Detailed Description
The invention is described in further detail below with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting thereof. It should be further noted that, for convenience of description, only some, but not all of the structures related to the present invention are shown in the drawings.
Example 1
Fig. 1 is a flowchart of an image verification method of an embedded system according to an embodiment of the present invention, where the method may be applied to a case of performing a secure startup of the system, and the method may be performed by an image verification device of the embedded system. As shown in fig. 1, the method specifically includes the following steps:
Step 110, obtaining mirror image data to be verified and fuse configuration; the mirror image data to be verified comprises data content to be verified, a data signature and an authentication certificate, and the fuse configuration comprises an authentication certificate abstract.
When the image data to be verified is the image data to be verified, which is downloaded from the upper computer to the system memory and is required to be verified, in the downloading mode of the embedded system entering the bootloader, the image data to be verified can be obtained from the system memory. After ensuring that the mirror image data to be verified is legal, the mirror image data can be downloaded to the storage device of the system. The mirror data to be verified can comprise the content of the data to be verified, a data signature and an authentication certificate. The data content to be verified is specific content to be downloaded and is also protected content. The data signature is a signature obtained by calculating the data content to be verified by adopting a hash algorithm to obtain a hash value and encrypting the hash value by using a preset key. For example, the hash Algorithm may be an Algorithm such as MD5 (MESSAGE DIGEST Algorithm, fifth edition of message digest Algorithm), SHA1 (Secure Hash Algorithm ), or SHA256 (Secure Hash Algorithm, secure hash Algorithm), and the key may be a private key in asymmetric encryption. The authentication certificate is used for authenticating the data signature, so that the correctness of the data signature can be determined, and the authentication certificate can comprise a decryption key corresponding to the encryption key and manufacturer information of the mirror image data to be verified. The fuse configuration may be obtained from the memory of the system or from a fused CPU (Central Processing Unit ), which is information determined by the manufacturer. The Fuse is an electronic Fuse, which may be an eFuse (electronic-Fuse), and is a one-time programmable memory. The fuse configuration may include configuration parameter information for secure startup, an authentication certificate digest, and the like, where the authentication certificate digest may be a digest obtained by calculating data in an authentication certificate by a manufacturer before leaving the image data to be verified.
In this embodiment, optionally, obtaining the image data to be verified and the fuse configuration includes: obtaining mirror image data to be verified from an embedded system memory; if the CPU is fused, acquiring fuse configuration from the CPU; if the CPU is not fused, the fuse configuration is obtained from the embedded system memory.
Specifically, the mirror image data to be verified is obtained from the memory of the embedded system and transferred to the storage device. The fuse configuration may be obtained from an embedded system memory or from a CPU. The fuses in the CPU may be in either a fused state or an unfused state. In the fused state, the fuse configuration is stored in the CPU, and in the unfused state, the fuse configuration is stored in the embedded system memory. In the case of an unfused, the fuse configuration in the CPU does not include the certificate digest, and therefore, the fuse configuration cannot be obtained from the CPU. And the system can not enter a safe starting flow under the condition of no fuse, but can verify mirror image data, and can be safely started only under the condition of fuse. When the CPU needs to be fused, namely the CPU is in an un-fused state, the bootloader is in a downloading mode, and the fuse configuration is downloaded into the embedded system memory through the upper computer, so that the fuse configuration can be obtained from the embedded system memory. The method has the advantages that the fuse configuration can be obtained in the state of being not fused or being fused, so that the image data to be verified is verified, the image verification of the embedded system is realized, the error burning is avoided, and the safety starting is guaranteed.
And 120, verifying the authentication certificate according to the authentication certificate digest.
After the fuse configuration is acquired, an authentication certificate digest in the fuse configuration is obtained. And after the mirror image data to be verified is obtained, obtaining an authentication certificate in the mirror image data to be verified. Verifying the content in the authentication certificate according to the authentication certificate abstract, if the verification is successful, indicating that the authentication certificate is legal, and verifying the data content to be verified according to the authentication certificate; if the verification fails, the situation that the data in the authentication certificate is wrong or tampered is indicated, the mirror image data to be verified is illegal, the burning is refused, and an error is returned to the upper computer or the terminal, so that the downloading of the mirror image data to be verified into the storage device is stopped.
In this embodiment, optionally, verifying the authentication certificate according to the authentication certificate digest includes: calculating the certificate data in the authentication certificate by adopting a hash algorithm to obtain a certificate data abstract; comparing the certificate data digest with the certificate digest; if the certificate data abstract is consistent with the certificate abstract, the certificate data abstract and the certificate abstract are confirmed to be verified successfully.
Specifically, a hash algorithm is adopted to calculate certificate data in the authentication certificate, the certificate data can be data such as manufacturer information, and the calculated hash value is a certificate data abstract. Comparing the certificate data digest with the certificate digest, i.e., comparing the hash values of the two. If the hash values are consistent, the fact that the certificate data in the authentication certificate is legal is indicated, the authentication certificate is successfully verified, and the safe starting process can be continued; if the two are inconsistent, the authentication certificate fails to verify, and an error is returned to the upper computer or the terminal. The method has the advantages that the authentication certificate is verified through the authentication certificate abstract in the fuse configuration, the downloading of mirror image data to be verified is avoided under the condition that the authentication certificate is wrong, whether the data in the authentication certificate is changed or not can be effectively checked, the condition that the downloading fails due to the fact that a secret key in the authentication certificate is tampered is avoided, the repeated attempt times of safe starting are reduced, wrong burning is prevented, the safety of the data is improved, and the safe starting efficiency of an embedded system is improved.
And 130, if the authentication certificate is successfully verified, decrypting the data signature according to the authentication certificate to obtain a data abstract.
And if the authentication certificate is successfully verified, decrypting the data signature into the data abstract by using the authentication certificate, and decrypting according to the encryption mode of the data signature. The data digest is a hash value obtained by calculating the content of the data to be verified by adopting a hash algorithm.
In this embodiment, optionally, if the authentication certificate is verified successfully, the data signature is decrypted according to the authentication certificate to obtain a data digest, including: if the authentication certificate is verified successfully, acquiring a secret key in the authentication certificate; and decrypting the data signature according to the secret key to obtain the data abstract.
Specifically, a decrypted key is obtained from the authentication certificate, the data signature is decrypted according to the decrypted key, and the decrypted content is the data abstract. For example, encryption is performed using a private key in asymmetric encryption, and decryption is performed based on the public key. The data digest is determined by performing calculation in advance according to the content of the data to be verified before the secure boot, for example, hash calculation may be performed on the data to be verified to obtain the data digest. The method has the advantages that after the authentication certificate is successfully verified, the data signature is decrypted according to the authentication certificate, the correctness of the encryption key and the decryption key can be ensured, if the key in the authentication certificate cannot decrypt the data signature, the fact that the decryption key is wrong is indicated, the safe starting of the embedded system is stopped in time, and errors are returned to an upper computer or a terminal, so that the fact that errors exist after the mirror image data to be verified are downloaded to the storage device is avoided, and the safe starting efficiency of the embedded system is improved.
And 140, verifying the data content to be verified according to the data abstract.
The data abstract is used for verifying the correctness of the data content to be verified, and the content represented by the data abstract can be compared with the data content to be verified to determine whether the data content to be verified is tampered with by a person. The data content to be verified can be converted into the format of the data abstract, the data abstract is compared with the converted data content to be verified, whether the data content to be verified is tampered or not can be verified, third party attack is prevented, the system cannot be started due to the fact that the error mirror image is downloaded, and the system can be started safely for mirror image verification.
In this embodiment, optionally, verifying the data content to be verified according to the data summary includes: calculating the data content to be verified by adopting a hash algorithm to obtain a summary of the data content to be verified; comparing the data content abstract to be verified with the data abstract; and if the content abstract of the data to be verified is consistent with the data abstract, determining that the content of the data to be verified is successfully verified.
Specifically, when verifying the data content to be verified according to the data abstract, hash calculation can be performed on the data content to be verified to obtain the data content abstract to be verified. The data digest is a value obtained by performing hash calculation on the data content to be verified in advance, so that the data content digest to be verified can be compared with the data digest. If the summary of the data content to be verified is consistent with the summary of the data, the data content to be verified is not modified, the data content to be verified is successfully verified, and the safe starting can be continued; if the data content abstract to be verified is inconsistent with the data abstract, the data content to be verified is abnormal, the data content to be verified fails to be verified, and an error is returned to the upper computer or the terminal. If the verification of the content of the data to be verified fails, the secure start of the embedded system is continued, and if the start fails, the download of the mirror image data to be verified needs to be carried out again. The method has the advantages that the correctness of the data content to be verified can be ensured by verifying the data content to be verified, the phenomenon that the data content to be verified is abnormal after the mirror image data to be verified is downloaded is avoided, error burning is prevented, the number of times of safe starting is reduced, and the safe starting efficiency of the embedded system is improved.
And 150, if the content of the data to be verified is verified successfully, determining that the mirror image data to be verified is legal, and downloading the mirror image data to be verified to the storage device to finish the safe starting.
If the content of the data to be verified is verified successfully, the content of the data to be verified is not modified as the protected content, the mirror image data to be verified is legal, and the mirror image data to be verified can be downloaded into the storage device partition to complete the safe starting.
According to the technical scheme, whether the authentication certificate is legal or not is determined by acquiring the authentication certificate in the mirror image data to be verified and the authentication certificate abstract in the fuse configuration. If the authentication certificate is legal, decrypting the data signature according to the secret key in the authentication certificate, and determining that the data to be verified is correct according to the decrypted data signature to finish the safe starting of the system. The method solves the problem that in the prior art, whether the data errors exist can be confirmed only after the mirror image data to be verified is downloaded and when the system is started, prevents error burning, avoids repeated downloading, prevents third party attack, downloads the mirror image with errors to cause that the system cannot be started, saves time for safely starting the system, and improves efficiency of safely starting the system.
Example two
Fig. 2 is a flow chart of a method for verifying an image of an embedded system according to a second embodiment of the present invention, which is further optimized based on the above embodiment, and the method can be executed by an image verification device of an embedded system. As shown in fig. 2, the method specifically includes the following steps:
Step 210, obtaining mirror image data to be verified and fuse configuration; the mirror image data to be verified comprises data content to be verified and a data signature, and the fuse configuration comprises an authentication certificate digest.
Wherein, the image data to be verified can comprise the data content to be verified and the data signature, but not comprise the authentication certificate.
Step 220, if the image data to be verified does not include the authentication certificate, the authentication certificate is obtained from the verified image data including the authentication certificate.
If the validity of the mirror image data to be verified without the authentication certificate is verified, the authentication certificate can be obtained from other storage device partitions which are successfully verified and contain the mirror image data of the authentication certificate, whether the authentication certificate is trusted or not is verified through an authentication certificate abstract in fuse configuration, and then a data signature in the mirror image data to be verified without the certificate is verified through the obtained authentication certificate. The authentication certificate is required to be kept consistent in the mirror image data to be authenticated which participates in the safe start, and at least one of the multistage mirror image data to be authenticated which participates in the safe start contains the authentication certificate, so that the authentication certificate can be obtained to authenticate other mirror image data to be authenticated without the authentication certificate.
Step 230, verifying the authentication certificate according to the authentication certificate digest.
And step 240, if the authentication certificate is successfully verified, decrypting the data signature according to the authentication certificate to obtain a data abstract.
Step 250, verifying the data content to be verified according to the data abstract.
Step 260, if the content of the data to be verified is verified successfully, determining that the mirror image data to be verified is legal, and downloading the mirror image data to be verified to the storage device to complete the mirror image verification.
If the CPU is fused, after the fact that the mirror image data to be verified is legal is determined, the mirror image data to be verified is downloaded to the storage device, and safe starting is completed. If the CPU is not fused, the un-fused state can be converted into the fused state, and the fuse configuration information cannot be changed after the fuse is fused.
In this embodiment, optionally, after determining that the image data to be verified is legal if the verification of the content of the data to be verified is successful, the method further includes: if the CPU is not fused, the fuse configuration is downloaded to a fuse configuration partition of the storage device, so that the fuse is finished by the unfused CPU after restarting.
Specifically, if verification of the data content to be verified is completed in the non-fuse state, entering a fuse flow after verification is successful. And the fuse flow is to download the fuse configuration to a fuse configuration partition of the storage device, the fuse configuration partition is configured by the non-fuse CPU according to the configuration information of the fuse configuration partition after the embedded system is restarted, the fuse bit in the CPU is configured according to the configuration information, and the CPU is changed from the non-fuse to the fuse. When the CPU has been fused, the fuse configuration partition in the storage device may be considered to have failed, and no more information needs to be read from the fuse configuration partition, at which time the fuse configuration may be read directly from the CPU. The method has the beneficial effects that verification of the data content to be verified is realized in the states of the un-fuses or the fuses, the un-fuses are switched to the fuse state in time, error burning is prevented, follow-up verification of the data content to be verified is facilitated, and the safety starting efficiency is improved.
The embodiment of the invention determines whether the authentication certificate is legal or not by acquiring the authentication certificate in the verified mirror image data and the authentication certificate abstract in the fuse configuration. If the authentication certificate is legal, decrypting the data signature of the mirror image data to be verified according to the secret key in the authentication certificate, and determining that the data to be verified is correct according to the decrypted data signature to finish the safe starting of the system. The method solves the problem that in the prior art, whether the data errors exist can only be confirmed after the mirror image data to be verified is downloaded and when the system is started, prevents error burning, avoids repeated downloading, saves the time for safely starting the system, prevents a third party from attacking, downloads the mirror image with errors to cause the system to be incapable of starting, and also realizes safe starting under the condition that the mirror image data to be verified does not contain an authentication certificate, and improves the efficiency of safe starting of the system.
Example III
Fig. 3 is a block diagram of a mirror image verification device of an embedded system according to a third embodiment of the present invention, where the mirror image verification method of an embedded system according to any embodiment of the present invention may be executed, and the mirror image verification device has functional modules and beneficial effects corresponding to the execution method. As shown in fig. 3, the apparatus specifically includes:
the data acquisition module 301 is configured to acquire mirror image data to be verified and fuse configuration; the mirror image data to be verified comprises data content to be verified, a data signature and an authentication certificate, and the fuse configuration comprises an authentication certificate abstract;
a certificate verification module 302, configured to verify the authentication certificate according to the authentication certificate digest;
The signature decryption module 303 is configured to decrypt the data signature according to the authentication certificate if the authentication certificate is successfully verified, and obtain a data digest;
the data verification module 304 is configured to verify the data content to be verified according to the data summary;
the data downloading module 305 is configured to determine that the image data to be verified is legal if the content of the data to be verified is verified successfully, and download the image data to be verified to the storage device to complete the image verification.
Optionally, the certificate verification module 302 includes:
The certificate data abstract obtaining unit is used for calculating the certificate data in the authentication certificate by adopting a hash algorithm to obtain a certificate data abstract;
the certificate digest comparison unit is used for comparing the certificate data digest with the certificate digest;
and the certificate digest verification unit is used for determining that the authentication certificate is successfully verified if the certificate data digest is consistent with the authentication certificate digest.
Optionally, the signature decryption module 303 includes:
the key acquisition unit is used for acquiring a key in the authentication certificate if the authentication certificate is successfully verified;
and the data digest obtaining unit is used for decrypting the data signature according to the secret key to obtain the data digest.
Optionally, the data verification module 304 includes:
The data content abstract obtaining unit is used for calculating the data content to be verified by adopting a hash algorithm to obtain the data content abstract to be verified;
the data abstract comparison unit is used for comparing the data content abstract to be verified with the data abstract;
And the data abstract verification unit is used for determining that the data content to be verified is successfully verified if the data content abstract to be verified is consistent with the data abstract.
Optionally, the data acquisition module 301 is specifically configured to:
Obtaining mirror image data to be verified from an embedded system memory;
if the CPU is fused, acquiring fuse configuration from the CPU;
If the CPU is not fused, the fuse configuration is obtained from the embedded system memory.
Optionally, the apparatus further comprises:
And the CPU fuse module is used for downloading the fuse configuration into a fuse configuration partition of the storage device if the CPU is not fused after the mirror image data to be verified is determined to be legal if the content of the data to be verified is verified successfully, so that the fuse is completed after restarting the non-fuse CPU.
Optionally, the apparatus further comprises:
And the authentication certificate acquisition module is used for acquiring the authentication certificate from the authenticated image data comprising the authentication certificate if the authentication certificate is not included in the image data to be authenticated after the image data to be authenticated and the fuse configuration are acquired.
The embodiment of the invention determines whether the authentication certificate is legal or not by acquiring the authentication certificate in the mirror image data to be verified and the authentication certificate abstract in the fuse configuration. If the authentication certificate is legal, decrypting the data signature according to the secret key in the authentication certificate, and determining that the data to be verified is correct according to the decrypted data signature to finish the safe starting of the system. The method solves the problem that in the prior art, whether the data errors exist can be confirmed only after the mirror image data to be verified is downloaded and when the system is started, prevents the error burning, avoids repeated downloading, saves the time for safely starting the system, and improves the efficiency of safely starting the system.
Example IV
Fig. 4 is a schematic structural diagram of a computer device according to a fourth embodiment of the present invention. Fig. 4 illustrates a block diagram of an exemplary computer device 400 suitable for use in implementing embodiments of the invention. The computer device 400 shown in fig. 4 is merely an example and should not be construed as limiting the functionality and scope of use of embodiments of the present invention.
As shown in fig. 4, computer device 400 is in the form of a general purpose computing device. Components of computer device 400 may include, but are not limited to: one or more processors or processing units 401, a system memory 402, a bus 403 that connects the various system components (including the system memory 402 and the processing units 401).
Bus 403 represents one or more of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor, or a local bus using any of a variety of bus architectures. By way of example, and not limitation, such architectures include Industry Standard Architecture (ISA) bus, micro channel architecture (MAC) bus, enhanced ISA bus, video Electronics Standards Association (VESA) local bus, and Peripheral Component Interconnect (PCI) bus.
Computer device 400 typically includes a variety of computer system readable media. Such media can be any available media that is accessible by computer device 400 and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory 402 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM) 404 and/or cache memory 405. Computer device 400 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 406 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 4, commonly referred to as a "hard drive"). Although not shown in fig. 4, a magnetic disk drive for reading from and writing to a removable non-volatile magnetic disk (e.g., a "floppy disk"), and an optical disk drive for reading from or writing to a removable non-volatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In such cases, each drive may be coupled to bus 403 through one or more data medium interfaces. Memory 402 may include at least one program product having a set (e.g., at least one) of program modules configured to carry out the functions of embodiments of the invention.
A program/utility 408 having a set (at least one) of program modules 407 may be stored in, for example, memory 402, such program modules 407 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment. Program modules 407 generally perform the functions and/or methods of the described embodiments of the invention.
The computer device 400 may also communicate with one or more external devices 409 (e.g., keyboard, pointing device, display 410, etc.), one or more devices that enable a user to interact with the computer device 400, and/or any devices (e.g., network card, modem, etc.) that enable the computer device 400 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 411. Moreover, computer device 400 may also communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet, through network adapter 412. As shown in fig. 4, network adapter 412 communicates with other modules of computer device 400 over bus 403. It should be appreciated that although not shown in fig. 4, other hardware and/or software modules may be used in connection with computer device 400, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
The processing unit 401 executes various functional applications and data processing by running a program stored in the system memory 402, for example, to implement a method for verifying an image of an embedded system according to an embodiment of the present invention, including:
obtaining mirror image data to be verified and fuse configuration; the mirror image data to be verified comprises data content to be verified, a data signature and an authentication certificate, and the fuse configuration comprises an authentication certificate abstract;
Verifying the authentication certificate according to the authentication certificate abstract;
if the authentication certificate is verified successfully, decrypting the data signature according to the authentication certificate to obtain a data abstract;
verifying the data content to be verified according to the data abstract;
if the content of the data to be verified is verified successfully, determining that the mirror image data to be verified is legal, and downloading the mirror image data to be verified into the storage device to complete mirror image verification.
Example five
The fifth embodiment of the present invention further provides a storage medium containing computer executable instructions, where a computer program is stored, where the program when executed by a processor implements a method for verifying an image of an embedded system according to the embodiment of the present invention, where the method includes:
obtaining mirror image data to be verified and fuse configuration; the mirror image data to be verified comprises data content to be verified, a data signature and an authentication certificate, and the fuse configuration comprises an authentication certificate abstract;
Verifying the authentication certificate according to the authentication certificate abstract;
if the authentication certificate is verified successfully, decrypting the data signature according to the authentication certificate to obtain a data abstract;
verifying the data content to be verified according to the data abstract;
if the content of the data to be verified is verified successfully, determining that the mirror image data to be verified is legal, and downloading the mirror image data to be verified into the storage device to complete mirror image verification.
The computer storage media of embodiments of the invention may take the form of any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations of the present invention may be written in one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
Note that the above is only a preferred embodiment of the present invention and the technical principle applied. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, while the invention has been described in connection with the above embodiments, the invention is not limited to the embodiments, but may be embodied in many other equivalent forms without departing from the spirit or scope of the invention, which is set forth in the following claims.