WO2018161538A1

WO2018161538A1 - Encryption key writing method and mobile terminal

Info

Publication number: WO2018161538A1
Application number: PCT/CN2017/103200
Authority: WO
Inventors: 刘平; 周海涛; 王立中
Original assignee: 广东欧珀移动通信有限公司
Priority date: 2017-03-08
Filing date: 2017-09-25
Publication date: 2018-09-13
Also published as: CN106954211B; CN106954211A

Abstract

Provided are an encryption key writing method and a mobile terminal. The method comprises: upon detecting a first startup of a system currently installed in a mobile terminal, acquiring a data packet pushed by a server, the data packet comprising an encryption key write program; extracting the encryption key write program from the data packet, the encryption key write program carrying an encryption key; and executing the encryption key write program to write the encryption key to an encrypted storage region of the mobile terminal, the encryption key being used to encrypt a preset type of data.

Description

密钥写入方法及移动终端Key writing method and mobile terminal

本发明要求2017年3月8日递交的发明名称为“一种密钥写入方法及移动终端”的申请号201710134753.5的在先申请优先权，上述在先申请的内容以引入的方式并入本文本中。The present invention claims the priority of the prior application entitled "A Key Writing Method and Mobile Terminal" filed on March 8, 2017, the content of which is incorporated herein by reference. This.

技术领域Technical field

本发明涉及移动终端技术领域，具体涉及一种密钥写入方法及移动终端。The present invention relates to the field of mobile terminal technologies, and in particular, to a key writing method and a mobile terminal.

背景技术Background technique

随着移动通信技术的不断发展，智能手机已集合了各个领域的功能。例如，现有的智能手可收发电子邮件、播放视屏及音频文件、记录会议纪要、开视屏会议甚至完成支付操作等等。由于智能手机具有如此多的功能，因此，其完全性尤为重要。With the continuous development of mobile communication technologies, smartphones have gathered functions in various fields. For example, existing smart phones can send and receive emails, play video and audio files, record meeting minutes, open screen meetings, and even complete payment operations. Because smartphones have so many features, their completeness is especially important.

发明内容Summary of the invention

本发明实施例提供了一种密钥写入方法及移动终端。The embodiment of the invention provides a key writing method and a mobile terminal.

第一方面，本发明实施例提供一种密钥写入方法，包括：In a first aspect, an embodiment of the present invention provides a key writing method, including:

在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序；When detecting that the system currently installed by the mobile terminal is started for the first time, acquiring a data packet pushed by the server, where the data packet includes a key writing program;

提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥；Extracting the key writing program in the data packet, the key writing program carrying a key;

运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。And running the key writing program to write the key into an encrypted storage area of the mobile terminal, where the key is used to encrypt preset type data, where the preset type data includes at least one of the following: fingerprint data, Voiceprint data or face image data.

第二方面，本发明实施例提供了一种移动终端，包括： In a second aspect, an embodiment of the present invention provides a mobile terminal, including:

获取单元，用于在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序；An acquiring unit, configured to acquire a data packet pushed by the server when detecting that the system currently installed by the mobile terminal is started for the first time, where the data packet includes a key writing program;

提取单元，用于提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥；An extracting unit, configured to extract the key writing program in the data packet, where the key writing program carries a key;

写入单元，用于运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。a writing unit, configured to run the key writing program, to write the key into an encrypted storage area of the mobile terminal, where the key is used to encrypt preset type data, where the preset type data includes at least the following One: fingerprint data, voiceprint data or face image data.

第三方面，本发明实施例提供了一种移动终端，包括：In a third aspect, an embodiment of the present invention provides a mobile terminal, including:

处理器、存储器、通信接口和通信总线，所述处理器、所述存储器和所述通信接口通过所述通信总线连接并完成相互间的通信；a processor, a memory, a communication interface, and a communication bus, wherein the processor, the memory, and the communication interface are connected by the communication bus and complete communication with each other;

所述存储器存储有可执行程序代码，所述通信接口用于无线通信；The memory stores executable program code for wireless communication;

所述处理器用于调用所述存储器中的所述可执行程序代码，执行本发明实施例第一方面任一方法中所描述的部分或全部步骤。The processor is configured to invoke the executable program code in the memory to perform some or all of the steps described in any of the methods of the first aspect of the embodiments of the present invention.

附图说明DRAWINGS

为了更清楚地说明本发明实施例或现有技术中的技术方案，下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍，显而易见地，下面描述中的附图仅仅是本发明的一些实施例，对于本领域普通技术人员来讲，在不付出创造性劳动的前提下，还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and other drawings can be obtained from those skilled in the art without any creative work.

图1是本发明实施例公开的一种密钥写入方法的流程示意图；1 is a schematic flowchart of a key writing method according to an embodiment of the present invention;

图2是本发明实施例公开的另一种密钥写入方法的流程示意图；2 is a schematic flowchart diagram of another key writing method according to an embodiment of the present invention;

图3是本发明实施例公开的另一种密钥写入方法的流程示意图；FIG. 3 is a schematic flowchart diagram of another key writing method according to an embodiment of the present invention; FIG.

图4-1是本发明实施例公开的一种移动终端的单元组成框图；4-1 is a block diagram of a unit structure of a mobile terminal according to an embodiment of the present invention;

图4-2是本发明实施例公开的另一种移动终端的单元组成框图；4-2 is a block diagram of a unit composition of another mobile terminal according to an embodiment of the present invention;

图5是本发明实施例公开的一种移动终端的结构示意图；FIG. 5 is a schematic structural diagram of a mobile terminal according to an embodiment of the present disclosure;

图6是本发明实施例公开的另一种移动终端的结构示意图。FIG. 6 is a schematic structural diagram of another mobile terminal according to an embodiment of the present invention.

具体实施方式 detailed description

为了使本技术领域的人员更好地理解本发明方案，下面将结合本发明实施例中的附图，对本发明实施例中的技术方案进行清楚、完整地描述，显然，所描述的实施例仅仅是本发明一部分实施例，而不是全部的实施例。基于本发明中的实施例，本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例，都属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is a partial embodiment of the invention, and not all of the embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.

本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别不同对象，而不是用于描述特定顺序。此外，术语“包括”和“具有”以及它们任何变形，意图在于覆盖不排他的包含。例如包含了一系列步骤或单元的过程、方法、***、产品或设备没有限定于已列出的步骤或单元，而是可选地还包括没有列出的步骤或单元，或可选地还包括对于这些过程、方法、产品或设备固有的其他步骤或单元。The terms "first", "second" and the like in the specification and claims of the present invention and the above drawings are used to distinguish different objects, and are not intended to describe a specific order. Furthermore, the terms "comprises" and "comprising" and "comprising" are intended to cover a non-exclusive inclusion. For example, a process, method, system, product, or device that comprises a series of steps or units is not limited to the listed steps or units, but optionally also includes steps or units not listed, or alternatively Other steps or units inherent to these processes, methods, products, or equipment.

在本文中提及“实施例”意味着，结合实施例描述的特定特征、结构或特性可以包含在本发明的至少一个实施例中。在说明书中的各个位置出现该短语并不一定均是指相同的实施例，也不是与其它实施例互斥的独立的或备选的实施例。本领域技术人员显式地和隐式地理解的是，本文所描述的实施例可以与其它实施例相结合。References to "an embodiment" herein mean that a particular feature, structure, or characteristic described in connection with the embodiments can be included in at least one embodiment of the invention. The appearances of the phrases in various places in the specification are not necessarily referring to the same embodiments, and are not exclusive or alternative embodiments that are mutually exclusive. Those skilled in the art will understand and implicitly understand that the embodiments described herein can be combined with other embodiments.

移动终端通常在逻辑流程中有很多的地方都是使用加解密的技术来实现移动终端的安全性，这其中用到的加密算法等密钥的安全性就显得非常重要了，上述密钥若放在普通的存储区域有被反编译破解的风险，因此一般存储于加密存储区域。以上密钥一般是在移动终端生产时通过产线写入加密存储区域，因此增加了产线工位的成本。Mobile terminals usually use encryption and decryption technology to implement the security of mobile terminals in many places in the logic flow. The security of keys such as encryption algorithms is very important. There is a risk of being decompiled in the normal storage area, so it is generally stored in the encrypted storage area. The above keys are generally written into the encrypted storage area through the production line when the mobile terminal is produced, thus increasing the cost of the production line station.

本发明实施例提供的密钥写入方法，移动终端在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序，提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥，运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。可见，移动终端在当前的***第一次启动时，接收服务器推送的密钥写入程序，通过运行密钥写入程序将密钥写入移动终端的加密存储区域，而避免了在生产时通过产线将密钥写入加密存储区域，因此节省了产线工位的成本。In the key writing method provided by the embodiment of the present invention, when the mobile terminal detects that the system currently installed by the mobile terminal is started for the first time, the mobile terminal acquires a data packet pushed by the server, where the data packet includes a key writing program, and extracts the The key in the data packet is written to the program, the key writing program carries a key, runs the key writing program, and writes the key into an encrypted storage area of the mobile terminal, the key For encrypting preset type data, the preset type data includes at least one of the following: fingerprint data, voiceprint data, or face image data. It can be seen that when the current system is started for the first time, the mobile terminal receives the key write program pushed by the server, and writes the key to the encrypted storage of the mobile terminal by running the key write program. The storage area avoids the need to write the key to the encrypted storage area through the production line during production, thus saving the cost of the production line station.

为了更好理解本发明实施例公开的一种密钥写入方法及移动终端，下面对本发明实施例进行详细介绍。In order to better understand a key writing method and a mobile terminal disclosed in the embodiments of the present invention, the embodiments of the present invention are described in detail below.

请参阅图1，图1是本发明实施例提供的一种密钥写入方法的流程示意图，如图1所示，本发明实施例中的密钥写入方法包括以下步骤：Referring to FIG. 1 , FIG. 1 is a schematic flowchart of a key writing method according to an embodiment of the present invention. As shown in FIG. 1 , a key writing method in an embodiment of the present invention includes the following steps:

S101、移动终端在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序。S101. The mobile terminal acquires a data packet pushed by the server when detecting that the system currently installed by the mobile terminal is started for the first time, where the data packet includes a key writing program.

移动终端在检测到移动终端当前安装的***第一次启动时，可以理解为移动终端出厂后第一次开机的时候，也可以理解为移动终端刷机后第一次开机的时候。移动终端在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，这里，可以获取服务器通过空中下载技术(over the air technology，OTA)向移动终端推送的数据包，其中，该数据包可以包括于刷机包之中。When the mobile terminal detects that the system currently installed by the mobile terminal is started for the first time, it can be understood that when the mobile terminal is powered on for the first time after being shipped from the factory, it can also be understood as the time when the mobile terminal is powered on for the first time after being brushed. When the mobile terminal detects that the currently installed system of the mobile terminal is started for the first time, the mobile terminal obtains the data packet pushed by the server. Here, the data packet that the server pushes to the mobile terminal by using the over-the-air technology (OTA) may be obtained, where The data packet can be included in the flash package.

S102、移动终端提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥。S102. The mobile terminal extracts the key writing program in the data packet, where the key writing program carries a key.

这里，所述密钥写入程序用于将密钥写入移动终端加密存储区域。具体地，在通过加密算法对指纹数据、声纹数据等鉴权数据进行加密的过程中，需要上述密钥，上述密钥本质上是一种指定长度的二进制数据，因为密钥的重要性，因此上述密钥需要存储于加密存储区域。Here, the key writer is used to write a key to the mobile terminal encrypted storage area. Specifically, in the process of encrypting authentication data such as fingerprint data and voiceprint data by an encryption algorithm, the above-mentioned key is required, and the above-mentioned key is essentially a binary data of a specified length, because of the importance of the key, Therefore, the above key needs to be stored in the encrypted storage area.

S103、移动终端运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。S103: The mobile terminal runs the key writing program, and writes the key into an encrypted storage area of the mobile terminal, where the key is used to encrypt preset type data, and the preset type data includes at least one of the following types. : Fingerprint data, voiceprint data, or face image data.

这里，对经常使用的隐私文件或者是大量的需要保密而不希望经常做加密动作的文件，移动终端可以把这些文件集中在一个区域中进行对这个区域进行加密，这个区域就是加密存储区域。在设置了加密存储区域以后，所有存储到该区域的文件都自动加密，不需要单独操作。具体地，加密存储区域里面存储的数据和文件都是加密的，只有创建该加密存储区域的用户才能打开该加密存储区域，加密存储区域支持自有算法、DES、3DES、AES或者其他国产算法。Here, for frequently used privacy files or a large number of files that need to be kept secret and do not want to be frequently encrypted, the mobile terminal can concentrate these files in an area to encrypt the area, which is an encrypted storage area. After the encrypted storage area is set, all files stored in that area are automatically encrypted and do not need to be operated separately. Specifically, the storage area is stored in an encrypted storage area. The data and files are encrypted. Only the user who created the encrypted storage area can open the encrypted storage area. The encrypted storage area supports its own algorithm, DES, 3DES, AES or other domestic algorithms.

这里，移动终端可以基于用户的指纹数据、声纹数据或人脸图像数据进行鉴权，进而实现支付等操作，因此，用户的指纹数据、声纹数据或人脸图像数据等用于鉴权的数据对于移动终端数据的安全性以及移动终端的用户的财产安全性起着至关重要的作用。因此，需要基于加密算法以及上述密钥对上述预设类型数据进行加密。Here, the mobile terminal may perform authentication based on fingerprint data, voiceprint data, or face image data of the user, thereby implementing operations such as payment, and thus, fingerprint data, voiceprint data, or face image data of the user are used for authentication. The data plays a vital role in the security of the data of the mobile terminal and the security of the user of the mobile terminal. Therefore, it is necessary to encrypt the above-mentioned preset type data based on the encryption algorithm and the above-mentioned key.

可选的，移动终端将所述密钥写入移动终端的加密存储区域之后，所移动终端还可以执行以下操作：Optionally, after the mobile terminal writes the key to the encrypted storage area of the mobile terminal, the mobile terminal may further perform the following operations:

在检测到所述密钥满足预设条件时，删除所述密钥写入程序。The key writing program is deleted when it is detected that the key satisfies a preset condition.

这里，所述密钥写入程序用于将密钥写入移动终端的加密存储区域，一旦密钥被成功地写入加密存储区域，移动终端便可以将密钥写入程序删除，一方面可以节省移动终端的存储空间，更重要地，可以预防密钥写入程序存储在移动终端中有被反编译破解的风险。Here, the key writing program is used to write a key into an encrypted storage area of the mobile terminal, and once the key is successfully written into the encrypted storage area, the mobile terminal can delete the key writing program, and on the other hand, The storage space of the mobile terminal is saved, and more importantly, the risk that the key writer is stored in the mobile terminal to be decompiled is prevented.

可选的，所移动终端还可以执行以下操作：Optionally, the mobile terminal can also perform the following operations:

在检测到所述密钥不满足预设条件时，向所述服务器发送获取请求，所述获取请求用于向所述服务器请求获取所述密钥写入程序；And detecting, when the key does not meet the preset condition, sending an acquisition request to the server, where the obtaining request is used to request the server to acquire the key writing program;

接收所述服务器响应所述获取请求而生成的所述密钥写入程序；Receiving the key writing program generated by the server in response to the obtaining request;

运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。The key writer is run to write the key to an encrypted storage area of the mobile terminal.

可选的，所述密钥写入程序还包括检验信息，所述检验信息用于检测所述密钥的完整性；Optionally, the key writing program further includes verification information, where the verification information is used to detect integrity of the key;

移动终端在检测到所述密钥满足预设条件时，删除所述密钥写入程序的具体实现方式可以是：When the mobile terminal detects that the key meets the preset condition, the specific implementation manner of deleting the key writing program may be:

基于所述移动终端安装的***应用以及所述检验信息，检测所述密钥是否完整；Detecting whether the key is complete based on a system application installed by the mobile terminal and the verification information;

在检测到所述密钥是完整的情况下，删除所述密钥写入程序。In the case where it is detected that the key is complete, the key writer is deleted.

这里，上述检验信息可以包括但不限于散列函数(Hash)。Here, the above verification information may include, but is not limited to, a hash function (Hash).

可选的，移动终端在删除所述密钥写入程序之后，还可以执行以下操作： Optionally, after deleting the key writer, the mobile terminal may also perform the following operations:

每隔预设时间，检测所述密钥是否满足预设条件；Detecting whether the key meets a preset condition every preset time;

在检测到所述密钥不满足预设条件时，向所述服务器发送所述获取请求；Sending the acquisition request to the server when detecting that the key does not satisfy a preset condition;

接收服务器响应所述获取请求而生成的所述密钥写入程序；Receiving, by the server, the key writing program generated in response to the obtaining request;

可以看出，本发明实施例提供的密钥写入方法，移动终端在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序，提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥，运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。可见，移动终端在当前的***第一次启动时，接收服务器推送的密钥写入程序，通过运行密钥写入程序将密钥写入移动终端的加密存储区域，而避免了在生产时通过产线将密钥写入加密存储区域，因此节省了产线工位的成本。It can be seen that, in the key writing method provided by the embodiment of the present invention, when the mobile terminal detects that the system currently installed by the mobile terminal is started for the first time, the mobile terminal acquires a data packet pushed by the server, where the data packet includes a key writing program. Extracting the key writing program in the data packet, the key writing program carrying a key, running the key writing program, and writing the key into an encrypted storage area of the mobile terminal, The key is used to encrypt preset type data, and the preset type data includes at least one of the following: fingerprint data, voiceprint data, or face image data. It can be seen that when the current system is started for the first time, the mobile terminal receives the key writing program pushed by the server, and writes the key into the encrypted storage area of the mobile terminal by running the key writing program, thereby avoiding passing in production. The production line writes the key to the encrypted storage area, thus saving the cost of the production line station.

与上述图1所示的实施例一致的，请参阅图2，图2是本发明实施例提供的另一种密钥写入方法的流程示意图。如图2所示，本发明实施例中的密钥写入方法包括：Referring to FIG. 2, FIG. 2 is a schematic flowchart of another key writing method according to an embodiment of the present invention. As shown in FIG. 2, the key writing method in the embodiment of the present invention includes:

S201、移动终端在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序。S201. The mobile terminal acquires a data packet pushed by the server when detecting that the system currently installed by the mobile terminal is started for the first time, where the data packet includes a key writing program.

S202、移动终端提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥。S202. The mobile terminal extracts the key writing program in the data packet, where the key writing program carries a key.

S203、移动终端运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。S203: The mobile terminal runs the key writing program, and writes the key into an encrypted storage area of the mobile terminal, where the key is used to encrypt preset type data, and the preset type data includes at least one of the following types. : Fingerprint data, voiceprint data, or face image data.

S204、移动终端检测所述密钥是否满足预设条件。S204. The mobile terminal detects whether the key meets a preset condition.

其中，在检测到所述密钥满足预设条件时，执行步骤S205；在检测到所述密钥不满足预设条件时，执行步骤S206至S208。When it is detected that the key meets the preset condition, step S205 is performed; when it is detected that the key does not satisfy the preset condition, steps S206 to S208 are performed.

S205、移动终端在检测到所述密钥满足预设条件时，删除所述密钥写入程序。S205. The mobile terminal deletes the key write process when detecting that the key meets a preset condition. sequence.

S206、移动终端在检测到所述密钥不满足预设条件时，向所述服务器发送获取请求，所述获取请求用于向所述服务器请求获取所述密钥写入程序。S206. The mobile terminal sends an acquisition request to the server when detecting that the key does not meet the preset condition, where the obtaining request is used to request the server to acquire the key writing program.

S207、移动终端接收所述服务器响应所述获取请求而生成的所述密钥写入程序。S207. The mobile terminal receives the key writing program generated by the server in response to the acquiring request.

S208、移动终端运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。S208. The mobile terminal runs the key writing program, and writes the key into an encrypted storage area of the mobile terminal.

上述图1或图2所示的实施例一致的，请参阅图3，图3是本发明实施例提供的另一种密钥写入方法的流程示意图。如图3所示，本发明实施例中的密钥写入方法包括：Referring to FIG. 3, FIG. 3 is a schematic flowchart diagram of another key writing method according to an embodiment of the present invention. As shown in FIG. 3, the method for writing a key in the embodiment of the present invention includes:

S301、移动终端在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序。S301. The mobile terminal acquires a data packet pushed by the server when detecting that the system currently installed by the mobile terminal is started for the first time, where the data packet includes a key writing program.

S302、移动终端提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥，所述密钥写入程序还包括检验信息，所述检验信息用于检测所述密钥的完整性。S302. The mobile terminal extracts the key writing program in the data packet, the key writing program carries a key, and the key writing program further includes verification information, where the verification information is used to detect Describe the integrity of the key.

S303、移动终端运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。 S303: The mobile terminal runs the key writing program, and writes the key into an encrypted storage area of the mobile terminal, where the key is used to encrypt preset type data, and the preset type data includes at least one of the following types. : Fingerprint data, voiceprint data, or face image data.

S304、移动终端基于所述移动终端安装的***应用以及所述检验信息，检测所述密钥是否完整。S304. The mobile terminal detects, according to the system application installed by the mobile terminal and the verification information, whether the key is complete.

其中，移动终端在检测到所述密钥是完整的情况下，执行步骤S305后再继续执行步骤S309至S312；否则步骤S306至S308后再继续执行步骤S309至S312。In the case that the mobile terminal detects that the key is complete, step S305 is performed to continue to perform steps S309 to S312; otherwise, steps S306 to S308 are continued to perform steps S309 to S312.

S305、移动终端在检测到所述密钥是完整的情况下，删除所述密钥写入程序。S305. The mobile terminal deletes the key writing program when detecting that the key is complete.

S306、移动终端在检测到所述密钥不满足预设条件时，向所述服务器发送获取请求，所述获取请求用于向所述服务器请求获取所述密钥写入程序。S306. The mobile terminal sends an acquisition request to the server when detecting that the key does not meet the preset condition, where the obtaining request is used to request the server to acquire the key writing program.

S307、移动终端接收所述服务器响应所述获取请求而生成的所述密钥写入程序。S307. The mobile terminal receives the key writing program generated by the server in response to the obtaining request.

S308、移动终端运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。S308. The mobile terminal runs the key writing program, and writes the key into an encrypted storage area of the mobile terminal.

S309、移动终端每隔预设时间，检测所述密钥是否满足预设条件。S309. The mobile terminal detects, according to a preset time, whether the key meets a preset condition.

S310、移动终端在检测到所述密钥不满足预设条件时，向所述服务器发送所述获取请求。S310. The mobile terminal sends the acquisition request to the server when detecting that the key does not meet a preset condition.

S311、移动终端接收服务器响应所述获取请求而生成的所述密钥写入程序。S311. The mobile terminal receives the key writing program generated by the server in response to the acquiring request.

S312、移动终端运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。S312. The mobile terminal runs the key writing program, and writes the key into an encrypted storage area of the mobile terminal.

可以看出，本发明实施例提供的密钥写入方法，移动终端在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序，提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥，运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。可见，移动终端在当前的***第一次启动时，接收服务器推送的密钥写入程序，通过运行密钥写入程序将密钥写入移动终端的加密存储区域，而避免了在生产时通过产线将密钥写入加密存储区域，因此节省了产线工位的成本。 It can be seen that, in the key writing method provided by the embodiment of the present invention, when the mobile terminal detects that the system currently installed by the mobile terminal is started for the first time, the mobile terminal acquires a data packet pushed by the server, where the data packet includes a key writing program. Extracting the key writing program in the data packet, the key writing program carrying a key, running the key writing program, and writing the key into an encrypted storage area of the mobile terminal, The key is used to encrypt preset type data, and the preset type data includes at least one of the following: fingerprint data, voiceprint data, or face image data. It can be seen that when the current system is started for the first time, the mobile terminal receives the key writing program pushed by the server, and writes the key into the encrypted storage area of the mobile terminal by running the key writing program, thereby avoiding passing in production. The production line writes the key to the encrypted storage area, thus saving the cost of the production line station.

下面为本发明装置实施例，本发明装置实施例用于执行本发明方法实施例所实现的方法。请参阅图4-1，图4-1是本发明实施例公开的一种移动终端的单元组成框图，如图4-1所示，本发明实施例中的移动终端可以包括获取单元401、提取单元402以及写入单元403，其中：The following is an embodiment of the apparatus of the present invention. The apparatus embodiment of the present invention is used to implement the method implemented by the method embodiment of the present invention. Referring to FIG. 4-1, FIG. 4-1 is a block diagram of a unit structure of a mobile terminal according to an embodiment of the present invention. As shown in FIG. 4-1, the mobile terminal in the embodiment of the present invention may include an acquiring unit 401, and extracting Unit 402 and write unit 403, wherein:

所述获取单元401，用于在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序；The obtaining unit 401 is configured to: when detecting that the system currently installed by the mobile terminal is started for the first time, acquire a data packet pushed by the server, where the data packet includes a key writing program;

所述提取单元402，用于提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥；The extracting unit 402 is configured to extract the key writing program in the data packet, where the key writing program carries a key;

所述写入单元403，用于运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。The writing unit 403 is configured to run the key writing program, and write the key into an encrypted storage area of the mobile terminal, where the key is used to encrypt preset type data, and the preset type data is used. At least one of the following is included: fingerprint data, voiceprint data, or face image data.

请参阅图4-2，图4-2是本发明实施例公开的另一种移动终端的单元组成框图，如图4-2所示，该移动终端可以包括图4-1对应的实施例的获取单元401、提取单元402以及写入单元403。Referring to FIG. 4-2, FIG. 4-2 is a block diagram of another unit of a mobile terminal according to an embodiment of the present invention. As shown in FIG. 4-2, the mobile terminal may include the embodiment corresponding to FIG. 4-1. The obtaining unit 401, the extracting unit 402, and the writing unit 403.

可选的，所述移动终端还可以进一步包括：Optionally, the mobile terminal may further include:

删除单元404，在所述写入单元403将所述密钥写入移动终端的加密存储区域之后，用于在检测到所述密钥满足预设条件时，删除所述密钥写入程序。The deleting unit 404, after the writing unit 403 writes the key into the encrypted storage area of the mobile terminal, is used to delete the key writing program when it is detected that the key satisfies a preset condition.

可选的，所述移动终端还包括：Optionally, the mobile terminal further includes:

发送单元405，用于在检测到所述密钥不满足预设条件时，向所述服务器发送获取请求，所述获取请求用于向所述服务器请求获取所述密钥写入程序；The sending unit 405 is configured to: when detecting that the key does not meet the preset condition, send an acquisition request to the server, where the obtaining request is used to request the server to acquire the key writing program;

接收单元406，还用于接收所述服务器响应所述获取请求而生成的所述密钥写入程序；The receiving unit 406 is further configured to receive the key writing program generated by the server in response to the obtaining request;

所述写入单元403，还用于运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。The writing unit 403 is further configured to run the key writing program to write the key into an encrypted storage area of the mobile terminal.

所述删除单元404，包括： The deleting unit 404 includes:

检测子单元4041，用于基于所述移动终端安装的***应用以及所述检验信息，检测所述密钥是否完整；The detecting subunit 4041 is configured to detect whether the key is complete based on a system application installed by the mobile terminal and the verification information;

删除子单元4042，用于在检测到所述密钥是完整的情况下，删除所述密钥写入程序。The delete subunit 4042 is configured to delete the key write program if it is detected that the key is complete.

复查单元407，在所述删除单元404删除所述密钥写入程序之后，用于每隔预设时间，检测所述密钥是否满足预设条件；在检测到所述密钥不满足预设条件时，向所述服务器发送所述获取请求；接收服务器响应所述获取请求而生成的所述密钥写入程序；运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。The checking unit 407 is configured to detect, after the deletion unit 404 deletes the key writing program, whether the key meets a preset condition every preset time; if it is detected that the key does not satisfy the preset a condition, sending the acquisition request to the server; receiving the key writing program generated by the server in response to the obtaining request; running the key writing program to write the key to the mobile terminal Encrypt the storage area.

具体的，上述各个单元的具体实现可参考图1至图3对应实施例中相关步骤的描述，在此不赘述。For details, refer to the description of related steps in the corresponding embodiments in FIG. 1 to FIG. 3, and details are not described herein.

需要注意的是，本发明装置实施例所描述的移动终端是以功能单元的形式呈现。这里所使用的术语“单元”应当理解为尽可能最宽的含义，用于实现各个“单元”所描述功能的对象例如可以是集成电路ASIC，单个电路，用于执行一个或多个软件或固件程序的处理器(共享的、专用的或芯片组)和存储器，组合逻辑电路，和/或提供实现上述功能的其他合适的组件。It should be noted that the mobile terminal described in the device embodiment of the present invention is presented in the form of a functional unit. The term "unit" as used herein shall be understood to mean the broadest possible meaning, and the object for implementing the functions described for each "unit" may be, for example, an integrated circuit ASIC, a single circuit for executing one or more software or firmware. A processor (shared, dedicated or chipset) and memory of the program, combinatorial logic, and/or other suitable components that perform the functions described above.

举例来说，上述获取单元401在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包的功能可以由图5所示的移动终端来实现，具体可以通过处理器101通过调用存储器102中的可执行程序代码，在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包。For example, when the acquiring unit 401 detects that the system currently installed by the mobile terminal is started for the first time, the function of acquiring the data packet pushed by the server may be implemented by the mobile terminal shown in FIG. 5, and may be specifically adopted by the processor 101. The executable program code in the memory 102 is called, and when it is detected that the system currently installed by the mobile terminal is started for the first time, the data packet pushed by the server is acquired.

可以看出，本发明实施例提供的移动终端，在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序，提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥，运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。可见，移动终端在当前的***第一次启动时，接收服务器推送的密钥写入程序，通过运行密钥写入程序将密钥写入移动终端的加密存储区域，而避免了在生产时通过产线将密钥写入加密存储区域，因此节省了产线工位的成本。It can be seen that the mobile terminal provided by the embodiment of the present invention acquires a data packet pushed by the server when detecting that the system currently installed by the mobile terminal is started for the first time, and the data packet includes a key writing program, and extracts the data. The key in the package is written into a program, the key writing program carries a key, runs the key writing program, and writes the key into an encrypted storage area of the mobile terminal, where the key is used The preset type data is encrypted, and the preset type data includes at least one of the following: fingerprint data, voiceprint data, or face image data. It can be seen that when the current system is started for the first time, the mobile terminal receives the key writing program pushed by the server, and writes the key into the encrypted storage area of the mobile terminal by running a key writing program. The domain avoids the need to write the key to the encrypted storage area through the production line at the time of production, thus saving the cost of the production line station.

本发明实施例还提供了另一种移动终端，如图5所示，包括：处理器101，存储器102，通信接口103和通信总线104；其中，处理器101、存储器102和通信接口103通过通信总线104连接并完成相互间的通信；处理器101通过通信接口103控制与外部蜂窝网的无线通信；通信接口103包括但不限于天线、放大器、收发信机、耦合器、低噪声放大器(low noise amplifier，LNA)、双工器等。存储器102包括以下至少一种：随机存取存贮器、非易失性存储器以及外部存储器，存储器102中存储有可执行程序代码，该可执行程序代码能够引导处理器101执行本发明方法实施例中具体披露的密钥写入方法。The embodiment of the present invention further provides another mobile terminal, as shown in FIG. 5, including: a processor 101, a memory 102, a communication interface 103, and a communication bus 104; wherein the processor 101, the memory 102, and the communication interface 103 communicate The bus 104 connects and completes communication with each other; the processor 101 controls wireless communication with an external cellular network through the communication interface 103; the communication interface 103 includes but is not limited to an antenna, an amplifier, a transceiver, a coupler, and a low noise amplifier (low noise) Amplifier, LNA), duplexer, etc. The memory 102 includes at least one of: a random access memory, a nonvolatile memory, and an external memory, the memory 102 storing executable program code capable of directing the processor 101 to perform the method embodiment of the present invention The key writing method specifically disclosed in the method.

所述处理器101，用于在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序；提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥；运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。The processor 101 is configured to: when detecting that the system currently installed by the mobile terminal is started for the first time, acquire a data packet pushed by the server, where the data packet includes a key writing program; and extracting the a key writing program, the key writing program carrying a key; running the key writing program to write the key into an encrypted storage area of the mobile terminal, the key being used to encrypt a preset type Data, the preset type data includes at least one of the following: fingerprint data, voiceprint data, or face image data.

可选的，所述处理器101在用于将所述密钥写入移动终端的加密存储区域之后，还可以用于在检测到所述密钥满足预设条件时，删除所述密钥写入程序。Optionally, after the processor 101 is configured to write the key to the encrypted storage area of the mobile terminal, the processor 101 may further be configured to delete the key write when detecting that the key meets a preset condition. Into the program.

可选的，所述处理器101还可以用于在检测到所述密钥不满足预设条件时，向所述服务器发送获取请求，所述获取请求用于向所述服务器请求获取所述密钥写入程序；接收所述服务器响应所述获取请求而生成的所述密钥写入程序；运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。Optionally, the processor 101 is further configured to: when detecting that the key does not meet a preset condition, send an acquisition request to the server, where the obtaining request is used to request the server to obtain the secret a key writing program; receiving the key writing program generated by the server in response to the obtaining request; running the key writing program to write the key into an encrypted storage area of the mobile terminal.

所述处理器101，在用于在检测到所述密钥满足预设条件时，删除所述密钥写入程序时，具体用于基于所述移动终端安装的***应用以及所述检验信息，检测所述密钥是否完整；在检测到所述密钥是完整的情况下，删除所述密钥写入程序。 The processor 101 is configured to, when deleting the key writing program, when detecting that the key meets a preset condition, specifically for the system application installed according to the mobile terminal and the verification information, Detecting whether the key is complete; in case detecting that the key is complete, deleting the key writer.

可选的，所述处理器101，在用于删除所述密钥写入程序之后，还可以用于每隔预设时间，检测所述密钥是否满足预设条件；在检测到所述密钥不满足预设条件时，向所述服务器发送所述获取请求；接收服务器响应所述获取请求而生成的所述密钥写入程序；运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。Optionally, the processor 101, after being used to delete the key writing program, may be further configured to detect, according to a preset time, whether the key meets a preset condition; Sending the acquisition request to the server when the key does not satisfy the preset condition; receiving the key writing program generated by the server in response to the obtaining request; running the key writing program, the key is Write to the encrypted storage area of the mobile terminal.

可以看出，本发明实施例提供的移动终端,在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序，提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥，运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。可见，移动终端在当前的***第一次启动时，接收服务器推送的密钥写入程序，通过运行密钥写入程序将密钥写入移动终端的加密存储区域，而避免了在生产时通过产线将密钥写入加密存储区域，因此节省了产线工位的成本。It can be seen that the mobile terminal provided by the embodiment of the present invention acquires a data packet pushed by the server when detecting that the system currently installed by the mobile terminal is started for the first time, and the data packet includes a key writing program, and extracts the data. The key in the package is written into a program, the key writing program carries a key, runs the key writing program, and writes the key into an encrypted storage area of the mobile terminal, where the key is used The preset type data is encrypted, and the preset type data includes at least one of the following: fingerprint data, voiceprint data, or face image data. It can be seen that when the current system is started for the first time, the mobile terminal receives the key writing program pushed by the server, and writes the key into the encrypted storage area of the mobile terminal by running the key writing program, thereby avoiding passing in production. The production line writes the key to the encrypted storage area, thus saving the cost of the production line station.

本发明实施例还提供了另一种移动终端，如图6所示，为了便于说明，仅示出了与本发明实施例相关的部分，具体技术细节未揭示的，请参照本发明实施例方法部分。该移动终端可以为包括手机、平板电脑、PDA(Personal Digital Assistant，个人数字助理)、POS(Point of Sales，销售终端)、车载电脑等任意终端设备，以移动终端为手机为例：The embodiment of the present invention further provides another mobile terminal. As shown in FIG. 6 , for the convenience of description, only parts related to the embodiment of the present invention are shown. For details that are not disclosed, refer to the method of the embodiment of the present invention. section. The mobile terminal can be any terminal device including a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), a POS (Point of Sales), an in-vehicle computer, and the mobile terminal is used as a mobile phone as an example:

图6示出的是与本发明实施例提供的移动终端相关的手机的部分结构的框图。参考图6，手机包括：射频(Radio Frequency，RF)电路910、存储器920、输入单元930、显示单元940、传感器950、音频电路960、无线保真(wireless fidelity，WiFi)模块970、处理器980、以及电源990等部件。本领域技术人员可以理解，图6中示出的手机结构并不构成对手机的限定，可以包括比图示更多或更少的部件，或者组合某些部件，或者不同的部件布置。 FIG. 6 is a block diagram showing a partial structure of a mobile phone related to a mobile terminal provided by an embodiment of the present invention. Referring to FIG. 6, the mobile phone includes: a radio frequency (RF) circuit 910, a memory 920, an input unit 930, a display unit 940, a sensor 950, an audio circuit 960, a wireless fidelity (WiFi) module 970, and a processor 980. And power supply 990 and other components. It will be understood by those skilled in the art that the structure of the handset shown in FIG. 6 does not constitute a limitation to the handset, and may include more or less components than those illustrated, or some components may be combined, or different components may be arranged.

下面结合图6对手机的各个构成部件进行具体的介绍：The following describes the components of the mobile phone in detail with reference to FIG. 6:

RF电路910可用于信息的接收和发送。通常，RF电路910包括但不限于天线、至少一个放大器、收发信机、耦合器、低噪声放大器(Low Noise Amplifier，LNA)、双工器等。此外，RF电路910还可以通过无线通信与网络和其他设备通信。上述无线通信可以使用任一通信标准或协议，包括但不限于全球移动通讯***(Global System of Mobile communication，GSM)、通用分组无线服务(General Packet Radio Service，GPRS)、码分多址(Code Division Multiple Access，CDMA)、宽带码分多址(Wideband Code Division Multiple Access,WCDMA)、长期演进(Long Term Evolution，LTE)、电子邮件、短消息服务(Short Messaging Service，SMS)等。The RF circuit 910 can be used for receiving and transmitting information. Generally, RF circuit 910 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a Low Noise Amplifier (LNA), a duplexer, and the like. In addition, RF circuitry 910 can also communicate with the network and other devices via wireless communication. The above wireless communication may use any communication standard or protocol, including but not limited to Global System of Mobile communication (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (Code Division). Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (LTE), E-mail, Short Messaging Service (SMS), and the like.

存储器920可用于存储软件程序以及模块，处理器980通过运行存储在存储器920的软件程序以及模块，从而执行手机的各种功能应用以及数据处理。存储器920可主要包括存储程序区和存储数据区，其中，存储程序区可存储操作***、至少一个功能所需的应用程序等；存储数据区可存储根据手机的使用所创建的数据等。此外，存储器920可以包括高速随机存取存储器，还可以包括非易失性存储器，例如至少一个磁盘存储器件、闪存器件、或其他易失性固态存储器件。The memory 920 can be used to store software programs and modules, and the processor 980 executes various functional applications and data processing of the mobile phone by running software programs and modules stored in the memory 920. The memory 920 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application required for at least one function, and the like; the storage data area may store data created according to usage of the mobile phone, and the like. Moreover, memory 920 can include high speed random access memory, and can also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.

输入单元930可用于接收输入的数字或字符信息，以及生成与手机的用户设置以及功能控制有关的键信号输入。具体地，输入单元930可包括指纹识别模组931以及其他输入设备932。指纹识别模组931，可采集用户在其上的指纹数据。可选的，指纹识别模组931可包括光学式指纹模块、电容式指纹模块以及射频式指纹模块。以指纹识别模组931为电容式指纹识别模组为例，具体包括感应电极(异常感应电极和正常感应电极)和与所述感应电极连接的信号处理电路(如放大电路、噪声抑制电路、模数转化电路，等等)。除了指纹识别模组931，输入单元930还可以包括其他输入设备932。具体地，其他输入设备932可以包括但不限于物理键盘、功能键(比如音量控制按键、开关按键等)、轨迹球、鼠标、操作杆等中的一种或多种。The input unit 930 can be configured to receive input numeric or character information and to generate key signal inputs related to user settings and function controls of the handset. Specifically, the input unit 930 can include a fingerprint identification module 931 and other input devices 932. The fingerprint identification module 931 can collect fingerprint data of the user. Optionally, the fingerprint identification module 931 can include an optical fingerprint module, a capacitive fingerprint module, and a radio frequency fingerprint module. The fingerprint identification module 931 is an example of a capacitive fingerprint recognition module, and specifically includes a sensing electrode (an abnormal sensing electrode and a normal sensing electrode) and a signal processing circuit (such as an amplifying circuit, a noise suppression circuit, and a mode) connected to the sensing electrode. Number conversion circuit, etc.). In addition to the fingerprint recognition module 931, the input unit 930 may also include other input devices 932. Specifically, other input devices 932 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), trackballs, mice, joysticks, and the like.

显示单元940可用于显示由用户输入的信息或提供给用户的信息以及手机的各种菜单。显示单元940可包括显示屏941，可选的，可以采用液晶显示器(Liquid Crystal Display，LCD)、有机发光二极管(Organic Light-Emitting Diode,OLED)等形式来配置显示屏941。虽然在图6中，指纹识别模组931与显示屏941是作为两个独立的部件来实现手机的输入和输入功能，但是在某些实施例中，可以将指纹识别模组931与显示屏941集成而实现手机的输入和输出功能。The display unit 940 can be used to display information input by the user or information provided to the user and the mobile phone Various menus. The display unit 940 can include a display screen 941. Alternatively, the display screen 941 can be configured in the form of a liquid crystal display (LCD), an organic light-emitting diode (OLED), or the like. Although in FIG. 6, the fingerprint recognition module 931 and the display screen 941 function as two separate components to implement the input and input functions of the mobile phone, in some embodiments, the fingerprint recognition module 931 and the display screen 941 can be Integrated to achieve the input and output functions of the phone.

手机还可包括至少一种传感器950，比如光传感器、运动传感器以及其他传感器。具体地，光传感器可包括环境光传感器及接近传感器，其中，环境光传感器可根据环境光线的明暗来调节显示屏941的亮度，接近传感器可在手机移动到耳边时，关闭显示屏941和/或背光。作为运动传感器的一种，加速计传感器可检测各个方向上(一般为三轴)加速度的大小，静止时可检测出重力的大小及方向，可用于识别手机姿态的应用(比如横竖屏切换、相关游戏、磁力计姿态校准)、振动识别相关功能(比如计步器、敲击)等；至于手机还可配置的陀螺仪、气压计、湿度计、温度计、红外线传感器等其他传感器，在此不再赘述。The handset may also include at least one type of sensor 950, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor and a proximity sensor, wherein the ambient light sensor may adjust the brightness of the display screen 941 according to the brightness of the ambient light, and the proximity sensor may turn off the display screen 941 and/or when the mobile phone moves to the ear. Or backlight. As a kind of motion sensor, the accelerometer sensor can detect the magnitude of acceleration in all directions (usually three axes). When it is stationary, it can detect the magnitude and direction of gravity. It can be used to identify the gesture of the mobile phone (such as horizontal and vertical screen switching, related Game, magnetometer attitude calibration), vibration recognition related functions (such as pedometer, tapping), etc.; as for the mobile phone can also be configured with gyroscopes, barometers, hygrometers, thermometers, infrared sensors and other sensors, no longer Narration.

音频电路960、扬声器961，传声器962可提供用户与手机之间的音频接口。音频电路960可将接收到的音频数据转换后的电信号，传输到扬声器961，由扬声器961转换为声音信号输出；另一方面，传声器962将收集的声音信号转换为电信号，由音频电路960接收后转换为音频数据，再将音频数据输出处理器980处理后，经RF电路910以发送给比如另一手机，或者将音频数据输出至存储器920以便进一步处理。An audio circuit 960, a speaker 961, and a microphone 962 can provide an audio interface between the user and the handset. The audio circuit 960 can transmit the converted electrical data of the received audio data to the speaker 961, and convert it into a sound signal output by the speaker 961. On the other hand, the microphone 962 converts the collected sound signal into an electrical signal, and the audio circuit 960 After receiving, it is converted into audio data, and then processed by the audio data output processor 980, sent to the other mobile phone via the RF circuit 910, or outputted to the memory 920 for further processing.

WiFi属于短距离无线传输技术，手机通过WiFi模块970可以帮助用户收发电子邮件、浏览网页和访问流式媒体等，它为用户提供了无线的宽带互联网访问。虽然图6示出了WiFi模块970，但是可以理解的是，其并不属于手机的必须构成，完全可以根据需要在不改变发明的本质的范围内而省略。WiFi is a short-range wireless transmission technology, and the mobile phone can help users to send and receive emails, browse web pages, and access streaming media through the WiFi module 970, which provides users with wireless broadband Internet access. Although FIG. 6 shows the WiFi module 970, it can be understood that it does not belong to the essential configuration of the mobile phone, and can be omitted as needed within the scope of not changing the essence of the invention.

处理器980是手机的控制中心，利用各种接口和线路连接整个手机的各个部分，通过运行或执行存储在存储器920内的软件程序和/或模块，以及调用存储在存储器920内的数据，执行手机的各种功能和处理数据，从而对手机进行整体监控。可选的，处理器980可包括一个或多个处理单元；优选的，处理器 980可集成应用处理器和调制解调处理器，其中，应用处理器主要处理操作***、用户界面和应用程序等，调制解调处理器主要处理无线通信。可以理解的是，上述调制解调处理器也可以不集成到处理器980中。The processor 980 is the control center of the handset, which connects various portions of the entire handset using various interfaces and lines, by executing or executing software programs and/or modules stored in the memory 920, and invoking data stored in the memory 920, executing The phone's various functions and processing data, so that the overall monitoring of the phone. Optionally, the processor 980 may include one or more processing units; preferably, the processor The 980 can integrate an application processor and a modem processor, wherein the application processor primarily processes an operating system, a user interface, an application, etc., and the modem processor primarily processes wireless communications. It will be appreciated that the above described modem processor may also not be integrated into the processor 980.

手机还包括给各个部件供电的电源990(比如电池)，优选的，电源可以通过电源管理***与处理器980逻辑相连，从而通过电源管理***实现管理充电、放电、以及功耗管理等功能。The handset also includes a power source 990 (such as a battery) that supplies power to the various components. Preferably, the power source can be logically coupled to the processor 980 through a power management system to manage functions such as charging, discharging, and power management through the power management system.

尽管未示出，手机还可以包括摄像头、蓝牙模块等，在此不再赘述。Although not shown, the mobile phone may further include a camera, a Bluetooth module, and the like, and details are not described herein again.

前述图1、图2和图3所示的实施例中，各步骤方法流程可以基于该手机的结构实现。In the foregoing embodiments shown in FIG. 1, FIG. 2 and FIG. 3, each step method flow can be implemented based on the structure of the mobile phone.

前述图4-1及图4-2所示的实施例中，各单元功能可以基于该手机的结构实现。In the embodiments shown in the foregoing FIGS. 4-1 and 4-2, each unit function can be implemented based on the structure of the mobile phone.

本发明实施例还提供一种计算机存储介质，其中，该计算机存储介质可存储有程序，该程序执行时包括上述方法实施例中记载的任何一种密钥写入方法的部分或全部步骤。The embodiment of the present invention further provides a computer storage medium, wherein the computer storage medium can store a program, and the program includes some or all of the steps of any one of the key writing methods described in the foregoing method embodiments.

本发明实施例还提供一种计算机程序产品，所述计算机程序产品包括存储了计算机程序的非瞬时性计算机可读存储介质，所述计算机程序可操作来使计算机执行如上述方法实施例中记载的任何一种密钥写入方法的部分或全部步骤。Embodiments of the present invention also provide a computer program product comprising a non-transitory computer readable storage medium storing a computer program, the computer program being operative to cause a computer to perform the operations as recited in the above method embodiments Any or all of the steps of any type of key writing method.

需要说明的是，对于前述的各方法实施例，为了简单描述，故将其都表述为一系列的动作组合，但是本领域技术人员应该知悉，本发明并不受所描述的动作顺序的限制，因为依据本发明，某些步骤可以采用其他顺序或者同时进行。其次，本领域技术人员也应该知悉，说明书中所描述的实施例均属于优选实施例，所涉及的动作和模块并不一定是本发明所必须的。It should be noted that, for the foregoing method embodiments, for the sake of simple description, they are all expressed as a series of action combinations, but those skilled in the art should understand that the present invention is not limited by the described action sequence. Because certain steps may be performed in other sequences or concurrently in accordance with the present invention. In addition, those skilled in the art should also understand that the embodiments described in the specification are all preferred embodiments, and the actions and modules involved are not necessarily required by the present invention.

在上述实施例中，对各个实施例的描述都各有侧重，某个实施例中没有详述的部分，可以参见其他实施例的相关描述。In the above embodiments, the descriptions of the various embodiments are different, and the details that are not detailed in a certain embodiment can be referred to the related descriptions of other embodiments.

在本申请所提供的几个实施例中，应该理解到，所揭露的装置，可通过其它的方式实现。例如，以上所描述的装置实施例仅仅是示意性的，例如所述单元的划分，仅仅为一种逻辑功能划分，实际实现时可以有另外的划分方式，例如多个单元或组件可以结合或者可以集成到另一个***，或一些特征可以忽略，或不执行。另一点，所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口，装置或单元的间接耦合或通信连接，可以是电性或其它的形式。In several embodiments provided herein, it should be understood that the disclosed device may be It's way to achieve it. For example, the device embodiments described above are merely illustrative. For example, the division of the unit is only a logical function division. In actual implementation, there may be another division manner, for example, multiple units or components may be combined or may be Integrate into another system, or some features can be ignored or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be electrical or otherwise.

所述作为分离部件说明的单元可以是或者也可以不是物理上分开的，作为单元显示的部件可以是或者也可以不是物理单元，即可以位于一个地方，或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.

另外，在本发明各个实施例中的各功能单元可以集成在一个处理单元中，也可以是各个单元单独物理存在，也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现，也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.

所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时，可以存储在一个计算机可读取存储器中。基于这样的理解，本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来，该计算机软件产品存储在一个存储器中，包括若干指令用以使得一台计算机设备(可为个人计算机、服务器或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储器包括：U盘、只读存储器(ROM，Read-Only Memory)、随机存取存储器(RAM，Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。The integrated unit, if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable memory. Based on such understanding, the technical solution of the present invention may contribute to the prior art or all or part of the technical solution may be embodied in the form of a software product stored in a memory. A number of instructions are included to cause a computer device (which may be a personal computer, server or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention. The foregoing memory includes: a U disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk, and the like, which can store program codes.

本领域普通技术人员可以理解上述实施例的各种方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成，该程序可以存储于一计算机可读存储器中，存储器可以包括：闪存盘、只读存储器(英文：Read-Only Memory，简称：ROM)、随机存取器(英文：Random Access Memory，简称：RAM)、磁盘或光盘等。 A person skilled in the art can understand that all or part of the steps of the foregoing embodiments can be completed by a program to instruct related hardware, and the program can be stored in a computer readable memory, and the memory can include: a flash drive , read-only memory (English: Read-Only Memory, referred to as: ROM), random accessor (English: Random Access Memory, referred to as: RAM), disk or CD.

以上对本发明实施例进行了详细介绍，本文中应用了具体个例对本发明的原理及实施方式进行了阐述，以上实施例的说明只是用于帮助理解本发明的方法及其核心思想；同时，对于本领域的一般技术人员，依据本发明的思想，在具体实施方式及应用范围上均会有改变之处，综上所述，本说明书内容不应理解为对本发明的限制。 The embodiments of the present invention have been described in detail above, and the principles and implementations of the present invention are described in detail herein. The description of the above embodiments is only for helping to understand the method of the present invention and its core ideas; It should be understood by those skilled in the art that the present invention is not limited by the scope of the present invention.

Claims

一种密钥写入方法，其特征在于，包括：A key writing method, comprising:

在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序；When detecting that the system currently installed by the mobile terminal is started for the first time, acquiring a data packet pushed by the server, where the data packet includes a key writing program;

提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥；Extracting the key writing program in the data packet, the key writing program carrying a key;

运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据。The key writer is run to write the key to an encrypted storage area of the mobile terminal, the key being used to encrypt preset type data.
如权利要求1所述的方法，其特征在于，所述获取服务器推送的数据包，包括：The method of claim 1, wherein the obtaining a data packet pushed by the server comprises:

获取服务器通过空中下载技术OTA推送的所述数据包。Obtain the data packet that the server pushes through the over-the-air technology OTA.
如权利要求1所述的方法，其特征在于，所述将所述密钥写入移动终端的加密存储区域之后，所述方法还包括：The method of claim 1, wherein after the writing the key to an encrypted storage area of the mobile terminal, the method further comprises:

在检测到所述密钥满足预设条件时，删除所述密钥写入程序。The key writing program is deleted when it is detected that the key satisfies a preset condition.
如权利要求3所述的方法，其特征在于，所述方法还包括：The method of claim 3, wherein the method further comprises:

在检测到所述密钥不满足预设条件时，向所述服务器发送获取请求，所述获取请求用于向所述服务器请求获取所述密钥写入程序；And detecting, when the key does not meet the preset condition, sending an acquisition request to the server, where the obtaining request is used to request the server to acquire the key writing program;

接收所述服务器响应所述获取请求而生成的所述密钥写入程序；Receiving the key writing program generated by the server in response to the obtaining request;

运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。The key writer is run to write the key to an encrypted storage area of the mobile terminal.
如权利要求3或4所述的方法，其特征在于，所述密钥写入程序还包括检验信息，所述检验信息用于检测所述密钥的完整性。A method according to claim 3 or 4, wherein said key writing program further comprises verification information for detecting the integrity of said key.
如权利要求5所述的方法，其特征在于，所述在检测到所述密钥满足预设条件时，删除所述密钥写入程序，包括：The method according to claim 5, wherein the deleting the key writing program when detecting that the key satisfies a preset condition comprises:

基于所述移动终端安装的***应用以及所述检验信息，检测所述密钥是否完整；Detecting whether the key is based on a system application installed by the mobile terminal and the verification information complete;

在检测到所述密钥是完整的情况下，删除所述密钥写入程序。In the case where it is detected that the key is complete, the key writer is deleted.
如权利要求3至6任一项所述的方法，其特征在于，所述删除所述密钥写入程序之后，所述方法还包括：The method according to any one of claims 3 to 6, wherein after the deleting the key writing program, the method further comprises:

每隔预设时间，检测所述密钥是否满足预设条件；Detecting whether the key meets a preset condition every preset time;

在检测到所述密钥不满足预设条件时，向所述服务器发送所述获取请求；Sending the acquisition request to the server when detecting that the key does not satisfy a preset condition;

接收服务器响应所述获取请求而生成的所述密钥写入程序；Receiving, by the server, the key writing program generated in response to the obtaining request;

运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。The key writer is run to write the key to an encrypted storage area of the mobile terminal.
如权利要求1至7任一项所述的方法，其特征在于，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。The method according to any one of claims 1 to 7, wherein the preset type data comprises at least one of the following: fingerprint data, voiceprint data or face image data.
一种移动终端，其特征在于，包括：A mobile terminal, comprising:

获取单元，用于在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序；An acquiring unit, configured to acquire a data packet pushed by the server when detecting that the system currently installed by the mobile terminal is started for the first time, where the data packet includes a key writing program;

提取单元，用于提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥；An extracting unit, configured to extract the key writing program in the data packet, where the key writing program carries a key;

写入单元，用于运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据。And a writing unit, configured to run the key writing program, to write the key into an encrypted storage area of the mobile terminal, where the key is used to encrypt preset type data.
如权利要求9所述的移动终端，其特征在于，所述获取单元，具体用于获取服务器通过空中下载技术OTA推送的所述数据包。The mobile terminal according to claim 9, wherein the obtaining unit is specifically configured to acquire the data packet pushed by the server through the over-the-air technology OTA.
如权利要求9所述的移动终端，其特征在于，所述移动终端还包括：The mobile terminal of claim 9, wherein the mobile terminal further comprises:

删除单元，在所述写入单元将所述密钥写入移动终端的加密存储区域之后，用于在检测到所述密钥满足预设条件时，删除所述密钥写入程序。 And deleting the unit, after the writing unit writes the key into the encrypted storage area of the mobile terminal, to delete the key writing program when detecting that the key satisfies a preset condition.
如权利要求11所述的移动终端，其特征在于，所述移动终端还包括：The mobile terminal of claim 11, wherein the mobile terminal further comprises:

发送单元，用于在检测到所述密钥不满足预设条件时，向所述服务器发送获取请求，所述获取请求用于向所述服务器请求获取所述密钥写入程序；a sending unit, configured to send an acquisition request to the server when detecting that the key does not satisfy a preset condition, where the obtaining request is used to request the server to acquire the key writing program;

接收单元，还用于接收所述服务器响应所述获取请求而生成的所述密钥写入程序；The receiving unit is further configured to receive the key writing program generated by the server in response to the obtaining request;

所述写入单元，还用于运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。The writing unit is further configured to run the key writing program to write the key into an encrypted storage area of the mobile terminal.
如权利要求11或12所述的移动终端，其特征在于，所述密钥写入程序还包括检验信息，所述检验信息用于检测所述密钥的完整性。A mobile terminal according to claim 11 or 12, wherein said key writing program further comprises verification information for detecting integrity of said key.
如权利要求13所述的移动终端，其特征在于，The mobile terminal of claim 13 wherein:

所述删除单元，包括：The deleting unit includes:

检测子单元，用于基于所述移动终端安装的***应用以及所述检验信息，检测所述密钥是否完整；a detecting subunit, configured to detect whether the key is complete based on a system application installed by the mobile terminal and the verification information;

删除子单元，用于在检测到所述密钥是完整的情况下，删除所述密钥写入程序。The delete subunit is configured to delete the key write program if it is detected that the key is complete.
如权利要求11至14任一项所述的移动终端，其特征在于，所述移动终端还包括：The mobile terminal according to any one of claims 11 to 14, wherein the mobile terminal further comprises:

复查单元，在所述删除单元删除所述密钥写入程序之后，用于每隔预设时间，检测所述密钥是否满足预设条件；在检测到所述密钥不满足预设条件时，向所述服务器发送所述获取请求；接收服务器响应所述获取请求而生成的所述密钥写入程序；运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。After the deleting unit deletes the key writing program, the checking unit is configured to detect whether the key meets a preset condition every preset time; when detecting that the key does not satisfy a preset condition Transmitting the acquisition request to the server; receiving the key writing program generated by the server in response to the obtaining request; running the key writing program to write the key into an encrypted storage of the mobile terminal region.
如权利要求9至16任一项所述的移动终端，其特征在于，所述预设类型数据包括以下至少一种：指纹数据、声纹数据或人脸图像数据。 The mobile terminal according to any one of claims 9 to 16, wherein the preset type data comprises at least one of the following: fingerprint data, voiceprint data or face image data.
一种移动终端，其特征在于，包括：A mobile terminal, comprising:

处理器、存储器、通信接口和通信总线，所述处理器、所述存储器和所述通信接口通过所述通信总线连接并完成相互间的通信；a processor, a memory, a communication interface, and a communication bus, wherein the processor, the memory, and the communication interface are connected by the communication bus and complete communication with each other;

所述存储器存储有可执行程序代码，所述通信接口用于无线通信；The memory stores executable program code for wireless communication;

所述处理器用于调用所述存储器中的所述可执行程序代码，执行如下步骤：The processor is configured to invoke the executable program code in the memory, and perform the following steps:

在检测到移动终端当前安装的***第一次启动时，获取服务器推送的数据包，所述数据包包括密钥写入程序；When detecting that the system currently installed by the mobile terminal is started for the first time, acquiring a data packet pushed by the server, where the data packet includes a key writing program;

提取所述数据包中的所述密钥写入程序，所述密钥写入程序携带密钥；Extracting the key writing program in the data packet, the key writing program carrying a key;

运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域，所述密钥用于加密预设类型数据。The key writer is run to write the key to an encrypted storage area of the mobile terminal, the key being used to encrypt preset type data.
如权利要求17所述的移动终端，其特征在于，所述处理器还用于调用所述存储器中的所述可执行程序代码，执行如下步骤：The mobile terminal of claim 17, wherein the processor is further configured to invoke the executable program code in the memory, and perform the following steps:

在检测到所述密钥满足预设条件时，删除所述密钥写入程序。The key writing program is deleted when it is detected that the key satisfies a preset condition.
如权利要求18所述的移动终端，其特征在于，所述处理器还用于调用所述存储器中的所述可执行程序代码，执行如下步骤：The mobile terminal of claim 18, wherein the processor is further configured to invoke the executable program code in the memory, and perform the following steps:

在检测到所述密钥不满足预设条件时，向所述服务器发送获取请求，所述获取请求用于向所述服务器请求获取所述密钥写入程序；And detecting, when the key does not meet the preset condition, sending an acquisition request to the server, where the obtaining request is used to request the server to acquire the key writing program;

接收所述服务器响应所述获取请求而生成的所述密钥写入程序；Receiving the key writing program generated by the server in response to the obtaining request;

运行所述密钥写入程序，将所述密钥写入移动终端的加密存储区域。The key writer is run to write the key to an encrypted storage area of the mobile terminal.
如权利要求18或19所述的移动终端，其特征在于，所述密钥写入程序还包括检验信息，所述检验信息用于检测所述密钥的完整性，在在检测到所述密钥满足预设条件时，删除所述密钥写入程序方面，所述处理器具体用于调用所述存储器中的所述可执行程序代码，执行如下步骤：A mobile terminal according to claim 18 or 19, wherein said key writing program further comprises verification information for detecting integrity of said key, said secret being detected When the key meets the preset condition, the key writer is deleted, and the processor is specifically configured to invoke the executable program code in the memory, and perform the following steps:

基于所述移动终端安装的***应用以及所述检验信息，检测所述密钥是否完整；Detecting whether the key is based on a system application installed by the mobile terminal and the verification information complete;

在检测到所述密钥是完整的情况下，删除所述密钥写入程序。 In the case where it is detected that the key is complete, the key writer is deleted.