CN114239091B - Disk encryption method and system based on trusted chip - Google Patents
Disk encryption method and system based on trusted chip Download PDFInfo
- Publication number
- CN114239091B CN114239091B CN202210168625.3A CN202210168625A CN114239091B CN 114239091 B CN114239091 B CN 114239091B CN 202210168625 A CN202210168625 A CN 202210168625A CN 114239091 B CN114239091 B CN 114239091B
- Authority
- CN
- China
- Prior art keywords
- encryption
- key
- trusted chip
- disk
- luks
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/80—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of computer science, in particular to a disk encryption method based on a trusted chip, which comprises the following steps: inquiring all disk partitions of a system to be encrypted to obtain an encryptable disk partition of the system to be encrypted; randomly generating an encryption key, and carrying out LUKS encryption on the encryptable disk partition, wherein the encryption key corresponds to the encryptable disk partition; writing an encryption key into a trusted chip of the system to be encrypted, adding a token, binding a LUKS key slot with the trusted chip, storing the encryption key by the token, writing the encryption key into a trusted chip mode and the associated LUKS key slot, and storing the encryption key in the trusted chip; and recording the information of the encryptable disk partition, the binding mode of the LUKS encryption key and the trusted chip into an encryption system configuration file, and backing up the recovery key to a management platform. The method ensures the security of the encryption key by binding the encryption key encrypted by the LUKS with the trusted chip.
Description
Technical Field
The invention relates to the technical field of computer science, in particular to a disk encryption method and system based on a trusted chip, electronic equipment and a readable storage medium.
Background
In the era of rapid development of information technology, data security is more and more important, enterprises pay more and more attention to the data security, and the key for ensuring the data security is the data encryption technology. The LUKS is a popular disk encryption technology of Linux, encryption relates to the security problem of encrypted passwords, the LUKS supports password input of keys or the introduction of the keys through files, but the security of the keys cannot be guaranteed, and once the keys are leaked or stolen, the data security is seriously threatened.
Therefore, it is necessary to provide a data encryption method to improve the security of the encryption key of LUKS encryption.
Disclosure of Invention
Solves the technical problem
Aiming at the defects in the prior art, the invention provides a disk encryption method based on a trusted chip, which ensures the security of an encryption key by binding the encryption key encrypted by the LUKS with the trusted chip.
Technical scheme
In order to achieve the purpose, the invention is realized by the following technical scheme:
the invention provides a disk encryption method based on a trusted chip, which comprises the following steps:
s1, inquiring all disk partitions of a system to be encrypted to obtain an encryptable disk partition of the system to be encrypted;
s2, randomly generating an encryption key, and carrying out LUKS encryption on the encryptable disk partition, wherein the encryption key corresponds to the encryptable disk partition;
s3, writing the encryption key into a trusted chip of the system to be encrypted through an AES algorithm or an SM4 algorithm, adding a token, binding a LUKS key slot with the trusted chip, storing the encryption key into a trusted chip mode and the LUKS key slot associated with the trusted chip by the token, and storing the encryption key in the trusted chip;
s4, recording the information of the encryptable disk partition and the binding mode of the LUKS key slot and the trusted chip to an encryption system configuration file; and generating a recovery key, wherein the recovery key is used for recovering the encryption key and backing up the recovery key to a management platform.
Based on the same invention conception, the invention provides a disk encryption system based on a trusted chip, and the disk encryption method comprises the following steps:
the disk encryption module is used for carrying out LUKS encryption on an encryptable disk partition of a system to be encrypted and generating an encryption key;
the trusted chip binding module is used for detecting a trusted chip of the system to be encrypted, adding a token according to the type of the trusted chip, binding the LUKS key slot with the trusted chip, recording the mode of writing the encryption key into the trusted chip, and recording the information of the encrypted disk partition and the binding mode of the LUKS key slot and the trusted chip into an encryption system configuration file;
and the starting decryption module is used for searching the encrypted disk partition according to the configuration file, reading the encryption key in the trusted chip through the token and decrypting the encrypted disk partition. The system further comprises a key backup module for generating a recovery key and backing up the recovery key, wherein the recovery key is used for recovering the encryption key under abnormal conditions.
Based on the same inventive concept, the present invention also provides an electronic device, which includes a processor and a memory, wherein the memory stores a computer program, and the computer program implements the method described above when being executed by the processor.
Based on the same inventive concept, the present invention further provides a readable storage medium, wherein the readable storage medium stores a computer program, and the computer program is executed by a processor to implement the method.
Advantageous effects
Compared with the known public technology, the technical scheme provided by the invention has the following beneficial effects: the invention provides a disk encryption method based on a trusted chip, which ensures the security of an encryption key by binding the encryption key encrypted by LUKS with the trusted chip.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the invention, and that for a person skilled in the art, other drawings can be derived from them without inventive effort.
Fig. 1 is a schematic diagram illustrating steps of a disk encryption method based on a trusted chip according to an embodiment of the present invention;
fig. 2 is a schematic diagram of an encryption flow of a disk encryption method based on a trusted chip according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a decryption process of a disk encryption method based on a trusted chip according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention. It is to be understood that the embodiments described are only a few embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, an embodiment of the present invention provides a disk encryption method based on a trusted chip, including the following steps:
s1, inquiring all disk partitions of a system to be encrypted to obtain an encryptable disk partition of the system to be encrypted;
s2, randomly generating an encryption key, and carrying out LUKS encryption on the encryptable disk partition, wherein the encryption key corresponds to the encryptable disk partition;
s3, writing the encryption key into a trusted chip of the system to be encrypted through an AES algorithm or an SM4 algorithm, adding a token, binding a LUKS key slot with the trusted chip, storing the encryption key into a trusted chip mode and the LUKS key slot associated with the trusted chip by the token, and storing the encryption key in the trusted chip;
s4, recording the information of the encrypted disk partition and the binding mode of the LUKS key slot and the trusted chip into an encryption system configuration file; and generating a recovery key, wherein the recovery key is used for recovering the encryption key and backing up the recovery key to a management platform.
The specific implementation is implemented by referring to the encryption flow shown in fig. 2:
for step S1, all disk partitions of the system to be encrypted are queried to obtain an encryptable disk partition of the system to be encrypted:
the purpose of the step S1 is to obtain partition information and a partition state, determine an encryptable partition according to the partition state, and if the partition is in an unencrypted state, encrypt the partition; if the partition is an encryption break (an abnormal restart or break), the partition may continue encryption; if the partition is in an encrypted state, the partition is not encryptable.
For step S2, an encryption key is randomly generated, and LUKS encryption is performed on the encryptable disk partition, where the encryption key corresponds to the encryptable disk partition, that is, the key generated by the random number method is higher in key complexity and security than a key input by a human password. LUKS is a Linux hard disk encryption standard, which specifies compatible implementation interfaces for functions such as key management of various hard disk encryption software. By providing a standard disk format, it may not only facilitate compatibility between releases, but may also provide secure management of multiple user passwords. Thus, the LUKS approach may be used to encrypt disk partitions.
In this embodiment, the LUKS encryption may specify an encryption algorithm, and support not only international algorithms such as AES but also national algorithms such as SM 4.
In this embodiment, in addition to the data of the encryptable disk partition, the file system is also encrypted, that is, all the partition data are ciphertexts, so that the security of the partition data is improved, and the possibility of data analysis is reduced. After the encryption of the zone of the encryptable disk is finished and the mounting is finished, data is written into the zone of the encryptable disk, the encryption is directly carried out, the data is read from the zone, the decryption is directly carried out, and the encryption process is transparent to a user.
For step S3, writing the encryption key into a trusted chip of the system to be encrypted, adding a token, and binding a LUKS key slot with the trusted chip, where the LUKS key slot stores the encryption key and writes it into the trusted chip and the associated LUKS key slot, and the trusted chip stores the encryption key. If a credible chip is added, only one plug-in is needed to be added, and the plug-in supports the reading and writing of the credible chip. Writing the encryption key generated in the step S2 into the trusted chip by using the corresponding plug-in according to the trusted chip used by the system; and adding a token by using the plug-in, recording the type of the trusted chip and the key reading mode, and finally binding the LUKS key slot with the trusted chip through the token.
And step S4, recording the information of the encryptable disk partition and the binding mode of the LUKS key slot and the trusted chip into a configuration file of an encryption system, so that the disk partition can be decrypted through the configuration file information when the system is started. And generating a recovery key, wherein the recovery key is used for recovering the encryption key and backing up the recovery key to the management platform. And after encryption is finished, generating a recovery key through the encryption key, and backing up the recovery key to the management platform. When the trusted chip is damaged or the equipment is replaced, the method is used as a means for recovering the encryption key, and the data can be recovered under the abnormal condition.
During decryption, referring to the decryption flow shown in fig. 3:
1) And when the system is started, reading the configuration file and searching the encrypted partition. And the encrypted partition is the encrypted disk partition, and the LUKS header information of the encrypted disk partition is obtained according to the record of the configuration file.
2) And searching the token of the encryption partition, and reading the encryption key from the trusted chip according to the key recording mode in the token. And looking up a token in the LUKS header of the encryption disk partition, and reading the plug-in type used by the encryption partition through the token, such as a tpm plug-in. And reading an encryption key in the trusted chip, such as the tpm trusted chip, through the plug-in. In addition, if the trusted chip is damaged or the device is replaced, and at this time, the encryption key is failed to be read through the trusted chip, the recovery key can be obtained from the management platform, and the encryption key is obtained through the recovery key. At the moment, whether the system has a new credible chip is detected, binding is carried out again, and the original binding mode is deleted.
3) The disk is decrypted using the encryption key, i.e., the encryptable disk partition is decrypted. The disk is decrypted by the encryption key read from the credible chip, so that the disk can be decrypted without manually inputting a password, the security of the key is improved, and the risk of key leakage is reduced.
Finally, the general encrypted data is important and critical data, and if the data cannot be recovered due to an abnormal encryption process, a significant and irretrievable loss is caused. Therefore, the data protection is particularly important in the encryption process, and the invention provides a data protection method under abnormal conditions. When the LUKS encryption is directly carried out on a disk partition, the first step is as follows: reading a data block A from a disk partition; the second step: backing up the data block A into a LUKS header, recording as a data block B, wherein the LUKS header exists in a partition which can be read and written normally; the third step: encrypting the data block A, wherein the encrypted data is a data block C; the fourth step: writing the encrypted data block C back to the position of the original data block A; at this point, a round of data encryption is completed. If abnormity such as power failure occurs in the first, second and third steps, the encryption is continued directly from the position of the data block A of the disk partition after the restart. If power failure and other abnormalities are sent in the third step, and the data at the position of the data block A of the disk partition has both encrypted data and unencrypted data, the data block B backed up in the LUKS header is recovered after restarting, the data block B is encrypted and then written back to the position of the original data block A, and abnormal data recovery is completed.
Based on the same invention concept, the invention also provides a disk encryption system based on a trusted chip, and the disk encryption method using any one of the above methods comprises the following steps:
the disk encryption module is used for carrying out LUKS encryption on an encryptable disk partition of the system to be encrypted and generating an encryption key;
the trusted chip binding module is used for detecting a trusted chip of the system to be encrypted, adding a token according to the type of the trusted chip, binding a LUKS key slot with the trusted chip, recording the writing mode of the encryption key, and recording the information of the encrypted disk partition and the binding mode of the LUKS key slot and the trusted chip to a configuration file of a management platform;
and the starting decryption module is used for searching the encryptable disk partition according to the configuration file, reading the encryption key in the LUKS key slot through the token and decrypting the encryptable disk partition.
In this embodiment, the disk encryption system based on the trusted chip generally further includes:
and the key backup module is used for generating a recovery key and backing up the recovery key, wherein the recovery key is used for recovering the encryption key under the abnormal condition.
Based on the same inventive concept, the invention further provides an electronic device, which includes a processor and a memory, where the memory stores a computer program, and the computer program, when executed by the processor, implements the trusted chip based disk encryption method.
The processor may be, in some embodiments, a Central Processing Unit (CPU), a controller, a microcontroller, a microprocessor (e.g., a GPU), or other data Processing chip. The processor is typically used to control the overall operation of the electronic device. In this embodiment, the processor is configured to execute the program code stored in the memory or process data, for example, execute the program code of the disk encryption method based on the trusted chip.
The memory includes at least one type of readable storage medium including a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, etc. In some embodiments, the storage may be an internal storage unit of the electronic device, such as a hard disk or a memory of the electronic device. In other embodiments, the memory may also be an external storage device of the electronic device, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like provided on the electronic device. Of course, the memory may also include both internal and external memory units of the electronic device. In this embodiment, the memory is generally used to store an operating method installed in the electronic device and various types of application software, such as a program code of the disk encryption method based on the trusted chip. In addition, the memory may also be used to temporarily store various types of data that have been output or are to be output.
Based on the same idea, the invention further provides a readable storage medium, in which a computer program is stored, and when the computer program is executed by a processor, the computer program implements the disk encryption method based on the trusted chip.
The method for optimizing the performance of the NVMe memory card based on the Tengyun S2500 two-way server architecture has the advantages that the number of hardware queues of the NVMe memory card is optimized according to the characteristics of the Tengyun S2500 two-way server architecture, and the interrupt affinity of the NVMe memory card is optimized according to the fact that the NVMe memory card is actually located as a main CPU or a slave CPU, so that the problem of interrupt cross-path accumulation processing caused by interrupt cross-path is solved, and the purpose of optimizing the performance of the NVMe memory card is achieved.
In summary, the present invention provides a disk encryption method based on a trusted chip, which ensures the security of an encryption key by binding the encryption key encrypted by LUKS with the trusted chip.
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and the modifications or the substitutions do not cause the essence of the corresponding technical solutions to depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (5)
1. A disk encryption method based on a trusted chip is characterized by comprising the following steps:
s1, inquiring all disk partitions of a system to be encrypted to obtain an encryptable disk partition of the system to be encrypted;
s2, randomly generating an encryption key, and carrying out LUKS encryption on the encryptable disk partition, wherein the encryption key corresponds to the encryptable disk partition; when LUKS encryption is carried out on the encryptable disk partition, in order to guarantee data recovery under abnormal conditions, the method further comprises the following steps: reading a first data block from a disk partition; backing up the first data block into a LUKS header, recording as a second data block, wherein the LUKS header exists in a partition which can be read and written normally; encrypting the first data block, wherein the encrypted data is a third data block; writing the encrypted third data block back to the position of the original first data block;
s3, writing the encryption key into a trusted chip of the system to be encrypted, adding a token, binding a LUKS key slot with the trusted chip, storing the encryption key by the token, writing the encryption key into a trusted chip mode and the associated LUKS key slot, and storing the encryption key in the trusted chip;
s4, recording the information of the encrypted disk partition and the binding mode of the LUKS key slot and the trusted chip into an encryption system configuration file; generating a recovery key, wherein the recovery key is used for recovering the encryption key and backing up the recovery key to a management platform;
and during decryption, a token is searched in the LUKS header of the encryptable disk partition, the plug-in type used by the encryption partition is read through the token, and the encryption key in the trusted chip is read through the plug-in.
2. A disk encryption system based on a trusted chip, for implementing the disk encryption method according to claim 1, comprising:
the disk encryption module is used for carrying out LUKS encryption on an encryptable disk partition of a system to be encrypted and generating an encryption key;
the trusted chip binding module is used for detecting a trusted chip of the system to be encrypted, adding a token according to the type of the trusted chip, binding a LUKS key slot with the trusted chip, recording the writing mode of the encryption key, and recording the information of the encrypted disk partition and the binding mode of the LUKS key slot and the trusted chip into an encryption system configuration file;
and the starting decryption module is used for searching the encryptable disk partition according to the configuration file of the encryption system, reading the encryption key in the trusted chip through the token and decrypting the encryptable disk partition.
3. The trusted-chip-based disk encryption system according to claim 2, further comprising:
and the key backup module is used for generating a recovery key and backing up the recovery key, wherein the recovery key is used for recovering the encryption key under the abnormal condition.
4. An electronic device comprising a processor and a memory, the memory having stored thereon a computer program which, when executed by the processor, implements the method of claim 1.
5. A readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method of claim 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210168625.3A CN114239091B (en) | 2022-02-24 | 2022-02-24 | Disk encryption method and system based on trusted chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210168625.3A CN114239091B (en) | 2022-02-24 | 2022-02-24 | Disk encryption method and system based on trusted chip |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114239091A CN114239091A (en) | 2022-03-25 |
| CN114239091B true CN114239091B (en) | 2022-11-04 |
Family
ID=80747839
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210168625.3A Active CN114239091B (en) | 2022-02-24 | 2022-02-24 | Disk encryption method and system based on trusted chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114239091B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202364240U (en) * | 2011-09-27 | 2012-08-01 | 国民技术股份有限公司 | Trusted calculating chip key backup recovery system |
| CN106650477A (en) * | 2016-12-28 | 2017-05-10 | 郑州云海信息技术有限公司 | Encryption method and apparatus |
| CN107025388A (en) * | 2016-02-02 | 2017-08-08 | 上海格尔软件股份有限公司 | It is a kind of that the method that system disk is bound with machine is realized based on TPM chips |
| CN107679425A (en) * | 2017-09-26 | 2018-02-09 | 天津麒麟信息技术有限公司 | A kind of credible startup method of the joint full disk encryption based on firmware and USBkey |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7117376B2 (en) * | 2000-12-28 | 2006-10-03 | Intel Corporation | Platform and method of creating a secure boot that enforces proper user authentication and enforces hardware configurations |
-
2022
- 2022-02-24 CN CN202210168625.3A patent/CN114239091B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN202364240U (en) * | 2011-09-27 | 2012-08-01 | 国民技术股份有限公司 | Trusted calculating chip key backup recovery system |
| CN107025388A (en) * | 2016-02-02 | 2017-08-08 | 上海格尔软件股份有限公司 | It is a kind of that the method that system disk is bound with machine is realized based on TPM chips |
| CN106650477A (en) * | 2016-12-28 | 2017-05-10 | 郑州云海信息技术有限公司 | Encryption method and apparatus |
| CN107679425A (en) * | 2017-09-26 | 2018-02-09 | 天津麒麟信息技术有限公司 | A kind of credible startup method of the joint full disk encryption based on firmware and USBkey |
Non-Patent Citations (1)
| Title |
|---|
| 基于FPGA的LUKS认证芯片电路及其密码恢复方法;曹春辉;《中国优秀硕士学位论文全文数据库 信息科技辑》;20190830;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114239091A (en) | 2022-03-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4648687B2 (en) | Method and apparatus for encryption conversion in data storage system | |
| EP2696305B1 (en) | Method and device for file protection | |
| EP3103048B1 (en) | Content item encryption on mobile devices | |
| US20100058066A1 (en) | Method and system for protecting data | |
| JP4941556B2 (en) | ENCRYPTION DEVICE, ENCRYPTION METHOD, AND ENCRYPTION PROGRAM | |
| US7818567B2 (en) | Method for protecting security accounts manager (SAM) files within windows operating systems | |
| US8983072B2 (en) | Portable data carrier featuring secure data processing | |
| JP5076110B2 (en) | System and method for guaranteeing data | |
| CN109766215B (en) | Data processing method and device | |
| CN109376119B (en) | Method for creating disk image file encrypted snapshot, method for using disk image file encrypted snapshot and storage medium | |
| CN111539042B (en) | Safe operation method based on trusted storage of core data files | |
| US11934539B2 (en) | Method and apparatus for storing and processing application program information | |
| CN114239091B (en) | Disk encryption method and system based on trusted chip | |
| CN107861892B (en) | Method and terminal for realizing data processing | |
| US20220123932A1 (en) | Data storage device encryption | |
| CN109583196B (en) | Key generation method | |
| CN113051533A (en) | Safety management method of terminal equipment | |
| CN111984605A (en) | Small file management method, electronic equipment and storage device | |
| CN102054148A (en) | File protection module and system | |
| CN111008389A (en) | Data processing method and device based on file system in satellite | |
| US12052356B2 (en) | Method and apparatus for data storage and verification | |
| US20220006617A1 (en) | Method and apparatus for data storage and verification | |
| CN109598154B (en) | Credible full-disk encryption and decryption method | |
| CN118296628A (en) | Sensitive information writing method, sensitive information reading method, sensitive information writing device and sensitive information reading and writing system | |
| CN117768114A (en) | Key derivation method and security architecture system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |