CN111723365A - Method and equipment for installing application program in vehicle-mounted information entertainment system - Google Patents
Method and equipment for installing application program in vehicle-mounted information entertainment system Download PDFInfo
- Publication number
- CN111723365A CN111723365A CN202010614717.0A CN202010614717A CN111723365A CN 111723365 A CN111723365 A CN 111723365A CN 202010614717 A CN202010614717 A CN 202010614717A CN 111723365 A CN111723365 A CN 111723365A
- Authority
- CN
- China
- Prior art keywords
- application
- installation package
- application program
- certificate
- vehicle
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000009434 installation Methods 0.000 claims abstract description 97
- 238000012795 verification Methods 0.000 claims abstract description 20
- 238000004590 computer program Methods 0.000 claims description 12
- 230000008569 process Effects 0.000 description 6
- 230000008901 benefit Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention provides a method for installing an application program in a vehicle-mounted infotainment system, electronic equipment and a computer-readable storage medium. The method comprises the following steps: acquiring an application program installation package; analyzing the application program installation package to obtain basic information of the application program installation package, and performing first verification on the basic information; after the first verification is passed, judging whether a characteristic certificate exists in the application program installation package, wherein the characteristic certificate comprises characteristic information of the application program installation package for judging whether the application program installation package is safe or not; if so, acquiring a feature certificate in the application program installation package, and performing second check on the feature certificate; after passing the second verification, the application installation package is installed into the in-vehicle infotainment system. The scheme of the invention can prevent unsafe application programs from being installed in the vehicle-mounted infotainment system, thereby achieving the purpose of safely installing the application programs and improving the safety of the vehicle-mounted infotainment system.
Description
Technical Field
The invention relates to the technical field of vehicle-mounted infotainment products, in particular to a method for installing an application program in a vehicle-mounted infotainment system, electronic equipment and a computer-readable storage medium.
Background
In a Vehicle-mounted information entertainment system (In-Vehicle information, referred to as a Vehicle system for short), an application installed In the Vehicle system is required to neither interfere with the normal operation of the Vehicle system nor affect the safe driving of a user based on the consideration of safe driving. However, in the existing android-based car machine system, since the car machine system does not impose restrictions on the acquisition source and the required permission of the application program, the user may install an unsafe application program that is subjected to malicious tampering or unauthorized, and the like into the car machine system. When running, the unsafe application programs excessively occupy internal memory, CPU and the like, so that the vehicle-mounted computer system has the problems of jamming, screen blacking and even crash and the like. Some applications may even maliciously operate windows, seats, air conditioners, etc., directly affecting the safe driving of the user. Therefore, how to ensure that the user can safely install the application program is a problem which needs to be solved urgently in the current vehicle-mounted infotainment system.
Disclosure of Invention
In view of the above, the present invention has been made to provide a method, an electronic device and a computer-readable storage medium for installing an application in an in-vehicle infotainment system that overcome or at least partially solve the above-mentioned problems.
It is an object of the present invention to provide a method of installing an application in a vehicle infotainment system that ensures a secure installation of the application in the vehicle infotainment system.
A further object of the invention is to ensure the legitimacy of the authority of the installed application program and to further improve the security of the vehicle infotainment system.
According to an aspect of an embodiment of the present invention, there is provided a method for installing an application in an in-vehicle infotainment system, including:
acquiring an application program installation package;
analyzing the application program installation package to obtain basic information of the application program installation package, and performing first verification on the basic information;
after the first verification is passed, judging whether a characteristic certificate exists in the application program installation package, wherein the characteristic certificate comprises characteristic information of the application program installation package for judging whether the application program installation package is safe;
if so, acquiring the characteristic certificate in the application program installation package, and performing second verification on the characteristic certificate;
after passing the second check-up, installing the application installation package into an in-vehicle infotainment system.
Optionally, the second checking the feature certificate includes:
extracting feature information of the application program installation package in the feature certificate as first feature information;
calculating the obtained application program installation package according to a preset algorithm to obtain characteristic information of the application program installation package as second characteristic information;
comparing whether the second characteristic information is consistent with the first characteristic information;
and if so, determining that the second check is passed.
Optionally, the feature information of the application installation package includes at least one of:
signature file information of the compiled certificate of the application program installation package, authority in the applied vehicle-mounted information entertainment system, an application program key and an application program identifier.
Optionally, the feature certificate is generated by a specified encryption algorithm according to basic information of the application program installation package provided by a developer and/or authority in the vehicle-mounted infotainment system applied by the application program;
before extracting feature information of the application installation package in the feature certificate, the method further comprises:
and decrypting the characteristic certificate.
Optionally, the specified encryption algorithm comprises an asymmetric encryption algorithm.
Optionally, the characteristic information of the application installation package comprises the authority in the applied vehicle-mounted infotainment system;
the method further comprises the following steps:
during installation of the application installation package into the in-vehicle infotainment system, entering the permissions in the applied in-vehicle infotainment system into system permissions of the in-vehicle infotainment system.
Optionally, the application installation package comprises a plurality of installation files;
the basic information of the application program installation package comprises: the size of a space required by the application program installation, the hash value of each installation file, the signature of the compilation certificate of the application program installation package, the signature file of the compilation certificate and the hash value of the signature file of the compilation certificate;
the performing of the first check on the basic information includes:
checking whether the vehicle-mounted infotainment system has the space required by the installation of the application program according to the size of the space required by the installation of the application program;
if so, verifying whether the signature file of the compiling certificate is complete through the signature of the compiling certificate;
if so, verifying whether the hash value of each installation file is complete through the hash value of the signature file of the compiled certificate;
if so, verifying whether each installation file is complete or not through the hash value of each installation file;
and if so, determining that the first check is passed.
Optionally, the basic information of the application installation package further includes the authority defined by the application;
the performing the first check on the basic information further includes:
determining whether the application-defined permissions have been defined by other applications before determining that the first check passes;
if not, executing the step of determining that the first check is passed;
and if so, determining that the first check is not passed.
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including:
a processor; and
a memory storing computer program code;
the computer program code causes the electronic device to perform the method of installing an application in an in-vehicle infotainment system according to any of the preceding claims when the computer program code is run by the processor.
According to a further aspect of embodiments of the present invention, there is also provided a computer-readable storage medium having stored thereon computer program code which, when run on an electronic device, causes the electronic device to execute a method of installing an application in an in-vehicle infotainment system according to any of the preceding claims.
In the method for installing the application program in the vehicle-mounted infotainment system provided by the embodiment of the invention, after the application program installation package is obtained, the basic information of the application program installation package and the characteristic certificate which is generated by a developer in a self-defined way and is used for judging whether the application program installation package is safe are checked in sequence, and the application program installation package is installed in the vehicle-mounted infotainment system only after the basic information is checked and the characteristic certificate is checked, so that the unsafe application program is prevented from being installed in the vehicle-mounted infotainment system, the aim of safely installing the application program is fulfilled, and the safety of the vehicle-mounted infotainment system is improved.
Furthermore, the application program installation package is installed in the vehicle-mounted infotainment system only after the basic information is verified and the characteristic certificate is verified, and the authority in the vehicle-mounted infotainment system applied by the application program is recorded into the system authority of the vehicle-mounted infotainment system before the application program is installed, so that the unauthorized authority cannot be used, the legitimacy of the authority of the installed application program is ensured, and the safety of the vehicle-mounted infotainment system is further improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
The above and other objects, advantages and features of the present invention will become more apparent to those skilled in the art from the following detailed description of specific embodiments thereof, taken in conjunction with the accompanying drawings.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 is a flow diagram illustrating a method for installing an application in an in-vehicle infotainment system according to an embodiment of the invention.
FIG. 2 is a flowchart illustrating a step of performing a first check on basic information according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a step of performing a first check on basic information according to another embodiment of the present invention;
FIG. 4 is a flowchart illustrating a step of performing a first check on basic information according to another embodiment of the present invention
Fig. 5 shows a flowchart of the step of performing a second check on the certificate of authenticity according to an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
In order to solve the technical problem, an embodiment of the invention provides a method for installing an application program in a vehicle-mounted infotainment system.
FIG. 1 is a flow diagram illustrating a method for installing an application in an in-vehicle infotainment system according to an embodiment of the invention. Referring to fig. 1, the method may include at least the following steps S102 to S110.
And step S102, acquiring an application program installation package.
And step S104, analyzing the application program installation package to obtain basic information of the application program installation package, and performing first verification on the basic information.
And step S106, after the first verification is passed, judging whether the characteristic certificate exists in the application program installation package. The feature certificate contains feature information of the application installation package for determining whether the application installation package is secure. If yes, go to step S108.
And step S108, acquiring the characteristic certificate in the application program installation package, and performing second verification on the characteristic certificate.
And step S110, after the second verification is passed, installing the application program installation package into the vehicle-mounted infotainment system.
In the method for installing the application program in the vehicle-mounted infotainment system provided by the embodiment of the invention, after the application program installation package is obtained, the basic information of the application program installation package and the characteristic certificate which is generated by a developer in a self-defined way and is used for judging whether the application program installation package is safe are checked in sequence, and the application program installation package is installed in the vehicle-mounted infotainment system only after the basic information is checked and the characteristic certificate is checked, so that the unsafe application program is prevented from being installed in the vehicle-mounted infotainment system, the aim of safely installing the application program is fulfilled, and the safety of the vehicle-mounted infotainment system is improved.
The application programs mentioned in the embodiment of the present invention may refer to non-system application programs, that is, application programs that are not owned by the operating system of the in-vehicle infotainment system, and may include application programs provided by a manufacturer (for example, application programs preset by the manufacturer when the in-vehicle infotainment system leaves the factory) and third-party application programs.
In the above step S102, the application installation package may be downloaded from the server side. Specifically, the application market may be entered at a car end, and a trigger operation (e.g., click) of a download button of a specific application program by a user is received, so that the car end downloads a corresponding application program installation package from a server end in response to the trigger operation. The application installation package may include a plurality of installation files for the application.
In step S104, the basic information of the application installation package is extracted, and the first verification is performed on the basic information of the application installation package. Only after the first check is passed, the step S106 is continuously performed. If the first check is not passed, the process is ended.
Specifically, an interface for installing the application may be called by a Package management Service (Package management Service) of the in-vehicle system, so as to analyze the obtained application installation Package, extract basic information of the application installation Package, and perform a first check on the basic information of the application installation Package.
In one embodiment, the basic information of the application installation package may include a size of a space required for application installation, a hash value of each installation file, a signature of a compilation certificate of the application installation package and a compilation certificate signature file, and a hash value of the compilation certificate signature file. The compilation certificate of the application installation package mentioned here is a certificate used when the application installation package is compiled, and the compilation certificate signature file (Keystore) is a certificate signature file for generating a signature of the compilation certificate.
In this case, the step of performing the first check on the basic information in step S104 may be implemented as shown in fig. 2:
step S202, checking whether the vehicle-mounted infotainment system has the space required by the installation of the application program according to the size of the space required by the installation of the application program. If yes, go on to step S204. If not, go to step S212.
And step S204, verifying whether the signature file of the compiled certificate is complete or not through the signature of the compiled certificate. If yes, go on to step S206. If not, go to step S212.
And step S206, verifying whether the hash value of each installation file is complete or not by compiling the hash value of the certificate signature file. If yes, go on to step S208. If not, go to step S212.
And S208, verifying whether each installation file is complete or not through the hash value of each installation file. If yes, go on to step S210. If not, go to step S212.
In step S210, it is determined that the first check is passed.
In step S212, it is determined that the first check is not passed.
Through the first verification step of the basic information, the space requirement of the application program to be installed and the integrity of the acquired installation file of the application program can be met, and the application program can be normally installed.
Further, in one embodiment, the basic information of the application installation package may also include application-defined permissions. Specifically, if the application to be installed wishes to define a specific authority (e.g., bluetooth phone authority, window control authority, etc.), the authority to be defined by the application is declared in the configuration file of the application installation package of the application, and thus, it is possible to determine whether the application to be installed is to define the authority by checking the acquired configuration file of the application installation package, and if so, the authority defined by the application is extracted from the configuration file as part of the basic information of the application installation package.
In this case, as shown in fig. 3, before step S210 (i.e., determining that the first check is passed), step S209a may also be performed: it is determined whether the application-defined permissions have been defined by other applications. If not, go to step S210. If yes, go to step S212.
Those skilled in the art will recognize that the in-vehicle system does not allow different applications to define the same privilege (same name privilege). Through the method, the situation that different application programs define the same authority so as to cause conflict can be avoided, and normal operation of the vehicle machine system is guaranteed.
In another embodiment, the basic information of the application installation package may further include an installation directory of the application. In this case, as shown in fig. 4, before step S210 (i.e., determining that the first check is passed), step S209b may also be performed: and judging whether the installation catalog of the application program meets the installation condition. If yes, go to step S210. If not, go to step S212. Specifically, the mounting conditions include: for a system application program, the installation directory of the system application program can be a system directory or an internal storage directory; for non-system applications, the installation directory should be a directory other than the system directory. For example, in general, the memory of an in-vehicle infotainment system has different directory partitions, typically such as/system/,/data/,/sdcard/etc., where/system/is a system directory under which system applications can be installed,/data/is an internal storage directory, which is an internal storage space prepared for all apps,/sdcard/is a non-system application directory, which can be used to install non-system applications. If the application to be installed is a system application (e.g., upgrading of the system application), and it is determined in step S209b that the installation directory of the application to be installed is the system directory/system/or the internal storage directory/data/, it is determined that the first check is passed, otherwise, it is determined that the first check is not passed. If the application to be installed is a non-system application (e.g., a third-party application), and it is determined in step S209b that the installation directory of the application to be installed is a directory other than the system directory (e.g., sdcard/etc.), it is determined that the first check is passed, otherwise, it is determined that the first check is not passed. By the method, correct installation of the system application program and the non-system application program can be ensured, so that normal operation of the vehicle-mounted infotainment system is ensured.
It should be noted that, as those skilled in the art will recognize, the execution sequence of step S209a in fig. 3 may be changed, for example, step S209a may be executed first, if the authority defined by the application is not defined by other applications, steps S202 to S208 are executed, and finally, if step S208 verifies that each installation file is complete, step S210 is executed, and if not, step S212 is executed. Similarly, the execution sequence of step S209b in fig. 4 may also be changed, for example, step S209b may be executed first, if the installation directory of the application meets the installation condition, steps S202 to S208 are executed, finally, if step S208 verifies that each installation file is complete, step S210 is executed, and if not, step S212 is executed.
In addition, in the process of performing the first verification on the basic information, after step S208, step S209a and step S209b may be executed in sequence. Specifically, after step S208, if it is verified that each installation file is complete, step S209a is executed. After step S209a, if the program-defined rights are not defined by other applications, step S209b is performed. After step S209b, if the installation directory of the application program meets the installation condition, step S210 is executed, otherwise, step S212 is executed. Of course, those skilled in the art will understand that the order of step S209a and step S209b may be interchanged.
After the first verification of the basic information of the application program installation package is passed, step S106 is executed to determine whether a feature certificate exists in the application program installation package. If yes, executing step S108, obtaining the feature certificate in the application installation package, and performing a second verification on the feature certificate. If not, the process is ended.
The feature certificate mentioned herein is custom-generated by a developer, and contains feature information of the application installation package for determining whether the application installation package is secure. Whether the application installation package is secure may contain various meanings, specifically, for example, whether the application installation package is tampered with, and if tampered with, the application installation package is not secure. As another example, if the application installation package is authorized by the in-vehicle infotainment system provider, the application installation package may not be secure.
In one embodiment, as shown in fig. 5, the step of performing the second check on the feature certificate in step S108 may be implemented as follows:
step S502, extracting the characteristic information of the application program installation package in the characteristic certificate as first characteristic information.
In this step, the feature certificate integrated into the application program installation package may be acquired from the specified directory of the application program installation package, and the feature information of the application program installation package may be extracted from the feature certificate.
Step S504, the obtained application program installation package is calculated according to a preset algorithm to obtain the characteristic information of the application program installation package as second characteristic information.
In this step, the preset algorithm may be pre-agreed by the vehicle end and the server end, and is matched with an algorithm used when the developer generates the feature certificate by self-definition, for example, a digest algorithm or the like.
Step S506, comparing whether the second characteristic information is consistent with the first characteristic information. If yes, go to step S508.
Step S508, it is determined that the second check is passed.
Specifically, steps S502 to S508 may be performed by the package management service.
Further, if the second characteristic information is not consistent with the first characteristic information as compared in step S506, it indicates that the obtained application installation package is not matched with the application information provided by the developer, and the application installation package is insecure (e.g., the content has been tampered or is not authorized, etc.), so that it is determined that the second verification is not passed, and the process is ended. In this way, it is possible to prevent an insecure application from being installed in the in-vehicle infotainment system.
Specifically, the feature certificate may be generated by the developer platform according to basic information of the application installation package provided by the developer when the developer performs application registration, authority in the in-vehicle infotainment system applied by the application, and the like. Here, the basic information of the application installation package provided by the developer may include the application installation package name, the application name, and the like, in addition to the basic information of the application installation package described above.
Accordingly, the generated characteristic information of the application installation package may include at least one of signature file information of a compilation certificate of the application installation package, authority in the applied in-vehicle infotainment system, an application key (AppKey), an application identification (AppID), and the like.
In the present invention, the authority in the vehicle-mounted infotainment system applied by the application program refers to some service authorities at the bottom layer of the vehicle-mounted infotainment system, such as a vehicle window control authority, an air conditioner control authority, a seat control authority, an engine control authority, and the like, which is not specifically limited in the present invention.
In addition, in order to enhance the transmission security, the feature certificate may be encrypted by specifying an encryption algorithm when generating the feature certificate. Alternatively, the specified encryption algorithm may be an asymmetric encryption algorithm, such as an RSA (Rivest-Shamir-Adelman, Levister-Sarmor-Adelman) encryption algorithm, or the like. Accordingly, before extracting the feature information of the application installation package in the feature certificate, the feature certificate can also be decrypted. The decrypted algorithm matches the specified encryption algorithm.
After the second verification of the characteristic certificate is passed, step S110 is executed to install the application installation package into the in-vehicle infotainment system, thereby implementing secure installation of the application.
In one embodiment, where the characteristic information of the application installation package includes the permissions in the in-vehicle infotainment system that the application applies for, the permissions in the in-vehicle infotainment system that are applied for are entered into the system permissions of the in-vehicle infotainment system during installation of the application installation package into the in-vehicle infotainment system. Further, the permissions of installed applications may be managed through a management mechanism using the operating system of the in-vehicle infotainment system (e.g., the android system).
Because the application program installation package is installed in the vehicle-mounted infotainment system only after the basic information is verified and the characteristic certificate is verified, the authority in the vehicle-mounted infotainment system applied by the application program is recorded into the system authority of the vehicle-mounted infotainment system before the application program is installed, so that the unauthorized authority cannot be used, the legitimacy of the authority of the installed application program is ensured, and the safety of the vehicle-mounted infotainment system is further improved.
Based on the same inventive concept, the embodiment of the invention also provides electronic equipment. The electronic device includes: a processor; and a memory storing computer program code. The computer program code causes the electronic device to perform a method of installing an application in an in-vehicle infotainment system as described in any one of the embodiments or in combination thereof, when the computer program code is run by a processor.
Based on the same inventive concept, the embodiment of the invention also provides a computer readable storage medium. The computer readable storage medium stores computer program code which, when run on an electronic device, causes the electronic device to perform a method of installing an application in a vehicle infotainment system as described in any one or combination of the above embodiments.
According to any one or a combination of multiple optional embodiments, the embodiment of the present invention can achieve the following advantages:
in the method for installing the application program in the vehicle-mounted infotainment system provided by the embodiment of the invention, after the application program installation package is obtained, the basic information of the application program installation package and the characteristic certificate which is generated by a developer in a self-defined way and is used for judging whether the application program installation package is safe are checked in sequence, and the application program installation package is installed in the vehicle-mounted infotainment system only after the basic information is checked and the characteristic certificate is checked, so that the unsafe application program is prevented from being installed in the vehicle-mounted infotainment system, the aim of safely installing the application program is fulfilled, and the safety of the vehicle-mounted infotainment system is improved.
Furthermore, the application program installation package is installed in the vehicle-mounted infotainment system only after the basic information is verified and the characteristic certificate is verified, and the authority in the vehicle-mounted infotainment system applied by the application program is recorded into the system authority of the vehicle-mounted infotainment system before the application program is installed, so that the unauthorized authority cannot be used, the legitimacy of the authority of the installed application program is ensured, and the safety of the vehicle-mounted infotainment system is further improved.
It is clear to those skilled in the art that the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and for the sake of brevity, further description is omitted here.
In addition, the functional units in the embodiments of the present invention may be physically independent of each other, two or more functional units may be integrated together, or all the functional units may be integrated in one processing unit. The integrated functional units may be implemented in the form of hardware, or in the form of software or firmware.
Those of ordinary skill in the art will understand that: the integrated functional units, if implemented in software and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computing device (e.g., a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention when the instructions are executed. And the aforementioned storage medium includes: u disk, removable hard disk, Read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disk, and other various media capable of storing program code.
Alternatively, all or part of the steps of implementing the foregoing method embodiments may be implemented by hardware (such as a computing device, e.g., a personal computer, a server, or a network device) associated with program instructions, which may be stored in a computer-readable storage medium, and when the program instructions are executed by a processor of the computing device, the computing device executes all or part of the steps of the method according to the embodiments of the present invention.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments can be modified or some or all of the technical features can be equivalently replaced within the spirit and principle of the present invention; such modifications or substitutions do not depart from the scope of the present invention.
Claims (10)
1. A method for installing an application in an in-vehicle infotainment system, comprising:
acquiring an application program installation package;
analyzing the application program installation package to obtain basic information of the application program installation package, and performing first verification on the basic information;
after the first verification is passed, judging whether a characteristic certificate exists in the application program installation package, wherein the characteristic certificate comprises characteristic information of the application program installation package for judging whether the application program installation package is safe;
if so, acquiring the characteristic certificate in the application program installation package, and performing second verification on the characteristic certificate;
after passing the second check-up, installing the application installation package into an in-vehicle infotainment system.
2. The method of claim 1, wherein the second checking of the feature certificate comprises:
extracting feature information of the application program installation package in the feature certificate as first feature information;
calculating the obtained application program installation package according to a preset algorithm to obtain characteristic information of the application program installation package as second characteristic information;
comparing whether the second characteristic information is consistent with the first characteristic information;
and if so, determining that the second check is passed.
3. The method of claim 2, wherein the application installation package characteristic information comprises at least one of:
signature file information of the compiled certificate of the application program installation package, authority in the applied vehicle-mounted information entertainment system, an application program key and an application program identifier.
4. The method according to claim 3, wherein the feature certificate is generated by specifying an encryption algorithm according to basic information of the application installation package provided by a developer and/or rights in the in-vehicle infotainment system applied by the application;
before extracting the feature information of the application installation package in the feature certificate, the method further includes:
and decrypting the characteristic certificate.
5. The method of claim 4, wherein the specified encryption algorithm comprises an asymmetric encryption algorithm.
6. The method of claim 3, wherein the characteristic information of the application installation package includes permissions in the applied in-vehicle infotainment system;
the method further comprises the following steps:
during installation of the application installation package into the in-vehicle infotainment system, entering the permissions in the applied in-vehicle infotainment system into system permissions of the in-vehicle infotainment system.
7. The method of claim 1, wherein the application installation package comprises a plurality of installation files;
the basic information of the application program installation package comprises: the size of a space required by the application program installation, the hash value of each installation file, the signature of the compilation certificate of the application program installation package, the signature file of the compilation certificate and the hash value of the signature file of the compilation certificate;
the performing of the first check on the basic information includes:
checking whether the vehicle-mounted infotainment system has the space required by the installation of the application program according to the size of the space required by the installation of the application program;
if so, verifying whether the signature file of the compiling certificate is complete through the signature of the compiling certificate;
if so, verifying whether the hash value of each installation file is complete through the hash value of the signature file of the compiled certificate;
if so, verifying whether each installation file is complete or not through the hash value of each installation file;
and if so, determining that the first check is passed.
8. The method of claim 7, wherein the basic information of the application installation package further comprises permissions defined by the application;
the performing the first check on the basic information further includes:
determining whether the application-defined permissions have been defined by other applications before determining that the first check passes;
if not, executing the step of determining that the first check is passed;
and if so, determining that the first check is not passed.
9. An electronic device, comprising:
a processor; and
a memory storing computer program code;
the computer program code causes the electronic device to perform a method of installing an application in an in-vehicle infotainment system according to any of claims 1 to 8, when the computer program code is run by the processor.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores computer program code which, when run on an electronic device, causes the electronic device to execute a method of installing an application in an in-vehicle infotainment system according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010614717.0A CN111723365B (en) | 2020-06-30 | 2020-06-30 | Method and equipment for installing application program in vehicle-mounted information entertainment system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010614717.0A CN111723365B (en) | 2020-06-30 | 2020-06-30 | Method and equipment for installing application program in vehicle-mounted information entertainment system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111723365A true CN111723365A (en) | 2020-09-29 |
| CN111723365B CN111723365B (en) | 2023-03-17 |
Family
ID=72570623
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010614717.0A Active CN111723365B (en) | 2020-06-30 | 2020-06-30 | Method and equipment for installing application program in vehicle-mounted information entertainment system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111723365B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113031973A (en) * | 2021-03-01 | 2021-06-25 | 湖北亿咖通科技有限公司 | Download installation method of paid vehicle-mounted application |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103984890A (en) * | 2014-05-26 | 2014-08-13 | 惠州华阳通用电子有限公司 | Method and apparatus for entering hidden setting of in-vehicle infotainment information system |
| CN104751049A (en) * | 2015-03-09 | 2015-07-01 | 广东欧珀移动通信有限公司 | Application program installing method and mobile terminal |
| CN106250194A (en) * | 2016-08-08 | 2016-12-21 | 广州视源电子科技股份有限公司 | Program file installation method and device |
| CN106445807A (en) * | 2016-08-29 | 2017-02-22 | Tcl集团股份有限公司 | Application installation package detection method and apparatus used for intelligent terminal |
| CN106648626A (en) * | 2016-11-29 | 2017-05-10 | 郑州信大捷安信息技术股份有限公司 | Secure remote upgrade system and upgrade method for vehicles |
| CN108197469A (en) * | 2017-11-28 | 2018-06-22 | 东软集团股份有限公司 | The method, apparatus and storage medium and electronic equipment of verification Application program |
| CN108399329A (en) * | 2018-01-23 | 2018-08-14 | 晶晨半导体(上海)股份有限公司 | A method of improving trusted application safety |
| CN108733385A (en) * | 2018-05-17 | 2018-11-02 | 广东小天才科技有限公司 | Application program installation method, device, equipment and storage medium |
| EP3416082A1 (en) * | 2017-06-14 | 2018-12-19 | Beijing Xiaomi Mobile Software Co., Ltd. | Method and apparatus for signing and verifying application installation package, and storage medium |
| CN110225063A (en) * | 2019-07-02 | 2019-09-10 | 广州小鹏汽车科技有限公司 | Upgrade method, upgrade-system, server and the car-mounted terminal of automobile mounted system |
| CN110362990A (en) * | 2019-05-31 | 2019-10-22 | 口碑(上海)信息技术有限公司 | Using the security processing of installation, apparatus and system |
-
2020
- 2020-06-30 CN CN202010614717.0A patent/CN111723365B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103984890A (en) * | 2014-05-26 | 2014-08-13 | 惠州华阳通用电子有限公司 | Method and apparatus for entering hidden setting of in-vehicle infotainment information system |
| CN104751049A (en) * | 2015-03-09 | 2015-07-01 | 广东欧珀移动通信有限公司 | Application program installing method and mobile terminal |
| CN106250194A (en) * | 2016-08-08 | 2016-12-21 | 广州视源电子科技股份有限公司 | Program file installation method and device |
| CN106445807A (en) * | 2016-08-29 | 2017-02-22 | Tcl集团股份有限公司 | Application installation package detection method and apparatus used for intelligent terminal |
| CN106648626A (en) * | 2016-11-29 | 2017-05-10 | 郑州信大捷安信息技术股份有限公司 | Secure remote upgrade system and upgrade method for vehicles |
| EP3416082A1 (en) * | 2017-06-14 | 2018-12-19 | Beijing Xiaomi Mobile Software Co., Ltd. | Method and apparatus for signing and verifying application installation package, and storage medium |
| CN108197469A (en) * | 2017-11-28 | 2018-06-22 | 东软集团股份有限公司 | The method, apparatus and storage medium and electronic equipment of verification Application program |
| CN108399329A (en) * | 2018-01-23 | 2018-08-14 | 晶晨半导体(上海)股份有限公司 | A method of improving trusted application safety |
| CN108733385A (en) * | 2018-05-17 | 2018-11-02 | 广东小天才科技有限公司 | Application program installation method, device, equipment and storage medium |
| CN110362990A (en) * | 2019-05-31 | 2019-10-22 | 口碑(上海)信息技术有限公司 | Using the security processing of installation, apparatus and system |
| CN110225063A (en) * | 2019-07-02 | 2019-09-10 | 广州小鹏汽车科技有限公司 | Upgrade method, upgrade-system, server and the car-mounted terminal of automobile mounted system |
Non-Patent Citations (3)
| Title |
|---|
| 王浩宇: "《移动应用安全分析》", 31 August 2019, 北京邮电大学出版社 * |
| 谢红侠: "《Android移动开发技术》", 30 April 2020, 中国矿业大学出版社有限责任公司 * |
| 青岛英谷教育科技股份有限公司主编: "《车载终端应用开发技术》", 30 March 2018, 西安电子科技大学出版社 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113031973A (en) * | 2021-03-01 | 2021-06-25 | 湖北亿咖通科技有限公司 | Download installation method of paid vehicle-mounted application |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111723365B (en) | 2023-03-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8881308B2 (en) | Method to enable development mode of a secure electronic control unit | |
| US8863290B2 (en) | Methods and devices for improving the reliability of communication between an aircraft and a remote system | |
| US8844049B2 (en) | Method for generating a cryptographic key for a protected digital data object on the basis of current components of a computer | |
| US8856538B2 (en) | Secured flash programming of secondary processor | |
| US20140075517A1 (en) | Authorization scheme to enable special privilege mode in a secure electronic control unit | |
| US20130111212A1 (en) | Methods to provide digital signature to secure flash programming function | |
| Jo et al. | Vulnerabilities of android OS-based telematics system | |
| US8930710B2 (en) | Using a manifest to record presence of valid software and calibration | |
| CN108880859B (en) | Configuration method, device, server, terminal and storage medium of upgrade file | |
| CN106295350B (en) | identity verification method and device of trusted execution environment and terminal | |
| CN110688661A (en) | Method and device for preventing dynamic link library file hijacking and computer equipment | |
| US11443031B2 (en) | Method for determining a validity of an application code, corresponding device and computer program product | |
| KR101055946B1 (en) | Digital data authentication method and device by authentication extension module | |
| US11966461B2 (en) | Virtual environment type validation for policy enforcement | |
| CN111723365B (en) | Method and equipment for installing application program in vehicle-mounted information entertainment system | |
| JP7325072B1 (en) | Information processing device, control method and program for information processing device | |
| JP2005293109A (en) | Software execution management device, software execution management method, and control program | |
| CN114692095A (en) | Vehicle-mounted software authorization method, storage medium, electronic device and vehicle | |
| CN113031973B (en) | Download installation method of paid vehicle-mounted application | |
| CN113032773A (en) | Software security application method and device | |
| WO2024057571A1 (en) | Information processing device, method for controlling information processing device, and program | |
| CN117610025B (en) | Embedded operating system safety guiding method based on electric power intelligent terminal | |
| KR101561655B1 (en) | UCI anti-piracy method and system-based applications | |
| KR101091463B1 (en) | Web based contents copy protection system and method thereof | |
| KR101616702B1 (en) | Software Management Method Using CODESIGN |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220317 Address after: 430051 No. b1336, chuanggu startup area, taizihu cultural Digital Creative Industry Park, No. 18, Shenlong Avenue, Wuhan Economic and Technological Development Zone, Wuhan, Hubei Province Applicant after: Yikatong (Hubei) Technology Co.,Ltd. Address before: No.c101, chuanggu start up area, taizihu cultural Digital Industrial Park, No.18 Shenlong Avenue, Wuhan Economic Development Zone, Hubei Province Applicant before: HUBEI ECARX TECHNOLOGY Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |