CN110417798A - The communication means and device of terminal device and vehicle device - Google Patents
The communication means and device of terminal device and vehicle device Download PDFInfo
- Publication number
- CN110417798A CN110417798A CN201910718809.0A CN201910718809A CN110417798A CN 110417798 A CN110417798 A CN 110417798A CN 201910718809 A CN201910718809 A CN 201910718809A CN 110417798 A CN110417798 A CN 110417798A
- Authority
- CN
- China
- Prior art keywords
- certificate
- request
- terminal device
- vehicle device
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
- H04L67/125—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/006—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention provides the communication means and device of a kind of terminal device and vehicle device, this method includes that terminal device passes through secure communication channel to vehicle device transmission control request message, controlling includes private key signature in request message, and control request message is for requesting vehicle device to verify terminal device;The verifying message that vehicle device is sent by secure communication channel is received, verifying message is used to indicate whether vehicle device is proved to be successful terminal device.The verifying when terminal device is communicated with vehicle device to terminal device is realized, the safety of vehicle control is improved.
Description
Technical field
The present invention relates to the communication means and dress of onboard system technical field more particularly to a kind of terminal device and vehicle device
It sets.
Background technique
As rapid economic development and living standards of the people are continuously improved, automobile has been increasingly becoming more and more people's
Walking-replacing tool, in addition, electronic equipment integrates with the progress of wireless technology, automotive electronic technology and automatic control technology
Spend it is higher and higher, in vehicle device integrate various functions it is more and more, various advanced mechanicss of communication start to be applied in vehicle device, vehicle
Machine is no longer an isolated equipment, it can establish the channel of an information interchange with the external world.In order to provide vehicle stool control mode benefit, lead to
Connection is often established by terminal device and vehicle device, and vehicle progress vehicle window control, music, broadcast are broadcast by terminal device
It puts, the operation such as map is checked.
In order to realize the communication between terminal device and vehicle device, in the prior art, the connection between terminal device and vehicle device,
The communication between vehicle device and terminal device is usually realized by bluetooth.
However, in the prior art, by bluetooth point-to-point communication, safety is relatively weak, can not for terminal device and vehicle device
Meet the demand for security of vehicle.
Summary of the invention
The present invention provides the communication means and device of a kind of terminal device and vehicle device, ensure that terminal device and vehicle device
Communications security, and then improve the safety of vehicle.
In a first aspect, the embodiment of the present application provides the communication means of a kind of terminal device and vehicle device, comprising:
Control request message is sent to vehicle device by secure communication channel, controlling includes private key signature in request message, control
Request message processed is for requesting vehicle device to verify terminal device;Vehicle device is received to disappear by the verifying that secure communication channel is sent
Breath, verifying message are used to indicate whether vehicle device is proved to be successful terminal device.
In the embodiment of the present application, control request message is sent to vehicle device by secure communication channel, realizes and control is asked
The encryption for asking message to transmit, in addition, including private key signature in control request message, private key signature demonstrates transmission control request and disappears
The authenticity and non repudiation (authenticity) of the terminal device of breath further ensure the logical of terminal device and vehicle device
Believe safety, and then improves the safety of vehicle.
Optionally, the communication means of terminal device provided by the embodiments of the present application and vehicle device, comprising:
If vehicle device is proved to be successful terminal device, terminal device be target terminal equipment, target terminal equipment for pair
Vehicle device is controlled.
Optionally, before terminal device sends control request message to vehicle device by secure communication channel, further includes:
Request certificate issuance file is sent to server, request certificate issuance file is used for request server grant a certificate,
It requests to include Certificate Signature Request file (Certificate Signing Request, CSR) in certificate issuance file;It receives
The certificate that server is sent.
Optionally, request certificate issuance file further includes the first pairing code, please be solved in terminal device to server transmission
Before bookmark fat file, further includes:
Receive the second pairing code that server is sent;Obtain the first pairing code.
Optionally, secure communication channel is bidirectional safe transport layer protocol (Transport Layer Security, TLS)
Verify channel.
Second aspect, the embodiment of the present application provide the communication means of a kind of terminal device and vehicle device, comprising:
The control request message that receiving terminal apparatus is sent by secure communication channel, controlling includes private key in request message
Signature;Private key signature is verified by target certificate, target certificate is any one at least one certificate in vehicle device;
Verifying message is sent to terminal device by secure communication channel, verifying message is used to indicate whether vehicle device is verified terminal device
Success.
Optionally, before the control request message that receiving terminal apparatus is sent by secure communication channel, further includes:
Determine target certificate, the public key in target certificate and the private key in target terminal equipment are a pair of secret keys pair, target
Terminal device is for controlling vehicle device.
Optionally, before determining target certificate, further includes:
Pairing request is sent to server, pairing request authenticates terminal device for request server;Receive clothes
The certificate that business device is sent.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
The third aspect, the embodiment of the present application provide the communication means of a kind of terminal device and vehicle device, comprising:
The request certificate issuance file that receiving terminal apparatus is sent, request certificate issuance file are signed and issued for request server
Certificate requests to include Certificate Signature Request file CSR in certificate issuance file;According to request certificate issuance file grant a certificate;
Certificate is sent to terminal device and vehicle device.
Optionally, the communication means of terminal device provided by the embodiments of the present application and vehicle device, further includes:
The pairing request of vehicle device is received, pairing request authenticates terminal device for request server;It is set to terminal
Preparation send the second pairing code.
Optionally, it requests in certificate issuance file to further include the first pairing code, be signed and issued according to request certificate issuance file
Before certificate, further includes:
First pairing code is verified, if being verified, according to request certificate issuance file grant a certificate.
The communication device, terminal device, vehicle device, service of terminal device provided by the embodiments of the present application and vehicle device is described below
Device, storage medium and computer program product, content and effect can refer to first aspect to the terminal that the third aspect provides and set
The standby communication means with vehicle device.
Fourth aspect, the embodiment of the present application provide the communication device of a kind of terminal device and vehicle device, for executing such as first
The method of aspect and first aspect optional way.
5th aspect, the embodiment of the present application provide the communication device of a kind of terminal device and vehicle device, for executing such as second
The method of aspect and second aspect optional way.
6th aspect, the embodiment of the present application provide the communication device of a kind of terminal device and vehicle device, for executing such as third
The method of aspect and third aspect optional way.
7th aspect, the embodiment of the present application provide a kind of terminal device, comprising:
Transmitter controls request message for sending by secure communication channel to vehicle device, includes in control request message
Private key signature, control request message is for requesting vehicle device to verify terminal device.
Receiver, the verifying message sent for receiving vehicle device by secure communication channel, verifying message are used to indicate vehicle
Whether machine is proved to be successful terminal device.
Optionally, if vehicle device is proved to be successful terminal device, terminal device is target terminal equipment, target terminal equipment
For controlling vehicle device.
Optionally, transmitter, is also used to send request certificate issuance file to server, and request certificate issuance file is used for
Request server grant a certificate requests to include Certificate Signature Request file CSR in certificate issuance file;Receiver is also used to connect
Receive the certificate that server is sent.
Optionally, receiver is also used to receive the second pairing code of server transmission;Obtain the first pairing code.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
Eighth aspect, the embodiment of the present application provide a kind of vehicle device, comprising:
Receiver, for the control request message that receiving terminal apparatus is sent by secure communication channel, control request disappears
It include private key signature in breath;Processor, for being verified by target certificate to private key signature, target certificate be vehicle device in extremely
Any one in a certificate less;Transmitter, for sending verifying message, verifying to terminal device by secure communication channel
Message is used to indicate whether vehicle device is proved to be successful terminal device.
Optionally, processor is also used to: determining target certificate, the public key in target certificate and the private in target terminal equipment
Key is a pair of secret keys pair, and target terminal equipment is for controlling vehicle device.
Optionally, transmitter is also used to: sending pairing request to server, pairing request is for request server to terminal
Equipment is authenticated;Receiver is also used to receive the certificate of server transmission.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
9th aspect, the embodiment of the present application provide a kind of server, comprising:
Receiver, for the request certificate issuance file that receiving terminal apparatus is sent, request certificate issuance file is for asking
Server grant a certificate is sought, requests to include Certificate Signature Request file CSR in certificate issuance file;Processor is asked for basis
Solve bookmark fat file grant a certificate;Transmitter, for sending certificate to terminal device and vehicle device.
Optionally, receiver, is also used to receive the pairing request of vehicle device, and pairing request sets terminal for request server
It is standby to be authenticated;Transmitter is also used to send the second pairing code to terminal device.
Optionally, request in certificate issuance file to further include the first pairing code, processor, be also used to the first pairing code into
Row verifying, if being verified, according to request certificate issuance file grant a certificate.
Tenth aspect, the embodiment of the present invention provide a kind of computer readable storage medium, the computer-readable storage medium
Matter is stored with computer program, and the computer program executes server described in first aspect and first aspect optional way
Method.
Tenth on the one hand, and the embodiment of the present invention provides a kind of computer readable storage medium, the computer-readable storage
Media storage has computer program, and the computer program makes server execute second aspect and second aspect optional way institute
The method stated.
12nd aspect, the embodiment of the present invention provide a kind of computer readable storage medium, the computer-readable storage
Media storage has computer program, and the computer program makes server execute the third aspect and third aspect optional way institute
The method stated.
13rd aspect, the embodiment of the present invention provide a kind of computer program product, comprising: executable instruction can be performed
Instruction is for realizing such as first aspect or the method for first aspect optional way.
Fourteenth aspect, the embodiment of the present invention provide a kind of computer program product, comprising: executable instruction can be performed
Instruction is for realizing such as second aspect or the method for second aspect optional way.
15th aspect, the embodiment of the present invention provide a kind of computer program product, comprising: executable instruction can be performed
Instruction is for realizing such as third aspect or the method for third aspect optional way.
The present invention provides the communication means and device of terminal device and vehicle device, is sent and is controlled to vehicle device by secure communication channel
Request message processed, controlling includes private key signature in request message, and control request message is for requesting vehicle device to carry out terminal device
Verifying;The verifying message that vehicle device is sent by secure communication channel is received, verifying message is used to indicate whether vehicle device sets terminal
It is standby to be proved to be successful.Due to sending control request message to vehicle device by secure communication channel, realizes and control request message is passed
Defeated encryption, in addition, including private key signature in control request message, private key signature demonstrates the terminal for sending control request message
The authenticity and non repudiation of equipment realize the encryption again to control request message itself, realize in terminal device
To the verifying of terminal device when being communicated with vehicle device, the safety of vehicle control is improved.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair
Bright some embodiments for those of ordinary skill in the art without any creative labor, can be with
It obtains other drawings based on these drawings.
Fig. 1 is exemplary application scene figure provided by the embodiments of the present application;
Fig. 2 is one example implementations schematic diagram of the embodiment of the present application;
Fig. 3 is the interaction diagrams of the communication means of the terminal device that one embodiment of the application provides and vehicle device;
Fig. 4 is the interaction diagrams of the communication means of another embodiment of the application terminal device provided and vehicle device;
Fig. 5 is the interaction diagrams for the certificate issuance that one embodiment of the application provides;
Fig. 6 is the structural schematic diagram for the terminal device that one embodiment of the application provides;
Fig. 7 is the structural schematic diagram for the vehicle device that one embodiment of the application provides;
Fig. 8 is the structural schematic diagram for the server that one embodiment of the application provides.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
Description and claims of this specification and term " first ", " second ", " third ", " in above-mentioned attached drawing
The (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manage
The data that solution uses in this way are interchangeable under appropriate circumstances, so that the embodiment of the present invention described herein for example can be to remove
Sequence other than those of illustrating or describe herein is implemented.In addition, term " includes " and " having " and theirs is any
Deformation, it is intended that cover it is non-exclusive include, for example, containing the process, method of a series of steps or units, system, production
Product or equipment those of are not necessarily limited to be clearly listed step or unit, but may include be not clearly listed or for this
A little process, methods, the other step or units of product or equipment inherently.
As rapid economic development and living standards of the people are continuously improved, automobile has been increasingly becoming more and more people's
Walking-replacing tool, in addition, electronic equipment integrates with the progress of wireless technology, automotive electronic technology and automatic control technology
Spend it is higher and higher, in vehicle device integrate various functions it is more and more, various advanced mechanicss of communication start to be applied in vehicle device, vehicle
Machine is no longer an isolated equipment, it can establish the channel of an information interchange with the external world.In order to provide vehicle stool control mode benefit, lead to
Connection is often established by terminal device and vehicle device, and vehicle progress vehicle window control, music, broadcast are broadcast by terminal device
It puts, the operation such as map is checked.In order to realize terminal device and vehicle device establishes connection, in the prior art, terminal device and vehicle device it
Between connection, the connection between vehicle device and terminal device is usually established by way of Bluetooth broadcast, is unable to satisfy vehicle-mounted peace
Full demand.To solve the above-mentioned problems, the embodiment of the present application provides the communication means and device of a kind of terminal device and vehicle device.
Hereinafter, the exemplary application scene to the embodiment of the present invention is introduced.
Fig. 1 is exemplary application scene figure provided by the embodiments of the present application, as shown in Figure 1, in the application of ride-on vehicles
In scene, for vehicle device between driver and assistant driver seat, the user for riding in driving and assistant driver seat can pass through vehicle
Machine controls the air-conditioning of vehicle interior, vehicle window, music, broadcast etc..Rear passenger 11 is located at the heel row of vehicle, due to
It is not available the control that vehicle device carries out vehicle interior, needs to be attached with vehicle device by other means, to realize vehicle control.Fig. 2
It is one example implementations schematic diagram of the embodiment of the present application, as shown in Fig. 2, rear passenger can pass through terminal device 12 and vehicle
Machine 13 establishes connection, and then control of the rear passenger to vehicle interior can be realized by the application software in terminal device 12,
Terminal device can be smart phone, PC, user terminal, tablet computer, wearable device etc., the embodiment of the present application pair
The type of terminal device with no restrictions, in addition, the embodiment of the present application to the type of vehicle device also with no restrictions, as long as can be with terminal
Equipment establishes connection.
The communication means and device of a kind of terminal device and vehicle device are provided based on this embodiment of the present application.
Fig. 3 is the interaction diagrams of the communication means of the terminal device that one embodiment of the application provides and vehicle device, this method
It can be executed by terminal device and the communication device of vehicle device, which can be realized by way of software and/or hardware, this reality
The application scenarios for applying example are that terminal device sends control request message, and request controls vehicle device.As shown in figure 3, the application
Method in embodiment may include:
Step S101: terminal device sends control request message to vehicle device by secure communication channel, controls request message
In include private key signature, control request message is for requesting vehicle device to verify terminal device.
Terminal device sends control request message to vehicle device by secure communication channel, and secure communication channel is for realizing right
The encryption of communication channel, in a kind of possible embodiment, secure communication channel is bidirectional safe transport layer protocol TLS verifying
Channel, the embodiment of the present application are without limitation.
Optionally, (Message Queuing can be transmitted using message queue telemetering between terminal device and vehicle device
Telemetry Transport, MQTT) communication protocol carries out data transmission, and MQTT carries out the transmitted in both directions of data, and expense is non-
Often small, support is multilingual, and can adapt to the network transmission demand of various unstable operations, and exploitation is convenient, ensure that stabilization
Property, ease for use, the attainability of data.On the basis of being carried out data transmission using MQTT communication protocol, to terminal device and vehicle
The communication link of machine uses TLS bi-directional verification, it is ensured that in transmission process, data can not be tampered and monitor, physically
A possibility for having completely cut off go-between's contact, to protect channel security.
Controlling in request message includes private key signature, can also include the mark of the control instruction and terminal device to vehicle device
Know, the embodiment of the present application to control request message concrete form and included content with no restrictions.Control request message
For requesting vehicle device to verify terminal device.
Step S102: the control request message that vehicle device receiving terminal apparatus is sent by secure communication channel, control request
It include private key signature in message.
The control request message that vehicle device receiving terminal apparatus is sent by secure communication channel, and identify control request message
In private key signature, with prepare private key signature is verified.
Step S103: vehicle device verifies private key signature by target certificate, and target certificate is at least one in vehicle device
Any one in certificate.
In practical application scene, it is understood that there may be multiple terminal devices and vehicle device establish trusting relationship, therefore in vehicle device
There may be multiple certificates, and the public key in certificate is corresponded from the private key in different terminal devices, in order to realize target
Control of the terminal device to vehicle device optionally before through step S103, can also comprise determining that target certificate, target card
The private key in public key and target terminal equipment in book is a pair of secret keys pair, and target terminal equipment is for controlling vehicle device.
Determine that target certificate can determine that the embodiment of the present application is specific to determining target certificate by user in vehicle device
Embodiment is with no restrictions.Public key in target certificate and the private key in target terminal equipment are a pair of secret keys pair, and vehicle device can be with
The private key signature in terminal device is verified by the public key in target certificate, to determine whether terminal device can be with vehicle
Machine is communicated.
Step S104: vehicle device sends verifying message to terminal device by secure communication channel, and verifying message is used to indicate
Whether vehicle device is proved to be successful terminal device.
Vehicle device, can also be by secure communication channel to terminal after being proved to be successful by target certificate to private key signature
Equipment sends verifying message, to indicate whether vehicle device is proved to be successful terminal device.Class of the embodiment of the present application to verifying message
Type and content are with no restrictions.
Step S105: terminal device receives the verifying message that vehicle device is sent by secure communication channel, and verifying message is used for
Whether instruction vehicle device is proved to be successful terminal device.
Terminal device receives the verifying message that vehicle device is sent by secure communication channel, optionally, if vehicle device sets terminal
Standby to be proved to be successful, then terminal device is target terminal equipment, and target terminal equipment is for controlling vehicle device.Therefore, terminal
Equipment and vehicle device can be carried out data transmission by MQTT agreement, to realize control of the target terminal equipment to vehicle device.
Optionally, if vehicle device is proved to be successful terminal device, terminal device is illegal command to the control instruction of vehicle device,
Terminal device can not be communicated with vehicle device, also cannot achieve control of the terminal device to vehicle device, and then ensure that the peace of vehicle device
Quan Xing.
In the embodiment of the present application, control request message is sent to vehicle device by secure communication channel, realizes and control is asked
The encryption of the communication channel of message is asked, in addition, including private key signature in control request message, private key signature demonstrates transmission control
The authenticity and non repudiation of the terminal device of request message realize the encryption again to control request message itself, into
And it ensure that the communications security of terminal device and vehicle device.
In a kind of possible embodiment, control request is being sent to vehicle device by secure communication channel in terminal device
It, can be with request server certificate, to guarantee the communication security of terminal device and vehicle device before message.Fig. 4 is the application
The interaction diagrams of the communication means of terminal device and vehicle device that another embodiment provides, this method can be by terminal device and vehicle
The communication device of machine executes, which can be realized by way of software and/or hardware, as shown in figure 4, the embodiment of the present application
In method may include:
Step S201: terminal device sends request certificate issuance file to server, and request certificate issuance file is for asking
Server grant a certificate is sought, requests to include Certificate Signature Request file CSR in certificate issuance file.
Terminal device sends request certificate issuance file to server, requests in certificate issuance file to may include CSR,
CSR is terminal device when applying for certificate, while generating private key, also generates Certificate Signature Request file, terminal device handle
After CSR file submits to certification authority, certification authority just generates CertPubKey using its root certificate private key signature
File, that is, it is presented to the certificate of user.Therefore, server can be public base setting server (Public Key
Infrastructure, PKI), PKI be it is a kind of follow standard provide one using public key cryptography for the development of e-commerce
The technology and specification of foundation for security platform are covered, PKI server is issued for realizing to certificate.
Requesting certificate issuance file can also include product ID, MAC Address (the Media Access of terminal device
Control Medium Access Control) etc. information, the embodiment of the present application to request certificate issuance file it is specific
Content is with no restrictions.In a kind of possible embodiment, request in certificate issuance file to further include the first pairing code.
Step S202: the request certificate issuance file that server receiving terminal equipment is sent.
It requests certificate issuance file to be used for request server grant a certificate, requests to include certificate signature in certificate issuance file
Demand file CSR.
Step S203: server is according to request certificate issuance file grant a certificate.
Server is after the request certificate issuance file that receiving terminal apparatus is sent, according to request certificate issuance file label
It issues licence, the embodiment of the present application does not limit server according to the specific implementation of request certificate issuance file grant a certificate
System.
Step S204: server sends certificate to terminal device and vehicle device.
Server after grant a certificate, under issue licence to terminal device and vehicle device.
Step S205: vehicle device receives the certificate that server is sent.
Step S206: terminal device receives the certificate that server is sent.
In a kind of possible embodiment, request include the first pairing code in certificate issuance file, Fig. 5 is this
Apply for the interaction diagrams for the certificate issuance that an embodiment provides, this method can be held by the communication device of terminal device and vehicle device
Row, which can be realized by way of software and/or hardware, as shown in figure 5, the method in the embodiment of the present application is in step
Can also include: before S201
Step S301: vehicle device to server send pairing request, pairing request for request server to terminal device into
Row certification.
Vehicle device sends pairing request to server, can be triggered by the user's operations such as touch, click on of the user to vehicle device
Vehicle device is in pairing mode, and then vehicle device is made to send pairing request to server, may include terminal device in pairing request
The mark of mark and vehicle device, the embodiment of the present application are without limitation.
Step S302: server receives the pairing request that vehicle device is sent, and pairing request sets terminal for request server
It is standby to be authenticated.
Step S303: server generates the second pairing code according to pairing request.
Server receives the pairing request that vehicle device is sent, and generates the second pairing code, the embodiment of the present application according to pairing request
With no restrictions to the mode how to generate the second pairing code according to pairing request, such as dynamic password (One-time can be passed through
Password, OTP) mode, generate second pairing code, to be authenticated to terminal device.
Step S304: server sends the second pairing code to terminal device.
The embodiment of the present application sends the implementation of the second pairing code with no restrictions to terminal device to server.
Step S305: terminal device receives the second pairing code that server is sent.
Step S306: terminal device obtains the first pairing code.
Terminal device is after receiving the second pairing code of server transmission, it is also necessary to obtain the first pairing code, first
Match the pairing code that code can be inputted by user.
Adaptability, step S203 may include:
Step S306: server verifies the first pairing code, if being verified, according to request certificate issuance file
Grant a certificate.
Server verifies the first pairing code, can be real by way of the first pairing code of matching and the second pairing code
It is existing, if the first pairing code and the second pairing code are mutually matched, the first pairing code is verified.
The communication device, terminal device, vehicle device, service of terminal device provided by the embodiments of the present application and vehicle device is described below
Device, storage medium and computer program product, content and effect can refer to first aspect to the terminal that the third aspect provides and set
The standby communication means with vehicle device.
The embodiment of the present application provides the communication device of a kind of terminal device and vehicle device, provided by the above embodiment for executing
The communication means of terminal device and vehicle device, the embodiment of the present application do not limit the type of the communication device of terminal device and vehicle device
System, content and effect can refer to above-described embodiment, repeat no more.
The embodiment of the present application provides a kind of terminal device, and Fig. 6 is the structure for the terminal device that one embodiment of the application provides
Schematic diagram, as shown in fig. 6, terminal device provided by the embodiments of the present application may include:
Transmitter 61 is controlled and is wrapped in request message for sending control request message to vehicle device by secure communication channel
Private key signature is included, control request message is for requesting vehicle device to verify terminal device.
Receiver 62, the verifying message sent for receiving vehicle device by secure communication channel, verifying message are used to indicate
Whether vehicle device is proved to be successful terminal device.
Optionally, if vehicle device is proved to be successful terminal device, terminal device is target terminal equipment, target terminal equipment
For controlling vehicle device.
Optionally, transmitter 61, are also used to send request certificate issuance file to server, and request certificate issuance file is used
In request server grant a certificate, request to include Certificate Signature Request file CSR in certificate issuance file;Receiver 62, is also used
In the certificate for receiving server transmission.
Optionally, receiver 62 are also used to receive the first pairing code of server transmission.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
The embodiment of the present application provides a kind of vehicle device, and Fig. 7 is the structural schematic diagram for the vehicle device that one embodiment of the application provides, such as
Shown in Fig. 7, vehicle device provided by the embodiments of the present application may include:
Receiver 71, for the control request message that receiving terminal apparatus is sent by secure communication channel, control request
It include private key signature in message;Processor 72, for being verified by target certificate to private key signature, target certificate is vehicle device
In any one at least one certificate;Transmitter 73 disappears for sending verifying to terminal device by secure communication channel
Breath, verifying message are used to indicate whether vehicle device is proved to be successful terminal device.
Optionally, processor 72 is also used to: target certificate is determined, in the public key in target certificate and target terminal equipment
Private key is a pair of secret keys pair, and target terminal equipment is for controlling vehicle device.
Optionally, transmitter 73 is also used to: sending pairing request to server, pairing request is for request server to end
End equipment is authenticated;Receiver 71 is also used to receive the certificate of server transmission.
Optionally, secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
The embodiment of the present application provides a kind of server, and Fig. 8 is the structural representation for the server that one embodiment of the application provides
Figure, as shown in figure 8, server provided by the embodiments of the present application may include:
Receiver 81, for the request certificate issuance file that receiving terminal apparatus is sent, request certificate issuance file is used for
Request server grant a certificate requests to include Certificate Signature Request file CSR in certificate issuance file;Processor 82 is used for root
According to request certificate issuance file grant a certificate;Transmitter 83, for sending certificate to terminal device and vehicle device.
Optionally, receiver 81 are also used to receive the pairing request of vehicle device, and pairing request is for request server to terminal
Equipment is authenticated;Transmitter 83 is also used to send the first pairing code to terminal device.
Optionally, it requests to further include the first pairing code in certificate issuance file, processor 82, be also used to the first pairing code
It is verified, if being verified, according to request certificate issuance file grant a certificate.
In addition, the embodiment of the present application also provides a kind of computer readable storage medium, deposited in computer readable storage medium
Computer executed instructions are contained, when at least one processor of user equipment executes the computer executed instructions, user equipment
Execute above-mentioned various possible methods.
Wherein, computer-readable medium includes computer storage media and communication media, and wherein communication media includes being convenient for
From a place to any medium of another place transmission computer program.Storage medium can be general or specialized computer
Any usable medium that can be accessed.A kind of illustrative storage medium is coupled to processor, to enable a processor to from this
Read information, and information can be written to the storage medium.Certainly, storage medium is also possible to the composition portion of processor
Point.Pocessor and storage media can be located in ASIC.In addition, the ASIC can be located in user equipment.Certainly, processor and
Storage medium can also be used as discrete assembly and be present in communication equipment.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above-mentioned each method embodiment can lead to
The relevant hardware of program instruction is crossed to complete.Program above-mentioned can be stored in a computer readable storage medium.The journey
When being executed, execution includes the steps that above-mentioned each method embodiment to sequence;And storage medium above-mentioned include: ROM, RAM, magnetic disk or
The various media that can store program code such as person's CD.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to
So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into
Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution
The range of scheme.
Claims (27)
1. the communication means of a kind of terminal device and vehicle device characterized by comprising
Control request message is sent to vehicle device by secure communication channel, includes private key signature, institute in the control request message
Control request message is stated for requesting the vehicle device to verify the terminal device;
The verifying message that the vehicle device is sent by the secure communication channel is received, the verifying message is used to indicate the vehicle
Whether machine is proved to be successful the terminal device.
2. the method according to claim 1, wherein including:
If the vehicle device is proved to be successful the terminal device, the terminal device is target terminal equipment, and the target is whole
End equipment is for controlling the vehicle device.
3. according to the method described in claim 2, it is characterized in that, in terminal device by the secure communication channel to vehicle device
It sends before controlling request message, further includes:
Request certificate issuance file is sent to server, the request certificate issuance file is for requesting the server to sign and issue card
Book includes Certificate Signature Request file CSR in the request certificate issuance file;
Receive the certificate that the server is sent.
4. according to the method described in claim 3, it is characterized in that, the request certificate issuance file further includes the first pairing
Code, before the terminal device sends request certificate issuance file to server, further includes:
Receive the second pairing code that the server is sent;
Obtain the first pairing code.
5. method according to claim 1-4, which is characterized in that
The secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
6. the communication means of a kind of terminal device and vehicle device characterized by comprising
The control request message that receiving terminal apparatus is sent by secure communication channel includes private key in the control request message
Signature;
The private key signature is verified by target certificate, the target certificate is appointing at least one certificate in vehicle device
Meaning one;
Verifying message is sent to the terminal device by the secure communication channel, the verifying message is used to indicate the vehicle
Whether machine is proved to be successful the terminal device.
7. according to the method described in claim 6, it is characterized in that, being sent out in the receiving terminal apparatus by secure communication channel
Before the control request message sent, further includes:
Determine target certificate, the public key in the target certificate and the private key in target terminal equipment are a pair of secret keys pair, described
Target terminal equipment is for controlling the vehicle device.
8. the method according to the description of claim 7 is characterized in that before the determining target certificate, further includes:
Pairing request is sent to server, the pairing request is for requesting the server to recognize the terminal device
Card;
Receive the certificate that the server is sent.
9. according to the described in any item methods of claim 6-8 characterized by comprising
The secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
10. the communication means of a kind of terminal device and vehicle device characterized by comprising
The request certificate issuance file that receiving terminal apparatus is sent, the request certificate issuance file are signed and issued for request server
Certificate includes Certificate Signature Request file CSR in the request certificate issuance file;
According to the request certificate issuance file grant a certificate;
The certificate is sent to the terminal device and vehicle device.
11. according to the method described in claim 10, it is characterized by further comprising:
The pairing request of vehicle device is received, the pairing request is for requesting the server to authenticate the terminal device;
The second pairing code is generated according to the pairing request;
The second pairing code is sent to the terminal device.
12. according to the method for claim 11, which is characterized in that further include first matching in the request certificate issuance file
To code, it is described according to the request certificate issuance file grant a certificate before, further includes:
The first pairing code is verified, if being verified, the card is signed and issued according to the request certificate issuance file
Book.
13. the communication device of a kind of terminal device and vehicle device, which is characterized in that for executing such as any one of claim 1-5 institute
The method stated.
14. the communication device of a kind of terminal device and vehicle device, which is characterized in that for executing such as any one of claim 6-9 institute
The method stated.
15. the communication device of a kind of terminal device and vehicle device, which is characterized in that for executing such as any one of claim 10-12
The method.
16. a kind of terminal device characterized by comprising
Transmitter controls request message for sending by secure communication channel to vehicle device, includes in the control request message
Private key signature, the control request message is for requesting the vehicle device to verify the terminal device;
Receiver, the verifying message sent for receiving the vehicle device by the secure communication channel, the verifying message are used
Whether the terminal device is proved to be successful in the instruction vehicle device.
17. terminal device according to claim 16 characterized by comprising
If the vehicle device is proved to be successful the terminal device, the terminal device is target terminal equipment, and the target is whole
End equipment is for controlling the vehicle device.
18. terminal device according to claim 17, which is characterized in that
The transmitter is also used to send request certificate issuance file to server, and the request certificate issuance file is for asking
The server grant a certificate is sought, includes Certificate Signature Request file CSR in the request certificate issuance file;
The receiver is also used to receive the certificate that the server is sent.
19. terminal device according to claim 18, which is characterized in that
The receiver is also used to receive the second pairing code that the server is sent;
It is also used to obtain the first pairing code.
20. the described in any item terminal devices of 6-19 according to claim 1, which is characterized in that
The secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
21. a kind of vehicle device characterized by comprising
Receiver, for the control request message that receiving terminal apparatus is sent by secure communication channel, the control request disappears
It include private key signature in breath;
Processor, for being verified by target certificate to the private key signature, the target certificate is at least one in vehicle device
Any one in a certificate;
Transmitter, for sending verifying message to the terminal device by the secure communication channel, the verifying message is used
Whether the terminal device is proved to be successful in the instruction vehicle device.
22. vehicle device according to claim 21, which is characterized in that the processor is also used to:
Determine target certificate, the public key in the target certificate and the private key in target terminal equipment are a pair of secret keys pair, described
Target terminal equipment is for controlling the vehicle device.
23. vehicle device according to claim 22, which is characterized in that
The transmitter is also used to: sending pairing request to server, the pairing request is for requesting the server to institute
Terminal device is stated to be authenticated;
The receiver is also used to receive the certificate that the server is sent.
24. according to the described in any item vehicle devices of claim 21-23 characterized by comprising
The secure communication channel is bidirectional safe transport layer protocol TLS verifying channel.
25. a kind of server characterized by comprising
Receiver, for the request certificate issuance file that receiving terminal apparatus is sent, the request certificate issuance file is for asking
Server grant a certificate is sought, includes Certificate Signature Request file CSR in the request certificate issuance file;
Processor, for according to the request certificate issuance file grant a certificate;
Transmitter, for sending the certificate to the terminal device and vehicle device.
26. server according to claim 25, which is characterized in that
The receiver is also used to receive the pairing request of vehicle device, and the pairing request is for requesting the server to described
Terminal device is authenticated;
The processor is also used to generate the second pairing code according to the pairing request;
The transmitter is also used to send the second pairing code to the terminal device.
27. server according to claim 26, which is characterized in that further include first in the request certificate issuance file
Code is matched,
The processor is also used to verify the first pairing code, if being verified, according to the request certificate label
Fat file signs and issues the certificate.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910718809.0A CN110417798B (en) | 2019-08-05 | 2019-08-05 | Communication method and device of terminal equipment and vehicle machine |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910718809.0A CN110417798B (en) | 2019-08-05 | 2019-08-05 | Communication method and device of terminal equipment and vehicle machine |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110417798A true CN110417798A (en) | 2019-11-05 |
CN110417798B CN110417798B (en) | 2022-03-08 |
Family
ID=68365922
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910718809.0A Active CN110417798B (en) | 2019-08-05 | 2019-08-05 | Communication method and device of terminal equipment and vehicle machine |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110417798B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111970659A (en) * | 2020-07-27 | 2020-11-20 | 恒大新能源汽车投资控股集团有限公司 | Vehicle control method and system based on terminal equipment |
CN113973280A (en) * | 2020-07-22 | 2022-01-25 | 广州汽车集团股份有限公司 | Vehicle-mounted message transmission method, device and system |
CN114885328A (en) * | 2021-01-21 | 2022-08-09 | 华为技术有限公司 | Vehicle machine connecting method and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105245552A (en) * | 2015-11-18 | 2016-01-13 | 北京京东世纪贸易有限公司 | Intelligent equipment, terminal equipment and method for implementing safe control authorization |
CN105472192A (en) * | 2015-11-18 | 2016-04-06 | 北京京东世纪贸易有限公司 | Intelligent equipment capable of realizing control safety authorization and sharing, terminal equipment and method |
CN106210047A (en) * | 2016-07-11 | 2016-12-07 | 北京长安汽车工程技术研究有限责任公司 | A kind of vehicle information management method, system and car networked system |
CN106453330A (en) * | 2016-10-18 | 2017-02-22 | 深圳市金立通信设备有限公司 | Identity authentication method and system |
CN109466507A (en) * | 2018-12-06 | 2019-03-15 | 上海博泰悦臻电子设备制造有限公司 | Car door lock state synchronization method based on mobile phone screen, server, synchronization system |
-
2019
- 2019-08-05 CN CN201910718809.0A patent/CN110417798B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105245552A (en) * | 2015-11-18 | 2016-01-13 | 北京京东世纪贸易有限公司 | Intelligent equipment, terminal equipment and method for implementing safe control authorization |
CN105472192A (en) * | 2015-11-18 | 2016-04-06 | 北京京东世纪贸易有限公司 | Intelligent equipment capable of realizing control safety authorization and sharing, terminal equipment and method |
CN106210047A (en) * | 2016-07-11 | 2016-12-07 | 北京长安汽车工程技术研究有限责任公司 | A kind of vehicle information management method, system and car networked system |
CN106453330A (en) * | 2016-10-18 | 2017-02-22 | 深圳市金立通信设备有限公司 | Identity authentication method and system |
CN109466507A (en) * | 2018-12-06 | 2019-03-15 | 上海博泰悦臻电子设备制造有限公司 | Car door lock state synchronization method based on mobile phone screen, server, synchronization system |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113973280A (en) * | 2020-07-22 | 2022-01-25 | 广州汽车集团股份有限公司 | Vehicle-mounted message transmission method, device and system |
CN113973280B (en) * | 2020-07-22 | 2023-09-01 | 广州汽车集团股份有限公司 | Vehicle-mounted message transmission method, device and system |
CN111970659A (en) * | 2020-07-27 | 2020-11-20 | 恒大新能源汽车投资控股集团有限公司 | Vehicle control method and system based on terminal equipment |
CN114885328A (en) * | 2021-01-21 | 2022-08-09 | 华为技术有限公司 | Vehicle machine connecting method and device |
CN114885328B (en) * | 2021-01-21 | 2024-01-16 | 华为技术有限公司 | Vehicle-computer connection method and device |
Also Published As
Publication number | Publication date |
---|---|
CN110417798B (en) | 2022-03-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105991643B (en) | Method and apparatus for secure bluetooth communication | |
JP6299047B2 (en) | Certification acquisition method and apparatus | |
CN108122311B (en) | Vehicle virtual key implementation method and system | |
WO2022027957A1 (en) | Safe distribution method, device and system of vehicle bluetooth key and storage medium | |
CN109842862A (en) | Secure short range wireless communication connection is established in the car | |
CN112543927B (en) | Equipment upgrading method and related equipment | |
CN112055952A (en) | Vehicle-mounted equipment upgrading method and related equipment | |
US9154947B2 (en) | Secure home-to-vehicle wireless connectivity | |
CN110417798A (en) | The communication means and device of terminal device and vehicle device | |
CN110380852A (en) | Mutual authentication method and communication system | |
CN107256188B (en) | Android device control method and device, terminal and storage medium | |
WO2018040642A1 (en) | Method and device for controlling vehicle to connect to mobile terminal, and vehicle | |
WO2014121708A2 (en) | Message certification application method, device, and system | |
CN109040285A (en) | Method, apparatus, storage medium and the vehicle of In-vehicle networking safety certification | |
CN112396712A (en) | ETC electronic tag secondary issuing method, system and storage medium | |
CN108650220A (en) | Provide, obtain method, the equipment of mobile terminal certificate and automobile end chip certificate | |
CN104053149A (en) | Method and system for realizing security mechanism of vehicle networking equipment | |
CN110247884A (en) | A kind of method, apparatus, system and the computer readable storage medium of more new authentication | |
JP2023506661A (en) | Certificate application method and device | |
CN109041263A (en) | A kind of TBox Bluetooth connecting method and device | |
CN111510448A (en) | Communication encryption method, device and system in OTA (over the air) upgrade of automobile | |
CN109618313A (en) | A kind of vehicle-mounted Bluetooth equipment and attaching method thereof, system | |
CN108718309B (en) | Vehicle identity authentication method and device | |
CN114297597B (en) | Account management method, system, equipment and computer readable storage medium | |
CN115550886A (en) | Vehicle-mounted augmented reality equipment control method and system and vehicle-mounted interaction system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |