CN113204358A - Software package refreshing service method, service system and readable storage medium - Google Patents
Software package refreshing service method, service system and readable storage medium Download PDFInfo
- Publication number
- CN113204358A CN113204358A CN202110321610.1A CN202110321610A CN113204358A CN 113204358 A CN113204358 A CN 113204358A CN 202110321610 A CN202110321610 A CN 202110321610A CN 113204358 A CN113204358 A CN 113204358A
- Authority
- CN
- China
- Prior art keywords
- software package
- signature
- terminal
- encryption
- software
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000004891 communication Methods 0.000 claims abstract description 13
- VIEYMVWPECAOCY-UHFFFAOYSA-N 7-amino-4-(chloromethyl)chromen-2-one Chemical compound ClCC1=CC(=O)OC2=CC(N)=CC=C21 VIEYMVWPECAOCY-UHFFFAOYSA-N 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 abstract description 9
- 238000010586 diagram Methods 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a software package refreshing service method, a service system and a readable storage medium, wherein the software package refreshing service method comprises the following steps: performing first encryption on a software package at a first end, and performing first signature on the software package after the first encryption; transmitting the software package after the first signature to a second end; performing a second signature on the first signed software package at the second end, and performing a second encryption on the second signed software package; transmitting the second encrypted software package to a third terminal; performing first decryption on the second encrypted software package at the third end to obtain a software package with the second signature; and the fourth terminal obtains the software package with the second signature from the third terminal, and performs first de-signing, second de-signing and second decryption on the software package to obtain the original software package. The configuration ensures the safety of the software package in the whole communication link transmission process.
Description
Technical Field
The invention relates to the technical field of automobile communication, in particular to a software package refreshing service method, a service system and a readable storage medium.
Background
With The development of The intelligent networking trend of automobiles, FOTA (Firmware Over-The-Air software upgrade of The mobile terminal) becomes an increasingly important function of The internet of vehicles, and The information safety design of FOTA is important. The FOTA refresh packet is transmitted from Tier1 (primary supplier) to TSP (Telematics Service Provider, meaning car Telematics Service Provider) of OEM (original manufacturer) to FOTA Server, and then is sent to the terminal for FOTA, and the link length passed by the FOTA refresh packet is long, and the possibility of being tampered and attacked is high.
In the existing scheme, the FOTA refresh packet is encrypted at the TSP and decrypted at the terminal, so that the strategy is relatively single and a large safety risk exists.
Disclosure of Invention
The invention aims to provide a software package refreshing service method, a service system and a readable storage medium, which are used for solving the problem of low security in the transmission process of the existing FOTA refreshing package.
In order to solve the above technical problem, the present invention provides a software package refreshing service method, which includes:
performing first encryption on a software package at a first end, and performing first signature on the software package after the first encryption;
transmitting the software package after the first signature to a second end;
performing a second signature on the first signed software package at the second end, and performing a second encryption on the second signed software package;
transmitting the second encrypted software package to a third terminal;
performing first decryption on the second encrypted software package at the third end to obtain a software package with the second signature;
and the fourth terminal obtains the software package with the second signature from the third terminal, and performs first de-signing, second de-signing and second decryption on the software package to obtain the original software package.
Optionally, the first end is a primary supplier, the second end is a substitute remote service provider, the third end is an over-the-air software download server, and the fourth end is a vehicle-mounted terminal.
Optionally, before the second end performs the second signature on the software package after the first signature, the software package refreshing service method further includes:
adding enterprise configuration information of a proxy remote service provider to the first signed software package.
Optionally, the enterprise configuration information includes an enterprise code, a vehicle type, and a software applicability description.
Optionally, after the third end performs the first decryption on the second encrypted software package to obtain the software package with the second signature, the software package refresh service method further includes:
and placing the software package with the second signature at a preset address to be downloaded by the vehicle-mounted terminal.
Optionally, the first encryption and the second decryption both use CMAC algorithms, and the first signature, the second signature, the first de-signature, and the second de-signature all use SHA256 algorithms and RSA2048 algorithms.
Optionally, the process of transmitting the first signed software package to the second end, the process of transmitting the second encrypted software package to the third end, and the process of obtaining the software package with the second signature from the third end at the fourth end all use https secure communication links for transmission.
In order to solve the above technical problem, the present invention further provides a readable storage medium, on which a program is stored, and when the program is executed, the software package refresh service method as described above is executed.
In order to solve the above technical problem, the present invention further provides a software package refreshing service system, which includes: a first end, a second end, a third end and a fourth end;
the software package refreshing service system is configured to perform software package refreshing service according to the software package refreshing service method.
Optionally, the first end is a primary supplier, the second end is a substitute remote service provider, the third end is an over-the-air software download server, and the fourth end is a vehicle-mounted terminal.
In summary, in the software package refreshing service method, the service system and the readable storage medium provided by the present invention, the software package refreshing service method includes: performing first encryption on a software package at a first end, and performing first signature on the software package after the first encryption; transmitting the software package after the first signature to a second end; performing a second signature on the first signed software package at the second end, and performing a second encryption on the second signed software package; transmitting the second encrypted software package to a third terminal; performing first decryption on the second encrypted software package at the third end to obtain a software package with the second signature; and the fourth terminal obtains the software package with the second signature from the third terminal, and performs first de-signing, second de-signing and second decryption on the software package to obtain the original software package.
According to the configuration, in the whole communication link, the software package is always under at least one layer of encryption from the first end to the fourth end, and the safety of the software package in the whole communication link transmission process is guaranteed.
Drawings
It will be appreciated by those skilled in the art that the drawings are provided for a better understanding of the invention and do not constitute any limitation to the scope of the invention. Wherein:
fig. 1 is a schematic diagram of a software package refreshing service system according to an embodiment of the present invention.
Description of the drawings:
100-a first end; 200-a second end; 300-a third end; 400-a fourth end;
110 — first encryption; 120-a first signature; 210-a second signature; 220-second encryption; 310 — first decryption; 410-first de-signing; 420-second label release; 430-second decryption.
Detailed Description
To further clarify the objects, advantages and features of the present invention, a more particular description of the invention will be rendered by reference to specific embodiments thereof which are illustrated in the appended drawings. It is to be noted that the drawings are in greatly simplified form and are not to scale, but are merely intended to facilitate and clarify the explanation of the embodiments of the present invention. Further, the structures illustrated in the drawings are often part of actual structures. In particular, the drawings may have different emphasis points and may sometimes be scaled differently.
As used in this specification and the appended claims, the singular forms "a", "an", and "the" include plural referents unless the content clearly dictates otherwise. As used in this specification and the appended claims, the term "or" is generally employed in its sense including "and/or" unless the content clearly dictates otherwise.
The following description refers to the accompanying drawings.
Please refer to fig. 1, which is a diagram illustrating a software package refresh service system according to an embodiment of the present invention. The software package refresh service system includes a first terminal 100, a second terminal 200, a third terminal 300, and a fourth terminal 400. In an exemplary embodiment, the first end 100 is a primary supplier (Tier1), the second end 200 is an original equipment remote service provider (OEM TSP), the third end 300 is an over-the-air software download Server (FOTA Server), and the fourth end 400 is a vehicle Terminal (Terminal).
Based on the software package refreshing service system, the present embodiment provides a software package refreshing service method, which includes:
step S1: performing a first encryption 110 on the software package at the first end 100, and performing a first signature 120 on the software package after the first encryption 110;
step S2: transmitting the software package after the first signature 120 to the second end 200;
step S3: second signing 210 the software package after the first signature 120 at the second end 200, and second encrypting 220 the software package after the second signature 210;
step S4: transmitting the second encrypted 220 software package to a third terminal 300;
step S5: performing a first decryption 310 on the second encrypted 220 software package at the third end 300 to obtain a software package with the second signature 210;
step S6: the fourth end 400 obtains the software package with the second signature 210 from the third end 300 and performs a first de-signing 410, a second de-signing 420 and a second decryption 430 on the software package to obtain the original software package.
With the configuration, the software package is always under at least one layer of encryption from the first end 100 to the fourth end 400 in the whole communication link, so that the security of the software package in the whole communication link transmission process is ensured. It can be understood by those skilled in the art that the software package refreshing service method is not limited to be applied to FOTA software packages, and can be generalized to security monitoring policies of all software packages for refreshing service.
Preferably, in step S3: before the second end 200 performs the second signature 210 on the software package after the first signature 120, the software package refreshing service method further includes:
step S2 a: enterprise configuration information of the proxy remote service provider is added to the software package after the first signature 120. Optionally, the enterprise configuration information includes an enterprise code, a vehicle type, and a software applicability description. The configuration information of the enterprise can increase the complexity of identity recognition and verification of the software package, and further improve the safety.
Optionally, in step S5: after the third terminal 300 performs the first decryption 310 on the second encrypted 220 software package to obtain the software package with the second signature 210, the software package refreshing service method further includes:
step S5 a: and placing the software package with the second signature 210 at a preset address to be downloaded by the vehicle-mounted terminal.
In one example, the first encryption 110 and the second decryption 430 each employ a CMAC algorithm, and the first signature 120, the second signature 210, the first de-signature 410, and the second de-signature 420 each employ a SHA256 algorithm and a RSA2048 algorithm. The algorithms for the second encryption 210 and the first decryption 310 may employ algorithms commonly used in the art. Of course, the skilled person can also follow the actual situation. Other encryption, decryption or signature algorithms may be used for the first encryption 110, the second decryption 430, the first signature 120, the second signature 210, the first de-signature 410, and the second de-signature 420, but the invention is not limited thereto.
Preferably, the process of transmitting the software package with the first signature 120 to the second end 200, the process of transmitting the software package with the second encryption 220 to the third end 300, and the process of obtaining the software package with the second signature 210 from the third end 300 by the fourth end 400 are all performed by using https secure communication link. The https secure communication link is used for transmission, transmission security can be guaranteed based on a TLS protocol, and high-efficiency transmission of large files and universality of opposite-end adaptation can be guaranteed through the https communication link.
Further, based on the software package refreshing service method, the present embodiment further provides a readable storage medium, on which a program is stored, and when the program is executed, the software package refreshing service method is executed. The readable storage medium can be set on each end of the software package refreshing service system, and each end executes the refreshing service method of the corresponding part according to the running program.
In summary, in the software package refreshing service method, the service system and the readable storage medium provided by the present invention, the software package refreshing service method includes: performing first encryption on a software package at a first end, and performing first signature on the software package after the first encryption; transmitting the software package after the first signature to a second end; performing a second signature on the first signed software package at the second end, and performing a second encryption on the second signed software package; transmitting the second encrypted software package to a third terminal; performing first decryption on the second encrypted software package at the third end to obtain a software package with the second signature; and the fourth terminal obtains the software package with the second signature from the third terminal, and performs first de-signing, second de-signing and second decryption on the software package to obtain the original software package. According to the configuration, in the whole communication link, the software package is always under at least one layer of encryption from the first end to the fourth end, and the safety of the software package in the whole communication link transmission process is guaranteed.
The above description is only for the purpose of describing the preferred embodiments of the present invention, and is not intended to limit the scope of the present invention, and any variations and modifications made by those skilled in the art based on the above disclosure are within the scope of the appended claims.
Claims (10)
1. A software package refresh service method, comprising:
performing first encryption on a software package at a first end, and performing first signature on the software package after the first encryption;
transmitting the software package after the first signature to a second end;
performing a second signature on the first signed software package at the second end, and performing a second encryption on the second signed software package;
transmitting the second encrypted software package to a third terminal;
performing first decryption on the second encrypted software package at the third end to obtain a software package with the second signature;
and the fourth terminal obtains the software package with the second signature from the third terminal, and performs first de-signing, second de-signing and second decryption on the software package to obtain the original software package.
2. The method according to claim 1, wherein the first terminal is a primary supplier, the second terminal is an agent teleservice provider, the third terminal is an over-the-air software download server, and the fourth terminal is a vehicle-mounted terminal.
3. The method of claim 2, wherein before the second signing is performed on the first signed software package at the second end, the method further comprises:
adding enterprise configuration information of a proxy remote service provider to the first signed software package.
4. The software package refresh service method of claim 3, wherein the enterprise configuration information includes an enterprise code, a vehicle model, and a software applicability description.
5. The method according to claim 2, wherein after the third end performs the first decryption on the second encrypted software package to obtain the software package with the second signature, the method further comprises:
and placing the software package with the second signature at a preset address to be downloaded by the vehicle-mounted terminal.
6. The software package refreshing service method according to claim 1, wherein the first encryption and the second decryption both use a CMAC algorithm, and the first signature, the second signature, the first de-signature, and the second de-signature each use a SHA256 algorithm and a RSA2048 algorithm.
7. The method according to claim 1, wherein the process of transmitting the first signed software package to a second end, the process of transmitting the second encrypted software package to a third end, and the process of obtaining the software package with the second signature from the third end at a fourth end are all transmitted by using an https secure communication link.
8. A readable storage medium having a program stored thereon, wherein the program, when executed, performs the software package refresh service method according to any one of claims 1 to 7.
9. A software package refresh service system, comprising: a first end, a second end, a third end and a fourth end;
the software package refreshing service system is configured to perform software package refreshing service according to the software package refreshing service method of claim 1.
10. The system of claim 9, wherein the first end is a primary supplier, the second end is a service provider, the third end is an over-the-air software download server, and the fourth end is a vehicle terminal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110321610.1A CN113204358A (en) | 2021-03-25 | 2021-03-25 | Software package refreshing service method, service system and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110321610.1A CN113204358A (en) | 2021-03-25 | 2021-03-25 | Software package refreshing service method, service system and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113204358A true CN113204358A (en) | 2021-08-03 |
Family
ID=77025717
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110321610.1A Pending CN113204358A (en) | 2021-03-25 | 2021-03-25 | Software package refreshing service method, service system and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113204358A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116737207A (en) * | 2023-08-09 | 2023-09-12 | 北京集度科技有限公司 | Firmware upgrading method, device and equipment |
| CN116932015A (en) * | 2023-09-18 | 2023-10-24 | 中汽智联技术有限公司 | Remote upgrading method, device and system for vehicle software and electronic equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110597538A (en) * | 2019-09-03 | 2019-12-20 | 广州小鹏汽车科技有限公司 | Software upgrading method based on OTA upgrading system and OTA upgrading system |
| US20190391800A1 (en) * | 2018-06-20 | 2019-12-26 | Aptiv Technologies Limited | Over-the-air (ota) mobility services platform |
| CN111385191A (en) * | 2018-12-28 | 2020-07-07 | 联合汽车电子有限公司 | Vehicle-mounted interconnected gateway, vehicle OTA upgrading system and method and computer storage medium |
| CN111629002A (en) * | 2020-05-28 | 2020-09-04 | 爱瑟福信息科技(上海)有限公司 | OTA (over the air) safety upgrading method and system of vehicle ECU (electronic control Unit) |
-
2021
- 2021-03-25 CN CN202110321610.1A patent/CN113204358A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190391800A1 (en) * | 2018-06-20 | 2019-12-26 | Aptiv Technologies Limited | Over-the-air (ota) mobility services platform |
| CN111385191A (en) * | 2018-12-28 | 2020-07-07 | 联合汽车电子有限公司 | Vehicle-mounted interconnected gateway, vehicle OTA upgrading system and method and computer storage medium |
| CN110597538A (en) * | 2019-09-03 | 2019-12-20 | 广州小鹏汽车科技有限公司 | Software upgrading method based on OTA upgrading system and OTA upgrading system |
| CN111629002A (en) * | 2020-05-28 | 2020-09-04 | 爱瑟福信息科技(上海)有限公司 | OTA (over the air) safety upgrading method and system of vehicle ECU (electronic control Unit) |
Non-Patent Citations (2)
| Title |
|---|
| 谭凡: ""智能网联汽车FOTA***安全机制的研究与实现"", 《中国优秀硕士学位论文全文数据库工程科技Ⅱ辑》, vol. 2020, no. 07, pages 035 - 299 * |
| 车云等: "《智能汽车决战2020》", 30 April 2018, 北京理工大学出版社, pages: 203 - 206 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116737207A (en) * | 2023-08-09 | 2023-09-12 | 北京集度科技有限公司 | Firmware upgrading method, device and equipment |
| CN116737207B (en) * | 2023-08-09 | 2023-11-17 | 北京集度科技有限公司 | Firmware upgrading method, device and equipment |
| CN116932015A (en) * | 2023-09-18 | 2023-10-24 | 中汽智联技术有限公司 | Remote upgrading method, device and system for vehicle software and electronic equipment |
| CN116932015B (en) * | 2023-09-18 | 2023-12-15 | 中汽智联技术有限公司 | Remote upgrading method, device and system for vehicle software and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11662991B2 (en) | Vehicle-mounted device upgrade method and related device | |
| US11985238B2 (en) | Vehicle-mounted device upgrade method and related device | |
| CN110351314B (en) | Remote upgrading method of automobile controller and computer readable storage medium | |
| US11321074B2 (en) | Vehicle-mounted device upgrade method and related apparatus | |
| CN109479000B (en) | Reuse system, key generation device, data security device, vehicle-mounted computer, reuse method, and storage medium | |
| CN109314639B (en) | Management system, key generation device, vehicle-mounted computer, management method, and recording medium | |
| CN112543927B (en) | Equipment upgrading method and related equipment | |
| EP3623939A1 (en) | Method and apparatus for wirelessly updating software for vehicle | |
| CN109413009B (en) | Method for over-the-air upgrading of vehicle firmware and computer readable storage medium | |
| CN103166759B (en) | Use the method and apparatus downloaded for secure firmware of diagnosis link connector (DLC) and ONSTAR system | |
| US11212080B2 (en) | Communication system, vehicle, server device, communication method, and computer program | |
| CN109314645B (en) | Data providing system, data protection device, data providing method, and storage medium | |
| CN109314644B (en) | Data providing system, data protection device, data providing method, and storage medium | |
| CN113204358A (en) | Software package refreshing service method, service system and readable storage medium | |
| CN111949288A (en) | Intelligent element remote upgrading method and system based on vehicle-mounted Ethernet | |
| CN113709695B (en) | Authorization method and system for vehicle use | |
| CN112910826A (en) | Initial configuration method and terminal equipment | |
| CN115665138A (en) | Automobile OTA (over the air) upgrading system and method | |
| CN115643564A (en) | FOTA upgrading method, device, equipment and storage medium for automobile safety | |
| KR20150089697A (en) | Secure system and method for smart cars using a mobile device | |
| WO2018100789A1 (en) | Distribution system, key generation device, in-vehicle computer, data security device, distribution method and computer program | |
| Onuma et al. | A method of ECU software updating | |
| CN109802929B (en) | Client program upgrading method based on dual systems and computer readable storage medium | |
| CN115333937B (en) | Data downloading method and device and electronic equipment | |
| CN113015132A (en) | Communication method and communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |