CN104915591A - Data processing method and electronic equipment - Google Patents
Data processing method and electronic equipment Download PDFInfo
- Publication number
- CN104915591A CN104915591A CN201410086060.XA CN201410086060A CN104915591A CN 104915591 A CN104915591 A CN 104915591A CN 201410086060 A CN201410086060 A CN 201410086060A CN 104915591 A CN104915591 A CN 104915591A
- Authority
- CN
- China
- Prior art keywords
- bios
- file bag
- bios file
- digital signature
- test value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 32
- 238000000034 method Methods 0.000 claims abstract description 53
- 238000012360 testing method Methods 0.000 claims description 95
- 238000012795 verification Methods 0.000 claims description 49
- 238000003860 storage Methods 0.000 claims description 15
- 230000007246 mechanism Effects 0.000 abstract description 4
- 230000008569 process Effects 0.000 description 18
- 238000004590 computer program Methods 0.000 description 11
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 7
- 238000009826 distribution Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 125000004122 cyclic group Chemical group 0.000 description 3
- 230000001771 impaired effect Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000003044 adaptive effect Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000006835 compression Effects 0.000 description 2
- 238000007906 compression Methods 0.000 description 2
- 230000010365 information processing Effects 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 238000012856 packing Methods 0.000 description 2
- 241000931705 Cicada Species 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a data processing method and electronic equipment. The method is used for solving the technical problem that an existing BIOS updating security authentication mechanism cannot ensure the security of BIOS updating files. The method is applied to the electronic equipment with a BIOS. The method comprises the steps of obtaining a BIOS file package; verifying the legality of a digital signature of the BIOS file package through a public key of a legal publisher; if the verifying result shows that the digital signature of the BIOS file package is illegal, rejecting updating of the BIOS through the BIOS file package.
Description
Technical field
The present invention relates to field of information security technology, particularly a kind of data processing method and electronic equipment.
Background technology
Basic input-output system BIOS, is integrated in the nonvolatile memory of electronic equipment, preserves the most important basic input and output program of electronic equipment operating system, system information setting, startup power on self detection program and system and starts self-check program.Its major function provides the bottom, the most direct hardware setting and control for electronic equipment.
Along with the development of technology, needing the bios program to being solidificated on chip to upgrade, to revise the leak in former version bios program, and obtaining the support to new hardware device or technical manual.
But present inventor at least finds that above-mentioned prior art exists following technical matters:
In prior art, secure authentication mechanisms when BIOS upgrades is very simple, BIOS publisher adds the simple and safe check informations such as adaptive type id information, bios version information usually in BIOS updating file, assailant is caused to be easy in BIOS updating file, add malice wooden horse supervisor, then the information such as type id information and bios version is retained, repack a file, disguise oneself as and upgrade the BIOS file of version.If user installation also runs these illegal bios programs, serious potential safety hazard will be produced.
Summary of the invention
The application provides a kind of data processing method and electronic equipment, upgrades for solving the BIOS existed in prior art the technical matters that secure authentication mechanisms cannot ensure the security of BIOS updating file; Reach and improve by the technique effect of BIOS updating file to the security that BIOS upgrades.
First aspect, the embodiment of the present application provides a kind of data processing method, and described method comprises: the basic input-output system BIOS file being carried out issuing by needs is packaged as BIOS file bag; The private key of the publisher of described BIOS file bag is adopted to calculate the digital signature of described BIOS file bag; Issue and comprise the BIOS file bag of described digital signature, to make the download of described BIOS file bag can enough by the legitimacy of BIOS file bag described in the public key verifications of legal publisher.
Preferably, before the private key of the publisher of described employing described BIOS file bag calculates the digital signature of described BIOS file bag, described method also comprises: adopt the first algorithm to calculate the first proof test value obtaining described BIOS file bag; Wherein, described first proof test value is the proof test value of the integrality for verifying described BIOS file bag; The private key of the publisher of described employing described BIOS file bag calculates the digital signature of described BIOS file bag, comprising: adopt described private key to calculate the digital signature of described BIOS file bag and described first proof test value.
Second aspect, the embodiment of the present application provides a kind of data processing method, is applied to the electronic equipment with basic input-output system BIOS, and described method comprises: obtain BIOS file bag; By the legitimacy of the digital signature of BIOS file bag described in the public key verifications of legal publisher; If the result shows that the digital signature of described BIOS file bag is illegal, then refuse to be upgraded BIOS by described BIOS file bag.
Preferably, before the legitimacy of the digital signature of BIOS file bag described in the described public key verifications by legal publisher, described method also comprises: judge whether described BIOS file bag comprises digital signature; If do not comprise, then refuse to be upgraded BIOS by described BIOS file bag; The legitimacy of the digital signature of BIOS file bag described in the described public key verifications by legal publisher, be specially: when judged result shows described BIOS file handbag containing digital signature, by the legitimacy of the digital signature of BIOS file bag described in the described public key verifications of legal publisher.
Preferably, after the legitimacy of the digital signature of BIOS file bag described in the described public key verifications by legal publisher, described method also comprises: if the result shows that the digital signature of described BIOS file bag is legal, then upgrade BIOS according to described BIOS file bag.
Preferably, after the legitimacy of BIOS file bag described in the described public key verifications by legal publisher, described method also comprises: if the result shows that the digital signature of described BIOS file bag is legal, then adopt the first algorithm to calculate the second proof test value of described BIOS file bag; Wherein, described second proof test value is the proof test value of the integrality for verifying described BIOS file bag; Judge that whether the first proof test value that described second proof test value and described BIOS file handbag contain is identical; Described first proof test value adopts described first algorithm to generate by the publisher of described BIOS file bag; If identical, then according to described BIOS file bag, BIOS is upgraded; Otherwise, refuse to be upgraded BIOS by described BIOS file bag.
Preferably, if described identical, then, after upgrading BIOS according to described BIOS file bag, described method also comprises: adopt hash algorithm to calculate the cryptographic hash of the BIOS system after upgrading according to described BIOS file bag; Store described cryptographic hash, to be characterized the legitimacy of described BIOS system by described cryptographic hash.
The third aspect, the embodiment of the present application provides a kind of electronic equipment, comprising: file packaged unit, for will the basic input-output system BIOS file carrying out issuing be needed to be packaged as BIOS file bag; Digital signature generation unit, the private key for the publisher adopting described BIOS file bag calculates the digital signature of described BIOS file bag; Release unit, for issuing the BIOS file bag comprising described digital signature, to make the download of described BIOS file bag can enough by the legitimacy of BIOS file bag described in the public key verifications of legal publisher.
Preferably, described electronic equipment also comprises: the first arithmetic element, calculates for adopting the first algorithm the first proof test value obtaining described BIOS file bag; Wherein, described first proof test value is the proof test value of the integrality for verifying described BIOS file bag; The digital signature of described digital signature generation unit specifically for adopting described private key to calculate described BIOS file bag and described first proof test value.
Fourth aspect, the embodiment of the present application provides a kind of electronic equipment, and described electronic equipment has basic input-output system BIOS, and described electronic equipment comprises: acquiring unit, for obtaining BIOS file bag; Digital signature authentication unit, for the legitimacy of the digital signature of BIOS file bag described in the public key verifications by legal publisher; Upgrading control module, by described BIOS file bag, BIOS being upgraded for refusing when the digital signature of described BIOS file bag is illegal.
Preferably, described electronic equipment also comprises: the first judging unit, for judging whether described BIOS file bag comprises digital signature; Described renewal control module, also for: when described BIOS file comprises digital signature, refuse to be upgraded BIOS by described BIOS file bag; Described digital signature authentication unit, specifically for: when described BIOS file handbag is containing digital signature, by the legitimacy of the digital signature of BIOS file bag described in the described public key verifications of legal publisher.
Preferably, described renewal control module, also for: BIOS is upgraded according to described BIOS file bag when the digital signature of described BIOS file bag is legal.
Preferably, described electronic equipment also comprises: the second arithmetic element, for adopting the first algorithm to calculate the second proof test value of described BIOS file bag when the digital signature of described BIOS file bag is legal; Wherein, described second proof test value is the proof test value of the integrality for verifying described BIOS file bag; Described first algorithm is the cryptographic algorithm that can be used in generating described second proof test value; Whether integrity verifying unit is identical for judging the first proof test value that described second proof test value and described BIOS file handbag contain; Described first proof test value is that the publisher of described BIOS file bag adopts described first algorithm to generate; Described renewal control module, also for: BIOS is upgraded according to described BIOS file bag when described second proof test value is identical with described first proof test value; And refuse when described second proof test value is not identical with described first proof test value to be upgraded BIOS by described BIOS file bag.
Preferably, the second arithmetic element, also for: adopt hash algorithm to calculate the cryptographic hash of BIOS system after upgrading according to described BIOS file bag; Described electronic equipment also comprises: storage unit, for storing described cryptographic hash, to be characterized the legitimacy of described BIOS system by described cryptographic hash.
The one or more technical schemes provided in the embodiment of the present application, at least have following technique effect or advantage:
1, due in the embodiment of the present application, when BIOS file publisher issues BIOS file, asymmetric cryptographic algorithm is adopted to calculate the digital signature of BIOS file, the private key that this digital signature can only be grasped by this publisher generates, there is nonreversibility, unforgeable, make illegal distribution person can not forge the digital signature consistent with legal publisher, and after other people can not distort in the BIOS file issued legal publisher, add the digital signature consistent with legal publisher, like this, make BIOS file download person can by the legitimacy of the digital signature of public key verifications BIOS updating file disclosed in legal publisher, also namely verify whether BIOS file bag is the BIOS file bag that legal publisher issues, and then verify the legitimacy of its BIOS updating file obtained, improve security BIOS upgraded by BIOS updating file.
2, due in the embodiment of the present application, BIOS file download person is after getting BIOS file bag, by the legitimacy of the digital signature of public key verifications BIOS file bag disclosed in legal BIOS file publisher, because this digital signature is generated according to its private key grasped by BIOS file publisher, there is nonreversibility, unforgeable.Therefore, by the legitimacy of the digital signature of the public key verifications BIOS file of legal publisher, the BIOS file of acquisition can be picked out whether by legal BIOS file publisher is issued, and then the BIOS file avoiding user to issue according to illegal publisher carries out BIOS renewal, cause BIOS system failure, or implanted wooden horse in BIOS system, improves the security upgraded BIOS by BIOS updating file.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of data processing method in the embodiment of the present application 1;
Fig. 2 is the schematic flow sheet of data processing method in the embodiment of the present application 2;
Fig. 3 is the schematic flow sheet of the further refinement of data processing method in the embodiment of the present application 2;
Fig. 4 is the schematic block diagram of electronic equipment in the embodiment of the present application 3;
Fig. 5 is the schematic block diagram of electronic equipment in the embodiment of the present application 4;
Fig. 6 is the schematic block diagram of the further refinement of electronic equipment in the embodiment of the present application 4.
Embodiment
The application provides a kind of data processing method and electronic equipment, upgrades for solving the BIOS existed in prior art the technical matters that secure authentication mechanisms cannot ensure the security of BIOS updating file; Reach and improve by the technique effect of BIOS updating file to the security that BIOS upgrades.
Technical scheme in the embodiment of the present application is for solving the problems of the technologies described above, and general thought is as follows:
On the one hand, the embodiment of the present application provides a kind of data processing method, for improving the security of the BIOS file bag of issue, namely in BIOS file bag, add the digital signature generated by the private key of publisher, then the BIOS file bag comprising digital signature is issued, the private key that this digital signature can only be grasped by this publisher generates, there is nonreversibility, unforgeable, make illegal distribution person can not forge the digital signature consistent with legal publisher, and after other people can not distort in the BIOS file issued legal publisher, add the digital signature consistent with legal publisher, like this, make BIOS file download person can by the legitimacy of the digital signature of public key verifications BIOS updating file disclosed in legal publisher, also namely verify whether BIOS file bag is the BIOS file bag that legal publisher issues, and then verify the legitimacy of its BIOS updating file obtained, improve security BIOS upgraded by BIOS updating file.
On the other hand, the embodiment of the present application provides a kind of data processing method, be applied to the legitimacy that BIOS file download person verifies BIOS file, namely after getting BIOS file bag, by the legitimacy of the digital signature of public key verifications BIOS file bag disclosed in legal BIOS file publisher, because this digital signature is generated according to its private key grasped by BIOS file publisher, there is nonreversibility, unforgeable.Therefore, by the legitimacy of the digital signature of the public key verifications BIOS file of legal publisher, the BIOS file of acquisition can be picked out whether by legal BIOS file publisher is issued, and then the BIOS file avoiding user to issue according to illegal publisher carries out BIOS renewal, cause BIOS system failure, or implanted wooden horse in BIOS system, improves the security upgraded BIOS by BIOS updating file.
Below by accompanying drawing and specific embodiment, technical scheme is described in detail, the specific features being to be understood that in the embodiment of the present application and embodiment is the detailed description to technical scheme, instead of the restriction to technical scheme, when not conflicting, the technical characteristic in the embodiment of the present application and embodiment can combine mutually.
Embodiment 1
The embodiment of the present application 1 provides a kind of data processing method, and the method is applied to carries out BIOS file issue.
Please refer to Fig. 1, the method comprises:
Step 101: be packaged as BIOS file bag by needing the basic input-output system BIOS file carrying out issuing.
Specifically, by certain compression algorithm, compression packing is carried out to BIOS file, the basic identification information of BIOS file can be added after packing in the packet header of file bag, as adaptive type, version information etc.
Step 102: adopt the private key of the publisher of BIOS file bag to calculate the digital signature of BIOS file bag;
Step 103: issue and comprise the BIOS file bag of digital signature, to make the download of BIOS file bag can enough by the legitimacy of the public key verifications BIOS file bag of legal publisher.
In step S102, specifically, refer to publisher to be encrypted the BIOS file issued by rivest, shamir, adelman (as RSA Algorithm, DSA algorithm etc.).In rivest, shamir, adelman, there is a pair encryption key and decruption key, these two keys are completely different still to be mated completely.When using rivest, shamir, adelman encrypt file, only having a pair PKI and private key that use coupling, just can complete encryption and decryption process expressly.
In the embodiment of the present application, publisher adopts the private key of publisher to be encrypted (i.e. digital signature) the BIOS file bag issued, and the download of BIOS file bag can be enough decrypted BIOS file bag by the PKI of legal publisher, if BIOS file bag can be deciphered, then illustrate that BIOS file is from legal publisher, digital signature is legal, otherwise, show that this BIOS file is not issued by legal publisher, digital signature is illegal.
Due in such scheme, when BIOS file publisher issues BIOS file, asymmetric cryptographic algorithm is adopted to calculate the digital signature of BIOS file, the private key that this digital signature can only be grasped by this publisher generates, there is nonreversibility, unforgeable, make illegal distribution person can not forge the digital signature consistent with legal publisher, and after other people can not distort in the BIOS file issued legal publisher, add the digital signature consistent with legal publisher, like this, make BIOS file download person can by the legitimacy of the digital signature of public key verifications BIOS updating file disclosed in legal publisher, also namely verify whether BIOS file bag is the BIOS file bag that legal publisher issues, and then verify the legitimacy of its BIOS updating file obtained, improve security BIOS upgraded by BIOS updating file.
Further, in step 102: before adopting the digital signature of private key calculating BIOS file bag of the publisher of BIOS file bag, method also comprises:
Step 104: adopt the first algorithm to calculate the first proof test value obtaining BIOS file bag; Wherein, the first proof test value is the proof test value of the integrality for verifying BIOS file bag; First algorithm is the cryptographic algorithm that can be used in generation first proof test value;
In this case, step 103: adopt the private key of the publisher of BIOS file bag to calculate the digital signature of BIOS file bag, be specially:
Private key is adopted to calculate the digital signature of BIOS file bag and the first proof test value.
Specifically, in step S104, the impaired situation of BIOS file bag integrality comprise transmit the file content caused lose, impaired, or the malice of assailant is distorted, and changes the content of file.
In order to avoid this situation, the first algorithm can be adopted generate the proof test value can measuring file integrality in the embodiment of the present application, BIOS file download side is after the public key decryptions by legal publisher goes out the BIOS file bag containing digital signature, the first same algorithm is adopted to calculate corresponding proof test value, then whether comparison two proof test values are identical, if identical, show that BIOS file is complete, otherwise, show that BIOS file and source document are not identical, file is imperfect, should stop to carry out BIOS renewal according to this incomplete BIOS file.Like this, user can be avoided to carry out BIOS renewal based on incomplete BIOS file, improve security BIOS upgraded by BIOS updating file.
In actual conditions, the first algorithm can be the hash function of generation cycle redundancy check (Cyclic redundancy check, CRC) value, and this cyclic redundancy check value is the first proof test value.
Preferably, first algorithm is hash algorithm, because hash algorithm target text can be converted to have equal length, irreversible hash character string (also namely: eap-message digest), i.e. cryptographic hash, because it has nonreversibility, other people can not forge and generate the cryptographic hash consistent with the BIOS file that publisher issues after distorting BIOS file.
In addition, if the first algorithm is hash algorithm, when the first proof test value is the cryptographic hash of the BIOS file issued, step 102: adopt the private key of the publisher of BIOS file bag to calculate the digital signature of BIOS file bag, can be optimized for:
The private key of the publisher of BIOS file bag is adopted to calculate the digital signature of cryptographic hash.
This is because cryptographic hash itself has nonreversibility, unforgeable, as long as so be encrypted by the cryptographic hash of asymmetric cryptographic algorithm to BIOS file bag, the legitimacy of BIOS file bag can be ensured.
Embodiment 2
Corresponding with the data processing method that embodiment 1 provides, the embodiment of the present application 2 provides another kind of data processing method, be applied to the security that BIOS file download person verifies the BIOS file bag of acquisition, namely be applied to the electronic equipment with basic input-output system BIOS, this electronic equipment can be notebook computer, panel computer, smart mobile phone etc.
Please refer to Fig. 2, the method comprises:
Step 201: obtain BIOS file bag;
Step 202: by the legitimacy of the digital signature of the public key verifications BIOS file bag of legal publisher; If illegal, then perform step 203;
Step 203: refuse to be upgraded BIOS by BIOS file bag.
Specifically, electronic equipment, after getting BIOS file bag, needs the legitimacy verifying this file bag.Because the publisher of BIOS file bag carries out digital signature by private key to the BIOS file bag that it is issued, therefore, the legitimacy of this digital signature can be verified by the PKI of legal publisher, BIOS file bag can be deciphered if used public-key, then show that digital signature is legal; Otherwise, show that digital signature is illegal.
Because this digital signature is generated according to its private key grasped by BIOS file publisher, there is nonreversibility, unforgeable, therefore, by the legitimacy of the digital signature of the public key verifications BIOS file of legal publisher, the BIOS file of acquisition can be picked out whether by legal BIOS file publisher is issued, and then the BIOS file avoiding user to issue according to illegal publisher carries out BIOS renewal, cause BIOS system failure, or implanted wooden horse in BIOS system, improves the security upgraded BIOS by BIOS updating file.
Further, please refer to Fig. 3, in step 202: before the legitimacy of the digital signature of the public key verifications BIOS file bag by legal publisher, the method also comprises:
Step 204: judge whether BIOS file bag comprises digital signature; If do not comprise, then perform step 203, if comprise, then perform step 202.
In actual conditions, not may comprise digital signature in the BIOS file bag that user obtains, namely not adopt asymmetric cryptographic algorithm to be encrypted.When legal BIOS publisher all carries out digital signature to BIOS, directly can judge that this BIOS file bag is illegal, avoid electronic equipment to carry out BIOS renewal according to the BIOS file bag not comprising digital signature, improve security BIOS upgraded by BIOS updating file.
In the embodiment of the present application, safe class set by the publisher of the BIOS file bag obtained is different, after judging that digital signature is legal in step 202., correspondence takes different modes to carry out renewal checking, two kinds of enumerating below are wherein introduced, certainly, in specific implementation process, be not limited to following two kinds of situations.
One, after judging that digital signature is legal in step 202., performs step 205: upgrade BIOS according to BIOS file bag.
Owing to there being legal digital signature, can ensureing that this BIOS file bag is issued by legal publisher, improve security BIOS upgraded by BIOS file bag.
Its two, during the data comprising for verifying BIOS file integrality in the BIOS file issued, carry out integrity measurement;
That is, after judging that digital signature is legal in step 202., please continue to refer to Fig. 3, following steps are performed:
Step 206: adopt the first algorithm to calculate the second proof test value of BIOS file bag; Wherein, the second proof test value is the proof test value of the integrality for verifying BIOS file bag;
Step 207: judge that whether the second proof test value is identical with the first proof test value that BIOS file handbag contains; First proof test value adopts the first algorithm to generate by the publisher of BIOS file bag; If identical, then perform step 205, if not identical, perform step 203.
Specifically, after certifying digital signature is legal, during the first proof test value that BIOS file bag also comprises for verifying BIOS file integrality if detect, adopt the first algorithm to calculate to adopt the second proof test value of BIOS file bag after public key decryptions.Then whether comparison second proof test value is identical with the first proof test value, if the two is identical, then shows that the BIOS file bag obtained is complete, then upgrades based on this BIOS file bag; Otherwise, show that BIOS file bag is imperfect, then refuse to upgrade according to this incomplete BIOS file bag, avoid the electronic equipment after upgrading not run, impaired or controlled by malicious attacker.
As described in embodiment 1, the first algorithm can for generating the hash function of Cyclic Redundancy Check value, or be hash algorithm, because the first algorithm in the embodiment of the present application 2 and the first check code correspond, will not describe in detail at this.
Further, in step 205: after upgrading BIOS according to BIOS file bag, please continue to refer to Fig. 3, also comprise the steps:
Step 208: adopt hash algorithm to calculate the legal cryptographic hash of the BIOS system after upgrading according to BIOS file bag;
Step 209: store this legal cryptographic hash, to characterize the legitimacy of BIOS system by this legal cryptographic hash.
Specifically, electronic equipment comprises credible password module, or credible platform module, credible password module or credible platform module can store the legal cryptographic hash of BIOS system, before each run BIOS system, electronic equipment all can verify whether current BIOS system is legal BIOS, verification mode is the cryptographic hash calculating current BIOS system, the legal cryptographic hash stored in this value and credible platform module or credible password module is compared, only when comparison is consistent, just run BIOS system, be not tampered by such scheme protection BIOS when day-to-day operation electronic equipment, avoid electronic equipment based on the BIOS system cloud gray model being tampered or implanting wooden horse, improve the security of electronic equipment.
In addition, owing to comprising the part that responsible BIOS basis is run in BIOS system, and the updating and management part of part upgrading is run on responsible BIOS basis.In BIOS upgrades, the part only can run the responsible BIOS basis in BIOS upgrades.Therefore, in step 208, only can calculate the cryptographic hash that part is run on BIOS basis, during corresponding checking, only verify the cryptographic hash of this part.
Preferably, when calculating cryptographic hash in step 208, generate the cryptographic hash of BIOS entirety, that is: the cryptographic hash of the part that responsible BIOS basis is run both had been comprised, also the cryptographic hash that the updating and management part of partly upgrading is run on responsible BIOS basis is comprised, during corresponding checking, to the part comprising the operation of responsible BIOS basis, and the current BIOS entirety that the updating and management part of part upgrading is run on responsible BIOS basis carries out cryptographic hash calculating, and compare based on this cryptographic hash.
In practical application, data processing method in the embodiment of the present application 1,2 can use equally with the issue of other types file and install time safety verification, particularly other store basic input and output program, system information is arranged, startup power on self detection program and system start the underlying programs such as self-check program for electronic equipment provide the bottom, the program of the most direct hardware setting and control, as unified Extensible Firmware Interface (Unified Extensible Firmware Interface, UEFI); Issue for adopting the data processing method that provides of the embodiment of the present application 1,2 and upgrade the technical scheme that these perform the program curing of similar functions and effect with BIOS, the application is intended to protect interior.
Embodiment 3
Corresponding with the data processing method that embodiment 1 provides, the embodiment of the present application 3 provides a kind of electronic equipment, and this electronic equipment is used for carrying out issue BIOS file.
Please refer to Fig. 4, this electronic equipment comprises:
File packaged unit 301, for needing the basic input-output system BIOS file carrying out issuing to be packaged as BIOS file bag;
Digital signature generation unit 302, for the digital signature adopting the private key of the publisher of BIOS file bag to calculate BIOS file bag;
Release unit 303, for issuing the BIOS file bag comprising digital signature, to make the download of BIOS file bag can enough by the legitimacy of the public key verifications BIOS file bag of legal publisher.
Due in such scheme, electronic equipment is when issuing BIOS file, asymmetric cryptographic algorithm is adopted to calculate the digital signature of BIOS file, the private key that this digital signature can only be grasped by this publisher generates, there is nonreversibility, unforgeable, make illegal distribution person can not forge the digital signature consistent with legal publisher, and after other people can not distort in the BIOS file issued legal publisher, add the digital signature consistent with legal publisher, like this, make BIOS file download person can by the legitimacy of the digital signature of public key verifications BIOS updating file disclosed in legal publisher, also namely verify whether BIOS file bag is the BIOS file bag that legal publisher issues, and then verify the legitimacy of its BIOS updating file obtained, improve security BIOS upgraded by BIOS updating file.
Further, electronic equipment also comprises:
First arithmetic element 304, calculates for adopting the first algorithm the first proof test value obtaining BIOS file bag; Wherein, the first proof test value is the proof test value of the integrality for verifying BIOS file bag; The digital signature of digital signature generation unit specifically for adopting private key to calculate BIOS file bag and the first proof test value.
Due in such scheme, publisher is before employing rivest, shamir, adelman is encrypted BIOS file bag, the check code for characterizing the complete type of BIOS file bag is added in BIOS file bag, and then avoid user to carry out BIOS renewal based on incomplete BIOS file, improve security BIOS upgraded by BIOS updating file.
Various data processing method in data processing method in previous embodiment 1 and instantiation are equally applicable to the electronic equipment of embodiment 3, by in previous embodiment 1 to the detailed description of data processing method, those skilled in the art clearly can know the implementation method of electronic equipment in embodiment 3, so succinct in order to instructions, be not described in detail in this.
Embodiment 4
Corresponding with the data processing method that embodiment 2 provides, the embodiment of the present application 4 provides a kind of electronic equipment, and electronic equipment has basic input-output system BIOS; Please refer to Fig. 5, electronic equipment comprises:
Acquiring unit 401, for obtaining BIOS file bag;
Digital signature authentication unit 402, for the legitimacy of the digital signature of the public key verifications BIOS file bag by legal publisher;
Upgrading control module 403, by BIOS file bag, BIOS being upgraded for refusing when the digital signature of BIOS file bag is illegal.
Due in such scheme, electronic equipment, after getting BIOS file bag, needs the legitimacy verifying this file bag.Because the publisher of BIOS file bag carries out digital signature by private key to the BIOS file bag that it is issued, therefore, the legitimacy of this digital signature can be verified by the PKI of legal publisher, BIOS file bag can be deciphered if used public-key, then show that digital signature is legal; Otherwise, show that digital signature is illegal.
Because this digital signature is generated according to its private key grasped by BIOS file publisher, there is nonreversibility, unforgeable, therefore, by the legitimacy of the digital signature of the public key verifications BIOS file of legal publisher, the BIOS file of acquisition can be picked out whether by legal BIOS file publisher is issued, and then the BIOS file avoiding user to issue according to illegal publisher carries out BIOS renewal, cause BIOS system failure, or implanted wooden horse in BIOS system, improves the security upgraded BIOS by BIOS updating file.
Further, when legal BIOS publisher all carries out digital signature to BIOS, directly can judge that the BIOS file bag not comprising digital signature obtained is illegal, avoid electronic equipment to carry out BIOS renewal according to the BIOS file bag not comprising digital signature.
Further, please refer to Fig. 6, this electronic equipment also comprises:
First judging unit 404, for judging whether BIOS file bag comprises digital signature;
Upgrade control module 403, also for: when BIOS file comprises digital signature, refuse to be upgraded BIOS by BIOS file bag;
Digital signature authentication unit 402, specifically for: when BIOS file handbag is containing digital signature, by the legitimacy of the digital signature of the public key verifications BIOS file bag of legal publisher.
Due to when legal BIOS publisher all carries out digital signature to BIOS, directly can judge that the BIOS file bag not comprising digital signature obtained is illegal, avoid electronic equipment to carry out BIOS renewal according to the BIOS file bag not comprising digital signature, improve security BIOS upgraded by BIOS updating file.
Further, upgrade control module 403, also for: BIOS is upgraded according to BIOS file bag when the digital signature of BIOS file bag is legal.
Owing to there being legal digital signature, can ensureing that this BIOS file bag is issued by legal publisher, improve security BIOS upgraded by BIOS file bag.
Further, when comprising the data for verifying BIOS file integrality in the BIOS file issued, integrity measurement is carried out; Electronic equipment also comprises:
Second arithmetic element 405, for the second proof test value adopting the first algorithm to calculate BIOS file bag when the digital signature of BIOS file bag is legal; Wherein, the second proof test value is the proof test value of the integrality for verifying BIOS file bag; First algorithm is the cryptographic algorithm that can be used in generation second proof test value;
Integrity verifying unit 406, for judging that whether the second proof test value is identical with the first proof test value that BIOS file handbag contains; First proof test value is that the publisher of BIOS file bag adopts the first algorithm to generate;
Upgrade control module 403, also for: BIOS is upgraded according to BIOS file bag when the second proof test value is identical with the first proof test value; And refuse to be upgraded BIOS by BIOS file bag when the second proof test value and the first proof test value are not identical.
Further, the second arithmetic element 405, also for: adopt hash algorithm to calculate the cryptographic hash of BIOS system after upgrading according to BIOS file bag;
Electronic equipment also comprises: storage unit 407, for storing cryptographic hash, to be characterized the legitimacy of BIOS system by cryptographic hash.
Specifically, electronic equipment comprises credible password module, or credible platform module, credible password module or credible platform module can store the legal cryptographic hash of BIOS system, before each run BIOS system, electronic equipment all can verify whether current BIOS system is legal BIOS, verification mode is the cryptographic hash calculating current BIOS system, the legal cryptographic hash stored in this value and credible platform module or credible password module is compared, only when comparison is consistent, just run BIOS system, avoid electronic equipment based on the BIOS system cloud gray model being tampered or implanting wooden horse, improve the security of electronic equipment.
Various data processing method in data processing method in previous embodiment 2 and instantiation are equally applicable to the electronic equipment of embodiment 4, by in previous embodiment 2 to the detailed description of data processing method, those skilled in the art clearly can know the implementation method of electronic equipment in embodiment 4, so succinct in order to instructions, be not described in detail in this.
The one or more technical schemes provided in the embodiment of the present application, at least have following technique effect or advantage:
1, due in the embodiment of the present application, when BIOS file publisher issues BIOS file, asymmetric cryptographic algorithm is adopted to calculate the digital signature of BIOS file, the private key that this digital signature can only be grasped by this publisher generates, there is nonreversibility, unforgeable, make illegal distribution person can not forge the digital signature consistent with legal publisher, and after other people can not distort in the BIOS file issued legal publisher, add the digital signature consistent with legal publisher, like this, make BIOS file download person can by the legitimacy of the digital signature of public key verifications BIOS updating file disclosed in legal publisher, also namely verify whether BIOS file bag is the BIOS file bag that legal publisher issues, and then verify the legitimacy of its BIOS updating file obtained, improve security BIOS upgraded by BIOS updating file.
2, due in the embodiment of the present application, BIOS file download person is after getting BIOS file bag, by the legitimacy of the digital signature of public key verifications BIOS file bag disclosed in legal BIOS file publisher, because this digital signature is generated according to its private key grasped by BIOS file publisher, there is nonreversibility, unforgeable.Therefore, by the legitimacy of the digital signature of the public key verifications BIOS file of legal publisher, the BIOS file of acquisition can be picked out whether by legal BIOS file publisher is issued, and then the BIOS file avoiding user to issue according to illegal publisher carries out BIOS renewal, cause BIOS system failure, or implanted wooden horse in BIOS system, improves the security upgraded BIOS by BIOS updating file.
Those skilled in the art should understand, the embodiment of the application can be provided as method, system or computer program.Therefore, the application can adopt the form of complete hardware embodiment, completely software implementation or the embodiment in conjunction with software and hardware aspect.And the application can adopt in one or more form wherein including the upper computer program implemented of computer-usable storage medium (including but not limited to magnetic disk memory, CD-ROM, optical memory etc.) of computer usable program code.
The application describes with reference to according to the process flow diagram of the method for the embodiment of the present application, equipment (system) and computer program and/or block scheme.Should understand can by the combination of the flow process in each flow process in computer program instructions realization flow figure and/or block scheme and/or square frame and process flow diagram and/or block scheme and/or square frame.These computer program instructions can being provided to the processor of multi-purpose computer, special purpose computer, Embedded Processor or other programmable data processing device to produce a machine, making the instruction performed by the processor of computing machine or other programmable data processing device produce device for realizing the function of specifying in process flow diagram flow process or multiple flow process and/or block scheme square frame or multiple square frame.
These computer program instructions also can be stored in can in the computer-readable memory that works in a specific way of vectoring computer or other programmable data processing device, the instruction making to be stored in this computer-readable memory produces the manufacture comprising command device, and this command device realizes the function of specifying in process flow diagram flow process or multiple flow process and/or block scheme square frame or multiple square frame.
These computer program instructions also can be loaded in computing machine or other programmable data processing device, make on computing machine or other programmable devices, to perform sequence of operations step to produce computer implemented process, thus the instruction performed on computing machine or other programmable devices is provided for the step realizing the function of specifying in process flow diagram flow process or multiple flow process and/or block scheme square frame or multiple square frame.
Specifically, computer program instructions corresponding to the data processing method in the embodiment of the present application 1 can be stored in CD, hard disk, on the storage mediums such as USB flash disk, when the computer program instructions corresponding with information processing method in storage medium to be read by electronic equipment or be performed, comprise the steps:
BIOS file bag is packaged as by needing the basic input-output system BIOS file carrying out issuing;
The private key of the publisher of described BIOS file bag is adopted to calculate the digital signature of described BIOS file bag;
Issue and comprise the BIOS file bag of described digital signature, to make the download of described BIOS file bag can enough by the legitimacy of BIOS file bag described in the public key verifications of legal publisher.
Optionally, other computer instruction is also stored in described storage medium, these computer instructions with step: adopting the private key of the publisher of described BIOS file bag to calculate before computer instruction corresponding to the digital signature of described BIOS file bag is performed and be performed, comprising the steps: when being performed
The first algorithm is adopted to calculate the first proof test value obtaining described BIOS file bag; Wherein, described first proof test value is the proof test value of the integrality for verifying described BIOS file bag;
That store in described storage medium and step: adopt the private key of the publisher of described BIOS file bag to calculate the digital signature of described BIOS file bag, corresponding computer instruction is specifically being performed in process, is specially following steps:
Described private key is adopted to calculate the digital signature of described BIOS file bag and described first proof test value.
Computer program instructions corresponding to the data processing method in the embodiment of the present application 2 can be stored in CD, hard disk, on the storage mediums such as USB flash disk, when the computer program instructions corresponding with information processing method in storage medium to be read by electronic equipment or be performed, comprise the steps:
Obtain BIOS file bag;
By the legitimacy of the digital signature of BIOS file bag described in the public key verifications of legal publisher;
If the result shows that the digital signature of described BIOS file bag is illegal, then refuse to be upgraded BIOS by described BIOS file bag.
Optionally, other computer instruction is also stored in described storage medium, these computer instructions with step: being performed after being performed by the computer instruction that the legitimacy of the digital signature of BIOS file bag described in the public key verifications of legal publisher is corresponding, comprising the steps: when being performed
Judge whether described BIOS file bag comprises digital signature;
If do not comprise, then refuse to be upgraded BIOS by described BIOS file bag;
That store in described storage medium and step: by the legitimacy of the digital signature of BIOS file bag described in the public key verifications of legal publisher, corresponding computer instruction, being specifically performed in process, specifically comprises the steps:
When judged result shows described BIOS file handbag containing digital signature, by the legitimacy of the digital signature of BIOS file bag described in the described public key verifications of legal publisher.
Optionally, other computer instruction is also stored in described storage medium, these computer instructions with step: being performed after being performed by the computer instruction that the legitimacy of the digital signature of BIOS file bag described in the public key verifications of legal publisher is corresponding, comprising the steps: when being performed
If the result shows that the digital signature of described BIOS file bag is legal, then according to described BIOS file bag, BIOS is upgraded.
Optionally, other computer instruction is also stored in described storage medium, these computer instructions with step: being performed after being performed by the computer instruction that the legitimacy of BIOS file bag described in the public key verifications of legal publisher is corresponding, comprising the steps: when being performed
If the result shows that the digital signature of described BIOS file bag is legal, then the first algorithm is adopted to calculate the second proof test value of described BIOS file bag; Wherein, described second proof test value is the proof test value of the integrality for verifying described BIOS file bag;
Judge that whether the first proof test value that described second proof test value and described BIOS file handbag contain is identical; Described first proof test value adopts described first algorithm to generate by the publisher of described BIOS file bag;
If identical, then according to described BIOS file bag, BIOS is upgraded; Otherwise, refuse to be upgraded BIOS by described BIOS file bag.
Optionally, other computer instruction is also stored in described storage medium, these computer instructions with step: if identical, then carry out upgrading after corresponding computer instruction is performed to BIOS according to described BIOS file bag and be performed, comprising the steps: when being performed
Hash algorithm is adopted to calculate the cryptographic hash of the BIOS system after upgrading according to described BIOS file bag;
Store described cryptographic hash, to be characterized the legitimacy of described BIOS system by described cryptographic hash.
Although described the preferred embodiment of the application, those skilled in the art once obtain the basic creative concept of cicada, then can make other change and amendment to these embodiments.So claims are intended to be interpreted as comprising preferred embodiment and falling into all changes and the amendment of the application's scope.
Obviously, those skilled in the art can carry out various change and modification to the application and not depart from the spirit and scope of the application.Like this, if these amendments of the application and modification belong within the scope of the application's claim and equivalent technologies thereof, then the application is also intended to comprise these change and modification.
Claims (14)
1. a data processing method, described method comprises:
BIOS file bag is packaged as by needing the basic input-output system BIOS file carrying out issuing;
The private key of the publisher of described BIOS file bag is adopted to calculate the digital signature of described BIOS file bag;
Issue and comprise the BIOS file bag of described digital signature, to make the download of described BIOS file bag can enough by the legitimacy of BIOS file bag described in the public key verifications of legal publisher.
2. the method for claim 1, is characterized in that, before the private key of the publisher of described employing described BIOS file bag calculates the digital signature of described BIOS file bag, described method also comprises:
The first algorithm is adopted to calculate the first proof test value obtaining described BIOS file bag; Wherein, described first proof test value is the proof test value of the integrality for verifying described BIOS file bag;
The private key of the publisher of described employing described BIOS file bag calculates the digital signature of described BIOS file bag, comprising:
Described private key is adopted to calculate the digital signature of described BIOS file bag and described first proof test value.
3. a data processing method, is applied to the electronic equipment with basic input-output system BIOS, and described method comprises:
Obtain BIOS file bag;
By the legitimacy of the digital signature of BIOS file bag described in the public key verifications of legal publisher;
If the result shows that the digital signature of described BIOS file bag is illegal, then refuse to be upgraded BIOS by described BIOS file bag.
4. method as claimed in claim 3, is characterized in that, before the legitimacy of the digital signature of BIOS file bag described in the described public key verifications by legal publisher, described method also comprises:
Judge whether described BIOS file bag comprises digital signature;
If do not comprise, then refuse to be upgraded BIOS by described BIOS file bag;
The legitimacy of the digital signature of BIOS file bag described in the described public key verifications by legal publisher, is specially:
When judged result shows described BIOS file handbag containing digital signature, by the legitimacy of the digital signature of BIOS file bag described in the described public key verifications of legal publisher.
5. the method as described in claim 3 or 4, is characterized in that, after the legitimacy of the digital signature of BIOS file bag described in the described public key verifications by legal publisher, described method also comprises:
If the result shows that the digital signature of described BIOS file bag is legal, then according to described BIOS file bag, BIOS is upgraded.
6. the method as described in claim 3 or 4, is characterized in that, after the legitimacy of BIOS file bag described in the described public key verifications by legal publisher, described method also comprises:
If the result shows that the digital signature of described BIOS file bag is legal, then the first algorithm is adopted to calculate the second proof test value of described BIOS file bag; Wherein, described second proof test value is the proof test value of the integrality for verifying described BIOS file bag;
Judge that whether the first proof test value that described second proof test value and described BIOS file handbag contain is identical; Described first proof test value adopts described first algorithm to generate by the publisher of described BIOS file bag;
If identical, then according to described BIOS file bag, BIOS is upgraded; Otherwise, refuse to be upgraded BIOS by described BIOS file bag.
7. method as claimed in claim 6, is characterized in that, if described identical, then, after upgrading BIOS according to described BIOS file bag, described method also comprises:
Hash algorithm is adopted to calculate the cryptographic hash of the BIOS system after upgrading according to described BIOS file bag;
Store described cryptographic hash, to be characterized the legitimacy of described BIOS system by described cryptographic hash.
8. an electronic equipment, comprising:
File packaged unit, for needing the basic input-output system BIOS file carrying out issuing to be packaged as BIOS file bag;
Digital signature generation unit, the private key for the publisher adopting described BIOS file bag calculates the digital signature of described BIOS file bag;
Release unit, for issuing the BIOS file bag comprising described digital signature, to make the download of described BIOS file bag can enough by the legitimacy of BIOS file bag described in the public key verifications of legal publisher.
9. electronic equipment as claimed in claim 8, it is characterized in that, described electronic equipment also comprises:
First arithmetic element, calculates for adopting the first algorithm the first proof test value obtaining described BIOS file bag; Wherein, described first proof test value is the proof test value of the integrality for verifying described BIOS file bag; The digital signature of described digital signature generation unit specifically for adopting described private key to calculate described BIOS file bag and described first proof test value.
10. an electronic equipment, described electronic equipment has basic input-output system BIOS, and described electronic equipment comprises:
Acquiring unit, for obtaining BIOS file bag;
Digital signature authentication unit, for the legitimacy of the digital signature of BIOS file bag described in the public key verifications by legal publisher;
Upgrading control module, by described BIOS file bag, BIOS being upgraded for refusing when the digital signature of described BIOS file bag is illegal.
11. electronic equipments as claimed in claim 10, it is characterized in that, described electronic equipment also comprises:
First judging unit, for judging whether described BIOS file bag comprises digital signature;
Described renewal control module, also for: when described BIOS file comprises digital signature, refuse to be upgraded BIOS by described BIOS file bag;
Described digital signature authentication unit, specifically for: when described BIOS file handbag is containing digital signature, by the legitimacy of the digital signature of BIOS file bag described in the described public key verifications of legal publisher.
12. electronic equipments as claimed in claim 8 or 9, is characterized in that, described renewal control module, also for: BIOS is upgraded according to described BIOS file bag when the digital signature of described BIOS file bag is legal.
13. electronic equipments as claimed in claim 8 or 9, it is characterized in that, described electronic equipment also comprises:
Second arithmetic element, for adopting the first algorithm to calculate the second proof test value of described BIOS file bag when the digital signature of described BIOS file bag is legal; Wherein, described second proof test value is the proof test value of the integrality for verifying described BIOS file bag; Described first algorithm is the cryptographic algorithm that can be used in generating described second proof test value;
Whether integrity verifying unit is identical for judging the first proof test value that described second proof test value and described BIOS file handbag contain; Described first proof test value is that the publisher of described BIOS file bag adopts described first algorithm to generate;
Described renewal control module, also for: BIOS is upgraded according to described BIOS file bag when described second proof test value is identical with described first proof test value; And refuse when described second proof test value is not identical with described first proof test value to be upgraded BIOS by described BIOS file bag.
14. electronic equipments as claimed in claim 11, is characterized in that:
Second arithmetic element, also for: adopt hash algorithm to calculate the cryptographic hash of BIOS system after upgrading according to described BIOS file bag;
Described electronic equipment also comprises: storage unit, for storing described cryptographic hash, to be characterized the legitimacy of described BIOS system by described cryptographic hash.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410086060.XA CN104915591A (en) | 2014-03-10 | 2014-03-10 | Data processing method and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410086060.XA CN104915591A (en) | 2014-03-10 | 2014-03-10 | Data processing method and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104915591A true CN104915591A (en) | 2015-09-16 |
Family
ID=54084653
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410086060.XA Pending CN104915591A (en) | 2014-03-10 | 2014-03-10 | Data processing method and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104915591A (en) |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105488423A (en) * | 2015-11-20 | 2016-04-13 | 北京天行网安信息技术有限责任公司 | Data file auditing and checking system and method |
| CN106934289A (en) * | 2015-12-30 | 2017-07-07 | 北京展讯高科通信技术有限公司 | Verification and the method for forming signature image |
| CN106960155A (en) * | 2017-03-28 | 2017-07-18 | 联想(北京)有限公司 | The update method and device of a kind of basic input output system |
| CN108228219A (en) * | 2018-02-28 | 2018-06-29 | 郑州云海信息技术有限公司 | The method and device of BIOS legitimacies is verified when refreshing BIOS outside a kind of band |
| CN108255505A (en) * | 2018-01-10 | 2018-07-06 | 浪潮(北京)电子信息产业有限公司 | A kind of firmware update, device, equipment and computer readable storage medium |
| CN108256355A (en) * | 2018-02-28 | 2018-07-06 | 郑州云海信息技术有限公司 | The method and device of BIOS integralities is verified when refreshing BIOS outside a kind of band |
| CN108304206A (en) * | 2018-02-11 | 2018-07-20 | 广东美的厨房电器制造有限公司 | Upgrade method, device, computer equipment, program product and storage medium |
| CN108376077A (en) * | 2018-02-11 | 2018-08-07 | 广东美的厨房电器制造有限公司 | The upgrade method and device of control unit |
| CN108459866A (en) * | 2018-02-11 | 2018-08-28 | 广东美的厨房电器制造有限公司 | Upgrade method, device, computer equipment, program product and storage medium |
| CN108959973A (en) * | 2018-06-27 | 2018-12-07 | 郑州云海信息技术有限公司 | A kind of guard method and system refreshed for BMC firmware |
| CN109063470A (en) * | 2018-07-26 | 2018-12-21 | 郑州云海信息技术有限公司 | A kind of safe verification method and system of BMC firmware |
| CN109829294A (en) * | 2019-01-31 | 2019-05-31 | 云丁网络技术(北京)有限公司 | A kind of firmware validation method, system, server and electronic equipment |
| CN109934017A (en) * | 2019-03-12 | 2019-06-25 | 苏州科达科技股份有限公司 | Check information generates and file integrality method of calibration, system, equipment and medium |
| WO2020119138A1 (en) * | 2018-12-14 | 2020-06-18 | 广东浪潮大数据研究有限公司 | Method for verifying credibility of bios restored file and relevant device |
| CN114253576A (en) * | 2021-12-13 | 2022-03-29 | 苏州浪潮智能科技有限公司 | Method, device, storage medium and equipment for double BIOS mirror image refreshing verification |
| CN114721693A (en) * | 2022-03-22 | 2022-07-08 | 飞腾信息技术有限公司 | Microprocessor, BIOS firmware update method, computer equipment and storage medium |
| CN114780929A (en) * | 2022-04-01 | 2022-07-22 | 联想(北京)有限公司 | Electronic equipment and processing method |
| US11743336B2 (en) | 2018-07-04 | 2023-08-29 | Yunding Network Technology (Beijing) Co., Ltd. | Method and system for operating an electronic device |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1570865A (en) * | 2004-04-29 | 2005-01-26 | 杭州斯达康通讯有限公司 | Method for downloading computer data to mobile phone |
| CN1591362A (en) * | 2003-08-25 | 2005-03-09 | 联想(北京)有限公司 | Safety chip information processing apparatus and starting method based on chip |
| CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
| CN102064939A (en) * | 2009-11-13 | 2011-05-18 | 福建联迪商用设备有限公司 | Method for authenticating point of sail (POS) file and method for maintaining authentication certificate |
| CN102299747A (en) * | 2010-06-22 | 2011-12-28 | 上海云途信息技术有限公司 | Device, system and method for performing safe data communication based on sound waves |
| CN102663292A (en) * | 2012-03-26 | 2012-09-12 | 大唐微电子技术有限公司 | Method and system for realizing smart card application and deployment |
| US20130013905A1 (en) * | 2011-07-07 | 2013-01-10 | Held James P | Bios flash attack protection and notification |
| CN103279372A (en) * | 2013-05-23 | 2013-09-04 | 青岛海信宽带多媒体技术有限公司 | Set top box software upgrading method and set top box |
| CN103460195A (en) * | 2011-02-11 | 2013-12-18 | 西门子医疗保健诊断公司 | System and method for secure software update |
-
2014
- 2014-03-10 CN CN201410086060.XA patent/CN104915591A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1591362A (en) * | 2003-08-25 | 2005-03-09 | 联想(北京)有限公司 | Safety chip information processing apparatus and starting method based on chip |
| CN1570865A (en) * | 2004-04-29 | 2005-01-26 | 杭州斯达康通讯有限公司 | Method for downloading computer data to mobile phone |
| CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
| CN102064939A (en) * | 2009-11-13 | 2011-05-18 | 福建联迪商用设备有限公司 | Method for authenticating point of sail (POS) file and method for maintaining authentication certificate |
| CN102299747A (en) * | 2010-06-22 | 2011-12-28 | 上海云途信息技术有限公司 | Device, system and method for performing safe data communication based on sound waves |
| CN103460195A (en) * | 2011-02-11 | 2013-12-18 | 西门子医疗保健诊断公司 | System and method for secure software update |
| US20130013905A1 (en) * | 2011-07-07 | 2013-01-10 | Held James P | Bios flash attack protection and notification |
| CN102663292A (en) * | 2012-03-26 | 2012-09-12 | 大唐微电子技术有限公司 | Method and system for realizing smart card application and deployment |
| CN103279372A (en) * | 2013-05-23 | 2013-09-04 | 青岛海信宽带多媒体技术有限公司 | Set top box software upgrading method and set top box |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105488423A (en) * | 2015-11-20 | 2016-04-13 | 北京天行网安信息技术有限责任公司 | Data file auditing and checking system and method |
| CN106934289A (en) * | 2015-12-30 | 2017-07-07 | 北京展讯高科通信技术有限公司 | Verification and the method for forming signature image |
| CN106960155A (en) * | 2017-03-28 | 2017-07-18 | 联想(北京)有限公司 | The update method and device of a kind of basic input output system |
| CN108255505A (en) * | 2018-01-10 | 2018-07-06 | 浪潮(北京)电子信息产业有限公司 | A kind of firmware update, device, equipment and computer readable storage medium |
| CN108459866A (en) * | 2018-02-11 | 2018-08-28 | 广东美的厨房电器制造有限公司 | Upgrade method, device, computer equipment, program product and storage medium |
| CN108304206A (en) * | 2018-02-11 | 2018-07-20 | 广东美的厨房电器制造有限公司 | Upgrade method, device, computer equipment, program product and storage medium |
| CN108376077A (en) * | 2018-02-11 | 2018-08-07 | 广东美的厨房电器制造有限公司 | The upgrade method and device of control unit |
| CN108228219A (en) * | 2018-02-28 | 2018-06-29 | 郑州云海信息技术有限公司 | The method and device of BIOS legitimacies is verified when refreshing BIOS outside a kind of band |
| CN108256355A (en) * | 2018-02-28 | 2018-07-06 | 郑州云海信息技术有限公司 | The method and device of BIOS integralities is verified when refreshing BIOS outside a kind of band |
| CN108959973A (en) * | 2018-06-27 | 2018-12-07 | 郑州云海信息技术有限公司 | A kind of guard method and system refreshed for BMC firmware |
| US11743336B2 (en) | 2018-07-04 | 2023-08-29 | Yunding Network Technology (Beijing) Co., Ltd. | Method and system for operating an electronic device |
| CN109063470A (en) * | 2018-07-26 | 2018-12-21 | 郑州云海信息技术有限公司 | A kind of safe verification method and system of BMC firmware |
| WO2020119138A1 (en) * | 2018-12-14 | 2020-06-18 | 广东浪潮大数据研究有限公司 | Method for verifying credibility of bios restored file and relevant device |
| CN109829294A (en) * | 2019-01-31 | 2019-05-31 | 云丁网络技术(北京)有限公司 | A kind of firmware validation method, system, server and electronic equipment |
| CN109934017A (en) * | 2019-03-12 | 2019-06-25 | 苏州科达科技股份有限公司 | Check information generates and file integrality method of calibration, system, equipment and medium |
| CN114253576A (en) * | 2021-12-13 | 2022-03-29 | 苏州浪潮智能科技有限公司 | Method, device, storage medium and equipment for double BIOS mirror image refreshing verification |
| CN114253576B (en) * | 2021-12-13 | 2024-01-09 | 苏州浪潮智能科技有限公司 | Method, device, storage medium and equipment for dual BIOS mirror image refreshing verification |
| CN114721693A (en) * | 2022-03-22 | 2022-07-08 | 飞腾信息技术有限公司 | Microprocessor, BIOS firmware update method, computer equipment and storage medium |
| CN114780929A (en) * | 2022-04-01 | 2022-07-22 | 联想(北京)有限公司 | Electronic equipment and processing method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104915591A (en) | Data processing method and electronic equipment | |
| EP3642751B1 (en) | Mutual authentication with integrity attestation | |
| EP3458999B1 (en) | Self-contained cryptographic boot policy validation | |
| KR101740256B1 (en) | Apparatus for mobile app integrity assurance and method thereof | |
| US9276752B2 (en) | System and method for secure software update | |
| CN103530534B (en) | A kind of Android program ROOT authorization method based on signature verification | |
| CN102509047B (en) | Method and system for verifying program code in set-top box | |
| US11050562B2 (en) | Target device attestation using a trusted platform module | |
| US10503931B2 (en) | Method and apparatus for dynamic executable verification | |
| CN104426658B (en) | The method and device of authentication is carried out to the application on mobile terminal | |
| CN103577206A (en) | Method and device for installing application software | |
| CN104995629A (en) | Continuation of trust for platform boot firmware | |
| CN104932902A (en) | Method for generating APK file and terminal | |
| CN109614769A (en) | Secure operating system boot according to reference platform manifest and data encapsulation | |
| KR20150035249A (en) | Recording medium storing application package, method and apparatus of creating application package, method and apparatus of executing application package | |
| CN104462965A (en) | Method for verifying integrity of application program and network device | |
| CN106156635A (en) | Method for starting terminal and device | |
| CN102314578A (en) | System and method for realizing software protection | |
| CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
| CN104573490A (en) | Method for protecting installed software on Android platform | |
| WO2015042981A1 (en) | Encryption and decryption processing method, apparatus and device | |
| CN102663292A (en) | Method and system for realizing smart card application and deployment | |
| EP2547135A2 (en) | Apparatus and method for preventing copying of terminal unique information in portable terminal | |
| CN106778099A (en) | The generation method and device of anti-tamper APK, install and operation method and device | |
| CN109086578A (en) | A kind of method that soft ware authorization uses, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150916 |