[go: up one dir, main page]

CN101923875A - Method for controlling Java security of Blu-ray disc, audio-visual playing device and control circuit - Google Patents

Method for controlling Java security of Blu-ray disc, audio-visual playing device and control circuit Download PDF

Info

Publication number
CN101923875A
CN101923875A CN 200910147898 CN200910147898A CN101923875A CN 101923875 A CN101923875 A CN 101923875A CN 200910147898 CN200910147898 CN 200910147898 CN 200910147898 A CN200910147898 A CN 200910147898A CN 101923875 A CN101923875 A CN 101923875A
Authority
CN
China
Prior art keywords
file
signature
java
controller
files
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 200910147898
Other languages
Chinese (zh)
Other versions
CN101923875B (en
Inventor
陈川
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
MediaTek Singapore Pte Ltd
Original Assignee
MediaTek Singapore Pte Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by MediaTek Singapore Pte Ltd filed Critical MediaTek Singapore Pte Ltd
Priority to CN 200910147898 priority Critical patent/CN101923875B/en
Publication of CN101923875A publication Critical patent/CN101923875A/en
Application granted granted Critical
Publication of CN101923875B publication Critical patent/CN101923875B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Signal Processing For Digital Recording And Reproducing (AREA)

Abstract

本发明涉及控制蓝光光盘Java安全的方法、影音播放装置及控制电路。一种用来控制蓝光光盘Java安全的方法,包含有:通过利用至少一签名文件来验证Java档案清单文件;以及在通过利用该至少一签名文件来验证Java档案清单文件的运作完成之后,通过利用对应于至少一签名文件的至少一签名块文件来验证至少一签名文件。上述控制蓝光光盘Java安全的方法、影音播放装置及控制电路,可有效地控制蓝光光盘Java安全。

The invention relates to a method for controlling Java security of a Blu-ray disc, an audio-visual playing device and a control circuit. A method for controlling Java security of a Blu-ray disc, comprising: verifying a Java archive manifest file by utilizing at least one signature file; At least one signature file is verified corresponding to at least one signature block file of the at least one signature file. The above-mentioned method for controlling the Java security of the Blu-ray disc, the audio-visual playing device and the control circuit can effectively control the Java security of the Blu-ray disc.

Description

控制蓝光光盘Java安全的方法、影音播放装置及控制电路 Method for controlling Java security of Blu-ray disc, audio-visual playing device and control circuit

技术领域technical field

本发明是有关于蓝光光盘(Blu-ray Disc,BD),且特别是关于一种用来控制蓝光光盘Java(BD-Java,BD-J)安全的方法以及相关的影音播放装置及其控制电路。The present invention is related to Blu-ray Disc (Blu-ray Disc, BD), and in particular to a method for controlling the security of Blu-ray Disc Java (BD-Java, BD-J), related audio-visual playback device and its control circuit .

背景技术Background technique

蓝光光盘Java(即“蓝光光盘Java程序语言”),可视为针对蓝光光盘的一种支持高级内容的平台。为了便于全面的了解,关于蓝光光盘Java的背景首先说明如下。Blu-ray Disc Java (ie "Blu-ray Disc Java programming language") can be regarded as a platform supporting advanced content for Blu-ray Discs. In order to facilitate a comprehensive understanding, the background of Java on Blu-ray discs is first explained as follows.

蓝光光盘Java是基于全球可执行多媒体家庭平台(Globally Executable Multimedia Home Platform,Globally Executable MHP,GEM)的一种概念而设计的。上述全球可执行多媒体家庭平台几乎成为大多数全球数字电视应用标准的基础,这些标准例如:多媒体家庭平台(Multimedia Home Platform,MHP)、用于北美有线电视的开放缆线应用平台(OpenCableTM Application Platform,OCAPTM)、以及用于美国广播的高级通用应用平台(Advanced Common Application Platform,ACAP)。大体上,基于全球可执行多媒体家庭平台的标准均建立在太阳计算机系统公司(Sun Microsystems)的Java程序语言技术上,因此在这些标准之间可以达到高度的内容互用性(Interoperability)。例如:蓝光光盘内容特征被用于随选视频是可行的;又例如:某些类型的交互式电视内容被重新封装以便用于蓝光光盘也是可行的。Blu-ray disc Java is designed based on a concept of Globally Executable Multimedia Home Platform (Globally Executable Multimedia Home Platform, Globally Executable MHP, GEM). The global executable multimedia home platform described above has almost become the basis of most global digital TV application standards, such as: multimedia home platform (Multimedia Home Platform, MHP), open cable application platform (OpenCableTM Application Platform, OCAPTM), and the Advanced Common Application Platform (ACAP) for US broadcasting. In general, the standards based on the global executable multimedia home platform are all based on the Java programming language technology of Sun Microsystems, so a high degree of content interoperability (Interoperability) can be achieved between these standards. For example: it is feasible that Blu-ray Disc content features are used for video on demand; and for example, it is also feasible that certain types of interactive television content are repackaged for use on Blu-ray Disc.

由于涉及上述内容互用性,安全机制就显得相当重要。蓝光光盘Java的安全机制是基于Java程序语言平台的安全机制模型而设计的。依据蓝光光盘Java的安全机制,在Java归档(JavaArchive,JAR)档案中,被签署过的应用程序比未被签署过的应用程序能进行更多的工作;例如:对局部储存装置的读取/写入等存取(access)动作、网络存取、对蓝光光盘只读存储器型(BD Read-Only Memory,BD-ROM)的光盘片上的某些标题的选择、以及对其它执行中的蓝光光盘应用程序的控制。Because of the interoperability of the above-mentioned content, the security mechanism is very important. The security mechanism of Blu-ray Disc Java is designed based on the security mechanism model of the Java programming language platform. According to the security mechanism of Java on the Blu-ray Disc, in the Java archive (JavaArchive, JAR) file, the signed application can perform more work than the unsigned application; for example: read/write to the local storage device Access actions such as writing, network access, selection of certain titles on a Blu-ray Disc read-only memory (BD Read-Only Memory, BD-ROM) disc, and other Blu-ray Discs being executed Application control.

由于Java虚拟机(Java Virtual Machine,JVM)为了满足广泛应用的标准所局限的现有格式,现有技术对于蓝光光盘Java安全的效能控制过于松散,以致在某些状况下的处理效能下降。因此,针对蓝光光盘Java安全的控制需要一个新颖而且有效率的方法。Due to the existing format limited by the Java Virtual Machine (JVM) in order to meet the widely used standards, the prior art controls the Java security performance of the Blu-ray Disc too loosely, so that the processing performance is reduced in some cases. Therefore, a novel and efficient approach is needed for the control of Java security on Blu-ray discs.

发明内容Contents of the invention

为解决上述对于蓝光光盘Java安全的效能控制过于松散,以致在某些状况下的处理效能下降的问题,本发明提供一种用于控制蓝光光盘Java安全的方法、影音播放装置及控制电路,可有效地控制蓝光光盘Java安全。In order to solve the above-mentioned problem that the performance control of Java security of Blu-ray discs is too loose, so that the processing performance drops under certain conditions, the present invention provides a method for controlling Java security of Blu-ray discs, an audio-visual playback device and a control circuit, which can Effectively control Java security on Blu-ray discs.

一种用来控制蓝光光盘Java安全的方法,包含有:通过利用至少一签名文件来验证Java档案清单文件;以及在通过利用至少一签名文件来验证Java档案清单文件的运作完成之后,通过利用对应于至少一签名文件的至少一签名块文件来验证至少一签名文件。A method for controlling Java security of a Blu-ray disc, comprising: verifying a Java archive manifest file by utilizing at least one signature file; At least one signature file is verified on at least one signature block file of the at least one signature file.

一种影音播放装置,包含有储存模块或便携式储存媒体加载模块,以及控制器。便携式储存媒体加载模块用来加载便携式储存媒体。控制器用来针对储存模块或便携式储存媒体来控制蓝光光盘Java安全,其中控制器通过利用至少一签名文件来验证一Java档案清单文件,以及在通过利用至少一签名文件来验证Java档案清单文件的运作完成之后,控制器通过利用对应于至少一签名文件的至少一签名块文件来验证至少一签名文件。An audio-visual playing device includes a storage module or a portable storage medium loading module, and a controller. The portable storage medium loading module is used for loading portable storage medium. The controller is used to control the Java security of the Blu-ray Disc for the storage module or the portable storage medium, wherein the controller verifies a Java file manifest file by using at least one signature file, and verifies the operation of the Java file manifest file by using at least one signature file After completion, the controller verifies the at least one signature file by utilizing at least one signature block file corresponding to the at least one signature file.

一种控制电路,用于影音播放装置。控制电路包含有控制器以及程序代码。程序代码内建于控制器中或读取自控制器之外,用来供控制器执行以控制蓝光光盘Java安全;其中执行程序代码的控制器通过利用至少一签名文件来验证Java档案清单文件,以及在通过利用至少一签名文件来验证Java档案清单文件的运作完成之后,控制器通过利用对应于至少一签名文件的至少一签名块文件来验证至少一签名文件。A control circuit is used in an audio-visual playing device. The control circuit includes a controller and program code. The program code is built in the controller or read from outside the controller, and is used for the controller to execute to control the Java security of the Blu-ray disc; wherein the controller executing the program code verifies the Java archive manifest file by using at least one signature file, And after the operation of verifying the Java archive manifest file by using the at least one signature file is completed, the controller verifies the at least one signature file by using at least one signature block file corresponding to the at least one signature file.

上述用于控制蓝光光盘Java安全的方法、影音播放装置及控制电路通过利用至少一签名文件来验证Java档案清单文件,以及在通过利用至少一签名文件来验证Java档案清单文件的运作完成之后,通过利用对应于至少一签名文件的至少一签名块文件来验证至少一签名文件,从而有效地控制蓝光光盘Java安全。The above-mentioned method for controlling the Java security of a Blu-ray disc, the audio-visual playing device and the control circuit verify the Java file list file by using at least one signature file, and after the operation of verifying the Java file list file by using at least one signature file, pass The at least one signature file is verified by using at least one signature block file corresponding to the at least one signature file, thereby effectively controlling the Java security of the Blu-ray disc.

附图说明Description of drawings

图1为依据本发明第一实施方式的影音播放装置的示意图。FIG. 1 is a schematic diagram of an audio-video player according to a first embodiment of the present invention.

图2为依据本发明一实施方式的一种用来控制蓝光光盘Java安全的方法的流程图。FIG. 2 is a flowchart of a method for controlling Java security of a Blu-ray disc according to an embodiment of the present invention.

图3为图2所示的方法中所涉及的校验链的示意图。FIG. 3 is a schematic diagram of a verification chain involved in the method shown in FIG. 2 .

图4为依据本发明第二实施方式的影音播放装置的示意图。FIG. 4 is a schematic diagram of an audio-video player according to a second embodiment of the present invention.

具体实施方式Detailed ways

请参考图1,图1为依据本发明第一实施方式的影音播放装置100的示意图,其中本实施方式的影音播放装置100可用来作为蓝光光盘(Blu-ray Disc,BD)播放器。影音播放装置100包含有:储存模块110、便携式储存媒体加载模块120、控制器130、以及存储器140。便携式储存媒体加载模块120用来加载便携式储存媒体。存储器140例为非易失性存储器。Please refer to FIG. 1. FIG. 1 is a schematic diagram of an audio-visual playback device 100 according to a first embodiment of the present invention, wherein the audio-visual playback device 100 of this embodiment can be used as a Blu-ray Disc (Blu-ray Disc, BD) player. The audio-video playback device 100 includes: a storage module 110 , a portable storage medium loading module 120 , a controller 130 , and a memory 140 . The portable storage medium loading module 120 is used for loading the portable storage medium. The memory 140 is, for example, a nonvolatile memory.

在本实施方式中,储存模块110可实施成硬盘驱动器(Hard Disk Drive,HDD),而便携式储存媒体加载模块120可实施成蓝光光盘加载模块,用来加载蓝光光盘。然而,这只是为了说明的目的而已,并非对本发明的限制。依据本实施方式的一变化实施方式,便携式储存媒体加载模块120可实施成卡片阅读器模块,用来加载至少一存储卡(例如:安全数字卡(Security Digital Card))。此类变化并非对本发明的限制。In this embodiment, the storage module 110 can be implemented as a hard disk drive (Hard Disk Drive, HDD), and the portable storage medium loading module 120 can be implemented as a Blu-ray disc loading module for loading Blu-ray discs. However, this is for the purpose of illustration only and not limitation of the present invention. According to a variation of this embodiment, the portable storage medium loading module 120 can be implemented as a card reader module for loading at least one memory card (such as a Security Digital Card). Such changes are not limitations of the invention.

依据本实施方式,控制器130为微控制单元(Micro Control Unit,MCU),其执行一个读取自存储器140的程序代码140C。然而,这只是为了说明的目的而已,并非对本发明的限制。依据本实施方式的一变化实施方式,控制器130为一个硬件控制器,其中程序代码140C内建于硬件控制器中。也就是说,一程序代码例如上述的程序代码140C是否储存于存储器,可依据本实施方式的不同的变化实施方式而有所变化;此类变化并非对本发明的限制。例如:在本实施方式的另一变化实施方式中,影音播放装置100可为便携式影音播放装置,而处理电路(例如便携式储存媒体加载模块120)可实施成执行程序代码的微处理单元(Micro Processing Unit,MPU),其中程序代码例如软件码,可预先储存在便携式影音播放装置中或下载自服务器(Server)或因特网(Internet)。According to this embodiment, the controller 130 is a Micro Control Unit (MCU), which executes a program code 140C read from the memory 140 . However, this is for the purpose of illustration only and not limitation of the present invention. According to a variation of this embodiment, the controller 130 is a hardware controller, wherein the program code 140C is built in the hardware controller. That is to say, whether a program code such as the above-mentioned program code 140C is stored in the memory may vary according to different variant implementations of the present embodiment; such changes are not limitations of the present invention. For example: in another variant implementation of this embodiment, the audio-visual playback device 100 can be a portable audio-visual playback device, and the processing circuit (such as the portable storage medium loading module 120) can be implemented as a micro processing unit (Micro Processing Unit, MPU), where program codes such as software codes can be pre-stored in the portable video player or downloaded from a server (Server) or the Internet (Internet).

本实施方式的控制器130可控制储存模块110以及便携式储存媒体加载模块120的储存/读取数据等运作,并可进行解码,以达成影音重现装置应有的基本运作。然而,这只是为了说明的目的而已,并非对本发明的限制。依据本实施方式的一变化实施方式,显示模块以及数字调谐器可以被整合进影音播放装置100,如此可形成多功能数字电视;此类变化也非对本发明的限制。The controller 130 of this embodiment can control the operation of the storage module 110 and the portable storage medium loading module 120 to store/read data, and can perform decoding to achieve the basic operation of the video and audio reproduction device. However, this is for the purpose of illustration only and not limitation of the present invention. According to a variation of this embodiment, the display module and the digital tuner can be integrated into the audio-visual playback device 100, thus forming a multifunctional digital TV; such variation is not a limitation of the present invention.

请注意,是否需要设置视频处理模块来进行解码及影像处理等运作,可依据本实施方式的不同的变化实施方式而有所变化;此类变化并非对本发明的限制。另外,是否需要设置屏幕显示(On Screen Display,OSD)处理电路来处理预计予以显示的解码视频内容,也可依据本实施方式的不同的变化实施方式而有所变化;此类变化并非对本发明的限制。Please note that whether a video processing module is required to perform operations such as decoding and image processing may vary according to different variations of this embodiment; such variations are not limitations of the present invention. In addition, whether it is necessary to set an On Screen Display (OSD) processing circuit to process the decoded video content that is expected to be displayed can also be changed according to different implementation modes of this embodiment; such changes are not a limitation of the present invention limit.

本实施方式的控制器130除了能进行解码以及控制上述储存模块110以及便携式储存媒体加载模块120的储存/读取数据等运作,更能够针对储存模块110或便携式储存媒体来控制蓝光光盘Java安全。在本实施方式中,控制器130(例如:上述执行程序代码140C的微控制单元)可通过利用至少一签名文件(Signature File)来验证Java档案清单文件(Java Archive Manifest File,JARManifest File)。另外,在通过利用至少一签名文件来验证Java档案清单文件的运作完成之后,控制器130(例如上述执行程序代码140C的微控制单元)通过利用对应于至少一签名文件的至少一签名块文件(Signature Block File)来验证至少一签名文件。The controller 130 in this embodiment can not only decode and control the operation of storing/reading data of the above-mentioned storage module 110 and the portable storage medium loading module 120, but also can control the Java security of the Blu-ray disc for the storage module 110 or the portable storage medium. In this embodiment, the controller 130 (for example: the micro control unit executing the program code 140C) can verify the Java Archive Manifest File (JARManifest File) by using at least one signature file (Signature File). In addition, after the operation of verifying the Java archive manifest file by using at least one signature file is completed, the controller 130 (for example, the above-mentioned micro control unit executing the program code 140C) by using at least one signature block file corresponding to the at least one signature file ( Signature Block File) to verify at least one signature file.

依据本实施方式,影音播放装置100的使用者操作接口包含遥控器180,其中遥控器180透过遥控接口单元170(例如接收器)与控制器130沟通。另外,影音播放装置100的使用者操作接口另包含一些可透过显示接口予以显示的屏幕选单,以便于使用者进行各种调整/设定的操作。在本实施方式中,使用者可透过遥控器180上的按钮进行选择,以触发上述储存模块110以及便携式储存媒体加载模块120的储存/读取数据等运作,则控制器130可选择性地针对储存模块110或便携式储存媒体中所储存的内容进行上述对于蓝光光盘Java安全的控制。另外,影音播放装置100的使用者操作接口还可提供用户选择仅依据传统的蓝光光盘Java安全机制来运作,或是启动上述对于蓝光光盘Java安全的控制来提升蓝光光盘Java安全机制的效能。According to this embodiment, the user operation interface of the video player 100 includes a remote control 180 , wherein the remote control 180 communicates with the controller 130 through the remote control interface unit 170 (such as a receiver). In addition, the user operation interface of the audio-visual playback device 100 further includes some on-screen menus that can be displayed through the display interface, so that the user can perform various adjustment/setting operations. In this embodiment, the user can select through the buttons on the remote control 180 to trigger operations such as storing/reading data of the storage module 110 and the portable storage medium loading module 120, and the controller 130 can selectively The above Java security control for the Blu-ray Disc is performed on the content stored in the storage module 110 or the portable storage medium. In addition, the user operation interface of the audio-visual player 100 can also provide the user with the option to operate only according to the traditional Java security mechanism of the Blu-ray disc, or activate the above-mentioned control on the Java security of the Blu-ray disc to enhance the performance of the Java security mechanism of the Blu-ray disc.

本实施方式中对于蓝光光盘Java安全的控制可以增进蓝光光盘Java安全机制的效率,并且在提供新颖而且有效率的安全机制的同时,不至于造成被处理的档案或数据出现不兼容的情况。以下参考图2来进一步说明。The Java security control of the Blu-ray disc in this embodiment can improve the efficiency of the Java security mechanism of the Blu-ray disc, and while providing a novel and efficient security mechanism, it will not cause incompatibility of processed files or data. Further description will be made below with reference to FIG. 2 .

图2为依据本发明一实施方式的一种用来控制蓝光光盘Java安全的方法910的流程图。方法910可应用于图1所示的影音播放装置100,尤其是图1所示的控制器130(例如上述执行程序代码140C的微控制单元)。另外,方法910可通过利用影音播放装置100来实施,尤其是通过利用图1所示的控制器130(例如上述执行程序代码140C的微控制单元)来实施。如此,方法910可依据第一实施方式说明如下:FIG. 2 is a flowchart of a method 910 for controlling Java security of a Blu-ray disc according to an embodiment of the present invention. The method 910 can be applied to the audio-video playback device 100 shown in FIG. 1 , especially the controller 130 shown in FIG. 1 (such as the above-mentioned micro control unit executing the program code 140C). In addition, the method 910 can be implemented by using the audio-visual playing device 100 , especially by using the controller 130 shown in FIG. 1 (such as the above-mentioned micro control unit executing the program code 140C). Thus, the method 910 can be described as follows according to the first embodiment:

步骤912:控制器130(例如:上述执行程序代码140C的微控制单元)通过利用至少一签名文件来验证Java档案清单文件。实作上较常遇到的状况是,至少一签名文件包含有多个签名文件,例如:图3所示的多个签名文件SF(0)、SF(1)、SF(2)、...、SF(99)。如此,控制器130(例如:上述执行程序代码140C的微控制单元)在本步骤中通过利用签名文件SF(0)、SF(1)、SF(2)、...、SF(99)来验证Java档案清单文件。Step 912: The controller 130 (for example: the MCU executing the program code 140C) verifies the Java archive manifest file by using at least one signature file. A more common situation in practice is that at least one signature file contains multiple signature files, for example: multiple signature files SF(0), SF(1), SF(2), .. ., SF(99). In this way, the controller 130 (for example: the above-mentioned micro control unit executing the program code 140C) uses the signature files SF(0), SF(1), SF(2), . . . , SF(99) in this step to Validate the Java archive manifest file.

步骤914:控制器130在通过利用至少一签名文件来验证Java档案清单文件的运作完成之后,通过利用对应于至少一签名文件的至少一签名块文件(Signature Block File)来验证至少一签名文件。如前面所述,实作上较常遇到的状况是,至少一签名文件包含有多个签名文件,例如图3所示的多个签名文件SF(0)、SF(1)、SF(2)、...、SF(99);如此,在通过利用签名文件SF(0)、SF(1)、SF(2)、...、SF(99)来验证Java档案清单文件的运作完成之后,控制器130(例如:上述执行程序代码140C的微控制单元)在本步骤中分别通过利用对应于签名文件SF(0)、SF(1)、SF(2)、...、SF(99)的多个签名块文件,例如图3所示的多个签名块文件SBF(0)、SBF(1)、SBF(2)、...、SBF(99),来验证签名文件SF(0)、SF(1)、SF(2)、...、SF(99)。Step 914: The controller 130 verifies at least one signature file by using at least one signature block file (Signature Block File) corresponding to the at least one signature file after the operation of the Java archive manifest file is verified by using the at least one signature file. As mentioned above, the more common situation encountered in practice is that at least one signature file contains multiple signature files, such as the multiple signature files SF(0), SF(1), SF(2) shown in Figure 3 ), ..., SF (99); so, by utilizing the signature files SF (0), SF (1), SF (2), ..., SF (99) to verify that the operation of the Java file manifest file is completed Afterwards, the controller 130 (for example: the above-mentioned micro-control unit executing the program code 140C) in this step by using the signature files corresponding to SF(0), SF(1), SF(2), . . . , SF( 99), a plurality of signature block files shown in Figure 3 such as SBF (0), SBF (1), SBF (2), ..., SBF (99), to verify the signature file SF ( 0), SF(1), SF(2), ..., SF(99).

图3为图2所示的方法中所涉及的校验链的示意图。如图3所示,由最底下的认证类别文件(Authenticated Class File)起到最上面的根证书(Root Certificate)之间所经过的各个校验链在本实施方式中以虚线表示,其中箭头向上表示下方对象受上方对象校验。由于蓝光光盘Java安全机制中的校验过程所使用的Java档案清单文件的数量是单一的,故在图3当中由最底下的认证类别文件起到最上面的根证书之间所经过的校验链全都经过单一的Java档案清单文件。因此,一旦单一的Java档案清单文件或签名文件SF(0)、SF(1)、SF(2)、...、SF(99)有任何错误或不适用的情况,则在步骤912的校验运作一般执行于步骤914的校验运作之前的优势下,本实施方式的控制器130就得以很快地发现来采取应变的步骤。FIG. 3 is a schematic diagram of a verification chain involved in the method shown in FIG. 2 . As shown in Figure 3, each verification chain passed between the bottommost authentication class file (Authenticated Class File) and the topmost root certificate (Root Certificate) is represented by a dotted line in this embodiment, where the arrow points upward Indicates that the object below is checked by the object above. Since the number of Java file list files used in the verification process in the Java security mechanism of the Blu-ray Disc is single, the verification process from the bottom authentication category file to the top root certificate in Figure 3 Chains all go through a single Java archive manifest file. Therefore, once a single Java file list file or signature file SF(0), SF(1), SF(2), ..., SF(99) has any error or inapplicable situation, the verification in step 912 With the advantage that the verification operation is generally performed before the verification operation in step 914, the controller 130 of this embodiment can quickly find out and take contingency steps.

依据本实施方式,控制器130一旦判断多个签名文件SF(0)、SF(1)、SF(2)、...、SF(99)中的一特定签名文件有任何错误或不适用的情况,则终止/避免进行通过利用该特定签名文件来验证Java档案清单文件的运作以及通过利用对应于该特定签名文件的特定签名块文件来验证该特定签名文件的运作。According to this embodiment, once the controller 130 judges that there is any error or inapplicable case, then terminate/avoid the operation of verifying the Java archive manifest file by using the specific signature file and the operation of verifying the specific signature file by using the specific signature block file corresponding to the specific signature file.

另外,控制器130一旦判断Java档案清单文件有任何错误或不适用的情况,则终止/避免进行通过利用多个签名文件SF(0)、SF(1)、SF(2)、...、SF(99)来验证Java档案清单文件的运作以及通过利用对应于多个签名文件SF(0)、SF(1)、SF(2)、...、SF(99)的多个签名块文件SBF(0)、SBF(1)、SBF(2)、...、SBF(99)来验证多个签名文件SF(0)、SF(1)、SF(2)、...、SF(99)的运作。In addition, once the controller 130 judges that there is any error or inapplicability in the Java archive manifest file, it terminates/avoids the execution by using multiple signature files SF(0), SF(1), SF(2), . . . SF(99) to verify the operation of the Java archive manifest file and by utilizing a plurality of signature block files corresponding to a plurality of signature files SF(0), SF(1), SF(2), . . . , SF(99) SBF(0), SBF(1), SBF(2), ..., SBF(99) to verify multiple signature files SF(0), SF(1), SF(2), ..., SF( 99) operation.

在本实施方式中,控制器130通过上述对于蓝光光盘Java安全的控制,就可增进蓝光光盘Java安全机制的效率,并且在提供新颖而且有效率的安全机制的同时,不至于造成被处理的档案或数据出现不兼容的情况。In this embodiment, the controller 130 can improve the efficiency of the Java security mechanism of the Blu-ray disc through the above-mentioned control of the Java security of the Blu-ray disc, and while providing a novel and efficient security mechanism, it will not cause the file being processed or data incompatibility.

依据本实施方式的变化实施方式,一旦通过利用多个签名文件来验证Java档案清单文件的运作已有数次是校验失败的,控制器130可据此先假设Java档案清单文件是有误的,就可以选择性地省略全部的各校验链的校验,其中控制器130所执行的程序代码140C可以预先透过一些修改设定,使控制器130在这种状况下直接省略全部的各校验链的校验。According to the variant implementation of this embodiment, once the operation of the Java file manifest file has been verified several times by using multiple signature files, the controller 130 may first assume that the Java file manifest file is wrong, It is possible to selectively omit the verification of all the verification chains, wherein the program code 140C executed by the controller 130 can be modified and set in advance, so that the controller 130 can directly omit all the verification chains in this situation. Check chain verification.

当然了,上述的设定虽然运作上效率极高,但还是有风险的;万一控制器130先假设“此Java档案清单文件是有误的”为错误的假设(也就是说此Java档案清单文件其实是没问题的,但校验失败的运作中的多个签名文件其实是有误的或是不适用的),则上述错误的假设就会造成控制器130误判。依据本实施方式的另一变化实施方式,为了避免上述错误的假设造成误判,控制器130所执行的程序代码140C可以预先透过一些修改设定,使控制器130可以在这种状况下抽查校验失败的运作中的多个可疑的签名文件;于是,控制器130分别通过利用对应于这多个可疑的签名文件的多个签名块文件来验证这多个可疑的签名文件,以避免因上述错误的假设而造成控制器130误判。Of course, although the above-mentioned setting is highly efficient in operation, it still has risks; in case the controller 130 first assumes that "this Java file list file is wrong" is an erroneous assumption (that is to say, this Java file list file The file is actually fine, but the multiple signature files in the operation that failed the verification are actually wrong or inapplicable), then the above-mentioned wrong assumption will cause the controller 130 to make a misjudgment. According to another variation of this embodiment, in order to avoid misjudgment caused by the above-mentioned erroneous assumptions, the program code 140C executed by the controller 130 can be modified and set in advance, so that the controller 130 can spot-check in this situation A plurality of suspicious signature files in the operation of verification failure; then, the controller 130 verifies the plurality of suspicious signature files by using a plurality of signature block files corresponding to the plurality of suspicious signature files respectively, so as to avoid The above erroneous assumptions cause the controller 130 to misjudge.

依据本实施方式的另一变化实施方式,为了避免上述错误的假设造成误判,控制器130所执行的程序代码140C可以预先透过一些修改设定,使控制器130可以在这种状况下检查校验失败的运作中的各个签名文件,其中校验失败的运作中的各个签名文件全部列为可疑的签名文件;于是,控制器130分别通过利用对应于这多个可疑的签名文件的多个签名块文件来验证这多个可疑的签名文件,以避免因上述错误的假设而造成控制器130误判。According to another variation of this embodiment, in order to avoid misjudgment caused by the above-mentioned erroneous assumptions, the program code 140C executed by the controller 130 can be modified in advance so that the controller 130 can check Each signature file in the operation that fails to verify, wherein each signature file in the operation that fails to verify is all listed as a suspicious signature file; then, the controller 130 uses a plurality of signature files corresponding to the plurality of suspicious signature files. Signature block files are used to verify the multiple suspicious signature files, so as to avoid misjudgment by the controller 130 due to the above-mentioned wrong assumptions.

依据本实施方式的另一变化实施方式,一旦通过利用多个签名文件来验证Java档案清单文件的运作已有数次是校验成功的,则控制器130可据此先假设Java档案清单文件是无误的;此后一旦通过利用多个签名文件来验证Java档案清单文件的运作出现任何验证失败,由于蓝光光盘Java安全机制中的Java档案清单文件的数量是单一的,控制器130可立即判断多个签名文件当中有哪些签名文件是不适用的,并且避免通过利用对应于不适用的签名文件的签名块文件来验证此(些)不适用的签名文件。因此,本发明可以节省由于该多个签名文件有任何错误或不适用的情况所致的时间上的浪费。According to another variant implementation of this embodiment, once the operation of the Java file manifest file has been verified several times by using multiple signature files, the controller 130 can first assume that the Java file manifest file is correct. Thereafter, once there is any verification failure in the operation of verifying the Java archive manifest file by utilizing multiple signature files, since the number of Java archive manifest files in the Blu-ray Disc Java security mechanism is single, the controller 130 can immediately judge multiple signatures which signature files among the files are not applicable, and avoid verifying the non-applicable signature file(s) by using the signature block file corresponding to the non-applicable signature file(s). Therefore, the present invention can save time wasted due to any error or inapplicability of the plurality of signature files.

需要注意的是,即使控制器130先假设“此Java档案清单文件是无误的”为错误的假设(也就是说此Java档案清单文件可能是有误的或是不适用的),则与传统的作法相比,此状况下本实施方式对整个蓝光光盘Java安全的控制仍有很大的机会作出效能提升的贡献。由于单一的Java档案清单文件位于各个校验链的较底层,本来就理当受到上层的校验,因此本实施方式的运作在最差的状况下,顶多是效能相较于传统的作法未有提升,但不至于效能变差。It should be noted that even if the controller 130 first assumes that "this Java file manifest file is correct" is a wrong assumption (that is to say, this Java file manifest file may be wrong or inapplicable), then it is different from the traditional Compared with other methods, in this situation, this embodiment still has a great opportunity to contribute to the performance improvement of the Java security control of the entire Blu-ray disc. Since the single Java file list file is located at the lower layer of each verification chain, it should be verified by the upper layer. Therefore, in the worst case, the performance of this embodiment is not as good as that of the traditional method. Improvement, but not performance degradation.

请参考图4,图4为依据本发明一第二实施方式的影音播放装置200的示意图,其中第二实施方式为第一实施方式的一变化实施方式。第二实施方式与第一实施方式之间的差异说明如下。Please refer to FIG. 4 . FIG. 4 is a schematic diagram of an audio-visual playing device 200 according to a second embodiment of the present invention, wherein the second embodiment is a modified embodiment of the first embodiment. Differences between the second embodiment and the first embodiment are explained below.

如图4所示,影音播放装置200包含控制电路205,控制电路205包含控制器230与程序代码240C,其中本实施方式的控制器230为硬件控制器(例如上述的硬件控制器),用来代换上述控制器130,而程序代码240C内建于控制器230中。依据本实施方式,控制电路205为控制芯片。另外,程序代码240C为上述程序代码140C的变化版本,以使控制器230因应上述的架构变化进行相对应的控制。本实施方式与前述各实施方式/变化实施方式相似之处不再重复赘述。As shown in FIG. 4 , the audio-video playback device 200 includes a control circuit 205, and the control circuit 205 includes a controller 230 and a program code 240C, wherein the controller 230 in this embodiment is a hardware controller (such as the above-mentioned hardware controller), used for Instead of the above-mentioned controller 130 , the program code 240C is built in the controller 230 . According to this embodiment, the control circuit 205 is a control chip. In addition, the program code 240C is a modified version of the above-mentioned program code 140C, so that the controller 230 performs corresponding control in response to the above-mentioned structural changes. The similarities between this implementation manner and the foregoing implementation manners/variant implementation manners will not be repeated here.

依据第二实施方式的一变化实施方式,控制电路205中的控制器230所执行的程序代码读取自控制器230之外。例如,控制器230所执行的程序代码读取自控制电路205中的内建的存储器。又例如,控制器230所执行的程序代码读取自控制电路205之外的一个外部存储器。本实施方式与前述各实施方式/变化实施方式相似之处不再重复赘述。According to a variation of the second embodiment, the program code executed by the controller 230 in the control circuit 205 is read from outside the controller 230 . For example, the program code executed by the controller 230 is read from the built-in memory in the control circuit 205 . For another example, the program code executed by the controller 230 is read from an external memory other than the control circuit 205 . The similarities between this implementation manner and the foregoing implementation manners/variant implementation manners will not be repeated here.

依据第二实施方式的另一变化实施方式,控制电路205中的控制器230所执行的程序代码的一部分内建于控制器230中,而控制器230所执行的程序代码的另一部分读取自控制器230之外。例如,该另一部分读取自控制电路205中的内建的存储器。又例如,另一部分读取自控制电路205之外的一个外部存储器。本实施方式与前述各实施方式/变化实施方式相似之处不再重复赘述。According to another variation of the second embodiment, part of the program code executed by the controller 230 in the control circuit 205 is built in the controller 230, and another part of the program code executed by the controller 230 is read from outside the controller 230. For example, the other part is read from a built-in memory in the control circuit 205 . For another example, another part is read from an external memory other than the control circuit 205 . The similarities between this implementation manner and the foregoing implementation manners/variant implementation manners will not be repeated here.

以上所述仅为本发明的较佳实施方式,凡依本发明权利要求所做的均等变化与修饰,皆应属本发明的涵盖范围。The above descriptions are only preferred embodiments of the present invention, and all equivalent changes and modifications made according to the claims of the present invention shall fall within the scope of the present invention.

Claims (10)

1.一种用来控制蓝光光盘Java安全的方法,包含有:1. A method for controlling the Java security of a Blu-ray disc, comprising: 通过利用至少一签名文件来验证Java档案清单文件;以及verifying the Java archive manifest file by utilizing at least one signature file; and 在通过利用该至少一签名文件来验证该Java档案清单文件的运作完成之后,通过利用对应于该至少一签名文件的至少一签名块文件来验证该至少一签名文件。After verifying the Java archive manifest file by using the at least one signature file, verifying the at least one signature file by using at least one signature block file corresponding to the at least one signature file. 2.如权利要求1所述的用来控制蓝光光盘Java安全的方法,其特征在于,该至少一签名文件包含有多个签名文件;以及在通过利用该至少一签名文件来验证该Java档案清单文件的运作完成之后通过利用对应于该至少一签名文件的至少一签名块文件来验证该至少一签名文件的步骤另包含有:2. The method for controlling the Java security of a Blu-ray disc as claimed in claim 1, wherein the at least one signature file includes a plurality of signature files; and verifying the Java file list by utilizing the at least one signature file The step of verifying the at least one signature file by utilizing at least one signature block file corresponding to the at least one signature file after the operation of the file is completed further includes: 在通过利用该多个签名文件来验证该Java档案清单文件的运作完成之后,分别通过利用对应于该多个签名文件的多个签名块文件来验证该多个签名文件。After verifying the operation of the Java archive manifest file by using the plurality of signature files, verifying the plurality of signature files by using a plurality of signature block files corresponding to the plurality of signature files respectively. 3.如权利要求2所述的用来控制蓝光光盘Java安全的方法,其特征在于,该用来控制蓝光光盘Java安全的方法另包含有:3. the method for controlling the Java security of Blu-ray discs as claimed in claim 2, characterized in that, the method for controlling the Java security of Blu-ray discs additionally includes: 一旦判断该多个签名文件中的特定签名文件有任何错误或不适用的情况,则终止和/或避免进行通过利用该特定签名文件来验证该Java档案清单文件的运作以及通过利用对应于该特定签名文件的特定签名块文件来验证该特定签名文件的运作。Once it is judged that there is any error or inapplicability in the specific signature file in the plurality of signature files, then terminate and/or avoid the operation of verifying the Java archive manifest file by using the specific signature file and by using the specific signature file corresponding to the specific signature file. A specific signature block file of a signature file to verify the operation of that specific signature file. 4.如权利要求1所述的用来控制蓝光光盘Java安全的方法,其特征在于,该用来控制蓝光光盘Java安全的方法另包含有:4. the method for controlling the Java security of Blu-ray disc as claimed in claim 1, is characterized in that, the method for controlling Java security of Blu-ray disc additionally includes: 一旦判断该Java档案清单文件有任何错误或不适用的情况,则终止和/或避免进行通过利用该至少一签名文件来验证该Java档案清单文件的运作以及通过利用对应于该至少一签名文件的至少一签名块文件来验证该至少一签名文件的运作。Once it is judged that the Java file manifest file has any error or inapplicable situation, then terminate and/or avoid performing the operation of verifying the Java file manifest file by using the at least one signature file and by using the corresponding to the at least one signature file At least one signature block file is used to verify the operation of the at least one signature file. 5.一种影音播放装置,包含有:5. An audio-visual playback device, comprising: 储存模块或便携式储存媒体加载模块,该便携式储存媒体加载模块用来加载便携式储存媒体;以及a storage module or a portable storage medium loading module, the portable storage medium loading module is used to load a portable storage medium; and 控制器,用来针对该储存模块或该便携式储存媒体来控制蓝光光盘Java安全,其中该控制器通过利用至少一签名文件来验证一Java档案清单文件,以及在通过利用该至少一签名文件来验证该Java档案清单文件的运作完成之后,该控制器通过利用对应于该至少一签名文件的至少一签名块文件来验证该至少一签名文件。A controller for controlling the Java security of the Blu-ray Disc for the storage module or the portable storage medium, wherein the controller verifies a Java file manifest file by using at least one signature file, and verifies by using the at least one signature file After the operation of the Java file manifest file is completed, the controller verifies the at least one signature file by using at least one signature block file corresponding to the at least one signature file. 6.如权利要求5所述的影音播放装置,其特征在于,该至少一签名文件包含有多个签名文件;以及该控制器在通过利用该多个签名文件来验证该Java档案清单文件的运作完成之后,分别通过利用对应于该多个签名文件的多个签名块文件来验证该多个签名文件。6. The audio-visual playback device as claimed in claim 5, wherein the at least one signature file includes a plurality of signature files; and the controller is verifying the operation of the Java file list file by utilizing the plurality of signature files After completion, the plurality of signature files are verified by utilizing the plurality of signature block files corresponding to the plurality of signature files, respectively. 7.如权利要求6所述的影音播放装置,其特征在于,该控制器一旦判断该多个签名文件中的特定签名文件有任何错误或不适用的情况,则终止和/或避免进行通过利用该特定签名文件来验证该Java档案清单文件的运作以及通过利用对应于该特定签名文件的特定签名块文件来验证该特定签名文件的运作。7. The audio-visual playback device as claimed in claim 6, wherein once the controller judges that there is any error or inapplicability in the specific signature file in the plurality of signature files, it terminates and/or avoids the use of The specific signature file is used to verify the operation of the Java archive manifest file and to verify the operation of the specific signature file by using a specific signature block file corresponding to the specific signature file. 8.如权利要求5所述的影音播放装置,其特征在于,该控制器一旦判断该Java档案清单文件有任何错误或不适用的情况,则终止和/或避免进行通过利用该至少一签名文件来验证该Java档案清单文件的运作以及通过利用对应于该至少一签名文件的至少一签名块文件来验证该至少一签名文件的运作。8. The audio-visual playback device as claimed in claim 5, wherein, once the controller judges that the Java file list file has any error or inapplicability, it terminates and/or avoids using the at least one signature file. to verify the operation of the Java archive manifest file and verify the operation of the at least one signature file by using at least one signature block file corresponding to the at least one signature file. 9.一种控制电路,用于影音播放装置,该控制电路包含有:9. A control circuit for an audio-visual playback device, the control circuit comprising: 控制器;以及controller; and 程序代码,内建于该控制器中或读取自该控制器之外,用来供该控制器执行以控制蓝光光盘Java安全;program code, built into the controller or read from outside the controller, for execution by the controller to control Blu-ray Disc Java security; 其中执行该程序代码的该控制器通过利用至少一签名文件来验证Java档案清单文件,以及在通过利用该至少一签名文件来验证该Java档案清单文件的运作完成之后,该控制器通过利用对应于该至少一签名文件的至少一签名块文件来验证该至少一签名文件。Wherein the controller executing the program code verifies the Java archive manifest file by using at least one signature file, and after the operation of verifying the Java archive manifest file by utilizing the at least one signature file is completed, the controller verifies the Java archive manifest file by utilizing the corresponding At least one signature block file of the at least one signature file is used to verify the at least one signature file. 10.如权利要求9所述的控制电路,其特征在于,该至少一签名文件包含有多个签名文件;以及该控制器在通过利用该多个签名文件来验证该Java档案清单文件的运作完成之后,分别通过利用对应于该多个签名文件的多个签名块文件来验证该多个签名文件。10. The control circuit as claimed in claim 9, wherein the at least one signature file includes a plurality of signature files; and the controller verifies that the operation of the Java file list file is completed by utilizing the plurality of signature files Thereafter, the plurality of signature files are verified by using the plurality of signature block files corresponding to the plurality of signature files, respectively.
CN 200910147898 2009-06-17 2009-06-17 Method for controlling Java safety of blue-ray disc, video and audio play device and control circuit Expired - Fee Related CN101923875B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 200910147898 CN101923875B (en) 2009-06-17 2009-06-17 Method for controlling Java safety of blue-ray disc, video and audio play device and control circuit

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 200910147898 CN101923875B (en) 2009-06-17 2009-06-17 Method for controlling Java safety of blue-ray disc, video and audio play device and control circuit

Publications (2)

Publication Number Publication Date
CN101923875A true CN101923875A (en) 2010-12-22
CN101923875B CN101923875B (en) 2013-06-12

Family

ID=43338746

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 200910147898 Expired - Fee Related CN101923875B (en) 2009-06-17 2009-06-17 Method for controlling Java safety of blue-ray disc, video and audio play device and control circuit

Country Status (1)

Country Link
CN (1) CN101923875B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107566328A (en) * 2016-06-30 2018-01-09 瞻博网络公司 The selectivity checking of the signature of network node

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SG136965A1 (en) * 2003-10-10 2007-11-29 Koninkl Philips Electronics Nv Playback of audio-video content and an associated java application from an optical disc
CN1955971B (en) * 2005-10-27 2010-05-05 北京振戎融通通信技术有限公司 Safety installation method suitable for Java application program

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107566328A (en) * 2016-06-30 2018-01-09 瞻博网络公司 The selectivity checking of the signature of network node
US10645095B2 (en) 2016-06-30 2020-05-05 Juniper Networks, Inc. Selective verification of signatures by network nodes
CN107566328B (en) * 2016-06-30 2020-10-30 瞻博网络公司 Selective verification method for signature of network node

Also Published As

Publication number Publication date
CN101923875B (en) 2013-06-12

Similar Documents

Publication Publication Date Title
CN1967697B (en) Optical disc playing device and method for displaying starting-up cartoon
CN101826358B (en) Playback apparatus and playback method
US8422863B2 (en) Video information playback method, video information playback device, recording medium and video content
CN101044488A (en) Secure boot scheme from exterbal memory using international memory
CN101923875B (en) Method for controlling Java safety of blue-ray disc, video and audio play device and control circuit
JP5699812B2 (en) Playback device
US20110035670A1 (en) Audio playback method for electronic device
US7694071B1 (en) Disk drives and methods allowing configurable zoning
US20060005223A1 (en) Method of recording and playing video at optimized resolution
CN101167120A (en) Extraction of video picture screen saver function
US20110188833A1 (en) Disc playback device and disc playback method
US8503858B2 (en) Machine-implemented method for establishing a playback interface, and computer-readable recording medium for implementing the same
JP2007052764A (en) Multimedia computer system with dual-cpu and its multimedia instant play method
JP2009193633A (en) Optical disk recording medium and av device
US20110255384A1 (en) Bookmarking digital content on blu-ray discs
US20100332986A1 (en) Embedded electronic device and method for controlling multimedia files therein
US20090238545A1 (en) Reproducing device and program
CN103996406B (en) A kind of media file playing method and device based on Android system
CN103116492A (en) Disc or method and system for collecting and recording disc file
CN102449695A (en) Video information reproducing method and video information reproducing device
WO2009147782A1 (en) Reproduction device, integrated circuit, and reproduction method
CN102143395A (en) Set-top box supporting PVR (Personal Video Record) and a method thereof for processing audio and video data
JP5393847B2 (en) Simple resume playback device and program
US20120033945A1 (en) Information playback apparatus, information playback method, program, information recording medium and semiconductor integrated circuit
JP2007226917A (en) Device equipped with data restoration function

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20130612