[go: up one dir, main page]

WO2013182155A1 - Firmware version upgrade method and system - Google Patents

Firmware version upgrade method and system Download PDF

Info

Publication number
WO2013182155A1
WO2013182155A1 PCT/CN2013/079784 CN2013079784W WO2013182155A1 WO 2013182155 A1 WO2013182155 A1 WO 2013182155A1 CN 2013079784 W CN2013079784 W CN 2013079784W WO 2013182155 A1 WO2013182155 A1 WO 2013182155A1
Authority
WO
WIPO (PCT)
Prior art keywords
version
firmware version
mobile terminal
handshake
upgraded
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2013/079784
Other languages
French (fr)
Chinese (zh)
Inventor
刘明辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Publication of WO2013182155A1 publication Critical patent/WO2013182155A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • G06F8/654Updates using techniques specially adapted for alterable solid state memories, e.g. for EEPROM or flash memories

Definitions

  • the present invention relates to the field of mobile terminals, and in particular to firmware upgrade techniques.
  • a mobile terminal also known as a mobile communication terminal, refers to a portable mobile computer device, and in a broad sense, includes a mobile phone, a data card, a tablet computer, and the like.
  • Firmware refers to the software that is the most basic and lowest-level work of a digital product. It is usually stored in the EEPROM or FLASH chip of the device and can be upgraded by the user through a specific firmware upgrade tool.
  • the firmware upgrade tool refers to the auxiliary software used to upgrade the firmware version on the mobile terminal.
  • the firmware version is closely related to the terminal hardware, the firmware of the early mobile terminal is generally only available from the manufacturer. The manufacturer will undergo detailed testing and verification before releasing the firmware version to ensure that the firmware version is well matched with the mobile terminal and its function meets the requirements of users and operators.
  • the firmware version provided by such non-terminal vendors may have the following problems:
  • the firmware version may contain malicious programs such as malicious hidden programs and viruses, and security cannot be guaranteed;
  • custom mobile terminals usually have special requirements for the firmware version, such as: require a built-in specific application, can only access a specific operator's mobile network. In this case, the operator usually does not allow the user to upgrade the terminal firmware at will.
  • the current common firmware upgrade methods are usually: PC side upgrade tool and mobile terminal establish data transmission channel (USB, virtual serial port, network port, etc.); and pre-stored in the PC side storage medium
  • the version file is sequentially transmitted to the data receiving module of the mobile terminal, and the data receiving module transfers the received data to the storage medium of the mobile terminal.
  • the process does not verify the legality of the upgrade tool used, nor does it verify the legality of the firmware version, and there is no firmware legality mechanism on the mobile terminal.
  • the embodiment of the present invention provides a method and a system for upgrading a firmware version, which can overcome the problem that the firmware upgrade technology cannot verify the validity of the firmware version, and thus the problem that the firmware version to be upgraded matches the mobile terminal to be upgraded cannot be guaranteed.
  • a method for upgrading a firmware version including: the upgrade tool performs version validity check processing on the firmware version to be upgraded, and sends the handshake authentication information to the mobile according to the version validity check result.
  • the mobile terminal performs the handshake verification process on the upgrade tool by using the handshake authentication information, and receives the firmware version to be upgraded delivered by the upgrade tool when the handshake verification is successful.
  • the mobile terminal performs version legality verification processing on the received firmware version to be upgraded, when the version validity check result is a legal firmware version.
  • each version file of the firmware version to be upgraded has a digital signature
  • the upgrade tool uses a pre-stored signature key to verify the digital signature of each version file, if each of the firmware versions to be upgraded If the version file is successfully verified, it is determined that the firmware version to be upgraded is a legal firmware version.
  • handshake authentication information including a handshake authentication command and handshake authentication data is generated and sent to the mobile terminal.
  • the mobile terminal decrypts the ciphertext data in the handshake authentication data by using a pre-stored handshake key, and obtains plaintext data and plaintext data in the handshake authentication data. A match is made to determine that the mobile terminal successfully handshaking with the upgrade tool.
  • the method further comprises:
  • the mobile terminal After the mobile terminal determines that it has successfully handshake with the upgrade tool, it switches to the upgrade mode according to the mode switching information from the upgrade tool, so as to receive the firmware version delivered by the upgrade tool.
  • the mobile terminal performs digital signature verification on each version file of the firmware version to be upgraded by using the pre-stored signature key. If each version file is successfully verified, it is determined that the firmware version to be upgraded is Legal firmware version.
  • the method further comprises:
  • the mobile terminal replaces the current firmware version with the firmware version to be upgraded, and performs version legality verification processing on the firmware version to be upgraded during the restart using the firmware version to be upgraded. .
  • an anti-firmware upgrade system including an upgrade tool and a mobile terminal, wherein:
  • the upgrade tool is configured to: perform a version legality verification process on the upgraded firmware version, and send handshake authentication information to the mobile terminal according to the version validity check result;
  • the mobile terminal is configured to perform handshake check processing on the upgrade tool by using the handshake authentication information, and receive the firmware version to be upgraded by the upgrade tool when the handshake verification is successful, and receive the firmware to be upgraded.
  • the version performs the version validity check processing.
  • the version validity check result is the legal firmware version
  • the firmware version is upgraded.
  • the upgrade tool comprises:
  • a signature verification module configured to: perform digital signature verification on each version file of the firmware version to be upgraded by using a pre-stored signature key, and if the verification of each version file is successful, determine the firmware to be upgraded.
  • the version is the legal firmware version
  • the handshake verification module is configured to: when it is determined that the firmware version to be upgraded is a legal firmware version, generate handshake authentication information including a handshake authentication command and handshake authentication data, and send the handshake authentication information to the mobile terminal.
  • the mobile terminal includes:
  • the handshake authentication module is configured to: after receiving the handshake authentication information, decrypt the ciphertext data in the handshake authentication data by using a pre-stored handshake key, and obtain the plaintext data and the handshake authentication data.
  • the plaintext data in the match is matched to determine that the mobile terminal successfully handshaking with the upgrade tool;
  • the signature verification module is configured to: perform digital signature verification on each version file of the firmware version to be upgraded by using the pre-stored signature key, and if each version file is verified successfully,
  • the firmware version to be upgraded is a legal firmware version.
  • the embodiment of the invention further provides a mobile terminal, including:
  • the handshake authentication module is configured to: perform handshake verification processing on the upgrade tool by using the handshake authentication information sent by the upgrade tool, and receive the firmware version to be upgraded delivered by the upgrade tool when the handshake verification is successful, where
  • the handshake authentication information includes a validity check result of the version to be upgraded;
  • the signature verification module is configured to: perform version verification processing on the received firmware version to be upgraded, and perform firmware version upgrade when the version validity check result is a legal firmware version;
  • the handshake authentication module is configured to: after receiving the handshake authentication information, decrypt the ciphertext data in the handshake authentication data by using a pre-stored handshake key, and decrypt the obtained plaintext data. Matching with the plaintext data in the handshake authentication data to determine whether the mobile terminal and the upgrade tool successfully handshake.
  • the signature verification module is configured to: perform digital signature verification on each version file of the received firmware version to be upgraded by using a pre-stored signature key, and if each version file is verified successfully, It is determined that the firmware version to be upgraded is a legal firmware version.
  • the embodiment of the invention can prevent the mobile terminal from being upgraded to the illegal firmware version, improve the security of the mobile terminal upgrade process, and effectively ensure that the interests of the terminal user and the operator are not infringed by the illegal firmware.
  • FIG. 1 is a block diagram of a method for upgrading a firmware version according to an embodiment of the present invention
  • FIG. 3 is a structural diagram of a mobile terminal according to an embodiment of the present invention.
  • FIG. 4 is a structural diagram of an upgrade tool provided by an embodiment of the present invention
  • FIG. 5 is a structural diagram of a digital signature component after a version file according to an embodiment of the present invention.
  • Embodiments of the present invention provide a method and system for preventing a mobile terminal from being upgraded to an illegal firmware version based on encryption technology and digital signature technology.
  • 1 is a block diagram of a method for preventing a mobile terminal from being upgraded to an illegal firmware version according to an embodiment of the present invention. As shown in FIG. 1, the method includes:
  • Step 101 The upgrade tool verifies the legality of the firmware version to be upgraded stored on the master device.
  • the firmware version to be upgraded has multiple version files, each of which has a digital signature, and the upgrade tool verifies the digital signature of each version file by using a pre-stored signature key.
  • the upgrade tool determines that the firmware version to be upgraded is a legal firmware version.
  • Step 102 The upgrade tool and the mobile terminal mutually authenticate by handshake.
  • the handshake authentication information including the handshake authentication command and the handshake authentication data is sent to the mobile terminal.
  • the mobile terminal After receiving the handshake authentication information, the mobile terminal checks the handshake authentication data therein, and feeds back the handshake verification result to the upgrade tool. When the handshake verification is successful, the mobile terminal determines that the upgrade tool is a legal upgrade tool, otherwise the upgrade tool is determined to be an illegal upgrade tool.
  • the upgrade tool receives the handshake authentication result from the mobile terminal, and if successful, sends the mode switch information to the mobile terminal to notify the mobile terminal to switch to the upgrade mode.
  • the mobile terminal checks whether the handshake authentication is successful. If successful, the mobile terminal cuts into the upgrade mode.
  • Step 103 The upgrade tool transmits the firmware version to be upgraded to the mobile terminal.
  • the firmware version to be upgraded has multiple version files, and the upgrade tool delivers the multiple version files to the mobile terminal in turn.
  • Step 104 The mobile terminal sequentially receives the plurality of version files, and performs verification on the received version file.
  • the mobile terminal performs digital signature verification on each version file of the firmware version to be upgraded by using the pre-stored signature key. If each version file is successfully verified, it is determined that the firmware version to be upgraded is a legal firmware version. .
  • Step 105 The mobile terminal replaces the old version with the received firmware version to be upgraded.
  • the upgrade tool notifies the mobile terminal that all version files are delivered, and the mobile terminal is required to replace the old version. At this time, the mobile terminal replaces the current version with the firmware version to be upgraded stored in the spare storage area.
  • Step 106 The mobile terminal restarts to complete the upgrade process.
  • the upgrade tool notifies the mobile terminal to exit the upgrade mode and restart. At this point, the mobile terminal restarts with the new firmware version, and the digital signature verification of each version file of the firmware version is still performed during the startup process, and the upgrade process is completed.
  • steps 101 to 106 it can be seen from steps 101 to 106 that the embodiments of the present invention achieve the goal of preventing illegal firmware upgrade by the following four technical means:
  • the upgrade tool performs signature verification on each version file of the firmware version.
  • the upgrade tool running on the master device will perform signature verification on the version files of the firmware version saved on the master device before performing the upgrade operation. If the signature information does not exist or the signature information fails to be verified, it is not allowed. Mobile terminal upgrade. Therefore, it is possible to effectively prevent illegal firmware version upgrades of unknown source at the level of the upgrade tool.
  • the mobile terminal is in the forbidden upgrade state when the mobile terminal is normally started.
  • the upgrade tool sends the handshake authentication information before the firmware sends the firmware version to the mobile terminal.
  • the mobile terminal checks the handshake authentication information. If the verification fails, the upgrade tool is considered to be an illegal upgrade tool, and the mobile terminal maintains the upgrade prohibition state, and the subsequent upgrade action is not allowed. Therefore, the user can be prevented from using the illegal upgrade tool to bypass the signature verification process for the version file.
  • the mobile terminal checks the version files of the firmware version.
  • each time the mobile terminal receives a version file it will verify the digital signature of the version file. If it fails, the upgrade process will be stopped. Therefore, it can prevent illegal tools from bypassing the mobile terminal.
  • the end authentication mechanism performs a firmware upgrade.
  • the digital signature of the version file is verified during the startup of the mobile terminal. If no digital signature information or digital signature verification fails, the user is prompted and enters the upgrade mode until the upgrade to the legal digital signature version. Therefore, it is possible to prevent the mobile terminal from being upgraded to an illegal firmware version by directly burning the storage medium.
  • FIG. 2 is a flowchart of an implementation of preventing an upgrade of a mobile terminal to an illegal firmware version according to an embodiment of the present invention. As shown in FIG. 2, the method includes:
  • Step 201 The upgrade tool performs validity verification on each version file of the firmware version stored on the master device by using the signature key paired with the key used by the digital signature of the mobile terminal manufacturer and the corresponding digest algorithm.
  • Step 202 If the version files of all the firmware versions are valid, the upgrade tool sends the handshake authentication command and the handshake authentication information of the handshake authentication data to the mobile terminal, where the handshake authentication data includes the plaintext before encryption and the encrypted Cipher text.
  • Step 203 After receiving the handshake authentication command, the mobile terminal decrypts the ciphertext data by using the stored handshake key, and checks whether the decrypted data is consistent with the received plaintext data. If they match, the internal handshake success flag is set to true, and the message of successful handshake is fed back to the upgrade tool.
  • Step 204 After the upgrade tool receives the handshake verification result, it checks whether the handshake is successful. If successful, the mode switching information is sent to the mobile terminal, and the mobile terminal is notified to switch to the upgrade mode.
  • Step 205 After receiving the mode switching information, the mobile terminal checks whether the handshake success flag is true.
  • Step 206 If true, switch to the upgrade mode, and feed back the information about the mode switch success to the upgrade tool.
  • Step 207 The upgrade tool receives and detects feedback information of the mode switching information. If the handover is successful, the first version file of the firmware version is delivered to the mobile terminal.
  • Step 208 The mobile terminal receives the version file, temporarily stores the spare storage area, and verifies the digital signature of the version file. If it is legal, it will send feedback to the upgrade tool that the version file is successfully received. Interest.
  • Step 209 The version files in the firmware version are sent one by one, and after all the delivery is completed, the upgrade tool notifies the mobile terminal that all the version files are delivered, and the mobile terminal is required to replace the old version.
  • Step 210 The mobile terminal replaces the current version with the firmware version stored in the spare storage area, and feeds back the version replacement result to the upgrade tool.
  • Step 211 The upgrade tool checks the version replacement information. If the replacement is successful, the mobile terminal is notified to exit the upgrade mode and restart.
  • Step 212 The mobile terminal restarts with the new firmware version. During the restart process, it is detected whether the digital signature of each version file is legal. If it is legal, it will start normally and the upgrade process is completed.
  • Step 213 If the version file is abnormal during the restart of the mobile terminal, the user is prompted, and the upgrade mode is automatically entered. Until the terminal is upgraded to the legal firmware version.
  • step 201 the upgrade tool verifies the legality of each version file of the firmware version, and if the verification fails, the upgrade process is aborted, thereby preventing unsigned illegal firmware upgrade.
  • the upgrade tool will handshake with the mobile terminal to prevent the unauthenticated illegal upgrade tool from upgrading the mobile terminal.
  • step 208 the mobile terminal checks the validity of the received version file to ensure that the received version file is legal.
  • step 213 when the mobile terminal is restarted for the first time after the upgrade is completed, the signature verification module that is solidified in the ROM of the mobile terminal is used to perform digital signature verification on each version file loaded, and if not successful, the mobile terminal automatically enters. Upgrade mode, waiting for handshake authentication, until upgrading to a legal version.
  • the embodiment of the invention further provides a system for preventing a mobile terminal from upgrading to an illegal firmware version, including a mobile terminal and an upgrade tool running on a master control device (such as a PC), mutual authentication by the mobile terminal and the upgrade tool, and two The verification of each version file of the upgraded firmware version implements the function of preventing the device from being upgraded to an illegal firmware version.
  • a master control device such as a PC
  • FIG. 3 is a structural diagram of a mobile terminal according to an embodiment of the present invention. As shown in FIG. 3, the method includes:
  • the handshake authentication module is configured to decrypt the ciphertext data in the handshake authentication data by using the pre-stored handshake key after receiving the handshake authentication information, and obtain the plaintext data and the handshake authentication data.
  • the plaintext data is matched to determine that the mobile terminal successfully handshaking with the upgrade tool;
  • the signature verification module is configured to perform digital signature verification on each version file of the firmware version to be upgraded by using the pre-stored signature key. If each version file is successfully verified, the firmware to be upgraded is determined.
  • the version is the legal firmware version
  • service function modules are set to implement other service functions such as short message service and call service.
  • the upgrade tool is configured to perform version legality verification processing on the firmware version to be upgraded, and send handshake authentication information to the mobile terminal according to the verification result of the version validity.
  • 4 is a structural diagram of an upgrade tool provided by an embodiment of the present invention. As shown in FIG. 4, the method includes:
  • the signature verification module is configured to perform digital signature verification on each version file of the upgrade firmware version by using the pre-stored signature key. If the verification of each version file is successful, it is determined that the firmware version to be upgraded is Legal firmware version;
  • the handshake verification module is configured to: when determining that the firmware version to be upgraded is a legal firmware version, generate handshake authentication information including a handshake authentication command and handshake authentication data, and send the handshake authentication information to the mobile terminal; and the data transmission module is configured to be to be upgraded firmware The version is sent to the mobile terminal;
  • the command transceiver module is configured to receive an instruction from the mobile terminal or send an instruction to the mobile terminal.
  • the master device is responsible for providing the operating environment of the upgrade tool and providing data channels for data interaction with the mobile terminal.
  • the upgrade tool runs on the master device, and is responsible for verifying the validity of the firmware version file, performing handshake authentication with the terminal, and sending the version file stored on the master device to the mobile terminal.
  • the mobile terminal is responsible for shaking hands with the upgrade tool, receiving the version file delivered by the upgrade tool, verifying the validity of the received version file, and writing the legal version file to the storage medium of the mobile terminal.
  • the firmware version can consist of multiple version files, which are divided into legal and illegal versions.
  • Figure 5 is the invention
  • the digital signature in the version file provided by the embodiment constitutes a structural diagram, and each version file of the legal version includes digital signature information of the terminal manufacturer, and the illegal version does not include. Affecting the illegal firmware version used by the mobile terminal, thereby effectively protecting the normal operation and use of the mobile terminal, and protecting the interests of the user and the operator.
  • the embodiment of the invention can prevent the mobile terminal from being upgraded to the illegal firmware version, improve the security of the mobile terminal upgrade process, and effectively ensure that the interests of the terminal user and the operator are not infringed by the illegal firmware.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)
  • Mobile Radio Communication Systems (AREA)

Description

一种固件版本升级的方法及系统 技术领域  Method and system for upgrading firmware version

本发明涉及移动终端领域, 特别涉及固件升级技术。  The present invention relates to the field of mobile terminals, and in particular to firmware upgrade techniques.

背景技术 Background technique

移动终端, 亦称移动通信终端, 是指便携的移动计算机设备, 广义的讲, 包括手机、 数据卡、 平板电脑等。  A mobile terminal, also known as a mobile communication terminal, refers to a portable mobile computer device, and in a broad sense, includes a mobile phone, a data card, a tablet computer, and the like.

固件是指担任着一个数码产品最基础、 最底层工作的软件, 一般存储于 设备中的 EEPROM或 FLASH芯片中, 可由用户通过特定的固件升级工具进 行升级。  Firmware refers to the software that is the most basic and lowest-level work of a digital product. It is usually stored in the EEPROM or FLASH chip of the device and can be upgraded by the user through a specific firmware upgrade tool.

固件升级工具是指用于升级移动终端上的固件版本的辅助软件。  The firmware upgrade tool refers to the auxiliary software used to upgrade the firmware version on the mobile terminal.

由于固件版本和终端硬件紧密相关, 早期的移动终端的固件一般只能由 生产厂商提供。 厂商在发布固件版本前会经过详细的测试和验证, 从而保证 固件版本与移动终端能够良好匹配, 且其功能满足用户及运营商的要求。  Since the firmware version is closely related to the terminal hardware, the firmware of the early mobile terminal is generally only available from the manufacturer. The manufacturer will undergo detailed testing and verification before releasing the firmware version to ensure that the firmware version is well matched with the mobile terminal and its function meets the requirements of users and operators.

随着智能移动终端及其操作系统的发展, 尤其是开源的 Android操作系 统的发展, 除终端厂商外, 大量的个人或第三方公司也开始开发并提供移动 终端固件。  With the development of smart mobile terminals and their operating systems, especially the development of open source Android operating systems, in addition to terminal manufacturers, a large number of individuals or third-party companies have begun to develop and provide mobile terminal firmware.

这类非终端厂商提供的固件版本, 可能存在以下问题:  The firmware version provided by such non-terminal vendors may have the following problems:

1、 由于这类版本往往是较通用版本, 并没有针对特定硬件配置进行专门 的测试和验证, 不能保证与终端设备良好匹配;  1. Since this version is often a more general version and is not specifically tested and verified for a specific hardware configuration, there is no guarantee that it will be well matched to the terminal device;

2、 固件版本中可能含有恶意潜藏程序、 病毒等破坏性程序, 安全性无法 保证;  2. The firmware version may contain malicious programs such as malicious hidden programs and viruses, and security cannot be guaranteed;

3、 不能满足运营商定制要求, 定制移动终端通常对固件版本有特殊的定 制要求, 如: 要求内置特定应用、 只能接入特定运营商的移动网络等。 这种 情况下, 运营商通常不允许用户随意升级终端固件。  3, can not meet the operator's customization requirements, custom mobile terminals usually have special requirements for the firmware version, such as: require a built-in specific application, can only access a specific operator's mobile network. In this case, the operator usually does not allow the user to upgrade the terminal firmware at will.

目前常见的固件升级方法通常是: PC侧升级工具与移动终端建立数据传 输通道(USB、 虚拟串口、 网口等); 并将预先存储在 PC侧存储介质中的固 件版本文件依次传送给移动终端数据接收模块,数据接收模块再将接收到的 数据转存到移动终端的存储介质中。 该过程并未对所用升级工具的合法性进 行验证, 也未对固件版本的合法性进行验证, 且移动终端上也没有固件合法 性马全证机制。 The current common firmware upgrade methods are usually: PC side upgrade tool and mobile terminal establish data transmission channel (USB, virtual serial port, network port, etc.); and pre-stored in the PC side storage medium The version file is sequentially transmitted to the data receiving module of the mobile terminal, and the data receiving module transfers the received data to the storage medium of the mobile terminal. The process does not verify the legality of the upgrade tool used, nor does it verify the legality of the firmware version, and there is no firmware legality mechanism on the mobile terminal.

发明内容 Summary of the invention

本发明实施例提供一种固件版本升级的方法及系统, 能够克服固件升级 技术中存在的不能检验固件版本合法性, 进而导致无法保证待升级固件版本 与待升级移动终端匹配的问题和缺陷。  The embodiment of the present invention provides a method and a system for upgrading a firmware version, which can overcome the problem that the firmware upgrade technology cannot verify the validity of the firmware version, and thus the problem that the firmware version to be upgraded matches the mobile terminal to be upgraded cannot be guaranteed.

根据本发明的一个实施例, 提供了一种固件版本升级的方法, 包括: 升级工具对待升级固件版本进行版本合法性校验处理, 并根据版本合法 性校验结果, 将握手认证信息发送至移动终端;  According to an embodiment of the present invention, a method for upgrading a firmware version is provided, including: the upgrade tool performs version validity check processing on the firmware version to be upgraded, and sends the handshake authentication information to the mobile according to the version validity check result. Terminal

移动终端利用所述握手认证信息, 对所述升级工具进行握手校验处理, 当握手校验成功时, 接收所述升级工具下发的待升级固件版本;  The mobile terminal performs the handshake verification process on the upgrade tool by using the handshake authentication information, and receives the firmware version to be upgraded delivered by the upgrade tool when the handshake verification is successful.

移动终端对收到的所述待升级固件版本进行版本合法性校验处理, 当版 本合法性校验结果为合法固件版本时。  The mobile terminal performs version legality verification processing on the received firmware version to be upgraded, when the version validity check result is a legal firmware version.

优选地, 所述待升级固件版本的每个版本文件均具有数字签名, 升级工 具利用预存的签名密钥, 对每个版本文件的数字签名进行校验, 若所述待升 级固件版本的每个版本文件均校验成功, 则确定所述待升级固件版本是合法 固件版本。  Preferably, each version file of the firmware version to be upgraded has a digital signature, and the upgrade tool uses a pre-stored signature key to verify the digital signature of each version file, if each of the firmware versions to be upgraded If the version file is successfully verified, it is determined that the firmware version to be upgraded is a legal firmware version.

优选地, 当升级工具确定所述待升级固件版本是合法固件版本时, 生成 包含握手认证指令和握手认证数据的握手认证信息, 并发送至移动终端。  Preferably, when the upgrade tool determines that the firmware version to be upgraded is a legal firmware version, handshake authentication information including a handshake authentication command and handshake authentication data is generated and sent to the mobile terminal.

优选地, 移动终端收到所述握手认证信息后, 利用预存的握手密钥对所 述握手认证数据中的密文数据进行解密处理, 并将得到明文数据与所述握手 认证数据中的明文数据进行匹配, 以便确定移动终端与升级工具成功握手。  Preferably, after receiving the handshake authentication information, the mobile terminal decrypts the ciphertext data in the handshake authentication data by using a pre-stored handshake key, and obtains plaintext data and plaintext data in the handshake authentication data. A match is made to determine that the mobile terminal successfully handshaking with the upgrade tool.

优选地, 还包括:  Preferably, the method further comprises:

移动终端确定其与升级工具握手成功后, 根据来自升级工具的模式切换 信息切换到升级模式, 以便接收升级工具下发的固件版本。 优选地, 移动终端利用预存的签名密钥, 对收到的待升级固件版本的每 个版本文件进行数字签名校验, 若每个版本文件均校验成功, 则确定所述待 升级固件版本是合法固件版本。 After the mobile terminal determines that it has successfully handshake with the upgrade tool, it switches to the upgrade mode according to the mode switching information from the upgrade tool, so as to receive the firmware version delivered by the upgrade tool. Preferably, the mobile terminal performs digital signature verification on each version file of the firmware version to be upgraded by using the pre-stored signature key. If each version file is successfully verified, it is determined that the firmware version to be upgraded is Legal firmware version.

优选地, 还包括:  Preferably, the method further comprises:

移动终端使用所述待升级固件版本替换当前固件版本, 并在利用所述待 升级固件版本重启期间, 对所述待升级固件版本进行版本合法性校验处理。 。  The mobile terminal replaces the current firmware version with the firmware version to be upgraded, and performs version legality verification processing on the firmware version to be upgraded during the restart using the firmware version to be upgraded. .

根据本发明的另一实施例, 提供了一种防止固件版本升级系统, 包括升 级工具和移动终端, 其中:  According to another embodiment of the present invention, there is provided an anti-firmware upgrade system, including an upgrade tool and a mobile terminal, wherein:

升级工具设置为: 对待升级固件版本进行版本合法性校验处理, 并根据 版本合法性校验结果, 将握手认证信息发送至所述移动终端;  The upgrade tool is configured to: perform a version legality verification process on the upgraded firmware version, and send handshake authentication information to the mobile terminal according to the version validity check result;

移动终端设置为: 利用所述握手认证信息, 对所述升级工具进行握手校 验处理, 当握手校验成功时, 接收升级工具下发的待升级固件版本, 并对所 收到的待升级固件版本进行版本合法性校验处理, 当版本合法性校验结果为 合法固件版本时, 进行固件版本升级。  The mobile terminal is configured to perform handshake check processing on the upgrade tool by using the handshake authentication information, and receive the firmware version to be upgraded by the upgrade tool when the handshake verification is successful, and receive the firmware to be upgraded. The version performs the version validity check processing. When the version validity check result is the legal firmware version, the firmware version is upgraded.

优选地, 所述升级工具包括:  Preferably, the upgrade tool comprises:

签名校验模块, 其设置为: 利用预存的签名密钥, 对待升级固件版本的 每个版本文件进行数字签名校验, 若所述每个版本文件均校验成功, 则确定 所述待升级固件版本是合法固件版本;  a signature verification module, configured to: perform digital signature verification on each version file of the firmware version to be upgraded by using a pre-stored signature key, and if the verification of each version file is successful, determine the firmware to be upgraded. The version is the legal firmware version;

握手验证模块, 其设置为: 当确定所述待升级固件版本是合法固件版本 时, 生成包含握手认证指令和握手认证数据的握手认证信息, 并发送至移动 终端。  The handshake verification module is configured to: when it is determined that the firmware version to be upgraded is a legal firmware version, generate handshake authentication information including a handshake authentication command and handshake authentication data, and send the handshake authentication information to the mobile terminal.

优选地, 所述移动终端包括:  Preferably, the mobile terminal includes:

握手认证模块, 其设置为: 在收到所述握手认证信息后, 利用预存的握 手密钥对所述握手认证数据中的密文数据进行解密处理, 并将得到明文数据 与所述握手认证数据中的明文数据进行匹配, 以便确定移动终端与升级工具 成功握手;  The handshake authentication module is configured to: after receiving the handshake authentication information, decrypt the ciphertext data in the handshake authentication data by using a pre-stored handshake key, and obtain the plaintext data and the handshake authentication data. The plaintext data in the match is matched to determine that the mobile terminal successfully handshaking with the upgrade tool;

签名校验模块, 其设置为: 利用预存的签名密钥, 对收到的待升级固件 版本的每个版本文件进行数字签名校验, 若每个版本文件均校验成功, 则确 定所述待升级固件版本是合法固件版本。 The signature verification module is configured to: perform digital signature verification on each version file of the firmware version to be upgraded by using the pre-stored signature key, and if each version file is verified successfully, The firmware version to be upgraded is a legal firmware version.

本发明实施例还提供一种移动终端, 包括:  The embodiment of the invention further provides a mobile terminal, including:

握手认证模块, 其设置为: 利用升级工具发送的握手认证信息, 对所述 升级工具进行握手校验处理, 当握手校验成功时, 接收所述升级工具下发的 待升级固件版本, 其中, 所述握手认证信息包括待升级版本的合法性校验结 果;  The handshake authentication module is configured to: perform handshake verification processing on the upgrade tool by using the handshake authentication information sent by the upgrade tool, and receive the firmware version to be upgraded delivered by the upgrade tool when the handshake verification is successful, where The handshake authentication information includes a validity check result of the version to be upgraded;

签名校验模块, 其设置为: 对收到的所述待升级固件版本进行版本合法 性校验处理, 当版本合法性校验结果为合法固件版本时, 进行固件版本升级; 以及  The signature verification module is configured to: perform version verification processing on the received firmware version to be upgraded, and perform firmware version upgrade when the version validity check result is a legal firmware version;

升级代理模块, 设置为与升级工具进行交互。  Upgrade the agent module, set to interact with the upgrade tool.

优选地, 所述握手认证模块是设置为: 在收到所述握手认证信息后, 利 用预存的握手密钥对所述握手认证数据中的密文数据进行解密处理, 并将解 密得到的明文数据与所述握手认证数据中的明文数据进行匹配, 以便确定移 动终端与升级工具是否成功握手。  Preferably, the handshake authentication module is configured to: after receiving the handshake authentication information, decrypt the ciphertext data in the handshake authentication data by using a pre-stored handshake key, and decrypt the obtained plaintext data. Matching with the plaintext data in the handshake authentication data to determine whether the mobile terminal and the upgrade tool successfully handshake.

优选地, 所述签名校验模块是设置为: 利用预存的签名密钥, 对收到的 待升级固件版本的每个版本文件进行数字签名校验, 若每个版本文件均校验 成功, 则确定所述待升级固件版本是合法固件版本。  Preferably, the signature verification module is configured to: perform digital signature verification on each version file of the received firmware version to be upgraded by using a pre-stored signature key, and if each version file is verified successfully, It is determined that the firmware version to be upgraded is a legal firmware version.

本发明实施例能够防止将移动终端升级到非法固件版本, 提高了移动终 端升级过程的安全性, 有效保证了终端用户及运营商的利益不受非法固件的 侵害。 附图概述 The embodiment of the invention can prevent the mobile terminal from being upgraded to the illegal firmware version, improve the security of the mobile terminal upgrade process, and effectively ensure that the interests of the terminal user and the operator are not infringed by the illegal firmware. BRIEF abstract

图 1是本发明实施例提供的固件版本升级的方法框图;  1 is a block diagram of a method for upgrading a firmware version according to an embodiment of the present invention;

图 2是本发明实施例提供的固件版本升级的流程图;  2 is a flowchart of firmware version upgrade provided by an embodiment of the present invention;

图 3是本发明实施例提供的移动终端的组成结构图;  3 is a structural diagram of a mobile terminal according to an embodiment of the present invention;

图 4是本发明实施例提供的升级工具的组成结构图; 图 5是本发明实施例提供的版本文件后的数字签名组成结构图。 4 is a structural diagram of an upgrade tool provided by an embodiment of the present invention; FIG. 5 is a structural diagram of a digital signature component after a version file according to an embodiment of the present invention.

本发明的较佳实施方式 Preferred embodiment of the invention

以下结合附图对本发明的优选实施例进行详细说明, 应当理解, 以下所 说明的优选实施例仅用于说明和解释本发明, 并不用于限定本发明。 需要说 明的是, 在不冲突的情况下, 本申请中的实施例及实施例中的特征可以相互 任意组合。  The preferred embodiments of the present invention are described in detail below with reference to the accompanying drawings. It should be noted that the features in the embodiments and the embodiments of the present application can be arbitrarily combined with each other without conflict.

本发明实施例提出了一种基于加密技术和数字签名技术的、 防止将移动 终端升级到非法固件版本的方法和系统。 图 1是本发明实施例提供的防止移 动终端升级到非法固件版本的方法框图, 如图 1所示, 该方法包括:  Embodiments of the present invention provide a method and system for preventing a mobile terminal from being upgraded to an illegal firmware version based on encryption technology and digital signature technology. 1 is a block diagram of a method for preventing a mobile terminal from being upgraded to an illegal firmware version according to an embodiment of the present invention. As shown in FIG. 1, the method includes:

步骤 101 : 升级工具验证主控设备上存储的待升级固件版本的合法性。 所述待升级固件版本具有多个版本文件, 其每个具有数字签名, 升级工 具利用预存的签名密钥, 对每个版本文件的数字签名进行校验。 当所述待升 级固件版本的每个版本文件均校验成功时, 升级工具确定所述待升级固件版 本是合法固件版本。  Step 101: The upgrade tool verifies the legality of the firmware version to be upgraded stored on the master device. The firmware version to be upgraded has multiple version files, each of which has a digital signature, and the upgrade tool verifies the digital signature of each version file by using a pre-stored signature key. When each version file of the firmware version to be upgraded is successfully verified, the upgrade tool determines that the firmware version to be upgraded is a legal firmware version.

步骤 102: 升级工具与移动终端通过握手相互认证。  Step 102: The upgrade tool and the mobile terminal mutually authenticate by handshake.

首先, 升级工具确定主控设备上存储的待升级固件版本是合法固件版本 后, 向移动终端下发包含握手认证指令和握手认证数据的握手认证信息。  First, after the upgrade tool determines that the firmware version to be upgraded stored on the master device is a legal firmware version, the handshake authentication information including the handshake authentication command and the handshake authentication data is sent to the mobile terminal.

其次, 移动终端收到所述握手认证信息后, 校验其中的握手认证数据, 并将握手校验结果反馈至所述升级工具。 当握手校验成功时, 移动终端确定 所述升级工具为合法升级工具, 否则将所述升级工具确定为非法升级工具。  Secondly, after receiving the handshake authentication information, the mobile terminal checks the handshake authentication data therein, and feeds back the handshake verification result to the upgrade tool. When the handshake verification is successful, the mobile terminal determines that the upgrade tool is a legal upgrade tool, otherwise the upgrade tool is determined to be an illegal upgrade tool.

然后, 升级工具接收来自移动终端的握手认证结果, 若成功, 则向移动 终端发送模式切换信息, 以便通知移动终端切换到升级模式。  Then, the upgrade tool receives the handshake authentication result from the mobile terminal, and if successful, sends the mode switch information to the mobile terminal to notify the mobile terminal to switch to the upgrade mode.

最后, 移动终端收到所述模式切换信息后, 检查握手认证是否成功, 若 成功, 则切入到升级模式。  Finally, after receiving the mode switching information, the mobile terminal checks whether the handshake authentication is successful. If successful, the mobile terminal cuts into the upgrade mode.

步骤 103: 升级工具向移动终端传输待升级固件版本。  Step 103: The upgrade tool transmits the firmware version to be upgraded to the mobile terminal.

所述待升级固件版本具有多个版本文件, 升级工具将所述多个版本文件 依次下发至移动终端。 步骤 104: 移动终端依次接收所述多个版本文件, 并对收到的版本文件 进行校验。 The firmware version to be upgraded has multiple version files, and the upgrade tool delivers the multiple version files to the mobile terminal in turn. Step 104: The mobile terminal sequentially receives the plurality of version files, and performs verification on the received version file.

移动终端利用预存的签名密钥, 对收到的待升级固件版本的每个版本文 件进行数字签名校验, 若每个版本文件均校验成功, 则确定所述待升级固件 版本是合法固件版本。  The mobile terminal performs digital signature verification on each version file of the firmware version to be upgraded by using the pre-stored signature key. If each version file is successfully verified, it is determined that the firmware version to be upgraded is a legal firmware version. .

步骤 105: 移动终端使用收到的待升级固件版本替换旧版本。  Step 105: The mobile terminal replaces the old version with the received firmware version to be upgraded.

升级工具通知移动终端所有版本文件下发完成, 要求移动终端替换旧版 本。 此时, 移动终端用存储在备用存储区中的待升级固件版本替换当前版本。  The upgrade tool notifies the mobile terminal that all version files are delivered, and the mobile terminal is required to replace the old version. At this time, the mobile terminal replaces the current version with the firmware version to be upgraded stored in the spare storage area.

步骤 106: 移动终端重启, 完成升级过程。  Step 106: The mobile terminal restarts to complete the upgrade process.

升级工具通知移动终端退出升级模式并重启。 此时, 移动终端釆用新固 件版本重启, 启动过程中仍会对固件版本的各版本文件进行数字签名验证, 升级过程完成。  The upgrade tool notifies the mobile terminal to exit the upgrade mode and restart. At this point, the mobile terminal restarts with the new firmware version, and the digital signature verification of each version file of the firmware version is still performed during the startup process, and the upgrade process is completed.

通过步骤 101至步骤 106可知, 本发明实施例通过如下四个技术手段实 现防止非法固件升级的目标:  It can be seen from steps 101 to 106 that the embodiments of the present invention achieve the goal of preventing illegal firmware upgrade by the following four technical means:

1、 所述升级工具对所述固件版本的各版本文件进行签名校验。  1. The upgrade tool performs signature verification on each version file of the firmware version.

运行在主控设备上的升级工具在执行升级操作前会先对保存在主控设备 上的固件版本的各版本文件进行签名校验, 若不存在签名信息或签名信息校 验失败, 则不允许移动终端升级。 因此, 在升级工具层面能够有效防止来源 不明的非法固件版本升级。  The upgrade tool running on the master device will perform signature verification on the version files of the firmware version saved on the master device before performing the upgrade operation. If the signature information does not exist or the signature information fails to be verified, it is not allowed. Mobile terminal upgrade. Therefore, it is possible to effectively prevent illegal firmware version upgrades of unknown source at the level of the upgrade tool.

移动终端正常启动时处于禁止升级状态, 升级工具在下发固件版本给移 动终端前, 会发送握手认证信息, 移动终端收到握手认证信息后进行校验。 如果校验失败, 则认为该升级工具是非法升级工具, 移动终端保持禁止升级 的状态, 不允许执行后续的升级动作。 因此, 可防止用户釆用非法升级工具 绕过对版本文件的签名校验过程。 The mobile terminal is in the forbidden upgrade state when the mobile terminal is normally started. The upgrade tool sends the handshake authentication information before the firmware sends the firmware version to the mobile terminal. The mobile terminal checks the handshake authentication information. If the verification fails, the upgrade tool is considered to be an illegal upgrade tool, and the mobile terminal maintains the upgrade prohibition state, and the subsequent upgrade action is not allowed. Therefore, the user can be prevented from using the illegal upgrade tool to bypass the signature verification process for the version file.

3、 所述移动终端对所述固件版本的各版本文件的校验。  3. The mobile terminal checks the version files of the firmware version.

升级过程中, 移动终端每收到一个版本文件, 就会对该版本文件的数字 签名进行校验, 若失败则停止升级过程。 因此, 可防止非法工具绕过移动终 端认证机制对其进行固件升级。 During the upgrade process, each time the mobile terminal receives a version file, it will verify the digital signature of the version file. If it fails, the upgrade process will be stopped. Therefore, it can prevent illegal tools from bypassing the mobile terminal. The end authentication mechanism performs a firmware upgrade.

4、 所述移动终端启动过程中对固件版本的各版本文件的校验。  4. The verification of each version file of the firmware version during the startup process of the mobile terminal.

移动终端启动过程中会对版本文件的数字签名进行验证, 若无数字签名 信息或数字签名验证失败, 则给出用户提示并进入升级模式, 直到升级至合 法的数字签名版本。 因此, 可防止通过直接烧录存储介质的方式将移动终端 升级到非法固件版本。  The digital signature of the version file is verified during the startup of the mobile terminal. If no digital signature information or digital signature verification fails, the user is prompted and enters the upgrade mode until the upgrade to the legal digital signature version. Therefore, it is possible to prevent the mobile terminal from being upgraded to an illegal firmware version by directly burning the storage medium.

图 2是本发明实施例提供的防止移动终端升级到非法固件版本的实现流 程图, 如图 2所示, 该方法包括:  FIG. 2 is a flowchart of an implementation of preventing an upgrade of a mobile terminal to an illegal firmware version according to an embodiment of the present invention. As shown in FIG. 2, the method includes:

步骤 201 : 升级工具利用与移动终端厂商的数字签名所用密钥配对的签 名密钥及对应的摘要算法对主控设备上存储的固件版本的各版本文件逐一进 行合法性校验。  Step 201: The upgrade tool performs validity verification on each version file of the firmware version stored on the master device by using the signature key paired with the key used by the digital signature of the mobile terminal manufacturer and the corresponding digest algorithm.

步骤 202: 若所有固件版本的各版本文件均合法, 则升级工具向移动终 端下发握手认证指令和握手认证数据的握手认证信息, 其中, 所述握手认证 数据包括加密前的明文和加密后的密文。  Step 202: If the version files of all the firmware versions are valid, the upgrade tool sends the handshake authentication command and the handshake authentication information of the handshake authentication data to the mobile terminal, where the handshake authentication data includes the plaintext before encryption and the encrypted Cipher text.

步骤 203 : 移动终端收到握手认证指令后, 釆用自身存储的握手密钥对 所述密文数据解密, 并校验解密得到的数据与接收到的明文数据是否一致。 若一致, 则将内部的握手成功标志置为真, 并反馈握手成功的信息给升级工 具。  Step 203: After receiving the handshake authentication command, the mobile terminal decrypts the ciphertext data by using the stored handshake key, and checks whether the decrypted data is consistent with the received plaintext data. If they match, the internal handshake success flag is set to true, and the message of successful handshake is fed back to the upgrade tool.

步骤 204: 升级工具收到握手校验结果后, 检验握手是否成功。 若成功, 则向移动终端发送模式切换信息, 通知移动终端切换到升级模式。  Step 204: After the upgrade tool receives the handshake verification result, it checks whether the handshake is successful. If successful, the mode switching information is sent to the mobile terminal, and the mobile terminal is notified to switch to the upgrade mode.

步骤 205: 移动终端接收到模式切换信息后, 检查握手成功标志位是否 为真。  Step 205: After receiving the mode switching information, the mobile terminal checks whether the handshake success flag is true.

步骤 206: 若为真则切换到升级模式, 并将模式切换成功的信息反馈给 升级工具。  Step 206: If true, switch to the upgrade mode, and feed back the information about the mode switch success to the upgrade tool.

步骤 207: 升级工具接收并检测模式切换信息的反馈信息。 若切换成功, 则下发固件版本的第一个版本文件给移动终端。  Step 207: The upgrade tool receives and detects feedback information of the mode switching information. If the handover is successful, the first version file of the firmware version is delivered to the mobile terminal.

步骤 208: 移动终端接收该版本文件, 暂存在备用存储区, 并对版本文 件的数字签名进行校验。 若合法, 则向升级工具反馈版本文件接收成功的消 息。 Step 208: The mobile terminal receives the version file, temporarily stores the spare storage area, and verifies the digital signature of the version file. If it is legal, it will send feedback to the upgrade tool that the version file is successfully received. Interest.

步骤 209: 逐一下发固件版本中的各个版本文件, 直至全部下发完毕后, 升级工具通知移动终端所有版本文件下发完成, 要求移动终端替换旧版本。  Step 209: The version files in the firmware version are sent one by one, and after all the delivery is completed, the upgrade tool notifies the mobile terminal that all the version files are delivered, and the mobile terminal is required to replace the old version.

步骤 210: 移动终端用存储在备用存储区中的固件版本替换当前版本, 并向升级工具反馈版本替换结果。  Step 210: The mobile terminal replaces the current version with the firmware version stored in the spare storage area, and feeds back the version replacement result to the upgrade tool.

步骤 211 : 升级工具检查版本替换信息, 若替换成功, 则通知移动终端 退出升级模式并重启。  Step 211: The upgrade tool checks the version replacement information. If the replacement is successful, the mobile terminal is notified to exit the upgrade mode and restart.

步骤 212: 移动终端釆用新固件版本重启, 重启过程中, 依次检测各个 版本文件的数字签名是否合法。 若均合法, 则正常启动, 升级过程完成。  Step 212: The mobile terminal restarts with the new firmware version. During the restart process, it is detected whether the digital signature of each version file is legal. If it is legal, it will start normally and the upgrade process is completed.

步骤 213: 若移动终端重启过程中, 检测到版本文件异常, 则提示用户, 并自动进入升级模式。 直到终端被升级到合法固件版本。  Step 213: If the version file is abnormal during the restart of the mobile terminal, the user is prompted, and the upgrade mode is automatically entered. Until the terminal is upgraded to the legal firmware version.

在上述过程中, 有关防止非法固件升级的步骤说明如下:  In the above process, the steps to prevent illegal firmware upgrades are as follows:

1、步骤 201中,升级工具会对固件版本的各版本文件的合法性进行校验, 校验失败则中止升级过程, 从而防止对未经签名的非法固件升级。  1. In step 201, the upgrade tool verifies the legality of each version file of the firmware version, and if the verification fails, the upgrade process is aborted, thereby preventing unsigned illegal firmware upgrade.

2、 步骤 202 - 205中, 升级工具会与移动终端进行握手, 从而防止未经 认证的非法升级工具对移动终端进行升级。  2. In steps 202-205, the upgrade tool will handshake with the mobile terminal to prevent the unauthenticated illegal upgrade tool from upgrading the mobile terminal.

3、 步骤 208中, 移动终端会对接收到的版本文件进行合法性校验, 从而 确保接收的版本文件是合法的。  3. In step 208, the mobile terminal checks the validity of the received version file to ensure that the received version file is legal.

4. 步骤 213中, 当升级完成后移动终端第一次重启时, 会利用固化在移 动终端 ROM中的签名校验模块对加载的每一个版本文件进行数字签名校验, 若不成功则自动切入升级模式, 等待握手认证, 直到升级到合法版本。  4. In step 213, when the mobile terminal is restarted for the first time after the upgrade is completed, the signature verification module that is solidified in the ROM of the mobile terminal is used to perform digital signature verification on each version file loaded, and if not successful, the mobile terminal automatically enters. Upgrade mode, waiting for handshake authentication, until upgrading to a legal version.

本发明实施例还提供了一种防止移动终端升级到非法固件版本的系统, 包括移动终端和运行于主控设备(如 PC )上的升级工具, 通过移动终端和升 级工具的相互验证, 以及两者对待升级固件版本的每个版本文件的验证, 实 现了阻止将设备升级到非法固件版本的功能。  The embodiment of the invention further provides a system for preventing a mobile terminal from upgrading to an illegal firmware version, including a mobile terminal and an upgrade tool running on a master control device (such as a PC), mutual authentication by the mobile terminal and the upgrade tool, and two The verification of each version file of the upgraded firmware version implements the function of preventing the device from being upgraded to an illegal firmware version.

所述移动终端, 设置为利用所述握手认证信息, 对所述升级工具进行握 手校验处理, 根据握手校验结果, 接收升级工具下发的待升级固件版本, 并 对所收到的待升级固件版本进行版本合法性校验处理, 根据版本合法性校验 结果, 进行固件版本升级。 图 3是本发明实施例提供的移动终端的组成结构 图, 如图 3所示, 包括: The mobile terminal is configured to perform handshake check processing on the upgrade tool by using the handshake authentication information, and receive the firmware version to be upgraded delivered by the upgrade tool according to the handshake verification result, and the received firmware to be upgraded The firmware version is verified by the version validity check. As a result, the firmware version is upgraded. FIG. 3 is a structural diagram of a mobile terminal according to an embodiment of the present invention. As shown in FIG. 3, the method includes:

握手认证模块, 设置为在收到所述握手认证信息后, 利用预存的握手密 钥对所述握手认证数据中的密文数据进行解密处理, 并将得到明文数据与所 述握手认证数据中的明文数据进行匹配, 以便确定移动终端与升级工具成功 握手;  The handshake authentication module is configured to decrypt the ciphertext data in the handshake authentication data by using the pre-stored handshake key after receiving the handshake authentication information, and obtain the plaintext data and the handshake authentication data. The plaintext data is matched to determine that the mobile terminal successfully handshaking with the upgrade tool;

签名校验模块, 设置为利用预存的签名密钥, 对收到的待升级固件版本 的每个版本文件进行数字签名校验, 若每个版本文件均校验成功, 则确定所 述待升级固件版本是合法固件版本;  The signature verification module is configured to perform digital signature verification on each version file of the firmware version to be upgraded by using the pre-stored signature key. If each version file is successfully verified, the firmware to be upgraded is determined. The version is the legal firmware version;

升级代理模块, 设置为与升级工具进行交互;  Upgrade the agent module, set to interact with the upgrade tool;

其它业务功能模块, 设置为于实现短消息业务和通话业务等其它业务功 能。  Other service function modules are set to implement other service functions such as short message service and call service.

所述升级工具设置为对待升级固件版本进行版本合法性校验处理, 并根 据版本合法性校验结果, 将握手认证信息发送至移动终端。 图 4是本发明实 施例提供的升级工具的组成结构图, 如图 4所示, 包括:  The upgrade tool is configured to perform version legality verification processing on the firmware version to be upgraded, and send handshake authentication information to the mobile terminal according to the verification result of the version validity. 4 is a structural diagram of an upgrade tool provided by an embodiment of the present invention. As shown in FIG. 4, the method includes:

签名校验模块, 设置为利用预存的签名密钥, 对待升级固件版本的每个 版本文件进行数字签名校验, 若所述每个版本文件均校验成功, 则确定所述 待升级固件版本是合法固件版本;  The signature verification module is configured to perform digital signature verification on each version file of the upgrade firmware version by using the pre-stored signature key. If the verification of each version file is successful, it is determined that the firmware version to be upgraded is Legal firmware version;

握手验证模块, 设置为当确定所述待升级固件版本是合法固件版本时, 生成包含握手认证指令和握手认证数据的握手认证信息,并发送至移动终端; 数据传输模块, 设置为将待升级固件版本发送至移动终端;  The handshake verification module is configured to: when determining that the firmware version to be upgraded is a legal firmware version, generate handshake authentication information including a handshake authentication command and handshake authentication data, and send the handshake authentication information to the mobile terminal; and the data transmission module is configured to be to be upgraded firmware The version is sent to the mobile terminal;

指令收发模块,设置为接收来自移动终端的指令或向移动终端发送指令。 主控设备负责提供升级工具的运行环境, 并提供数据通道与移动终端进 行数据交互。 升级工具运行在主控设备上, 负责对固件版本文件进行合法性 校验, 与终端进行握手验证, 将存储在主控设备上的版本文件下发给移动终 端。 移动终端负责与升级工具握手, 接收升级工具下发的版本文件, 对收到 的版本文件进行合法性校验,并将合法的版本文件写入移动终端的存储介质。 固件版本可由多个版本文件组成, 分为合法版本和非法版本。 图 5是本发明 实施例提供的版本文件中的数字签名组成结构图, 合法版本的每个版本文件 都包含终端厂商的数字签名信息, 非法版本不包含。 影响移动终端使用的非法固件版本, 从而有效保障了移动终端的正常工作和 使用, 也保护了用户和运营商利益。 The command transceiver module is configured to receive an instruction from the mobile terminal or send an instruction to the mobile terminal. The master device is responsible for providing the operating environment of the upgrade tool and providing data channels for data interaction with the mobile terminal. The upgrade tool runs on the master device, and is responsible for verifying the validity of the firmware version file, performing handshake authentication with the terminal, and sending the version file stored on the master device to the mobile terminal. The mobile terminal is responsible for shaking hands with the upgrade tool, receiving the version file delivered by the upgrade tool, verifying the validity of the received version file, and writing the legal version file to the storage medium of the mobile terminal. The firmware version can consist of multiple version files, which are divided into legal and illegal versions. Figure 5 is the invention The digital signature in the version file provided by the embodiment constitutes a structural diagram, and each version file of the legal version includes digital signature information of the terminal manufacturer, and the illegal version does not include. Affecting the illegal firmware version used by the mobile terminal, thereby effectively protecting the normal operation and use of the mobile terminal, and protecting the interests of the user and the operator.

本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序 来指令相关硬件完成, 所述程序可以存储于计算机可读存储介质中, 如只读 存储器、 磁盘或光盘等。 可选地, 上述实施例的全部或部分步骤也可以使用 一个或多个集成电路来实现。 相应地, 上述实施例中的各模块 /单元可以釆用 硬件的形式实现, 也可以釆用软件功能模块的形式实现。 本发明不限制于任 何特定形式的硬件和软件的结合。  One of ordinary skill in the art will appreciate that all or a portion of the above steps may be accomplished by a program instructing the associated hardware, such as a read-only memory, a magnetic disk, or an optical disk. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the above embodiment may be implemented in the form of hardware or in the form of a software function module. The invention is not limited to any specific form of combination of hardware and software.

尽管上文对本发明进行了详细说明, 但是本发明不限于此, 本技术领域 技术人员可以根据本发明的原理进行各种修改。 因此, 凡按照本发明原理所 作的修改, 都应当理解为落入本发明的保护范围。  Although the invention has been described in detail above, the invention is not limited thereto, and various modifications may be made by those skilled in the art in accordance with the principles of the invention. Therefore, modifications in accordance with the principles of the invention should be understood as falling within the scope of the invention.

工业实用性 Industrial applicability

本发明实施例能够防止将移动终端升级到非法固件版本, 提高了移动终 端升级过程的安全性, 有效保证了终端用户及运营商的利益不受非法固件的 侵害。  The embodiment of the invention can prevent the mobile terminal from being upgraded to the illegal firmware version, improve the security of the mobile terminal upgrade process, and effectively ensure that the interests of the terminal user and the operator are not infringed by the illegal firmware.

Claims

权 利 要 求 书 Claim 1、 一种固件版本升级的方法, 包括:  1. A method for upgrading a firmware version, including: 升级工具对待升级固件版本进行版本合法性校验处理, 并根据版本合法 性校验结果, 将握手认证信息发送至移动终端;  The upgrade tool performs the version validity check processing on the upgraded firmware version, and sends the handshake authentication information to the mobile terminal according to the version validity check result. 所述移动终端利用所述握手认证信息, 对所述升级工具进行握手校验处 理, 当握手校验成功时, 接收所述升级工具下发的待升级固件版本;  The mobile terminal performs the handshake verification process on the upgrade tool by using the handshake authentication information, and receives the firmware version to be upgraded delivered by the upgrade tool when the handshake verification is successful. 所述移动终端对收到的所述待升级固件版本进行版本合法性校验处理, 当版本合法性校验结果为合法固件版本时, 进行固件版本升级。  The mobile terminal performs version legality verification processing on the received firmware version to be upgraded, and performs firmware version upgrade when the version legality verification result is a legal firmware version. 2、 根据权利要求 1所述的方法, 其中, 所述待升级固件版本的每个版本 文件均具有数字签名, 所述升级工具对待升级固件版本进行版本合法性校验 处理的步骤包括: 升级工具利用预存的签名密钥, 对每个版本文件的数字签 名进行校验, 若所述待升级固件版本的每个版本文件均校验成功, 则确定所 述待升级固件版本是合法固件版本。  2. The method according to claim 1, wherein each version file of the firmware version to be upgraded has a digital signature, and the step of the upgrade tool performing a version legality verification process on the upgrade firmware version includes: an upgrade tool The digital signature of each version file is verified by using the pre-stored signature key. If each version file of the firmware version to be upgraded is successfully verified, it is determined that the firmware version to be upgraded is a legal firmware version. 3、 根据权利要求 2所述的方法, 其中, 所述升级工具根据版本合法性校 验结果, 将握手认证信息发送至移动终端的步骤包括: 当所述升级工具确定 所述待升级固件版本是合法固件版本时, 生成包含握手认证指令和握手认证 数据的握手认证信息, 并发送至所述移动终端。  The method of claim 2, wherein the upgrading tool sends the handshake authentication information to the mobile terminal according to the version validity check result: when the upgrade tool determines that the firmware version to be upgraded is When the legal firmware version is generated, handshake authentication information including a handshake authentication command and handshake authentication data is generated and sent to the mobile terminal. 4、 根据权利要求 3所述的方法, 其中, 所述移动终端利用所述握手认证 信息, 对所述升级工具进行握手校验处理的步骤包括: 所述移动终端收到所 述握手认证信息后, 利用其预存的握手密钥对所述握手认证数据中的密文数 据进行解密处理, 并将解密得到的明文数据与所述握手认证数据中的明文数  The method according to claim 3, wherein the step of performing handshake check processing on the upgrade tool by using the handshake authentication information by the mobile terminal comprises: after the mobile terminal receives the handshake authentication information, Decrypting the ciphertext data in the handshake authentication data by using the pre-stored handshake key, and decrypting the decrypted plaintext data and the plaintext number in the handshake authentication data 5、 根据权利要求 4所述的方法, 还包括: 5. The method of claim 4, further comprising: 所述移动终端确定其与升级工具握手成功后, 才艮据来自升级工具的模式 切换信息切换到升级模式, 以便接收升级工具下发的固件版本。  After the mobile terminal determines that the handshake with the upgrade tool is successful, the mobile terminal switches to the upgrade mode according to the mode switching information from the upgrade tool, so as to receive the firmware version delivered by the upgrade tool. 6、 根据权利要求 5所述的方法, 其中, 所述移动终端对收到的所述待升 级固件版本进行版本合法性校验处理的步骤包括: 所述移动终端利用其预存 的签名密钥, 对收到的待升级固件版本的每个版本文件进行数字签名校验, 若每个版本文件均校验成功, 则确定所述待升级固件版本是合法固件版本。 The method according to claim 5, wherein the step of the mobile terminal performing a version legality verification process on the received firmware version to be upgraded comprises: using the pre-stored signature key by the mobile terminal, Perform digital signature verification on each version of the received firmware version to be upgraded. If the verification of each version file is successful, it is determined that the firmware version to be upgraded is a legal firmware version. 7、 根据权利要求 1-6任意一项所述的方法, 还包括: 7. The method of any of claims 1-6, further comprising: 所述移动终端使用所述待升级固件版本替换当前固件版本, 并在利用所 述待升级固件版本重启期间, 对所述待升级固件版本进行版本合法性校验处 理。  The mobile terminal replaces the current firmware version with the firmware version to be upgraded, and performs version legality verification processing on the firmware version to be upgraded during the restart using the firmware version to be upgraded. 8、 一种固件版本升级系统, 包括升级工具和移动终端, 其中: 所述升级工具设置为: 对待升级固件版本进行版本合法性校验处理, 并 根据版本合法性校验结果, 将握手认证信息发送至所述移动终端;  8. A firmware version upgrade system, including an upgrade tool and a mobile terminal, wherein: the upgrade tool is configured to: perform a version legality verification process on the firmware version to be upgraded, and perform handshake authentication information according to the version validity check result. Sent to the mobile terminal; 所述移动终端设置为: 利用所述握手认证信息, 对所述升级工具进行握 手校验处理, 当握手校验成功时, 接收升级工具下发的待升级固件版本, 并 对所收到的待升级固件版本进行版本合法性校验处理, 当版本合法性校验结 果为合法固件版本时, 进行固件版本升级。  The mobile terminal is configured to: perform handshake check processing on the upgrade tool by using the handshake authentication information, and receive the firmware version to be upgraded delivered by the upgrade tool when the handshake verification is successful, and the received firmware is received. Upgrade the firmware version for version legality verification. When the version validity check result is the legal firmware version, upgrade the firmware version. 9、 根据权利要求 8所述的系统, 其中, 所述升级工具包括:  9. The system according to claim 8, wherein the upgrade tool comprises: 签名校验模块, 其设置为: 利用预存的签名密钥, 对待升级固件版本的 每个版本文件进行数字签名校验, 若所述每个版本文件均校验成功, 则确定 所述待升级固件版本是合法固件版本;  a signature verification module, configured to: perform digital signature verification on each version file of the firmware version to be upgraded by using a pre-stored signature key, and if the verification of each version file is successful, determine the firmware to be upgraded. The version is the legal firmware version; 握手验证模块, 其设置为: 当确定所述待升级固件版本是合法固件版本 时, 生成包含握手认证指令和握手认证数据的握手认证信息, 并发送至移动 终端。  The handshake verification module is configured to: when it is determined that the firmware version to be upgraded is a legal firmware version, generate handshake authentication information including a handshake authentication command and handshake authentication data, and send the handshake authentication information to the mobile terminal. 10、 根据权利要求 9所述的系统, 其中, 所述移动终端包括:  The system of claim 9, wherein the mobile terminal comprises: 握手认证模块, 其设置为: 在收到所述握手认证信息后, 利用预存的握 手密钥对所述握手认证数据中的密文数据进行解密处理, 并将解密得到的明 文数据与所述握手认证数据中的明文数据进行匹配, 以便确定移动终端与升 级工具是否成功握手; 以及  The handshake authentication module is configured to: after receiving the handshake authentication information, decrypt the ciphertext data in the handshake authentication data by using a pre-stored handshake key, and decrypt the decrypted plaintext data with the handshake Matching the plaintext data in the authentication data to determine whether the mobile terminal successfully upgrades with the upgrade tool; 签名校验模块, 其设置为: 利用预存的签名密钥, 对收到的待升级固件 版本的每个版本文件进行数字签名校验, 若每个版本文件均校验成功, 则确 定所述待升级固件版本是合法固件版本。  a signature verification module, configured to: perform digital signature verification on each version file of the firmware version to be upgraded by using a pre-stored signature key, and if each version file is verified successfully, determine the to-be-determined The upgrade firmware version is the legal firmware version. 11、 一种移动终端, 包括: 握手认证模块, 其设置为: 利用升级工具发送的握手认证信息, 对所述 升级工具进行握手校验处理, 当握手校验成功时, 接收所述升级工具下发的 待升级固件版本, 其中, 所述握手认证信息包括待升级版本的合法性校验结 果; 11. A mobile terminal, comprising: The handshake authentication module is configured to: perform handshake verification processing on the upgrade tool by using the handshake authentication information sent by the upgrade tool, and receive the firmware version to be upgraded delivered by the upgrade tool when the handshake verification is successful, where The handshake authentication information includes a validity check result of the version to be upgraded; 签名校验模块, 其设置为: 对收到的所述待升级固件版本进行版本合法 性校验处理, 当版本合法性校验结果为合法固件版本时, 进行固件版本升级; 以及  The signature verification module is configured to: perform version verification processing on the received firmware version to be upgraded, and perform firmware version upgrade when the version validity check result is a legal firmware version; 升级代理模块, 设置为与升级工具进行交互。  Upgrade the agent module, set to interact with the upgrade tool. 12、 如权利要求 11所述的移动终端, 其中,  12. The mobile terminal of claim 11, wherein 所述握手认证模块是设置为: 在收到所述握手认证信息后, 利用预存的 握手密钥对所述握手认证数据中的密文数据进行解密处理, 并将解密得到的 明文数据与所述握手认证数据中的明文数据进行匹配, 以便确定移动终端与 升级工具是否成功握手。  The handshake authentication module is configured to: after receiving the handshake authentication information, decrypt the ciphertext data in the handshake authentication data by using a pre-stored handshake key, and decrypt the decrypted plaintext data with the The plaintext data in the handshake authentication data is matched to determine whether the mobile terminal and the upgrade tool successfully handshake. 13、 如权利要求 11所述的移动终端, 其中,  13. The mobile terminal of claim 11, wherein 所述签名校验模块是设置为: 利用预存的签名密钥, 对收到的待升级固 件版本的每个版本文件进行数字签名校验, 若每个版本文件均校验成功, 则 确定所述待升级固件版本是合法固件版本。  The signature verification module is configured to: perform digital signature verification on each version file of the received firmware version to be upgraded by using a pre-stored signature key, and if each version file is successfully verified, determine the The firmware version to be upgraded is the legal firmware version.
PCT/CN2013/079784 2012-12-10 2013-07-22 Firmware version upgrade method and system Ceased WO2013182155A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210527778.9A CN102981881B (en) 2012-12-10 2012-12-10 A kind of method and system for preventing updating mobile terminal to illegal firmware version
CN201210527778.9 2012-12-10

Publications (1)

Publication Number Publication Date
WO2013182155A1 true WO2013182155A1 (en) 2013-12-12

Family

ID=47855943

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2013/079784 Ceased WO2013182155A1 (en) 2012-12-10 2013-07-22 Firmware version upgrade method and system

Country Status (2)

Country Link
CN (1) CN102981881B (en)
WO (1) WO2013182155A1 (en)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102981881B (en) * 2012-12-10 2018-03-27 中兴通讯股份有限公司 A kind of method and system for preventing updating mobile terminal to illegal firmware version
CN103677911A (en) * 2013-12-06 2014-03-26 上海寰创通信科技股份有限公司 Mobile network equipment firmware upgrading system and method
CN105024843A (en) * 2014-04-29 2015-11-04 国基电子(上海)有限公司 Cable modem, server and method for upgrading firmware
CN104007995B (en) * 2014-06-13 2018-02-23 浪潮电子信息产业股份有限公司 A kind of method write with a brush dipped in Chinese ink network chip and do not verify FW
CN104811484B (en) * 2015-04-09 2019-06-21 努比亚技术有限公司 FOTA upgrade method and device
CN105068824B (en) * 2015-07-16 2018-08-28 福建联迪商用设备有限公司 A kind of method and system dividing terminal development pattern and product pattern
CN105354055B (en) * 2015-10-22 2019-02-26 宁波三星医疗电气股份有限公司 A kind of upgrade method for electric power acquisition terminal
CN106203071A (en) * 2016-06-30 2016-12-07 浪潮(北京)电子信息产业有限公司 A kind of firmware upgrade method and device
CN106250726A (en) * 2016-08-10 2016-12-21 深圳金澜汉源科技有限公司 Software version state management-control method
CN106506163B (en) * 2016-10-21 2019-11-15 北京小米移动软件有限公司 ROM package processing method and device
CN106789012B (en) * 2016-12-21 2020-04-24 珠海市魅族科技有限公司 Method and device for burning firmware in production line
CN106919423B (en) * 2017-02-22 2021-03-23 新华三技术有限公司 Firmware upgrading method and device
CN107277271A (en) * 2017-07-20 2017-10-20 青岛海信移动通信技术股份有限公司 Upgrade method and device based on customization software version in mobile terminal
CN107634859B (en) * 2017-09-30 2021-07-02 飞天诚信科技股份有限公司 A firmware upgrade method and device
CN107729198B (en) * 2017-10-18 2020-04-21 深圳合纵富科技有限公司 Android system firmware verification method and device
CN108124491B (en) * 2017-12-28 2022-11-11 深圳市元征软件开发有限公司 Diagnostic joint upgrading verification method and device of diagnostic equipment and diagnostic joint
CN110532735B (en) * 2018-05-23 2023-04-18 霍尼韦尔环境自控产品(天津)有限公司 Firmware upgrading method
CN110874231A (en) * 2018-09-04 2020-03-10 中兴通讯股份有限公司 Method, device and storage medium for updating terminal version
CN111083001B (en) * 2018-10-18 2021-09-21 杭州海康威视数字技术股份有限公司 Firmware abnormity detection method and device
CN109508535B (en) * 2018-10-30 2021-07-13 百富计算机技术(深圳)有限公司 Firmware security authentication method, device and payment terminal
CN109697081B (en) * 2018-12-19 2021-04-13 广州小鹏汽车科技有限公司 Firmware safety upgrading method and device, vehicle-mounted system and vehicle
CN113238790B (en) * 2021-05-28 2023-08-29 成都新易盛通信技术股份有限公司 Method and system for updating firmware program based on SD card and EEPROM
CN116541046B (en) * 2023-07-05 2023-12-12 广州疆海科技有限公司 Energy storage system upgrading method and device, computer equipment and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101043680A (en) * 2007-03-13 2007-09-26 中兴通讯股份有限公司 Method of application program for prevention illegal update mobile terminal
CN101257381A (en) * 2008-03-25 2008-09-03 中兴通讯股份有限公司 Software protecting method of terminal equipment as well as terminal equipment with software protecting function
CN101436141A (en) * 2008-11-21 2009-05-20 深圳创维数字技术股份有限公司 Firmware upgrading and encapsulating method and device based on digital signing
CN102354360A (en) * 2011-08-18 2012-02-15 中兴通讯股份有限公司 Device, terminal and method for preventing illegal updating of terminal
CN102981881A (en) * 2012-12-10 2013-03-20 中兴通讯股份有限公司 Method and system for preventing mobile terminal from being updated to illegal firmware version

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7065560B2 (en) * 2002-03-12 2006-06-20 Hewlett-Packard Development Company, L.P. Verification of computer program versions based on a selected recipe from a recipe table

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101043680A (en) * 2007-03-13 2007-09-26 中兴通讯股份有限公司 Method of application program for prevention illegal update mobile terminal
CN101257381A (en) * 2008-03-25 2008-09-03 中兴通讯股份有限公司 Software protecting method of terminal equipment as well as terminal equipment with software protecting function
CN101436141A (en) * 2008-11-21 2009-05-20 深圳创维数字技术股份有限公司 Firmware upgrading and encapsulating method and device based on digital signing
CN102354360A (en) * 2011-08-18 2012-02-15 中兴通讯股份有限公司 Device, terminal and method for preventing illegal updating of terminal
CN102981881A (en) * 2012-12-10 2013-03-20 中兴通讯股份有限公司 Method and system for preventing mobile terminal from being updated to illegal firmware version

Also Published As

Publication number Publication date
CN102981881A (en) 2013-03-20
CN102981881B (en) 2018-03-27

Similar Documents

Publication Publication Date Title
WO2013182155A1 (en) Firmware version upgrade method and system
TWI454935B (en) Safely start and configure a subsystem from a non-local storage
EP2549678B1 (en) Method and apparatus for protecting software of mobile terminal
US9281949B2 (en) Device using secure processing zone to establish trust for digital rights management
US7596812B2 (en) System and method for protected data transfer
CN102165457A (en) Ticket authorized secure installation and boot
CN101194229B (en) Updating of data instructions
JP4226556B2 (en) Program execution control device, OS, client terminal, server, program execution control system, program execution control method, program execution control program
WO2013185724A2 (en) Mobile terminal and software upgrade method thereof
CN111797038B (en) Burning control method, system, device, equipment and computer readable storage medium
CN103338450A (en) Verification method and equipment
CN108055585A (en) Data processing method, set top box upgrading method, terminal and set-top box
KR101642267B1 (en) System for preventing forgery of application and method therefor
CN112805702B (en) Counterfeit APP identification method and device
US20110154436A1 (en) Provider Management Methods and Systems for a Portable Device Running Android Platform
JP2018530271A (en) How to manage applications
CN105975624B (en) A kind of data transmission method, equipment and system
CN105279425B (en) The processing method and relevant apparatus of a kind of application program
CN101782950B (en) Communication control system and method between mainboard and on-board equipment
KR101653732B1 (en) USB device driver activation method for authorized user at embedded terminal device and an embedded terminal for the same method
CN119718352A (en) Firmware security deployment method, device, equipment, medium and program product
CN118445835A (en) Parameter tuning method, device and electronic equipment
CN115577371A (en) Firmware processing method, device and platform
HK1163289A (en) Booting and configuring a subsystem securely from non-local storage

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13800329

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13800329

Country of ref document: EP

Kind code of ref document: A1