority information includes effective time, expiration time, and available times.
15. 如权利要求 11所述的方法, 还包括: 15. The method of claim 11, further comprising:
接收终端设备发送的认证码, 所述认证码根据所述终端设备标识生成; Receiving an authentication code sent by a terminal device, where the authentication code is generated according to the terminal device identifier;
对所述认证码进行验证; Verify the authentication code;
在认证码验证通过后, 根据所述终端设备标识生成激活码。 After the authentication code is verified, an activation code is generated according to the terminal device identification.
16. 如权利要求 15所述的方法, 其中, 所述认证码包括预置密钥、 第一密文和第一 映射值, 所述第一密文为采用预置密钥对会话密钥和终端设备标识进行加密所生成的密 文, 所述第一映射值为采用预设的映射函数对会话密钥和终端设备标识进行映射所得到 的值; 16. The method according to claim 15, wherein the authentication code includes a preset key, a first ciphertext, and a first mapping value, and the first ciphertext is a pair of session key and A ciphertext generated by encrypting the terminal device identifier, where the first mapping value is a value obtained by mapping the session key and the terminal device identifier using a preset mapping function;
所述对所述认证码进行验证的步骤包括: The step of verifying the authentication code includes:
采用所述预置密钥对所述第一密文进行解密, 以得到所述会话密钥和所述终端设备 标识; Decrypt the first ciphertext by using the preset key to obtain the session key and the terminal device identifier;
采用所述预设的映射函数来计算所述会话密钥和所述终端设备标识的第二映射值; 若第二映射值与所述第一映射值一致, 则认证码验证通过。 The preset mapping function is used to calculate the second mapping value of the session key and the terminal device identifier; if the second mapping value is consistent with the first mapping value, the authentication code verification is passed.
17. 一种可信执行环境的激活验证方法, 在终端设备的可信执行环境中执行, 所述 方法包括: 17. A method for activation verification of a trusted execution environment, executed in a trusted execution environment of a terminal device, the method comprising:
获取可信身份标识、 可信密钥和可信执行环境的激活码, 所述激活码包括可信执行 环境的使用权限信息和校验信息, 所述校验信息包括采用所述可信密钥对所述可信身份 标识、 使用权限信息、 终端设备标识进行加密所生成的密文; Acquire a trusted identity, a trusted key, and an activation code of a trusted execution environment, where the activation code includes use permission information and verification information of the trusted execution environment, and the verification information includes using the trusted key Ciphertext generated by encrypting the trusted identity identifier, use authority information, and terminal device identifier;
获取终端设备标识, 采用可信密钥对所述可信身份标识、 使用权限信息、 终端设备 标识进行加密, 生成第一密文; Acquiring a terminal device identifier, encrypting the trusted identity identifier, use authority information, and terminal device identifier using a trusted key, to generate a first cipher text;
若所述第一密文与所述校验信息一致, 且终端设备当前的使用环境与所述使用权限 信息匹配, 则所述可信执行环境激活成功。 If the first ciphertext is consistent with the verification information, and the current use environment of the terminal device matches the use authority information, the trusted execution environment is successfully activated.
18. 一种基于可信执行环境的应用激活方法,所述可信执行环境部署于终端设备中, 所述方法包括: 18. An application activation method based on a trusted execution environment, the trusted execution environment being deployed in a terminal device, the method including:
将终端设备的可信身份标识发送至服务端: Send the trusted identity of the terminal device to the server:
接收服务端返回的注册信息, 所述注册信息包括采用所述可信身份标识所对应的可 信密钥加密后的注册码, 所述注册码根据所述可信身份标识生成; Receive registration information returned by the server, where the registration information includes the available information corresponding to the trusted identity A registration code encrypted by a trust key, where the registration code is generated according to the trusted identity identifier;
采用可信密钥对所述注册信息进行解密, 以得到注册码; Decrypt the registration information by using a trusted key to obtain a registration code;
将所述注册码加密存储至安全存储空间。 The registration code is encrypted and stored in a safe storage space.
19. 如权利要求 18所述的方法, 还包括: 19. The method of claim 18, further comprising:
验证可信执行环境是否激活成功; Verify whether the trusted execution environment is successfully activated;
在可信执行环境激活成功的情况下, 将终端设备的可信身份标识发送至服务端。 In the case of successful activation of the trusted execution environment, the trusted identity of the terminal device is sent to the server.
20. 如权利要求 18所述的方法,其中,在所述采用可信密钥对所述注册信息进行解 密的步骤之后, 还包括: 20. The method according to claim 18, wherein, after the step of using a trusted key to decrypt the registration information, the method further comprises:
根据所述可信身份标识来验证所述注册码, 在注册码验证通过后, 将所述注册码加 密存储至安全存储空间。 The registration code is verified according to the trusted identity, and after the verification of the registration code is passed, the registration code is encrypted and stored in a secure storage space.
21. 如权利要求 20所述的方法,其中,所述注册码包括待激活的应用的使用权限信 息和校验信息, 所述校验信息包括采用所述可信密钥对所述可信身份标识和所述使用权 限信息进行加密所生成的密文; 21. The method according to claim 20, wherein the registration code includes usage authority information and verification information of the application to be activated, and the verification information includes using the trusted key to verify the trusted identity The ciphertext generated by encrypting the identifier and the usage authority information;
所述根据所述可信身份标识来验证所述注册码的步骤包括: The step of verifying the registration code according to the trusted identity includes:
采用可信密钥对所述可信身份标识、 使用权限信息进行加密, 生成第一密文; 若所述第一密文与所述校验信息一致, 则注册码验证通过。 Use a trusted key to encrypt the trusted identity and use authority information to generate a first ciphertext; if the first ciphertext is consistent with the verification information, the registration code verification is passed.
22. 如权利要求 21所述的方法,其中,所述使用权限信息包括生效时间、失效时间、 可用次数。 22. The method of claim 21, wherein the usage authority information includes effective time, expiration time, and available times.
23. 如权利要求 18所述的方法, 还包括: 23. The method of claim 18, further comprising:
根据可信身份标识生成认证码; Generate an authentication code according to the trusted identity;
将所述认证码发送至服务端, 以便服务端对所述认证码进行验证, 并在认证码验证 通过后, 根据所述可信身份标识生成注册码。 The authentication code is sent to the server, so that the server verifies the authentication code, and after the authentication code is verified, the registration code is generated according to the trusted identity.
24. 如权利要求 23所述的方法, 其中, 所述认证码包括预置密钥、 第二密文和第一 映射值, 所述第二密文为采用预置密钥对可信身份标识进行加密所生成的密文, 所述第 一映射值为采用预设的映射函数对可信身份标识进行映射所得到的值; 24. The method according to claim 23, wherein the authentication code includes a preset key, a second cipher text, and a first mapping value, and the second cipher text is a trusted identity identification using the preset key Performing encryption on the generated ciphertext, where the first mapping value is a value obtained by mapping the trusted identity identifier using a preset mapping function;
所述服务端适于按照以下方法来对认证码进行验证: The server is suitable for verifying the authentication code according to the following method:
采用所述预置密钥对所述第二密文进行解密以得到所述可信身份标识, 采用所述预 设的映射函数来计算所述可信身份标识的第二映射值,若第二映射值与所述第一映射值 一致, 则认证码验证通过。 Use the preset key to decrypt the second ciphertext to obtain the trusted identity, use the preset mapping function to calculate the second mapping value of the trusted identity, if the second If the mapping value is consistent with the first mapping value, the authentication code verification is passed.
25. 如权利要求 18所述的方法, 由所述可信执行环境中的激活管理应用执行,所述 安全存储空间仅能被所述激活管理应用访问。 25. The method of claim 18, executed by an activation management application in the trusted execution environment, the The secure storage space can only be accessed by the activation management application.
26. 如权利要求 25所述的方法,其中,所述激活管理应用经由待激活的应用与所述 服务端通信。 26. The method of claim 25, wherein the activation management application communicates with the server via the application to be activated.
27. 一种基于可信执行环境的应用激活方法,所述可信执行环境部署于终端设备中, 所述方法包括: 27. An application activation method based on a trusted execution environment, the trusted execution environment being deployed in a terminal device, the method including:
接收终端设备发送的可信身份标识; Receive the trusted identity sent by the terminal device;
根据所述可信身份标识生成注册码; Generating a registration code according to the trusted identity;
采用所述可信身份标识所对应的可信密钥来加密所述注册码, 以生成注册信息; 将所述注册信息发送至所述终端设备, 以便所述终端设备: 采用可信密钥对所述注 册信息进行解密, 以得到注册码; 以及将所述注册码加密存储至安全存储空间。 Use the trusted key corresponding to the trusted identity to encrypt the registration code to generate registration information; send the registration information to the terminal device, so that the terminal device: uses a trusted key pair Decrypting the registration information to obtain a registration code; and encrypting and storing the registration code in a secure storage space.
28. 如权利要求 27所述的方法,其中,所述注册码包括待激活的应用的使用权限信 息和校验信息, 所述校验信息包括采用所述可信密钥对所述可信身份标识和所述使用权 限信息进行加密所生成的密文。 28. The method of claim 27, wherein the registration code includes usage authority information and verification information of the application to be activated, and the verification information includes using the trusted key to verify the trusted identity The ciphertext generated by encrypting the identifier and the usage authority information.
29. 如权利要求 28所述的方法,其中,所述使用权限信息包括生效时间、失效时间、 可用次数。 29. The method of claim 28, wherein the usage authority information includes effective time, expiration time, and available times.
30. 如权利要求 28所述的方法, 其中, 所述方法在服务端执行, 所述服务端包括应 用服务端和认证服务端, 所述使用权限信息由所述应用服务端生成, 所述校验信息由所 述认证服务端生成。 30. The method of claim 28, wherein the method is executed on a server, and the server includes an application server and an authentication server, the usage authority information is generated by the application server, and the verification The authentication information is generated by the authentication server.
31. 如权利要求 27所述的方法, 还包括: 31. The method of claim 27, further comprising:
接收终端设备发送的认证码, 所述认证码根据所述可信身份标识生成; Receiving an authentication code sent by a terminal device, where the authentication code is generated according to the trusted identity identifier;
对所述认证码进行验证; Verify the authentication code;
在认证码验证通过后, 根据所述可信身份标识生成注册码。 After the authentication code is verified, a registration code is generated according to the trusted identity identifier.
32. 如权利要求 31所述的方法, 其中, 所述认证码包括预置密钥、 第一密文和第一 映射值, 所述第一密文为采用预置密钥对可信身份标识进行加密所生成的密文, 所述第 一映射值为采用预设的映射函数对可信身份标识进行映射所得到的值; 32. The method according to claim 31, wherein the authentication code includes a preset key, a first ciphertext, and a first mapping value, and the first ciphertext is a trusted identity identification using the preset key Performing encryption on the generated ciphertext, where the first mapping value is a value obtained by mapping the trusted identity identifier using a preset mapping function;
所述对所述认证码进行验证的步骤包括: The step of verifying the authentication code includes:
采用所述预置密钥对所述第一密文进行解密以得到所述可信身份标识; Decrypt the first ciphertext by using the preset key to obtain the trusted identity;
采用所述预设的映射函数来计算所述可信身份标识的第二映射值; Using the preset mapping function to calculate the second mapping value of the trusted identity;
若第二映射值与所述第一映射值一致, 则认证码验证通过。 If the second mapping value is consistent with the first mapping value, the authentication code verification is passed.
33. 一种基于可信执行环境的应用激活验证方法, 在终端设备的可信执行环境中执 行, 所述方法包括: 33. An application activation verification method based on a trusted execution environment, which executes in the trusted execution environment of a terminal device OK, the method includes:
获取可信身份标识、 可信密钥和待验证的应用的注册码, 所述注册码包括使用权限 信息和校验信息, 所述校验信息为采用所述可信密钥对所述可信身份标识、 使用权限信 息进行加密所生成的密文; Obtain a trusted identity, a trusted key, and a registration code of the application to be verified, where the registration code includes usage authority information and verification information, and the verification information is that the trusted key is used to verify the trusted The ciphertext generated by encrypting the identity identification and the use authority information;
采用所述可信密钥对所述可信身份标识、 使用权限信息进行加密, 生成第一密文; 若所述第一密文与所述校验信息一致, 则将所述注册码发送至待验证的应用, 以便 所述应用根据当前使用环境与所述使用权限信息是否匹配来确定其是否激活成功。 Use the trusted key to encrypt the trusted identity and use authority information to generate a first ciphertext; if the first ciphertext is consistent with the verification information, the registration code is sent to The application to be verified, so that the application determines whether it is successfully activated according to whether the current use environment matches the use permission information.
34. 一种终端设备, 所述终端设备上部署有可信执行环境, 34. A terminal device on which a trusted execution environment is deployed,
所述可信执行环境包括激活管理应用, 所述激活管理应用适于执行如权利要求 1- 10、 17、 18-26、 33中任一项所述的方法。 The trusted execution environment includes an activation management application, and the activation management application is adapted to execute the method according to any one of claims 1- 10, 17, 18-26, and 33.
35. 一种服务器, 包括: 35. A server, including:
至少一个处理器; 和 At least one processor; and
存储有程序指令的存储器, 其中, 所述程序指令被配置为适于由所述至少一个处理 器执行, 所述程序指令包括用于执行如权利要求 11- 16、 27-32中任一项所述的方法的指 令。 A memory storing program instructions, where the program instructions are configured to be executed by the at least one processor, and the program instructions include instructions for executing any one of claims 11-16 and 27-32. Instructions for the described method.
36. 一种基于可信执行环境的应用激活系统, 包括: 36. An application activation system based on a trusted execution environment, including:
如权利要求 34所述的终端设备; 以及 The terminal device according to claim 34; and
如权利要求 35所述的服务器。 The server according to claim 35.
PCT/CN2020/075688 2019-02-27 2020-02-18 Trusted execution environment-based application activation method and apparatus WO2020173332A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910145498.3 2019-02-27
CN201910145498.3A CN111625829A (en) 2019-02-27 2019-02-27 Application activation method and device based on trusted execution environment

Publications (1)

Publication Number Publication Date
WO2020173332A1 true WO2020173332A1 (en) 2020-09-03

Family

ID=72240190

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/075688 WO2020173332A1 (en) 2019-02-27 2020-02-18 Trusted execution environment-based application activation method and apparatus

Country Status (3)

Country Link
CN (1) CN111625829A (en)
TW (1) TW202109320A (en)
WO (1) WO2020173332A1 (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112398818B (en) * 2020-11-02 2023-03-07 深圳数联天下智能科技有限公司 Software activation method and related device thereof
CN112349149A (en) * 2020-11-05 2021-02-09 中国联合网络通信集团有限公司 Internet unmanned aerial vehicle monitoring method, client, internet unmanned aerial vehicle and monitoring platform
CN112507325B (en) * 2020-12-03 2022-10-28 深圳天地宽视信息科技有限公司 Method, device, equipment and storage medium for managing equipment access authority
CN112632481A (en) * 2020-12-11 2021-04-09 深圳市英威腾电气股份有限公司 Method for authorizing software, terminal device and storage medium
CN112635038A (en) * 2020-12-24 2021-04-09 赛诺联合医疗科技(北京)有限公司 Activation method of PET-CT equipment
CN112953951B (en) * 2021-03-02 2022-04-12 浪潮云信息技术股份公司 User login verification and security detection method and system based on domestic CPU
CN113268742B (en) * 2021-04-07 2022-05-24 支付宝(杭州)信息技术有限公司 Data authorization method and device and electronic equipment
CN114301590B (en) * 2021-12-28 2023-11-10 西安电子科技大学 Trusted starting method and system of unmanned aerial vehicle-mounted control system based on TPM
CN115168816B (en) * 2022-08-03 2023-08-04 明阳产业技术研究院(沈阳)有限公司 Software anti-piracy method, device, equipment and medium
CN117353921B (en) * 2023-12-06 2024-02-13 飞腾信息技术有限公司 Key management method, device, computing equipment and computer readable storage medium
CN117375832B (en) * 2023-12-06 2024-02-27 飞腾信息技术有限公司 Key management method, device, computing equipment and computer readable storage medium
CN117556391B (en) * 2023-12-28 2024-03-22 江苏万禾科技集团有限公司 Activation code generation method, electronic equipment activation method and device

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050182732A1 (en) * 2003-01-31 2005-08-18 Microsoft Corporation Systems and methods for using machine attributes to deter software piracy in an enterprise environment
CN101211394A (en) * 2006-12-30 2008-07-02 智多微电子(上海)有限公司 Software authorization method and device
CN105656898A (en) * 2016-01-07 2016-06-08 广西英腾教育科技股份有限公司 Multi-dimensional information based activation code data processing system and method
CN106446613A (en) * 2016-08-29 2017-02-22 武汉启目科技有限公司 Protection method for pre-installed application in terminal
CN107391971A (en) * 2017-06-13 2017-11-24 北京航天发射技术研究所 A kind of guard method of software license mandate
CN107508791A (en) * 2017-07-12 2017-12-22 武汉精伦电气有限公司 A kind of terminal identity verification method and system based on distributed key encryption
CN107679371A (en) * 2017-09-25 2018-02-09 用友网络科技股份有限公司 Software license control method, device, computer equipment and readable storage medium storing program for executing
CN107784206A (en) * 2017-11-10 2018-03-09 北京深思数盾科技股份有限公司 Method for protecting software and device and software verification method and device
CN107832589A (en) * 2017-11-29 2018-03-23 苏州科达科技股份有限公司 Software copyright protecting method and its system
CN108376211A (en) * 2018-02-07 2018-08-07 杭州矩视科技有限公司 A kind of soft ware authorization management method, server and system
CN109271757A (en) * 2018-08-10 2019-01-25 神州网信技术有限公司 A kind of offline Activiation method and system of software
US10218696B2 (en) * 2016-06-30 2019-02-26 Microsoft Technology Licensing, Llc Targeted secure software deployment

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050182732A1 (en) * 2003-01-31 2005-08-18 Microsoft Corporation Systems and methods for using machine attributes to deter software piracy in an enterprise environment
CN101211394A (en) * 2006-12-30 2008-07-02 智多微电子(上海)有限公司 Software authorization method and device
CN105656898A (en) * 2016-01-07 2016-06-08 广西英腾教育科技股份有限公司 Multi-dimensional information based activation code data processing system and method
US10218696B2 (en) * 2016-06-30 2019-02-26 Microsoft Technology Licensing, Llc Targeted secure software deployment
CN106446613A (en) * 2016-08-29 2017-02-22 武汉启目科技有限公司 Protection method for pre-installed application in terminal
CN107391971A (en) * 2017-06-13 2017-11-24 北京航天发射技术研究所 A kind of guard method of software license mandate
CN107508791A (en) * 2017-07-12 2017-12-22 武汉精伦电气有限公司 A kind of terminal identity verification method and system based on distributed key encryption
CN107679371A (en) * 2017-09-25 2018-02-09 用友网络科技股份有限公司 Software license control method, device, computer equipment and readable storage medium storing program for executing
CN107784206A (en) * 2017-11-10 2018-03-09 北京深思数盾科技股份有限公司 Method for protecting software and device and software verification method and device
CN107832589A (en) * 2017-11-29 2018-03-23 苏州科达科技股份有限公司 Software copyright protecting method and its system
CN108376211A (en) * 2018-02-07 2018-08-07 杭州矩视科技有限公司 A kind of soft ware authorization management method, server and system
CN109271757A (en) * 2018-08-10 2019-01-25 神州网信技术有限公司 A kind of offline Activiation method and system of software

Also Published As

Publication number Publication date
TW202109320A (en) 2021-03-01
CN111625829A (en) 2020-09-04

Similar Documents

Publication Publication Date Title
WO2020173332A1 (en) Trusted execution environment-based application activation method and apparatus
US10574460B2 (en) Mechanism for achieving mutual identity verification via one-way application-device channels
WO2018050081A1 (en) Device identity authentication method and apparatus, electric device, and storage medium
US8196186B2 (en) Security architecture for peer-to-peer storage system
KR102202547B1 (en) Method and system for verifying an access request
US20200412554A1 (en) Id as service based on blockchain
KR102137122B1 (en) Security check method, device, terminal and server
TW201813361A (en) Method and device for providing and obtaining graphic code information, and terminal
US20130097427A1 (en) Soft-Token Authentication System
JP2010514000A (en) Method for securely storing program state data in an electronic device
CN116490868A (en) System and method for secure and fast machine learning reasoning in trusted execution environments
KR101531662B1 (en) Method and system for mutual authentication between client and server
WO2021190197A1 (en) Method and apparatus for authenticating biometric payment device, computer device and storage medium
US20220417028A1 (en) Methods, Systems, and Devices for Server Control of Client Authorization Proof of Possession
WO2016173211A1 (en) Application identifier management method and device
CN106992978B (en) Network security management method and server
CN115277168A (en) Method, device and system for accessing server
CN108667800B (en) Access authority authentication method and device
CN115473655B (en) Terminal authentication method, device and storage medium for access network
WO2014187208A1 (en) Method and system for backing up private key in electronic signature token
CN111740995A (en) Authorization authentication method and related device
CN115242471B (en) Information transmission method, information transmission device, electronic equipment and computer readable storage medium
JP2009199147A (en) Communication control method and communication control program
CN111404680B (en) Password management method and device
CN110287725B (en) Equipment, authority control method thereof and computer readable storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20763506

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20763506

Country of ref document: EP

Kind code of ref document: A1