WO2021031087A1 - 一种证书管理方法及装置 - Google Patents

一种证书管理方法及装置 Download PDF

Info

Publication number
WO2021031087A1
WO2021031087A1 PCT/CN2019/101450 CN2019101450W WO2021031087A1 WO 2021031087 A1 WO2021031087 A1 WO 2021031087A1 CN 2019101450 W CN2019101450 W CN 2019101450W WO 2021031087 A1 WO2021031087 A1 WO 2021031087A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
digital certificate
private key
identification information
management
Prior art date
Application number
PCT/CN2019/101450
Other languages
English (en)
French (fr)
Inventor
吴迪
梁志坚
郑虹达
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2019/101450 priority Critical patent/WO2021031087A1/zh
Priority to EP19942074.6A priority patent/EP4016921A4/en
Priority to CN201980099456.9A priority patent/CN114223176B/zh
Publication of WO2021031087A1 publication Critical patent/WO2021031087A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2541Rights Management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/835Generation of protective data, e.g. certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/062Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management

Definitions

  • This application relates to the field of communication technology, and in particular to a certificate management method and device.
  • DRM digital rights management
  • digital certificate technology is used to ensure the end-to-end distribution of audio and video content. End protection.
  • the DRM server used to provide audio and video content will authorize the DRM client in the terminal device to access digital content of different quality according to different security levels.
  • the digital certificate and private key required for accessing the digital content with a higher security level are burned in the DRM client when the terminal device leaves the factory. Therefore, the digital certificates and private keys of different DRM clients are burned separately, which leads to a low efficiency in the management and control of the digital certificates and private keys of the DRM client.
  • the embodiments of the present application provide a certificate management method and device to solve the problem of low efficiency of digital certificate and private key management and control of the DRM client.
  • the embodiments of the present application provide a certificate management method, which is applied to a device deployed with a trusted execution environment TEE, the device is also deployed with an offline burning interface, and the TEE is deployed with a trusted key management application TA.
  • the device can also deploy a rich execution environment REE, and the above offline programming interface can be deployed in the REE.
  • the method specifically includes that the key management TA obtains the digital rights management DRM parameters through the offline programming interface, the DRM parameters include the address of the first digital certificate, the address of the first private key, and the transport key; the first digital certificate is the use of the transport key The digital certificate encrypted with the second digital certificate by the key, the first private key is the private key encrypted with the second private key using the transport key, and the second private key is used to sign the data sent to the DRM server or to decrypt Data from the DRM server; then the key management TA obtains the first digital certificate and the first private key according to the address of the first digital certificate and the address of the first private key, and uses the transport key to decrypt the first digital certificate and the first private key respectively.
  • a private key obtains the second digital certificate and the second private key; then the key management TA stores the second digital certificate, the second private key and the first identification information in association with each other. The first identification information is used to identify the second digital certificate and the second Private key.
  • This embodiment of the application newly defines an offline programming interface.
  • the digital certificates and private keys for different DRM clients are written into the secure storage area of the key management TA through the offline programming interface.
  • the key management TA is responsible for the storage and management of certificates and private keys. Different digital certificates and private keys are stored corresponding to different identification information. Therefore, the digital certificates and private keys of different DRM clients can be written through the offline burning interface
  • the secure storage area corresponding to the key management TA is uniformly stored and managed by the secure storage area. Subsequent different DRM clients can obtain digital certificates and private keys from the key management TA, thereby improving the burning efficiency and Improve the management and control efficiency of digital certificates and private keys.
  • the DRM parameters also include the first pass key; in this case, when the key management TA stores the second digital certificate, the second private key, and the first identification information in association, it can be implemented in the following manner : The key management TA uses the first pass key to respectively encrypt the second digital certificate and the second private key to obtain the third digital certificate and the third private key; then the key management TA stores the third digital certificate and the third The private key and the first identification information, the first identification information is used to identify the third digital certificate and the third private key.
  • the pass key is used for encrypted storage, so that the service TA responsible for business processing needs to use the pass key and the first identification information when it needs to use the digital certificate and private key. Obtain, thereby improving the security of digital certificates and private keys.
  • N service TAs and transmission interfaces are also deployed in the TEE, and N is a positive integer;
  • the first service TA obtains first information, the first information includes first identification information, the first service TA is any one of the N service TAs; the first service TA obtains the first identification information from the key management TA through the transmission interface The associated second digital certificate.
  • the TA can use the same digital certificate and private key for different services, or different digital certificates and private keys.
  • the unified key management TA is used to make the client application related data processing
  • the functions, as well as the write/read functions of the digital certificate/private key are handled separately by different modules, that is, the function module responsible for the writing and storage of the digital certificate and private key is the key management TA, which is responsible for The functional module of client application related data processing is business TA, which improves the security of digital certificates and private keys.
  • different service TAs can only access and use the digital certificate and private key stored in the key management TA through the transmission interface deployed in the TEE, which ensures the privacy of the private key and digital certificate.
  • the DRM parameters also include the first pass key
  • the first information also includes the first pass key
  • the first service TA is based on the first identification information and the first pass key from the encryption through the transmission interface.
  • the second digital certificate is obtained from the key management TA.
  • the service TA responsible for service processing needs to use the digital certificate and private key, it needs to use the pass key and the first identification information to obtain it, which further improves the security of the digital certificate and private key.
  • new clients can be added, and the newly added clients can use identification information, or identification information and pass key can read the digital certificate, or use the key management TA to implement business processing, such as data signature or data Decrypt.
  • different service TAs can simultaneously use the first identification information, or the first identification information and the first pass key to obtain the digital certificate from the key management TA.
  • the first service TA obtains the second digital certificate from the key management TA through the transmission interface based on the first identification information and the first pass key, including: The management TA sends a first instruction, the first instruction carries the first pass key and the first identification information; the key management TA obtains the third digital certificate associated with the first identification information from the stored digital certificate; the key management TA uses the first A pass key decrypts the third digital certificate to obtain the second digital certificate, and sends the second digital certificate to the first service TA through the transmission interface.
  • the first service TA is deployed in the TEE, and the method further includes: the first service TA sends a second instruction to the key management TA, the second instruction carries the first data and the first identification information;
  • the service TA is any one of the N service TAs;
  • the key management TA obtains the second private key associated with the first identification information from the stored keys, and uses the second private key to sign or decrypt the first data to obtain the first data
  • Two data The key management TA sends the second data to the first service TA.
  • the service TA does not have the authority to use the private key, and the authority to use the private key is only in the key management TA.
  • the service TA needs to use the private key to sign or decrypt data, it needs to be executed through the key management TA , And the key management TA sends the signed or decrypted data to the service TA, which means that the service TA cannot really access the private key, which improves the security of the private key.
  • different service TAs can simultaneously use the first identification information, or the first identification information and the first pass key to sign or decrypt data with the help of the key management TA.
  • the DRM parameters further include the first pass key
  • the second instruction also includes the first pass key
  • using the second private key to sign or decrypt the first data to obtain the second data includes:
  • the key management TA obtains the third private key associated with the first identification information from the stored keys, and uses the first pass key to decrypt the third private key to obtain the second private key; the key management TA uses the second private key pair
  • the first data is signed or decrypted to obtain the second data, and the second data is sent to the first service TA.
  • the service TA does not have the authority to use the private key, and the authority to use the private key is only in the key management TA.
  • the service TA needs to use the private key to sign or decrypt data, it needs to pass the key management TA based on the identification Information and the pass key are executed, and the key management TA sends the signed or decrypted data to the service TA. If the service TA cannot provide the correct identification information or pass key, the data cannot be signed and decrypted , To further improve the security of the private key.
  • the DRM parameters further include at least one of the following: the length of the transport key, the length of the first identification information, the length of the first private key, and the length of the first digital certificate.
  • the DRM parameter also includes the length of the first pass key.
  • the offline programming interface is a function call interface
  • the input variables of the offline programming interface include any one of the DRM parameters.
  • the transmission interface is a function call interface
  • the transmission interface includes at least one of the following: an identity application interface, a certificate read and write interface, a private key signature interface, a private key decryption interface or an online programming interface; among them, the identity application
  • the input variable of the interface is empty;
  • the input variable of the certificate read-write interface includes the first identification information or includes the first identification information and the first pass key;
  • the input variable of the private key signature interface includes the first identification information and the data to be signed or Including the first identification information, the first pass key, and the data to be signed;
  • the input variables of the private key decryption interface include the first identification information and the data to be decrypted or include the first identification information, the first pass key and the data to be decrypted Data;
  • the input variables of the online programming interface include the encrypted digital certificate to be written, the encrypted private key to be written, and the transport key used to encrypt the digital certificate to be written and the private key to be written.
  • the function call interface is an application programming interface API.
  • the transport key includes a first transport key and a second transport key.
  • the first digital certificate is a digital certificate obtained by encrypting the second digital certificate with the first transport key.
  • the first private key To use the second transport key to encrypt the private key of the second private key; the key management TA uses the transport key to decrypt the first digital certificate and the first private key to obtain the second digital certificate and the second private key, including: The key management TA uses the first transport key to decrypt the first digital certificate to obtain the second digital certificate, and uses the second transport key to decrypt the first private key to obtain the second private key.
  • the transport key is the key encrypted with the hierarchical key; the key management TA uses the transport key to decrypt the first digital certificate and the first private key respectively to obtain the second digital certificate and the second private key.
  • the key includes: the key management TA uses the hierarchical key to decrypt the transport key; the decrypted transport key is used to decrypt the first digital certificate and the first private key to obtain the second digital certificate and the second private key.
  • the transport key is encrypted with a hierarchical key, and the hierarchical key can be built into the chip, which can improve the security of the transport key transfer to the key management TA, and further improve the security of the digital certificate and private key Sex.
  • the TEE is deployed with a second service TA, and a transmission interface is deployed in the device where the trusted execution environment TEE is deployed.
  • the method further includes: the second service TA receives the parameter to be written, and the parameter to be written includes The fourth digital certificate, the fourth private key, and the third transport key.
  • the fourth digital certificate is the digital certificate encrypted by the third transport key to the fifth digital certificate, and the fourth private key is the third transport key pair.
  • the second service TA applies to the key management TA for second identification information through the transmission interface; the second service TA sends the fourth digital certificate, the fourth private key, and the third 3.
  • the transport secret key and the second identification information are sent to the key management TA; the key management TA uses the third transport key to decrypt the fourth digital certificate and the fourth private key respectively to obtain the fifth digital certificate and the fifth private key; The management TA stores the fifth digital certificate, the fifth private key, and the second identification information in association; the second service TA stores the second identification information.
  • the above design provides a method to write digital certificates and private keys online, which can update the original digital certificates and private keys written offline, or add new digital certificates on the basis of the original digital certificates and private keys And private key for more DRM clients to use, which can improve the efficiency of digital certificate and private key management and control.
  • it further includes: the second service TA generates the second pass key and stores the second pass key; the second service TA sends the second pass key to the key management TA; key management TA stores the fifth digital certificate, the fifth private key, and the second identification information in association, including: the key management TA uses the second pass key to encrypt the fifth digital certificate and the fifth private key respectively to obtain the sixth digital certificate and the first Six private keys, and store the sixth digital certificate, the sixth private key and the second identification information in association. Combine the pass key and identification information to store the digital certificate and private key to improve the security of the digital certificate and private key.
  • another certificate management method provided by the embodiment of this application is applied to a device deployed with a trusted execution environment TEE.
  • the TEE has a trusted key management application TA and N service TAs, where N is positive.
  • a transmission interface is also deployed in the device where the trusted execution environment TEE is deployed, and the method further includes: any one of the N service TAs receives a parameter to be written, and the parameter to be written includes the fourth digital certificate and the fourth private Key and the third transport key, the fourth digital certificate is the digital certificate encrypted by the fifth digital certificate using the third transport key, and the fourth private key is the fifth digital certificate corresponding to the fifth digital certificate using the third transport key
  • any service TA applies to the key management TA for second identification information through the transmission interface;
  • any service TATA transfers the fourth digital certificate, the fourth private key, the third transport key and the second identification
  • the information is sent to the key management TA; the key management TA uses the third transport key to decrypt the fourth digital certificate and the fourth private
  • any service TA generates the second pass key and stores the second pass key; any service TA sends the second pass key to the key management TA; key management TA stores the fifth digital certificate, the fifth private key, and the second identification information in association, including: the key management TA uses the second pass key to encrypt the fifth digital certificate and the fifth private key respectively to obtain the sixth digital certificate and the first Six private keys, and store the sixth digital certificate, the sixth private key and the second identification information in association.
  • this embodiment of the application provides a certificate management device, the certificate management device is deployed with a trusted execution environment TEE, the certificate management device is also deployed with an offline burning interface, and the TEE is deployed with a secret Key management trusted application TA, where the key management TA is used to obtain digital rights management DRM parameters through an offline programming interface, and the DRM parameters include the address of the first digital certificate, the address of the first private key, and the transport key;
  • the first digital certificate is the digital certificate encrypted with the second digital certificate using the transport key
  • the first private key is the private key encrypted with the second private key using the transport key
  • the second private key is used for signing and sending to DRM
  • the key management TA is also used to obtain the first digital certificate and the first private key respectively according to the address of the first digital certificate and the address of the first private key, and use The transport key decrypts the first digital certificate and the first private key respectively to obtain the second digital certificate and the second private key
  • the DRM parameters also include the first pass key; the key management TA is specifically used to use the first pass key to encrypt the second digital certificate and the second private key respectively to obtain the third number
  • the certificate and the third private key; the third digital certificate, the third private key and the first identification information are stored in association, and the first identification information is used to identify the third digital certificate and the third private key.
  • N service TAs and transmission interfaces are also deployed in the TEE, where N is a positive integer; the first service TA is used to obtain first information, and the first information includes first identification information.
  • TA is any one of the N service TAs; the second digital certificate associated with the first identification information is obtained from the key management TA through the transmission interface.
  • the DRM parameters also include the first pass key
  • the first information also includes the first pass key
  • the first service TA is also used to pass through based on the first identification information and the first pass key.
  • the transmission interface obtains the second digital certificate from the key management TA.
  • the first service TA is specifically used to send a first instruction to the key management TA through the transmission interface, the first instruction carrying the first pass key and the first identification information; the key management TA also Used to obtain the third digital certificate associated with the first identification information from the stored digital certificate; use the first pass key to decrypt the third digital certificate to obtain the second digital certificate, and send the second digital certificate to the first through the transmission interface Business TA.
  • a first service TA is deployed in the TEE, and the first service TA is also used to send a second instruction to the key management TA, and the second instruction carries the first data and the first identification information;
  • the service TA is any one of the N service TAs;
  • the key management TA is also used to obtain the second private key associated with the first identification information from the stored key, and use the second private key to sign the first data Or decrypt the second data; the key management TA is also used to send the second data to the first service TA.
  • the DRM parameters also include the first pass key
  • the second instruction also includes the first pass key
  • the key management TA is specifically used to obtain the first identification information association from the stored keys And use the first pass key to decrypt the third private key to obtain the second private key; use the second private key to sign or decrypt the first data to obtain the second data, and send the second data to the A business TA.
  • the DRM parameters further include at least one of the following: the length of the transport key, the length of the first identification information, the length of the first private key, and the length of the first digital certificate.
  • the DRM parameter also includes the length of the first pass key.
  • the offline programming interface is a function call interface
  • the input variables of the offline programming interface include any one of the DRM parameters.
  • the transmission interface is a function call interface
  • the transmission interface includes at least one of the following: an identity application interface, a certificate read and write interface, a private key signature interface, a private key decryption interface, or an online programming interface;
  • the input variable identifying the application interface is empty
  • the input variable of the certificate read-write interface includes the first identification information or includes the first identification information and the first pass key
  • the input variables of the private key signature interface include the first identification information and the data to be signed or include the first identification information, the first pass key and the data to be signed;
  • the input variables of the private key decryption interface include the first identification information and the data to be decrypted or include the first identification information, the first pass key and the data to be decrypted;
  • the input variables of the online programming interface include the encrypted digital certificate to be written, the encrypted private key to be written, and the transport key used to encrypt the digital certificate to be written and the private key to be written.
  • the function call interface is an application programming interface API.
  • the transport key includes a first transport key and a second transport key.
  • the first digital certificate is a digital certificate obtained by encrypting the second digital certificate with the first transport key.
  • the first private key It is the private key encrypted with the second private key using the second transport key;
  • the key management TA is specifically used to decrypt the first digital certificate using the first transport key to obtain the second digital certificate, and use the second transport key to decrypt the first private key to obtain the second private key.
  • the transport key is a key encrypted with a hierarchical key
  • the key management TA is specifically used to decrypt the transport key using the hierarchical key; the decrypted transport key is used to decrypt the first digital certificate and the first private key respectively to obtain the second digital certificate and the second private key.
  • the TEE is deployed with a second service TA, and a transmission interface is deployed in the device where the trusted execution environment TEE is deployed;
  • the second service TA is used to receive the parameters to be written.
  • the parameters to be written include the fourth digital certificate, the fourth private key and the third transport key.
  • the fourth digital certificate is the fifth digital certificate using the third transport key
  • the fourth private key is the private key obtained by using the third transport key to encrypt the fifth private key corresponding to the fifth digital certificate;
  • the second service TA is also used to apply for second identification information from the key management TA through the transmission interface; the key management TA is used to allocate the second identification information to the second service TA and send it to the second service TA through the transmission interface ;
  • the second service TA is also used to send the fourth digital certificate, the fourth private key, the third transport key and the second identification information to the key management TA;
  • the key management TA is also used to use the third transport key to decrypt the fourth digital certificate and the fourth private key respectively to obtain the fifth digital certificate and the fifth private key; to store the fifth digital certificate, the fifth private key and the second Identification information
  • the second service TA is also used to store second identification information.
  • the second service TA is also used to generate a second pass key and store the second pass key; send the second pass key to the key management TA;
  • the key management TA is specifically used to use the second pass key to encrypt the fifth digital certificate and the fifth private key to obtain the sixth digital certificate and the sixth private key, and to store the sixth digital certificate and the sixth private key in association. And the second identification information.
  • another certificate management device provided by the embodiment of this application has a trusted execution environment TEE deployed in the certificate management device, a trusted key management application TA and N service TAs are deployed in the TEE, where N is positive Integer, a transmission interface is also deployed in the certificate management device. Any one of the N service TAs is used to receive the parameters to be written.
  • the parameters to be written include the fourth digital certificate, the fourth private key and the third transport key ,
  • the fourth digital certificate is the digital certificate encrypted with the fifth digital certificate using the third transport key
  • the fourth private key is the private key encrypted with the fifth private key corresponding to the fifth digital certificate using the third transport key
  • Any service TA is also used to apply for second identification information to the key management TA through the transmission interface;
  • any service TATA sends the fourth digital certificate, the fourth private key, the third transport key and the second identification information to Key management TA;
  • key management TA used to decrypt the fourth digital certificate and fourth private key using the third transport key to obtain the fifth digital certificate and fifth private key; key management TA, also used for associated storage
  • any service TA stores the second identification information.
  • any service TA is also used to generate the second pass key and store the second pass key; any service TA is also used to send the second pass key to the key management TA; key management TA, specifically used to use the second pass key to encrypt the fifth digital certificate and the fifth private key to obtain the sixth digital certificate and the sixth private key, and to store the sixth digital certificate and the sixth Private key and second identification information.
  • an embodiment of the present application provides a certificate management device, which may be a chip.
  • the certificate management device may include a processor.
  • a TEE and an offline programming interface are deployed in the processor, and a trusted key management application TA is deployed in the TEE.
  • Service TA is also deployed in TEE.
  • the processor calls the software instructions stored in the memory to implement the functions involved in any one of the possible designs of the method embodiment or method embodiment of the first aspect or the second aspect.
  • the memory may be a memory deployed in the certificate management device or a memory deployed outside the certificate management device.
  • the TEE, the offline programming interface, and the key management TA can all be software modules, and the corresponding functions of the TEE, the offline programming interface, and the key management TA can be realized by the processor running the software code in the memory.
  • the embodiments of the present application provide a computer program product, including a computer program.
  • the computer program When the computer program is executed on a computer or processor, it will enable the computer or processor to implement the first aspect or the second method described above.
  • embodiments of the present application provide a computer-readable storage medium for storing programs and instructions. When these programs and instructions are invoked and executed in a computer, the computer can execute the above-mentioned first aspect or second aspect. The functions involved in the method embodiment and any possible design of the method embodiment are described.
  • the embodiments of the present application provide a chip system, which includes a processor and may also include a memory, for implementing the functions involved in the above method.
  • the chip system can be composed of chips, or can include chips and other discrete devices.
  • Figure 1 is a schematic diagram of a DRM system architecture provided by an embodiment of the application.
  • FIG. 2 is a schematic diagram of a PKI system architecture provided by an embodiment of the application.
  • FIG. 3 is a schematic diagram of a management process of a content encryption key provided by an embodiment of the application
  • FIG. 4 is a schematic diagram of the relationship between participants in the digital certificate and private key burning process provided by an embodiment of the application;
  • FIG. 5 is a schematic diagram of a currently used digital certificate and private key burning process provided by an embodiment of the application
  • FIG. 6 is a schematic diagram of the structure of a certificate management device provided by an embodiment of the application.
  • FIG. 7 is a flowchart of a certificate management method provided by an embodiment of the application.
  • FIG. 8 is a flowchart of another certificate management method provided by an embodiment of the application.
  • FIG. 9 is a flowchart of online certificate and private key burning provided by an embodiment of the application.
  • FIG. 10 is a schematic diagram of a digital certificate and private key burning process provided by an embodiment of the application.
  • FIG. 11 is a schematic diagram of a digital certificate and private key encrypted transmission process provided by an embodiment of the application.
  • FIG. 12 is a schematic diagram of an offline programming process provided by an embodiment of the application.
  • FIG. 13 is a schematic diagram of a process for reading a digital certificate provided by an embodiment of the application.
  • Figure 14 is a schematic diagram of a private key signature process provided by an embodiment of the application.
  • FIG. 15 is a schematic diagram of a private key decryption process provided by an embodiment of the application.
  • FIG. 16 is a schematic diagram of an online programming process provided by an embodiment of the application.
  • FIG. 17 is a schematic structural diagram of an apparatus 1700 provided by an embodiment of the application.
  • DRM digital rights management
  • a DRM system is exemplarily provided, and the system includes a DRM server and a DRM client.
  • the DRM server After the trust relationship is established between the DRM server and the DRM client, the DRM server provides digital content for the DRM client.
  • the DRM server may include a content encryption module, a key management module, a key gateway module, a content authorization module, and a certificate management module.
  • the content encryption module uses the content encryption key (CEK) to encrypt and protect the digital content; the key management module is responsible for synchronizing the content encryption key to the key gateway module after receiving the content encryption key; the key gateway module After receiving the synchronized content encryption key, secretly store the content encryption key, and receive the key query of the content authorization module; the content authorization module receives the DRM client's request and will include the content encryption key and key usage rules.
  • the authorization license is securely sent to the legal DRM client. After receiving the content authorization license, the DRM client decrypts the content encryption key reasonably according to the key usage rules, and decrypts the content with the content encryption key for playback.
  • the certificate management module is used to manage the DRM server certificate and the DRM client certificate, for example, revoke the certificate or update the certificate.
  • the DRM server modules, DRM clients, etc. establish a trust relationship based on the device certificate issued by the public key infrastructure (PKI) (the DRM server and DRM client certificates shown in Figure 1), based on this trust relationship Carry out secure communication between each other.
  • the PKI system can be used to issue and manage certificates.
  • the PKI system issues certificates through a certificate authority (CA).
  • CA certificate authority
  • the core components of the DRM server, the DRM client, etc. all apply to a certificate authority (CA) to obtain a digital certificate as a proof of their identity.
  • CA certificate authority
  • the trust relationship between entities is based on the validity of the certificate. If the DRM client certificate is validated by the DRM server, the DRM server trusts the DRM client. Similarly, if the DRM server certificate is validated by the DRM client, the DRM client trusts the DRM server.
  • the PKI system may include one-level or multi-level CAs.
  • the PKI system shown in Figure 2 includes root CA, DRM service terminal CA, and DRM client sub-CA.
  • the root CA may be at the root
  • two sub-CA certificates are derived and issued to the DRM service terminal CA and the DRM client sub-CA respectively.
  • the DRM service terminal CA can issue the DRM server certificate for the DRM server device according to the DRM service terminal CA, which is an online certificate status
  • the protocol (online certificate status protocol, OCSP) server issues an OCSP server certificate.
  • the OCSP server can be used to verify the legitimacy of the DRM server.
  • the DRM client sub-CA can issue a DRM client certificate to the DRM client based on the DRM client sub-CA certificate.
  • the DRM client certificate, the CA root certificate, and the DRM client sub-CA certificate constitute the client certificate chain.
  • the certificate chain is generally stored in the secure storage area of the client.
  • Each level of equipment certificate can be verified by the upper level certificate.
  • the DRM server determines whether to trust the DRM client, it can be determined according to the root CA certificate of the DRM client's digital certificate. If the DRM server trusts a certain root CA certificate, it can trust the client certificate issued by the root CA. For example, the DRM1 server trusts the certificate of the root CA1, and the DRM2 client certificate is issued by the root CA1, then the DRM1 server can trust the DRM2 client; if the DRM3 server only trusts the certificate of the root CA2, and the DRM2 client certificate is Root CA1 issued a certificate, then the DRM3 server cannot trust the DRM2 client.
  • the content encryption key is a key for encrypting digitized content.
  • the DRM server and the DRM client each have an asymmetric key pair.
  • the key owned by the DRM server is called the public key
  • the key owned by the DRM client is called the private key.
  • the public key is used to encrypt the content encryption key
  • the private key is used to decrypt the content encryption key.
  • FIG. 3 is a schematic diagram of the management process of the content encryption key provided by way of example.
  • the DRM server generates a session key, and uses the session key to encrypt the content encryption key.
  • the session key is a temporary key generated when the client applies for a license, and the session key is used to encrypt and protect the content encryption key.
  • the DRM server encrypts the session key with the DRM client public key.
  • the DRM server encapsulates the encrypted session key and the encrypted content encryption key in a license and sends it to the DRM client.
  • the DRM client After receiving the license, the DRM client uses the private key of the DRM client to decrypt the session key, and decrypts with the decrypted session key to obtain the content encryption key;
  • the DRM client After the DRM client decrypts and obtains the content encryption key, it uses the content encryption key to decrypt the digitized content to realize the decoding and playback of the content.
  • Hierarchical key technology which supports writing a key in the production stage through the chip logic.
  • This key can be called a hierarchical key.
  • the hierarchical key is only used in the hierarchical key module of the chip, and the hierarchical
  • the data encrypted by the key is only decrypted by the chip-level key module to ensure data security.
  • Rich execution environment can be used to run general operating systems, such as Android operating system, IOS operating system, Linux operating system, etc., so as to provide software and hardware support for the realization of application functions.
  • general operating systems such as Android operating system, IOS operating system, Linux operating system, etc.
  • the Trusted Execution Environment provides a security zone in the terminal device, and supports the storage, processing, and protection of sensitive data (such as keys and digital certificates) in an isolated and trusted environment.
  • a trusted applet is a program entity that can run in a TEE.
  • the memory, secure storage area, and other hardware resources between different TAs are isolated from each other.
  • the Chinese DRM client can be divided into three security levels, namely software, hardware, and enhanced hardware.
  • the software level allows the DRM client program to run in a common operating system, and other software in the system can access various keys and data of DRM;
  • the hardware level requires the DRM client to run in an independent TEE, and other system software cannot Access to various keys and data of DRM;
  • enhanced hardware level further increases the requirements of chip algorithm engine anti-attack on the basis of hardware level.
  • the "key” in the embodiments of this application may also be referred to as "secret key”.
  • “At least one” means one or more, and “plurality” means two or more.
  • “And/or” describes the association relationship of the associated objects, indicating that there can be three relationships, for example, A and/or B, which can mean: A alone exists, A and B exist at the same time, and B exists alone, where A, B can be singular or plural.
  • the character “/” generally indicates that the associated objects are in an “or” relationship.
  • “The following at least one (item)” or similar expressions refers to any combination of these items, including any combination of a single item (a) or a plurality of items (a).
  • At least one of a, b, or c can mean: a, b, c, a and b, a and c, b and c, or a, b and c, where a, b, c It can be single or multiple.
  • words such as “first” and “second” are only used for the purpose of distinguishing description, and cannot be understood as indicating or implying relative importance, nor can it be understood as indicating Or imply the order.
  • the various numerical numbers involved in the embodiments of the present application are only for easy distinction for description, and are not used to limit the scope of the embodiments of the present application.
  • the size of the sequence number of the above processes does not mean the order of execution, and the execution order of each process should be determined by its function and internal logic.
  • the terminal equipment in the embodiments of the present application may also be referred to as terminal equipment (terminal equipment) or user equipment (user equipment, UE).
  • the terminal may be a set-top box, a mobile phone, a tablet computer (pad), a notebook computer, a personal digital assistant (PDA), a point of sales (POS), a car computer, a smart speaker, and an augmented reality (augmented) Reality, AR) devices, virtual reality (virtual reality, VR), smart cars, etc., which are not limited in the embodiment of the present application.
  • the terminal device of the embodiment of the present application may support one or more client applications.
  • the DRM server will authorize the DRM client in the terminal device to access digital content of different quality according to different security levels, for example, the general Hollywood content provider requires the terminal device to support hardware and above security levels for 4K programs.
  • the DRM client hardware and above security level requires the terminal device to burn the digital certificate and private key of the DRM client at the factory.
  • the involved parties may include the DRM authority, key owner, terminal device manufacturer, and chip manufacturer.
  • the DRM authority may be China DRM trust authority (CDTA)
  • the key owner may be an operator or an Internet service provider (over the top, OTT).
  • Figure 4 is a schematic diagram of the chip flow from the generation of the digital certificate and the private key to the programming to the terminal device.
  • the DRM authority adopts the derivation rules to be responsible for deriving the digital certificate of the terminal device (hereinafter referred to as the digital certificate) and generating the private key.
  • the key owner purchases the terminal device certificate and private key from the DRM authority and saves it on the key owner’s operating platform, such as the operator platform or OTT server.
  • the operator platform or OTT server uses common tools to encrypt the terminal device certificate and private key. Key, and distribute the encrypted terminal device certificate and private key to the terminal device manufacturer. Therefore, the terminal device manufacturer assists the DRM client to complete the writing of the digital certificate and the private key on the platform (referred to as the terminal device manufacturer's platform) for burning the digital certificate and private key.
  • the terminal device manufacturer's platform writes the digital certificate and private key into the secure storage area of the chip through the chip interface provided on the terminal device.
  • the platforms mentioned in the embodiments of the present application may be servers, electronic devices, and so on.
  • FIG. 5 it is a schematic diagram of the specific flow of the chip from the generation of the digital certificate and the private key to the programming to the terminal device.
  • the digital certificate and private key of the terminal device are issued and derived from the CDTA root CA certificate by CDTA through preset rules.
  • the CDTA then securely sends the digital certificate and private key of the terminal device to the operating platform of the key owner.
  • the operating platform of the key owner is located in a secure environment, such as a security laboratory.
  • the operating platform of the key owner in the security laboratory generates a transport key (TransportKey), and uses the transport key to encrypt the digital certificate and private key of the terminal device.
  • TransportKey transport key
  • general encryption tools and fixed encryption modes can be used Encrypt the digital certificate and private key of the terminal device.
  • each parameter is written into the different TAs of the terminal equipment TEE through the API interfaces (such as DRM API1, DRM API2, and DRM API3) corresponding to different DRM clients in the terminal equipment, such as DRM TA1, DRMTA2 shown in Figure 5.
  • DRM TA3 each DRM TA can be considered as a client.
  • a client can be used by one or more client applications.
  • Each DRM TA not only completes the data processing related to the client application, but also completes the functions of writing and reading digital certificates and private keys.
  • DRM TAs are independent of each other. One DRM TA cannot obtain the digital certificate and private key stored by other DRM TAs.
  • the embodiments of the present application provide a certificate management method and device, specifically the functions of data processing related to client applications and the functions of writing/reading digital certificates/private keys are implemented through different modules.
  • the functional module responsible for writing and storing digital certificates and private keys is called a key management TA
  • the functional module responsible for data processing related to client applications is called a service TA.
  • the digital certificates and private keys of different clients are all written and stored by the key management TA. Different clients correspond to different service TAs, that is, the key management TA supports the access of multiple service TAs.
  • the key management TA stores the digital certificates and private keys of different clients in association with different identification information.
  • the embodiment of this application adds a key management TA to the chip and defines an offline programming interface.
  • the key management TA receives and stores digital rights management DRM parameters written by the outside world through the offline programming interface. When TA needs to use these parameters, it will obtain these parameters from the key management TA. Therefore, the storage of the digital certificate and private key of the DRM service (stored by the key management TA) and use (used by the service TA) are separate, and the service TA only Responsible for business functions, and can only obtain private keys and certificates through the TEE interface provided by the key management TA, ensuring the privacy of digital certificates and private keys. Further, one management TA supports access to multiple business TAs and also supports business TA increase and update.
  • the first method is to encrypt and store the digital certificates and private keys.
  • the key used for encryption is the pass key (or password), and different business TAs use identification information and
  • the pass key can read the certificate and private key from the key management TA.
  • the security of digital certificates and private keys can be further guaranteed.
  • the second method is to store the digital certificate and private key directly without encryption.
  • the certificate management device may be a chip, a terminal device, a DRM client deployed in the terminal device, or a module in a DRM client deployed in the terminal device, and the function of the DRM client may be implemented by the chip or chip system of the terminal device.
  • TEE can be deployed in the certificate management device.
  • the key management TA can be deployed in the TEE, and the storage unit can also be deployed in the TEE, which can be used to store private keys and digital certificates.
  • the storage unit is a non-volatile storage medium, such as flash memory (flash), read-only memory (Read-Only Memory, ROM), programmable read-only memory (programmable ROM, PROM), erasable programmable read-only memory (erasable) PROM, EPROM), electrically erasable programmable read-only memory (EPROM, EEPROM), register, hard disk, mobile hard disk, CD-ROM or any other form of storage medium known in the art.
  • flash flash
  • read-only memory Read-Only Memory
  • ROM read-only memory
  • PROM programmable read-only memory
  • erasable programmable read-only memory erasable programmable read-only memory
  • EPROM electrically erasable programmable read-only memory
  • register hard disk, mobile hard disk, CD-ROM or any other form of storage medium known in the art.
  • N service TAs may also be deployed in the TEE.
  • the first service TA, the second service TA, and the third service TA are taken as examples, and N is a positive integer.
  • An offline programming interface is also deployed in the certificate management device.
  • the offline programming interface can be deployed in the TEE. If the certificate management device can also be deployed with REE, the offline programming interface can also be deployed in the REE, as shown in Figure 6 Take REE as an example.
  • a transmission interface can also be deployed in the TEE for each service TA to read the digital certificate and use the private key from the key management TA.
  • the certificate management device executes the certificate management method provided in the embodiments of this application to realize: offline burning of digital certificates and private keys, reading of digital certificates and private keys, or online burning of digital certificates and private keys.
  • FIG. 7 is a schematic flowchart of the certificate management method provided by this embodiment of the application.
  • FIG. 7 illustrates the first method.
  • Fig. 7 specifically provides an offline programming (also called platform programming) process of digital certificates and private keys.
  • the programming process can be executed on the terminal equipment manufacturer's platform.
  • the key management TA obtains DRM parameters through the offline programming interface.
  • the DRM parameters include the address of the first digital certificate, the address of the first private key, the transport key, and the first pass key; the first digital certificate is used for transport
  • the second digital certificate is encrypted by the key, and the first private key is the second private key encrypted by the transport key.
  • the first digital certificate that is, the DRM client certificate, is used to verify the legitimacy of the certificate management device.
  • the first private key is used to encrypt and decrypt the data of the DRM server.
  • the offline programming interface can be a function call interface.
  • the function scheduling interface may be an application programming interface (application programming interface, API), or other types of interfaces.
  • the input variables of the offline programming interface may include any one of the DRM parameters.
  • the DRM parameters further include at least one of the following: the length of the transport key, the length of the first identification information, the length of the first pass key, the length of the first private key, or the length of the first digital certificate.
  • the offline programming interface can be defined in the following way:
  • Int CDRM_KEY_Provision represents the name of the calling function corresponding to the offline programming interface. It should be understood that the use of the offline programming interface can be realized by calling this function;
  • pTransportKey represents the transport key (TransportKey) encrypted with the assistance of the chip manufacturer
  • s32TransportKeyLen represents the length of TransportKey
  • pInfor represents the pass key (passwd) for encrypted storage of the digital certificate and the private key, and in the embodiment shown in FIG. 7 represents the first pass key;
  • s32Inforlen represents the length of pInfor, that is, the length of the first identification information
  • pPrivateKey represents the address of the private key encrypted by TransportKey, that is, the address of the first private key
  • s32privateKeyLen represents the length of the encrypted private key, that is, the length of the first private key
  • pCert represents the address of the digital certificate encrypted by TransportKey, that is, the address of the first digital certificate
  • s32CertLen represents the length of the encrypted digital certificate.
  • the function of the offline programming interface may return the first value, such as 0, and returning other values indicates that the function call of the offline programming interface failed.
  • the encrypted private key address and the encrypted digital certificate address may be provided by the operator.
  • the above DRM parameters are transmitted to the key management TA through the terminal device manufacturer platform, and correspondingly, the key management TA obtains the DRM parameters.
  • the DRM parameters can be written into the certificate management device through the function call interface through the terminal equipment manufacturer platform, and the certificate management device is, for example, a processor chip.
  • the key management TA obtains the first digital certificate and the first private key respectively according to the address of the first digital certificate and the address of the first private key, and uses the transport key to decrypt the first digital certificate and the first private key respectively to obtain the 2. Digital certificate and second private key.
  • the key management TA uses the first pass key to respectively encrypt the second digital certificate and the second private key to obtain the third digital certificate and the third private key.
  • the key management TA stores the third digital certificate, the third private key, and the first identification information in association; the first identification information is used to identify the third digital certificate and the third private key.
  • the first identification information may be determined in the following manner:
  • the DRM parameters received through the offline programming interface include the first identification information.
  • Manner 2 Multiple identification information is pre-configured in the key management TA, and the key management TA allocates one unused identification information from the multiple configured identification information.
  • Manner 3 The key management TA is configured with a default value of the identification information, the input parameters in the offline programming interface do not include the identification information, and the key management TA uses the default value as the first identification information.
  • the key management TA After the key management TA stores the third digital certificate, the third private key, and the first identification information in association, an association relationship is established between the third digital certificate, the third private key and the first identification information. At this time, the first identification information is used To identify the third digital certificate and the third private key, so that the third digital certificate and the third private key can be found through the first identification information.
  • the key management TA can receive multiple sets of DRM parameters, and each set of DRM parameters corresponds to a digital certificate and private key, so that multiple sets of digital certificates and private keys can be burned into the terminal device at one time. Different digital certificates and private keys use different identification information to identify them. In another example, multiple sets of digital certificates and private keys to be burned can also be implemented by executing the process shown in FIG. 7 multiple times.
  • the N service TAs in the terminal device can obtain the first identification information and the first pass key from the key management TA Obtain the second digital certificate, and when the second private key is needed to decrypt or sign the digital content, the key management TA can be used to decrypt or sign the digital content, and the decrypted or signed digital content can be returned.
  • the solution realizes that the same digital certificate and private key can be used for different business TAs, or different digital certificates and private keys can be used, but they are all obtained through a unified key management TA, and each business TA cannot really read To the first private key, the privacy of the private key is guaranteed, thereby improving security.
  • the N service TAs and the key management TA communicate through a transmission interface.
  • the transmission interface can also be a function call interface, and the transmission interface is deployed in the TEE.
  • the transmission interface may include at least one of the following: an identity application interface, a certificate reading interface, a private key signature interface, a private key decryption interface, or an online distribution programming interface.
  • the identity application interface is used for the business TA to apply for a piece of identity information for storing private keys and digital certificates.
  • the certificate reading interface is used for the business TA to obtain the data of the digital certificate.
  • the private key signature interface is used for the service TA to use the private key to sign data.
  • the private key decryption interface is used by the service TA to send the data to be decrypted to the key management TA and receive the data decrypted by the key management TA using the private key.
  • the online distribution programming interface is used by the business TA when programming the private key and digital certificate of the DRM client online, and the key management TA is used to realize the secure storage of the DRM client key and digital certificate.
  • the first service TA obtains first information, and the first information includes the first identification information and the first pass key;
  • a service TA obtains the second digital certificate associated with the first identification information from the key management TA through the transmission interface.
  • the first service TA transmits the first information to the key management TA through the certificate reading interface, so that the key
  • the management TA obtains the third digital certificate associated with the first identification information from the stored digital certificate, then uses the first pass key to decrypt the third digital certificate to obtain the second digital certificate, and then reads the second digital certificate through the certificate
  • the interface is sent to the first service TA.
  • the input variable of the certificate reading interface may include the first identification information and the first pass key or include the first identification information.
  • the digital certificate and private key are encrypted and stored.
  • the input variables of the certificate reading interface can include the first identification information and the first pass key.
  • the second method is adopted, the digital certificate and private key are not checked.
  • the private key is encrypted and stored, and the input variable of the certificate reading interface may only include the first identification information.
  • the input variable of the certificate reading interface may also include the length of the first identification information or the length of the first pass key.
  • the output variable of the certificate reading interface may include the second digital certificate, and may also include the length of the second digital certificate.
  • the certificate reading interface can be defined as follows:
  • CDRM_Key_GetCert represents the calling function of the certificate reading interface
  • keyIndex is an input parameter, which represents the identification information used to identify the digital certificate and the private key. In the embodiment shown in Figure 7, it represents the first identification information; the keyIndex is stored in the secure storage area 2 of the first service TA and used when needed When incoming.
  • pPasswd is an input parameter, which represents the pass key used to encrypt the digital certificate and the private key in the key management TA. In the embodiment shown in FIG. 7, it represents the first pass key.
  • pPasswd is stored in the secure storage area 2 of the first service TA, and is passed in when needed.
  • s32Passlen is an input parameter, which represents the length of Passwd.
  • pCert is an output parameter, which represents the read digital certificate data, that is, the second digital certificate.
  • pCertLen is an output parameter, which represents the length of the read certificate, that is, the length of the second digital certificate.
  • the function of the certificate reading interface may return a second value, such as 0. When other values are returned, it indicates that the function call of the certificate reading interface failed.
  • the first identification information and the first pass key come from the key owner. After the key owner determines the first identification information and the first pass key, it informs the terminal device manufacturer through offline or pretty good privacy (PGP) encrypted mail, so that the terminal device manufacturer can use the terminal.
  • PGP pretty good privacy
  • the equipment manufacturer platform sends the first identification information and the first pass key to the first service TA, and the first service TA may store the first identification information and the first pass key in the secure storage area corresponding to the first service TA 2 in.
  • PGP is an encryption and decryption technology that uses emails to communicate. This technology can ensure data security between the two parties in the data interaction. Even if there is network sniffing or other hacker technology on the shared network, the data transmitted through the PGP technology cannot be obtained. .
  • the first service TA can obtain the first information to read the first identification information and the first pass key from the secure storage area 2.
  • the first service TA reads the second digital certificate from the key management TA, which can be executed when the legality is verified between the DRM server and the DRM client, and the DRM server requests the second digital certificate from the DRM client Therefore, after the DRM client application obtains the request, it reads the second digital certificate from the key management TA through the first service TA.
  • the first service TA receives the second digital certificate sent by the key management TA, it can follow the preset
  • the configured certificate rules verify the second digital certificate, such as verifying whether the format of the second digital certificate meets the requirements. After the verification is successful, the second digital certificate is sent to the DRM server, so that the DRM server verifies the second number
  • the legality of the certificate can prevent the business TA from obtaining the wrong identification information and pass key, resulting in obtaining the wrong digital certificate.
  • the first service TA sends the second instruction to the key management TA through the private key signature interface in the transmission interface, and the first The second instruction carries the first data, the first identification information, and the first pass key; the key management TA obtains the third private key associated with the first identification information from the stored key, and uses the first pass key to decrypt the third The private key obtains the second private key; the key management TA uses the second private key to sign the first data to obtain the second data, and sends the second data to the first service TA through the private key signature interface in the transmission interface.
  • the input variables of the private key signature interface include the first identification information and the data to be signed or include the first identification information, the first pass key and the data to be signed.
  • the input variables of the private key signature interface include the first identification information, the first pass key and the data to be signed (such as the first data)
  • the second method is adopted, that is, the digital certificate and the private key are not encrypted and stored
  • the input variables of the private key signature interface include the first identification information and the data to be signed.
  • the input variables of the private key signature interface may also include the length of the first identification information, the length of the first pass key, or the length of the data to be signed.
  • the output variable of the private key decryption interface includes the signed data, and may also include the signed data length.
  • the private key signature interface can be defined as follows:
  • CDRM_Key_PrivateKey_Signature (unsigned int keyIndex, CDRM_KEY_Algorithm alg, unsigned char*pPasswd, int s32Passlen, unsigned char*pInputBuffer, int len, unsigned char*pOutPutBuffer, int*pBufferLen).
  • CDRM_Key_PrivateKey_Signature represents the calling function of the private key signature interface
  • keyIndex is an input parameter, which represents the identification information used to identify the digital certificate and the private key. In the embodiment shown in FIG. 7, it represents the first identification information; the keyIndex is stored in the secure storage area 2 in the storage unit of the first service TA, And pass in when needed;
  • alg is the input parameter, and alg is the algorithm used to sign the data to be signed with the private key.
  • it can be a standard asymmetric cryptographic algorithm, such as SM2-256 or RSA2048;
  • pPasswd is an input parameter, which represents the pass key used to encrypt the digital certificate and private key in the key management TA;
  • s32Passlen is an input parameter, which represents the length of Passwd
  • pInputBuffer is an input parameter, which represents the data to be signed
  • len is the input parameter, the length of the data to be signed
  • pOutPutBuffer is the output parameter, which represents the address of the signed data
  • pBufferLen is the output parameter, which represents the length of the signed data.
  • the function of the private key signature interface may return a third value, such as 0, and other values are returned, indicating that the function call of the private key signature interface failed.
  • the first service TA sends the second service TA to the key management TA through the private key decryption interface in the transmission interface.
  • the second instruction carries the first data, the first identification information, and the first pass key;
  • the key management TA obtains the third private key associated with the first identification information from the stored keys, and uses the first pass key Decrypt the third private key to obtain the second private key;
  • the key management TA uses the second private key to decrypt the first data to obtain the second data, and sends the second data to the first service TA through the private key decryption interface in the transmission interface .
  • the input variable of the private key decryption interface includes the first identification information and the data to be decrypted or includes the first identification information, the first pass key and the data to be decrypted.
  • the digital certificate and private key are encrypted and stored, and the input variables of the private key decryption interface include the first identification information, the first pass key, and the data to be decrypted (such as the first data)
  • the second method is adopted, that is, the stored digital certificate and private key are not encrypted, and the input variables of the private key decryption interface include the first identification information and the data to be decrypted.
  • the input variable of the private key decryption interface may also include the length of the first identification information, the length of the first pass key, or the length of the data to be decrypted.
  • the output variable of the private key decryption interface includes the decrypted data, and may also include the decrypted data length.
  • the private key decryption interface can be defined as follows:
  • int CDRM_Key_PrivateKey_Decrypt (unsigned int keyIndex, CDRM_KEY_Algorithm alg, unsigned char*pPasswd, int s32Passlen, unsigned char*pInputBuffer, inLen, unsigned char*pOutPutBuffer, int*pBufferLen).
  • CDRM_Key_PrivateKey_Decrypt represents the name of the calling function of the private key decryption interface. It should be understood that the use of the private key decryption interface can be realized by calling this function;
  • keyIndex is an input parameter, which represents identification information used to identify a digital certificate and a private key. In the embodiment shown in FIG. 7, it represents first identification information
  • alg is the input parameter, which means the parameter used to decrypt the data to be decrypted with the private key, for example, it can be a symmetric key algorithm, such as SM2-256 or RSA2048;
  • pPasswd is an input parameter, which represents the pass key used to encrypt the digital certificate and private key in the key management TA;
  • s32Passlen is an input parameter, which represents the length of Passwd
  • pInputBuffer is an input parameter, which represents the data to be decrypted
  • len is the input parameter, the length of the data to be decrypted
  • pOutPutBuffer is the output parameter, which represents the address of the signed data
  • pBufferLen is the output parameter, which represents the length of the signed data.
  • the function of the private key signature interface may return a fourth value, such as 0. When other values are returned, it indicates that the function of the private key decryption interface failed.
  • the input parameters of each of the above-mentioned transmission interfaces are the parameters that need to be input when calling the API, and the output parameters are the parameters obtained after the end of the call.
  • the first service TA needs to decrypt or sign data based on the second private key from the key management TA, which can be executed when the DRM client requests the DRM server to play digital content, and the DRM client sends The DRM server requests a content license. After receiving the request from the DRM client, the DRM server sends the first CEK and the content usage rules constitute the content license to the DRM client.
  • the first CEK uses the second private key to pair the second After the CEK is encrypted, the client application of the DRM client needs to decrypt the CEK in the content license after receiving the content license. In this case, the client application needs to obtain the second private key from the key management TA through the first service TA to decrypt the CEK.
  • the first service TA sends a second instruction to the key management TA, the second instruction carries the first CEK, the first identification information, and the first pass key; the key management TA obtains the first identification from the stored keys The third private key associated with the information, and the first pass key is used to decrypt the third private key to obtain the second private key; the key management TA uses the second private key to decrypt the first CEK to obtain the second CEK, and the second CEK Sent to the first service TA. Therefore, after the first service TA receives the second CEK, it is passed to the client application, so as to be used to decrypt and play the encrypted digital content from the DRM server.
  • the transport key used for encrypting the second digital certificate and the transport key used for encrypting the second private key may be the same or different.
  • the transport key used to encrypt the second digital certificate and the second private key includes the first transport key and the second transport key, and the first digital certificate is after the second digital certificate is encrypted using the first transport key.
  • the first private key is the private key after the second private key is encrypted with the second transport key; the key management TA is executing S702, specifically, the first transport key is used to decrypt the first digital certificate, and get The second digital certificate is used to decrypt the first private key using the second transport key to obtain the second private key.
  • the second digital certificate encryption and the second private key encryption can be implemented by the key owner through the server of the security laboratory.
  • the transport key used to encrypt the second digital certificate and the second private key may be encrypted and then passed to the terminal device manufacturer by the key owner.
  • the encryption of the transport key can be implemented by the chip manufacturer, and specifically can be implemented by a server deployed in the chip manufacturer's security laboratory using a keyladder.
  • the key used to encrypt the transport key is the hierarchical key.
  • the level key may be configured in the chip by the chip manufacturer before the chip of the terminal device leaves the factory, for example, configured in the one-time programmable (OTP) memory of the chip.
  • OTP one-time programmable
  • the key management TA uses the transport key to decrypt the first digital certificate and the first private key to obtain the second digital certificate and the second private key, it can be implemented in the following manner:
  • the key management TA uses a hierarchical key Decrypt the transport key; use the decrypted transport key to decrypt the first digital certificate and the first private key to obtain the second digital certificate and the second private key.
  • the first pass key received by the key management TA may be encrypted.
  • the key owner After determining the first pass key, the key owner encrypts the first pass key, and then notifies the terminal equipment manufacturer of the encrypted first pass key, so that the terminal equipment manufacturer’s platform will encrypt the encrypted first pass key
  • the first pass key of is included in the DRM parameter and sent to the key management TA through the offline programming interface.
  • the first pass key can be encrypted by the transport key, so that the key management TA uses the first pass key to encrypt the second digital certificate and the second private key.
  • the TA uses the transport key to decrypt the encrypted first pass key, and then uses the decrypted first pass key to respectively encrypt the second digital certificate and the second private key.
  • FIG. 8 is a schematic flowchart of another certificate management method provided by this embodiment of the application.
  • FIG. 8 illustrates the second method.
  • Figure 8 specifically provides a digital certificate and private key programming process, which can be executed on the terminal equipment manufacturer platform.
  • the key management TA obtains DRM parameters through the offline programming interface.
  • the DRM parameters include the first digital certificate, the first private key, the transport key, and the first identification information; the first digital certificate uses the transport key to pair the second The digital certificate encrypted by the digital certificate, the first private key is the private key encrypted with the second private key using the transport key, the first digital certificate is used to verify the legitimacy of the device deployed with the trusted execution environment TEE, and the second The private key is used to encrypt and decrypt digital content.
  • the DRM parameters also include at least one of the following: the length of the transport key, the length of the first identification information, the length of the first private key, the length of the first digital certificate, the data address of the first digital certificate, the length of the first private key Data address.
  • the key management TA uses the transport key to decrypt the first digital certificate and the first private key respectively to obtain the second digital certificate and the second private key.
  • the key management TA stores the second digital certificate, the second private key, and the first identification information in association, and the first identification information is used to identify the second digital certificate and the second private key.
  • the first identification information and the transport key please refer to the description in the embodiment corresponding to FIG. 7, which will not be repeated here.
  • the first service TA obtains first information, and the first information includes the first identification information.
  • the first service TA obtains the second digital certificate associated with the first identification information from the key management TA through a transmission interface. Refer to the description in the embodiment corresponding to FIG. 7 for the method of obtaining the first identification information, and details are not described here.
  • the first service TA sends a second instruction to the key management TA, and the second instruction carries the first data and the First identification information; the key management TA obtains the second private key associated with the first identification information from a stored key, and uses the second private key to sign the first data or The second data is obtained by decryption; the key management TA sends the second data to the first service TA.
  • FIG. 9 is a schematic flowchart of the method for online burning and writing of digital certificates and private keys provided by an embodiment of this application.
  • Online burning can be used to update the original burned digital certificate and private key, or burn a new digital certificate and private key.
  • the newly-added digital certificate and the original burned digital certificate can be derived from different root CA certificates.
  • the digital certificate and private key burned online can be applied to the N business TAs deployed in the original TEE.
  • a new business TA can be added, and the digital certificate and private key burned online can be burned for the new business TA.
  • the second service TA may be one of N service TAs, or may be a newly added service TA. It should be noted that the newly added service TA can use the original burned digital certificate and private key when obtaining the identification information and pass key corresponding to the original burned digital certificate and private key.
  • the communication premise is that the newly added service TA has obtained the trust of the DRM server.
  • the business interface corresponding to each business TA can also be deployed in the REE, so that the business TA is responsible for data processing related to the client application through the business interface.
  • the service interface can be used as an input interface for writing digital certificates and private keys online.
  • the second service TA receives the parameters to be written, and the parameters to be written include the fourth digital certificate, the fourth private key, and the third transport key.
  • the fourth digital certificate is the fifth digital certificate using the third transport key.
  • the fourth private key is the private key obtained by using the third transport key to encrypt the fifth private key corresponding to the fifth digital certificate.
  • the second service TA generates a second pass key.
  • the second pass key can be randomly generated, or the second pass key can be generated through a predefined generation rule.
  • the second service TA applies for second identification information from the key management TA through the transmission interface.
  • the second service TA sends the fourth digital certificate, the fourth private key, the second pass key, the third transport key, and the second identification information to the key management TA through the online distribution and writing interface in the transmission interface.
  • the key management TA uses the third transport key to decrypt the fourth digital certificate and the fourth private key respectively to obtain the fifth digital certificate and the fifth private key.
  • the key management TA uses the second pass key to respectively encrypt the fifth digital certificate and the fifth private key to obtain a sixth digital certificate and a sixth private key.
  • the key management TA stores the sixth digital certificate, the sixth private key, and the second identification information in association with each other.
  • the second service TA stores the second identification information and the second pass key. In order to read and use the digital certificate and private key later.
  • the key management TA stores the digital certificate and private key, and the pass key is not used to encrypt the digital certificate and private key, the above S903 and S905 are no longer executed.
  • the second identification information allocated by the key management TA is used to identify the fifth digital certificate and the fifth private key, so that when S907 is executed, the key management TA stores the fifth digital certificate and the fifth private key in association with each other. The private key and the second identification information.
  • the input variables of the online distribution programming interface include a fourth digital certificate, the fourth private key, and the third transportation key, or include the fourth digital certificate and the fourth private key And the third transport key and the second pass key.
  • the input variables of the online distribution burning interface include the fourth digital certificate, the fourth private key and The third transport key; when the key management TA stores the digital certificate and the private key, when the pass key is used to encrypt the digital certificate and the private key, the input variable of the online distribution burning interface includes the fourth number A certificate, the fourth private key, the third transport key, and the second pass key.
  • the online distribution programming interface can be defined as follows:
  • keyIndex represents the new identification information applied for. If the input is less than 0, it is considered that no keyIndex is entered, and a new keyIndex is generated and returned; if the input is greater than 0, try to update or insert, and verify the encryption used to encrypt the digital certificate and private key during update The pass key password, if the verification fails, the update will fail and the password will not be verified again; enter 0 to return failure. Password cannot be updated during update.
  • pTransportKey represents the transport key (TransportKey) encrypted with the assistance of the chip manufacturer, that is, the third pass key mentioned above;
  • s32TransportKeyLen represents the length of TransportKey
  • pPasswd represents the pass key passwd generated by the service TA, that is, the above-mentioned second pass key
  • s32Passlen represents the length of passwd
  • pPrivateKey represents the private key encrypted by TransportKey, that is, the fourth private key
  • s32privateKeyLen represents the length of the encrypted private key, that is, the length of the fourth private key
  • pCert represents a digital certificate encrypted by TransportKey, that is, the fourth digital certificate
  • s32CertLen represents the length of the encrypted digital certificate, that is, the length of the fourth digital certificate.
  • the function of the online distribution programming interface can return a fifth value, such as 0, and other values indicate that the function call of the online distribution programming interface failed.
  • the input variable of the identification application interface is empty, and the output variable is the applied identification information, that is, the second identification information.
  • the logo application interface can be defined as follows:
  • pNewKeyIndex output parameter the new identification information generated, that is, the second identification information.
  • the function that identifies the application interface is successfully called, and the function that identifies the application interface can return a sixth value, such as 0. When other values are returned, it indicates that the function of the identification application interface failed.
  • the first method that is, the encrypted storage of the digital certificate and the private key
  • the CDTA Take the CDTA as the DRM authority as an example.
  • the digital certificate and private key encryption process, offline burning process, read certificate and private key usage process in certificate management are described in detail below.
  • CDTA is the root CA authorization center of DRM, which is used to derive the digital certificate of the terminal device (that is, the DRM client certificate) and generate the private key of the terminal device.
  • the CDTA then securely sends the digital certificate and private key of the terminal device to the operating platform of the key owner.
  • the encryption of the digital certificate and private key is completed by the key owner in the security laboratory.
  • CDTA sends the digital certificate and private key of the terminal device to the operating platform of the key owner securely, it can send the digital certificate and private key to the key owner by means of PGP encrypted mail or offline notification.
  • Figure 10 takes the way of PGP encrypted mail as an example. After the key owner obtains the digital certificate and private key through the PGP encrypted mail method, the digital certificate is decrypted using PGP technology. It should be understood that the key owner can obtain multiple digital certificates and private keys corresponding to multiple digital certificates from the CDTA by way of an order. The following takes a digital certificate and private key as an example for description.
  • Example 1 the key owner completes the encryption process of the digital certificate 1 (DRM cert) and the private key 1 (Private key) in the security laboratory, as shown in FIG. 11.
  • the transport key 1 (TransportKey) is designated by the key owner and is the transport key used to encrypt the digital certificate 1 and the private key 1.
  • Identification information 1 (Keyindex) and pass key 1 (passwd) can also be specified by the key owner.
  • Keyindex is the identification information used to identify the digital certificate 1 and private key 1 burned to the chip, and passwd is used to burn
  • DRM cert digital certificate 1
  • Private key 1 Principal Key
  • the key owner uses TransportKey to encrypt DRM cert and Private_key in the security laboratory through the operating platform to obtain digital certificate 2 and private key 2.
  • [DRM cert] represents digital certificate 2
  • [Private key] represents private key 2.
  • TransportKey to encrypt passwd to obtain pass key 2 (indicated by [passwd] in FIG. 11).
  • encrypting passwd is taken as an example.
  • the running platform can use general password tools (such as SM4_Encrypt_Tool), and use TransportKey to encrypt DRM cert, Private key, and passwd respectively.
  • SM4_Encrypt_Tool is a general algorithm encryption tool.
  • the general encryption tool uses a general password algorithm to encrypt DRM cert, Private key or passwd.
  • general cryptographic algorithms may be electronic codebook (ECB), cipher block chaining (CBC), and counter (CTR).
  • the chip manufacturer platform in the chip manufacturer's security laboratory can use the layer key (for example, OEM_ROOTKEY) in the chip OTP area.
  • the chip manufacturer platform uses the OEM_ROOTKEY to encrypt the TransportKey and obtains the [TransportKey] and sends it to the key owner.
  • [TransportKey] represents the encrypted TransportKey.
  • the chip manufacturer then provides [TransportKey] to the key owner, and the key owner passes [DRM cert], [Private key], [TransportKey] and [passwd] to the terminal equipment manufacturer. Therefore, the terminal equipment manufacturer obtains [DRM cert], [Private key], [TransportKey] and [passwd] through the terminal equipment manufacturer platform, and then burns the digital certificate and private key into the chip of the terminal device.
  • the Keyindex may also be specified by the terminal device manufacturer.
  • the Keyindex does not need to be passed to the terminal device manufacturer.
  • the Keyindex is passed by the key owner to the terminal manufacturer as an example.
  • Example 2 The process of the terminal device manufacturer burning the digital certificate and private key to the chip of the terminal device through the terminal device manufacturer platform is described, as shown in FIG. 10 and FIG. 12.
  • DRM_KEY_TA represents a key management TA
  • DRM_TA represents a service TA.
  • three service TAs are deployed in the chip as an example, namely service TA1 (DRM TA1), service TA2 (DRM TA2), DRM TA2, and service TA3 (DRM TA3).
  • DRM_KEY_REE_API represents the offline programming interface.
  • DRM_KEY_REE_API is deployed in REE.
  • DRM_KEY_REE_API is used to write encrypted parameters to DRM_KEY_TA on the TEE side.
  • the DRM_KEY_REE_API interface will not decrypt parameters or process other security services.
  • the Private key and DRM cert encrypted by TransportKey are distinguished from the Private key and DRM cert encrypted by passwd.
  • transportkey represents the Private key encrypted by TransportKey, that is, private key 2
  • [DRM cert] transportkey represents the DRM cert encrypted by TransportKey, that is, digital certificate 2.
  • [Private key] passwd represents the private key encrypted by passwd, that is, private key 3.
  • [DRM cert] passwd represents the DRM cert encrypted by passwd, that is, digital certificate 3.
  • DRM_KEY_REE_API responds to the DRM parameters transmitted by the terminal equipment manufacturer's platform and sends the DRM parameters to the DRM KEY TA.
  • the DRM parameters include [Private key] data address of transportkey, [DRM cert] data address of transportkey, [passwd] and [TransportKey].
  • the use of TransportKey encryption is taken as an example.
  • the DRM parameters may not include Keyindex.
  • DRM_KEY_TA can set Keyindex as a default value.
  • the default value can be configured to DRM_KEY_TA on the terminal device manufacturer platform.
  • the Keyindex carried in the DRM parameter is taken as an example.
  • DRM_KEY_TA executes the decryption process to decrypt the plaintext DRM cert, Private key, passwd and keyindex. Specifically, DRM_KEY_TA uses the hierarchical key to decrypt [TransportKey] to obtain TransportKey, and uses TransportKey to decrypt [Private key] transportkey, [DRM cert] transportkey, and [passwd] to obtain Private key, DRM cert, and passwd respectively.
  • DRM_KEY_TA executes the encryption process, uses passwd to encrypt DRM cert and Private key to obtain [DRM cert] passwd and [Private key] passwd.
  • DRM_KEY_TA associates [DRM cert] passwd and [Private key] passwd and keyindex into the secure storage area 1 of DRM_KEY_TA.
  • DRM_KEY_TEE_API A security interface DRM_KEY_TEE_API is deployed between DRM TA and DRM_KEY_TA, so that DRM TA reads DRM cert and Private key from DRM_KEY_TA through DRM_KEY_TEE_API.
  • client applications are also deployed. Multiple different client applications can correspond to one DRM TA, or to different DRM TAs.
  • Client Application 1 corresponds to DRM TA1
  • Client Application 2 and Client Application 3 correspond to DRMTA2
  • Client Application 4 and Client Application 5 correspond to DRM TA3.
  • the process of data exchange between the client application and the client server may require the use of digital certificates or private keys.
  • the establishment of trust between the DRM client and the DRM server requires the use of digital certificates to establish trust.
  • the process of transferring data between the DRM client and the DRM server needs to be signed or decrypted with a private key.
  • Example 3 the process of reading the digital certificate by DRM TA is described, as shown in Figure 13.
  • DRM TA1 Take DRM TA1 to read DRM cert from DRM_KEY_TA through DRM_KEY_TEE_API as an example.
  • the secure storage area 2 corresponding to the DRM TA1 for example, the secure storage area 2 stores the passwd and keyindex corresponding to the DRM cert.
  • DRM TA1 reads passwd and keyindex from flash2, DRM TA1 sends passwd and keyindex to DRM_KEY_TA through the certificate transmission interface in DRM_KEY_TEE_API, DRM_KEY_TA obtains the [DRM cert] passwd associated with keyindex from flash1, and then uses passwd to decrypt [DRM cert] passwd obtains the DRM cert, and then sends the DRM cert to the DRM TA1 through the certificate transmission interface.
  • Example 4 illustrates the process of signing with a private key, as shown in Figure 14.
  • DRM TA1 receives data to be signed, such as data sent to the DRM server, such as data generated by client application 1.
  • DRM TA1 reads passwd and keyindex from secure storage area 2.
  • DRM TA1 sends passwd, keyindex and the data to be signed to DRM_KEY_TA through the private key signature interface in DRM_KEY_TEE_API, DRM_KEY_TA obtains the keyindex associated [Private key] passwd from flash1 , And then use the passwd received from DRM TA1 to decrypt the [Private key] passwd to obtain the Private key, use the Private key to sign the data to be signed to obtain the signed data, and send the signed data to the DRM TA, which is then transmitted by DRMTA to the client End application 1, client application 1 is sent to the DRM server.
  • Example 5 the process of decrypting with a private key is described, as shown in Figure 15.
  • the DRM TA1 receives the data to be decrypted, such as the encrypted data from the DRM server received by the client application 1.
  • DRM TA1 reads passwd and keyindex from secure storage area 2,
  • DRM TA1 sends passwd, keyindex and the data to be decrypted to DRM_KEY_TA through the private key decryption interface in DRM_KEY_TEE_API, DRM_KEY_TA obtains the keyindex associated [Private from secure storage area 1.
  • the data to be decrypted may be CEK.
  • Example 6 taking DRM and TA3 as an example to illustrate the process of burning digital certificates and private keys online, as shown in Figure 16.
  • the encryption method of the burned digital certificate and private key is also done by the key owner in the security laboratory.
  • the difference from the offline programming process is that the key owner provides the terminal equipment manufacturer with the digital certificate and private key encrypted with the transport key, as well as the transport key.
  • the transport key can also be obtained after encryption by the chip manufacturer, or it can be unencrypted.
  • TransportKey-1 is taken as an example, and TransportKey-1 is not encrypted by the chip manufacturer.
  • the digital certificate to be written is digital certificate-1 (DRM cert-1), and the private key to be written is private key-1 (Private key-1).
  • the digital certificate to be written encrypted by TransportKey-1 is digital certificate-2([DRMcert-1]transportkey-1), and the private key to be written encrypted by TransportKey-1 is private key-2([Privatekey -1]transportkey-1).
  • DRM TA3 receives the parameters to be written through the service interface (DRM_API), and the parameters to be written carry [DRM cert-1] transportkey-1, [Private key-1] transportkey-1 and TransportKey-1.
  • DRM TA3 generates a pass key-1 (passwd-1) used to encrypt and save Private key-1 and DRM cert-1.
  • DRM TA3 applies for identification information, such as identification information-1 (keyindex-1), from DRM_KEY_TA through the identification application interface in DRM_KEY_TEE_API. That is, keyindex1 is allocated by DRM_KEY_TA.
  • DRM_KEY_TA can be configured with multiple identification information by the terminal device manufacturer. Thus, an unused keyindex is allocated based on the current keyindex usage.
  • DRM TA3 sends [DRM cert-1]transportkey-1, [Privatekey-1]transportkey-1 and TransportKey-1, keyindex-1 and passwd-1 to DRM_KEY_TA through the online distribution programming interface in DRM_KEY_TEE_API.
  • DRM_KEY_TA uses TransportKey-1 to decrypt [DRMcert1]transportkey-1 and [Privatekey-1]transportkey-1 to obtain DRMcert-1 and Privatekey-1.
  • DRM_KEY_TA uses passwd-1 to encrypt DRM cert-1 and Private key-1 to obtain digital certificate-1 ([DRM cert-1]passwd-1) and private key-3 ([Privatekey-1]passwd-1) .
  • DRM_KEY_TA stores [DRM cert-1] passwd-1, [Private key-1] passwd-1, and keyindex-1 in the secure storage area 1.
  • DRM TA3 writes passwd-1 and keyindex-1 into the secure storage area 4 corresponding to DRM TA3 for subsequent use when reading certificates and using private keys.
  • FIG. 17 is a schematic structural diagram of another possible certificate management apparatus according to an embodiment of the application.
  • the apparatus 1700 includes a processor 1710 and a memory 1720. It should be understood that when the device 1700 is a chip product, the device 1700 may only include the processor 1710, and the memory 1720 may be regarded as a memory chip other than the device 1700.
  • the functions of the offline programming interface, key management TA, transmission interface, and each service TA involved in FIG. 6 can all be implemented by the processor 1710.
  • the device 1700 may also include a communication interface 1730, which is used to communicate with the terminal device manufacturer's platform, receive DRM parameters from the terminal device manufacturer's platform, or parameters to be written in offline programming.
  • the steps of the processing flow can be implemented by the integrated logic circuit of hardware in the processor 1710 or instructions in the form of software to complete the methods involved in FIGS. 7-16.
  • the communication interface 1730 in the embodiment of the present application may be a hardware interface such as a circuit or a bus that can be used for information exchange.
  • the processor 1710 in the embodiment of the present application may be a general-purpose processor, a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component.
  • the general-purpose processor may be a microprocessor or any conventional processor.
  • the steps of the method disclosed in the embodiments of the present application may be directly embodied as being executed and completed by a hardware processor, or executed and completed by a combination of hardware and software units in the processor.
  • the program code executed by the processor 1710 for implementing the foregoing method may be stored in the memory 1720.
  • the memory 1720 and the processor 1710 are coupled.
  • the coupling in the embodiments of the present application is an indirect coupling or communication connection between devices, units or modules, which can be electrical, mechanical or other forms, and is used for information exchange between devices, units or modules.
  • the processor 1710 may operate in cooperation with the memory 1720.
  • the memory 1730 may be a non-volatile memory, such as a hard disk drive (HDD) or a solid-state drive (SSD).
  • the memory 1720 is any other medium that can be used to carry or store desired program codes in the form of instructions or data structures and that can be accessed by a computer, but is not limited thereto.
  • the memory 1720 is also used to store digital certificates, private keys, and identification information in association, and store identification information and pass keys in association.
  • the embodiment of the present application does not limit the specific connection medium between the communication interface 1730, the processor 1710, and the memory 1720.
  • the communication interface 1730, the processor 1710, and the memory 1720 are connected through a bus.
  • the bus is represented by a thick line in FIG. 17, and the connection mode between other components is only for schematic illustration, and is not to be taken as a limitation.
  • the bus can be divided into address bus, data bus, control bus, etc. For ease of representation, only one thick line is used in FIG. 17, but it does not mean that there is only one bus or one type of bus.
  • the embodiments of the present application provide a computer program product, including a computer program.
  • the computer program When the computer program is executed on a computer, it will enable the computer to implement any of the above-mentioned certificate management method embodiments. Function.
  • the embodiments of the present application provide a computer program, which when executed on a computer, will enable the computer to implement the functions involved in any of the above-mentioned certificate management method embodiments.
  • the embodiments of the present application provide a computer-readable storage medium for storing programs and instructions.
  • the computer can execute any of the above-mentioned certificate management method embodiments. The functions involved in.
  • the embodiments of the present application can be provided as methods, systems, or computer program products. Therefore, the present application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, this application may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
  • a computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
  • the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
  • the instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Technology Law (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

一种证书管理方法及装置,以解决DRM客户端的数字证书和私钥管控效率低的问题。具体采用的方案是:将对客户端应用相关的数据处理的功能,以及数字证书/私钥的写入/读取的功能,通过不同的模块来实现,用于负责数字证书和私钥的写入和存储的功能模块称为密钥管理TA,用于负责客户端应用相关的数据处理的功能模块为业务TA。不同的客户端的数字证书和私钥,均由密钥管理TA负责写入和存储,由密钥管理TA统一管理。密钥管理TA针对不同的客户端的数字证书和私钥采用通行密钥来加密,并且对加密后的数字证书和私钥通过不同的标识信息来关联保存。

Description

一种证书管理方法及装置 技术领域
本申请涉及通信技术领域,尤其涉及一种证书管理方法及装置。
背景技术
随着互联设备的移动和消费市场日益成熟、不断壮大,音视频内容的数字版权管理(digital rights management,DRM)也越来越受到关注,具体通过数字证书技术确保音视频内容分发过程中端到端的保护。用于提供音视频内容的DRM服务器会根据不同的安全级别授权终端设备中DRM客户端访问不同质量的数字化内容。安全级别较高的数字化内容的访问所需要的数字证书和私钥,在终端设备在出厂时烧写DRM客户端中。因此,不同的DRM客户端的数字证书和私钥均单独烧写,从而导致对DRM客户端的数字证书和私钥的管控效率较低。
发明内容
本申请实施例提供了一种证书管理方法及装置,以解决DRM客户端的数字证书和私钥管控效率低的问题。
第一方面,本申请实施例提供一种证书管理方法,方法应用于部署有可信执行环境TEE的装置,装置中还部署有离线烧写接口,TEE中部署有密钥管理可信应用TA。该装置中还可以部署丰富执行环境REE,上述离线烧写接口可以部署于REE中。方法具体包括,密钥管理TA通过离线烧写接口获取数字版权管理DRM参数,DRM参数中包括第一数字证书的地址、第一私钥的地址以及运输密钥;第一数字证书为使用运输密钥对第二数字证书加密后的数字证书,第一私钥为使用运输密钥对第二私钥加密后的私钥,第二私钥用于签名发往DRM服务端的数据,或用于解密来自DRM服务端的数据;然后密钥管理TA分别根据第一数字证书的地址和第一私钥的地址获取第一数字证书和第一私钥,并采用运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥;之后密钥管理TA关联存储第二数字证书、第二私钥以及第一标识信息,第一标识信息用于标识第二数字证书和第二私钥。
本申请实施例新定义了一种离线烧写接口,通过上述设计,针对不同的DRM客户端的数字证书和私钥均通过该离线烧写接口写入密钥管理TA的安全存储区域中,该密钥管理TA负责对证书和私钥进行存储和管理,不同的数字证书和私钥存储时对应不同的标识信息,因此不同的DRM客户端的数字证书和私钥均可以通过该离线烧写接口写入密钥管理TA对应的安全存储区域,并由安全存储区域进行统一存储和管理,后续不同的DRM客户端均可从密钥管理TA处获取数字证书和私钥,从而提高了烧写效率,且提高了对数字证书和私钥的管控效率。
在一种可能的设计中,DRM参数还包括第一通行密钥;在该情况下,密钥管理TA关联存储第二数字证书、第二私钥以及第一标识信息时,可以通过如下方式实现:密钥管理TA采用第一通行密钥分别对第二数字证书和第二私钥进行加密,得到第三数字证书和第三私钥;然后密钥管理TA关联存储第三数字证书、第三私钥以及第一标识信息,第一标 识信息用于标识第三数字证书和第三私钥。
通过上述设计,在关联存储数字证书和私钥时,使用通行密钥进行加密存储,从而负责业务处理的业务TA在需要使用数字证书和私钥时,需要采用通行密钥和第一标识信息来获取,从而可以提高数字证书和私钥的安全性。
在一种可能的设计中,TEE中还部署有N个业务TA和传输接口,N为正整数;
第一业务TA获取第一信息,第一信息包括第一标识信息,第一业务TA为N个业务TA中的任一个;第一业务TA通过传输接口从密钥管理TA中获取第一标识信息关联的第二数字证书。
上述设计中,针对不同的业务TA可以采用同一个数字证书和私钥,也可以采用不同的数字证书和私钥,但均通过统一的密钥管理TA,使得对客户端应用相关的数据处理的功能,以及数字证书/私钥的写入/读取的功能分开通过不同的模块来处理,即用于负责数字证书和私钥的写入和存储的功能模块为密钥管理TA,用于负责客户端应用相关的数据处理的功能模块为业务TA,提高数字证书和私钥的安全性。且后续不同的业务TA仅可以通过TEE中部署的传输接口来访问和使用密钥管理TA存储的数字证书和私钥,保证了私钥和数字证书的私密性。
在一种可能的设计中,若DRM参数还包括第一通行密钥,第一信息还包括第一通行密钥;第一业务TA基于第一标识信息和第一通行密钥通过传输接口从密钥管理TA中获取第二数字证书。
通过上述设计,负责业务处理的业务TA在需要使用数字证书和私钥时,需要采用通行密钥和第一标识信息来获取,进一步提高数字证书和私钥的安全性。另外,可以增加新的客户端,新增加的客户端可以使用标识信息,或者标识信息和通行密钥即可读取数字证书,或者借助于密钥管理TA来实现业务办理,比如数据签名或者数据解密。另外,不同的业务TA可以同时使用第一标识信息,或者第一标识信息和第一通行密钥来从密钥管理TA中获取数字证书。
在一种可能的设计中,第一业务TA基于第一标识信息和第一通行密钥通过传输接口从密钥管理TA中获取第二数字证书,包括:第一业务TA通过传输接口向密钥管理TA发送第一指令,第一指令携带第一通行密钥和第一标识信息;密钥管理TA从存储的数字证书中获取第一标识信息关联的第三数字证书;密钥管理TA使用第一通行密钥解密第三数字证书得到第二数字证书,并将第二数字证书通过传输接口发送给第一业务TA。
上述设计中,在通行密钥错误的情况下,业务TA无法从密钥管理TA中获取到数字证书,从而提高数字证书的安全性。
在一种可能的设计中,TEE中部署有第一业务TA,方法还包括:第一业务TA向密钥管理TA发送第二指令,第二指令携带第一数据和第一标识信息;第一业务TA为N个业务TA中的任一个;密钥管理TA从存储的密钥中获取第一标识信息关联的第二私钥,并采用第二私钥对第一数据进行签名或者解密得到第二数据;密钥管理TA将第二数据发送给第一业务TA。
上述设计中,业务TA不具有使用私钥的权限,使用的私钥的权限仅在密钥管理TA中,业务TA在需要使用私钥签名数据或者解密数据时,需要通过密钥管理TA来执行,并由密钥管理TA将签名后或者解密后的数据发送给业务TA,也就说业务TA无法真正接触到私钥,提高私钥的安全性。另外,不同的业务TA可以同时使用第一标识信息,或者第一 标识信息和第一通行密钥来借助密钥管理TA对数据签名或解密。
在一种可能的设计中,若DRM参数还包括第一通行密钥,第二指令还包括第一通行密钥;采用第二私钥对第一数据进行签名或者解密得到第二数据,包括:密钥管理TA从存储的密钥中获取第一标识信息关联的第三私钥,并采用第一通行密钥解密第三私钥得到第二私钥;密钥管理TA采用第二私钥对第一数据进行签名或者解密得到第二数据,并将第二数据发送给第一业务TA。
上述设计中,业务TA不具有使用私钥的权限,使用的私钥的权限仅在密钥管理TA中,业务TA在需要使用私钥签名数据或者解密数据时,需要通过密钥管理TA基于标识信息以及通行密钥来执行,并由密钥管理TA将签名后或者解密后的数据发送给业务TA,在业务TA无法提供正确的标识信息或者通行密钥的情况下,无法签名数据和解密数据,进一步提高私钥的安全性。
在一种可能的设计中,DRM参数中还包括如下至少一项:运输密钥的长度、第一标识信息的长度、第一私钥的长度、第一数字证书的长度。
在一种可能的设计中,DRM参数中还包括第一通行密钥的长度。
在一种可能的设计中,离线烧写接口为函数调用接口,离线烧写接口的输入变量包括DRM参数中的任一项参数。
在一种可能的设计中,传输接口为函数调用接口,传输接口包括如下至少一个:标识申请接口、证书读写接口、私钥签名接口、私钥解密接口或在线烧写接口;其中,标识申请接口的输入变量为空;证书读写接口的输入变量包括第一标识信息或者包括第一标识信息和第一通行密钥;私钥签名接口的输入变量包括第一标识信息和待签名的数据或者包括第一标识信息、第一通行密钥和待签名的数据;私钥解密接口的输入变量包括第一标识信息和待解密的数据或者包括第一标识信息、第一通行密钥和待解密的数据;在线烧写接口的输入变量包括经过加密的待写入数字证书、经过加密的待写入私钥和加密待写入数字证书和待写入私钥所使用的运输密钥。
在一种可能的设计中,函数调用接口为应用程序编程接口API。
在一种可能的设计中,运输密钥包括第一运输密钥和第二运输密钥,第一数字证书为使用第一运输密钥对第二数字证书加密后的数字证书,第一私钥为使用第二运输密钥对第二私钥加密后的私钥;密钥管理TA采用运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥,包括:密钥管理TA采用第一运输密钥解密第一数字证书,得到第二数字证书,并采用第二运输密钥解密第一私钥,得到第二私钥。
上述设计中,针对数字证书和私钥采用的不同的运输密钥来传递给密钥管理TA,进一步提高数字证书和私钥的安全性。
在一种可能的设计中,运输密钥为使用层级密钥加密后的密钥;密钥管理TA采用运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥,包括:密钥管理TA采用层级密钥对运输密钥进行解密;采用解密后的运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥。
上述设计中,运输密钥采用层级密钥来加密,层级密钥可以内置于芯片中,可以提高运输密钥传递到密钥管理TA过程中的安全性,并进一步提高数字证书和私钥的安全性。
在一种可能的设计中,TEE部署有第二业务TA,部署有可信执行环境TEE的装置中部署有传输接口,方法还包括:第二业务TA接收待写入参数,待写入参数包括第四数字 证书、第四私钥和第三运输密钥,第四数字证书为使用第三运输密钥对第五数字证书加密后的数字证书,第四私钥为使用第三运输密钥对第五数字证书对应的第五私钥加密后的私钥;第二业务TA通过传输接口向密钥管理TA申请第二标识信息;第二业务TA将第四数字证书、第四私钥、第三运输秘钥和第二标识信息发送给密钥管理TA;密钥管理TA采用第三运输密钥分别解密第四数字证书和第四私钥得到第五数字证书和第五私钥;密钥管理TA关联存储第五数字证书、第五私钥以及第二标识信息;第二业务TA存储第二标识信息。
上述设计,提供一种在线写入数字证书和私钥的方法,可以对原有离线写入的数字证书和私钥进行更新,或者在原有的数字证书和私钥的基础上增加新的数字证书和私钥,以供更多的DRM客户端使用,可以提高数字证书和私钥的管控效率。
在一种可能的设计中,还包括:第二业务TA生成第二通行密钥,并存储第二通行密钥;第二业务TA将第二通行密钥发送给密钥管理TA;密钥管理TA关联存储第五数字证书、第五私钥以及第二标识信息,包括:密钥管理TA使用第二通行密钥分别对第五数字证书和第五私钥进行加密得到第六数字证书和第六私钥,并关联存储第六数字证书、第六私钥以及第二标识信息。结合通行密钥和标识信息来存储数字证书和私钥,提高数字证书和私钥的安全性。
第二方面,本申请实施例提供的另一种证书管理方法,方法应用于部署有可信执行环境TEE的装置,TEE中部署有密钥管理可信应用TA和N个业务TA,N为正整数,部署有可信执行环境TEE的装置中还部署有传输接口,方法还包括:N个业务TA中任一业务TA接收待写入参数,待写入参数包括第四数字证书、第四私钥和第三运输密钥,第四数字证书为使用第三运输密钥对第五数字证书加密后的数字证书,第四私钥为使用第三运输密钥对第五数字证书对应的第五私钥加密后的私钥;任一业务TA通过传输接口向密钥管理TA申请第二标识信息;任一业务TATA将第四数字证书、第四私钥、第三运输秘钥和第二标识信息发送给密钥管理TA;密钥管理TA采用第三运输密钥分别解密第四数字证书和第四私钥得到第五数字证书和第五私钥;密钥管理TA关联存储第五数字证书、第五私钥以及第二标识信息;任一业务TA存储第二标识信息。
在一种可能的设计中,还包括:任一业务TA生成第二通行密钥,并存储第二通行密钥;任一业务TA将第二通行密钥发送给密钥管理TA;密钥管理TA关联存储第五数字证书、第五私钥以及第二标识信息,包括:密钥管理TA使用第二通行密钥分别对第五数字证书和第五私钥进行加密得到第六数字证书和第六私钥,并关联存储第六数字证书、第六私钥以及第二标识信息。
基于与第一方面同样的发明构思,本申请实施例提供了一种证书管理装置,证书管理装置部署有可信执行环境TEE,证书管理装置中还部署有离线烧写接口,TEE中部署有密钥管理可信应用TA,其中,密钥管理TA,用于通过离线烧写接口获取数字版权管理DRM参数,DRM参数中包括第一数字证书的地址、第一私钥的地址以及运输密钥;第一数字证书为使用运输密钥对第二数字证书加密后的数字证书,第一私钥为使用运输密钥对第二私钥加密后的私钥,第二私钥用于签名发往DRM服务端的数据,或用于解密来自DRM服务端的数据;密钥管理TA,还用于分别根据第一数字证书的地址和第一私钥的地址获取第一数字证书和第一私钥,并采用运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥;关联存储第二数字证书、第二私钥以及第一标识信息,第一标识信息用于标识第二数字证书和第二私钥。
在一种可能的设计中,DRM参数还包括第一通行密钥;密钥管理TA,具体用于采用第一通行密钥分别对第二数字证书和第二私钥进行加密,得到第三数字证书和第三私钥;关联存储第三数字证书、第三私钥以及第一标识信息,第一标识信息用于标识第三数字证书和第三私钥。
在一种可能的设计中,TEE中还部署有N个业务TA和传输接口,N为正整数;第一业务TA,用于获取第一信息,第一信息包括第一标识信息,第一业务TA为N个业务TA中的任一个;通过传输接口从密钥管理TA中获取第一标识信息关联的第二数字证书。
在一种可能的设计中,若DRM参数还包括第一通行密钥,第一信息还包括第一通行密钥;第一业务TA,还用于基于第一标识信息和第一通行密钥通过传输接口从密钥管理TA中获取第二数字证书。
在一种可能的设计中,第一业务TA,具体用于通过传输接口向密钥管理TA发送第一指令,第一指令携带第一通行密钥和第一标识信息;密钥管理TA,还用于从存储的数字证书中获取第一标识信息关联的第三数字证书;使用第一通行密钥解密第三数字证书得到第二数字证书,并将第二数字证书通过传输接口发送给第一业务TA。
在一种可能的设计中,TEE中部署有第一业务TA,第一业务TA,还用于向密钥管理TA发送第二指令,第二指令携带第一数据和第一标识信息;第一业务TA为N个业务TA中的任一个;密钥管理TA,还用于从存储的密钥中获取第一标识信息关联的第二私钥,并采用第二私钥对第一数据进行签名或者解密得到第二数据;密钥管理TA,还用于将第二数据发送给第一业务TA。
在一种可能的设计中,若DRM参数还包括第一通行密钥,第二指令还包括第一通行密钥;密钥管理TA,具体用于从存储的密钥中获取第一标识信息关联的第三私钥,并采用第一通行密钥解密第三私钥得到第二私钥;采用第二私钥对第一数据进行签名或者解密得到第二数据,并将第二数据发送给第一业务TA。
在一种可能的设计中,DRM参数中还包括如下至少一项:运输密钥的长度、第一标识信息的长度、第一私钥的长度、第一数字证书的长度。
在一种可能的设计中,DRM参数中还包括第一通行密钥的长度。
在一种可能的设计中,离线烧写接口为函数调用接口,离线烧写接口的输入变量包括DRM参数中的任一项参数。
在一种可能的设计中,传输接口为函数调用接口,传输接口包括如下至少一个:标识申请接口、证书读写接口、私钥签名接口、私钥解密接口或在线烧写接口;
其中,标识申请接口的输入变量为空;
证书读写接口的输入变量包括第一标识信息或者包括第一标识信息和第一通行密钥;
私钥签名接口的输入变量包括第一标识信息和待签名的数据或者包括第一标识信息、第一通行密钥和待签名的数据;
私钥解密接口的输入变量包括第一标识信息和待解密的数据或者包括第一标识信息、第一通行密钥和待解密的数据;
在线烧写接口的输入变量包括经过加密的待写入数字证书、经过加密的待写入私钥和加密待写入数字证书和待写入私钥所使用的运输密钥。
在一种可能的设计中,函数调用接口为应用程序编程接口API。
在一种可能的设计中,运输密钥包括第一运输密钥和第二运输密钥,第一数字证书为 使用第一运输密钥对第二数字证书加密后的数字证书,第一私钥为使用第二运输密钥对第二私钥加密后的私钥;
密钥管理TA,具体用于采用第一运输密钥解密第一数字证书,得到第二数字证书,并采用第二运输密钥解密第一私钥,得到第二私钥。
在一种可能的设计中,运输密钥为使用层级密钥加密后的密钥;
密钥管理TA,具体用于采用层级密钥对运输密钥进行解密;采用解密后的运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥。
在一种可能的设计中,TEE部署有第二业务TA,部署有可信执行环境TEE的装置中部署有传输接口;
第二业务TA,用于接收待写入参数,待写入参数包括第四数字证书、第四私钥和第三运输密钥,第四数字证书为使用第三运输密钥对第五数字证书加密后的数字证书,第四私钥为使用第三运输密钥对第五数字证书对应的第五私钥加密后的私钥;
第二业务TA,还用于通过传输接口向密钥管理TA申请第二标识信息;密钥管理TA,用于为第二业务TA分配第二标识信息,并通过传输接口发送给第二业务TA;
第二业务TA,还用于将第四数字证书、第四私钥、第三运输秘钥和第二标识信息发送给密钥管理TA;
密钥管理TA,还用于采用第三运输密钥分别解密第四数字证书和第四私钥得到第五数字证书和第五私钥;关联存储第五数字证书、第五私钥以及第二标识信息;
第二业务TA,还用于存储第二标识信息。
在一种可能的设计中,第二业务TA,还用于生成第二通行密钥,并存储第二通行密钥;将第二通行密钥发送给密钥管理TA;
密钥管理TA,具体用于使用第二通行密钥分别对第五数字证书和第五私钥进行加密得到第六数字证书和第六私钥,并关联存储第六数字证书、第六私钥以及第二标识信息。
第四方面,本申请实施例提供的另一种证书管理装置,该证书管理装置中部署有可信执行环境TEE,TEE中部署有密钥管理可信应用TA和N个业务TA,N为正整数,证书管理装置中还部署有传输接口,N个业务TA中任一业务TA,用于接收待写入参数,待写入参数包括第四数字证书、第四私钥和第三运输密钥,第四数字证书为使用第三运输密钥对第五数字证书加密后的数字证书,第四私钥为使用第三运输密钥对第五数字证书对应的第五私钥加密后的私钥;任一业务TA,还用于通过传输接口向密钥管理TA申请第二标识信息;任一业务TATA将第四数字证书、第四私钥、第三运输秘钥和第二标识信息发送给密钥管理TA;密钥管理TA,用于采用第三运输密钥分别解密第四数字证书和第四私钥得到第五数字证书和第五私钥;密钥管理TA,还用于关联存储第五数字证书、第五私钥以及第二标识信息;任一业务TA存储第二标识信息。
在一种可能的设计中,任一业务TA,还用于生成第二通行密钥,并存储第二通行密钥;任一业务TA,还用于将第二通行密钥发送给密钥管理TA;密钥管理TA,具体用于使用第二通行密钥分别对第五数字证书和第五私钥进行加密得到第六数字证书和第六私钥,并关联存储第六数字证书、第六私钥以及第二标识信息。
第五方面,本申请实施例提供了一种证书管理装置,该证书管理装置可以为芯片。证书管理装置中可以包括处理器。示例性地,所述处理器中部署有TEE和离线烧写接口,所述TEE中部署有密钥管理可信应用TA。TEE中还部署有业务TA。该处理器调用存储在存 储器中的软件指令以实现上述第一方面或者第二方面方法实施例、方法实施例的任意一种可能的设计中所涉及的功能。存储器可以是部署于证书管理装置内的存储器,也可以是部署于证书管理装置外的存储器。
应当理解,TEE、离线烧写接口以及密钥管理TA均可以为软件模块,可以通过处理器运行存储器中的软件代码来实现TEE、离线烧写接口以及密钥管理TA对应的功能。
第六方面,本申请实施例提供了一种计算机程序产品,包括计算机程序,该计算机程序在某一计算机或处理器上执行时,将会使计算机或处理器实现上述第一方面或者第二方法实施例、方法实施例的任意一种可能的设计中所涉及的功能。
第七方面,本申请实施例提供了一种计算机可读存储介质,用于存储程序、指令,这些程序、指令在计算机中被调用执行时,可以使得计算机执行上述第一方面或者第二方面所述方法实施例、方法实施例的任意一种可能的设计中所涉及的功能。
第八方面,本申请实施例提供了一种芯片系统,该芯片系统中包括处理器,还可以包括存储器,用于实现上述方法中所涉及的功能。该芯片系统可以由芯片构成,也可以包含芯片和其他分立器件。
附图说明
图1为本申请实施例提供的一种DRM系统架构示意图;
图2为本申请实施例提供的一种PKI系统架构示意图;
图3为本申请实施例提供的内容加密密钥的管理流程示意图;
图4为本申请实施例提供的数字证书和私钥烧写过程中参与者之间关系示意图;
图5为本申请实施例提供的目前所采用的数字证书和私钥烧写流程示意图;
图6为本申请实施例提供的证书管理装置结构示意图;
图7为本申请实施例提供的一种证书管理方法流程图;
图8为本申请实施例提供的另一种证书管理方法流程图;
图9为本申请实施例提供的在线证书和私钥烧写流程图;
图10为本申请实施例提供的数字证书和私钥烧写流程示意图;
图11为本申请实施例提供的数字证书和私钥加密传输流程示意图;
图12为本申请实施例提供的离线烧写流程示意图;
图13为本申请实施例提供的读取数字证书流程示意图;
图14为本申请实施例提供的私钥签名流程示意图;
图15为本申请实施例提供的私钥解密流程示意图;
图16为本申请实施例提供的在线烧写流程示意图;
图17为本申请实施例提供的装置1700结构示意图。
具体实施方式
在对本申请提供的技术方案进行说明之前,先对本申请实施例涉及到的技术术语进行解释说明。
1)数字版权管理(digital rights management,DRM),是指出版者用来控制被保护对象的使用权的一些技术,这些技术保护的有数字化内容(例如:软件、音乐、电影)以及 硬件,处理数字化产品的某个实例的使用限制。
如图1所示,示例性地提供一种DRM系统,系统中包括DRM服务端和DRM客户端。DRM服务端和DRM客户端之间建立信任关系后,DRM服务端为DRM客户端提供数字化内容。示例性地,DRM服务端中可以包括内容加密模块、密钥管理模块、密钥网关模块、内容授权模块和证书管理模块。内容加密模块采用内容加密密钥(content encrption key,CEK)对数字化内容进行加密保护;密钥管理模块接收内容加密密钥后负责将该内容加密密钥同步给密钥网关模块;密钥网关模块在接收同步的内容加密密钥之后对内容加密密钥进行保密存储,并接收内容授权模块的密钥查询;内容授权模块接收DRM客户端的请求将包含有内容加密密钥和密钥使用规则的内容授权许可证安全的发送到合法的DRM客户端。DRM客户端接收到内容授权许可证后,按照密钥使用规则合理的解密内容加密密钥,并用内容加密密钥解密内容进行播放。证书管理模块,用于对DRM服务端证书、DRM客户端证书进行管理,比如,废除证书或者更新证书等。
DRM服务端各模块、DRM客户端等基于公钥基础设施(public key infrastructure,PKI)签发的设备证书(图1中所示的DRM服务端和DRM客户端证书)建立信任关系,基于此信任关系进行彼此之间的安全通信。PKI系统可以用于签发和管理证书。一般情况下,PKI系统是通过认证中心(certificate authority,CA)来签发证书的。DRM系统中DRM服务端各核心组件、DRM客户端等都向认证中心(certificate authority,CA)申请获得一个数字证书,作为自己身份的凭证。各实体之间的信任关系是基于证书的有效性。如果DRM客户端证书被DRM服务端验证有效,则DRM服务端信任该DRM客户端,相似的,如果DRM服务端证书被DRM客户端验证有效,则DRM客户端信任该DRM服务端。
PKI系统可以包括一级或多级CA,当PKI系统包括多级CA时,例如,在如图2所示的PKI系统包括根CA、DRM服务端子CA、DRM客户端子CA,根CA可以在根CA证书的基础上派生出两个子CA证书,分别签发给DRM服务端子CA、DRM客户端子CA,DRM服务端子CA可以根据DRM服务端子CA为DRM服务端设备签发DRM服务端证书,为在线证书状态协议(online certificate status protocol,OCSP)服务器签发OCSP服务器证书。其中,OCSP服务器可以用于验证DRM服务端的合法性。DRM客户端子CA可以根据DRM客户端子CA证书为DRM客户端签发DRM客户端证书。其中,DRM客户端证书、CA根证书以及DRM客户端子CA证书构成了客户端证书链。证书链一般保存在客户端的安全存储区域。每一级设备证书可以通过上一级证书校验的。
DRM服务端在确定是否信任DRM客户端时,具体可以根据DRM客户端的数字证书的根CA证书来判断,如果DRM服务端信任某一个根CA证书,就可以信任该根CA签发的客户端证书,比如DRM1服务端信任根CA1的证书,而DRM2客户端证书由根CA1签发的证书,那么DRM1服务端可以信任DRM2客户端;如果DRM3服务端仅信任根CA2的证书,而DRM2客户端证书是由根CA1签发的证书,那么DRM3服务端无法信任DRM2客户端。
2)内容加密密钥。
内容加密密钥是加密数字化内容的密钥。DRM服务端和DRM客户端分别拥有非对称的密钥对,DRM服务端拥有的密钥称为公钥,DRM客户端拥有的密钥称为私钥。公钥用于对内容加密密钥进行加密,私钥用于对内容加密密钥进行解密。
参见图3所示,示例性地提供的内容加密密钥的管理流程示意图。
A1、DRM服务端生成会话密钥,用该会话密钥加密内容加密密钥。其中,会话密钥是客户端申请许可证时生成的临时密钥,该会话密钥用于对内容加密密钥进行加密保护。
A2、DRM服务端用DRM客户端公钥加密会话密钥。
A3、DRM服务端将加密后的会话密钥、加密后的内容加密密钥封装在许可证中发送给DRM客户端。
A4、DRM客户端接收到许可证后,用DRM客户端私钥解密出会话密钥,用解密出的会话密钥解密得到内容加密密钥;
A5、DRM客户端解密得到内容加密密钥后,用内容加密密钥解密数字化内容,实现内容的解码播放。
3)层级密钥技术(Keyladder),支持通过芯片逻辑中在生产阶段写入一个密钥,该密钥可以称为层级密钥,层级密钥仅在芯片的层级密钥模块中使用,采用层级密钥加密的数据,仅由芯片层级密钥模块来解密,从而确保数据的安全。
4)丰富执行环境(rich execution environment,REE)可用于运行通用操作系统,例如安卓(android)操作系统、IOS操作系统、Linux操作系统等,从而为实现应用功能的实现提供软件和硬件的支撑。
可信执行环境(trusted execution environment,TEE)在终端设备提供一个安全区域,支持敏感数据(比如密钥和数字证书)在隔离可信的环境中存储、处理和保护。
5)可信程序(trust applet,TA)是TEE中可以运行的程序实体,不同TA之间的内存、安全存储区域、及其他硬件资源是相互隔离的。
6)DRM客户端的安全级别。
比如,中国DRM客户端可以分为三种安全级别,分别为软件、硬件、增强硬件。其中,软件级别允许DRM客户端程序运行在普通操作系统中,系统中的其他软件可以访问到DRM的各类密钥以及数据;硬件级别要求DRM客户端运行在独立的TEE中,系统其他软件无法访问DRM各类密钥及数据;增强硬件级别在硬件级别的基础上进一步增加了芯片算法引擎防攻击方面的要求。
7)本申请实施例中“密钥”也可以称为“秘钥”。“至少一个”是指一个或者多个,“多个”是指两个或两个以上。“和/或”,描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B的情况,其中A、B可以是单数或者复数。字符“/”一般表示前后关联对象是一种“或”的关系。“以下至少一(项)个”或其类似表达,是指的这些项中的任意组合,包括单项(个)或复数项(个)的任意组合。例如,a、b或c中的至少一项(个),可以表示:a,b,c,a和b,a和c,b和c,或a、b和c,其中a、b、c可以是单个,也可以是多个。另外,需要理解的是,在本申请的描述中,“第一”、“第二”等词汇,仅用于区分描述的目的,而不能理解为指示或暗示相对重要性,也不能理解为指示或暗示顺序。在本申请的实施例中涉及的各种数字编号仅为描述方便进行的区分,并不用来限制本申请的实施例的范围。上述各过程的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定。
8)本申请实施例中的终端设备又可称之为终端设备(terminal equipment)或者用户设备(user equipment,UE)等。示例的,终端可以为机顶盒、手机、平板电脑(pad)、笔记本电脑、个人数字助理(personal digital assistant,PDA)、销售终端(point of sales,POS)、车载电脑、智能音箱、增强现实(augmented reality,AR)设备、虚拟现实(virtual reality, VR)或者智能汽车等,本申请实施例对此不作限定。另外,本申请实施例的终端设备可以支持一种或多种客户端应用。
由于DRM服务端会根据不同的安全级别授权终端设备中DRM客户端访问不同质量的数字化内容,如一般好莱坞内容提供商要求4K节目需要终端设备支持硬件及以上安全级别。DRM客户端硬件及以上安全级别要求终端设备在出厂时烧写DRM客户端的数字证书及私钥。数字证书及私钥从产生到烧写到终端设备的芯片中,可能涉及到的参与方可以包括DRM主管机构、密钥所有者、终端设备生产商以及芯片厂商。例如,DRM主管机构可以是中国广播影视数字版权管理认证中心(china DRM trust authority,CDTA),密钥所有者可以为运营商或者互联网服务提供商(over the top,OTT)。参见图4所示,为数字证书及私钥从产生到烧写到终端设备的芯片流程示意图。
DRM主管机构采用派生规则负责派生终端设备的数字证书(如下简称数字证书)及生成私钥。密钥所有者从DRM主管机构购买终端设备证书及私钥,并保存在密钥所有者的运行平台,比如运营商平台或者OTT服务器,运营商平台或者OTT服务器采用通用工具加密终端设备证书及私钥,并将加密后的终端设备证书及私钥下发终端设备生产厂商。从而终端设备生产厂商在用于烧写数字证书和私钥的平台(称为终端设备生产厂商平台)辅助DRM客户端完成数字证书和私钥的写入。终端设备生产厂商平台通过终端设备上提供的芯片接口将数字证书及私钥写入到芯片的安全存储区域。另外,本申请实施例中提及的平台,可以是服务器、电子设备等。
具体的,以DRM主管机构为CDTA为例,参见图5所示,为数字证书及私钥从产生到烧写到终端设备的芯片具体流程示意图。
终端设备的数字证书和私钥是由CDTA通过预设规则在CDTA根CA证书的基础上签发和派生出来。然后CDTA将终端设备的数字证书和私钥安全的发送至密钥所有者的运行平台。密钥所有者的运行平台位于安全环境中,比如安全实验室。安全实验室中密钥所有者的运行平台生成运输密钥(TransportKey),并采用运输密钥对终端设备的数字证书和私钥进行加密,示例性地,可以使用通用加密工具以及固定的加密模式对终端设备的数字证书和私钥加密。当完成上述步骤后,密钥所有者将加密后的终端设备的数字证书和私钥以及明文的TransportKey提供给终端设备生产厂商,终端设备生产厂商通过终端设备生产厂商平台将密钥所有者提供的各个参数通过终端设备中对应于不同DRM客户端的API接口(比如DRM API1、DRM API2和DRM API3)将这些参数写入终端设备TEE的不同TA中,比如图5中所示的DRM TA1,DRMTA2,DRM TA3。在此实施例中,每个DRM TA可以认为是一个客户端。一个客户端可以供一个或者多个客户端应用使用。每个DRM TA既要完成客户端应用相关的数据处理,还需要完成数字证书和私钥的写入和读取的功能。DRM TA之间是相互独立的,一个DRM TA无法获取其他DRM TA存储的数字证书和私钥,即使不同的DRM客户端采用相同的根CA证书,也无法共用同一个数字证书和私钥。由于上述方案中一个DRM客户端对应一个DRM服务端,因此,一个提供数字化内容的DRM服务端,也无法采用另一个DRM服务端对应的DRM客户端的数字证书和私钥。基于此,在终端设备出厂之前,需要烧写不同的DRM客户端的数字证书以及私钥,终端设备出厂之后,运行在TEE侧的DRM TA(客户端)就已经确定了下来,无法增加和更新,进而可能导致终端设备可能无法运行某些DRM服务端提供的数字化内容。
基于此,本申请实施例提供一种证书管理方法及装置,具体的将对客户端应用相关的 数据处理的功能,以及数字证书/私钥的写入/读取的功能,通过不同的模块来实现。本申请实施例中,将用于负责数字证书和私钥的写入和存储的功能模块称为密钥管理TA,将用于负责客户端应用相关的数据处理的功能模块称为业务TA。不同的客户端的数字证书和私钥,均由密钥管理TA负责写入和存储。不同的客户端对应于不同的业务TA,即密钥管理TA支持多个业务TA的访问。密钥管理TA针对不同的客户端的数字证书和私钥通过不同的标识信息来关联保存。本申请实施例在芯片中新增了一个密钥管理TA,并定义了一个离线烧写接口,密钥管理TA通过该离线烧写接口接收并存储外界写入的数字版权管理DRM参数,后续业务TA需要使用这些参数时再从密钥管理TA处获取这些参数,因此DRM业务的数字证书和私钥的存储(密钥管理TA来存储)和使用(业务TA使用)是分开的,业务TA只负责业务功能,且只能通过密钥管理TA提供的TEE接口获取私钥和证书,确保了数字证书和私钥的私密性,进一步的,一个管理TA支持多个业务TA的访问,还支持业务TA的增加和更新。
在关联保存数字证书和私钥时,第一种方式是对数字证书和私钥进行加密存储,加密采用的密钥为通行密钥(或者称为口令),进而不同的业务TA通过标识信息和通行密钥可以从密钥管理TA读取证书和私钥。可以进一步保证数字证书和私钥的安全性。第二方式是不对数字证书和私钥进行加密,直接存储。
下面结合附图对本申请实施例提供的方案进行详细说明。参见图6所示为本申请实施例提供的证书管理装置结构示意图。证书管理装置可以是芯片、终端设备、部署于终端设备中的DRM客户端,或者是部署于终端设备的DRM客户端中的一个模块,DRM客户端的功能可以由终端设备的芯片或者芯片系统实现。其中证书管理装置中可以部署TEE。其中TEE中可以部署密钥管理TA,TEE中还可以部署存储单元,可以用来用于存储私钥和数字证书等。存储单元为非易失性存储介质,比如闪存(flash)、只读存储器(Read-Only Memory,ROM)、可编程只读存储器(programmable ROM,PROM)、可擦除可编程只读存储器(erasable PROM,EPROM)、电可擦除可编程只读存储器(electrically EPROM,EEPROM)、寄存器、硬盘、移动硬盘、CD-ROM或者本领域熟知的任何其它形式的存储介质中。
TEE中还可以部署有N个业务TA,图6中以第一业务TA、第二业务TA和第三业务TA为例,N为正整数。证书管理装置中还部署有离线烧写接口,离线烧写接口可以部署于TEE中,若证书管理装置中还可以部署有REE,离线烧写接口也可以部署于REE中,图6中以部署于REE为例。TEE中还可以部署传输接口,用于各个业务TA从密钥管理TA中读取数字证书和使用私钥。
证书管理装置执行本申请实施例提供的证书管理方法来实现:数字证书和私钥的离线烧写、数字证书和私钥的读取,或数字证书和私钥的在线烧写。
参见图7所示,为本申请实施例提供的证书管理方法流程示意图,图7针对第一种方式进行说明。图7具体提供了一种数字证书和私钥的离线烧写(也可以称为平台烧写)流程,该烧写流程可以在终端设备生产厂商平台执行。
S701,密钥管理TA通过离线烧写接口获取DRM参数,DRM参数中包括第一数字证书的地址、第一私钥的地址、运输密钥以及第一通行密钥;第一数字证书为使用运输密钥对第二数字证书加密后的数字证书,第一私钥为使用运输密钥对第二私钥加密后的私钥。第一数字证书,即DRM客户端证书,用于验证证书管理装置的合法性。第一私钥用于加 解密DRM服务器的数据。
离线烧写接口可以是函数调用接口。函数调度接口可以是应用程序编程接口(application programming interface,API),还可以是其它类型的接口。离线烧写接口的输入变量可以包括DRM参数中的任一项参数。示例性地,DRM参数中还包括如下至少一项:运输密钥的长度、第一标识信息的长度、第一通行密钥的长度、第一私钥的长度或第一数字证书的长度。示例性地,离线烧写接口可以采用如下方式定义:
Int CDRM_KEY_Provision(unsigned char*pTransportKey,int s32TransportKeyLen,unsigned char*pInfor,int s32Inforlen,unsigned char*pPrivateKey,int s32privateKeyLen,unsigned char*pCert,int s32CertLen)参数。
Int CDRM_KEY_Provision表示离线烧写接口对应的调用函数名,应当理解,可以认为通过调用该函数实现对离线烧写接口的使用;
pTransportKey表示由芯片厂商协助加密后的运输密钥(TransportKey);
s32TransportKeyLen表示TransportKey的长度;
pInfor表示加密存储数字证书和私钥的通行密钥(passwd),图7所示的实施例中表示第一通行密钥;
s32Inforlen表示pInfor的长度,即第一标识信息的长度;
pPrivateKey表示采用TransportKey加密后的私钥的地址,即第一私钥的地址;
s32privateKeyLen表示加密后的私钥的长度,即第一私钥的长度;
pCert表示采用TransportKey加密的数字证书的地址,即第一数字证书的地址;
s32CertLen表示加密后的数字证书的长度。
示例性地,离线烧写接口的函数调用成功,离线烧写接口的函数可以返回第一值,比如0,返回其它值时表示离线烧写接口的函数调用失败。示例性的,加密后的私钥地址以及加密后的数字证书地址可以是由运营商提供的。
具体的,通过终端设备生产厂商平台将上述DRM参数传输至密钥管理TA,对应的,密钥管理TA获取到DRM参数。在采用第一种方式时,可以通过终端设备生产厂商平台将DRM参数通过函数调用接口写入证书管理装置内,该证书管理装置例如为处理器芯片。
S702,密钥管理TA分别根据第一数字证书的地址和第一私钥的地址获取第一数字证书和第一私钥,并采用运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥。
S703,密钥管理TA采用第一通行密钥分别对第二数字证书和第二私钥进行加密,得到第三数字证书和第三私钥。
S704,密钥管理TA关联存储第三数字证书、第三私钥以及第一标识信息;第一标识信息用于标识第三数字证书和第三私钥。
示例性地,第一标识信息可以通过如下方式确定:
方式1,通过离线烧写接口接收的DRM参数中包括第一标识信息。
方式2,密钥管理TA中预先配置有多个标识信息,由密钥管理TA从配置的多个标识信息中分配一个未使用的标识信息。
方式3,密钥管理TA中配置有标识信息的默认值,离线烧写接口中输入参数中不包括标识信息,密钥管理TA采用默认值,作为第一标识信息。
密钥管理TA关联存储第三数字证书、第三私钥以及第一标识信息后,第三数字证书、 第三私钥和第一标识信息之间建立关联关系,此时,第一标识信息用于标识第三数字证书和第三私钥,从而通过第一标识信息可以查找到第三数字证书和第三私钥。
一种示例中,密钥管理TA可以接收多组DRM参数,每组DRM参数对应一个数字证书和私钥,从而实现一次将多组数字证书和私钥烧写至终端设备中。不同的数字证书和私钥,采用不同的标识信息来标识。另一种示例中,多组待烧写的数字证书和私钥,还可以通过多次执行图7所示的流程来实现。
在通过上述方式将第一数字证书和第一私钥烧写至终端设备中后,终端设备中的N个业务TA可以通过获取第一标识信息和第一通行密钥来从密钥管理TA中获取第二数字证书,并在需要采用第二私钥对数字化内容进行解密或者签名时,可以通过密钥管理TA来实现数字化内容的解密或者签名,并返回解密或者签名后的数字化内容,通过该方案,既实现了针对不同的业务TA可以采用同一个数字证书和私钥,也可以采用不同的数字证书和私钥,但均通过统一的密钥管理TA获取,另外各个业务TA不能真正读取到第一私钥,保证了私钥的私密性,进而提高安全性。示例性地,N个业务TA与密钥管理TA之间通过传输接口来通信。传输接口也可以为函数调用接口,传输接口部署于TEE中。示例性地,传输接口可以包括如下至少一个:标识申请接口、证书读取接口、私钥签名接口、私钥解密接口或在线分发烧写接口。标识申请接口用于业务TA申请一个用于存储私钥和数字证书的标识信息。证书读取接口用于业务TA获取数字证书的数据。私钥签名接口用于业务TA使用私钥签名数据。私钥解密接口用于业务TA将待解密的数据发送给密钥管理TA并接收密钥管理TA使用私钥解密后的数据。在线分发烧写接口用于在线烧写DRM客户端私钥及数字证书时,由业务TA使用,并通过密钥管理TA来实现对DRM客户端密钥和数字证书的安全存储。
一种示例中,以N个业务TA中的第一业务TA读取第二数字证书为例,第一业务TA获取第一信息,第一信息包括第一标识信息和第一通行密钥;第一业务TA通过传输接口从密钥管理TA中获取第一标识信息关联的第二数字证书,具体的,第一业务TA通过证书读取接口将第一信息传递给密钥管理TA,从而密钥管理TA从存储的数字证书获取第一标识信息所关联的第三数字证书,然后采用第一通行密钥解密第三数字证书得到第二数字证书,然后将第二数字证书通过所述证书读取接口发送给第一业务TA。
示例性地,证书读取接口的输入变量可以包括第一标识信息和第一通行密钥或者包括第一标识信息。采用第一种方式时,即对数字证书和私钥进行加密存储,证书读取接口的输入变量可以包括第一标识信息和第一通行密钥,采用第二种方式时,即不对数字证书和私钥进行加密存储,证书读取接口的输入变量可以仅包括第一标识信息。证书读取接口的输入变量中还可以包括第一标识信息的长度或第一通行密钥的长度。证书读取接口的输出变量可以包括第二数字证书,还可以包括第二数字证书的长度。
例如,以第一种方式为例,证书读取接口可以采用如下方式定义:
int CDRM_Key_GetCert(unsigned int keyIndex,unsigned char*pPasswd,int s32Passlen,unsigned char*pCert,int*pCertLen)。
int CDRM_Key_GetCert表示证书读取接口的调用函数;
keyIndex为输入参数,表示用于标识数字证书和私钥的标识信息,图7所示的实施例中表示第一标识信息;keyIndex存储在第一业务TA的安全存储区域2中,并在需要使用时传入。
pPasswd为输入参数,表示在密钥管理TA中用于对数字证书和私钥加密的通行密钥,图7所示的实施例中表示第一通行密钥。pPasswd存储在第一业务TA的安全存储区域2中,并在需要使用时传入。
s32Passlen为输入参数,表示Passwd的长度。
pCert为输出参数,表示读取到的数字证书数据,即第二数字证书。
pCertLen为输出参数,表示读取到的证书的长度,即第二数字证书的长度。
示例性地,证书读取接口的函数调用成功,证书读取接口的函数可以返回第二值,比如0,返回其它值时表示证书读取接口的函数调用失败。
第一标识信息和第一通行密钥来自于密钥所有者。密钥所有者确定第一标识信息和第一通行密钥之后,通过线下或者优良保密协议(pretty good privacy,PGP)加密邮件的方式通知给终端设备生产厂商,从而终端设备生产厂商可以通过终端设备生产厂商平台将第一标识信息和第一通行密钥发送给第一业务TA,第一业务TA可以将第一标识信息和第一通行密钥存储在第一业务TA对应的安全存储区域2中。PGP是一种利用邮件进行沟通的加解密技术,该技术能够保证数据交互的双方之间的数据安全,即使在共用网络上存在网络嗅探或者其他黑客技术也无法获取通过该PGP技术传输的数据。
从而第一业务TA获取第一信息可以从安全存储区域2中读取第一标识信息和第一通行密钥。第一业务TA从密钥管理TA中读取第二数字证书,可以是在DRM服务端与DRM客户端之间验证合法性的情况下执行,DRM服务端向DRM客户端请求该第二数字证书,从而DRM客户端应用获取请求后,通过第一业务TA从密钥管理TA中读取第二数字证书,第一业务TA在接收到密钥管理TA发送的第二数字证书后,可以按照预配置的证书规则对第二数字证书进行校验,比如校验第二数字证书的格式是否符合要求,验证成功后,将第二数字证书发送给DRM服务端,从而DRM服务端来验证第二数字证书的合法性,可以防止业务TA获取到错误的标识信息和通行密钥,导致获取到错误的数字证书。
另一种示例中,以N个业务TA中的第一业务TA获取私钥签名过的数据为例,第一业务TA通过传输接口中私钥签名接口向密钥管理TA发送第二指令,第二指令携带第一数据、第一标识信息以及第一通行密钥;密钥管理TA从存储的密钥中获取第一标识信息关联的第三私钥,并采用第一通行密钥解密第三私钥得到第二私钥;密钥管理TA采用第二私钥对第一数据进行签名得到第二数据,并通过传输接口中私钥签名接口将第二数据发送给第一业务TA。
示例性地,所述私钥签名接口的输入变量包括第一标识信息和待签名的数据或者包括第一标识信息、第一通行密钥和待签名的数据。采用第一种方式时,即对数字证书和私钥进行加密存储,所述私钥签名接口的输入变量包括第一标识信息、第一通行密钥和待签名的数据(比如第一数据),采用第二种方式时,即不对数字证书和私钥进行加密存储,所述私钥签名接口的输入变量包括第一标识信息和待签名的数据。所述私钥签名接口的输入变量还可以包括第一标识信息的长度、第一通行密钥的长度、或者待签名的数据长度。私钥解密接口的输出变量包括签名后的数据,还可以包括签名后的数据长度。
例如,以第一种方式为例,私钥签名接口可以采用如下方式定义:
int CDRM_Key_PrivateKey_Signature(unsigned int keyIndex,CDRM_KEY_Algorithm alg,unsigned char*pPasswd,int s32Passlen,unsigned char*pInputBuffer,int len,unsigned char*pOutPutBuffer,int*pBufferLen)。
int CDRM_Key_PrivateKey_Signature表示私钥签名接口的调用函数;
keyIndex为输入参数,表示用于标识数字证书和私钥的标识信息,图7所示的实施例中表示第一标识信息;keyIndex存储在第一业务TA的存储单元中的安全存储区域2中,并在需要使用时传入;
alg为输入参数,alg为表示采用私钥签名待签名的数据所采用的算法,例如可以为标准非对称密码算法,例如SM2-256或者RSA2048等;
pPasswd为输入参数,表示在密钥管理TA中用于对数字证书和私钥加密的通行密钥;
s32Passlen为输入参数,表示Passwd的长度;
pInputBuffer为输入参数,表示待签名的数据;
len为输入参数,待签名的数据的长度;
pOutPutBuffer为输出参数,表示签名后的数据的地址;
pBufferLen为输出参数,表示签名后的数据的长度。
示例性地,私钥签名接口的函数调用成功,私钥签名接口的函数可以返回第三值,比如0,返回其它值时表示私钥签名接口的函数调用失败。
又一种示例中,以N个业务TA中的第一业务TA需要第二私钥对数据进行解密为例,第一业务TA通过传输接口中的私钥解密接口向密钥管理TA发送第二指令,第二指令携带第一数据、第一标识信息以及第一通行密钥;密钥管理TA从存储的密钥中获取第一标识信息关联的第三私钥,并采用第一通行密钥解密第三私钥得到第二私钥;密钥管理TA采用第二私钥对第一数据进行解密得到第二数据,并通过传输接口中私钥解密接口将第二数据发送给第一业务TA。
示例性地,所述私钥解密接口的输入变量包括第一标识信息和待解密的数据或者包括第一标识信息、第一通行密钥和待解密的数据。采用第一种方式时,即对数字证书和私钥进行加密存储,所述私钥解密接口的输入变量包括第一标识信息、第一通行密钥和待解密的数据(比如第一数据),采用第二种方式时,即存储的数字证书和私钥是未经加密的,所述私钥解密接口的输入变量包括第一标识信息和待解密的数据。所述私钥解密接口的输入变量还可以包括第一标识信息的长度、第一通行密钥的长度、或者待解密的数据长度。私钥解密接口的输出变量包括解密后的数据,还可以包括解密后的数据长度。
例如,以第一种方式为例,私钥解密接口可以采用如下方式定义:
int CDRM_Key_PrivateKey_Decrypt(unsigned int keyIndex,CDRM_KEY_Algorithm alg,unsigned char*pPasswd,int s32Passlen,unsigned char*pInputBuffer,int inLen,unsigned char*pOutPutBuffer,int*pBufferLen)。
int CDRM_Key_PrivateKey_Decrypt表示私钥解密接口的调用函数名,应当理解,可以认为通过调用该函数实现对私钥解密接口的使用;
keyIndex为输入参数,表示用于标识数字证书和私钥的标识信息,图7所示的实施例中表示第一标识信息;
alg为输入参数,表示采用私钥解密待解密的数据所采用的参数,例如可以为对称密钥算法,例如SM2-256或者RSA2048;
pPasswd为输入参数,表示在密钥管理TA中用于对数字证书和私钥加密的通行密钥;
s32Passlen为输入参数,表示Passwd的长度;
pInputBuffer为输入参数,表示待解密的数据;
len为输入参数,待解密的数据的长度;
pOutPutBuffer为输出参数,表示签名后的数据的地址;
pBufferLen为输出参数,表示签名后的数据的长度。
示例性地,私钥解密接口的函数调用成功,私钥签名接口的函数可以返回第四值,比如0,返回其它值时表示私钥解密接口的函数调用失败。
应当理解,上述各个传输接口的输入参数为在调用API时需要输入的参数,输出参数为调用结束后得到的参数。
作为一个举例,第一业务TA从密钥管理TA中需要基于第二私钥对数据进行解密或者签名,可以是在DRM客户端向DRM服务端请求播放数字化内容的情况下执行,DRM客户端向DRM服务端请求内容许可证,DRM服务端在接收到DRM客户端的请求后,将第一CEK及内容使用规则构成内容许可证发送给DRM客户端,第一CEK是使用第二私钥对第二CEK加密后得到的,DRM客户端的客户端应用接收到内容许可证后,需要对内容许可证中的CEK进行解密。在该情况客户端应用需要通过第一业务TA从密钥管理TA获取第二私钥对CEK进行解密。具体的,第一业务TA向密钥管理TA发送第二指令,第二指令携带第一CEK、第一标识信息以及第一通行密钥;密钥管理TA从存储的密钥中获取第一标识信息关联的第三私钥,并采用第一通行密钥解密第三私钥得到第二私钥;密钥管理TA采用第二私钥对第一CEK解密得到第二CEK,并将第二CEK发送给第一业务TA。从而第一业务TA接收到第二CEK后,传递给客户端应用,从而用于对来自DRM服务端的加密的数字化内容进行解密播放。
在一种可能的实施方式中,对第二数字证书加密采用的运输密钥和对第二私钥加密采用的运输密钥可以相同,也可以不同。例如,用于加密第二数字证书和第二私钥的运输密钥中包括第一运输密钥和第二运输密钥,第一数字证书为使用第一运输密钥对第二数字证书加密后的数字证书,第一私钥为使用第二运输密钥对第二私钥加密后的私钥;密钥管理TA在执行S702,具体是,采用第一运输密钥解密第一数字证书,得到第二数字证书,并采用第二运输密钥解密第一私钥,得到第二私钥。
需要说明的是,第二数字证书加密和第二私钥加密可以由密钥所有者通过安全实验室的服务器来实现。为了提高数字证书和私钥的安全性,用于加密第二数字证书和第二私钥的运输密钥可以是在经过加密后,再由密钥所有者传递给终端设备生产厂商的。运输密钥的加密可以由芯片厂商来实现,具体可以由部署于芯片厂商的安全实验室中的服务器使用层级加密技术(keyladder)执行。用于加密运输密钥的密钥为层级密钥。层级密钥可以由芯片厂商在终端设备的芯片出厂之前,配置于芯片中,比如配置于芯片的一次性可编程(one time programmable,OTP)存储器中。在该情况下,密钥管理TA采用运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥时,可以通过如下方式实现:密钥管理TA采用层级密钥对运输密钥进行解密;采用解密后的运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥。
在另一种可能的实施方式中,为了提高第一通行密钥的安全性,密钥管理TA接收到的第一通行密钥可以是经过加密的。密钥所有者在确定第一通行密钥后,对第一通行密钥进行加密,然后将加密后的第一通行密钥通知给终端设备生产厂商,从而由终端设备生产厂商平台将该加密后的第一通行密钥包含在DRM参数中通过离线烧写接口发送给密钥管理TA。第一通行密钥可以通过运输密钥进行加密,从而所述密钥管理TA采用所述第一通 行密钥分别对所述第二数字证书和所述第二私钥进行加密之前,密钥管理TA采用所述运输密钥对加密后的第一通行密钥进行解密,然后采用解密得到的第一通行密钥分别对所述第二数字证书和所述第二私钥进行加密。
参见图8所示,为本申请实施例提供的另一种证书管理方法流程示意图,图8针对第二种方式进行说明。图8具体提供了一种数字证书和私钥的烧写流程,该烧写流程可以在终端设备生产厂商平台执行。
S801,密钥管理TA通过离线烧写接口获取DRM参数,DRM参数中包括第一数字证书、第一私钥、运输密钥以及第一标识信息;第一数字证书为使用运输密钥对第二数字证书加密后的数字证书,第一私钥为使用运输密钥对第二私钥加密后的私钥,第一数字证书用于验证部署有可信执行环境TEE的装置的合法性,第二私钥用于加解密数字化内容。
DRM参数中还包括如下至少一项:运输密钥的长度、第一标识信息的长度、第一私钥的长度、第一数字证书的长度、第一数字证书的数据地址、第一私钥的数据地址。
S802,密钥管理TA采用运输密钥分别解密第一数字证书和第一私钥得到第二数字证书和第二私钥。
S803,密钥管理TA关联存储第二数字证书、第二私钥以及第一标识信息,第一标识信息用于标识第二数字证书和第二私钥。
针对离线烧写接口、第一标识信息和运输密钥的详细说明参见图7对应的实施例中的描述,此处不加赘述。
一种示例中,以N个业务TA中的第一业务TA读取第二数字证书为例,所述第一业务TA获取第一信息,所述第一信息包括所述第一标识信息,所述第一业务TA通过传输接口从所述密钥管理TA中获取所述第一标识信息关联的所述第二数字证书。第一标识信息的获取方式参见图7对应的实施例中的描述,此处不加赘述。
另一种示例中,以第一业务TA读取第二私钥为例,所述第一业务TA向所述密钥管理TA发送第二指令,所述第二指令携带第一数据和所述第一标识信息;所述密钥管理TA从存储的密钥中获取所述第一标识信息关联的所述第二私钥,并采用所述第二私钥对所述第一数据进行签名或者解密得到第二数据;所述密钥管理TA将所述第二数据发送给所述第一业务TA。
参见图9所示,为本申请实施例提供的数字证书和私钥的在线烧写方法流程示意图。在线烧写可以用于对原有已烧写的数字证书和私钥的进行更新,或者烧写新的数字证书和私钥。新增的数字证书与原有已烧写的数字证书可以是在不同的根CA证书基础上派生出来的。在线烧写的数字证书和私钥可以适用于原有TEE中部署的N个业务TA。另外在原有的N个业务TA的基础上,还可以新增业务TA,该在线烧写的数字证书和私钥可以针对该新增业务TA进行烧写。如下以第二业务TA为例,第二业务TA可以是N个业务TA中的一个,也可以是新增加的业务TA。需要说明的是,新增加的业务TA在获得原有已烧写的数字证书和私钥所对应的标识信息和通行密钥的情况下,可以使用原有已烧写的数字证书和私钥进行与该新增加的业务TA对应的DRM服务端进行通信,当然通信前提是该新增加的业务TA已经获得DRM服务端的信任。
在REE中还可以部署各个业务TA所对应的业务接口,从而业务TA通过业务接口负责客户端应用相关的数据处理。业务接口可以作为在线写入数字证书和私钥的输入接口。
如图9所示,图9中以密钥管理TA存储数字证书和私钥时,以采用通行密钥对数字 证书和私钥加密为例。在线烧写方法包括:
S901,第二业务TA接收待写入参数,待写入参数中包括第四数字证书、第四私钥和第三运输密钥,第四数字证书为使用第三运输密钥对第五数字证书加密后的数字证书,第四私钥为使用第三运输密钥对第五数字证书对应的第五私钥加密后的私钥。
S902,第二业务TA生成第二通行密钥。例如,可以随机产生第二通行密钥,或者通过预定义的产生规则产生第二通行密钥。
S903,第二业务TA通过传输接口向密钥管理TA申请第二标识信息。
S904,第二业务TA通过传输接口中在线分发烧写接口将第四数字证书、第四私钥、第二通行密钥、第三运输密钥以及第二标识信息发送给密钥管理TA。
S905,密钥管理TA采用第三运输密钥分别解密第四数字证书和第四私钥得到第五数字证书和第五私钥。
S906,所述密钥管理TA使用所述第二通行密钥分别对所述第五数字证书和所述第五私钥进行加密得到第六数字证书和第六私钥。
S907,密钥管理TA关联存储所述第六数字证书、所述第六私钥以及所述第二标识信息。
S908,第二业务TA存储第二标识信息和第二通行密钥。以便于后续使用数字证书和私钥时读取并使用。
作为一种示例,当密钥管理TA存储数字证书和私钥时,不采用通行密钥对数字证书和私钥加密时,上述S903和S905不再执行。在执行906时,密钥管理TA分配的第二标识信息用来标识第五数字证书和第五私钥,从而执行S907时,密钥管理TA关联存储所述第五数字证书、所述第五私钥以及所述第二标识信息。
示例性地,所述在线分发烧写接口的输入变量包括第四数字证书、所述第四私钥和所述第三运输密钥,或者包括所述第四数字证书、所述第四私钥和所述第三运输密钥和所述第二通行密钥。当密钥管理TA存储数字证书和私钥时,不采用通行密钥对数字证书和私钥加密时,所述在线分发烧写接口的输入变量包括第四数字证书、所述第四私钥和所述第三运输密钥;当密钥管理TA存储数字证书和私钥时,采用通行密钥对数字证书和私钥加密时,所述在线分发烧写接口的输入变量包括所述第四数字证书、所述第四私钥和所述第三运输密钥和所述第二通行密钥。
例如,当密钥管理TA存储数字证书和私钥时,采用通行密钥对数字证书和私钥加密为例,在线分发烧写接口可以采用如下方式定义:
int CDRM_Key_Insert_KeySlot(unsigned char*pTransportKey,int s32TransportKeyLen,int*keyIndex,unsigned char*pPasswd,int s32Passlen,unsigned char*pPrivateKey,int s32privateKeyLen,unsigned char*pCert,int s32CertLen)。
int CDRM_Key_Insert_KeySlot标识在线分发烧写接口;
keyIndex表示申请的新的标识信息,如果输入小于0,则认为没有输入keyIndex,则生成新的keyIndex返回;如果输入大于0,尝试更新或插入,更新时校验用于加密数字证书和私钥的通行密钥password,如校验失败,则更新失败,不再验证password;输入0,返回失败。更新时password不能更新。
pTransportKey表示由芯片厂商协助加密后的运输密钥(TransportKey),即上述第三通行密钥;
s32TransportKeyLen表示TransportKey的长度;
pPasswd表示由业务TA生成的通行密钥passwd,即上述第二通行密钥;
s32Passlen表示passwd的长度;
pPrivateKey表示采用TransportKey加密后的私钥,即上述第四私钥;
s32privateKeyLen表示加密后的私钥的长度,即第四私钥的长度;
pCert表示采用TransportKey加密的数字证书,即上述第四数字证书;
s32CertLen表示加密后的数字证书的长度,即第四数字证书的长度。
例如,在线分发烧写接口的函数调用成功,在线分发烧写接口的函数可以返回第五值,比如0,返回其它值时表示在线分发烧写接口的函数调用失败。
示例性地,标识申请接口的输入变量为空,输出变量为申请到的标识信息,即所述第二标识信息。例如,标识申请接口可以采用如下方式定义:
int CDRM_Key_GetNewKeyIndex(unsigned int*pNewKeyIndex)。
pNewKeyIndex输出参数,生成的新的标识信息,即第二标识信息。标识申请接口的函数调用成功,标识申请接口的函数可以返回第六值,比如0,返回其它值时表示标识申请接口的函数调用失败。
下面结合场景对上述实施例进行具体说明。
需要说明的是,在运输密钥由芯片生产厂商进行加密的情况下,各参与方之间的关系发生了变化,参见图10所示。图10中描述的参与方的关系与图4中描述的参与方的关系之间的区别在于:密钥所有者将传输密钥提供给芯片厂商进行加密,并将加密后的传输密钥传输给密钥所有者。
图10中以第一种方式,即对数字证书和私钥进行加密存储为例进行说明。以DRM主管机构为CDTA为例。如下证书管理中的数字证书和私钥加密过程、离线烧写过程、读取证书和私钥的使用流程进行详细说明。
CDTA是DRM的根CA授权中心,用于派生终端设备的数字证书(即DRM客户端证书)及生成终端设备的私钥。然后CDTA将终端设备的数字证书和私钥安全的发送至密钥所有者的运行平台。由密钥所有者在安全实验室完成对数字证书和私钥的加密。CDTA将终端设备的数字证书和私钥安全的发送至密钥所有者的运行平台时,可以采用PGP加密邮件的方式或者线下通知的方式将数字证书和私钥发送给密钥所有者。图10中以PGP加密邮件的方式为例。密钥所有者在通过PGP加密邮件方式获取到数字证书和私钥后,采用PGP技术对数字证书进行解密。应理解的是,密钥所有者可以通过订单的方式从CDTA获取多个数字证书和多个数字证书对应的私钥,如下以一个数字证书和私钥为例进行说明。
示例1,密钥所有者在安全实验室完成数字证书1(DRM cert)和私钥1(Private key)的加密过程进行说明,参见图11所示。
图11中,运输密钥1(TransportKey)表示由密钥所有者指定,是用于加密数字证书1和私钥1的运输密钥。标识信息1(Keyindex)和通行密钥1(passwd)也可以由密钥所有者指定,keyindex是用于标识烧写至芯片的数字证书1和私钥1的标识信息,passwd用于对烧写至芯片的数字证书1(DRM cert)和私钥1(Private key)进行加密。
密钥所有者在安全实验室通过运行平台采用TransportKey对DRM cert、Private_key进行加密得到数字证书2和私钥2。图11中[DRM cert]表示数字证书2,[Private key]表示私钥2。
作为一种示例,为了保证passwd传输的安全性,也可以采用TransportKey对passwd进行加密得到通行密钥2(图11中采用[passwd]表示),图11中以对passwd加密为例。其中运行平台可以使用通用密码工具(比如SM4_Encrypt_Tool),采用TransportKey分别对DRM cert、Private key和passwd进行加密。SM4_Encrypt_Tool是通用算法加密工具,该通用加密工具使用通用的密码算法加密DRM cert、Private key或passwd。例如,通用的密码算法可以是电码本模式(electronic codebook book,ECB)、密码分组链接模式(cipher block chaining,CBC)、计算器模式(counter,CTR)。Transport Key在传递给终端设备生产厂商之前,为了保证传输的安全性,可以由芯片厂商的安全实验室中的芯片厂商平台使用芯片OTP区域的层级密钥(比如,OEM_ROOTKEY)。如图11所示,芯片厂商平台使用该OEM_ROOTKEY加密TransportKey后获得[TransportKey]并发给密钥所有者。[TransportKey]表示加密后的TransportKey。芯片厂商再将[TransportKey]提供给密钥所有者,密钥所有者将[DRM cert]、[Private key]、[TransportKey]和[passwd]传递给终端设备生产厂商。从而终端设备生产厂商通过终端设备生产厂商平台获得[DRM cert]、[Private key]、[TransportKey]和[passwd]后,将数字证书和私钥烧写至终端设备的芯片中。
示例性地Keyindex也可以由终端设备生产厂商来指定,在该情况下,Keyindex无需传递给终端设备生产厂商。图11中,以Keyindex由密钥所有者传递给终端生产厂商为例。
示例2,终端设备生产厂商通过终端设备生产厂商平台将数字证书和私钥烧写至终端设备的芯片的过程进行说明,参见图10和图12所示。DRM_KEY_TA表示密钥管理TA,DRM_TA表示业务TA。图10中,以芯片中部署3个业务TA为例,分别为业务TA1(DRM TA1)、业务TA2(DRM TA2)DRM TA2和业务TA3(DRM TA3)。DRM_KEY_REE_API表示离线烧写接口。DRM_KEY_REE_API部署于REE中,DRM_KEY_REE_API用于将加密的参数写入到TEE侧的DRM_KEY_TA,DRM_KEY_REE_API接口不会对参数进行解密或者其他安全业务处理。
图12中,对采用TransportKey加密的Private key、DRM cert和采用passwd加密的Private key、DRM cert加以区分,[Private key]transportkey表示采用TransportKey加密后的Private key,即私钥2,[DRM cert]transportkey表示采用TransportKey加密后的DRM cert,即数字证书2。[Private key]passwd表示采用passwd加密后的Private key,即私钥3,[DRM cert]passwd表示采用passwd加密后的DRM cert,即数字证书3。
(1)DRM_KEY_REE_API响应于终端设备生产厂商平台传输的DRM参数,将DRM参数发送给DRM KEY TA。示例性的,DRM参数包括[Private key]transportkey的数据地址、[DRM cert]transportkey的数据地址、[passwd]和[TransportKey]。图12中以采用对TransportKey加密为例。DRM参数中也可以不包括Keyindex,在该情况下,DRM_KEY_TA可以将Keyindex设置为默认值,例如,该默认值可以在终端设备厂商平台配置给DRM_KEY_TA。图12中,以在DRM参数中携带Keyindex为例。
(2)DRM_KEY_TA执行解密流程解密出明文的DRM cert、Private key、passwd和keyindex。具体的,DRM_KEY_TA采用层级密钥解密[TransportKey]得到TransportKey,并采用TransportKey分别解密[Private key]transportkey、[DRM cert]transportkey和[passwd]得到Private key、DRM cert和passwd。
(3)DRM_KEY_TA执行加密流程,采用passwd加密DRM cert和Private key得到[DRM cert]passwd和[Private key]passwd。
(4)DRM_KEY_TA将[DRM cert]passwd和[Private key]passwd和keyindex关联写入DRM_KEY_TA的安全存储区域1中。
经过终端设备生产厂商平台将数字证书和私钥烧写至终端设备的芯片后,终端设备的使用用户在使用客户端应用的过程中,如果需要使用DRM cert和Private key,客户端应用可以通过DRM TA从DRM_KEY_TA中读取DRM cert和Private key。DRM TA与DRM_KEY_TA之间部署有安全接口DRM_KEY_TEE_API,从而DRM TA通过DRM_KEY_TEE_API从DRM_KEY_TA中读取DRM cert和Private key。终端设备的REE中除了部署DRM_KEY_REE_API,还部署客户端应用,多个不同的客户端应用可以对应于一个DRM TA,也可以对应于不同的DRM TA,比如终端设备中,部署客户端应用1-5,客户端应用1对应于DRM TA1,客户端应用2和客户端应用3对应于DRMTA2,客户端应用4和客户端应用5对应于DRM TA3。在客户端应用运行过程中,客户端应用与客户端服务端之间交互数据的过程,可能需要使用数字证书或者私钥。比如,以视频播放为例,进行直播/点播视频流程中,建立DRM客户端与DRM服务端之间的信任,需要采用数字证书建立信任。DRM客户端与DRM服务端传递数据过程需要采用私钥签名或者解密。
示例3,以DRM TA读取数字证书的过程进行说明,参见图13所示。以DRM TA1通过DRM_KEY_TEE_API从DRM_KEY_TA中读取DRM cert为例。DRM TA1对应的安全存储区域2,比如安全存储区域2中存储有DRM cert对应passwd和keyindex。
DRM TA1从flash2中读取passwd和keyindex,DRM TA1通过DRM_KEY_TEE_API中的证书传输接口将passwd和keyindex发送给DRM_KEY_TA,DRM_KEY_TA从flash1中获取keyindex关联的[DRM cert]passwd,然后采用passwd解密[DRM cert]passwd得到DRM cert,然后将DRM cert通过所述证书传输接口发送给DRM TA1。
示例4,以私钥签名的过程进行说明,参见图14所示。DRM TA1接收到待签名的数据,比如发送给DRM服务端的数据,比如由客户端应用1产生的数据等。DRM TA1从安全存储区域2中读取passwd和keyindex,DRM TA1通过DRM_KEY_TEE_API中的私钥签名接口将passwd、keyindex和待签名的数据发送给DRM_KEY_TA,DRM_KEY_TA从flash1中获取keyindex关联的[Private key]passwd,然后采用从DRM TA1接收的passwd解密[Private key]passwd得到Private key,使用Private key对待签名的数据进行签名得到签名后的数据,并将签名后的数据发送DRM TA,从而由DRMTA传输给客户端应用1,客户端应用1发送给DRM服务端。
示例5,以私钥解密的过程进行说明,参见图15所示。DRM TA1接收到待解密的数据,比如客户端应用1接收到的来自DRM服务端的加密后数据。DRM TA1从安全存储区域2中读取passwd和keyindex,DRM TA1通过DRM_KEY_TEE_API中的私钥解密接口将passwd、keyindex和待解密的数据发送给DRM_KEY_TA,DRM_KEY_TA从安全存储区域1中获取keyindex关联的[Private key]passwd,然后采用passwd解密[Private key]passwd得到Private key,使用Private key对待解密的数据进行解密得到解密后的数据,并将解密后的数据发送DRM TA。比如,待解密数据可以是CEK。
示例6,以DRM TA3为例对在线烧写数字证书和私钥的流程进行说明,参见图16所示。
烧写的数字证书和私钥的加密方式同样是由密钥所有者在安全实验室完成加密。与离 线烧写流程不同的是:密钥所有者向终端设备生产厂商提供采用运输密钥加密后的数字证书和私钥,以及运输密钥。运输密钥同样可以是由芯片厂商加密后得到的,或者是未经过加密的。示例6中以运输密钥-1(TransportKey-1)为例,且TransportKey-1不由芯片厂商加密。待写入数字证书为数字证书-1(DRM cert-1),待写入私钥为私钥-1(Private key-1)。采用TransportKey-1加密后的待写入数字证书为数字证书-2([DRM cert-1]transportkey-1),采用TransportKey-1加密后的待写入私钥为私钥-2([Private key-1]transportkey-1)。
(1)DRM TA3通过业务接口(DRM_API)接收待写入参数,待写入参数携带[DRM cert-1]transportkey-1、[Private key-1]transportkey-1和TransportKey-1。
(2)DRM TA3生成用于对Private key-1和DRM cert-1加密保存的通行密钥-1(passwd-1)。
(3)DRM TA3通过DRM_KEY_TEE_API中的标识申请接口向DRM_KEY_TA申请一个标识信息,比如标识信息-1(keyindex-1)。即,由DRM_KEY_TA分配keyindex1。例如,DRM_KEY_TA可以由终端设备生产厂商配置多个标识信息。从而基于目前keyindex的使用情况分配一个未被使用的keyindex。
(4)DRM TA3将[DRM cert-1]transportkey-1、[Private key-1]transportkey-1和TransportKey-1、keyindex-1和passwd-1通过DRM_KEY_TEE_API中在线分发烧写接口发送给DRM_KEY_TA。
(5)DRM_KEY_TA采用TransportKey-1解密[DRM cert1]transportkey-1和[Private key-1]transportkey-1得到DRM cert-1和Private key-1。
(6)DRM_KEY_TA采用passwd-1加密DRM cert-1和Private key-1得到数字证书-1([DRM cert-1]passwd-1)和私钥-3([Private key-1]passwd-1)。
(7)DRM_KEY_TA将[DRM cert-1]passwd-1、[Private key-1]passwd-1以及keyindex-1关联存储于安全存储区域1中。
(8)DRM TA3将passwd-1和keyindex-1写入DRM TA3对应的安全存储区域4中,用于后续读取证书和使用私钥时使用。
图17为本申请实施例的另一种可能的证书管理装置的结构示意图。如图17所示,装置1700包括处理器1710和存储器1720。应当理解,当装置1700为芯片产品时,装置1700可以只包括处理器1710,存储器1720可以认为是装置1700之外的存储器芯片。图6中所涉及的离线烧写接口、密钥管理TA、传输接口以及各个业务TA的功能均可以由处理器1710来实现。该装置1700还可以包括通信接口1730,通信接口1730用于与终端设备生产厂商平台通信,接收来自终端设备生产厂商平台的DRM参数,或者离线烧写中的待写入参数等。在实现过程中,处理流程的各步骤可以通过处理器1710中的硬件的集成逻辑电路或软件形式的指令完成图7-图16中涉及的方法。本申请实施例中通信接口1730可以是电路、总线等可以用于进行信息交互的硬件接口。
本申请实施例中处理器1710可以是通用处理器、数字信号处理器、专用集成电路、现场可编程门阵列或其他可编程逻辑器件、分立门或晶体管逻辑器件、分立硬件组件。通用处理器可以是微处理器或任何常规的处理器等。结合本申请实施例所公开的方法的步骤可以直接体现为硬件处理器执行完成,或用处理器中的硬件及软件单元组合执行完成。处理器1710用于实现上述方法所执行的程序代码可以存储在存储器1720中。存储器1720和处理器1710耦合。本申请实施例中的耦合是装置、单元或模块之间的间接耦合或通信 连接,可以是电性,机械或其它的形式,用于装置、单元或模块之间的信息交互。处理器1710可能和存储器1720协同操作。存储器1730可以是非易失性存储器,比如硬盘(hard disk drive,HDD)或固态硬盘(solid-state drive,SSD)等。存储器1720是能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。存储器1720还用于关联存储数字证书、私钥和标识信息,和关联存储标识信息和通行密钥。
本申请实施例中不限定上述通信接口1730、处理器1710以及存储器1720之间的具体连接介质。本申请实施例在图17中以通信接口1730、处理器1710以及存储器1720之间通过总线连接。总线在图17中以粗线表示,其它部件之间的连接方式,仅是进行示意性说明,并不引以为限。所述总线可以分为地址总线、数据总线、控制总线等。为便于表示,图17中仅用一条粗线表示,但并不表示仅有一根总线或一种类型的总线。
基于同一发明构思,本申请实施例提供了一种计算机程序产品,包括计算机程序,该计算机程序在某一计算机上执行时,将会使所述计算机实现上述任一证书管理方法实施例中所涉及的功能。
基于同一发明构思,本申请实施例提供了一种计算机程序,该计算机程序在某一计算机上执行时,将会使所述计算机实现上述任一证书管理方法实施例中所涉及的功能。
基于同一发明构思,本申请实施例提供了一种计算机可读存储介质,用于存储程序、指令,这些程序、指令在计算机中被调用执行时,可以使得计算机执行上述任一证书管理方法实施例中所涉及的功能。
本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。
本申请是参照根据本申请实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。
显然,本领域的技术人员可以对本申请实施例进行各种改动和变型而不脱离本申请实 施例的范围。这样,倘若本申请实施例的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。

Claims (35)

  1. 一种证书管理方法,其特征在于,所述方法应用于部署有可信执行环境TEE的装置,所述装置中还部署有离线烧写接口,所述TEE中部署有密钥管理可信应用TA,所述方法包括:
    所述密钥管理TA通过离线烧写接口获取数字版权管理DRM参数,所述DRM参数中包括第一数字证书的地址、第一私钥的地址以及运输密钥;所述第一数字证书为使用所述运输密钥对第二数字证书加密后的数字证书,所述第一私钥为使用所述运输密钥对第二私钥加密后的私钥,所述第二私钥用于签名发往DRM服务端的数据,或用于解密来自DRM服务端的数据;
    所述密钥管理TA分别根据所述第一数字证书的地址和所述第一私钥的地址获取所述第一数字证书和所述第一私钥,并采用所述运输密钥分别解密所述第一数字证书和所述第一私钥得到所述第二数字证书和所述第二私钥;
    所述密钥管理TA关联存储所述第二数字证书、所述第二私钥以及第一标识信息,所述第一标识信息用于标识所述第二数字证书和所述第二私钥。
  2. 如权利要求1所述的方法,其特征在于,所述输入参数还包括第一通行密钥;
    所述密钥管理TA关联存储所述第二数字证书、所述第二私钥以及所述第一标识信息,包括:
    所述密钥管理TA采用所述第一通行密钥分别对所述第二数字证书和所述第二私钥进行加密,得到第三数字证书和第三私钥;
    所述密钥管理TA关联存储所述第三数字证书、所述第三私钥以及所述第一标识信息,所述第一标识信息用于标识所述第三数字证书和所述第三私钥。
  3. 如权利要求1或2所述的方法,其特征在于,所述TEE中还部署有N个业务TA和传输接口,N为正整数;
    所述第一业务TA获取第一信息,所述第一信息包括所述第一标识信息,所述第一业务TA为所述N个业务TA中的任一个;
    所述第一业务TA通过所述传输接口从所述密钥管理TA中获取所述第一标识信息关联的所述第二数字证书。
  4. 如权利要求3所述的方法,其特征在于,若所述DRM参数还包括所述第一通行密钥,所述第一信息还包括所述第一通行密钥;
    所述第一业务TA基于所述第一标识信息和所述第一通行密钥通过所述传输接口从所述密钥管理TA中获取所述第二数字证书。
  5. 如权利要求4所述的方法,其特征在于,所述第一业务TA基于所述第一标识信息和所述第一通行密钥通过所述传输接口从所述密钥管理TA中获取所述第二数字证书,包括:
    所述第一业务TA通过所述传输接口向所述密钥管理TA发送第一指令,所述第一指令携带所述第一通行密钥和所述第一标识信息;
    所述密钥管理TA从存储的数字证书中获取所述第一标识信息关联的所述第三数字证书;
    所述密钥管理TA使用所述第一通行密钥解密所述第三数字证书得到所述第二数字证 书,并将所述第二数字证书通过所述传输接口发送给所述第一业务TA。
  6. 如权利要求1至5任一项所述的方法,其特征在于,所述TEE中部署有第一业务TA,所述方法还包括:
    所述第一业务TA向所述密钥管理TA发送第二指令,所述第二指令携带第一数据和所述第一标识信息;所述第一业务TA为所述N个业务TA中的任一个;
    所述密钥管理TA从存储的密钥中获取所述第一标识信息关联的所述第二私钥,并采用所述第二私钥对所述第一数据进行签名或者解密得到第二数据;
    所述密钥管理TA将所述第二数据发送给所述第一业务TA。
  7. 如权利要求6所述的方法,其特征在于,若所述DRM参数还包括所述第一通行密钥,所述第二指令还包括所述第一通行密钥;
    所述采用所述第二私钥对所述第一数据进行签名或者解密得到第二数据,包括:
    所述密钥管理TA从存储的密钥中获取所述第一标识信息关联的所述第三私钥,并采用所述第一通行密钥解密所述第三私钥得到所述第二私钥;
    所述密钥管理TA采用所述第二私钥对所述第一数据进行签名或者解密得到所述第二数据,并将所述第二数据发送给所述第一业务TA。
  8. 如权利要求1-7中任一项所述的方法,其特征在于,所述DRM参数中还包括如下至少一项:
    所述运输密钥的长度、所述第一标识信息的长度、所述第一私钥的长度、所述第一数字证书的长度。
  9. 如权利要求2-8中任一项所述的方法,其特征在于,所述DRM参数中还包括所述第一通行密钥的长度。
  10. 如权利要求1-9中任一项所述的方法,其特征在于,所述离线烧写接口为函数调用接口,所述离线烧写接口的输入变量包括所述DRM参数中的任一项参数。
  11. 如权利要求3-9中任一项所述的方法,其特征在于,所述传输接口为函数调用接口,所述传输接口包括如下至少一个:标识申请接口、证书读取接口、私钥签名接口、私钥解密接口或在线烧写接口;
    其中,所述标识申请接口的输入变量为空;
    所述证书读取接口的输入变量包括所述第一标识信息或者包括所述第一标识信息和所述第一通行密钥;
    所述私钥签名接口的输入变量包括所述第一标识信息和待签名的数据或者包括所述第一标识信息、所述第一通行密钥和待签名的数据;
    所述私钥解密接口的输入变量包括所述第一标识信息和待解密的数据或者包括所述第一标识信息、所述第一通行密钥和待解密的数据;
    所述在线烧写接口的输入变量包括经过加密的待写入数字证书、经过加密的待写入私钥和加密所述待写入数字证书和所述待写入私钥所使用的运输密钥。
  12. 如权利要求10或11所述的方法,其特征在于,所述函数调用接口为应用程序编程接口API。
  13. 如权利要求1-12中任一项所述的方法,其特征在于,所述运输密钥包括第一运输密钥和第二运输密钥,所述第一数字证书为使用所述第一运输密钥对所述第二数字证书加密后的数字证书,所述第一私钥为使用所述第二运输密钥对所述第二私钥加密后的私钥;
    所述密钥管理TA采用所述运输密钥分别解密所述第一数字证书和所述第一私钥得到所述第二数字证书和所述第二私钥,包括:
    所述密钥管理TA采用所述第一运输密钥解密所述第一数字证书,得到所述第二数字证书,并采用所述第二运输密钥解密所述第一私钥,得到所述第二私钥。
  14. 如权利要求1-13中任一项所述的方法,其特征在于,所述运输密钥为使用层级密钥加密后的密钥;
    所述密钥管理TA采用所述运输密钥分别解密所述第一数字证书和所述第一私钥得到所述第二数字证书和所述第二私钥,包括:
    所述密钥管理TA采用所述层级密钥对所述运输密钥进行解密;
    采用解密后的运输密钥分别解密所述第一数字证书和所述第一私钥得到所述第二数字证书和所述第二私钥。
  15. 如权利要求1-14任一项所述的方法,其特征在于,所述TEE部署有第二业务TA,部署有可信执行环境TEE的装置中部署有所述传输接口,所述方法还包括:
    所述第二业务TA接收待写入参数,所述待写入参数包括第四数字证书、第四私钥和第三运输密钥,所述第四数字证书为使用所述第三运输密钥对第五数字证书加密后的数字证书,所述第四私钥为使用所述第三运输密钥对所述第五数字证书对应的第五私钥加密后的私钥;
    所述第二业务TA通过所述传输接口向所述密钥管理TA申请第二标识信息;
    所述第二业务TA将所述第四数字证书、所述第四私钥、所述第三运输秘钥和所述第二标识信息发送给所述密钥管理TA;
    所述密钥管理TA采用所述第三运输密钥分别解密所述第四数字证书和所述第四私钥得到所述第五数字证书和所述第五私钥;
    所述密钥管理TA关联存储所述第五数字证书、所述第五私钥以及所述第二标识信息;
    所述第二业务TA存储所述第二标识信息。
  16. 如权利要求15所述的方法,其特征在于,还包括:
    所述第二业务TA生成第二通行密钥,并存储所述第二通行密钥;
    所述第二业务TA将所述第二通行密钥发送给所述密钥管理TA;
    所述密钥管理TA关联存储所述第五数字证书、所述第五私钥以及所述第二标识信息,包括:
    所述密钥管理TA使用所述第二通行密钥分别对所述第五数字证书和所述第五私钥进行加密得到第六数字证书和第六私钥,并关联存储所述第六数字证书、所述第六私钥以及所述第二标识信息。
  17. 一种证书管理装置,其特征在于,所述装置部署有可信执行环境TEE,所述装置中还部署有离线烧写接口,所述TEE中部署有密钥管理可信应用TA,其中,
    所述密钥管理TA,用于通过离线烧写接口获取数字版权管理DRM参数,所述DRM参数中包括第一数字证书的地址、第一私钥的地址以及运输密钥;所述第一数字证书为使用所述运输密钥对第二数字证书加密后的数字证书,所述第一私钥为使用所述运输密钥对第二私钥加密后的私钥,所述第二私钥用于签名发往DRM服务端的数据,或用于解密来自DRM服务端的数据;
    所述密钥管理TA,还用于分别根据所述第一数字证书的地址和所述第一私钥的地址 获取所述第一数字证书和所述第一私钥,并采用所述运输密钥分别解密所述第一数字证书和所述第一私钥得到所述第二数字证书和所述第二私钥;关联存储所述第二数字证书、所述第二私钥以及第一标识信息,所述第一标识信息用于标识所述第二数字证书和所述第二私钥。
  18. 如权利要求17所述的装置,其特征在于,所述DRM参数还包括第一通行密钥;
    所述密钥管理TA,具体用于采用所述第一通行密钥分别对所述第二数字证书和所述第二私钥进行加密,得到第三数字证书和第三私钥;关联存储所述第三数字证书、所述第三私钥以及所述第一标识信息,所述第一标识信息用于标识所述第三数字证书和所述第三私钥。
  19. 如权利要求17或18所述的装置,其特征在于,所述TEE中还部署有N个业务TA和传输接口,N为正整数;
    所述第一业务TA,用于获取第一信息,所述第一信息包括所述第一标识信息,所述第一业务TA为所述N个业务TA中的任一个;通过所述传输接口从所述密钥管理TA中获取所述第一标识信息关联的所述第二数字证书。
  20. 如权利要求19所述的装置,其特征在于,若所述DRM参数还包括所述第一通行密钥,所述第一信息还包括所述第一通行密钥;
    所述第一业务TA,还用于基于所述第一标识信息和所述第一通行密钥通过所述传输接口从所述密钥管理TA中获取所述第二数字证书。
  21. 如权利要求20所述的装置,其特征在于,所述第一业务TA,具体用于通过所述传输接口向所述密钥管理TA发送第一指令,所述第一指令携带所述第一通行密钥和所述第一标识信息;
    所述密钥管理TA,还用于从存储的数字证书中获取所述第一标识信息关联的所述第三数字证书;使用所述第一通行密钥解密所述第三数字证书得到所述第二数字证书,并将所述第二数字证书通过所述传输接口发送给所述第一业务TA。
  22. 如权利要求17至21任一项所述的装置,其特征在于,所述TEE中部署有第一业务TA,所述第一业务TA,还用于向所述密钥管理TA发送第二指令,所述第二指令携带第一数据和所述第一标识信息;所述第一业务TA为所述N个业务TA中的任一个;
    所述密钥管理TA,还用于从存储的密钥中获取所述第一标识信息关联的所述第二私钥,并采用所述第二私钥对所述第一数据进行签名或者解密得到第二数据;
    所述密钥管理TA,还用于将所述第二数据发送给所述第一业务TA。
  23. 如权利要求22所述的装置,其特征在于,若所述DRM参数还包括所述第一通行密钥,所述第二指令还包括所述第一通行密钥;
    所述密钥管理TA,具体用于从存储的密钥中获取所述第一标识信息关联的所述第三私钥,并采用所述第一通行密钥解密所述第三私钥得到所述第二私钥;采用所述第二私钥对所述第一数据进行签名或者解密得到所述第二数据,并将所述第二数据发送给所述第一业务TA。
  24. 如权利要求17-23中任一项所述的装置,其特征在于,所述DRM参数中还包括如下至少一项:
    所述运输密钥的长度、所述第一标识信息的长度、所述第一私钥的长度、所述第一数字证书的长度。
  25. 如权利要求18-24中任一项所述的装置,其特征在于,所述DRM参数中还包括所述第一通行密钥的长度。
  26. 如权利要求18-25中任一项所述的装置,其特征在于,所述离线烧写接口为函数调用接口,所述离线烧写接口的输入变量包括所述DRM参数中的任一项参数。
  27. 如权利要求18-26中任一项所述的装置,其特征在于,所述传输接口为函数调用接口,所述传输接口包括如下至少一个:标识申请接口、证书读写接口、私钥签名接口、私钥解密接口或在线烧写接口;
    其中,所述标识申请接口的输入变量为空;
    所述证书读写接口的输入变量包括所述第一标识信息或者包括所述第一标识信息和所述第一通行密钥;
    所述私钥签名接口的输入变量包括所述第一标识信息和待签名的数据或者包括所述第一标识信息、所述第一通行密钥和待签名的数据;
    所述私钥解密接口的输入变量包括所述第一标识信息和待解密的数据或者包括所述第一标识信息、所述第一通行密钥和待解密的数据;
    所述在线烧写接口的输入变量包括经过加密的待写入数字证书、经过加密的待写入私钥和加密所述待写入数字证书和所述待写入私钥所使用的运输密钥。
  28. 如权利要求26或27所述的装置,其特征在于,所述函数调用接口为应用程序编程接口API。
  29. 如权利要求17-28中任一项所述的装置,其特征在于,所述运输密钥包括第一运输密钥和第二运输密钥,所述第一数字证书为使用所述第一运输密钥对所述第二数字证书加密后的数字证书,所述第一私钥为使用所述第二运输密钥对所述第二私钥加密后的私钥;
    所述密钥管理TA,具体用于采用所述第一运输密钥解密所述第一数字证书,得到所述第二数字证书,并采用所述第二运输密钥解密所述第一私钥,得到所述第二私钥。
  30. 如权利要求17-29中任一项所述的装置,其特征在于,所述运输密钥为使用层级密钥加密后的密钥;
    所述密钥管理TA,具体用于采用所述层级密钥对所述运输密钥进行解密;采用解密后的运输密钥分别解密所述第一数字证书和所述第一私钥得到所述第二数字证书和所述第二私钥。
  31. 如权利要求17-30任一项所述的装置,其特征在于,所述TEE部署有第二业务TA,部署有可信执行环境TEE的装置中部署有所述传输接口;
    所述第二业务TA,用于接收待写入参数,所述待写入参数包括第四数字证书、第四私钥和第三运输密钥,所述第四数字证书为使用所述第三运输密钥对第五数字证书加密后的数字证书,所述第四私钥为使用所述第三运输密钥对所述第五数字证书对应的第五私钥加密后的私钥;
    所述第二业务TA,还用于通过所述传输接口向所述密钥管理TA申请第二标识信息;所述密钥管理TA,用于为第二业务TA分配第二标识信息,并通过所述传输接口发送给所述第二业务TA;
    所述第二业务TA,还用于将所述第四数字证书、所述第四私钥、所述第三运输秘钥和所述第二标识信息发送给所述密钥管理TA;
    所述密钥管理TA,还用于采用所述第三运输密钥分别解密所述第四数字证书和所述 第四私钥得到所述第五数字证书和所述第五私钥;关联存储所述第五数字证书、所述第五私钥以及所述第二标识信息;
    所述第二业务TA,还用于存储所述第二标识信息。
  32. 如权利要求31所述的装置,其特征在于:
    所述第二业务TA,还用于生成第二通行密钥,并存储所述第二通行密钥;将所述第二通行密钥发送给所述密钥管理TA;
    所述密钥管理TA,具体用于使用所述第二通行密钥分别对所述第五数字证书和所述第五私钥进行加密得到第六数字证书和第六私钥,并关联存储所述第六数字证书、所述第六私钥以及所述第二标识信息。
  33. 一种证书管理装置,其特征在于,所述装置包括处理器,所述处理器中部署有可信执行环境TEE和离线烧写接口,所述TEE中部署有密钥管理可信应用TA;
    所述处理器,用于调用存储在存储器中的软件指令,以执行如权利要求1至16任一项所述的方法。
  34. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质中存储有指令,当所述指令在计算机或处理器上运行时,使得所述计算机或处理器执行如权利要求1至16任一项所述的方法。
  35. 一种包含指令的计算机程序产品,其特征在于,当所述计算机程序产品在计算机或处理器上运行时,使得所述计算机或处理器执行如权利要求1至16任一项所述的方法。
PCT/CN2019/101450 2019-08-19 2019-08-19 一种证书管理方法及装置 WO2021031087A1 (zh)

Priority Applications (3)

Application Number Priority Date Filing Date Title
PCT/CN2019/101450 WO2021031087A1 (zh) 2019-08-19 2019-08-19 一种证书管理方法及装置
EP19942074.6A EP4016921A4 (en) 2019-08-19 2019-08-19 CERTIFICATE MANAGEMENT METHOD AND APPARATUS
CN201980099456.9A CN114223176B (zh) 2019-08-19 2019-08-19 一种证书管理方法及装置

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/101450 WO2021031087A1 (zh) 2019-08-19 2019-08-19 一种证书管理方法及装置

Publications (1)

Publication Number Publication Date
WO2021031087A1 true WO2021031087A1 (zh) 2021-02-25

Family

ID=74659760

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/101450 WO2021031087A1 (zh) 2019-08-19 2019-08-19 一种证书管理方法及装置

Country Status (3)

Country Link
EP (1) EP4016921A4 (zh)
CN (1) CN114223176B (zh)
WO (1) WO2021031087A1 (zh)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114301597A (zh) * 2021-12-13 2022-04-08 零信技术(深圳)有限公司 密钥验证方法、设备及可读存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007073623A1 (fr) * 2005-12-29 2007-07-05 Zte Corporation Procede de telechargement d'une certification et d'une cle numeriques
US20120303951A1 (en) * 2011-05-27 2012-11-29 General Instrument Corporation Method and system for registering a drm client
CN106033503A (zh) * 2015-03-19 2016-10-19 阿里巴巴集团控股有限公司 在数字内容设备中在线写入应用密钥的方法、装置及系统
CN107743067A (zh) * 2017-11-30 2018-02-27 美的智慧家居科技有限公司 数字证书的颁发方法、系统、终端以及存储介质

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9722775B2 (en) * 2015-02-27 2017-08-01 Verizon Patent And Licensing Inc. Network services via trusted execution environment
CN106851351B (zh) * 2015-12-03 2018-02-27 国家新闻出版广电总局广播科学研究院 一种支持数字版权管理(drm)的媒体网关/终端实现方法及其设备

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007073623A1 (fr) * 2005-12-29 2007-07-05 Zte Corporation Procede de telechargement d'une certification et d'une cle numeriques
US20120303951A1 (en) * 2011-05-27 2012-11-29 General Instrument Corporation Method and system for registering a drm client
CN106033503A (zh) * 2015-03-19 2016-10-19 阿里巴巴集团控股有限公司 在数字内容设备中在线写入应用密钥的方法、装置及系统
CN107743067A (zh) * 2017-11-30 2018-02-27 美的智慧家居科技有限公司 数字证书的颁发方法、系统、终端以及存储介质

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114301597A (zh) * 2021-12-13 2022-04-08 零信技术(深圳)有限公司 密钥验证方法、设备及可读存储介质
CN114301597B (zh) * 2021-12-13 2024-02-09 零信技术(深圳)有限公司 密钥验证方法、设备及可读存储介质

Also Published As

Publication number Publication date
EP4016921A1 (en) 2022-06-22
EP4016921A4 (en) 2022-08-24
CN114223176B (zh) 2024-04-12
CN114223176A (zh) 2022-03-22

Similar Documents

Publication Publication Date Title
EP3454238B1 (en) Registration and authorization method, device and system
TWI715537B (zh) 基於雲環境的加密機金鑰注入系統、方法及裝置
WO2018076761A1 (zh) 基于区块链交易的权限管制方法、系统、电子装置及存储介质
US8140843B2 (en) Content control method using certificate chains
US8245031B2 (en) Content control method using certificate revocation lists
US7975312B2 (en) Token passing technique for media playback devices
US9589159B2 (en) Creating secure communication channels between processing elements
TWI701929B (zh) 密碼運算、創建工作密鑰的方法、密碼服務平台及設備
US8613103B2 (en) Content control method using versatile control structure
CN104094267B (zh) 安全共享来自源装置的媒体内容的方法、装置和系统
CN111008228A (zh) 区块链中账户隐私信息的查询方法及装置
US20080010449A1 (en) Content Control System Using Certificate Chains
US20080010452A1 (en) Content Control System Using Certificate Revocation Lists
US20080034440A1 (en) Content Control System Using Versatile Control Structure
TW202029044A (zh) 區塊鏈交易的產生方法和裝置
TW201814496A (zh) 資料儲存方法、資料獲取方法、裝置及系統
WO2016107203A1 (zh) 一种身份认证方法及装置
JP5180203B2 (ja) メモリ装置から供給される情報を制御するシステムおよび方法
US8538890B2 (en) Encrypting a unique cryptographic entity
WO2016146013A1 (zh) 在数字内容设备中在线写入应用密钥的方法、装置及系统
TW201009637A (en) Backing up digital content that is stored in a secured storage device
WO2014114080A1 (zh) 数据加密保护方法及系统
WO2021057124A1 (zh) 基于fpga实现隐私区块链的方法及装置
JP2009543211A (ja) 汎用管理構造を使用するコンテンツ管理システムおよび方法
JP5178716B2 (ja) 証明書取消リストを使用するコンテンツ管理システムおよび方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19942074

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2019942074

Country of ref document: EP

Effective date: 20220317