CN109814934A - Data processing method, device, readable medium and system - Google Patents
Data processing method, device, readable medium and system Download PDFInfo
- Publication number
- CN109814934A CN109814934A CN201910100370.5A CN201910100370A CN109814934A CN 109814934 A CN109814934 A CN 109814934A CN 201910100370 A CN201910100370 A CN 201910100370A CN 109814934 A CN109814934 A CN 109814934A
- Authority
- CN
- China
- Prior art keywords
- safe inventory
- public key
- data processing
- secure boot
- boot process
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
This application provides a kind of data processing method, device, storage medium and systems, this method comprises: safe inventory and public key relevant to safe inventory are read trust store area from non-trusted memory block in response to the execution of secure boot process;Safe inventory and public key are read from trust store area, and whether safe inventory is completely verified using public key;If whether verified safe inventory is completely, to judge in safe inventory to include more new command, wherein more new command is used to update the guidance code of secure boot process;If safe inventory includes more new command, secure boot process is interrupted, and execute more new command, be updated with the guidance code to secure boot process.The more new command of the application can be easily deployed in equipment by network, without carrying out burning or modification to hardware device in factory, reduce hardware input cost.
Description
Technical field
One or more embodiments of the application are usually directed to semiconductor device, especially system on chip (SoC) device, tool
Body is related to a kind of data processing method, device, readable medium and system.
Background technique
Now, safety is that necessity of system on chip (SoC) design is considered, and provides the base of hardware based platform security
This method includes clean boot service.System on chip is usually executed since internal BOOT ROM code, and the latter deposits from outside again
Reservoir or storage unit load and execute bootstrap loader or system.But not can guarantee in BOOT ROM code does not have mistake
Accidentally.In the prior art, by OTP ROM burning patch code mode BOOT ROM code is repaired, but it is this
There are a variety of limitations for repairing method.
Summary of the invention
To solve the above-mentioned problems.One or more embodiments of the application provide a kind of data processing method, device, deposit
Storage media and equipment.
According to some aspects of the application, a kind of data processing method is disclosed characterized by comprising
In response to the execution of secure boot process, safe inventory and public key relevant to safe inventory are deposited from non-trusted
Storage area reads trust store area;
The safe inventory and the public key are read from the trust store area, using the public key to the safety
Inventory whether complete (integrity) is verified;
If whether the verified safe inventory is completely, to judge in the safe inventory to include more new command,
Wherein the update instructs the guidance code for updating the secure boot process;
If the safe inventory includes the more new command, the secure boot process is interrupted, and execution is described more
New command is updated with the guidance code to the secure boot process.
It further, further include that the safe inventory is received from server by network.
It is further, described that whether the safe inventory is completely verified using the public key further include:
Verify whether the public key matches with the public key Hash of setting;
If the public key is matched with the public key Hash, verify the public key whether the label with the safe inventory
Name matching;With
If the signatures match of the public key and the safe inventory, judge that the safe inventory is complete.
Further, the verifying public key whether with whether the signature of the safe inventory matches include:
The abstract of the public key is matched with the signature digest of the safe inventory.
Further, if the verified safe inventory be it is incomplete, return to error message and terminate the peace
Full bootup process.
Further, if being judged that the safe inventory does not include the more new command, the safety is continued to execute
Bootup process.
Further, the safe inventory includes the metadata of the secure boot process, and the metadata includes being used for
The relevant information of the software package and signature that load in the secure boot process is described.
Further, the public key Hash is stored in disposable programmable memory, wherein the One Time Programmable
Memory is different from the non-trusted memory block or the trust store area.
Further, the non-trusted memory block and the trust store area are non-volatile memory medium.
Further, the non-trusted memory block is non-volatile memory medium and the trust store area is volatile
Property storage medium.
Further, the non-trusted storage region and the trust store area are on same storage medium.
Further, the more new command includes the guidance for replacing the partial routine of the secure boot process
Code, or replace the guidance code of all processes of the secure boot process.
According to some aspects of the application, a kind of data processing equipment is disclosed, comprising:
Reading unit, for the execution in response to secure boot process, by safe inventory and relevant to safe inventory
Public key reads trust store area from non-trusted memory block;
Authentication unit, for reading the safe inventory and the public key from the trust store area;Also, it utilizes
The public key verifies the safe inventory whether complete (integrity);
Updating unit, if for the verified safe inventory be it is complete, judge in the safe inventory whether
Including more new command, wherein the update instructs the guidance code for updating the secure boot process;If through judging
Stating safe inventory includes the more new command, then interrupts the secure boot process, and executes the more new command, to described
The guidance code of secure boot process is updated.
According to some aspects of the application, a kind of machine readable media is disclosed, finger is stored on the machine readable media
It enables, which makes machine execute above-mentioned data processing method when executing on machine.
According to some aspects of the application, a kind of system is disclosed, comprising:
Memory, the instruction that the one or more processors for storing by system execute, and
Processor is one of processor of system, for executing above-mentioned data processing method.
The application includes, but are not limited to according to some aspects of the application, effect:
FOTA (Firmware Over-The-Air) technology can be used to complete in the push of more new command.In this way, updating
Instruction can be easily deployed in equipment by network, without carrying out burning or modification, drop to hardware device in factory
Low hardware input cost.Further, since more new command is pushed to accessible non-trusted memory block, rather than read-only memory
Or in OTP hardware, therefore, safe inventory be can according to need through FOTA by the update of unlimited number.
Further, more new command can upgrade the checking algorithm of original software packages.
Further, more new command can be updated/replace to the guidance code of entire secure boot process.
Detailed description of the invention
Fig. 1 shows the module diagram of data processing equipment and server according to the embodiment of the present application.
Fig. 2 shows the flow diagrams that safe inventory is generated according to the server of the embodiment of the present application.
Fig. 3 shows the flow diagram of the data processing method according to the embodiment of the present application.
Fig. 4 shows the flow diagram of the data processing method according to the application another embodiment.
Fig. 5 shows the flow diagram of the data processing method according to the application another embodiment.
Fig. 6 shows module diagram according to the system in the embodiment of the present invention.
Specific embodiment
To keep the purpose and technical solution of the embodiment of the present application clearer, below in conjunction with the attached of the embodiment of the present application
Figure, is clearly and completely described the technical solution of the embodiment of the present application.Obviously, described embodiment is the application
A part of the embodiment, instead of all the embodiments.Based on described embodiments herein, those of ordinary skill in the art
Every other embodiment obtained, shall fall in the protection scope of this application under the premise of being not necessarily to creative work.
Fig. 1 is the apparatus module schematic diagram of the data processing equipment and server according to the application embodiment.The device
Include, but are not limited to, laptop devices, desktop computer, Hand held PC, personal digital assistant, engineering work station, server, network
Equipment, network hub, interchanger, embeded processor, digital signal processor (DSP), graphics device, video-game are set
Standby, set-top box, microcontroller, cellular phone, portable media player, handheld device and various other electronic equipments its
His device.Generally, it can be set comprising processor disclosed herein and/or other multiple devices for executing logic and electronics
Standby is typically all suitable.
As shown in Figure 1, system 10 may include one or more (only showing one in figure) (processors 110 of processor 110
It can include but is not limited to central processor CPU, image processor GPU, digital signal processor DSP, Micro-processor MCV or can
The processing unit of programmed logic device FPGA etc.), BOOT ROM 120, OTP ROM 130, memory 140 and network interface
150.System 10 further includes data processing equipment 121, wherein device 121 includes reading unit 1211, authentication unit 1212 and more
New unit 1213.Server 20 includes generation unit 210 and Transmit-Receive Unit 220.It will appreciated by the skilled person that figure
Structure shown in 1 is only to illustrate, and does not cause to limit to the structure of above-mentioned electronic device.For example, system 10 and server 20
It may also include than shown in Fig. 1 more perhaps less component or with the configuration different from shown in Fig. 1.
Server 20 is usually configured by the original equipment manufacturer of equipment (OEM).It generates and pacifies Fig. 2 shows server
The flow diagram of all clear list.As shown in Fig. 2, in block 201, safe inventory and public key relevant to safe inventory are generated, and
To safe inventory carry out ciphering signature, safe inventory include software package relevant to the secure boot process of data processing equipment and
The metadata of signature.Safe inventory is sent to data processing equipment in block 202, by network.
In one or more embodiments of the application, generation unit 210 for encrypt/sign software packet and generate correspondence
Safe inventory (Manifest).
Safe inventory includes the metadata of secure boot process.These metadata describe loaded in bootup process it is soft
The relevant information of part packet (Image) and ciphering signature.Safe inventory can also include the update for updating secure boot process
Instruction.
Secure boot process is a kind of bootup process based on trust chain.Guidance is since implicit trust component, Mei Geqi
He verifies component before execution.The foundation of secure boot process, referred to as root of trust, in hardware aspect, root of trust is logical
It is often system on chip read-only memory (SoC ROM), for example, BOOT ROM, OTP ROM (disposable programmable read only memory)
Deng, SoC ROM be uniquely cannot be by the component of simple reprogramming attack modifications or substitutions easily, therefore, usually in system
Guiding read-only memory is the first guiding node guided safely.
In one or more embodiments of the application, encryption check and signature check are added to peace by secure boot process
In each phase process guided entirely.For example, in bootup process, by using such as AES (Advanced Encryption
) etc. Standard encryption check technology carries out encryption check to software package (Image), it is ensured that all software packages being performed
(Image) confidentiality prevents from stealing software.In addition, ensuring all software packages being performed by using signature check
(Image) integrality, prevent to the software of operation it is any without permission or the modification of malice, will be explained in detail below.
It is appreciated that BOOT ROM 120, i.e. guidance read-only memory, the safety guidance for executing system 10 can be stored
The guidance code of process.OTP ROM 130 can store the key file of secure boot process, for example, public key Hash.
When equipment is before factory, 210 device for loading of generation unit starts the ID and equipment class of required software package, supplier
Other ID or device id, the private key being stored in using manufacturer in the calculating equipment of secure hardware module or air insulated, according to
The cryptographic protocol of selection generates the safe inventory for being encrypted signature, wherein being stored with the public key and each software package of safe inventory
Key.In addition, public key Hash corresponding with public key is also generated.Later, safe inventory and software package usually pass through producing line one
It rises and is written into the nonvolatile memory of system 10.And public key Hash is then programmed in the OTP ROM of system 10.Substitution or
Additionally, safe inventory and software package also can choose through network, the side of such as FOTA (Firmware Over-The-Air)
Formula is written into the nonvolatile memory of system 10.
It is appreciated that cryptographic protocol to be applied can be the various cryptographic protocol algorithms based on public key signature, such as
RSA-PSS(Rivest,Shamir and Adleman-Probabilistic Signature Scheme).In these agreements
In, trusted supplier's (server) generated using its private key they want deployment code signature, and by its with it is soft
Part binary file is pushed to equipment together.The equipment includes the public key of supplier, whether not to can be used for verifying binary file
It is modified and whether it is provided by trusted supplier.
Public key of the storage for root of trust might have problem, for example, being embedded into system on chip read-only memory meaning
All devices all use identical public key, if private key is stolen or after successfully being carried out reverse-engineering so that equipment be easy by
To attack.Therefore, it is possible to use One Time Programmable (OTP) hardware, such as polysilicon fuse, OTP ROM etc. of system on chip,
It is that unique public key value is stored in each system during device fabrication.This to store difference in the equipment of single classification
Public key value, reduce risk of attacks.
Otp memory would generally consume considerable silicon area, therefore available position (bits) is usually limited, and
The length of RSA public key is more than 1024, and for available OTP storage, the public key is too big.However, not due to public key
It is secrecy, it is possible to be stored in the memory of non-system on chip, and the cryptographic Hash of public key is stored in OTP storage
Device.The length of Hash is more much smaller than public key itself (Hash for SHA256 is 256), and public key Hash can be used at runtime
The value of verification public key.
When supplier needs to be updated the secure boot process of equipment, update required for secure boot process more
New command is loaded into generation unit 210, and in the same manner described above, generation includes the safety of more new command to generation unit 210
Inventory.The safe inventory for including more new command can be by the way that in system 10 that Transmit-Receive Unit 220 pushes, which be stored
In accessible non-trusted memory block.As an example, FOTA (Firmware Over- can be used in the push of safe inventory
The-Air) technology is completed.In this way, safe inventory can be easily deployed in system 10 by network, without in work
Factory carries out burning or modification to hardware device, reduces hardware input cost.Further, since safe inventory, which is pushed to, to be accessed
Non-trusted memory block, rather than in read-only memory or OTP hardware, therefore, safe inventory be can according to need through FOTA quilt
The update of unlimited number.
System 10 receives safe inventory by network interface 150.Network interface 150 is used to receive or send via network
Data, network may include various connection types, including but not limited to internet, intranet, local area network, mobile radio communication
And combinations thereof, such as wired, wireless communication link or fiber optic cables etc..
The memory 140 of system 10 can be used for the safe inventory of the transmission of storage server 20.Memory 140 may include high speed
Random access memory, such as, SRAM, DRAM may also include nonvolatile memory, such as one or more non-volatile random
Access the various flash memories or other non-volatile solid state memories of memory (NVRAM), such as SPI Flash, nand flash memory.
In some instances, memory 140 can further comprise the memory remotely located relative to processor 110, these are remotely deposited
Reservoir can be connected to device 10 by network interface 150.
In one or more embodiments of the application, memory 140 may include non-trusted memory block and trust store area.
Wherein, non-trusted memory block and trust store area can be the different subregions in the same memory, such as the one of a memory
A or multiple subregions are arranged to non-trusted memory block, and other one or more subregions are arranged to trust store area.As
Another example, non-trusted memory block and trust store area can be separately positioned in different memories, or be respectively not
Same memory, for example, the memory in the memory or system on chip for being located at system on chip can be set in trust store area
It is considered as trust store area, rather than memory or on piece system outside system on chip then can be set in trust store area
Memory outside system is considered as non-trusted memory block.In general, non-trusted memory block and trust store area are mutually isolated,
The content of non-trusted memory block is can to modify or user is addressable, and the software stored in non-trusted memory block all can not directly be seen
To the address in trust store area, non-trusted memory block is non-volatile storage region, and trust store area can be easy with right and wrong
Storage region of the storage region for the property lost but it is also possible to be volatibility.For understanding that is non-trusted and trusting, can refer to existing
The trusted domain technology of technology, and the associated description to safer world and common world.
When electrically activating on system 10, the reading unit 1211 of data processing equipment 121, in response to being led through safely
The starting of journey executes, and safe inventory and public key relevant to safe inventory are read trust store from non-trusted memory block
Area;
Authentication unit 1212, for reading safe inventory and public key from trust store area;Also, using public key to peace
All clear list whether complete (integrity) is verified;
Updating unit 1213, if for verified safe inventory be it is complete, judge in safe inventory whether include
More new command, wherein more new command is used to update the guidance code of secure boot process;If being judged that safe inventory includes more
New command then interrupts secure boot process, and executes more new command, is updated with the guidance code to secure boot process.
It is appreciated that integrality (integrity) mentioned here, is one of the fundamental in information security field.
Wherein, the principle of integrality is that user, process or hardware component have ability, is able to verify that transmitted or transmission thing
Accuracy, and process or hardware component will not be changed in any way.Generally, data refer to integrality, data
Not by the modification of unauthorized, unauthorized creation, insertion, playback and deletion including data.
One or more embodiments of the data processing method according to the application are described below.This method can be used and previously retouch
The data processing equipment stated is realized.
Fig. 3 shows one embodiment of the data processing method according to the application.Data processing method as shown in Figure 3
In 300, in block 301, in response to the execution of secure boot process, safe inventory is read into trust store from non-trusted memory block
Area.Upon power-up of system 10, data processing equipment 121 executes the secure boot code of BOOT ROM 120, and system starts safety
Bootup process.According to the instruction of guidance code, safe inventory is read trust from non-trusted memory block by data processing equipment 121
Memory block.
In block 302, safe inventory and public key are read from trust store area, it is whether complete to safe inventory using public key
(integrity) it is verified.Data processing equipment 121 reads the public key of safe inventory, and calculates the abstract of public key
(Digest), then data processing equipment 121 reads public key Hash from OTP ROM 130, and by the abstract and public key of public key
The abstract of Hash is compared, if two abstract be it is matched, public key is legal.Later, using public key to safe inventory
Ciphering signature verified, if public key and signature be it is matched, the ciphering signature of safe inventory be it is legal, safety is clear
Single binary file is not modified.Substitution or attachment, data processing equipment 121 can also be first to the complete of safe inventory
Whole property is verified, and safe inventory is being read trust store area from non-trusted memory block later.
Safe inventory is put into trust store area and carries out verifying again with higher safety.For example, for non-trusted
The safe inventory that memory block is verified, attacker may deposit after the completion of verifying with starting safe inventory reading trust
Very of short duration window phase between storage area, modifies safe inventory.
If being completely, to judge in safe inventory whether to include more new command in block 303, verified safe inventory,
Wherein more new command is used to update the guidance code of secure boot process.The mark of more new command is provided in safe inventory
Position, the flag bit indicate whether in safe inventory include more new command.If the value of the flag bit of more new command be not it is empty or
0, then illustrate in safe inventory comprising more new command.
Since safe inventory is protected by the encipherment scheme of such as asymmetric encryption signature scheme, as above, ciphering signature
Private key is stored in the secure hardware module of manufacturer, and public key Hash is stored in OTP ROM 130, and therefore, safety is clear
It is single that there is quite high safety, it is also as a result, safe as the more new command for including a part in safe inventory.
If verified safe inventory be it is incomplete, return to error message, and termination of security bootup process.
If interrupting secure boot process, and execute update and refer to finally, including more new command in block 304, safe inventory
It enables, is updated with the guidance code to secure boot process.If data processing equipment 121 determines that in safe inventory include more
New command, then data processing equipment 121 interrupts the secure boot process being currently executing, and executes more new command, is holding
When row more new command, data processing equipment 121 can first read the header block of more new command, can store in header block in need
The address of the guidance code for the bootup process being updated, data processing equipment 121 can execute more according to the address in header block
For new command to carry out new bootup process, replacement needs the bootup process being updated.
If in safe inventory not including more new command, data processing equipment 121 continues to execute original safety and is led through
Journey.Original secure boot process briefly described below.After the verifying for completing safe inventory, data processing equipment 121 is to soft
Part packet is verified, and software packages are processes indispensable in secure boot process.Data processing equipment 121 reads safety
The key stored in inventory, and being decrypted using the key pair software package, later 121 computation software package of data processing equipment
Abstract, and the corresponding abstract stored in the abstract and safe inventory is compared, if two digests match, software package is logical
Cross verifying.If it does not match, returning to error message and terminating bootup process.After the completion of software packages, the software package is loaded,
Complete the guidance of current guiding node.
In common secure boot process, before second guiding node starts to guide, first guidance is needed
Node, as BOOT ROM 120 verifies the second guiding node, it is ensured that the other guiding node of next stage be it is safe, in this way
New trust link can be established in the other guiding node of next stage.
In embodiments herein, since the metadata stored in safe inventory includes to need in secure boot process
The verify data of all software packages of load, therefore, alternatively or attachment, data processing equipment 121 can execute guidance
Code verifies all software packages in the bootup process of the first guiding node, can in this way in subsequent boot sequence
No longer to need the verifying of software package.
Fig. 4 shows another embodiment of the data processing method according to the application.Data processing method shown in Fig. 4
In 400, method 400 and method 300 shown in Fig. 3 are substantially similar, and therefore, for the description of similar portion, details are not described herein.
It will be explained in detail the difference part of digital processing method 400 below.
In block 401, read safe inventory.In the integrality of block 402, the safe inventory of verifying.If safe inventory is complete
, in block 403, judge in safe inventory whether to include more new command.If in block 404, interrupting safety guidance including more new command
Process executes more new command.More new command includes new software packages process.
In block 405, carry out new software packages process.New software packages process can be for original software
The great loophole occurred in packet verification process is repaired, and is also possible to rise for the algorithm to original software packages
Grade, for both of these case, great leak repairing and algorithm upgrading can not all may be repaired by the simple of several instructions
Benefit can be achieved with, it is possible to need the instruction to original software packages process to be written over, therefore, if new software package is tested
When the instruction number that card process is related to is more, the on piece read-only memory of such as OTP ROM 130 is difficult to meet storage more substantially
The demand of new command.
In addition, if more new command is stored in OTP ROM, then instructing in OTP ROM in existing bootup process
It can be just executed by processor after the completion of software packages, therefore, it is not possible to be updated to original software packages process.
Since safe inventory and software package can be pushed in system 10 by FOTA, thus, for example, testing original software package
It is possible that the checking algorithm of card, which carries out upgrading,.When the checking algorithm of original software package is unable to satisfy higher demand for security,
It may need again to verify software package with new ciphering signature or other cryptography checking algorithms.As an example,
It can will include that the new safe inventory of corresponding more new command is pushed to system 10 by FOTA referring to the associated description of Fig. 1
In, software package is verified using new checking algorithm thus, it is possible to realize.
Fig. 5 shows another embodiment of the data processing method according to the embodiment of the present application.Method shown in fig. 5
500 be another modification of the above method 300 and method 400.Therefore, for the description of similar portion, details are not described herein.With
Under will be explained in detail the difference part of data processing method 500.
As a kind of possible situation, for some systems 10, some systems in internet of things field are especially applied
System 10, it is understood that there may be the especially long situation of the life cycle of system 10, for example, be greater than 5 years or 10 years, and these systems 10
Hardware can not be replaced easily, and therefore, after a limited number of years, the secure boot process of system 10 has been unable to meet basic safety
Demand needs the guidance code to entire secure boot process to be updated/replace in this case, but due to BOOT
ROM 120 is hard solder in system on chip, therefore can not be updated to secure boot process.Data processing method 500 is
The illustrative methods to solve the above problems.
In block 501, read safe inventory.In the integrality of block 502, the safe inventory of verifying.If safe inventory is complete
, in block 503, judge in safe inventory whether to include more new command.If in block 504, interrupting safety guidance including more new command
Process executes more new command.More new command includes new secure boot process.
As above, the example that demand for security is had been unable to meet as secure boot process, for example, in BOOT ROM 120
Guidance code the software package using new Encryption Algorithm in the system that is pushed to 10 may not be able to be decrypted.For this
Situation not only includes the corresponding key of the Encryption Algorithm new with software package in safe inventory, but also including executing new decryption
The more new command of process.New secure boot process is specific as follows:
Block 505, from safe inventory read software package new key.Later in block 506, software package is decrypted.?
Block 507 judges whether decryption succeeds, if successful decryption, in block 508, carries out software packages process;If decryption is lost
It loses, then return to mistake and terminates bootup process.
The software packages process of block 508 can be carried out according to original secure boot process, alternatively or additionally, block 508
Software packages process also may, for example, be described in above-mentioned piece 405.In this case, by including in safe inventory
More new command the secure boot process of BOOT ROM 120 is all substituted.
According to one or more embodiments of the application, FOTA (Firmware is can be used in the push of more new command
Over-The-Air) technology is completed.In this way, more new command can be easily deployed in equipment by network, without
Burning or modification are carried out to hardware device in factory, reduce hardware input cost.Further, since be pushed to can for more new command
The non-trusted memory block of access, rather than in read-only memory or OTP hardware, therefore, safe inventory, which can according to need, to be passed through
FOTA is by the update of unlimited number.Further, more new command can upgrade the checking algorithm of original software packages.
Further, more new command can be updated/replace to the guidance code of entire secure boot process.
Fig. 6 is the block diagram according to the system of the embodiment of the present application.The system includes, but are not limited to, laptop devices, platform
It is formula machine, Hand held PC, personal digital assistant, engineering work station, server, the network equipment, network hub, interchanger, embedded
Processor, digital signal processor (DSP), graphics device, video game device, set-top box, microcontroller, cellular phone, just
Take the other systems of formula media player, handheld device and various other electronic equipments.It generally, can include institute herein
Disclosed system and electronic equipment are typically suitable.
Referring now to Fig. 6, it show the block diagram of the system 60 according to one embodiment of the application.System 60 may include
It is coupled to the one or more processors 601 of controller center 603.In one embodiment, controller center 603 includes, but
It is not limited to, (it can for graphics memory controller hub (GMCH) (not shown) and input/output hub (IOH) (not shown)
On separated chip), wherein GMCH includes memory and graphics controller and couples with IOH.System 60 may also include coupling
Close the firmware module 602 and memory 604 of controller center 603.Alternatively, one or both in memory and GMCH can be with
It is integrated in processor (as described in this article), memory 604 and firmware module 602 are directly coupled to processor 601
And controller center 603, controller center 603 and IOH are in one single chip.
Safety of the firmware module 602 for system 60 is booted up.
Memory 604 can be such as dynamic random access memory (DRAM), phase transition storage (PCM) or the two
Combination.For at least one embodiment, controller center 603 via such as front side bus (FSB) etc multiple-limb bus, all
As the point-to-point interface of fast channel interconnection (QPI) etc or similar connection 606 are communicated with processor 601.
In one embodiment, processor 601 executes the instruction of the data processing operation of control safer world.Firmware module
It instructs embeddable in these instructions.
According to one or more embodiments of the application, a kind of machine readable media is also disclosed, on machine readable media
It is stored with instruction, which makes machine execute any of the above-described a data processing method when executing on machine.
According to one or more embodiments of the application, a kind of system is also disclosed, comprising:
Memory, the instruction that the one or more processors for storing by system execute, and
Processor is one of processor of system, the data processing method for any of the above-described.The each method of the application
Embodiment can be realized in a manner of software, magnetic part, firmware etc..
Program code can be applied to input instruction, to execute each function described herein and generate output information.It can be with
Output information is applied to one or more output equipments in a known manner.For the purpose of the application, processing system includes tool
There is the processing of such as digital signal processor (DSP), microcontroller, specific integrated circuit (ASIC) or microprocessor
Any system of device.
Program code can realize with the programming language of advanced programming language or object-oriented, so as to processing system
Communication.When needed, it is also possible to which assembler language or machine language realize program code.In fact, mechanism described herein
It is not limited to the range of any certain programmed language.In either case, which can be compiler language or interpretative code.
The one or more aspects of at least one embodiment can be by representative instruciton stored on a machine readable medium
It realizes, instruction indicates the various logic in processor, and instruction makes machine production for executing sheet when read by machine
The logic of technology described in text.These expressions of referred to as " IP kernel " can be stored on a tangible machine-readable medium, and
Multiple clients or production facility are provided to be loaded into the manufacture machine for actually manufacturing the logic or processor.
Such machine readable storage medium can include but is not limited to the article by machine or device fabrication or formation
Non-transient tangible arrangement comprising storage medium, such as: the disk of any other type of hard disk, including floppy disk, CD, tight
Cause disk read-only memory (CD-ROM), compact-disc rewritable (CD-RW) and magneto-optic disk;Semiconductor devices, such as read-only storage
The arbitrary access of device (ROM), such as dynamic random access memory (DRAM) and static random access memory (SRAM) etc
Memory (RAM), Erasable Programmable Read Only Memory EPROM (EPROM), flash memory, electrically erasable programmable read-only memory
(EEPROM);Phase transition storage (PCM);Magnetic or optical card;Or the medium of any other type suitable for storing e-command.
Therefore, present embodiments further include non-transient tangible machine-readable medium, the medium include instruction or
Comprising design data, such as hardware description language (HDL), it define structure described herein, circuit, device, processor and/
Or system features.These embodiments are also referred to as program product.
In some cases, dictate converter can be used to instruct and convert from source instruction set to target instruction set.For example, referring to
Enable converter that can convert (such as using static binary conversion, including the dynamic binary translation of on-the-flier compiler), deformation, imitative
Very or in other ways convert instructions into the one or more of the other instruction that will be handled by core.Dictate converter can be with soft
Part, hardware, firmware, or combinations thereof realize.Dictate converter on a processor, outside the processor or can handled partially
On device and part is outside the processor.
Following paragraphs provides the example of various embodiments disclosed herein.
Embodiment 1, a kind of data processing method, comprising:
In response to the execution of secure boot process, safe inventory and public key relevant to safe inventory are deposited from non-trusted
Storage area reads trust store area;
The safe inventory and the public key are read from the trust store area, using the public key to the safety
Inventory whether complete (integrity) is verified;
If whether the verified safe inventory is completely, to judge in the safe inventory to include more new command,
Wherein the update instructs the guidance code for updating the secure boot process;
If the safe inventory includes the more new command, the secure boot process is interrupted, and execution is described more
New command is updated with the guidance code to the secure boot process.
Embodiment 2, according to data processing method described in embodiment 1, further include by network from server receive described in
Safe inventory.
Embodiment 3, according to data processing method described in embodiment 1, it is described using the public key to the safe inventory
Whether completely verified further include:
Verify whether the public key matches with the public key Hash of setting;
If the public key is matched with the public key Hash, verify the public key whether the label with the safe inventory
Name matching;With
If the signatures match of the public key and the safe inventory, judge that the safe inventory is complete.
Embodiment 4, according to data processing method described in embodiment 3, the verifying public key whether with the safety
Whether the signature of inventory matches
The abstract of the public key is matched with the signature digest of the safe inventory.
Embodiment 5 is according to data processing method described in embodiment 1, if the verified safe inventory is imperfect
, then it returns to error message and terminates the secure boot process.
Embodiment 6, according to data processing method described in embodiment 1, if being judged that the safe inventory does not include institute
More new command is stated, then continues to execute the secure boot process.
Embodiment 7, according to data processing method described in embodiment 1, the safe inventory includes that the safety is led through
The metadata of journey, the metadata include that the software package for describing to load in the secure boot process is related to signature
Information.
Embodiment 8, according to data processing method described in embodiment 3, the public key Hash is stored in One Time Programmable
In memory, wherein the disposable programmable memory is different from the non-trusted memory block or the trust store area.
Embodiment 9, according to data processing method described in embodiment 1, the non-trusted memory block and the trust store
Area is non-volatile memory medium.
Embodiment 10, according to data processing method described in embodiment 1, the non-trusted memory block is non-volatile memories
Medium and the trust store area are volatile storage medium.
Embodiment 11 is deposited according to data processing method described in embodiment 1, the non-trusted storage region and the trust
Storage area is on same storage medium.
Embodiment 12, the data processing method according to 1 to 11 any one of embodiment, the more new command include using
In the guidance code for the partial routine for replacing the secure boot process, or whole mistakes of the replacement secure boot process
The guidance code of journey.
Embodiment 13, a kind of data processing equipment, comprising:
Reading unit, for the execution in response to secure boot process, by safe inventory and relevant to safe inventory
Public key reads trust store area from non-trusted memory block;
Authentication unit, for reading the safe inventory and the public key from the trust store area;Also, it utilizes
The public key verifies the safe inventory whether complete (integrity);
Updating unit, if for the verified safe inventory be it is complete, judge in the safe inventory whether
Including more new command, wherein the update instructs the guidance code for updating the secure boot process;If through judging
Stating safe inventory includes the more new command, then interrupts the secure boot process, and executes the more new command, to described
The guidance code of secure boot process is updated.
Embodiment 14, the data processing equipment according to embodiment 13 further include receiving institute from server by network
State safe inventory.
Embodiment 15, the data processing equipment according to embodiment 13, it is described clear to the safety using the public key
It is single whether completely to be verified further include:
Verify whether the public key matches with the public key Hash of setting;
If the public key is matched with the public key Hash, verify the public key whether the label with the safe inventory
Name matching;With
If the signatures match of the public key and the safe inventory, judge that the safe inventory is complete.
Embodiment 16, the data processing equipment according to embodiment book 15, the verifying public key whether with it is described
Whether the signature of safe inventory matches
The abstract of the public key is matched with the signature digest of the safe inventory.
Embodiment 17, the data processing equipment according to embodiment 13, if the verified safe inventory is endless
Whole, then it returns to error message and terminates the secure boot process.
Embodiment 18, the data processing equipment according to embodiment 13, if being judged that the safe inventory does not include
The more new command, then continue to execute the secure boot process.
Embodiment 19, the data processing equipment according to embodiment 13, the safe inventory include the safety guidance
The metadata of process, the metadata include the phase of the software package and signature for describing to load in the secure boot process
Close information.
Embodiment 20, the data processing equipment according to embodiment 15, the public key Hash are stored in and can disposably compile
In journey memory, wherein the disposable programmable memory is different from the non-trusted memory block or the trust store area.
Embodiment 21, the data processing equipment according to embodiment 13, the non-trusted memory block and the trust are deposited
Storage area is non-volatile memory medium.
Embodiment 22, the data processing equipment according to embodiment 13, the non-trusted memory block are non-volatile deposit
Storage media and the trust store area are volatile storage medium.
Embodiment 23, the data processing equipment according to embodiment 13, the non-trusted storage region and the trust
Memory block is on same storage medium.
Embodiment 24, the data processing equipment according to 13 to 23 any one of embodiment, the more new command include
For replacing the guidance code of the partial routine of the secure boot process, or the whole of the replacement secure boot process
The guidance code of process.
Embodiment 25, a kind of machine readable media are stored with instruction on the machine readable media, and the instruction is on machine
Machine is set to execute data processing method described in any one of embodiment 1 to 12 when execution.
Embodiment 26, a kind of system, comprising:
Memory, the instruction that the one or more processors for storing by system execute, and
Processor is one of processor of system, for executing data processing side described in any one of embodiment 1 to 12
Method.
Embodiment 27, a kind of server, the server include:
Generation unit, for generating safe inventory and public key relevant to the safe inventory, and it is clear to the safety
Single to carry out ciphering signature, the safe inventory includes software package relevant to the secure boot process of data processing equipment and signature
Metadata;
Transmit-Receive Unit, for the safe inventory to be sent to the data processing equipment by network.
Embodiment 28, the server according to embodiment 27, the safe inventory include more new command, wherein it is described more
New command is used to update the guidance code of the secure boot process.
Embodiment 29, the server according to embodiment 27, the server are pacified according to cryptographic protocol using being stored in
Private key in the calculating equipment of devices at full hardware module or air insulated, signs to the safe inventory, and generates corresponding
The public key.
Embodiment 30, a kind of data creation method, comprising:
Safe inventory and public key relevant to the safe inventory are generated, and encryption label are carried out to the safe inventory
Name, the safe inventory includes the metadata of relevant to the secure boot process of data processing equipment software package and signature;
The safe inventory is sent to the data processing equipment by network.
Embodiment 31, the data creation method according to embodiment 30, the safe inventory include more new command, wherein
The more new command is used to update the guidance code of the secure boot process.
Embodiment 32, the data creation method according to embodiment 30, it is hard using safety is stored according to cryptographic protocol
Private key in the calculating equipment of part module or air insulated, signs to the safe inventory, and generates corresponding described
Public key.
Claims (15)
1. a kind of data processing method characterized by comprising
In response to the execution of secure boot process, by safe inventory and public key relevant to safe inventory from non-trusted memory block
Read trust store area;
The safe inventory and the public key are read from the trust store area, using the public key to the safe inventory
Whether complete (integrity) is verified;
If the verified safe inventory be it is complete, judge in the safe inventory whether to include more new command, wherein
The more new command is used to update the guidance code of the secure boot process;
If the safe inventory includes the more new command, the secure boot process is interrupted, and executes the update and refers to
It enables, is updated with the guidance code to the secure boot process.
2. data processing method according to claim 1, which is characterized in that further include receiving institute from server by network
State safe inventory.
3. data processing method according to claim 1, which is characterized in that described clear to the safety using the public key
It is single whether completely to be verified further include:
Verify whether the public key matches with the public key Hash of setting;
If the public key is matched with the public key Hash, verify the public key whether the signature with the safe inventory
Match;With
If the signatures match of the public key and the safe inventory, judge that the safe inventory is complete.
4. data processing method according to claim 3, which is characterized in that the verifying public key whether with the peace
Whether the signature of all clear list matches
The abstract of the public key is matched with the signature digest of the safe inventory.
5. data processing method according to claim 1, which is characterized in that if the verified safe inventory is endless
Whole, then it returns to error message and terminates the secure boot process.
6. data processing method according to claim 1, which is characterized in that if being judged that the safe inventory does not include
The more new command, then continue to execute the secure boot process.
7. data processing method according to claim 1, which is characterized in that the safe inventory includes the safety guidance
The metadata of process, the metadata include the phase of the software package and signature for describing to load in the secure boot process
Close information.
8. data processing method according to claim 3, which is characterized in that the public key Hash is stored in and can disposably compile
In journey memory, wherein the disposable programmable memory is different from the non-trusted memory block or the trust store area.
9. data processing method according to claim 1, which is characterized in that the non-trusted memory block and the trust are deposited
Storage area is non-volatile memory medium.
10. data processing method according to claim 1, which is characterized in that the non-trusted memory block is non-volatile
Storage medium and the trust store area are volatile storage medium.
11. data processing method according to claim 1, which is characterized in that the non-trusted storage region and the letter
Appoint memory block on same storage medium.
12. according to claim 1 to data processing method described in 11 any one, which is characterized in that the more new command packet
The guidance code of the partial routine for replacing the secure boot process is included, or replaces the complete of the secure boot process
The guidance code of portion's process.
13. a kind of data processing equipment characterized by comprising
Reading unit, for the execution in response to secure boot process, by safe inventory and public key relevant to safe inventory
Trust store area is read from non-trusted memory block;
Authentication unit, for reading the safe inventory and the public key from the trust store area;Also, described in utilizing
Public key verifies the safe inventory whether complete (integrity);
Updating unit, if for the verified safe inventory be it is complete, judge in the safe inventory whether include
More new command, wherein the update instructs the guidance code for updating the secure boot process;If being judged the peace
All clear list includes the more new command, then interrupts the secure boot process, and executes the more new command, to the safety
The guidance code of bootup process is updated.
14. a kind of machine readable media, which is characterized in that be stored with instruction on the machine readable media, the instruction is in machine
Make data processing method described in any one of machine perform claim requirement 1 to 12 when upper execution.
15. a kind of system characterized by comprising
Memory, the instruction that the one or more processors for storing by system execute, and
Processor is one of processor of system, for data processing side described in any one of perform claim requirement 1 to 12
Method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910100370.5A CN109814934B (en) | 2019-01-31 | 2019-01-31 | Data processing method, device, readable medium and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910100370.5A CN109814934B (en) | 2019-01-31 | 2019-01-31 | Data processing method, device, readable medium and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109814934A true CN109814934A (en) | 2019-05-28 |
CN109814934B CN109814934B (en) | 2022-05-06 |
Family
ID=66606294
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910100370.5A Active CN109814934B (en) | 2019-01-31 | 2019-01-31 | Data processing method, device, readable medium and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109814934B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111767231A (en) * | 2020-07-08 | 2020-10-13 | 瓴盛科技有限公司 | Multi-platform Bootrom verification method, device, system and computer readable medium |
CN114385248A (en) * | 2020-10-22 | 2022-04-22 | 四零四科技股份有限公司 | Computing system and device for processing trust chain |
CN114995799A (en) * | 2022-07-18 | 2022-09-02 | 新华三半导体技术有限公司 | Assembly code generation method and device and electronic equipment |
CN115910341A (en) * | 2022-12-02 | 2023-04-04 | 成都体育学院 | Exercise health monitoring method, device and medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102509047A (en) * | 2011-11-09 | 2012-06-20 | 北京赛科世纪数码科技有限公司 | Method and system for verifying program code in set-top box |
CN102693139A (en) * | 2011-03-25 | 2012-09-26 | 比亚迪股份有限公司 | Method and system for wirelessly upgrading mobile phone software |
CN102968588A (en) * | 2012-12-20 | 2013-03-13 | 四川长虹电器股份有限公司 | Intelligent terminal system |
CN104156659A (en) * | 2014-08-14 | 2014-11-19 | 电子科技大学 | Embedded system secure start method |
CN104462965A (en) * | 2014-11-14 | 2015-03-25 | 华为技术有限公司 | Method for verifying integrity of application program and network device |
CN106096420A (en) * | 2016-06-15 | 2016-11-09 | 京信通信技术(广州)有限公司 | The method and apparatus of embedded device clean boot |
CN108228263A (en) * | 2016-12-12 | 2018-06-29 | 北京小米移动软件有限公司 | The method and device that system starts |
CN108280035A (en) * | 2017-01-05 | 2018-07-13 | 三星电子株式会社 | Safety guiding sequencer and secure booting apparatus |
-
2019
- 2019-01-31 CN CN201910100370.5A patent/CN109814934B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102693139A (en) * | 2011-03-25 | 2012-09-26 | 比亚迪股份有限公司 | Method and system for wirelessly upgrading mobile phone software |
CN102509047A (en) * | 2011-11-09 | 2012-06-20 | 北京赛科世纪数码科技有限公司 | Method and system for verifying program code in set-top box |
CN102968588A (en) * | 2012-12-20 | 2013-03-13 | 四川长虹电器股份有限公司 | Intelligent terminal system |
CN104156659A (en) * | 2014-08-14 | 2014-11-19 | 电子科技大学 | Embedded system secure start method |
CN104462965A (en) * | 2014-11-14 | 2015-03-25 | 华为技术有限公司 | Method for verifying integrity of application program and network device |
CN106096420A (en) * | 2016-06-15 | 2016-11-09 | 京信通信技术(广州)有限公司 | The method and apparatus of embedded device clean boot |
CN108228263A (en) * | 2016-12-12 | 2018-06-29 | 北京小米移动软件有限公司 | The method and device that system starts |
CN108280035A (en) * | 2017-01-05 | 2018-07-13 | 三星电子株式会社 | Safety guiding sequencer and secure booting apparatus |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111767231A (en) * | 2020-07-08 | 2020-10-13 | 瓴盛科技有限公司 | Multi-platform Bootrom verification method, device, system and computer readable medium |
CN111767231B (en) * | 2020-07-08 | 2023-10-31 | 瓴盛科技有限公司 | Multi-platform Bootrom verification method, device and system and computer readable medium |
CN114385248A (en) * | 2020-10-22 | 2022-04-22 | 四零四科技股份有限公司 | Computing system and device for processing trust chain |
CN114385248B (en) * | 2020-10-22 | 2024-04-23 | 四零四科技股份有限公司 | Computing system and device for processing trust chain |
CN114995799A (en) * | 2022-07-18 | 2022-09-02 | 新华三半导体技术有限公司 | Assembly code generation method and device and electronic equipment |
CN115910341A (en) * | 2022-12-02 | 2023-04-04 | 成都体育学院 | Exercise health monitoring method, device and medium |
CN115910341B (en) * | 2022-12-02 | 2024-02-13 | 成都体育学院 | Exercise health monitoring method, device and medium |
Also Published As
Publication number | Publication date |
---|---|
CN109814934B (en) | 2022-05-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109313690B (en) | Self-contained encrypted boot policy verification | |
FI114416B (en) | Method for securing the electronic device, the backup system and the electronic device | |
US9129536B2 (en) | Circuit for secure provisioning in an untrusted environment | |
US9100174B2 (en) | Secure provisioning in an untrusted environment | |
CN109814934A (en) | Data processing method, device, readable medium and system | |
US9100189B2 (en) | Secure provisioning in an untrusted environment | |
EP3025226B1 (en) | Media client device authentication using hardware root of trust | |
TW202009778A (en) | Firmware upgrade method and device | |
US8560820B2 (en) | Single security model in booting a computing device | |
KR101795457B1 (en) | Method of initializing device and method of updating firmware of device having enhanced security function | |
US9094205B2 (en) | Secure provisioning in an untrusted environment | |
CN103946856B (en) | Encrypting and deciphering processing method, device and equipment | |
US11829479B2 (en) | Firmware security verification method and device | |
CN105144626B (en) | The method and apparatus of safety is provided | |
US20080082828A1 (en) | Circuit arrangement and method for starting up a circuit arrangement | |
US11361087B2 (en) | Security data processing device | |
CN107430658B (en) | Security software certification and verifying | |
US8392724B2 (en) | Information terminal, security device, data protection method, and data protection program | |
CN108347332A (en) | Verify the method and device of firmware signature | |
CN109388961B (en) | Security control method of storage device and storage device | |
CN105787357A (en) | APK (Android Package) downloading method and system based on Android system | |
CN105893837B (en) | Application program installation method, security encryption chip and terminal | |
US20230273977A1 (en) | Managing ownership of an electronic device | |
TWI840506B (en) | Security data processing device | |
Raval et al. | Hardware Root of Trust on IoT Gateway |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |