WO2022116708A1 - Key management method and apparatus - Google Patents

Key management method and apparatus Download PDF

Info

Publication number
WO2022116708A1
WO2022116708A1 PCT/CN2021/123924 CN2021123924W WO2022116708A1 WO 2022116708 A1 WO2022116708 A1 WO 2022116708A1 CN 2021123924 W CN2021123924 W CN 2021123924W WO 2022116708 A1 WO2022116708 A1 WO 2022116708A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
update
storage area
secure storage
credential
Prior art date
Application number
PCT/CN2021/123924
Other languages
French (fr)
Chinese (zh)
Inventor
吴涛
刘洪辉
冉懋良
陈战
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2022116708A1 publication Critical patent/WO2022116708A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)

Abstract

A key management method and apparatus. In the present application, the key management apparatus can store a key in a secure storage area of a device, the key being a key required by the device during secure start-up, software installation, or software upgrade. Then, a key update request can be received, the key update request being used for requesting to update the key, the key update request comprising an update credential, and the update credential being signed and published by a trusted platform; and the key management apparatus first verifies the update credential, and after the verification is passed, updates the key according to the key update request. The key management apparatus can update the key stored in the secure storage area, so that the key is no longer unmodifiable; in addition, before the key is updated, the update credential also needs to be verified, and the key can be updated only when the verification of the update credential is passed, so that the key update method is also more secure.

Description

一种密钥管理方法及装置A key management method and device 技术领域technical field
本申请涉及通信技术领域,尤其涉及一种密钥管理方法及装置。The present application relates to the field of communication technologies, and in particular, to a key management method and device.
背景技术Background technique
在设备的安全启动、软件安装以及软件升级过程中均需对应的公钥,对需要启动的模块、待安装的安装包以及升级包进行验证,在验证通过后,才可以启动模块、安装软件以及升级软件,以保证安全启动、软件安装以及软件升级过程的安全性。The corresponding public key is required during the secure startup, software installation and software upgrade of the device to verify the modules to be started, the installation package to be installed, and the upgrade package. Upgrade software to ensure secure boot, software installation, and the security of the software upgrade process.
下面以安全启动为例进行说明,安全启动是指设备在启动过程中,前一个启动的模块(该模块可以理解为软件模块)对后一个需要启动的模块进行验证,若验证通过后,触发该后一个需要启动的模块启动,若验证不通过,则中止启动。The following uses secure boot as an example to illustrate. Secure boot refers to the fact that during the boot process of the device, the module that is started before (this module can be understood as a software module) verifies the module that needs to be started. The latter module that needs to be started is started, and if the verification fails, the startup is aborted.
目前,在安全启动过程中对模块进行验证所采用的公钥存储在设备的处理器中的电子熔断器(eFuse)中,鉴于eFuse中的内容无法清除、修改,无法轻易变更存储在eFuse中的公钥,导致公钥无法更新,不能对该公钥进行管理。At present, the public key used to verify the module during the secure boot process is stored in the electronic fuse (eFuse) in the processor of the device. Since the content in the eFuse cannot be cleared or modified, it is impossible to easily change the information stored in the eFuse. The public key cannot be updated and the public key cannot be managed.
发明内容SUMMARY OF THE INVENTION
本申请提供一种密钥管理方法及装置,用以更新安全启动、软件安装以及软件升级过程中所需的公钥。The present application provides a key management method and device for updating the public key required in the process of secure boot, software installation and software upgrade.
第一方面,本申请实施例提供了一种密钥管理方法,该方法可由设备中的密钥管理装置执行,在该方法中,密钥管理装置能够将密钥存储至设备中的安全存储区域,该密钥为设备在安全启动、软件安装、或软件升级过程中所需要的密钥。该安全存储区域位于该设备中的存储器中,在一定场景下,该安全存储区域内的数据可以被更新。在密钥管理装置存储了该密钥之后,可以接收密钥更新请求,该密钥更新请求用于请求对密钥进行更新,该密钥更新请求中包括更新凭证,更新凭证是由信任平台签名、并发布的;密钥管理装置先对该更新凭证进行验证,在验证通过之后,根据该密钥更新请求对密钥进行更新。这里是以直接管理密钥为例,在实际应用中,也可以采用类似的方式对密钥的相关信息(对密钥进行运算后的运算值,该运算可以是哈希运算,也可以为签名算法,还可以为其他运算)进行管理,这里无论是直接对密钥进行管理还是对密钥的相关信息进行管理其实质均是指对密钥进行管理。In a first aspect, an embodiment of the present application provides a key management method. The method can be executed by a key management apparatus in a device. In the method, the key management apparatus can store a key in a secure storage area in the device. , which is the key required by the device during secure boot, software installation, or software upgrade. The secure storage area is located in the memory of the device, and in certain scenarios, data in the secure storage area can be updated. After the key management device stores the key, it can receive a key update request, where the key update request is used to request to update the key, and the key update request includes an update certificate, and the update certificate is signed by the trusted platform , and issued; the key management device first verifies the update credential, and after the verification passes, updates the key according to the key update request. Here is an example of directly managing the key. In practical applications, the related information of the key (the operation value after the operation of the key can be a hash operation or a signature) can also be used in a similar way. Algorithms, can also be managed for other operations), here, whether it is to directly manage the key or manage the related information of the key, the essence refers to the management of the key.
通过上述方法,密钥管理装置能够对存储在安全存储区域的密钥进行更新,该密钥不再是不能被修改的,另外,在对密钥更新之前,还需要验证更新凭证,只有在对更新凭证验证通过的情况下,才能够对密钥进行更新,也使得密钥的更新方式更加安全。Through the above method, the key management device can update the key stored in the secure storage area, and the key can no longer be modified. In addition, before the key is updated, the update certificate needs to be verified. The key can be updated only when the update certificate verification is passed, which also makes the key update method more secure.
在一种可能的实现方式中,存储在该安全存储区域中的密钥可以是对设备中需运行的软件代码进行验证所需的密钥。该设备除了需要运行的软件代码还需要运行固件代码,该固定代码是在设备启动过程中最先需要启动或运行的。对设备需运行的固件代码进行验证所需的固件密钥可以存储在安全存储区域,也可以存储在该设备的电子熔断器中,也即固件密钥和软件密钥存储在不同的区域中,电子熔断器中的存储的固件密钥不能被修改。当然,该固件密钥也可以存储在其他不允许修改的存储区域中。In a possible implementation, the key stored in the secure storage area may be a key required to verify the software code to be run in the device. The device needs to run firmware code in addition to the software code that needs to be run, and the fixed code needs to be started or run first during the device startup process. The firmware key required to verify the firmware code that the device needs to run can be stored in a secure storage area or in the device's electronic fuse, i.e. the firmware key and the software key are stored in different areas, The firmware key stored in the electronic fuse cannot be modified. Of course, the firmware key can also be stored in other storage areas that are not allowed to be modified.
通过上述方法,对软件代码和固件代码验证所需的密钥分别存储在不同的位置,由于对 软件代码验证所需的密钥存储在安全存储区域中,能够根据需要更新该密钥,已解除该设备与该软件代码的厂家的绑定关系。Through the above method, the keys required for the verification of the software code and the firmware code are stored in different locations respectively. Since the key required for the verification of the software code is stored in the secure storage area, the key can be updated as needed, and the The binding relationship between the device and the manufacturer of the software code.
在一种可能的实现方式中,当对设备进行安全启动时,密钥管理装置可以从电子熔断器中读取固件密钥,利用固件密钥对固件代码进行验证,具体的,对固件代码的签名(该签名是利用该固件密钥对应的私钥生成的)进行验证。所述软件代码和所述固件代码可以来自不同厂家。In a possible implementation manner, when the device is started securely, the key management device can read the firmware key from the electronic fuse, and use the firmware key to verify the firmware code. The signature (which is generated using the private key corresponding to the firmware key) is verified. The software code and the firmware code may be from different manufacturers.
在利用固件密钥对固件代码验证通过后,则允许该固件代码运行,在运行固件代码后,密钥管理装置可以从安全存储区域读取密钥,利用密钥对软件代码进行验证,具体的,对软件代码的签名(该签名是利用该密钥对应的私钥生成的)进行验证。在利用密钥对软件代码验证通过后,允许运行该软件代码。After the firmware code is verified by the firmware key, the firmware code is allowed to run. After running the firmware code, the key management device can read the key from the secure storage area, and use the key to verify the software code. , verifies the signature of the software code (the signature is generated by using the private key corresponding to the key). After the software code is verified through the key pair, the software code is allowed to run.
当设备在安装该软件代码时,密钥管理装置可以从安全存储区域中获取该密钥,对该软代码的安装包进行验证,也即对该安装包上携带的签名进行验证,在验证通过后,允许安装该软件代码,也即通过该安装包安装该软件代码。When the device is installing the software code, the key management device can obtain the key from the secure storage area, and verify the installation package of the software code, that is, verify the signature carried on the installation package. After that, the software code is allowed to be installed, that is, the software code is installed through the installation package.
当设备在升级该软件代码时,密钥管理装置可以从安全存储区域中获取该密钥,对该软代码的升级包进行验证,也即对该升级包上携带的签名进行验证,在验证通过后,允许升级该软件代码,也即通过该升级包升级该软件代码。When the device is upgrading the software code, the key management device can obtain the key from the secure storage area, and verify the upgrade package of the software code, that is, verify the signature carried on the upgrade package. After that, the software code is allowed to be upgraded, that is, the software code is upgraded through the upgrade package.
通过上述方法,设备在运行软件代码、安装软件代码、或升级软件代码的过程中,可以从安全存储区域获取该密钥,使得能够对该软件代码进行验证,保证软件代码在运行、安装以及升级过程中的安全性。Through the above method, during the process of running the software code, installing the software code, or upgrading the software code, the device can obtain the key from the secure storage area, so that the software code can be verified, and the software code can be guaranteed to be running, installed and upgraded. safety in the process.
在一种可能的实现方式中,密钥管理装置在将密钥存储至设备中的安全存储区域时,可以直接将密钥存储在安全存储区域,也可以先对密钥进行签名,将签名后的密钥存储至安全存储区域。这里并不限定对密钥签名所采用的私钥。In a possible implementation manner, when storing the key in the secure storage area in the device, the key management apparatus may directly store the key in the secure storage area, or may first sign the key, and then key is stored in a secure storage area. The private key used to sign the key is not limited here.
通过上述方法,密钥管理装置可以通过不同方式将密钥存储在安全存储区域,方式较为灵活,适用于不同场景。Through the above method, the key management device can store the key in the secure storage area in different ways, which are flexible and suitable for different scenarios.
在一种可能的实现方式中,密钥管理装置在对更新凭证进行验证时,可以确认更新凭证的签名是否来自信任平台,例如利用该信任平台的公钥对该签名进行验证,若更新凭证的签名是来自信任平台则验证通过,否则验证失败;若更新凭证还指示需要更新的密钥,密钥管理装置在对更新凭证进行验证时,除了确认更新凭证的签名是否来自信任平台,还可以确认更新凭证指示的需要更新的密钥与存储在安全存储区域的密钥是否一致,在确定更新凭证的签名来自信任平台以及更新凭证指示的需要更新的密钥与存储在安全存储区域的密钥一致的情况下,确定对更新凭证验证通过;在确定更新凭证的签名并非来自信任平台或更新凭证指示的需要更新的密钥与存储在安全存储区域的密钥不一致的情况下,确定对更新凭证验证失败。In a possible implementation manner, when verifying the update certificate, the key management device can confirm whether the signature of the update certificate comes from a trusted platform, for example, by using the public key of the trusted platform to verify the signature. If the signature is from the trusted platform, the verification passes, otherwise the verification fails; if the update certificate also indicates the key that needs to be updated, when the key management device verifies the update certificate, in addition to confirming whether the signature of the update certificate comes from the trust platform, it can also confirm Whether the key to be updated indicated by the update credential is consistent with the key stored in the secure storage area, after determining that the signature of the update credential comes from the trusted platform and the key to be updated indicated by the update credential is consistent with the key stored in the secure storage area If it is determined that the update credential is verified to pass; if it is determined that the signature of the update credential does not come from the trusted platform or the key to be updated indicated by the update credential is inconsistent with the key stored in the secure storage area, it is determined to verify the update credential. fail.
通过上述方法,密钥管理装置在对更新凭证进行验证时,可以对更新凭证的签名以及更新凭证指示的内容进行确认,能够保证该更新凭证的有效性,进而,保证后续能够对密钥进行安全、有效的更新。Through the above method, when verifying the update certificate, the key management device can confirm the signature of the update certificate and the content indicated by the update certificate, which can ensure the validity of the update certificate, and further ensure that the key can be secured in the future. , a valid update.
在一种可能的实现方式中,密钥管理装置对安全存储区域中的密钥进行更新之后,可以将更新凭证标识为失效状态。这样可以避免再次接收到相同更新凭证的密钥更新请求,对密钥进行无效操作。In a possible implementation manner, after the key management apparatus updates the key in the secure storage area, the update credential may be identified as an invalid state. In this way, it is possible to avoid receiving a key update request for the same update credential again and perform invalid operations on the key.
在一种可能的实现方式中,密钥管理装置还可以记录密钥的更新次数,也就是说,密钥管理装置在每次对安全存储区域中的密钥进行更新之后,还记录此次对密钥的更新,在记录 的密钥更新次数上加一。密钥管理装置记录密钥的更新次数便于后续对密钥进行管理,如限制密钥所允许的更新次数。In a possible implementation manner, the key management apparatus may also record the number of key updates, that is to say, after each update of the key in the secure storage area, the key management apparatus also records the current key update times. For key updates, add one to the recorded number of key updates. The key management device records the number of updates of the key to facilitate subsequent management of the key, such as limiting the number of updates allowed by the key.
在一种可能的实现方式中,密钥管理装置对安全存储区域中的密钥进行更新之前,可以先确定密钥的更新次数是否未小于预设次数,若密钥的更新次数小于预设次数,则密钥管理装置可以对密钥进行更新,若密钥的更新次数大于或等于预设次数,说明密钥的更新次数已经达到上限,密钥管理装置可以拒绝对密钥的更新。In a possible implementation manner, before updating the key in the secure storage area, the key management device may first determine whether the number of key updates is not less than the preset number of times, if the number of times of key update is less than the preset number of times , the key management device can update the key. If the number of key updates is greater than or equal to the preset number, it means that the number of key updates has reached the upper limit, and the key management device can refuse to update the key.
通过上述方法,通过预设次数限制密钥允许的更新次数,便于密钥管理装置对密钥进行管理,确保该密钥不会被无限次的修改。Through the above method, the allowed number of updates of the key is limited by the preset number of times, which facilitates the key management device to manage the key and ensures that the key will not be modified infinitely.
在一种可能的实现方式中,安全存储区域还包括密钥黑名单,密钥黑名单用于指示已失效的密钥。密钥管理装置可以利用密钥黑名单限制设备在安全启动、软件安装以及软件升级的过程中所使用的密钥,当设备在安全启动、软件安装以及软件升级的过程中所使用的密钥为密钥黑名单中指示的密钥,则停止该密钥的使用,或者不允许该密钥存储在安全存储区域(例如删除该密钥或拒绝该密钥存储在该安全存储区域)。当密钥黑名单中以直接记录已失效黑名单的情况下,此处不允许该密钥存储在安全存储区域,是指该密钥不允许存储在安全存储区域中除存储密钥黑名单的区域之外的区域。In a possible implementation manner, the secure storage area further includes a key blacklist, where the key blacklist is used to indicate an expired key. The key management device can use the key blacklist to restrict the keys used by the device in the process of secure booting, software installation and software upgrade. When the key used by the device in the process of secure booting, software installation and software upgrade is If the key indicated in the key blacklist is used, the use of the key is stopped, or the key is not allowed to be stored in the secure storage area (for example, the key is deleted or the key is rejected from being stored in the secure storage area). In the case of directly recording the expired blacklist in the key blacklist, the key is not allowed to be stored in the secure storage area, which means that the key is not allowed to be stored in the secure storage area except for storing the key blacklist. outside the area.
在一种可能的实现方式中,安全存储区域位于闪存或处理器中,闪存和处理器中存储的数据的安全性较高,能够保证该密钥不易被篡改,保证密钥的安全性。In a possible implementation manner, the secure storage area is located in the flash memory or the processor, and the data stored in the flash memory and the processor has high security, which can ensure that the key is not easily tampered, and the security of the key is ensured.
第二方面,本申请实施例还提供了一种密钥管理装置,该装置具有实现上述第一方面的方法实例中行为的功能,有益效果可以参见第一方面的描述此处不再赘述。所述功能可以通过硬件实现,也可以通过硬件执行相应的软件实现。所述硬件或软件包括一个或多个与上述功能相对应的模块。在一个可能的设计中,所述装置的结构中包括传输单元、存储单元、更新单元以及验证单元,这些单元可以执行上述第一方面方法示例中的相应功能,具体参见方法示例中的详细描述,此处不做赘述。In the second aspect, an embodiment of the present application further provides a key management device, which has the function of implementing the behavior in the method example of the first aspect. The functions can be implemented by hardware, or can be implemented by hardware executing corresponding software. The hardware or software includes one or more modules corresponding to the above functions. In a possible design, the structure of the apparatus includes a transmission unit, a storage unit, an update unit, and a verification unit, and these units can perform the corresponding functions in the method examples of the first aspect. For details, refer to the detailed descriptions in the method examples, It is not repeated here.
第三方面,本申请实施例还提供了一种装置,该装置具有实现上述第一方面的方法实例中行为的功能,有益效果可以参见第一方面的描述此处不再赘述。所述设备的结构中包括处理器和存储器,所述处理器被配置为支持所述设备执行上述第一方面方法中相应的功能。所述存储器与所述处理器耦合,其保存所述通信装置必要的程序指令和数据。所述通信装置的结构中还包括通信接口,用于与其他设备进行通信,如获取密钥或接收密钥更新请求。In a third aspect, an embodiment of the present application further provides an apparatus, which has a function of implementing the behavior in the method example of the first aspect. For beneficial effects, reference may be made to the description of the first aspect and will not be repeated here. The structure of the device includes a processor and a memory, and the processor is configured to support the device to perform the corresponding functions in the method of the first aspect. The memory is coupled to the processor and holds program instructions and data necessary for the communication device. The structure of the communication device further includes a communication interface for communicating with other devices, such as obtaining a key or receiving a key update request.
第四方面,本申请还提供一种计算机可读存储介质,所述计算机可读存储介质中存储有指令,当其在计算机上运行时,使得计算机执行上述第一方面所述的方法。In a fourth aspect, the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, when the computer-readable storage medium runs on a computer, the computer executes the method described in the first aspect.
第五方面,本申请还提供一种包含指令的计算机程序产品,当其在计算机上运行时,使得计算机执行上述第一方面所述的方法。In a fifth aspect, the present application further provides a computer program product comprising instructions, which, when run on a computer, cause the computer to perform the method described in the first aspect above.
第六方面,本申请还提供一种计算机芯片,所述芯片与存储器相连,所述芯片用于读取并执行所述存储器中存储的软件程序,执行上述第一方面所述的方法。In a sixth aspect, the present application further provides a computer chip, wherein the chip is connected to a memory, and the chip is configured to read and execute a software program stored in the memory, and execute the method described in the first aspect.
附图说明Description of drawings
图1A为本申请提供的一种系统的架构示意图;1A is a schematic diagram of the architecture of a system provided by the application;
图1B为本申请提供的一种安全启动所需启动的模块示意图;FIG. 1B is a schematic diagram of a module that needs to be activated for safe activation according to the present application;
图2为本申请提供的一种密钥管理方法示意图;2 is a schematic diagram of a key management method provided by the application;
图3为本申请提供的一种密钥管理装置的结构示意图;3 is a schematic structural diagram of a key management device provided by the application;
图4为本申请提供的一种密钥管理装置的结构示意图。FIG. 4 is a schematic structural diagram of a key management apparatus provided by the present application.
具体实施方式Detailed ways
如图1A所示,为本申请实施例提供的一种系统,该系统包括密钥管理装置100以及密钥更新装置200。As shown in FIG. 1A , a system provided by an embodiment of the present application includes a key management apparatus 100 and a key update apparatus 200 .
在本申请实施例中,密钥管理装置100可以位于设备中,对该设备在安全启动、软件安装、或软件升级过程中所需要的密钥进行管理,该管理操作包括但不限于:将该密钥存储在安全存储区域中、更新存储在安全存储区域中的密钥。In this embodiment of the present application, the key management apparatus 100 may be located in a device, and manage the keys required by the device during secure startup, software installation, or software upgrade. The management operations include but are not limited to: The keys are stored in the secure storage area, and the keys stored in the secure storage area are updated.
密钥更新装置200可以为独立于该设备的装置,也可以是部署在设备中的装置,在确定需要更新密钥时,能够向该密钥管理装置100发送密钥更新请求,以请求密钥管理装置100对密钥进行更新。The key update apparatus 200 may be an apparatus independent of the device, or may be a device deployed in the device. When it is determined that the key needs to be updated, it can send a key update request to the key management apparatus 100 to request the key The management device 100 updates the key.
这里并不限定密钥更新装置200确定需要更新密钥的方式,例如,用户可以在密钥更新装置200上操作,如选择需要更新的密钥、确定更新后的密钥,还可以加载更新凭证。密钥更新装置200在检测到用户的操作后,可以确定需要更新的密钥和更新后的密钥,还可以获取更新凭证;之后,密钥更新装置200可以向密钥管理装置100发送密钥更新请求,以请求密钥管理装置100对密钥进行更新。The manner in which the key update device 200 determines that the key needs to be updated is not limited here. For example, the user can operate on the key update device 200, such as selecting the key to be updated, determining the updated key, and loading the update certificate. . After detecting the operation of the user, the key update device 200 can determine the key that needs to be updated and the updated key, and can also obtain the update certificate; after that, the key update device 200 can send the key to the key management device 100 An update request to request the key management apparatus 100 to update the key.
下面对安全启动、软件安装以及软件升级的过程分别进行说明:The following describes the processes of secure boot, software installation, and software upgrade:
(1)、安全启动(1), safe boot
安全启动要求在设备启动过程中前一个启动的模块需要对后一个需要启动的模块进行验证,在验证通过后,才允许后一个模块启动。Secure boot requires that the previous module to be started needs to verify the next module that needs to be started during the device startup process, and the latter module is allowed to start only after the verification is passed.
下面以安全启动过程需要启动四个模块为例,参见图1B,如图1B所示,为设备启动过程中需要启动的四个模块,分别为模块A、模块B、模块C以及模块D。模块A、模块B、模块C以及模块D的启动顺序为模块A->模块B->模块C->模块D。The following is an example of four modules that need to be started during the safe boot process, see FIG. 1B , as shown in FIG. The startup sequence of module A, module B, module C, and module D is module A->module B->module C->module D.
模块A可以为设备中固件代码,是需要优先启动的模块,模块A可以是与该设备的处理器匹配的软件模块,可以是由处理器的生产厂家(这里以处理器的生产厂家为厂家1为例)配置在处理器中的。Module A can be the firmware code in the device, and it is the module that needs to be started first. Module A can be a software module matching the processor of the device, or it can be produced by the manufacturer of the processor (here, the manufacturer of the processor is the manufacturer 1). example) configured in the processor.
模块B、模块C、模块D可以是需要运行在处理器的软件模块,可以是来自其他生产厂家的软件模块。模块B的生产厂家为厂家2、模块C的生产厂家为厂家3、模块D的生产厂家为厂家4。Module B, module C, and module D may be software modules that need to run on the processor, or may be software modules from other manufacturers. The manufacturer of module B is manufacturer 2, the manufacturer of module C is manufacturer 3, and the manufacturer of module D is manufacturer 4.
模块B中携带有厂家2利用公钥b对应的私钥生成的签名B,模块C中携带有厂家3利用公钥c对应的私钥生成的签名C,模块D中携带有厂家4利用公钥d对应的私钥生成的签名D。Module B carries the signature B generated by manufacturer 2 using the private key corresponding to public key b, module C carries the signature C generated by manufacturer 3 using the private key corresponding to public key c, and module D carries the signature C generated by manufacturer 4 using the public key The signature D generated by the private key corresponding to d.
在该设备的存储区域中预先保存的模块B、模块C以及模块D的公钥分别为公钥b、公钥c以及公钥d。The public keys of module B, module C, and module D pre-stored in the storage area of the device are public key b, public key c, and public key d, respectively.
模块A由于为固定代码,优先启动,启动之后,模块A会先从该设备的存储区域获取模块B的公钥b,利用公钥b对模块B中携带的签名B进行验证,在验证通过,触发模块B进行启动。Because module A is a fixed code, it is started first. After startup, module A will first obtain the public key b of module B from the storage area of the device, and use the public key b to verify the signature B carried in module B. After the verification is passed, Trigger module B to start.
模块B启动之后,模块B会先从该设备的存储区域获取模块C的公钥c,利用公钥c对模块C中携带的签名C进行验证,在验证通过,触发模块C进行启动。After the module B is started, the module B will first obtain the public key c of the module C from the storage area of the device, and use the public key c to verify the signature C carried in the module C. After the verification is passed, the module C is triggered to start.
模块C启动之后,模块C会先从该设备的存储区域获取模块D的公钥d,利用公钥d对 模块D中携带的签名D进行验证,在验证通过,触发模块D进行启动。After the module C is started, the module C will first obtain the public key d of the module D from the storage area of the device, and use the public key d to verify the signature D carried in the module D. After the verification is passed, the module D is triggered to start.
需要说明的是,这里以设备在启动时模块A、模块B、模块C以及模块D均采用类似的方式对后续启动的模块进行验证,这种情况下,设备的存取区域中会存储多个公钥。在实际应用中,允许模块之间采用其他方式进行验证,也即设备在启动过程中可以采用前述说明中的方式对后续启动的模块进行验证与其他方式结合的方式。例如,设备的存储区域中可以仅存储公钥b,模块A对模块B的验证可以采用前述方式进行验证,模块B与模块C、模块C与模块D之间可以采用其他方式进行验证,这里并不限定其他验证方式。这种情况下存储区域仅存储公钥b。It should be noted that modules A, B, C, and D all use a similar method to verify the subsequently activated modules when the device starts up. In this case, the access area of the device will store multiple public key. In practical applications, other methods are allowed to be used for verification between modules, that is, the device can use the methods described in the foregoing description to verify the modules that are subsequently started in combination with other methods during the startup process. For example, only the public key b can be stored in the storage area of the device, the verification of module A to module B can be verified by the aforementioned method, and the verification between module B and module C, and module C and module D can be verified by other methods. Other verification methods are not limited. In this case, the storage area only stores the public key b.
在本申请实施例中公钥b、公钥c或公钥d可以存储在该设备的安全存储区域中,在本申请实施例中安全存储区域可以位于闪存(flash)中,如可以是嵌入式非易失性带重放保护闪存块(flash embeded multimedia card replay protect memory block,flash EMMC RPMB),闪存持久保护位(flash persistent protection bits,flash PPB),闪存牢固保护位(flash solid protection bits,flash SPB),也可以是位于该设备处理器中的安全存储区域。In the embodiment of the present application, the public key b, the public key c, or the public key d may be stored in the secure storage area of the device. In the embodiment of the present application, the secure storage area may be located in a flash memory (flash), such as an embedded Non-volatile flash embeded multimedia card replay protect memory block (flash EMMC RPMB), flash persistent protection bits (flash persistent protection bits, flash PPB), flash solid protection bits (flash solid protection bits, flash SPB), or a secure storage area located in the device processor.
在本申请实施例中,安全存储区域中存储的数据(如公钥)允许被更新,如删除、修改等。In this embodiment of the present application, the data (eg, the public key) stored in the secure storage area is allowed to be updated, such as deletion, modification, and the like.
(2)、软件安装(2), software installation
当需要在设备中安装软件(也可以称为软件代码)时,该设备获取该软件的安装包(该安装包可以理解为模块),该安装包中携带有利用公钥e对应的私钥生成的签名,当需要安装该软件时,设备先获取公钥e,该公钥e可以是存储在设备的存储区域中的,这里并不限定公钥e存储在存储区域的方式以及时间,可以是预先配置在该存储区域的,也可以是在确定需要安装该软件时,由其他装置将该公钥e写入存储区域的。该公钥e也可以是携带在该软件的安装包中的,当获取到该安装包时,设备可以从该安装包中获取该公钥e。When software (also referred to as software code) needs to be installed in the device, the device obtains an installation package of the software (the installation package can be understood as a module), and the installation package carries a private key generated by using the public key e. When the software needs to be installed, the device first obtains the public key e. The public key e can be stored in the storage area of the device. The method and time when the public key e is stored in the storage area is not limited here. If it is pre-configured in the storage area, it may also be written into the storage area by another device when it is determined that the software needs to be installed. The public key e may also be carried in an installation package of the software, and when the installation package is acquired, the device may acquire the public key e from the installation package.
设备利用公钥e对安装包中的签名进行验证,在验证通过后,利用该安装包安装该软件。The device uses the public key e to verify the signature in the installation package, and after the verification is passed, the installation package is used to install the software.
(3)、软件升级(3), software upgrade
当需要对设备中的软件进行升级时,该设备先获取该软件的升级包(该升级包可以理解为模块),该升级包中携带有利用公钥f对应的私钥生成的签名,当需要升级该软件时,设备先获取公钥f,该公钥f可以是存储在设备的存储区域中的,这里并不限定公钥f存储在存储区域的方式以及时间,可以是预先配置在该存储区域的,也可以是在确定需要升级该软件时,由其他装置将该公钥f写入存储区域的。该公钥f也可以是携带在该软件的升级包中的,当获取到该升级包时,设备可以从该升级包中获取该公钥f。When the software in the device needs to be upgraded, the device first obtains an upgrade package of the software (the upgrade package can be understood as a module), and the upgrade package carries a signature generated by using the private key corresponding to the public key f. When upgrading the software, the device first obtains the public key f, which can be stored in the storage area of the device. The method and time when the public key f is stored in the storage area is not limited here. It can be pre-configured in the storage area. If it is determined that the software needs to be upgraded, the public key f is written into the storage area by another device. The public key f may also be carried in an upgrade package of the software. When the upgrade package is obtained, the device can obtain the public key f from the upgrade package.
设备利用公钥f对升级包中的签名进行验证,在验证通过后,利用该升级包升级该软件。The device uses the public key f to verify the signature in the upgrade package, and after the verification is passed, the upgrade package is used to upgrade the software.
从上述说明中可知,在安全启动、软件安装以及软件升级的过程中,均需要使用公钥对待启动的模块、待安装的模块或待升级的模块进行验证,验证通过后才会进行启动、安装以及升级。以保证启动、软件安装以及软件升级的过程的安全性。It can be seen from the above description that in the process of secure boot, software installation and software upgrade, the public key needs to be used to verify the module to be started, the module to be installed or the module to be upgraded. and upgrades. In order to ensure the security of the process of startup, software installation and software upgrade.
目前,设备在安全启动、软件安装、或软件升级过程中所需要的公钥通常会保存在处理器中的eFuse中,由于eFuse中存储的数据一旦写入将无法修改,导致该处理器所在的单板与存储在eFuse中公钥对应的生产厂家(该生产厂家也即为模块的生产厂家)“绑定”。At present, the public key required by the device during the secure boot, software installation, or software upgrade process is usually stored in the eFuse in the processor. Since the data stored in the eFuse cannot be modified once written, the processor is located in the eFuse. The board is "bound" with the manufacturer corresponding to the public key stored in the eFuse (the manufacturer is also the manufacturer of the module).
以安全启动场景为例,这里的绑定是指单板与模块2的生产厂家(也即厂家2)的绑定关系,作为处理器所在单板的维修厂家的厂家1,在收到该单板时,不能更改该eFuse中存储的数据。也即厂家1并不能改变eFuse中存储的公钥。Taking the secure boot scenario as an example, the binding here refers to the binding relationship between the board and the manufacturer of module 2 (that is, manufacturer 2). The data stored in this eFuse cannot be changed while the board is on. That is, manufacturer 1 cannot change the public key stored in the eFuse.
另外,对于厂家1来说,每个单板可以与一个生产厂家绑定,不同的单板可能与不同的 生产厂家绑定,厂家1需要维护与不同生产厂家绑定的多个单板,这种维护方式成本较高,且不灵活。举例来说,目前存在两个单板,单板A为与生产厂家2绑定的单板,单板B为与生产厂家3绑定的单板,当厂家1收到单板A和单板B后,对单板A和单板B进行维修,只能在单板A维修完成后,返回给用户A,在单板B维修完成后,返回给用户B。若用户B急需单板B,在单板B未维修完成单板A维修完成的情况下,厂家1无法改写eFuse中存储的数据,无法改变单板A与生产厂家2的绑定关系,以用来应对用户B的需求。In addition, for manufacturer 1, each board can be bound to one manufacturer, and different boards may be bound to different manufacturers. Manufacturer 1 needs to maintain multiple boards bound to different manufacturers. This maintenance method is expensive and inflexible. For example, there are currently two veneers, veneer A is the veneer bound to manufacturer 2, and veneer B is the veneer bound to manufacturer 3. When manufacturer 1 receives veneer A and veneer After B, the maintenance of board A and board B can only be returned to user A after the maintenance of board A is completed, and returned to user B after the maintenance of board B is completed. If user B urgently needs board B, if board B has not been repaired and board A has been repaired, manufacturer 1 cannot rewrite the data stored in the eFuse, and cannot change the binding relationship between board A and manufacturer 2 to use to meet the needs of user B.
而在本申请实施例中,密钥管理装置100可以将设备在安全启动、软件安装、或软件升级过程中所需要的公钥存储在该设备的安全存储区域中,并且还能够在接收到密钥更新请求后,能够更新该公钥,也就是说,设备在安全启动、软件安装、或软件升级过程中所需要的公钥在保存到设备之后并非是固定不变的,设备中安装的软件模块发生变更时,例如软件模块升级,或替换为另一个软件模块等,可以通过更新公钥,保证该设备在软件模块发生变更后,仍能够正常进行安全启动、软件安装或软件升级等过程,提高了公钥配置的灵活性。However, in this embodiment of the present application, the key management apparatus 100 may store the public key required by the device in the process of secure booting, software installation, or software upgrading in the secure storage area of the device, and can also store the public key required by the device in the secure storage area of the device when receiving the key After the key update request, the public key can be updated, that is to say, the public key required by the device during the secure boot, software installation, or software upgrade process is not fixed after it is saved to the device. The software installed in the device When the module is changed, such as software module upgrade or replacement with another software module, etc., the public key can be updated to ensure that the device can still normally perform processes such as secure boot, software installation or software upgrade after the software module is changed. Improved flexibility of public key configuration.
另外,在单板的维修厂家中,作为单板的维修厂家可以通过密钥管理装置100变更安全存储区域中存储的公钥,以改变单板与厂家之间的绑定关系,应对不同的用户的需求,有效的提升了单板维修的灵活性。In addition, among the veneer maintenance manufacturers, the veneer maintenance manufacturer can change the public key stored in the secure storage area through the key management device 100, so as to change the binding relationship between the veneer and the manufacturer, and deal with different users. requirements, effectively improving the flexibility of veneer maintenance.
下面结合附图对本申请实施例提供的一种密钥管理方法进行说明,这里以密钥管理装置100对公钥进行管理为例进行说明,参见图2,该方法包括:A key management method provided by the embodiments of the present application will be described below with reference to the accompanying drawings. Here, the management of public keys by the key management apparatus 100 is used as an example for description. Referring to FIG. 2 , the method includes:
步骤201:密钥管理装置100获取公钥,该公钥为设备在安全启动、软件安装、或软件升级过程中所需要的公钥。Step 201: The key management apparatus 100 obtains a public key, which is a public key required by the device during a secure boot, software installation, or software upgrade process.
本申请实施例并不限密钥管理装置100获取该公钥的方式,例如,该公钥可以是在设备出场之前预先配置给密钥管理装置100的,也可以在设备出场之后,发送给该密钥管理装置100的。This embodiment of the present application does not limit the manner in which the key management apparatus 100 obtains the public key. For example, the public key may be pre-configured to the key management apparatus 100 before the device exits the scene, or may be sent to the key management apparatus 100 after the device exits the scene. of the key management device 100.
步骤202:密钥管理装置100在获取公钥后,可以将公钥存储至设备中的安全存储区域。Step 202: After acquiring the public key, the key management apparatus 100 may store the public key in a secure storage area in the device.
密钥管理装置100在获取公钥后,可以直接将该公钥存储至安全存储区域,也可以先对该公钥进行签名,在签名之后,将签名后的公钥存储至该安全存储区域。After acquiring the public key, the key management apparatus 100 may directly store the public key in the secure storage area, or may first sign the public key, and after signing, store the signed public key in the secure storage area.
在将公钥存储在安全存储区域之后,则可以对该公钥进行更新。After the public key is stored in the secure storage area, the public key can be updated.
步骤203:密钥更新装置200向密钥管理装置100发送密钥更新请求,密钥管理装置100接收密钥更新请求,密钥更新请求用于请求对公钥进行更新,该密钥更新请求中携带有更新凭证。该更新凭证是由信任平台签名、并发布的。这里并不限定该信任平台的类型,例如该信任平台可以是该设备或该设备中处理器的生产厂家,也可以是该厂家信任的平台,如该厂家信任的其他厂家,该设备运行的模块的生产厂家,也可以是权威机构,如证书颁发机构(certificate authority)。Step 203: The key update device 200 sends a key update request to the key management device 100, and the key management device 100 receives the key update request. The key update request is used to request to update the public key. Carry the renewal certificate. The update credential is signed and issued by the trusted platform. The type of the trusted platform is not limited here. For example, the trusted platform can be the manufacturer of the device or the processor in the device, or it can be a platform trusted by the manufacturer, such as other manufacturers trusted by the manufacturer, modules running on the device. It can also be an authoritative organization, such as a certificate authority (certificate authority).
密钥更新装置200在发送密钥更新请求之前,需要先获取更新凭证,更新凭证可以是由用户加载在密钥更新装置200中,也可以是密钥更新装置200向信任平台申请的,例如密钥更新装置200可以向信任平台发送凭证获取请求,请求信任平台签发更新凭证,该凭证获取请求中可以携带密钥更新装置200的身份信息,该凭证获取请求还可以指示需要更新的密钥、密钥的更新方式等。信任平台在接收到该凭证获取请求后,可以利用该密钥更新装置200的身份信息进行验证,在验证通过后,签发该更新凭证。本申请实施例并不限定密钥更新装置200获取更新凭证的方式。Before sending the key update request, the key update device 200 needs to obtain the update certificate first. The update certificate can be loaded in the key update device 200 by the user, or the key update device 200 applies to the trusted platform. The key update device 200 can send a credential acquisition request to the trusted platform, requesting the trusted platform to issue an update credential, the credential acquisition request can carry the identity information of the key update device 200, and the credential acquisition request can also indicate the key and password to be updated. How to update the key, etc. After receiving the certificate acquisition request, the trust platform can use the identity information of the key update device 200 to perform verification, and issue the update certificate after the verification is passed. The embodiments of the present application do not limit the manner in which the key update apparatus 200 obtains the update certificate.
更新凭证中可以携带有信任平台的签名信息,该签名信息可以利用信任平台的私钥生成的。该更新凭证还记录了该更新凭证所适用的设备或处理器,这里并不限定更新凭证还记录 了该更新凭证所适用的设备或处理器的方式,例如该更新凭证可以记录该设备或该设备的处理器的型号,也可以携带能够唯一标识该设备或该设备的处理器的信息。The update certificate may carry the signature information of the trust platform, and the signature information may be generated by using the private key of the trust platform. The update credential also records the device or processor to which the update credential is applicable, which is not limited to the manner in which the update credential also records the device or processor to which the update credential is applicable. For example, the update credential may record the device or the device. The model of the processor can also carry information that can uniquely identify the device or the processor of the device.
更新凭证还可以指示需要更新的公钥以及公钥更新方式。这里并不限定该更新凭证指示需要更新的公钥的方式,例如更新凭证中可以直接记录该需要更新的公钥。The update credential can also indicate which public key needs to be updated and how the public key is updated. The manner in which the update credential indicates the public key that needs to be updated is not limited here. For example, the update credential may directly record the public key that needs to be updated.
又例如,更新凭证可以记录该需要更新的公钥的标识信息,该标识信息可以是预先为该公钥配置的。对于存储在安全存储区域的公钥的标识信息,密钥管理装置100是可以获知的,这里并不限定密钥管理装置100获取该公钥的标识信息的方式,例如密钥管理装置100在接收到需要存储在安全存储区域的公钥时,可以同时接收该公钥的标识信息,密钥管理装置100可以保存该公钥的标识信息。又例如,密钥管理装置100可以通过发送查询消息向其他装置查询该公钥的标识信息。For another example, the update credential may record the identification information of the public key to be updated, and the identification information may be pre-configured for the public key. The key management apparatus 100 can know the identification information of the public key stored in the secure storage area, and the manner in which the key management apparatus 100 obtains the identification information of the public key is not limited here. When the public key needs to be stored in the secure storage area, the identification information of the public key can be received at the same time, and the key management apparatus 100 can save the identification information of the public key. For another example, the key management apparatus 100 may query other apparatuses for the identification information of the public key by sending a query message.
在本申请实施例中公钥更新方式包括但不限于:修改、删除、增加。In the embodiments of this application, the public key update methods include but are not limited to: modification, deletion, and addition.
当公钥更新方式为修改,说明需要对存储在安全存储区域的公钥进行修改,更新凭证中还可以携带修改后的公钥。当公钥更新方式为删除,说明需要对需要更新的公钥进行删除。当公钥更新方式为增加,说明在安全存储区域中增加新的公钥,更新凭证中还可以携带需要增加的公钥。When the public key update method is modification, it means that the public key stored in the secure storage area needs to be modified, and the update certificate can also carry the modified public key. When the public key update method is delete, it means that the public key that needs to be updated needs to be deleted. When the public key update method is Add, it means that a new public key is added to the secure storage area, and the update certificate can also carry the public key that needs to be added.
需要说明的是,当该设备中安全存储区域中仅存储了一个公钥,更新凭证也可以不指示需要更新的公钥。It should be noted that, when only one public key is stored in the secure storage area of the device, the update credential may not indicate the public key that needs to be updated.
步骤204:密钥管理装置100接收到密钥更新请求后,可以先获取该密钥更新请求中的更新凭证,对该更新凭证进行验证。Step 204: After receiving the key update request, the key management apparatus 100 may first obtain the update certificate in the key update request, and verify the update certificate.
密钥管理装置100对更新凭证进行验证时,可以利用该信任平台的公钥验证该更新凭证中的签名是否来自信任平台,这里并不限定密钥管理装置100获取信任平台的公钥的方式,例如该信任平台的公钥可以预先保存在该密钥管理装置100中,密钥管理装置100可以从本地获取该信任平台的公钥。又例如,密钥管理装置100可以再确定需要对更新凭证进行验证时,从该信任平台获取该信任平台的公钥,如在该信任平台的网站获取该信任平台的公钥。When the key management device 100 verifies the update certificate, it can use the public key of the trusted platform to verify whether the signature in the update certificate comes from the trusted platform. The method for the key management device 100 to obtain the public key of the trusted platform is not limited here. For example, the public key of the trusted platform may be stored in the key management apparatus 100 in advance, and the key management apparatus 100 may obtain the public key of the trusted platform locally. For another example, the key management apparatus 100 may obtain the public key of the trusted platform from the trusted platform, for example, obtain the public key of the trusted platform from the website of the trusted platform when it is determined that the update credential needs to be verified.
若该更新凭证的签名并非来自该信任平台,密钥管理装置100对该更新凭证验证失败,若该更新凭证的签名来自该信任平台,密钥管理装置100可以确定对该更新凭证验证通过,也可以进一步确认更新凭证指示的需要更新的公钥与存储在安全存储区域的公钥是否一致,在确认一致后,确定对该更新凭证验证通过,否则,验证失败。If the signature of the update certificate is not from the trusted platform, the key management device 100 fails to verify the update certificate. If the signature of the update certificate comes from the trusted platform, the key management device 100 can determine that the update certificate is verified successfully, and also It can be further confirmed whether the public key to be updated indicated by the update credential is consistent with the public key stored in the secure storage area, and after confirming the agreement, it is determined that the update credential is verified successfully, otherwise, the verification fails.
密钥管理装置100确认更新凭证指示的需要更新的公钥与存储在安全存储区域的公钥是否一致的方式与更新凭证指示需要更新的公钥的方式有关;例如,更新凭证中直接记录了需要更新的公钥,密钥管理装置100可以对更新凭证中记录的需要更新的公钥与存储在安全存储区域的公钥进行比对,确定是否一致。例如,更新凭证中利用需要更新的公钥的标识信息指示需要更新的公钥,密钥管理装置100可以确定更新凭证中记录的标识信息与存储在安全存储区域的公钥的标识信息是否一致。The manner in which the key management apparatus 100 confirms whether the public key that needs to be updated indicated by the update credential is consistent with the public key stored in the secure storage area is related to the manner in which the update credential indicates the public key that needs to be updated; For the updated public key, the key management apparatus 100 may compare the public key recorded in the update certificate to be updated with the public key stored in the secure storage area to determine whether they are consistent. For example, the identification information of the public key to be updated is used in the update certificate to indicate the public key to be updated, and the key management apparatus 100 can determine whether the identification information recorded in the update certificate is consistent with the identification information of the public key stored in the secure storage area.
步骤205:密钥管理装置100在对更新凭证验证通过后,可以根据更新凭证对存储在安全存储区域的公钥进行更新。Step 205: After the key management apparatus 100 has passed the verification of the update credential, it can update the public key stored in the secure storage area according to the update credential.
当更新凭证指示的公钥更新方式为修改,密钥管理装置100可以将存储在安全存储区域的公钥更新为更新凭证中指示的修改后的公钥。When the public key update mode indicated in the update credential is modification, the key management apparatus 100 may update the public key stored in the secure storage area to the modified public key indicated in the update credential.
当更新凭证指示的公钥更新方式为删除,密钥管理装置100可以将存储在安全存储区域的公钥删除。When the public key update method indicated by the update certificate is deletion, the key management apparatus 100 may delete the public key stored in the secure storage area.
当更新凭证指示的公钥更新方式为增加,密钥管理装置100可以将在安全存储区域中增 加更新凭证中携带的需要增加的公钥。When the public key update mode indicated by the update certificate is increase, the key management apparatus 100 may add the public key carried in the update certificate and need to be added in the secure storage area.
对于存储在安全存储区域的公钥,为了能够进一步保证对该公钥的更新操作有效性,如该公钥的更新操作只能由持有更新凭证特定的一方(如只能由设备的生产厂家或该生产厂家信任的一方)进行修改,或只能在特定时间段(如在返厂期间)内进行修改。为此,可以设置该更新凭证的有效状态,一个更新凭证只能对该公钥更新一次,当利用该更新凭证对存储在安全存储区域的公钥进行了一次修改之后,该更新凭证将无法继续使用。也就是说,密钥管理装置100根据更新凭证对存储在安全存储区域的公钥更新之后,该更新凭证也即变为失效凭证,密钥管理装置100可以将该更新凭证标识为失效状态。For the public key stored in the secure storage area, in order to further ensure the validity of the update operation of the public key, for example, the update operation of the public key can only be performed by a specific party holding the update certificate (for example, only by the manufacturer of the device). or a party trusted by the manufacturer), or only within a specific time period (such as during a return to the factory). To this end, the valid state of the update certificate can be set. An update certificate can only update the public key once. When the public key stored in the secure storage area is modified once by using the update certificate, the update certificate will not be able to continue. use. That is, after the key management apparatus 100 updates the public key stored in the secure storage area according to the update certificate, the update certificate becomes an invalid certificate, and the key management apparatus 100 can identify the update certificate as an invalid state.
这里并不限定将更新凭证标识为失效状态的方式,例如,密钥管理装置100可以保存该更新凭证,将该更新凭证标识为失效凭证,当再次接收到密钥更新请求后,密钥管理装置100可以先确定密钥更新请求中携带的更新凭证是否与保存的、标识的失效凭证一致,若一致,说明密钥更新请求中携带的更新凭证为失效凭证,密钥管理装置100可以拒绝该密钥更新请求,拒绝更新该公钥。The method of identifying the update certificate as an invalid state is not limited here. For example, the key management apparatus 100 may save the update certificate and identify the update certificate as an invalid certificate. After receiving the key update request again, the key management apparatus 100 can first determine whether the update credential carried in the key update request is consistent with the stored and identified invalid credential. If they are consistent, it means that the update credential carried in the key update request is an invalid credential, and the key management device 100 can reject the key. key update request, refuse to update the public key.
又例如,密钥管理装置100可以保存该更新凭证的标识信息(该更新凭证的标识信息可以是信任平台分配的、能够唯一指示该更新凭证的信息,该更新凭证的标识信息可以记录在该更新凭证中或携带在密钥更新请求中),当再次接收到密钥更新请求后,密钥管理装置100可以先确定密钥更新请求中携带的更新凭证的标识信息是否与保存的、失效凭证的标识信息一致,若一致,说明密钥更新请求中携带的更新凭证为失效凭证,密钥管理装置100可以拒绝该密钥更新请求,拒绝更新该公钥。For another example, the key management apparatus 100 may save the identification information of the update certificate (the identification information of the update certificate may be information allocated by the trust platform and can uniquely indicate the update certificate, and the identification information of the update certificate may be recorded in the update certificate certificate or carried in the key update request), after receiving the key update request again, the key management apparatus 100 may first determine whether the identification information of the update certificate carried in the key update request is the same as that of the stored or invalid certificate. If the identification information is consistent, it means that the update certificate carried in the key update request is an invalid certificate, and the key management apparatus 100 can reject the key update request and refuse to update the public key.
除了标识更新凭证的失效状态,还可以通过限制公钥的更新次数来保证更新操作的有效性。密钥管理装置100可以预先配置公钥的更新次数,将公钥的更新次数设置为预设次数,在每次对安全存储区域中的公钥进行更新之前,还确定公钥的更新次数是否超过预设次数,也即确认公钥的更新次数是否大于或等于预设次数。这里公钥的更新次数是指针对存储在安全存储区域的公钥已完成的更新的次数。In addition to identifying the invalid state of the update credential, the validity of the update operation can also be guaranteed by limiting the number of updates of the public key. The key management device 100 can pre-configure the number of updates of the public key, set the number of updates of the public key to a preset number, and before each update of the public key in the secure storage area, also determine whether the number of updates of the public key exceeds The preset number of times, that is, to confirm whether the update number of the public key is greater than or equal to the preset number of times. The number of updates of the public key here refers to the number of times the update has been completed for the public key stored in the secure storage area.
这里并不限定密钥管理装置100预先配置预设次数的方式,例如密钥管理装置100可以设置一个包括固定数量的比特位,每个比特位对应公钥的一次更新,公钥发生了一次更新之后,密钥管理装置100可以将该比特位的值改为设定值(如比特位的初始值为0,设定值为1),当该固定数量的比特位的值均变为设定值时,说明当前公钥的更新次数已达到预设次数。又例如,密钥管理装置100可以维持一个累计值,并设置该累计值的初始值等于该预设次数,每对存储在安全存储区域的公钥更新一次,该累计值的数量减少,当该累计值减少到0时,说明当前公钥的更新次数已达到预设次数。There is no limit to the way in which the key management apparatus 100 pre-configures the preset number of times. For example, the key management apparatus 100 may set a fixed number of bits, each bit corresponds to one update of the public key, and one update of the public key occurs. Afterwards, the key management apparatus 100 can change the value of the bit to a set value (for example, the initial value of the bit is 0, and the set value is 1). When the value of the fixed number of bits is changed to the set value When the value is set, it means that the update times of the current public key has reached the preset times. For another example, the key management apparatus 100 may maintain a cumulative value, and set the initial value of the cumulative value to be equal to the preset number of times. Each pair of public keys stored in the secure storage area is updated once, and the cumulative value is reduced. When the accumulated value is reduced to 0, it means that the update times of the current public key has reached the preset times.
若确认公钥的更新次数大于或等于预设次数,密钥管理装置100则可以拒绝此次对存储在安全存储区域的公钥的更新。If it is confirmed that the number of updates of the public key is greater than or equal to the preset number of times, the key management apparatus 100 may reject the update of the public key stored in the secure storage area this time.
若确认公钥的更新次数小于预设次数,密钥管理装置100对存储在安全存储区域的公钥进行更新,并记录此次对该公钥的更新,也即在每完成一次对存储在安全存储区域的公钥的更新,公钥的更新次数就会加一,该公钥的更新次数是随着对存储在安全存储区域的公钥的更新进行累加的。If it is confirmed that the number of updates of the public key is less than the preset number of times, the key management apparatus 100 updates the public key stored in the secure storage area, and records the update of the public key this time, that is, after each completion of the update of the public key stored in the secure storage area. When the public key of the storage area is updated, the number of updates of the public key will increase by one, and the number of updates of the public key is accumulated along with the update of the public key stored in the secure storage area.
当然,在本申请实施例中,也可以不限制公钥的更新次数,而仅是在本地记录公钥的更新次数。Of course, in this embodiment of the present application, the number of updates of the public key may not be limited, but only the number of updates of the public key is recorded locally.
在本申请实施例中,也可以将标识更新凭证的失效状态以及限制公钥的更新次数结合使用,例如,密钥管理装置100可以设置一个包括固定数量的比特位,每个比特位对应公钥的 一次更新,且每个比特位对应一个更新凭证,公钥发生了一次更新之后,密钥管理装置100可以将该比特位的值改为设定值(如比特位的初始值为0,设定值为1),该设定值既可以指示该公钥已发生了一次更新,也可以指示该比特位对应的更新凭证为失效状态,当该固定数量的比特位的值均变为设定值时,说明当前公钥的更新次数已达到预设次数,且固定数据的比特位对应的各个更新凭证也均已为失效状态。In this embodiment of the present application, it is also possible to use a combination of identifying the invalid state of the update certificate and limiting the number of updates of the public key. For example, the key management apparatus 100 may set a fixed number of bits, each bit corresponding to the public key. and each bit corresponds to an update certificate. After the public key is updated once, the key management device 100 can change the value of the bit to the set value (for example, the initial value of the bit is 0, set The fixed value is 1), the setting value can either indicate that the public key has been updated once, or it can indicate that the update certificate corresponding to the bit is in an invalid state. When the value of the fixed number of bits is set When the value is set, it means that the update times of the current public key has reached the preset times, and each update certificate corresponding to the bits of the fixed data has also been in an invalid state.
在一些场景中,私钥容易发生暴露或被窃取的情况,如果继续在设备的安全启动、软件安装以及软件升级的过程中继续使用该私钥对应的公钥会对该设备的安全性造成威胁。In some scenarios, the private key is likely to be exposed or stolen. If you continue to use the public key corresponding to the private key during the secure startup, software installation, and software upgrade of the device, the security of the device will be threatened. .
对于已暴露或被窃取的私钥,需要及时通知到密钥管理装置100,以阻止该私钥对应的公钥的使用,在本申请实施例中,安全存储区域中的可以包括公钥黑名单,该公钥黑名单可以指示已失效的公钥,该已失效的密钥是指示已停止使用的公钥(例如,运行在处理器中的软件模块的厂家已明确指示不再使用的公钥)。For the private key that has been exposed or stolen, the key management apparatus 100 needs to be notified in time to prevent the use of the public key corresponding to the private key. In this embodiment of the present application, the safe storage area may include a public key blacklist , the public key blacklist may indicate an expired public key, which is a public key that has been deactivated (for example, a public key that has been explicitly instructed to no longer be used by the manufacturer of a software module running in the processor) ).
这里并不限定公钥黑名单指示已失效的公钥的方式,例如该公钥黑名单可以直接记录已失效的公钥,又例如,该公钥黑名单可以直接记录已失效的公钥的标识信息。There is no limitation on the way in which the public key blacklist indicates an expired public key. For example, the public key blacklist can directly record the public key that has expired. For another example, the public key blacklist can directly record the identifier of the public key that has expired. information.
当密钥管理装置100在接收到需要存储在安全存储区域的公钥时,可以先确定该公钥是否为公钥黑名单所指示的公钥,若是,则拒绝将该公钥存储在安全存储区域,否则,将该公钥存储在安全存储区域。When the key management apparatus 100 receives a public key that needs to be stored in the secure storage area, it may first determine whether the public key is the public key indicated by the public key blacklist, and if so, refuse to store the public key in the secure storage area. area, otherwise, store the public key in a secure storage area.
当密钥管理装置100在接收到密钥更新请求时,可以先确定密钥更新请求中携带的更新后的公钥是否为公钥黑名单所指示的公钥,若是,则拒绝对存储在安全存储区域的公钥进行更新,否则,根据更新凭证对存储在安全存储区域的公钥进行更新。When the key management device 100 receives the key update request, it can first determine whether the updated public key carried in the key update request is the public key indicated by the public key blacklist, and if so, reject the public key stored in the security The public key in the storage area is updated, otherwise, the public key stored in the secure storage area is updated according to the update credential.
当设备在安全启动、软件安装以及软件升级的过程中,也可以利用该公钥黑名单识别设备在安全启动、软件安装以及软件升级的过程中使用的公钥是否已失效。When the device is in the process of secure boot, software installation and software upgrade, the public key blacklist can also be used to identify whether the public key used by the device in the process of secure boot, software installation and software upgrade has become invalid.
设备在安全启动时,获取对待启动的模块进行验证所需的公钥,例如存储在安全存储区域的公钥或该安装包中携带的公钥,确定该公钥是否为公钥黑名单指示的公钥,若是,则停止启动该模块,否则,启动该模块。When the device starts securely, it obtains the public key required to verify the module to be started, such as the public key stored in the secure storage area or the public key carried in the installation package, and determines whether the public key is indicated by the public key blacklist. Public key, if so, stop starting the module, otherwise, start the module.
设备在安装软件时,获取对待安装的安装包进行验证所需的公钥,例如存储在安全存储区域的公钥或该安装包中携带的公钥,确定该公钥是否为公钥黑名单指示的公钥,若是,则停止安装该软件,否则,安装该软件。When installing the software, the device obtains the public key required to verify the installation package to be installed, such as the public key stored in the secure storage area or the public key carried in the installation package, to determine whether the public key is a public key blacklist indication If yes, stop installing the software, otherwise, install the software.
设备在升级软件时,获取对软件的升级包进行验证所需的公钥,例如存储在安全存储区域的公钥或该升级包中携带的公钥,确定该公钥是否为公钥黑名单指示的公钥,若是,则停止升级该软件,否则,升级该软件。When the device upgrades the software, it obtains the public key required to verify the software upgrade package, such as the public key stored in the secure storage area or the public key carried in the upgrade package, to determine whether the public key is a public key blacklist indication If it is, then stop upgrading the software, otherwise, upgrade the software.
需要说明的是,在本申请实施例中以将对密钥直接存储或更新为例,在实际应用中,也可以存储密钥的关联信息,如对该密钥进行哈希运算后获得的哈希值,该密钥的哈希值的作用与密钥的作用等同,可以利用如图2所示的实施例的方式存储该密钥的关联信息、更新该密钥的关联信息。It should be noted that, in the embodiments of this application, the key is directly stored or updated as an example. In practical applications, the associated information of the key can also be stored, such as the hash obtained by performing the hash operation on the key. The function of the hash value of the key is the same as the function of the key, and the associated information of the key can be stored and updated in the manner of the embodiment shown in FIG. 2 .
基于与方法实施例同一发明构思,本申请实施例还提供了一种密钥管理装置,用于执行上述如图2所示的方法实施例中所述密钥管理装置执行的方法,相关特征可参见上述方法实施例,此处不再赘述。Based on the same inventive concept as the method embodiment, an embodiment of the present application further provides a key management apparatus, which is used to execute the method performed by the key management apparatus in the method embodiment shown in FIG. 2, and the relevant features may be Refer to the above method embodiments, which are not repeated here.
如图3所示,所述密钥管理装置300包括接传输单元302、存储单元301、以及更新单元303。As shown in FIG. 3 , the key management apparatus 300 includes a transmission unit 302 , a storage unit 301 , and an update unit 303 .
存储单元301,用于将密钥存储至设备中的安全存储区域,密钥为设备在安全启动、软件安装、或软件升级过程中所需要的密钥。The storage unit 301 is configured to store a key in a secure storage area in the device, where the key is a key required by the device during secure startup, software installation, or software upgrade.
传输单元302,用于接收密钥更新请求,密钥更新请求中包括更新凭证,更新凭证是由信任平台签名、并发布的。The transmission unit 302 is configured to receive a key update request, where the key update request includes an update certificate, and the update certificate is signed and issued by a trusted platform.
更新单元303,用于在对更新凭证验证通过之后,对密钥进行更新。The updating unit 303 is configured to update the key after the verification of the update credential is passed.
在一种可能的实现方式中,存储在该安全存储区域中的密钥可以是对设备中需运行的软件代码进行验证所需的密钥。该设备除了软件代码还可以包括固件代码,该固定代码是在设备启动过程中最先需要启动或运行的。In a possible implementation, the key stored in the secure storage area may be a key required to verify the software code to be run in the device. In addition to the software code, the device may also include firmware code, and the fixed code needs to be started or run first during the device startup process.
对设备需运行的固件代码进行验证所需的固件密钥可以存储在安全存储区域,也可以存储在该设备的电子熔断器中,也即固件密钥和软件密钥存储在不同的区域中,电子熔断器中的存储的固件密钥不能被修改,当然,该固件密钥也可以存储在其他不允许修改的存储区域中。The firmware key required to verify the firmware code that the device needs to run can be stored in a secure storage area or in the device's electronic fuse, i.e. the firmware key and the software key are stored in different areas, The firmware key stored in the electronic fuse cannot be modified. Of course, the firmware key can also be stored in other storage areas that are not allowed to be modified.
在一种可能的实现方式中,当对设备进行安全启动时,密钥管理装置还包括验证单元304,验证单元304可以从电子熔断器中读取固件密钥,利用固件密钥对固件代码进行验证,具体的,对固件代码的签名(该签名是利用该固件密钥对应的私钥生成的)进行验证。所述软件代码和所述固件代码可以来自不同厂家。In a possible implementation manner, when the device is securely booted, the key management apparatus further includes a verification unit 304, and the verification unit 304 can read the firmware key from the electronic fuse, and use the firmware key to perform a verification operation on the firmware code. The verification, specifically, is to verify the signature of the firmware code (the signature is generated by using the private key corresponding to the firmware key). The software code and the firmware code may be from different manufacturers.
验证单元304在利用固件密钥对固件代码验证通过后,则允许该固件代码运行,在运行固件代码后,验证单元304还可以从安全存储区域读取密钥,利用密钥对软件代码进行验证,具体的,对软件代码的签名(该签名是利用该密钥对应的私钥生成的)进行验证。在利用密钥对软件代码验证通过后,允许运行该软件代码。After the verification unit 304 uses the firmware key to verify the firmware code, the firmware code is allowed to run. After running the firmware code, the verification unit 304 can also read the key from the secure storage area, and use the key to verify the software code. Specifically, the signature of the software code (the signature is generated by using the private key corresponding to the key) is verified. After the software code is verified through the key pair, the software code is allowed to run.
当设备在安装该软件代码时,验证单元304可以从安全存储区域中获取该密钥,对该软代码的安装包进行验证,也即对该安装包上携带的签名进行验证,在验证通过后,允许安装该软件代码,也即通过该安装包安装该软件代码。When the device is installing the software code, the verification unit 304 can obtain the key from the secure storage area, and verify the installation package of the software code, that is, verify the signature carried on the installation package. , allowing the software code to be installed, that is, installing the software code through the installation package.
当设备在升级该软件代码时,验证单元304可以从安全存储区域中获取该密钥,对该软代码的升级包进行验证,也即对该升级包上携带的签名进行验证,在验证通过后,允许升级该软件代码,也即通过该升级包升级该软件代码。When the device is upgrading the software code, the verification unit 304 can obtain the key from the secure storage area, and verify the upgrade package of the software code, that is, verify the signature carried on the upgrade package. , allowing to upgrade the software code, that is, to upgrade the software code through the upgrade package.
作为一种可能的实施方式,存储单元301在将密钥存储至设备中的安全存储区域时,可以直接将该密钥存储在安全存储区域,也可以先对密钥进行签名,将签名后的密钥存储至安全存储区域。As a possible implementation, when the storage unit 301 stores the key in the secure storage area of the device, it may directly store the key in the secure storage area, or may first sign the key, and then sign the signed key. The key is stored in a secure storage area.
作为一种可能的实施方式,更新单元303在对更新凭证进行验证时,可以确认更新凭证的签名是否来自信任平台;在确定更新凭证的签名来自信任平台后,对该更新凭证验证通过,否则,验证失败。若更新凭证还指示了需要更新的密钥,更新单元在对更新凭证验证通过时,除了确认更新凭证的签名是否来自信任平台,还可以确认更新凭证指示的需要更新的密钥与存储在安全存储区域的密钥是否一致。在确认更新凭证的签名来自信任平台以及更新凭证指示的需要更新的密钥与存储在安全存储区域的密钥一致的情况下,对该更新凭证验证通过,否则验证失败。As a possible implementation manner, when the update unit 303 verifies the update certificate, it can confirm whether the signature of the update certificate comes from the trust platform; after determining that the signature of the update certificate comes from the trust platform, the update certificate is verified to pass, otherwise, verification failed. If the update certificate also indicates the key that needs to be updated, when the update unit passes the verification of the update certificate, in addition to confirming whether the signature of the update certificate comes from the trusted platform, it can also confirm that the key to be updated indicated by the update certificate is stored in the secure storage Whether the keys of the region are the same. If it is confirmed that the signature of the update credential comes from the trusted platform and the key to be updated indicated by the update credential is consistent with the key stored in the secure storage area, the verification of the update credential passes, otherwise the verification fails.
作为一种可能的实施方式,更新单元303在对安全存储区域中的密钥进行更新之后,将更新凭证标识为失效状态。As a possible implementation manner, after updating the key in the secure storage area, the updating unit 303 identifies the update credential as an invalid state.
作为一种可能的实施方式,更新单元303在对安全存储区域中的密钥进行更新之后,还可以记录密钥的更新次数。As a possible implementation manner, after updating the key in the secure storage area, the updating unit 303 may also record the number of times of updating the key.
作为一种可能的实施方式,更新单元303在对安全存储区域中的密钥进行更新之前,可以确定密钥的更新次数是否小于预设次数,若小于,则对安全存储区域中的密钥进行更新,否则,拒绝对密钥进行更新。As a possible implementation manner, before updating the key in the secure storage area, the update unit 303 may determine whether the number of times of key update is less than a preset number of times, and if it is less than the number of times of updating the key in the secure storage area, update the key in the secure storage area. Update, otherwise, refuse to update the key.
作为一种可能的实施方式,安全存储区域还包括密钥黑名单,黑名单用于指示已失效的密钥。As a possible implementation, the secure storage area further includes a key blacklist, where the blacklist is used to indicate expired keys.
作为一种可能的实施方式,安全存储区域位于闪存或处理器中。As a possible implementation, the secure storage area is located in the flash memory or in the processor.
需要说明的是,本申请实施例中对单元的划分是示意性的,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。在本申请的实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。It should be noted that the division of units in the embodiments of the present application is illustrative, and is only a logical function division, and other division methods may be used in actual implementation. Each functional unit in the embodiments of the present application may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit. The above-mentioned integrated units may be implemented in the form of hardware, or may be implemented in the form of software functional units.
上述实施例,可以全部或部分地通过软件、硬件、固件或其他任意组合来实现。当使用软件实现时,上述实施例可以全部或部分地以计算机程序产品的形式实现。所述计算机程序产品包括一个或多个计算机指令。在计算机上加载或执行所述计算机程序指令时,全部或部分地产生按照本发明实施例所述的流程或功能。所述计算机可以为通用计算机、专用计算机、计算机网络、或者其他可编程装置。所述计算机指令可以存储在计算机可读存储介质中,或者从一个计算机可读存储介质向另一个计算机可读存储介质传输,例如,所述计算机指令可以从一个网站站点、计算机、服务器或数据中心通过有线(例如同轴电缆、光纤、数字用户线(DSL))或无线(例如红外、无线、微波等)方式向另一个网站站点、计算机、服务器或数据中心进行传输。所述计算机可读存储介质可以是计算机能够存取的任何可用介质或者是包含一个或多个可用介质集合的服务器、数据中心等数据存储设备。所述可用介质可以是磁性介质(例如,软盘、硬盘、磁带)、光介质(例如,DVD)、或者半导体介质。半导体介质可以是固态硬盘(solid state drive,SSD)。The above embodiments may be implemented in whole or in part by software, hardware, firmware or any other combination. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded or executed on a computer, all or part of the processes or functions described in the embodiments of the present invention are generated. The computer may be a general purpose computer, special purpose computer, computer network, or other programmable device. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be downloaded from a website site, computer, server, or data center Transmission to another website site, computer, server, or data center is by wire (eg, coaxial cable, optical fiber, digital subscriber line (DSL)) or wireless (eg, infrared, wireless, microwave, etc.). The computer-readable storage medium may be any available medium that a computer can access, or a data storage device such as a server, a data center, or the like containing one or more sets of available media. The usable media may be magnetic media (eg, floppy disks, hard disks, magnetic tapes), optical media (eg, DVDs), or semiconductor media. The semiconductor medium may be a solid state drive (SSD).
在一个简单的实施例中,本领域的技术人员可以想到如图3所示的实施例中密钥管理装置可采用图4所示的形式。In a simple embodiment, those skilled in the art can think that the key management apparatus in the embodiment shown in FIG. 3 can take the form shown in FIG. 4 .
如图4所示的装置400,包括至少一个处理器401、存储器402,可选的,还可以包括通信接口403。The apparatus 400 shown in FIG. 4 includes at least one processor 401 , a memory 402 , and optionally, a communication interface 403 .
存储器402可以是易失性存储器,例如随机存取存储器;存储器402也可以是非易失性存储器,例如只读存储器,快闪存储器,硬盘(hard disk drive,HDD)或固态硬盘(solid-state drive,SSD)、或者存储器402是能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。存储器402可以是上述存储器的组合。本申请实施例中的安全存储区域可以位于该存储器402中,例如位于该存储器402的非易失性存储器中。The memory 402 can be a volatile memory, such as random access memory; the memory 402 can also be a non-volatile memory, such as read-only memory, flash memory, hard disk drive (HDD) or solid-state drive (solid-state drive) , SSD), or memory 402 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited thereto. Memory 402 may be a combination of the above-described memories. The secure storage area in this embodiment of the present application may be located in the memory 402 , for example, in a nonvolatile memory of the memory 402 .
本申请实施例中不限定上述处理器401以及存储器402之间的具体连接介质。The specific connection medium between the above-mentioned processor 401 and the memory 402 is not limited in this embodiment of the present application.
处理器401可以为中央处理器(central processing unit,CPU),该处理器401还可以是其他通用处理器、数字信号处理器(digital signal process,DSP)、专用集成电路(application specific integrated circuit,ASIC)、现场可编程门阵列(field programmable gate array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件、人工智能芯片、片上芯片等。通用处理器可以是微处理器或者是任何常规的处理器等。具有数据收发功能,能够与其他设备进行通信,在如图4装置中,也可以设置独立的数据收发模块,例如通信接口403,用于收发数据;处理器401在与其他设备进行通信时,可以通过通信接口403进行数据传输,如接收密钥或密钥更新请求。The processor 401 may be a central processing unit (central processing unit, CPU), and the processor 401 may also be other general-purpose processors, digital signal processors (digital signal process, DSP), application specific integrated circuit (application specific integrated circuit, ASIC) ), field programmable gate array (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, artificial intelligence chips, chips on a chip, etc. A general purpose processor may be a microprocessor or any conventional processor or the like. It has the function of data sending and receiving, and can communicate with other devices. In the device as shown in Figure 4, an independent data sending and receiving module can also be set, such as the communication interface 403, which is used to send and receive data; when the processor 401 communicates with other devices, it can Data transmission, such as receiving a key or a key update request, is performed through the communication interface 403 .
当所述密钥管理装置采用图4所示的形式时,图4中的处理器401可以通过调用存储器402中存储的计算机执行指令,使得所述密钥管理装置可以执行上述任一方法实施例中的所述密钥管理装置执行的方法。When the key management apparatus adopts the form shown in FIG. 4 , the processor 401 in FIG. 4 can execute instructions by invoking the computer stored in the memory 402 , so that the key management apparatus can execute any of the above method embodiments The method performed by the key management apparatus in .
具体的,图3的传输单元、存储单元、更新单元以及验证单元的功能/实现过程均可以通过图4中的处理器401调用存储器402中存储的计算机执行指令来实现。或者,图3中的存储单元、以及更新单元的功能/实现过程可以通过图4中的处理器401调用存储器402中存储的计算机执行指令来实现,图3的传输单元的功能/实现过程可以通过图4中的通信接口403来实现。Specifically, the functions/implementation processes of the transmission unit, the storage unit, the update unit, and the verification unit in FIG. 3 can all be implemented by the processor 401 in FIG. 4 calling the computer-executed instructions stored in the memory 402 . Alternatively, the function/implementation process of the storage unit and the update unit in FIG. 3 can be implemented by calling the computer execution instructions stored in the memory 402 by the processor 401 in FIG. 4 , and the function/implementation process of the transmission unit in FIG. 3 can be implemented by The communication interface 403 in FIG. 4 is implemented.
本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。As will be appreciated by those skilled in the art, the embodiments of the present application may be provided as a method, a system, or a computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
本申请是参照根据本申请的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the present application. It will be understood that each flow and/or block in the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to the processor of a general purpose computer, special purpose computer, embedded processor or other programmable data processing device to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing device produce Means for implementing the functions specified in a flow or flow of a flowchart and/or a block or blocks of a block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory result in an article of manufacture comprising instruction means, the instructions The apparatus implements the functions specified in the flow or flows of the flowcharts and/or the block or blocks of the block diagrams.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded on a computer or other programmable data processing device to cause a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process such that The instructions provide steps for implementing the functions specified in the flow or blocks of the flowcharts and/or the block or blocks of the block diagrams.
显然,本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请范围。这样,倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the present application without departing from the scope of the present application. Thus, if these modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is also intended to include these modifications and variations.

Claims (21)

  1. 一种密钥管理方法,其特征在于,所述方法包括:A key management method, characterized in that the method comprises:
    将密钥存储至设备中的安全存储区域,所述密钥为所述设备在安全启动、软件安装、或软件升级过程中所需要的密钥;storing a key in a secure storage area in the device, where the key is a key required by the device during secure startup, software installation, or software upgrade;
    接收密钥更新请求,所述密钥更新请求中包括更新凭证,所述更新凭证是由信任平台签名、并发布的;receiving a key update request, where the key update request includes an update credential, and the update credential is signed and issued by a trusted platform;
    在对所述更新凭证验证通过之后,对所述密钥进行更新。After the verification of the update credential is passed, the key is updated.
  2. 如权利要求1所述的方法,其特征在于,所述密钥是对所述设备中需运行的软件代码进行验证所需的密钥,所述设备中电子熔断器中存储有固件密钥,所述固件密钥为对所述设备需运行的固件代码进行验证所需的密钥,所述电子熔断器不包括所述安全存储区域。The method of claim 1, wherein the key is a key required for verifying software codes to be run in the device, and an electronic fuse in the device stores a firmware key, The firmware key is a key required for verifying the firmware code to be run by the device, and the electronic fuse does not include the secure storage area.
  3. 如权利要求2所述的方法,其特征在于,所述方法还包括:The method of claim 2, wherein the method further comprises:
    当对所述设备进行安全启动时,从所述电子熔断器中读取所述固件密钥,在利用所述固件密钥对所述固件代码验证通过后,运行所述固件代码;When the device is safely booted, the firmware key is read from the electronic fuse, and after the firmware code is verified by the firmware key, the firmware code is run;
    从所述安全存储区域读取所述密钥,在利用所述密钥对所述软件代码验证通过后,允许运行所述软件代码。The key is read from the secure storage area, and after the software code is verified with the key, the software code is allowed to run.
  4. 如权利要求1~3任一所述的方法,其特征在于,所述将密钥存储至设备中的安全存储区域,包括:The method according to any one of claims 1 to 3, wherein the storing the key in a secure storage area in the device comprises:
    对所述密钥进行签名,将签名后的密钥存储至所述安全存储区域。The key is signed, and the signed key is stored in the secure storage area.
  5. 如权利要求1~4任一所述的方法,其特征在于,所述更新凭证用于指示需要更新的密钥,对所述更新凭证验证通过,包括:The method according to any one of claims 1 to 4, wherein the update credential is used to indicate a key that needs to be updated, and the verification of the update credential is passed, comprising:
    确认所述更新凭证的签名来自所述信任平台;confirming that the signature of the updated credential is from the trusted platform;
    确认所述更新凭证指示的需要更新的密钥与存储在所述安全存储区域的密钥一致。Confirm that the key to be updated indicated by the update credential is consistent with the key stored in the secure storage area.
  6. 如权利要求1~5任一项所述的方法,其特征在于,所述对安全存储区域中的密钥进行更新之后,还包括:The method according to any one of claims 1 to 5, wherein after updating the key in the secure storage area, the method further comprises:
    将所述更新凭证标识为失效状态。The update credential is identified as an expired state.
  7. 如权利要求1~6任一所述的方法,其特征在于,所述对安全存储区域中的密钥进行更新之后,还包括:The method according to any one of claims 1 to 6, wherein after updating the key in the secure storage area, the method further comprises:
    记录所述密钥的更新次数。Record the number of times the key is updated.
  8. 如权利要求7所述的方法,其特征在于,所述对安全存储区域中的密钥进行更新之前,还包括:The method according to claim 7, wherein before updating the key in the secure storage area, the method further comprises:
    确定所述密钥的更新次数小于预设次数。It is determined that the number of times the key is updated is less than a preset number of times.
  9. 如权利要求1~8任一所述的方法,其特征在于,所述安全存储区域还包括密钥黑名单,所述黑名单用于指示已失效的密钥。The method according to any one of claims 1 to 8, wherein the secure storage area further comprises a key blacklist, wherein the blacklist is used to indicate expired keys.
  10. 如权利要求1~9任一所述的方法,其特征在于,所述安全存储区域位于闪存或处理器中。The method according to any one of claims 1 to 9, wherein the secure storage area is located in a flash memory or a processor.
  11. 一种密钥管理装置,其特征在于,所述装置包括:A key management device, characterized in that the device comprises:
    存储单元,用于将密钥存储至设备中的安全存储区域,所述密钥为所述设备在安全启动、软件安装、或软件升级过程中所需要的密钥;a storage unit, configured to store a key in a secure storage area in the device, where the key is a key required by the device during secure startup, software installation, or software upgrade;
    传输单元,用于接收密钥更新请求,所述密钥更新请求中包括更新凭证,所述更新凭证是由信任平台签名、并发布的;a transmission unit, configured to receive a key update request, where the key update request includes an update credential, and the update credential is signed and issued by a trusted platform;
    更新单元,用于在对所述更新凭证验证通过之后,对所述密钥进行更新。An update unit, configured to update the key after passing the verification of the update credential.
  12. 如权利要求11所述的装置,其特征在于,所述密钥是对所述设备中需运行的软件代码进行验证所需的密钥,所述设备中电子熔断器中存储有固件密钥,所述固件密钥为对所述设备需运行的固件代码进行验证所需的密钥,所述电子熔断器不包括所述安全存储区域。The apparatus of claim 11, wherein the key is a key required to verify the software code to be run in the device, and the electronic fuse in the device stores a firmware key, The firmware key is a key required for verifying the firmware code to be run by the device, and the electronic fuse does not include the secure storage area.
  13. 如权利要求12所述的装置,其特征在于,所述装置还包括验证单元;The apparatus of claim 12, wherein the apparatus further comprises a verification unit;
    所述验证单元,用于当对所述设备进行安全启动时,从所述电子熔断器中读取所述固件密钥,在利用所述固件密钥对所述固件代码验证通过后,运行所述固件代码;The verification unit is configured to read the firmware key from the electronic fuse when the device is safely activated, and after the firmware code is verified by the firmware key, run the firmware. the firmware code;
    从所述安全存储区域读取所述密钥,在利用所述密钥对所述软件代码验证通过后,允许运行所述软件代码。The key is read from the secure storage area, and after the software code is verified with the key, the software code is allowed to run.
  14. 如权利要求11~13任一所述的装置,其特征在于,所述存储单元在将密钥存储至设备中的安全存储区域时,具体用于:The apparatus according to any one of claims 11 to 13, wherein when the storage unit stores the key in a secure storage area in the device, it is specifically used for:
    对所述密钥进行签名,将签名后的密钥存储至所述安全存储区域。The key is signed, and the signed key is stored in the secure storage area.
  15. 如权利要求11~14任一所述的装置,其特征在于,所述更新凭证用于指示需要更新的密钥,所述更新单元在对所述更新凭证验证通过时,具体用于:The device according to any one of claims 11 to 14, wherein the update credential is used to indicate a key that needs to be updated, and when the update credential is successfully verified, the update unit is specifically configured to:
    确认所述更新凭证的签名来自所述信任平台;confirming that the signature of the updated credential is from the trusted platform;
    确认所述更新凭证指示的需要更新的密钥与存储在所述安全存储区域的密钥一致。Confirm that the key to be updated indicated by the update credential is consistent with the key stored in the secure storage area.
  16. 如权利要求11~15任一所述的装置,其特征在于,所述更新单元在对安全存储区域中的密钥进行更新之后,还用于:The apparatus according to any one of claims 11 to 15, characterized in that, after updating the key in the secure storage area, the updating unit is further configured to:
    将所述更新凭证标识为失效状态。The update credential is identified as an expired state.
  17. 如权利要求11~16任一所述的装置,其特征在于,所述更新单元在对安全存储区域中的密钥进行更新之后,还用于:The apparatus according to any one of claims 11 to 16, wherein after updating the key in the secure storage area, the updating unit is further configured to:
    记录所述密钥的更新次数。Record the number of times the key is updated.
  18. 如权利要求17所述的装置,其特征在于,所述更新单元在对安全存储区域中的密钥进行更新之前,还用于:The device according to claim 17, wherein before the update unit updates the key in the secure storage area, it is further configured to:
    确定所述密钥的更新次数未超过预设次数。It is determined that the number of times the key is updated does not exceed a preset number of times.
  19. 如权利要求11~18任一所述的装置,其特征在于,所述安全存储区域还包括密钥黑名单,所述黑名单用于指示已失效的密钥。The apparatus according to any one of claims 11 to 18, wherein the secure storage area further includes a key blacklist, wherein the blacklist is used to indicate an expired key.
  20. 如权利要求11~19任一所述的装置,其特征在于,所述安全存储区域位于闪存或处理器中。The apparatus according to any one of claims 11 to 19, wherein the secure storage area is located in a flash memory or a processor.
  21. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有计算机可执行指令,所述计算机可执行指令用于使计算机执行权利要求1至10任一项所述的方法。A computer-readable storage medium, characterized in that, the computer-readable storage medium stores computer-executable instructions, and the computer-executable instructions are used to cause a computer to execute the method of any one of claims 1 to 10.
PCT/CN2021/123924 2020-12-03 2021-10-14 Key management method and apparatus WO2022116708A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202011411476.6A CN114598456A (en) 2020-12-03 2020-12-03 Key management method and device
CN202011411476.6 2020-12-03

Publications (1)

Publication Number Publication Date
WO2022116708A1 true WO2022116708A1 (en) 2022-06-09

Family

ID=81802880

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/123924 WO2022116708A1 (en) 2020-12-03 2021-10-14 Key management method and apparatus

Country Status (2)

Country Link
CN (1) CN114598456A (en)
WO (1) WO2022116708A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103595530A (en) * 2012-08-17 2014-02-19 华为技术有限公司 Software secret key updating method and device
US20140359268A1 (en) * 2013-06-03 2014-12-04 Broadcom Corporation Methods of Securely Changing the Root Key of a Chip, and Related Electronic Devices and Chips
US20180183590A1 (en) * 2016-12-27 2018-06-28 Realtek Semiconductor Corporation Electronic component of electronic device, method of starting electronic device and encryption method
CN108287999A (en) * 2017-01-10 2018-07-17 厦门雅迅网络股份有限公司 A kind of startup method that system based on TrustZone is credible

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103595530A (en) * 2012-08-17 2014-02-19 华为技术有限公司 Software secret key updating method and device
US20140359268A1 (en) * 2013-06-03 2014-12-04 Broadcom Corporation Methods of Securely Changing the Root Key of a Chip, and Related Electronic Devices and Chips
US20180183590A1 (en) * 2016-12-27 2018-06-28 Realtek Semiconductor Corporation Electronic component of electronic device, method of starting electronic device and encryption method
CN108287999A (en) * 2017-01-10 2018-07-17 厦门雅迅网络股份有限公司 A kind of startup method that system based on TrustZone is credible

Also Published As

Publication number Publication date
CN114598456A (en) 2022-06-07

Similar Documents

Publication Publication Date Title
FI114416B (en) Method for securing the electronic device, the backup system and the electronic device
US20170308705A1 (en) System, device and method for anti-rollback protection of over-the-air updated device images
JP5373062B2 (en) System and method for providing system management commands
JP5740646B2 (en) How to download software
US11269655B2 (en) Bare metal device management
JP6585072B2 (en) Safe reading of data into non-volatile memory or secure elements
CN105934751B (en) Data erasure for target devices
TW201415280A (en) A method and service for securing a system networked to a cloud computing environment from malicious code attacks
WO2014206170A1 (en) Verification method and device
KR100660641B1 (en) Secure booting method for mobile terminal and mobile terminal for adopting the same
JP5076110B2 (en) System and method for guaranteeing data
JP2003122588A (en) Software processing device and software installation method
US10855451B1 (en) Removable circuit for unlocking self-encrypting data storage devices
CN113505363B (en) Method and system for realizing memory space replay prevention through software mode
CN112613011B (en) USB flash disk system authentication method and device, electronic equipment and storage medium
WO2022116708A1 (en) Key management method and apparatus
EP3737129B1 (en) Management method for offline management instruction and terminal
JP6610060B2 (en) Relay device, program, and information processing system
CN113132108B (en) Method and device for revoking and verifying digital certificate
CN111506897B (en) Data processing method and device
CN109863480B (en) Memory comprising a boot area that can only be recorded by the owner
US20240070329A1 (en) Applying trusted backup configuration to a node
CN115525933B (en) Data tamper-proof method and device, electronic equipment and storage medium
TWI740214B (en) Method of booting server
US20230129942A1 (en) Method for locking a rewritable non-volatile memory and electronic device implementing said method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21899742

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21899742

Country of ref document: EP

Kind code of ref document: A1