CN110417798A - The communication means and device of terminal device and vehicle device - Google Patents

The communication means and device of terminal device and vehicle device Download PDF

Info

Publication number
CN110417798A
CN110417798A CN201910718809.0A CN201910718809A CN110417798A CN 110417798 A CN110417798 A CN 110417798A CN 201910718809 A CN201910718809 A CN 201910718809A CN 110417798 A CN110417798 A CN 110417798A
Authority
CN
China
Prior art keywords
certificate
request
terminal device
vehicle device
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910718809.0A
Other languages
Chinese (zh)
Other versions
CN110417798B (en
Inventor
胡征犀
许亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zebra Network Technology Co Ltd
Original Assignee
Zebra Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zebra Network Technology Co Ltd filed Critical Zebra Network Technology Co Ltd
Priority to CN201910718809.0A priority Critical patent/CN110417798B/en
Publication of CN110417798A publication Critical patent/CN110417798A/en
Application granted granted Critical
Publication of CN110417798B publication Critical patent/CN110417798B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention provides the communication means and device of a kind of terminal device and vehicle device, this method includes that terminal device passes through secure communication channel to vehicle device transmission control request message, controlling includes private key signature in request message, and control request message is for requesting vehicle device to verify terminal device;The verifying message that vehicle device is sent by secure communication channel is received, verifying message is used to indicate whether vehicle device is proved to be successful terminal device.The verifying when terminal device is communicated with vehicle device to terminal device is realized, the safety of vehicle control is improved.

Description

The communication means and device of terminal device and vehicle device
Technical field
The present invention relates to the communication means and dress of onboard system technical field more particularly to a kind of terminal device and vehicle device It sets.
Background technique
As rapid economic development and living standards of the people are continuously improved, automobile has been increasingly becoming more and more people's Walking-replacing tool, in addition, electronic equipment integrates with the progress of wireless technology, automotive electronic technology and automatic control technology Spend it is higher and higher, in vehicle device integrate various functions it is more and more, various advanced mechanicss of communication start to be applied in vehicle device, vehicle Machine is no longer an isolated equipment, it can establish the channel of an information interchange with the external world.In order to provide vehicle stool control mode benefit, lead to Connection is often established by terminal device and vehicle device, and vehicle progress vehicle window control, music, broadcast are broadcast by terminal device It puts, the operation such as map is checked.
In order to realize the communication between terminal device and vehicle device, in the prior art, the connection between terminal device and vehicle device, The communication between vehicle device and terminal device is usually realized by bluetooth.
However, in the prior art, by bluetooth point-to-point communication, safety is relatively weak, can not for terminal device and vehicle device Meet the demand for security of vehicle.
Summary of the invention
The present invention provides the communication means and device of a kind of terminal device and vehicle device, ensure that terminal device and vehicle device Communications security, and then improve the safety of vehicle.
In a first aspect, the embodiment of the present application provides the communication means of a kind of terminal device and vehicle device, comprising:
Control request message is sent to vehicle device by secure communication channel, controlling includes private key signature in request message, control Request message processed is for requesting vehicle device to verify terminal device;Vehicle device is received to disappear by the verifying that secure communication channel is sent Breath, verifying message are used to indicate whether vehicle device is proved to be successful terminal device.
In the embodiment of the present application, control request message is sent to vehicle device by secure communication channel, realizes and control is asked The encryption for asking message to transmit, in addition, including private key signature in control request message, private key signature demonstrates transmission control request and disappears The authenticity and non repudiation (authenticity) of the terminal device of breath further ensure the logical of terminal device and vehicle device Believe safety, and then improves the safety of vehicle.
Optionally, the communication means of terminal device provided by the embodiments of the present application and vehicle device, comprising:
If vehicle device is proved to be successful terminal device, terminal device be target terminal equipment, target terminal equipment for pair Vehicle device is controlled.
Optionally, before terminal device sends control request message to vehicle device by secure communication channel, further includes:
Request certificate issuance file is sent to server, request certificate issuance file is used for request server grant a certificate, It requests to include Certificate Signature Request file (Certificate Signing Request, CSR) in certificate issuance file;It receives The certificate that server is sent.
Optionally, request certificate issuance file further includes the first pairing code, please be solved in terminal device to server transmission Before bookmark fat file, further includes:
Receive the second pairing code that server is sent;Obtain the first pairing code.
Optionally, secure communication channel is bidirectional safe transport layer protocol (Transport Layer Security, TLS) Verify channel.
Second aspect, the embodiment of the present application provide the communication means of a kind of terminal device and vehicle device, comprising:
The control request message that receiving terminal apparatus is sent by secure communication channel, controlling includes private key in request message Signature;Private key signature is verified by target certificate, target certificate is any one at least one certificate in vehicle device; Verifying message is sent to terminal device by secure communication channel, verifying message is used to indicate whether vehicle device is verified terminal device Success.
Optionally, before the control request message that receiving terminal apparatus is sent by secure communication channel, further includes:
Determine target certificate, the public key in target certificate and the private key in target terminal equipment are a pair of secret keys pair, target Terminal device is for controlling vehicle device.
Optionally, before determining target certificate, further includes:
Pairing request is sent to server, pairing request authenticates terminal device for request server;Receive clothes The certificate that business device is sent.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
The third aspect, the embodiment of the present application provide the communication means of a kind of terminal device and vehicle device, comprising:
The request certificate issuance file that receiving terminal apparatus is sent, request certificate issuance file are signed and issued for request server Certificate requests to include Certificate Signature Request file CSR in certificate issuance file;According to request certificate issuance file grant a certificate; Certificate is sent to terminal device and vehicle device.
Optionally, the communication means of terminal device provided by the embodiments of the present application and vehicle device, further includes:
The pairing request of vehicle device is received, pairing request authenticates terminal device for request server;It is set to terminal Preparation send the second pairing code.
Optionally, it requests in certificate issuance file to further include the first pairing code, be signed and issued according to request certificate issuance file Before certificate, further includes:
First pairing code is verified, if being verified, according to request certificate issuance file grant a certificate.
The communication device, terminal device, vehicle device, service of terminal device provided by the embodiments of the present application and vehicle device is described below Device, storage medium and computer program product, content and effect can refer to first aspect to the terminal that the third aspect provides and set The standby communication means with vehicle device.
Fourth aspect, the embodiment of the present application provide the communication device of a kind of terminal device and vehicle device, for executing such as first The method of aspect and first aspect optional way.
5th aspect, the embodiment of the present application provide the communication device of a kind of terminal device and vehicle device, for executing such as second The method of aspect and second aspect optional way.
6th aspect, the embodiment of the present application provide the communication device of a kind of terminal device and vehicle device, for executing such as third The method of aspect and third aspect optional way.
7th aspect, the embodiment of the present application provide a kind of terminal device, comprising:
Transmitter controls request message for sending by secure communication channel to vehicle device, includes in control request message Private key signature, control request message is for requesting vehicle device to verify terminal device.
Receiver, the verifying message sent for receiving vehicle device by secure communication channel, verifying message are used to indicate vehicle Whether machine is proved to be successful terminal device.
Optionally, if vehicle device is proved to be successful terminal device, terminal device is target terminal equipment, target terminal equipment For controlling vehicle device.
Optionally, transmitter, is also used to send request certificate issuance file to server, and request certificate issuance file is used for Request server grant a certificate requests to include Certificate Signature Request file CSR in certificate issuance file;Receiver is also used to connect Receive the certificate that server is sent.
Optionally, receiver is also used to receive the second pairing code of server transmission;Obtain the first pairing code.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
Eighth aspect, the embodiment of the present application provide a kind of vehicle device, comprising:
Receiver, for the control request message that receiving terminal apparatus is sent by secure communication channel, control request disappears It include private key signature in breath;Processor, for being verified by target certificate to private key signature, target certificate be vehicle device in extremely Any one in a certificate less;Transmitter, for sending verifying message, verifying to terminal device by secure communication channel Message is used to indicate whether vehicle device is proved to be successful terminal device.
Optionally, processor is also used to: determining target certificate, the public key in target certificate and the private in target terminal equipment Key is a pair of secret keys pair, and target terminal equipment is for controlling vehicle device.
Optionally, transmitter is also used to: sending pairing request to server, pairing request is for request server to terminal Equipment is authenticated;Receiver is also used to receive the certificate of server transmission.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
9th aspect, the embodiment of the present application provide a kind of server, comprising:
Receiver, for the request certificate issuance file that receiving terminal apparatus is sent, request certificate issuance file is for asking Server grant a certificate is sought, requests to include Certificate Signature Request file CSR in certificate issuance file;Processor is asked for basis Solve bookmark fat file grant a certificate;Transmitter, for sending certificate to terminal device and vehicle device.
Optionally, receiver, is also used to receive the pairing request of vehicle device, and pairing request sets terminal for request server It is standby to be authenticated;Transmitter is also used to send the second pairing code to terminal device.
Optionally, request in certificate issuance file to further include the first pairing code, processor, be also used to the first pairing code into Row verifying, if being verified, according to request certificate issuance file grant a certificate.
Tenth aspect, the embodiment of the present invention provide a kind of computer readable storage medium, the computer-readable storage medium Matter is stored with computer program, and the computer program executes server described in first aspect and first aspect optional way Method.
Tenth on the one hand, and the embodiment of the present invention provides a kind of computer readable storage medium, the computer-readable storage Media storage has computer program, and the computer program makes server execute second aspect and second aspect optional way institute The method stated.
12nd aspect, the embodiment of the present invention provide a kind of computer readable storage medium, the computer-readable storage Media storage has computer program, and the computer program makes server execute the third aspect and third aspect optional way institute The method stated.
13rd aspect, the embodiment of the present invention provide a kind of computer program product, comprising: executable instruction can be performed Instruction is for realizing such as first aspect or the method for first aspect optional way.
Fourteenth aspect, the embodiment of the present invention provide a kind of computer program product, comprising: executable instruction can be performed Instruction is for realizing such as second aspect or the method for second aspect optional way.
15th aspect, the embodiment of the present invention provide a kind of computer program product, comprising: executable instruction can be performed Instruction is for realizing such as third aspect or the method for third aspect optional way.
The present invention provides the communication means and device of terminal device and vehicle device, is sent and is controlled to vehicle device by secure communication channel Request message processed, controlling includes private key signature in request message, and control request message is for requesting vehicle device to carry out terminal device Verifying;The verifying message that vehicle device is sent by secure communication channel is received, verifying message is used to indicate whether vehicle device sets terminal It is standby to be proved to be successful.Due to sending control request message to vehicle device by secure communication channel, realizes and control request message is passed Defeated encryption, in addition, including private key signature in control request message, private key signature demonstrates the terminal for sending control request message The authenticity and non repudiation of equipment realize the encryption again to control request message itself, realize in terminal device To the verifying of terminal device when being communicated with vehicle device, the safety of vehicle control is improved.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair Bright some embodiments for those of ordinary skill in the art without any creative labor, can be with It obtains other drawings based on these drawings.
Fig. 1 is exemplary application scene figure provided by the embodiments of the present application;
Fig. 2 is one example implementations schematic diagram of the embodiment of the present application;
Fig. 3 is the interaction diagrams of the communication means of the terminal device that one embodiment of the application provides and vehicle device;
Fig. 4 is the interaction diagrams of the communication means of another embodiment of the application terminal device provided and vehicle device;
Fig. 5 is the interaction diagrams for the certificate issuance that one embodiment of the application provides;
Fig. 6 is the structural schematic diagram for the terminal device that one embodiment of the application provides;
Fig. 7 is the structural schematic diagram for the vehicle device that one embodiment of the application provides;
Fig. 8 is the structural schematic diagram for the server that one embodiment of the application provides.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
Description and claims of this specification and term " first ", " second ", " third ", " in above-mentioned attached drawing The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage The data that solution uses in this way are interchangeable under appropriate circumstances, so that the embodiment of the present invention described herein for example can be to remove Sequence other than those of illustrating or describe herein is implemented.In addition, term " includes " and " having " and theirs is any Deformation, it is intended that cover it is non-exclusive include, for example, containing the process, method of a series of steps or units, system, production Product or equipment those of are not necessarily limited to be clearly listed step or unit, but may include be not clearly listed or for this A little process, methods, the other step or units of product or equipment inherently.
As rapid economic development and living standards of the people are continuously improved, automobile has been increasingly becoming more and more people's Walking-replacing tool, in addition, electronic equipment integrates with the progress of wireless technology, automotive electronic technology and automatic control technology Spend it is higher and higher, in vehicle device integrate various functions it is more and more, various advanced mechanicss of communication start to be applied in vehicle device, vehicle Machine is no longer an isolated equipment, it can establish the channel of an information interchange with the external world.In order to provide vehicle stool control mode benefit, lead to Connection is often established by terminal device and vehicle device, and vehicle progress vehicle window control, music, broadcast are broadcast by terminal device It puts, the operation such as map is checked.In order to realize terminal device and vehicle device establishes connection, in the prior art, terminal device and vehicle device it Between connection, the connection between vehicle device and terminal device is usually established by way of Bluetooth broadcast, is unable to satisfy vehicle-mounted peace Full demand.To solve the above-mentioned problems, the embodiment of the present application provides the communication means and device of a kind of terminal device and vehicle device.
Hereinafter, the exemplary application scene to the embodiment of the present invention is introduced.
Fig. 1 is exemplary application scene figure provided by the embodiments of the present application, as shown in Figure 1, in the application of ride-on vehicles In scene, for vehicle device between driver and assistant driver seat, the user for riding in driving and assistant driver seat can pass through vehicle Machine controls the air-conditioning of vehicle interior, vehicle window, music, broadcast etc..Rear passenger 11 is located at the heel row of vehicle, due to It is not available the control that vehicle device carries out vehicle interior, needs to be attached with vehicle device by other means, to realize vehicle control.Fig. 2 It is one example implementations schematic diagram of the embodiment of the present application, as shown in Fig. 2, rear passenger can pass through terminal device 12 and vehicle Machine 13 establishes connection, and then control of the rear passenger to vehicle interior can be realized by the application software in terminal device 12, Terminal device can be smart phone, PC, user terminal, tablet computer, wearable device etc., the embodiment of the present application pair The type of terminal device with no restrictions, in addition, the embodiment of the present application to the type of vehicle device also with no restrictions, as long as can be with terminal Equipment establishes connection.
The communication means and device of a kind of terminal device and vehicle device are provided based on this embodiment of the present application.
Fig. 3 is the interaction diagrams of the communication means of the terminal device that one embodiment of the application provides and vehicle device, this method It can be executed by terminal device and the communication device of vehicle device, which can be realized by way of software and/or hardware, this reality The application scenarios for applying example are that terminal device sends control request message, and request controls vehicle device.As shown in figure 3, the application Method in embodiment may include:
Step S101: terminal device sends control request message to vehicle device by secure communication channel, controls request message In include private key signature, control request message is for requesting vehicle device to verify terminal device.
Terminal device sends control request message to vehicle device by secure communication channel, and secure communication channel is for realizing right The encryption of communication channel, in a kind of possible embodiment, secure communication channel is bidirectional safe transport layer protocol TLS verifying Channel, the embodiment of the present application are without limitation.
Optionally, (Message Queuing can be transmitted using message queue telemetering between terminal device and vehicle device Telemetry Transport, MQTT) communication protocol carries out data transmission, and MQTT carries out the transmitted in both directions of data, and expense is non- Often small, support is multilingual, and can adapt to the network transmission demand of various unstable operations, and exploitation is convenient, ensure that stabilization Property, ease for use, the attainability of data.On the basis of being carried out data transmission using MQTT communication protocol, to terminal device and vehicle The communication link of machine uses TLS bi-directional verification, it is ensured that in transmission process, data can not be tampered and monitor, physically A possibility for having completely cut off go-between's contact, to protect channel security.
Controlling in request message includes private key signature, can also include the mark of the control instruction and terminal device to vehicle device Know, the embodiment of the present application to control request message concrete form and included content with no restrictions.Control request message For requesting vehicle device to verify terminal device.
Step S102: the control request message that vehicle device receiving terminal apparatus is sent by secure communication channel, control request It include private key signature in message.
The control request message that vehicle device receiving terminal apparatus is sent by secure communication channel, and identify control request message In private key signature, with prepare private key signature is verified.
Step S103: vehicle device verifies private key signature by target certificate, and target certificate is at least one in vehicle device Any one in certificate.
In practical application scene, it is understood that there may be multiple terminal devices and vehicle device establish trusting relationship, therefore in vehicle device There may be multiple certificates, and the public key in certificate is corresponded from the private key in different terminal devices, in order to realize target Control of the terminal device to vehicle device optionally before through step S103, can also comprise determining that target certificate, target card The private key in public key and target terminal equipment in book is a pair of secret keys pair, and target terminal equipment is for controlling vehicle device.
Determine that target certificate can determine that the embodiment of the present application is specific to determining target certificate by user in vehicle device Embodiment is with no restrictions.Public key in target certificate and the private key in target terminal equipment are a pair of secret keys pair, and vehicle device can be with The private key signature in terminal device is verified by the public key in target certificate, to determine whether terminal device can be with vehicle Machine is communicated.
Step S104: vehicle device sends verifying message to terminal device by secure communication channel, and verifying message is used to indicate Whether vehicle device is proved to be successful terminal device.
Vehicle device, can also be by secure communication channel to terminal after being proved to be successful by target certificate to private key signature Equipment sends verifying message, to indicate whether vehicle device is proved to be successful terminal device.Class of the embodiment of the present application to verifying message Type and content are with no restrictions.
Step S105: terminal device receives the verifying message that vehicle device is sent by secure communication channel, and verifying message is used for Whether instruction vehicle device is proved to be successful terminal device.
Terminal device receives the verifying message that vehicle device is sent by secure communication channel, optionally, if vehicle device sets terminal Standby to be proved to be successful, then terminal device is target terminal equipment, and target terminal equipment is for controlling vehicle device.Therefore, terminal Equipment and vehicle device can be carried out data transmission by MQTT agreement, to realize control of the target terminal equipment to vehicle device.
Optionally, if vehicle device is proved to be successful terminal device, terminal device is illegal command to the control instruction of vehicle device, Terminal device can not be communicated with vehicle device, also cannot achieve control of the terminal device to vehicle device, and then ensure that the peace of vehicle device Quan Xing.
In the embodiment of the present application, control request message is sent to vehicle device by secure communication channel, realizes and control is asked The encryption of the communication channel of message is asked, in addition, including private key signature in control request message, private key signature demonstrates transmission control The authenticity and non repudiation of the terminal device of request message realize the encryption again to control request message itself, into And it ensure that the communications security of terminal device and vehicle device.
In a kind of possible embodiment, control request is being sent to vehicle device by secure communication channel in terminal device It, can be with request server certificate, to guarantee the communication security of terminal device and vehicle device before message.Fig. 4 is the application The interaction diagrams of the communication means of terminal device and vehicle device that another embodiment provides, this method can be by terminal device and vehicle The communication device of machine executes, which can be realized by way of software and/or hardware, as shown in figure 4, the embodiment of the present application In method may include:
Step S201: terminal device sends request certificate issuance file to server, and request certificate issuance file is for asking Server grant a certificate is sought, requests to include Certificate Signature Request file CSR in certificate issuance file.
Terminal device sends request certificate issuance file to server, requests in certificate issuance file to may include CSR, CSR is terminal device when applying for certificate, while generating private key, also generates Certificate Signature Request file, terminal device handle After CSR file submits to certification authority, certification authority just generates CertPubKey using its root certificate private key signature File, that is, it is presented to the certificate of user.Therefore, server can be public base setting server (Public Key Infrastructure, PKI), PKI be it is a kind of follow standard provide one using public key cryptography for the development of e-commerce The technology and specification of foundation for security platform are covered, PKI server is issued for realizing to certificate.
Requesting certificate issuance file can also include product ID, MAC Address (the Media Access of terminal device Control Medium Access Control) etc. information, the embodiment of the present application to request certificate issuance file it is specific Content is with no restrictions.In a kind of possible embodiment, request in certificate issuance file to further include the first pairing code.
Step S202: the request certificate issuance file that server receiving terminal equipment is sent.
It requests certificate issuance file to be used for request server grant a certificate, requests to include certificate signature in certificate issuance file Demand file CSR.
Step S203: server is according to request certificate issuance file grant a certificate.
Server is after the request certificate issuance file that receiving terminal apparatus is sent, according to request certificate issuance file label It issues licence, the embodiment of the present application does not limit server according to the specific implementation of request certificate issuance file grant a certificate System.
Step S204: server sends certificate to terminal device and vehicle device.
Server after grant a certificate, under issue licence to terminal device and vehicle device.
Step S205: vehicle device receives the certificate that server is sent.
Step S206: terminal device receives the certificate that server is sent.
In a kind of possible embodiment, request include the first pairing code in certificate issuance file, Fig. 5 is this Apply for the interaction diagrams for the certificate issuance that an embodiment provides, this method can be held by the communication device of terminal device and vehicle device Row, which can be realized by way of software and/or hardware, as shown in figure 5, the method in the embodiment of the present application is in step Can also include: before S201
Step S301: vehicle device to server send pairing request, pairing request for request server to terminal device into Row certification.
Vehicle device sends pairing request to server, can be triggered by the user's operations such as touch, click on of the user to vehicle device Vehicle device is in pairing mode, and then vehicle device is made to send pairing request to server, may include terminal device in pairing request The mark of mark and vehicle device, the embodiment of the present application are without limitation.
Step S302: server receives the pairing request that vehicle device is sent, and pairing request sets terminal for request server It is standby to be authenticated.
Step S303: server generates the second pairing code according to pairing request.
Server receives the pairing request that vehicle device is sent, and generates the second pairing code, the embodiment of the present application according to pairing request With no restrictions to the mode how to generate the second pairing code according to pairing request, such as dynamic password (One-time can be passed through Password, OTP) mode, generate second pairing code, to be authenticated to terminal device.
Step S304: server sends the second pairing code to terminal device.
The embodiment of the present application sends the implementation of the second pairing code with no restrictions to terminal device to server.
Step S305: terminal device receives the second pairing code that server is sent.
Step S306: terminal device obtains the first pairing code.
Terminal device is after receiving the second pairing code of server transmission, it is also necessary to obtain the first pairing code, first Match the pairing code that code can be inputted by user.
Adaptability, step S203 may include:
Step S306: server verifies the first pairing code, if being verified, according to request certificate issuance file Grant a certificate.
Server verifies the first pairing code, can be real by way of the first pairing code of matching and the second pairing code It is existing, if the first pairing code and the second pairing code are mutually matched, the first pairing code is verified.
The communication device, terminal device, vehicle device, service of terminal device provided by the embodiments of the present application and vehicle device is described below Device, storage medium and computer program product, content and effect can refer to first aspect to the terminal that the third aspect provides and set The standby communication means with vehicle device.
The embodiment of the present application provides the communication device of a kind of terminal device and vehicle device, provided by the above embodiment for executing The communication means of terminal device and vehicle device, the embodiment of the present application do not limit the type of the communication device of terminal device and vehicle device System, content and effect can refer to above-described embodiment, repeat no more.
The embodiment of the present application provides a kind of terminal device, and Fig. 6 is the structure for the terminal device that one embodiment of the application provides Schematic diagram, as shown in fig. 6, terminal device provided by the embodiments of the present application may include:
Transmitter 61 is controlled and is wrapped in request message for sending control request message to vehicle device by secure communication channel Private key signature is included, control request message is for requesting vehicle device to verify terminal device.
Receiver 62, the verifying message sent for receiving vehicle device by secure communication channel, verifying message are used to indicate Whether vehicle device is proved to be successful terminal device.
Optionally, if vehicle device is proved to be successful terminal device, terminal device is target terminal equipment, target terminal equipment For controlling vehicle device.
Optionally, transmitter 61, are also used to send request certificate issuance file to server, and request certificate issuance file is used In request server grant a certificate, request to include Certificate Signature Request file CSR in certificate issuance file;Receiver 62, is also used In the certificate for receiving server transmission.
Optionally, receiver 62 are also used to receive the first pairing code of server transmission.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
The embodiment of the present application provides a kind of vehicle device, and Fig. 7 is the structural schematic diagram for the vehicle device that one embodiment of the application provides, such as Shown in Fig. 7, vehicle device provided by the embodiments of the present application may include:
Receiver 71, for the control request message that receiving terminal apparatus is sent by secure communication channel, control request It include private key signature in message;Processor 72, for being verified by target certificate to private key signature, target certificate is vehicle device In any one at least one certificate;Transmitter 73 disappears for sending verifying to terminal device by secure communication channel Breath, verifying message are used to indicate whether vehicle device is proved to be successful terminal device.
Optionally, processor 72 is also used to: target certificate is determined, in the public key in target certificate and target terminal equipment Private key is a pair of secret keys pair, and target terminal equipment is for controlling vehicle device.
Optionally, transmitter 73 is also used to: sending pairing request to server, pairing request is for request server to end End equipment is authenticated;Receiver 71 is also used to receive the certificate of server transmission.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
The embodiment of the present application provides a kind of server, and Fig. 8 is the structural representation for the server that one embodiment of the application provides Figure, as shown in figure 8, server provided by the embodiments of the present application may include:
Receiver 81, for the request certificate issuance file that receiving terminal apparatus is sent, request certificate issuance file is used for Request server grant a certificate requests to include Certificate Signature Request file CSR in certificate issuance file;Processor 82 is used for root According to request certificate issuance file grant a certificate;Transmitter 83, for sending certificate to terminal device and vehicle device.
Optionally, receiver 81 are also used to receive the pairing request of vehicle device, and pairing request is for request server to terminal Equipment is authenticated;Transmitter 83 is also used to send the first pairing code to terminal device.
Optionally, it requests to further include the first pairing code in certificate issuance file, processor 82, be also used to the first pairing code It is verified, if being verified, according to request certificate issuance file grant a certificate.
In addition, the embodiment of the present application also provides a kind of computer readable storage medium, deposited in computer readable storage medium Computer executed instructions are contained, when at least one processor of user equipment executes the computer executed instructions, user equipment Execute above-mentioned various possible methods.
Wherein, computer-readable medium includes computer storage media and communication media, and wherein communication media includes being convenient for From a place to any medium of another place transmission computer program.Storage medium can be general or specialized computer Any usable medium that can be accessed.A kind of illustrative storage medium is coupled to processor, to enable a processor to from this Read information, and information can be written to the storage medium.Certainly, storage medium is also possible to the composition portion of processor Point.Pocessor and storage media can be located in ASIC.In addition, the ASIC can be located in user equipment.Certainly, processor and Storage medium can also be used as discrete assembly and be present in communication equipment.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above-mentioned each method embodiment can lead to The relevant hardware of program instruction is crossed to complete.Program above-mentioned can be stored in a computer readable storage medium.The journey When being executed, execution includes the steps that above-mentioned each method embodiment to sequence;And storage medium above-mentioned include: ROM, RAM, magnetic disk or The various media that can store program code such as person's CD.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution The range of scheme.

Claims (27)

1. the communication means of a kind of terminal device and vehicle device characterized by comprising
Control request message is sent to vehicle device by secure communication channel, includes private key signature, institute in the control request message Control request message is stated for requesting the vehicle device to verify the terminal device;
The verifying message that the vehicle device is sent by the secure communication channel is received, the verifying message is used to indicate the vehicle Whether machine is proved to be successful the terminal device.
2. the method according to claim 1, wherein including:
If the vehicle device is proved to be successful the terminal device, the terminal device is target terminal equipment, and the target is whole End equipment is for controlling the vehicle device.
3. according to the method described in claim 2, it is characterized in that, in terminal device by the secure communication channel to vehicle device It sends before controlling request message, further includes:
Request certificate issuance file is sent to server, the request certificate issuance file is for requesting the server to sign and issue card Book includes Certificate Signature Request file CSR in the request certificate issuance file;
Receive the certificate that the server is sent.
4. according to the method described in claim 3, it is characterized in that, the request certificate issuance file further includes the first pairing Code, before the terminal device sends request certificate issuance file to server, further includes:
Receive the second pairing code that the server is sent;
Obtain the first pairing code.
5. method according to claim 1-4, which is characterized in that
The secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
6. the communication means of a kind of terminal device and vehicle device characterized by comprising
The control request message that receiving terminal apparatus is sent by secure communication channel includes private key in the control request message Signature;
The private key signature is verified by target certificate, the target certificate is appointing at least one certificate in vehicle device Meaning one;
Verifying message is sent to the terminal device by the secure communication channel, the verifying message is used to indicate the vehicle Whether machine is proved to be successful the terminal device.
7. according to the method described in claim 6, it is characterized in that, being sent out in the receiving terminal apparatus by secure communication channel Before the control request message sent, further includes:
Determine target certificate, the public key in the target certificate and the private key in target terminal equipment are a pair of secret keys pair, described Target terminal equipment is for controlling the vehicle device.
8. the method according to the description of claim 7 is characterized in that before the determining target certificate, further includes:
Pairing request is sent to server, the pairing request is for requesting the server to recognize the terminal device Card;
Receive the certificate that the server is sent.
9. according to the described in any item methods of claim 6-8 characterized by comprising
The secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
10. the communication means of a kind of terminal device and vehicle device characterized by comprising
The request certificate issuance file that receiving terminal apparatus is sent, the request certificate issuance file are signed and issued for request server Certificate includes Certificate Signature Request file CSR in the request certificate issuance file;
According to the request certificate issuance file grant a certificate;
The certificate is sent to the terminal device and vehicle device.
11. according to the method described in claim 10, it is characterized by further comprising:
The pairing request of vehicle device is received, the pairing request is for requesting the server to authenticate the terminal device;
The second pairing code is generated according to the pairing request;
The second pairing code is sent to the terminal device.
12. according to the method for claim 11, which is characterized in that further include first matching in the request certificate issuance file To code, it is described according to the request certificate issuance file grant a certificate before, further includes:
The first pairing code is verified, if being verified, the card is signed and issued according to the request certificate issuance file Book.
13. the communication device of a kind of terminal device and vehicle device, which is characterized in that for executing such as any one of claim 1-5 institute The method stated.
14. the communication device of a kind of terminal device and vehicle device, which is characterized in that for executing such as any one of claim 6-9 institute The method stated.
15. the communication device of a kind of terminal device and vehicle device, which is characterized in that for executing such as any one of claim 10-12 The method.
16. a kind of terminal device characterized by comprising
Transmitter controls request message for sending by secure communication channel to vehicle device, includes in the control request message Private key signature, the control request message is for requesting the vehicle device to verify the terminal device;
Receiver, the verifying message sent for receiving the vehicle device by the secure communication channel, the verifying message are used Whether the terminal device is proved to be successful in the instruction vehicle device.
17. terminal device according to claim 16 characterized by comprising
If the vehicle device is proved to be successful the terminal device, the terminal device is target terminal equipment, and the target is whole End equipment is for controlling the vehicle device.
18. terminal device according to claim 17, which is characterized in that
The transmitter is also used to send request certificate issuance file to server, and the request certificate issuance file is for asking The server grant a certificate is sought, includes Certificate Signature Request file CSR in the request certificate issuance file;
The receiver is also used to receive the certificate that the server is sent.
19. terminal device according to claim 18, which is characterized in that
The receiver is also used to receive the second pairing code that the server is sent;
It is also used to obtain the first pairing code.
20. the described in any item terminal devices of 6-19 according to claim 1, which is characterized in that
The secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
21. a kind of vehicle device characterized by comprising
Receiver, for the control request message that receiving terminal apparatus is sent by secure communication channel, the control request disappears It include private key signature in breath;
Processor, for being verified by target certificate to the private key signature, the target certificate is at least one in vehicle device Any one in a certificate;
Transmitter, for sending verifying message to the terminal device by the secure communication channel, the verifying message is used Whether the terminal device is proved to be successful in the instruction vehicle device.
22. vehicle device according to claim 21, which is characterized in that the processor is also used to:
Determine target certificate, the public key in the target certificate and the private key in target terminal equipment are a pair of secret keys pair, described Target terminal equipment is for controlling the vehicle device.
23. vehicle device according to claim 22, which is characterized in that
The transmitter is also used to: sending pairing request to server, the pairing request is for requesting the server to institute Terminal device is stated to be authenticated;
The receiver is also used to receive the certificate that the server is sent.
24. according to the described in any item vehicle devices of claim 21-23 characterized by comprising
The secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
25. a kind of server characterized by comprising
Receiver, for the request certificate issuance file that receiving terminal apparatus is sent, the request certificate issuance file is for asking Server grant a certificate is sought, includes Certificate Signature Request file CSR in the request certificate issuance file;
Processor, for according to the request certificate issuance file grant a certificate;
Transmitter, for sending the certificate to the terminal device and vehicle device.
26. server according to claim 25, which is characterized in that
The receiver is also used to receive the pairing request of vehicle device, and the pairing request is for requesting the server to described Terminal device is authenticated;
The processor is also used to generate the second pairing code according to the pairing request;
The transmitter is also used to send the second pairing code to the terminal device.
27. server according to claim 26, which is characterized in that further include first in the request certificate issuance file Code is matched,
The processor is also used to verify the first pairing code, if being verified, according to the request certificate label Fat file signs and issues the certificate.
CN201910718809.0A 2019-08-05 2019-08-05 Communication method and device of terminal equipment and vehicle machine Active CN110417798B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910718809.0A CN110417798B (en) 2019-08-05 2019-08-05 Communication method and device of terminal equipment and vehicle machine

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910718809.0A CN110417798B (en) 2019-08-05 2019-08-05 Communication method and device of terminal equipment and vehicle machine

Publications (2)

Publication Number Publication Date
CN110417798A true CN110417798A (en) 2019-11-05
CN110417798B CN110417798B (en) 2022-03-08

Family

ID=68365922

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910718809.0A Active CN110417798B (en) 2019-08-05 2019-08-05 Communication method and device of terminal equipment and vehicle machine

Country Status (1)

Country Link
CN (1) CN110417798B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111970659A (en) * 2020-07-27 2020-11-20 恒大新能源汽车投资控股集团有限公司 Vehicle control method and system based on terminal equipment
CN113973280A (en) * 2020-07-22 2022-01-25 广州汽车集团股份有限公司 Vehicle-mounted message transmission method, device and system
CN114885328A (en) * 2021-01-21 2022-08-09 华为技术有限公司 Vehicle machine connecting method and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105245552A (en) * 2015-11-18 2016-01-13 北京京东世纪贸易有限公司 Intelligent equipment, terminal equipment and method for implementing safe control authorization
CN105472192A (en) * 2015-11-18 2016-04-06 北京京东世纪贸易有限公司 Intelligent equipment capable of realizing control safety authorization and sharing, terminal equipment and method
CN106210047A (en) * 2016-07-11 2016-12-07 北京长安汽车工程技术研究有限责任公司 A kind of vehicle information management method, system and car networked system
CN106453330A (en) * 2016-10-18 2017-02-22 深圳市金立通信设备有限公司 Identity authentication method and system
CN109466507A (en) * 2018-12-06 2019-03-15 上海博泰悦臻电子设备制造有限公司 Car door lock state synchronization method based on mobile phone screen, server, synchronization system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105245552A (en) * 2015-11-18 2016-01-13 北京京东世纪贸易有限公司 Intelligent equipment, terminal equipment and method for implementing safe control authorization
CN105472192A (en) * 2015-11-18 2016-04-06 北京京东世纪贸易有限公司 Intelligent equipment capable of realizing control safety authorization and sharing, terminal equipment and method
CN106210047A (en) * 2016-07-11 2016-12-07 北京长安汽车工程技术研究有限责任公司 A kind of vehicle information management method, system and car networked system
CN106453330A (en) * 2016-10-18 2017-02-22 深圳市金立通信设备有限公司 Identity authentication method and system
CN109466507A (en) * 2018-12-06 2019-03-15 上海博泰悦臻电子设备制造有限公司 Car door lock state synchronization method based on mobile phone screen, server, synchronization system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113973280A (en) * 2020-07-22 2022-01-25 广州汽车集团股份有限公司 Vehicle-mounted message transmission method, device and system
CN113973280B (en) * 2020-07-22 2023-09-01 广州汽车集团股份有限公司 Vehicle-mounted message transmission method, device and system
CN111970659A (en) * 2020-07-27 2020-11-20 恒大新能源汽车投资控股集团有限公司 Vehicle control method and system based on terminal equipment
CN114885328A (en) * 2021-01-21 2022-08-09 华为技术有限公司 Vehicle machine connecting method and device
CN114885328B (en) * 2021-01-21 2024-01-16 华为技术有限公司 Vehicle-computer connection method and device

Also Published As

Publication number Publication date
CN110417798B (en) 2022-03-08

Similar Documents

Publication Publication Date Title
CN105991643B (en) Method and apparatus for secure bluetooth communication
JP6299047B2 (en) Certification acquisition method and apparatus
CN108122311B (en) Vehicle virtual key implementation method and system
WO2022027957A1 (en) Safe distribution method, device and system of vehicle bluetooth key and storage medium
CN109842862A (en) Secure short range wireless communication connection is established in the car
CN112543927B (en) Equipment upgrading method and related equipment
CN112055952A (en) Vehicle-mounted equipment upgrading method and related equipment
US9154947B2 (en) Secure home-to-vehicle wireless connectivity
CN110417798A (en) The communication means and device of terminal device and vehicle device
CN110380852A (en) Mutual authentication method and communication system
CN107256188B (en) Android device control method and device, terminal and storage medium
WO2018040642A1 (en) Method and device for controlling vehicle to connect to mobile terminal, and vehicle
WO2014121708A2 (en) Message certification application method, device, and system
CN109040285A (en) Method, apparatus, storage medium and the vehicle of In-vehicle networking safety certification
CN112396712A (en) ETC electronic tag secondary issuing method, system and storage medium
CN108650220A (en) Provide, obtain method, the equipment of mobile terminal certificate and automobile end chip certificate
CN104053149A (en) Method and system for realizing security mechanism of vehicle networking equipment
CN110247884A (en) A kind of method, apparatus, system and the computer readable storage medium of more new authentication
JP2023506661A (en) Certificate application method and device
CN109041263A (en) A kind of TBox Bluetooth connecting method and device
CN111510448A (en) Communication encryption method, device and system in OTA (over the air) upgrade of automobile
CN109618313A (en) A kind of vehicle-mounted Bluetooth equipment and attaching method thereof, system
CN108718309B (en) Vehicle identity authentication method and device
CN114297597B (en) Account management method, system, equipment and computer readable storage medium
CN115550886A (en) Vehicle-mounted augmented reality equipment control method and system and vehicle-mounted interaction system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant