A kind of boot firmware method for refreshing and deviceTechnical field
This application involves firmware security technology areas, more particularly to a kind of boot firmware method for refreshing and device.
Background technique
When server and personal computer start, need to establish between operating system and device hardware by boot firmwareAssociation, to guarantee that hardware device is able to respond operating system sending when server and personal computer work normallyInstruction, execution correspondingly operates and operating system can receive the signal of hardware device transmission, and carries out to the signal correspondingGround processing.It can be seen that boot firmware plays a part of important form a connecting link in server and personal computer.
Nowadays, with the quick upgrading of operating system and the high request of hardware multi-configuration, the update of boot firmware also becomesIt obtaining more frequent, it is generally the case that client is updated boot firmware by writing with a brush dipped in Chinese ink the image file realization of boot firmware,However, if the reasons change such as being tampered because source modify, carries viral or content for refreshing the image file of boot firmwareFor unsafe image file, then also unsafe based on the updated boot firmware of the image file, it is this notThe boot firmware of safety will affect the safety of server or PC device entirety, affect the stabilization of operating systemProperty, damage server the problems such as.
In the prior art, it is typically based on the CRC check of MD5 security verification or partial content, guarantees the mirror of boot firmwareAs the safety of file.However, these verification modes there are Encryption Algorithm it is unreliable, completeness check is not comprehensive the problems such as, phaseYing Di, can not reliably guarantee the safety of the image file of boot firmware based on these verification modes, and client is receivingAfter the image file of boot firmware, it is possible to whether can not accurately know the image file safe, and then use may causeBoot firmware is without knowing it refreshed using unsafe image file in family.
Summary of the invention
In order to solve the above-mentioned technical problem, this application provides a kind of boot firmware method for refreshing, can reliably guaranteeImage file for refreshing boot firmware is secure file.
The embodiment of the present application discloses following technical solution:
In a first aspect, the embodiment of the present application provides a kind of boot firmware method for refreshing, it is applied to server end, the sideMethod includes:
Script and private key are calculated using digital signature, calculates the corresponding digital signature of former data, the original data are firstFor refreshing the total data of boot firmware in image file;
The corresponding public key of the private key is stored in storage chip, the write-protect to the storage chip is opened;
The digital signature and first image file are sent to client, so that client is in the digital signatureAfter being verified, according to the former Refresh Data boot firmware.
Optionally, the method also includes:
Digital signature field is set in first image file;Then the former data are to remove in first image fileThe remainder data other than data in the digital signature field;
It is described the digital signature and first image file are sent to client before, the method is also wrappedIt includes:
The digital signature is inserted into the digital signature field, generates the second image file;
It is then described that the digital signature and first image file are sent to client, comprising:
Second image file is sent to the client.
Optionally, described to calculate script and private key using digital signature, the former data calculated in the first image file are correspondingDigital signature, comprising:
Hash calculation is carried out to the former data using hash algorithm, obtains the cryptographic Hash of the former data;
Using digital signing tool and the private key, the cryptographic Hash is encrypted using digital signature encryption algorithmProcessing, generates the digital signature.
Optionally, the hash algorithm is SHA256 algorithm, and the digital signing tool is Openssl tool, the numberWord Signcryption Algorithm is RSA2048 algorithm.
Second aspect, the embodiment of the present application provide a kind of boot firmware method for refreshing, are applied to client, the methodInclude:
Digital signature and the first image file from server end are received, is obtained from the storage chip being write-protected publicKey;
The digital signature is decrypted using the public key and digital signature decoding tool, if successful decryption, described in acquisitionCorresponding first cryptographic Hash of digital signature;
Hash calculation is carried out to the former data in first image file using hash algorithm and obtains the second cryptographic Hash, instituteStating former data is in first image file for refreshing the total data of boot firmware;
It verifies second cryptographic Hash and whether first cryptographic Hash is consistent, if unanimously, according to the former data brushNew boot firmware.
Optionally, if the digital signature is inserted in the digital signature field in first image file, the second mirror is generatedAs file;
The then digital signature and first image file of the reception from server end, comprising:
Receive second image file from the server end;
Before then described using the public key and the digital signature decoding tool decryption digital signature, the methodFurther include:
The digital signature is obtained from the digital signature field in second image file.
Optionally, the method also includes:
If decrypting the digital signature using the public key and the digital signature decoding tool to fail, mentioned to userShow that first image file is illegal.
Optionally, the method also includes:
If verifying second cryptographic Hash and first cryptographic Hash being inconsistent, the first mirror image text is prompted the user withPart is destroyed.
The third aspect, the embodiment of the present application provide a kind of for refreshing the server of boot firmware, the server packetIt includes:
Computing module, for calculating script and private key using digital signature, the corresponding digital signature of the former data of calculating is describedFormer data are in the first image file for refreshing the total data of boot firmware;
Memory module is opened for the corresponding public key of the private key to be stored in storage chip to the storage chipWrite-protect;
Sending module, for the digital signature and first image file to be sent to client, so that clientAfter the digital signature authentication passes through, according to the former Refresh Data boot firmware.
Fourth aspect, the embodiment of the present application provide a kind of for refreshing the client of boot firmware, the client packetIt includes:
Receiving module is deposited for receiving digital signature and the first image file from server end from what is be write-protectedPublic key is obtained in storage chip;
Deciphering module, for decrypting the digital signature using the public key and digital signature decoding tool, if decryptionSuccess, obtains corresponding first cryptographic Hash of the digital signature;
Computing module is obtained for carrying out Hash calculation to the former data in first image file using hash algorithmSecond cryptographic Hash, the original data are in first image file for refreshing the total data of boot firmware;
Authentication module, it is whether consistent for verifying second cryptographic Hash and first cryptographic Hash, if unanimously, basisThe original Refresh Data boot firmware.
The boot firmware method for refreshing provided by the embodiments of the present application it can be seen from above-mentioned technical proposal, in server end,Script and private key are calculated using digital signature, to the i.e. former data of the total data for being used to refresh boot firmware in the first image fileIt is digitally signed calculating, obtains the corresponding digital signature of former data;Then the private key for being used to calculate digital signature is correspondingPublic key is stored in storage chip, and opens write-protect to the storage chip;In turn, digital signature and the first image file are sent outIt send to client.After client receives digital signature and the first image file, obtained from the storage chip being write-protected publicThen key decrypts digital signature using the public key and corresponding digital signature decoding tool, number is obtained if successful decryptionIt signs corresponding first cryptographic Hash;In turn, Hash calculation is carried out to the former data in the first image file using hash algorithm to obtainTo the second cryptographic Hash, whether with second cryptographic Hash consistent, if unanimously, it is determined that be verified, accordingly if comparing first cryptographic HashGround can refresh boot firmware according to the first image file.
The first image file is handled using the method for refreshing of above-mentioned boot firmware, criminal is intercepting and capturing above-mentioned numberAfter word signature and the first image file, even if the good authentication digital signature, the first image file is distorted in completion, but byIn the absolute secret of private key for being originally used for calculating digital signature, therefore, after criminal can only be distorted using other key pairsImage file is handled, and corresponding digital signature is generated;Correspondingly, client receives the image file being tampered and shouldAfter the corresponding digital signature of image file, client obtains the corresponding public key of private key from the storage chip for open write-protect,Using public key decryptions digital signature therein, however, since the corresponding digital signature of the image file being tampered is using itThe encryption of his key generates, and public key corresponding with secure private key can not decrypt the digital signature, and correspondingly, client also can not be afterContinuous execute refreshes the operation such as boot firmware using the first image file, thus effectively prevents client and continue with to be tamperedImage file refresh boot firmware, ensure that boot firmware refresh safety.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show belowThere is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only thisSome embodiments of application without any creative labor, may be used also for those of ordinary skill in the artTo obtain other drawings based on these drawings.
Fig. 1 is a kind of flow diagram of boot firmware method for refreshing provided by the embodiments of the present application;
Fig. 2 is the flow diagram of another boot firmware method for refreshing provided by the embodiments of the present application;
Fig. 3 is provided by the embodiments of the present application for refreshing the structural schematic diagram of the server of boot firmware;
Fig. 4 is provided by the embodiments of the present application for refreshing the structural schematic diagram of the client of boot firmware.
Specific embodiment
In order to make those skilled in the art more fully understand application scheme, below in conjunction in the embodiment of the present applicationAttached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only thisApply for a part of the embodiment, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art existEvery other embodiment obtained under the premise of creative work is not made, shall fall in the protection scope of this application.
The description and claims of this application and term " first ", " second ", " third ", " in above-mentioned attached drawingThe (if present)s such as four " are to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should manageThe data that solution uses in this way are interchangeable under appropriate circumstances, so that embodiments herein described herein for example can be to removeSequence other than those of illustrating or describe herein is implemented.In addition, term " includes " and " having " and theirs is anyDeformation, it is intended that cover it is non-exclusive include, for example, containing the process, method of a series of steps or units, system, productionProduct or equipment those of are not necessarily limited to be clearly listed step or unit, but may include be not clearly listed or for thisA little process, methods, the other step or units of product or equipment inherently.
In the prior art, it is typically based on the CRC check of MD5 security verification or partial content, is guaranteed for refreshing guidanceThe image file of firmware is secure file.
When based on MD5 security verification, server end using MD5 value Core Generator to the data in image file atReason, obtains the corresponding MD5 value of image file, then by image file, the corresponding MD5 value of image file and MD5 value Core GeneratorIt is added in data packet and is sent to client;Correspondingly, it after client receives the data packet, is generated using MD5 value thereinTool handles the data in image file therein, is correspondingly made available MD5 value, and then compares the MD5 value and data packetIn MD5 value it is whether consistent, if unanimously, then it is assumed that the image file in data packet be it is safe, can use the image fileRefresh boot firmware.
However, lower based on the whether safe reliability of MD5 proof of algorithm image file, server is sent to clientData packet is once intercepted and captured by criminal, and criminal can directly carry out the school of MD5 value using MD5 value Core Generator thereinIt tests, after verification passes through, criminal can directly distort the data in image file and generate dangerous image file, in turn, weightNew MD5 Core Generator or other MD5 Core Generators using in data packet calculates the corresponding MD5 value of dangerous image file, and willDangerous image file, the corresponding MD5 value of dangerous image file and MD5 Core Generator are added in data packet and are sent to client.Client is after receiving the data packet as a result, is verified equally verify to MD5 value therein and passes through, in this way, clientBoot firmware is very likely refreshed using dangerous image file without knowing it in end.
When based on CRC check, server end calculates the corresponding check code of image file using CRC algorithm, due to CRC algorithmChecking algorithm is complex, and usually longer based on the check code that CRC algorithm is calculated, and therefore, server is based on the school CRCWhen checking method calculates image file corresponding check code, usually only chooses the data that part is more crucial in image file and calculate schoolTest code;Correspondingly, after image file and check code are sent to client by server, client also only needs to utilize calculating check codeWhen the data chosen carry out the verifying of check code.
However, this image file and check code based on CRC check be by criminal once intercepted and captured, criminal can be withBy distorting the data for not being used to calculate check code in image file, to distort image file, thus client is to verificationWhen code is verified, it can not also verify the image file and be tampered, and then client may be sharp without knowing itRefresh boot firmware with the image file being tampered.
In order to solve above-mentioned technical problem of the existing technology, the embodiment of the present application provides a kind of brush of boot firmwareNew method can guarantee the safety that boot firmware refreshes, the below first refreshing to boot firmware provided by the embodiments of the present applicationThe core technology thinking of method is introduced:
The boot firmware method for refreshing calculates script and private key in server end, using digital signature, to the first mirror image textIt is digitally signed calculating for refreshing the i.e. former data of total data of boot firmware in part, obtains the corresponding number label of former dataName;Then the corresponding public key of the private key for being used to calculate digital signature is stored in storage chip, and the storage chip is openedWrite-protect;In turn, digital signature and the first image file are sent to client.Client receives digital signature and the first mirrorAs obtaining public key from the storage chip being write-protected after file, then decrypted using the public key and corresponding digital signatureTool decrypts digital signature, and corresponding first cryptographic Hash of digital signature is obtained if successful decryption;In turn, using hash algorithm pairFormer data in first image file carry out Hash calculation and obtain the second cryptographic Hash, compare first cryptographic Hash and the second cryptographic HashIt is whether consistent, if unanimously, it is determined that be verified, correspondingly can refresh boot firmware according to the first image file.
The first image file is handled using the method for refreshing of above-mentioned boot firmware, criminal is intercepting and capturing above-mentioned numberAfter word signature and the first image file, even if the good authentication digital signature, the first image file is distorted in completion, but byIn the absolute secret of private key for being originally used for calculating digital signature, therefore, after criminal can only be distorted using other key pairsImage file is handled, and corresponding digital signature is generated;Correspondingly, client receives the image file being tampered and shouldAfter the corresponding digital signature of image file, client obtains the corresponding public key of private key from the storage chip for open write-protect,Using public key decryptions digital signature therein, however, since the corresponding digital signature of the image file being tampered is using itThe encryption of his key generates, and public key corresponding with secure private key can not decrypt the digital signature, and correspondingly, client also can not be afterContinuous execute refreshes the operation such as boot firmware using the first image file, thus effectively prevents client and continue with to be tamperedImage file refresh boot firmware, ensure that boot firmware refresh safety.
Boot firmware method for refreshing provided by the present application is introduced by way of examples below:
Referring to Fig. 1, Fig. 1 is the flow diagram of boot firmware method for refreshing provided by the embodiments of the present application.This method is answeredFor server end, method includes the following steps:
Step 101: calculating script and private key using digital signature, calculate the corresponding digital signature of former data, the original numberAccording to the total data to be used to refresh boot firmware in the first image file.
Server by utilizing digital signature calculates script and the private key with absolute privacy, to the original in the first image fileData are digitally signed calculating, obtain the corresponding digital signature of the first image file, wherein above-mentioned original data are the first mirrorTotal data as being used to refresh boot firmware in file.
Optionally, server can first be set in the first image file before calculating the corresponding digital signature of former dataDigital signature field is set, the digital signature field is for storing the corresponding digital signature of the first image file.For example, being for sizeThe image file of 32M, server can be set first region Block in the image file as digital signature field, i.e., willThe region of 0x1000000-0x1010000 is set as digital signature field.Correspondingly, if server is arranged in the first image fileDigital signature field, then other data in the first image file other than being stored in the data in digital signature field belong to originalData.
It should be understood that any region can be arranged as digital signature field, i.e. the first mirror in server in the first image fileIt is not limited in first region Block in the image file as the digital signature field in file.
Correspondingly, for server after digital signature is calculated using digital signature calculating script and private key, server canThe digital signature being calculated directly is inserted into the digital signature field, the second image file is generated, in second image fileNot only included digital signature but also included all former data in the first image file.It i.e. will be in digital signature and the first image fileFormer data are integrated, using the second image file as the carrier of the former data in carrying digital signature and the first image file.
Specific when calculating the corresponding digital signature of former data, server first uses hash algorithm to carry out Hash meter to former dataIt calculates, obtains the corresponding cryptographic Hash of former data;Then digital signing tool and above-mentioned private key are utilized, using digital signature encryption algorithmThe corresponding cryptographic Hash of former data is encrypted, the corresponding digital signature of former data is generated.
It should be understood that usually choosing the preferable hash algorithm of safety to guarantee digital signature safety with higherDigital signature is calculated with digital Signcryption Algorithm and the preferable digital signing tool of safety.
With used hash algorithm for SHA256 algorithm, the digital signing tool used is Openssl tool, instituteFor the digital signature encryption algorithm used is RSA2048 algorithm, when server calculates former data corresponding digital signature, serviceDevice carries out Hash calculation to the former data in the first image file using SHA256 algorithm, obtains corresponding cryptographic Hash;Then makeWith Openssl tool and RSA private key, the cryptographic Hash is encrypted using RSA2048 Encryption Algorithm, finally obtains originalThe corresponding digital signature of data.
It should be understood that server can also select other hash algorithms, digital signature encryption algorithm and digital signing tool,The corresponding digital signature of former data is calculated, used hash algorithm, digital signature encryption algorithm and number are not signed hereinName tool does any specific restriction.
Step 102: the corresponding public key of the private key being stored in storage chip, unlatching writes guarantor to the storage chipShield.
After digital signature is calculated in server, the corresponding public key of private key used when calculating digital signature is stored inIn storage chip, and the write-protect to the storage chip is opened, prevents the public key being stored in the storage chip by criminalIt distorts.
Specifically, the corresponding public key of private key can be stored in the BMC Flash of server by server, pass through byThe level of the corresponding write-protect pin of Flash is drawn high, and the write-protect to Flash is opened.
Step 103: the digital signature and first image file being sent to client, so that client is describedAfter digital signature authentication passes through, according to the former Refresh Data boot firmware.
In turn, digital signature and the first image file are sent to client by server, so that client is to digital signatureIt is verified, and after digital signature authentication passes through, it is solid according to the guidance of the former Refresh Data client in the first image filePart.
Optionally, if digital signature field, and the number that will be calculated is arranged in server end in the first image fileSignature is inserted into the digital signature field and generates the second image file, then this can directly not only have been included digital signature but also include by serverSecond image file of the former data in the first image file is sent to client.
The first image file is handled using the method for refreshing of above-mentioned boot firmware, criminal is intercepting and capturing above-mentioned numberAfter word signature and the first image file, even if the good authentication digital signature, the first image file is distorted in completion, but byIn the absolute secret of private key for being originally used for calculating digital signature, therefore, after criminal can only be distorted using other key pairsImage file is handled, and corresponding digital signature is generated;Correspondingly, client receives the image file being tampered and shouldAfter the corresponding digital signature of image file, client obtains the corresponding public key of private key from the storage chip for open write-protect,Using public key decryptions digital signature therein, however, since the corresponding digital signature of the image file being tampered is using itThe encryption of his key generates, and public key corresponding with secure private key can not decrypt the digital signature, and correspondingly, client also can not be afterContinuous execute refreshes the operation such as boot firmware using the first image file, thus effectively prevents client and continue with to be tamperedImage file refresh boot firmware, ensure that boot firmware refresh safety.
In addition, this method is applied to client the embodiment of the present application also provides a kind of boot firmware method for refreshing.Referring toFig. 2, Fig. 2 are the flow diagram of another boot firmware method for refreshing provided by the embodiments of the present application, as shown in Fig. 2, the partyMethod includes:
Step 201: digital signature and the first image file from server end are received, from the storage chip being write-protectedMiddle acquisition public key.
After client receives digital signature and the first image file of server end transmission, from the storage core being write-protectedPublic key corresponding with for calculating the private key of digital signature is obtained in piece, opens depositing for write-protect since the public key is stored inIt stores up in chip, therefore, which will not be tampered, i.e., the public key that obtains from storage chip of client is necessarily and for calculatingThe corresponding public key of the secure private key of digital signature.
Optionally, if signature digital block is arranged in server end in the first image file, and digital signature is inserted into the numberWord signature area generates the second image file, then correspondingly received as second image file arrived of client.Correspondingly, clientDigital signature is extracted from the signature digital block of second image file.
Specifically, client can be according to the position for the digital signature field that server end defines, accordingly in the second mirror imageDigital signature field is found in file, and therefrom for the data of interception regular length as digital signature, which is serverWhat end was negotiated in advance with client.
Step 202: the digital signature is decrypted using the public key and digital signature decoding tool, if successful decryption,Obtain corresponding first cryptographic Hash of the digital signature.
After client gets digital signature, the public key and digital signature decoding tool obtained from storage chip is utilizedThe digital signature is decrypted, if successful decryption, it is corresponding that client can correspondingly obtain digital signature
Specifically, client can be signed using number identical with digital signing tool used when calculating digital signatureName decoding tool, is decrypted digital signature.For example, if server calculates the digital signature work used when digital signatureTool is Openssl tool, then correspondingly can decrypt digital signature using Openssl tool when client decryption digital signature,Obtain corresponding first cryptographic Hash of the digital signature.
If client decrypts digital signature failure, illustrate the first image file and digital signature during transmissionIt may be tampered, which is not to be calculated using with the private key of the public key match, and correspondingly, client can be withIt is illegal to prompt the user with first image file, and refuses to execute subsequent operation, abandons the digital signature and the first mirror image textPart.
Step 203: Hash calculation being carried out to the former data in first image file using hash algorithm and obtains secondCryptographic Hash, the original data are in first image file for refreshing the total data of boot firmware.
In the case where digital signature successful decryption obtains corresponding first cryptographic Hash of digital signature, client continues benefitHash calculation is carried out to the former data in the first image file with hash algorithm, obtains the second cryptographic Hash, former data herein areFor refreshing the total data of boot firmware in first image file.
Specifically, client can using hash algorithm identical with used hash algorithm when calculating digital signature,Hash calculation is carried out to the former data in the first image file, obtains the second cryptographic Hash.For example, if server end uses SHA256Hash algorithm calculates digital signature, then client can be correspondingly using SHA256 algorithm to the former data in the first image fileHash calculation is carried out, the second cryptographic Hash is obtained.
Step 204: it verifies second cryptographic Hash and whether first cryptographic Hash is consistent, if unanimously, according toFormer Refresh Data boot firmware.
After the second cryptographic Hash is calculated, client validation second cryptographic Hash and decryption digital signature obtain first breathe outWhether uncommon value is consistent, if unanimously, illustrating that the former data in first image file are safe and reliable data, then client canTo utilize the former Refresh Data boot firmware in first image file.
If the second cryptographic Hash being calculated in client validation step 203 and decrypt in step 202 firstCryptographic Hash is different, then illustrates that first image file is likely to be broken, then client prompts the user with the first image file quiltIt destroys.
The first image file is handled using the method for refreshing of above-mentioned boot firmware, criminal is intercepting and capturing above-mentioned numberAfter word signature and the first image file, even if the good authentication digital signature, the first image file is distorted in completion, but byIn the absolute secret of private key for being originally used for calculating digital signature, therefore, after criminal can only be distorted using other key pairsImage file is handled, and corresponding digital signature is generated;Correspondingly, client receives the image file being tampered and shouldAfter the corresponding digital signature of image file, client obtains the corresponding public key of private key from the storage chip for open write-protect,Using public key decryptions digital signature therein, however, since the corresponding digital signature of the image file being tampered is using itThe encryption of his key generates, and public key corresponding with secure private key can not decrypt the digital signature, and correspondingly, client also can not be afterContinuous execute refreshes the operation such as boot firmware using the first image file, thus effectively prevents client and continue with to be tamperedImage file refresh boot firmware, ensure that boot firmware refresh safety.
In addition, present invention also provides a kind of for refreshing the server of boot firmware.Referring to Fig. 3, Fig. 3 draws for refreshingThe structural schematic diagram of the server 300 of firmware is led, which includes:
Computing module 301, for calculating the corresponding digital signature of former data using digital signature calculating script and private key,The original data are in the first image file for refreshing the total data of boot firmware;
Memory module 302 is opened for the corresponding public key of the private key to be stored in storage chip to the storage coreThe write-protect of piece;
Sending module 303, for the digital signature and first image file to be sent to client, so that clientEnd is after the digital signature authentication passes through, according to the former Refresh Data boot firmware.
Optionally, the server 300 further include:
Setup module, for digital signature field to be arranged in first image file;Then the former data are described theRemainder data in one image file in addition to the data in the digital signature field;
It is inserted into module, for the digital signature to be inserted into the digital signature field, generates the second image file;
Then the sending module 303 is specifically used for:
Second image file is sent to the client.
Optionally, the computing module 301 is specifically used for:
Hash calculation is carried out to the former data using hash algorithm, obtains the cryptographic Hash of the former data;
Using digital signing tool and the private key, the cryptographic Hash is encrypted using digital signature encryption algorithmProcessing, generates the digital signature.
Optionally, the hash algorithm is SHA256 algorithm, and the digital signing tool is Openssl tool, the numberWord Signcryption Algorithm is RSA2048 algorithm.
Present invention also provides a kind of for refreshing the client of boot firmware.Referring to fig. 4, Fig. 4 is solid for refreshing guidanceThe structural schematic diagram of the client 400 of part, the client 400 include:
Receiving module 401, for receiving digital signature and the first image file from server end, from what is be write-protectedPublic key is obtained in storage chip;
Deciphering module 402, for decrypting the digital signature using the public key and digital signature decoding tool, if solutionClose success obtains corresponding first cryptographic Hash of the digital signature;
Computing module 403, for carrying out Hash calculation to the former data in first image file using hash algorithmThe second cryptographic Hash is obtained, the original data are in first image file for refreshing the total data of boot firmware;
Authentication module 404, it is whether consistent for verifying second cryptographic Hash and first cryptographic Hash, if unanimously,According to the former Refresh Data boot firmware.
Optionally, if the digital signature is inserted in the digital signature field in first image file, the second mirror is generatedAs file;Then the receiving module 401 is specifically used for:
Receive second image file from the server end;
The client 400 further include:
Module is obtained, for obtaining the digital signature from the digital signature field in second image file.
Optionally, described device further includes the first cue module;
First cue module, if for decrypting the number using the public key and the digital signature decoding toolWord signature failure, then it is illegal to prompt the user with first image file.
Optionally, described device further includes the second cue module;
Second cue module, if inconsistent for verifying second cryptographic Hash and first cryptographic Hash, toUser prompts first image file to be destroyed.
The first image file is handled using the above-mentioned server for refreshing boot firmware, criminal is intercepting and capturingAfter above-mentioned digital signature and the first image file, even if the good authentication digital signature, the first image file is distorted in completion,But due to being originally used for calculating the absolute secret of private key of digital signature, criminal can only be usurped using other key pairsImage file after changing is handled, and corresponding digital signature is generated;Correspondingly, it is received for refreshing the client of boot firmwareTo after the image file being tampered and the corresponding digital signature of the image file, client is from the storage core for opening write-protectThe corresponding public key of private key is obtained in piece, using public key decryptions digital signature therein, however, due to the image file being tamperedCorresponding digital signature is encrypted using other keys and is generated, and public key corresponding with secure private key can not decrypt number labelName, correspondingly, client, which can not also be continued to execute, refreshes the operation such as boot firmware using the first image file, thus effectively preventsStop client and continued with the image file refreshing boot firmware being tampered, ensure that the safety that boot firmware refreshes.
It should be noted that all the embodiments in this specification are described in a progressive manner, each embodiment itBetween same and similar part may refer to each other, each embodiment focuses on the differences from other embodiments.For equipment and system embodiment, since it is substantially similar to the method embodiment, so describe fairly simple,The relevent part can refer to the partial explaination of embodiments of method.Equipment and system embodiment described above is only schematic, wherein unit may or may not be physically separated as illustrated by the separation member, it is shown as a unitComponent may or may not be physical unit, it can and it is in one place, or may be distributed over multiple networksOn unit.Some or all of the modules therein can be selected to achieve the purpose of the solution of this embodiment according to the actual needs.Those of ordinary skill in the art can understand and implement without creative efforts.
The above, only a kind of specific embodiment of the application, but the protection scope of the application is not limited thereto,Within the technical scope of the present application, any changes or substitutions that can be easily thought of by anyone skilled in the art,Should all it cover within the scope of protection of this application.Therefore, the protection scope of the application should be with scope of protection of the claimsSubject to.