CN117097527A

CN117097527A - Method and device for managing software installation, electronic equipment and storage medium

Info

Publication number: CN117097527A
Application number: CN202311053108.2A
Authority: CN
Inventors: 李刚; 吴松
Original assignee: Shanghai Jidu Automobile Co Ltd
Current assignee: Shanghai Jidu Automobile Co Ltd
Priority date: 2023-08-18
Filing date: 2023-08-18
Publication date: 2023-11-21

Abstract

The application provides a method, a device, electronic equipment and a storage medium for managing software installation, which can send encrypted information encrypted by a first key to a server, wherein the encrypted information is used for triggering the server to check the encrypted information by using a second key, and after the verification is successful, downloading decryption information of target software is fed back. And receiving download decryption information fed back by the server, wherein the download decryption information comprises first download information and decryption information of the target software, the decryption information is obtained by encrypting a decryption package through a second key, and the decryption package is used for decrypting an encrypted software package of the target software. Then, the encrypted software package is downloaded according to the first download information, and decrypted according to the decryption information. Thus, the technical scheme of the application sets two times of encryption aiming at the target software, wherein one time is the encryption of the decryption package to the target software, and the other time is the encryption of the second key to the decryption package, so as to ensure the transmission safety of the target software.

Description

Method and device for managing software installation, electronic equipment and storage medium

Technical Field

The present application relates to the field of software installation technologies, and in particular, to a method and apparatus for managing software installation, an electronic device, and a storage medium.

Background

In the vehicle production process, the installation link of software is of great importance, and the control system of the vehicle can be ensured to normally operate. However, since the software of the vehicle needs to be transmitted between multiple systems, how to ensure the transmission security of the software is a technical problem to be solved in the art.

Disclosure of Invention

In view of the above, the present application proposes a method, apparatus, electronic device, and storage medium for managing the installation of software, which can ensure the safe transmission of software during the production process of a vehicle.

The technical scheme provided by the application is as follows:

in a first aspect, an embodiment of the present application provides a method for managing installation of software, including:

transmitting encryption information encrypted by the first key to a server; the encryption information is used for triggering the server to check the encryption information by using the second key, and feeding back the downloaded decryption information of the target software after the verification is successful;

receiving the download decryption information from the server; the downloading decryption information comprises first downloading information and decryption information of the target software, the decryption information is obtained by encrypting a decryption package through the second key, and the decryption package is used for decrypting an encryption software package of the target software;

And downloading the encrypted software package according to the first downloading information, decrypting the decryption information according to the first key to obtain the decryption package, and decrypting the encrypted software package according to the decryption package.

In a second aspect, an embodiment of the present application provides an installation management apparatus for software, including:

the sending module is used for sending the encrypted information encrypted by the first key to the server; the encryption information is used for triggering the server to check the encryption information by using the second key, and feeding back the downloaded decryption information of the target software after the verification is successful;

a receiving module for receiving the download decryption information from the server; the downloading decryption information comprises first downloading information and decryption information of the target software, the decryption information is obtained by encrypting a decryption package through the first key, and the decryption package is used for decrypting an encryption software package of the target software;

and the downloading module is used for downloading the encrypted software package according to the first downloading information, decrypting the decryption information according to the first secret key to obtain the decryption package, and decrypting the encrypted software package according to the decryption package.

Further, in the apparatus described above, further comprising:

the storage module is used for dividing the encryption software package and the decryption information into execution information and guide decryption information; the execution information comprises an installation execution file, and the guide decryption information comprises an installation guide file and the decryption information; storing the execution information and the boot decryption information.

Further, in the above apparatus, the storage module is specifically configured to:

storing the execution information corresponding to the first installation target in a first position, storing the guide decryption information corresponding to the first installation target in a second position, and storing the execution information and the guide decryption information corresponding to the second installation target in a third position; the first installation target is a target for installation based on a software installation platform, and the second installation target is a target for installation under the control of the first installation target after the first installation target is completed.

Further, in the above apparatus, the downloading module includes:

a decryption unit configured to send a decryption instruction including the encrypted software package and the decryption information to a software installation station; the decryption instruction is used for instructing the software installation platform to decrypt the decryption information by using the second key to obtain the decryption package; and decrypting the encrypted software package by using the decryption package to obtain the target software.

Further, in the apparatus described above, the decryption unit is specifically configured to:

generating second download information based on the encrypted software package and the storage location of the decryption information; and generating the decryption instruction according to the second download information.

Further, in the apparatus described above, further comprising:

and the stopping module is used for stopping the target thread for executing the downloading task of the encrypted software package in response to the downloading stopping instruction.

Further, in the apparatus described above, the target thread includes a first thread and a second thread, where the first thread is used to perform a communication task, and the second thread is used to perform a download task; the stopping module is specifically configured to:

responding to a downloading stopping instruction, stopping the first thread and the second thread if the second thread is detected to be executing, deleting the downloaded content of the second thread, and stopping the first thread if the second thread is detected to not be executing;

or, in response to a stop download instruction, stopping the second thread; detecting whether the first thread is executing; if the first thread is detected to be executing, stopping the first thread, and deleting the content downloaded by the second thread; and if the first thread is detected not to be executed, deleting the content downloaded by the second thread.

In a third aspect, an embodiment of the present application provides an electronic device, including:

a memory and a processor; wherein the memory is used for storing programs; the processor is configured to implement the method according to any one of the above by running the program in the memory.

In a fourth aspect, embodiments of the present application provide a storage medium having stored thereon a computer program which, when executed by a processor, implements a method as claimed in any one of the preceding claims.

In a fifth aspect, embodiments of the present application provide a computer program product or computer program comprising computer instructions stored in a computer readable storage medium; a processor of a computer device reads the computer instructions from the computer readable storage medium, the processor executing the computer instructions, causing the computer device to perform the method of any one of the above.

The method for managing the installation of the software can send the encrypted information encrypted by the first key to the server, the encrypted information is used for triggering the server to check the encrypted information by using the second key, and the download decryption information of the target software is fed back after the verification is successful. And receiving download decryption information fed back by the server, wherein the download decryption information comprises first download information and decryption information of the target software, the decryption information is obtained by encrypting a decryption package through a second key, and the decryption package is used for decrypting an encrypted software package of the target software. Then, the encrypted software package is downloaded according to the first download information, the decryption information is decrypted according to the first key to obtain a decryption package, and the encrypted software package is decrypted according to the decryption package. Thus, the technical scheme of the application sets two times of encryption aiming at the target software, wherein one time is the encryption of the decryption package to the target software, and the other time is the encryption of the second key to the decryption package, so as to ensure the transmission safety of the target software.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are only embodiments of the present application, and other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.

Fig. 1 is a possible application scenario of a software installation management method provided by an embodiment of the present application.

Fig. 2 is a flow chart of a software installation management method according to an embodiment of the present application.

Fig. 3 is a signaling diagram of a software installation management method according to an embodiment of the present application.

Fig. 4 is a signaling diagram of another software installation management method according to an embodiment of the present application.

Fig. 5 is a schematic flow chart of downloading an encrypted software package according to an embodiment of the present application.

Fig. 6 is a schematic flow chart of stopping downloading an encrypted software package according to an embodiment of the present application.

Fig. 7 is a schematic structural diagram of a software installation management device according to an embodiment of the present application.

Fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

Detailed Description

The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.

With the development of electronics and intellectualization of vehicles, control systems of vehicles are more and more complex, and a great deal of software support is required, and the software not only comprises basic control functions such as traditional engine control, brake control and the like, but also comprises emerging control functions such as an in-vehicle infotainment system, an automatic driving auxiliary system and the like. Therefore, in the vehicle production process, the software refreshing link, namely the software installation link, is a critical link, which ensures that the control system of the vehicle can normally operate.

When installing software for a vehicle, the software needs to be transferred between multiple systems. Specifically, the software of the vehicle is stored in a server, and typically the software of the vehicle is stored in a remote server. Therefore, the software installation apparatus needs to download the software of the vehicle from the server and then install the software into the relevant vehicle. During the software transmission process, once the software of the vehicle is tampered, the running safety of the vehicle is affected.

Based on the above, the application provides a method, a device, an electronic device and a storage medium for managing software installation.

Fig. 1 shows a possible application scenario of the installation management method of software, and in the scenario shown in fig. 1, a production line software flashing management platform (Remote Server Management System, RSMS) 12, a server 11, and a software installation station 13 are provided.

The server 11 is an electronic device having a certain arithmetic processing capability. Which may have a network communication module, a processor, memory, and the like. Of course, the server 11 may also refer to software running in the electronic device. The server 11 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs, basic cloud computing services such as big data and artificial intelligence platforms. Alternatively, with the development of science and technology, the server 11 may be a new technical means capable of realizing the functions corresponding to the embodiments of the specification. For example, a new form of "server" based on quantum computing implementation may be possible.

The production line software flashing management platform 12 is a management platform built on a local server. The local server may also be an electronic device with some arithmetic processing capability. Which may have a network communication module, a processor, memory, and the like. Of course, the local server may also refer to software running in the electronic device. The local server may be a local independent physical server, or may be a server cluster or a distributed system formed by a plurality of local physical servers. Or, with the development of science and technology, the local server may also be a new technical means capable of realizing the corresponding functions of the embodiment of the specification. For example, a new form of "server" based on quantum computing implementation may be possible.

The production line software flashing management platform 12 has network access capability, and the production line software flashing management platform 12 can establish a network connection with the server 11 through the first path 14. If the server 11 is a remote server, the first path 14 may be a wide area network path, for example, a network path formed by a mobile network such as 2G, 3G, 4G, or 5G. If the server 11 is a local server, the first path 14 may also be a local network path, for example, a network path formed by a ZIGBEE, WIFI, bluetooth, or other network.

The software installation station 13 is a device that updates the software of the vehicle electronic controller unit (Electronic Control Unit, ECU), and the software installation station 13 is typically used for offline flashing to relieve production line on-line installation pressure. In some embodiments, the software installation station may also be referred to as an offline swipe station. The software installation station 13 can establish a connection with the production line software flashing management platform 12 via a second path 15. The second path 15 may be a wide area network path, such as a network path formed by a mobile network like 2G, 3G, 4G or 5G, the second path 15 may also be a local area network path, such as a network like ZIGBEE, WIFI or bluetooth, the second path 15 may also be a wired connection path formed by a wired connection, for example, the second path 15 may be a bus.

In the above-mentioned possible application scenario, the relevant person may push the software of the vehicle to the server 11. The production line software flashing management platform 12 sends the encrypted information encrypted by the first key to the server 11 via the first path 14. After obtaining the encrypted information, the server 11 verifies the encrypted information by using a second key matched with the first key, and feeds back the downloaded decryption information of the software to the production line software refreshing management platform 12 through the first path 14 after the verification is successful. The downloading decryption information comprises first downloading information and decryption information of the software, the decryption information is obtained by encrypting a decryption package through a second key, and the decryption package is used for decrypting an encryption software package of the target software.

The production line software flashing management platform 12 receives the download decryption information fed back by the server 11, downloads the encrypted software package according to the first download information, and decrypts the encrypted software package according to the decryption information.

In some embodiments, the production line software flashing management platform 12 sends the decryption information and the encrypted software package to the software installation platform 13 through the second path 15, the software installation platform 13 decrypts the decryption information based on the first key to obtain a decryption package, and then decrypts the encrypted software package by using the decryption package to obtain the required software. After the software of the vehicle is obtained, the software installation table 13 can install the software offline.

In other embodiments, the production line software flashing management platform 12 decrypts the decryption information based on the first key to obtain a decryption package, then decrypts the encrypted software package by using the decryption package to obtain the required software, and then sends the software to the software installation platform 13, and the software installation platform 13 can install the software offline after obtaining the software of the vehicle.

Thus, the vehicle software is provided with two encryption modes, namely, encryption of the decryption package to the software is carried out, and encryption of the second key to the decryption package is carried out, so that the transmission safety of the software is ensured.

Further, an exemplary embodiment of the present specification provides a software installation management method, which may be performed by the production line software flashing management platform (hereinafter referred to as an installation management platform) of the above embodiment, and referring to fig. 2, the method includes:

s101, sending encryption information encrypted by the first key to a server.

The above-described encryption information refers to information that the installation management platform requests the download of the target software from the server, and is subjected to encryption processing by the first key. The target software refers to a specific version of software or a specific identifier of software, which is not limited in this embodiment. In the embodiment of the application, the installation management platform sends the encrypted information to the server. The encryption information may include identification information of the target software and/or a device number of the installation management platform.

The identification information of the target software is used to indicate the target software that needs to be downloaded, and the identification information of the target software may be a unique identification code of the target software, an IDentity (ID) of a version of the target software, or other information capable of identifying the IDentity of the target software, which is not limited in this embodiment. The device number of the installation management platform is used to indicate the platform requesting to download the target software, and the device number may be an ID of the installation management platform, or other code capable of identifying the identity of the installation management platform, which is not limited in this embodiment.

In some embodiments, the encryption information includes identification information of the target software and a device number of the installation management platform. In some special cases, for example where the server only serves one installation management platform, the identity of the installation management platform can be identified even without the need for a device number, the encrypted information may not include the device number of the installation management platform. For another example, the server only includes a piece of target software, and the installation management platform is set in advance to download only the latest version of the target software, so that the target software to be downloaded can be determined without the identification information of the target software, and the encryption information may not include the identification information of the target software.

Specifically, if the encryption information includes the identification information of the target software and the device number of the installation management platform, the identification information of the target software and the device number of the installation management platform may be encrypted by using the first key, to obtain the above encryption information. Similarly, if the encryption information includes the identification information of the target software or the device number of the installation management platform, the identification information of the target software or the device number of the installation management platform may be encrypted by using the first key to obtain the above encryption information.

It should be noted that, as shown in fig. 3, before sending the encrypted information to the server, the installation management platform needs to register on the server to obtain the first key issued by the server. The specific registration process is as follows:

the server is provided with an information security module for security management, the installation management platform applies for the equipment number to the information security module, the information security module is registered, and the information security module feeds back the equipment number and the first secret key to the installation management platform after the registration is completed. Correspondingly, a second key is also generated in the information security module, and the first key and the second key are mutually matched keys. The first key is a private key, the second key is a public key, or the first key is a public key, and the second key is a private key, which is not limited in this embodiment.

In a specific embodiment, as shown in fig. 3, the encryption information includes identification information of the target software and a device number of the installation management platform. The server can push the identification information of the target software to be installed to the installation management platform, and the installation management platform encrypts the identification information of the target software and the equipment number of the installation management platform by using the first key to obtain encrypted information. In some embodiments, the first key is a private key, so that the identification information of the target software and the device number of the installation management platform can be signed by using the first key to obtain Payload, i.e. encrypted information.

As shown in fig. 3, after the server acquires the encrypted information, the server uses the second key to verify the encrypted information, and feeds back the downloaded decryption information of the target software after the verification is successful. In a specific embodiment, the first key is a private key, the encrypted information is obtained by signing the first key, the second key is a public key, the server uses the second key to perform signature verification processing on the encrypted information, and after the signature verification is successful, the server feeds back the downloaded decryption information of the target software.

Specifically, after the server obtains the encrypted information, the encrypted information is checked by using the second key, and after the verification is successful, the identification information of the target software and the equipment number of the installation management platform contained in the encrypted information are obtained. Based on the identification information of the target software, the server can determine the target software which needs to be fed back to the installation management platform, and based on the equipment number of the installation management platform, the server can determine the platform for requesting to download the target software, so that the download decryption information of the target software is fed back to the installation management platform.

The target software is stored in the server in the form of an encrypted software package, and the encrypted software package can only be decrypted using a decryption package (keyInfo). In the embodiment of the application, after determining the target software, the server can send the encrypted software package and the decrypted package of the target software to the installation management platform. In some embodiments, a Firmware Over-The-Air (FOTA) module is included in The server, and The FOTA may be used to send The encrypted and decrypted packets of The target software to The installation management platform.

When the server sends the encrypted software package of the target software, the first download information can be generated according to the storage position of the encrypted software package, and the installation management platform can download the encrypted software package of the target software through the first download information. In some embodiments, in order to ensure the transmission security of the first download information, the server may encrypt the first download information with the second key and then send the encrypted first download information to the installation management platform, where the installation management platform may decrypt the first download information with the first key after obtaining the first download information. The first key is a private key, the second key is a public key, the server can encrypt the first download information by using the public key and then send the encrypted first download information to the installation management platform, and the installation management platform can decrypt the first download information by using the private key after obtaining the first download information.

The first download information may be a download address of the encrypted software package, a download link of the encrypted software package, etc., where the download address may be a uniform resource locator (Uniform Resource Locator, URL), which is not limited in this embodiment.

In order to ensure the transmission security of the decryption package, the server may encrypt the decryption package with the second key to obtain decryption information. Illustratively, the first key is a private key, the second key is a public key, and the decryption package may be encrypted by using the public key to obtain the decryption information.

The server can form the first download information and the decryption information into download decryption information, and the download decryption information is fed back to the installation management platform. In some embodiments, when the server feeds the download decryption information back to the installation management platform, the server feeds the download decryption information back to the installation management platform corresponding to the device number included in the encryption information.

It should be noted that, in another embodiment, if the encryption information includes only the identification information of the target software, the installation management platform may encrypt the identification information of the target software with the first key to obtain the encryption information. In such a case, the server typically serves only one installation management platform, and the server may then directly feed back the download decryption information to that installation management platform.

In yet another embodiment, if the encryption information includes only the device number of the installation management platform, the installation management platform may encrypt the device number of the installation management platform using the first key to obtain the encryption information. At this time, the server may push not the identification information of the target software described above to the installation management platform but the inquiry information of whether to download the target software. After the installation management platform acquires the inquiry information, if the encryption information is sent to the server, the installation management platform indicates that the installation management platform needs to download the target software, and the server can directly feed back the downloading decryption information of the target software to the installation management platform.

It should be noted that, the manner of encrypting, decrypting, signing and verifying the setting information by using the private key and the public key is very mature prior art, and a person skilled in the art only needs to refer to the description in the prior art, and details are not described here.

S102, receiving the download decryption information from the server.

The installation management platform can receive the download decryption information fed back by the server. Specifically, the installation management platform may receive the above-mentioned download decryption information fed back by the server based on the first path in the above embodiment, which is not limited in this embodiment.

S103, the encryption software package is downloaded according to the first downloading information, the decryption information is decrypted according to the first secret key to obtain a decryption package, and the encryption software package is decrypted according to the decryption package.

After obtaining the download decryption information, the installation management platform downloads the encrypted software package according to the first download information, as shown in fig. 3. The download location indicated by the first download information may be located in the server, or may be located in another server, which is not limited in this embodiment. Specifically, if the first download information is encrypted using the second key, the first key may be used to decrypt the encrypted software package, and then the encrypted software package may be downloaded according to the decrypted first download information. If the first download information is not encrypted, the encrypted software package can be directly downloaded according to the first download information.

In order to ensure the integrity of the encrypted software package, the downloaded encrypted software package needs to be subjected to integrity verification, and if the encrypted software package passes the integrity verification, the downloading of the encrypted software package is completed. In some embodiments, the integrity verification may be performed on the encrypted software package by using an ECDSA Algorithm, a PGP (Pretty Good Private) Algorithm, or an md5 (Message-Digest Algorithm 5) Algorithm, which is not limited in this embodiment.

After the encrypted software package is downloaded, the encrypted software package can be decrypted according to the decryption information. For example, the installation management platform may decrypt the decryption information based on the first key to obtain a decryption package, and then decrypt the encrypted software package with the decryption package to obtain the target software. And finally, the target software is sent to a software installation platform, and the software installation platform can install the software offline after obtaining the software of the vehicle.

In some embodiments, the first key is a private key, and the second key is a public key, that is, the decryption information is obtained after the server encrypts the decryption package by using the public key, and after the decryption information is sent to the installation management platform, the installation management platform may decrypt the decryption information by using the private key to obtain the decryption package. And then decrypting the encrypted software package by using the decryption package to obtain the target software. And finally, the target software is sent to a software installation platform, and the software installation platform can install the software offline after obtaining the software of the vehicle.

In the above embodiment, the encrypted information encrypted by the first key may be sent to the server, where the encrypted information is used to trigger the server to verify the encrypted information by using the second key, and after the verification is successful, the download decryption information of the target software is fed back. And receiving the download decryption information fed back by the server, wherein the download decryption information comprises first download information and decryption information of the target software, the decryption information is obtained by encrypting a decryption package through a second key, and the decryption package is used for decrypting an encryption software package of the target software. Then, the encrypted software package is downloaded according to the first download information, and decrypted according to the decryption information. Thus, the technical scheme of the application sets two times of encryption aiming at the target software, wherein one time is the encryption of the target software by the decryption package and the other time is the encryption of the decryption package by the second key, so as to ensure the transmission safety of the software.

As an alternative implementation manner, it is disclosed in another embodiment of the present application that the step server of the above embodiment sends the encrypted information encrypted by the first key, and may specifically include the following steps:

if the identification information of the target software is detected and the current moment is at the preset pre-downloading moment, sending encryption information encrypted by the first key to the server; the encryption information includes identification information.

The volume of the encrypted software package is generally larger, so that not only is a larger memory space occupied, but also the downloading speed of the encrypted software package is slow, the whole time is consumed, and the whole installation efficiency of the target software is further reduced. In order to solve the above-mentioned problems, an embodiment of the present application provides a pre-downloading method, which specifically includes:

the server pushes the identification information of the target software to be installed in the vehicle to the installation management equipment, the installation management equipment detects the identification information of the target software, when the current moment is at the preset pre-downloading moment, the server is triggered to check the encryption information by using the second key and feeds back the downloading decryption information of the target software after the verification is successful, and the pre-downloading of the target software encryption software package is started.

In some embodiments, the server includes a virtual host module (VSP) that pushes identifying information of target software that needs to be installed into the vehicle to the installation management device.

In this embodiment, after the server pushes the identification information of the target software to the installation management device, at a set pre-download time, the installation management device may start pre-downloading the target software encryption software package, so that the encryption software package may be downloaded in advance, so that the downloading of the encryption software package is avoided by occupying working time, and the overall installation efficiency of the target software is improved.

In some alternative embodiments, after the server pushes the identification information of the target software to the installation management device, the installation management device may send the encrypted information encrypted by the first key to the server at the set pre-download time using a distributed timing task, such as XXJOB. The pre-download time may be set according to the actual situation, which is not limited in this embodiment. In some alternative embodiments, the pre-download time may be set to be zero in each day, and after the server pushes the identification information of the target software to the installation management device, the installation management device sends the encrypted information encrypted by the first key to the server when the zero arrives.

Furthermore, in embodiments of the present application, the installation management device also supports manual download of encrypted software packages. That is, after detecting the identification information of the target software, if the installation management device obtains a download instruction from the related staff, the installation management device may send the encrypted information encrypted by the first key to the server, trigger the server to verify the encrypted information by using the second key, and feed back the download decryption information of the target software after the verification is successful, and start the pre-download of the encrypted software package for the target software.

In the above embodiment, by pre-downloading the encrypted software package of the target software, the downloading of the encrypted software package taking up working time can be avoided, and the overall installation efficiency of the target software can be improved.

As an alternative implementation manner, in another embodiment of the present application, it is disclosed that the encryption software package includes a plurality of encryption blocks, and the steps of the above embodiment download the encryption software package, specifically may include the following steps: and downloading the encryption block by using a preset thread pool.

In order to increase the download speed of the encrypted software package, the embodiment of the present application divides the encrypted software package into a plurality of encrypted blocks. The specific number of the encryption blocks divided by the encryption software package may be set according to actual situations, which is not limited in this embodiment. For example, a 1G file may be divided into blocks of 10M each, and a total of 103 blocks.

When downloading an encrypted software package, a thread pool may be utilized for downloading. A thread pool contains one or more threads, which are all managed uniformly by the thread pool. An encryption block is a download task, a thread pool creates threads to execute the download task when the download task is just received, when the number of threads reaches the number of threads specified by the thread pool, a new thread pool is not created, the download task is added to a work queue, and idle threads in the thread pool can execute all the download tasks in the work queue.

Because the threads in the thread pool can not be destroyed, the threads can be repeatedly utilized through the thread pool, so that the resource consumption and the time consumption caused by frequently creating and destroying the threads are saved, and the aim of improving the downloading speed is fulfilled.

In the above embodiment, the downloading speed can be effectively improved, and the purpose of improving the installation speed of the target software is further achieved.

As an alternative implementation manner, in another embodiment of the present application, the steps of the above embodiment download the encrypted block using a preset thread pool, and may specifically include the following steps:

n encryption blocks are subtracted from the number of encryption blocks to be downloaded every time the downloading of the thread pool is detected; wherein N is a positive integer; and when the number of the encryption blocks to be downloaded is detected to be 0, determining that the encryption block downloading is completed.

In the embodiment of the application, the completion condition of each thread in the thread pool on the downloading task is counted in real time. And subtracting N from the number of the encryption blocks to be downloaded until the number of the encryption blocks to be downloaded is 0, wherein the completion of the downloading of the encryption blocks is indicated. N is the number of encryption blocks downloaded by the thread pool and is a positive integer.

In a specific embodiment, the concept of a semaphore may be introduced, the semaphore being used to characterize the number of encrypted blocks to be downloaded, the initial value of the semaphore being set according to the total number of encrypted blocks. For example, the total number of encrypted blocks in the current encrypted software package is 1000, and then the initial value of the semaphore is 1000. The number of semaphore values is decremented by N whenever a thread pool download is detected to complete N cipher blocks. For example, if 1 encryption block is detected to be completed by the thread pool download, the value of the semaphore is decremented by 1, if 4 encryption blocks are detected to be completed by the thread pool download, the value of the semaphore is decremented by 4, and so on until the value of the semaphore is decremented to 0, indicating that all encryption block downloads are completed.

In the above embodiment, by detecting the number of encrypted blocks to be downloaded, it can be ensured that all the encrypted blocks are downloaded by the software installation platform, and the integrity of the encrypted software package is ensured.

As an alternative implementation manner, in another embodiment of the present application, the steps of the above embodiment decrypt the decryption information according to the first key to obtain a decryption package, and decrypt the encrypted software package according to the decryption package may specifically include the following steps:

transmitting a decryption instruction comprising an encrypted software package and decryption information to a software installation station; the decryption instruction is used for instructing the software installation platform to decrypt the decryption information by using the first key to obtain a decryption package; and decrypting the encrypted software package by using the decryption package to obtain the target software.

In the embodiment of the present application, as shown in fig. 4, in order to ensure the transmission security of the target software between the installation management platform and the software installation platform, the installation management platform may send a decryption instruction including an encrypted software package and decryption information to the software installation platform, and after the software installation platform obtains the decryption instruction, the software installation platform may decrypt the decryption information by using the first key to obtain a decryption package, and then decrypt the encrypted software package by using the decryption package to obtain the target software.

In some embodiments, after obtaining the above decryption instruction including the encrypted software package and the decryption information, the software installation platform may immediately decrypt the decryption information by using the first key, decrypt the encrypted software package by using the decryption package, and obtain the target software, and after obtaining the installation instruction of the relevant staff, directly install the target software into the vehicle.

In other embodiments, the software installation station will only decrypt the encrypted software package when the installation of the target software is performed. Therefore, in the embodiment of the present application, after the decryption instruction is acquired, the software installation platform may wait for the installation instruction from the relevant staff without decrypting the decryption instruction, and after the installation instruction is acquired, may decrypt the decryption information by using the first key and decrypt the encrypted software package by using the decryption package, thereby obtaining the target software, and install the target software into the vehicle. Or after the software installation platform obtains the decryption instruction, the software installation platform can decrypt the decryption information by using the first key, then wait for the installation instruction from the related staff, decrypt the encrypted software package by using the decryption package after obtaining the installation instruction, obtain the target software, and finally install the target software into the vehicle.

The installation management platform needs to send the first key to the software installation platform before the software installation platform decrypts the decryption information. For example, the installation management platform may send the first key to the software installation platform after obtaining the first key, as shown in fig. 4.

In the above embodiments, the transfer security of the target software between the installation management platform and the software installation platform can be ensured.

As an alternative implementation manner, in another embodiment of the present application, the steps of the above embodiment send an instruction including encrypting a software package and decrypting information to a software installation platform, and may specifically include the following steps:

generating second download information based on the encrypted software package and the storage location of the decryption information; and generating a decryption instruction according to the second download information.

When the installation management platform sends a decryption instruction comprising the encrypted software package and the decryption information to the software installation platform, second download information can be generated according to the storage position of the encrypted software package and the decryption information, and then the decryption instruction is generated according to the second download information, namely the decryption instruction comprises the second download information. Then, a decryption instruction containing the second download information is sent to the software installation station.

After the software installation platform obtains the decryption instruction, the second downloading information can be obtained by analyzing the decryption instruction, and then the encryption software package and the decryption information are downloaded according to the second downloading information. The second download information may be a download address, a download link, etc. of the encrypted software package and the encrypted information, where the download address may be a uniform resource locator (Uniform Resource Locator, URL), and the embodiment is not limited.

In the above embodiment, the installation management platform sends the decryption instruction containing the second download information to the software installation platform, so that the software installation platform downloads the encrypted software package and the decryption information according to the second download information, thereby only transmitting the decryption instruction containing the second download information in the network, avoiding transmitting the file with larger volume such as the encrypted software package in the network, and improving the transmission speed of the encrypted software package and the decryption information.

As an alternative implementation manner, in another embodiment of the present application, the method of the above embodiment may specifically include the following steps:

dividing the encryption software package and decryption information into execution information and guide decryption information; the execution information comprises an installation execution file, and the guide decryption information comprises an installation guide file and decryption information; the execution information and the boot decryption information are stored.

The embodiment of the present application re-divides the encrypted software package and the decryption information into the execution information and the boot decryption information according to the roles performed during the installation process. The execution information comprises an installation execution file of the target software, such as a BIN file of the target software; the boot decryption information includes an installation boot file and decryption information, the installation boot file records the boot files such as the hardware version number and the installation order of the target software.

The execution information is decrypted by the decryption package in the decryption information to obtain an installation execution part of the target software, the installation guide file is decrypted by the decryption package in the decryption information to obtain an installation guide part of the target software, and the installation execution part is used for installing the target software under the guidance of the installation guide part.

Further, the execution information and the boot decryption information are stored. In some embodiments, the execution information and the boot decryption information may be stored in a file storage system, for example, in a MINIO, which is not limited in this embodiment.

The decryption information is divided into the execution information and the guide decryption information again, and the execution information can be rapidly controlled to finish offline installation by reading the guide decryption information, so that the problem of data reading errors during installation is avoided, and the overall installation efficiency is improved.

As an alternative implementation manner, disclosed in another embodiment of the present application, the steps of the above embodiment store the execution information and the boot decryption information, and may specifically include the following steps:

the execution information corresponding to the first installation target is stored in a first position, the guide decryption information corresponding to the first installation target is stored in a second position, and the execution information corresponding to the second installation target and the guide decryption information are stored in a third position. The first installation target is a target for installation based on the software installation platform, and the second installation target is a target for installation under the control of the first installation target after the first installation target is completed.

The first installation target is four large domain controllers, including an autopilot domain controller (ADAS Control Unit, ACU), a cockpit domain controller (Cockpit Domain Controller, CDC), a networking module (textics & Connectivity Antenna Module, TCAM) and a body gateway module (Body Gateway Module, BGM); the second installation target includes other ECUs than the four-domain controller described above.

Specifically, since the content of the execution information and the boot decryption information corresponding to the first installation target is large, the execution information and the boot decryption information of the first installation target may be stored separately, the execution information corresponding to the first installation target may be stored in the first location, and the boot decryption information corresponding to the first installation target may be stored in the second location. The first position and the second position are different positions, and specific positions of the first position and the second position in the file storage system may be set according to actual situations, which is not limited in this embodiment.

Since the content of the execution information and the boot decryption information corresponding to the second installation target is relatively small, the execution information and the boot decryption information corresponding to the second installation target can be stored at the third location at the same time. Specifically, the execution information and the guide decryption information corresponding to the second installation target may be compressed to obtain a compressed packet of the execution information and the guide decryption information corresponding to the second installation target, and the compressed packet may be stored in the third location. The third position is different from the first position and the second position, and the specific position of the third position in the file storage system may be set according to the actual situation, which is not limited in this embodiment.

The execution information and the guide decryption information corresponding to the first installation target are stored separately, so that the software installation platform can quickly find the execution information and the guide decryption information corresponding to the first installation target during installation, and the first installation target is installed; after the first installation target is installed, the execution information and the guide decryption information corresponding to the second installation target can be quickly found, then the execution information and the guide decryption information corresponding to the second installation target are stored in the BGM, and the BGM reads the execution information and the guide decryption information corresponding to the second installation target and controls the second installation target to install.

The software installation platform is arranged in the first installation target, the first installation target is used for installing the first installation target, the second installation target is used for installing the second installation target, the first installation target is used for installing the second installation target, the second installation target is used for installing the second installation target, and the first installation target is used for installing the second installation target.

As an alternative implementation manner, in another embodiment of the present application, the method of the above embodiment may specifically include the following steps: and stopping the target thread for executing the downloading task of the encrypted software package in response to the downloading stopping instruction.

The downloading stopping instruction comprises a downloading stopping instruction from a related staff or a downloading stopping instruction generated after new identification information pushed by a server is acquired. That is, in the embodiment of the present application, after the downloading stopping instruction of the related staff is obtained, downloading of the encrypted software package may be stopped; when new identification information pushed by the server is acquired and the encrypted software package of the target software needs to be downloaded again, the downloading of the encrypted software package can be stopped.

For example, if the version of the target software in the server is updated, the server may push the latest version ID of the target software to the installation management platform, and after the installation management platform obtains the latest version ID of the target software, the latest version of the target software may be downloaded. If the installation management platform downloads the encrypted software package at this time, the downloading stopping instruction of the encrypted software package can be directly generated so as to stop downloading of the encrypted software package, and then encryption information is sent to the server, wherein the encryption information comprises the latest version ID of the target software and the equipment number of the software installation platform so as to start downloading of the latest version of the target software.

Specifically, in the embodiment of the present application, when downloading an encrypted software package, a target thread that executes a task of downloading the encrypted software package is marked, and after a downloading stopping instruction is acquired, the target thread is found and stopped.

In the above embodiment, after the instruction for stopping downloading is obtained, the target thread for executing the task for downloading the encrypted software package can be quickly found and stopped, so that the purpose of quickly stopping downloading is achieved.

As an alternative implementation manner, in another embodiment of the present application, the target thread includes a first thread and a second thread, where the first thread is used to perform a communication task, and the second thread is used to perform a download task, and the steps in the above embodiment respond to a stop download instruction, stop the target thread that performs the download task of the encrypted software package, and specifically may include the following steps:

and responding to the downloading stopping instruction, stopping the first thread and the second thread if the second thread is detected to be executing, deleting the downloaded content of the second thread, and stopping the first thread if the second thread is detected to not be executing.

Specifically, as shown in fig. 5, the target thread in the present embodiment includes a first thread for executing a communication task and a second thread for executing a download task.

The execution sequence of the first thread and the second thread is first thread-second thread-first thread. Specifically, the installation management platform firstly establishes connection with the server by using a first thread to acquire the downloading decryption information of the target software, and then downloads the encrypted software package of the target software by using a second thread according to the first downloading information in the downloading decryption information. After the encryption software package is downloaded, the first thread performs integrity check on the encryption software package, and after the encryption software package passes the integrity check, the first thread stores the encryption software package and decryption information.

In a specific embodiment, as shown in fig. 5, a first thread is configured to query a FOTA detail interface of a cloud server after obtaining a download instruction of an encrypted software package, then generate a mapping file, a second thread is configured to download each encrypted block using a thread pool, then perform a first integrity check on the encrypted software package obtained by the download by the first thread, where the first integrity check is a value of a detected signal, when the value of the signal does not decrease to 0, it indicates that the encrypted software package does not pass the first integrity check, the encrypted block download is not completed, and the encrypted block download is continued by the second thread, when the value of the signal decreases to 0, it indicates that the encrypted software package passes the first integrity check, the encrypted block download is completed, and further uses an ECDSA Algorithm, PGP (Pretty Good Private) Algorithm, an md5 (Message-Digest Algorithm) or the like to perform a second integrity check on the encrypted software package, and after the verification, it stores encrypted software package encryption information. Further, mail may be sent to inform the relevant staff that the download of the encrypted software package is complete.

In the downloading process of the encrypted software package, the identification information of the thread which is executing the downloading task, namely the identification information of the target thread, can be recorded, and meanwhile, whether the first thread or the second thread which is executing the downloading task in the target thread can be recorded.

In response to the stop download instruction, a target thread for executing the download task of the encrypted software package may be determined, and since the encrypted software package is downloaded by the second thread in the target thread in this embodiment, the first thread in the target thread does not execute the download task, it may be directly detected whether the second thread in the target thread is executing, and if the second thread in the target thread is executing, it is necessary to delete the downloaded content of the second thread in addition to stopping both the first thread and the second thread in the target thread. If the second thread in the target thread does not start executing, it indicates that the second thread is still currently in the first thread and no downloaded data is generated, and the first thread may be directly stopped.

Further, if the second thread in the target thread has already executed to completion, it means that the target thread starts executing again to the first thread, at which time the content downloaded by the second thread needs to be deleted in addition to stopping the first thread.

By means of the method, after the downloading stopping instruction is obtained, the target thread for executing the downloading task of the encrypted software package can be quickly found and stopped, and the purpose of stopping downloading is achieved.

responsive to the stop download instruction, stopping the second thread; detecting whether a first thread is executing; if the first thread is detected to be executing, stopping the first thread, and deleting the content downloaded by the second thread; and if the first thread is detected not to be executed, deleting the content downloaded by the second thread.

In this embodiment, the description of the first thread and the second thread is the same as that of the above embodiment, and those skilled in the art may refer to the description of the above embodiment, and a detailed description thereof is omitted here.

Specifically, in the working process of the target thread, the execution duration of the second thread of the target thread can occupy more than 90% of the total duration, so after the downloading stopping instruction is acquired, the probability that the target thread is in the second thread is high, based on the probability, in order to stop downloading of the encrypted software package as soon as possible, as shown in fig. 6, after the downloading stopping instruction is acquired, whether the second thread of the target thread is executing or not can not be detected, and a thread stopping instruction can be directly sent to the second thread of the target thread to stop the second thread. That is, the thread stop instruction is received whether the second thread of the target thread is executing the download task or not executing the download task, or whether the download task has been executed, and if the second thread of the target thread is executing the download task, the execution may be stopped.

Then find the first thread of the target thread and detect if the first thread is executing, if the first thread of the target thread is executing, it is necessary to stop the first thread and delete the downloaded content of the second thread, if the first thread is not in a state of executing a task, only delete the downloaded content of the second thread.

In this embodiment, whether or not the second thread of the target thread is executing, a thread stop instruction needs to be sent to the second thread after the download stop instruction is acquired, and whether or not the second thread downloads the content, an operation of deleting the downloaded content of the second thread needs to be performed. Although the device has a certain task redundancy, the purpose of stopping the downloading task of the second thread in the target thread can be realized at the first moment, the speed of responding to the downloading stopping instruction is high, the invalid content downloaded by the second thread is less, and the cleaning speed is high.

Corresponding to the software installation management method, the embodiment of the application also discloses a software installation management device, as shown in fig. 7, which comprises:

a transmitting module 100 for transmitting encryption information encrypted by the first key to the server; the encryption information is used for triggering the server to check the encryption information by using the second key, and feeding back the downloaded decryption information of the target software after the verification is successful;

A receiving module 110 for receiving the download decryption information from the server; the downloading decryption information comprises first downloading information and decryption information of the target software, the decryption information is obtained by encrypting a decryption package through a second key, and the decryption package is used for decrypting an encryption software package of the target software;

the downloading module 120 is configured to download the encrypted software package according to the first downloading information, decrypt the decryption information according to the first key to obtain a decryption package, and decrypt the encrypted software package according to the decryption package.

Further, the above device further comprises:

the storage module is used for dividing the encryption software package and the decryption information into execution information and guide decryption information; the execution information comprises an installation execution file, and the guide decryption information comprises an installation guide file and decryption information; the execution information and the boot decryption information are stored.

Further, in the above device, the storage module is specifically configured to:

storing the execution information corresponding to the first installation target in a first position, storing the guide decryption information corresponding to the first installation target in a second position, and storing the execution information corresponding to the second installation target and the guide decryption information in a third position; the first installation target is a target for installation based on the software installation platform, and the second installation target is a target for installation under the control of the first installation target after the first installation target is completed.

Further, in the above apparatus, the download module 120 includes:

a decryption unit for transmitting a decryption instruction including the encrypted software package and the decryption information to the software installation station; the decryption instruction is used for instructing the software installation platform to decrypt the decryption information by using the first key to obtain a decryption package; and decrypting the encrypted software package by using the decryption package to obtain the target software.

Further, in the above apparatus, the decryption unit is specifically configured to:

Further, the above device further comprises:

Further, in the above device, the target thread includes a first thread and a second thread, the first thread is used for executing a communication task, and the second thread is used for executing a download task; the stopping module is specifically used for:

responding to the downloading stopping instruction, stopping the first thread and the second thread if the second thread is detected to be executing, deleting the downloaded content of the second thread, and stopping the first thread if the second thread is detected to not be executing;

Alternatively, it is detected whether the first thread is executing; if the first thread is detected to be executing, stopping the first thread, and deleting the content downloaded by the second thread; if the first thread is detected not to be executed, deleting the downloaded inner part of the second thread.

Specifically, for the specific working content of each unit of the above-mentioned software installation management device, please refer to the content of the above-mentioned method embodiment, and the details are not repeated here.

The embodiment of the application also provides a control device which comprises a processor and an interface circuit, wherein the processor in the control device is connected with the input and output assembly through the interface circuit of the control device.

The input/output module is specifically a hardware module that enables a user to input information and output information to the user, and may be, for example, a microphone, a keyboard, a handwriting pad, a touch screen, a display, a sound, a printer, or the like.

The interface circuit may be any interface circuit capable of implementing a data communication function, for example, a USB interface circuit, a Type-C interface circuit, a serial interface circuit, a PCIE circuit, or the like.

The processor in the control device is a circuit having a signal processing capability capable of executing any one of the software installation management methods described in the above embodiments.

When the control device is applied to equipment with a man-machine interaction function, the input and output components of the control device can be input components and output components on the equipment, such as a microphone, a keyboard, a handwriting board, a touch screen, a display, an audio player and the like, meanwhile, the processor of the control device can be a CPU or a GPU and the like of the equipment, and the interface circuit of the control device can be an interface circuit between the information input components of the equipment and the processor of the CPU or the GPU and the like.

Corresponding to the software installation management method, the embodiment of the application also discloses an electronic device, as shown in fig. 8, which comprises:

a memory 200 and a processor 210;

wherein the memory 200 is connected to the processor 210 for storing a program;

the processor 210 is configured to implement the software installation management method disclosed in any of the above embodiments by running the program stored in the memory 200.

Specifically, the electronic device may further include: a bus, a communication interface 220, an input device 230, and an output device 240.

The processor 210, the memory 200, the communication interface 220, the input device 230, and the output device 240 are interconnected by a bus. Wherein:

A bus may comprise a path that communicates information between components of a computer system.

Processor 210 may be a general-purpose processor such as a general-purpose Central Processing Unit (CPU), microprocessor, etc., or may be an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of programs in accordance with aspects of the present application. But may also be a Digital Signal Processor (DSP), application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components.

Processor 210 may include a main processor, and may also include a baseband chip, modem, and the like.

The memory 200 stores programs for implementing the technical scheme of the present application, and may also store an operating system and other key services. In particular, the program may include program code including computer-operating instructions. More specifically, the memory 200 may include read-only memory (ROM), other types of static storage devices that may store static information and instructions, random access memory (random access memory, RAM), other types of dynamic storage devices that may store information and instructions, disk storage, flash, and the like.

The input device 230 may include means for receiving data and information entered by a user, such as a keyboard, mouse, camera, scanner, light pen, voice input device, touch screen, pedometer, or gravity sensor, among others.

Output device 240 may include means, such as a display screen, printer, speakers, etc., that allow information to be output to a user.

The communication interface 220 may include devices using any transceiver or the like for communicating with other devices or communication networks, such as ethernet, radio Access Network (RAN), wireless Local Area Network (WLAN), etc.

The processor 210 executes programs stored in the memory 200 and invokes other devices, which can be used to implement the steps of the installation management method of software provided in the above-described embodiment of the present application.

In addition to the methods and apparatus described above, embodiments of the present application may also be a computer program product comprising computer program instructions which, when executed by a processor, cause the processor to perform the steps of the installation management method of software provided by the embodiments described above.

The computer program product may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or remote server.

Furthermore, embodiments of the present application may also be a computer-readable storage medium having stored thereon computer program instructions that, when executed by a processor, cause the processor 210 to perform the steps of the installation management method of software provided by the above embodiments.

A computer readable storage medium may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium may include, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

For the foregoing method embodiments, for simplicity of explanation, the methodologies are shown as a series of acts, but one of ordinary skill in the art will appreciate that the present application is not limited by the order of acts, as some steps may, in accordance with the present application, occur in other orders or concurrently. Further, those skilled in the art will also appreciate that the embodiments described in the specification are all of the preferred embodiments, and that the acts and modules referred to are not necessarily required for the present application.

It should be noted that, in the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described as different from other embodiments, and identical and similar parts between the embodiments are all enough to be referred to each other. For the apparatus class embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points.

The steps in the method of each embodiment of the application can be sequentially adjusted, combined and deleted according to actual needs, and the technical features described in each embodiment can be replaced or combined.

In the embodiments of the present application, the modules and sub-modules in the terminal may be combined, divided, and pruned according to actual needs.

In the embodiments provided in the present application, it should be understood that the disclosed terminal, apparatus and method may be implemented in other manners. For example, the above-described terminal embodiments are merely illustrative, and for example, the division of modules or sub-modules is merely a logical function division, and there may be other manners of division in actual implementation, for example, multiple sub-modules or modules may be combined or integrated into another module, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or modules, which may be in electrical, mechanical, or other forms.

The modules or sub-modules illustrated as separate components may or may not be physically separate, and components that are modules or sub-modules may or may not be physical modules or sub-modules, i.e., may be located in one place, or may be distributed over multiple network modules or sub-modules. Some or all of the modules or sub-modules may be selected according to actual needs to achieve the purpose of the embodiment.

In addition, each functional module or sub-module in the embodiments of the present application may be integrated in one processing module, or each module or sub-module may exist alone physically, or two or more modules or sub-modules may be integrated in one module. The integrated modules or sub-modules may be implemented in hardware or in software functional modules or sub-modules.

Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software unit executed by a processor, or in a combination of the two. The software elements may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.

Finally, it is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. A method for managing the installation of software, comprising:

2. The method as recited in claim 1, further comprising:

dividing the encrypted software package and the decryption information into execution information and boot decryption information; the execution information comprises an installation execution file, and the guide decryption information comprises an installation guide file and the decryption information;

storing the execution information and the boot decryption information.

3. The method of claim 2, wherein the storing the execution information and the boot decryption information comprises:

4. The method of claim 1, wherein decrypting the decryption information according to the first key to obtain the decryption package and decrypting the encrypted software package according to the decryption package, comprises:

transmitting a decryption instruction comprising the encrypted software package and the decryption information to a software installation station; the decryption instruction is used for instructing the software installation platform to decrypt the decryption information by using the first key to obtain the decryption package; and decrypting the encrypted software package by using the decryption package to obtain the target software.

5. The method of claim 4, wherein said sending decryption instructions to a software installation station comprising said encrypted software package and said decryption information comprises:

generating second download information based on the encrypted software package and the storage location of the decryption information;

and generating the decryption instruction according to the second download information.

6. The method as recited in claim 1, further comprising:

and stopping executing the target thread of the downloading task of the encrypted software package in response to the downloading stopping instruction.

7. The method of claim 6, wherein the target thread comprises a first thread and a second thread, the first thread for performing communication tasks and the second thread for performing download tasks;

The target thread for stopping executing the download task of the encrypted software package in response to the stop download instruction comprises:

8. An installation management device of software, comprising:

a receiving module for receiving the download decryption information from the server; the downloading decryption information comprises first downloading information and decryption information of the target software, the decryption information is obtained by encrypting a decryption package through the second key, and the decryption package is used for decrypting an encryption software package of the target software;

9. An electronic device, comprising:

a memory and a processor;

wherein the memory is used for storing programs;

the processor is configured to implement the method according to any one of claims 1 to 7 by running a program in the memory.

10. A storage medium having stored thereon a computer program which, when executed by a processor, implements the method of any of claims 1 to 7.