Disclosure of Invention
In order to solve one of the technical defects, the embodiment of the application provides a firmware secure start method and a system.
According to a first aspect of an embodiment of the present application, there is provided a firmware secure boot method, including:
Obtaining ciphertext information of firmware to be started; the ciphertext information is obtained by encrypting the firmware to be started by an encryption terminal through a preset encryption algorithm by utilizing an encryption key corresponding to the firmware to be started;
acquiring signature information of the firmware to be started; the signature information is obtained by signing the hash value of the ciphertext information of the firmware by using a preset signature algorithm by using a signature key corresponding to the firmware to be started by an encryption terminal;
obtaining decryption information of the firmware to be started; the decryption information is obtained by decrypting the ciphertext information by using a preset decryption algorithm by using a stored or acquired decryption key of the firmware to be started by a decryption terminal;
Acquiring signature verification information of the firmware to be started; the signature verification information is obtained by signing a hash value of ciphertext information of the firmware by using a preset signature algorithm by using a stored or acquired signature key corresponding to the firmware to be started by a decryption terminal;
Verifying the signature information of the firmware to be started and the signature verification information of the firmware to be started;
And if the verification is passed, executing starting processing by using the decryption information of the firmware to be started.
In an optional embodiment of the present application, signing the hash value of the ciphertext information of the firmware using a preset signature algorithm with the signature key corresponding to the firmware to be started includes:
reading a file list of the firmware to be started;
calculating a hash value of the file list;
And signing the hash value by using a preset signing algorithm by using the signing key.
In an alternative embodiment of the present application, verifying the signature information of the firmware to be booted with the signature verification information of the firmware to be booted includes:
judging whether the signature information is the same as the signature verification information or whether the signature information and the signature verification information accord with a preset rule;
when the signature information is the same as the signature verification information or the signature information and the signature verification information accord with a preset rule, checking is passed;
And when the signature information is different from the signature verification information or the signature information and the signature verification information do not accord with a preset rule, checking is not passed, and starting the firmware to be started is stopped.
In an alternative embodiment of the present application, the step of obtaining the decryption information of the firmware to be started and the step of obtaining the signature verification information of the firmware to be started are performed in parallel according to the direct memory access characteristic.
In an alternative embodiment of the present application, calculating the hash value of the file list includes:
calculating hash values for all files in the file list;
And calculating the hash values of all the files by using a preset hash algorithm to obtain the hash values of the file list.
According to a second aspect of the embodiment of the present application, there is provided a firmware secure boot system, including: an encryption end, a decryption end and a verification end;
The verification terminal obtains ciphertext information of the firmware to be started; the ciphertext information is obtained by encrypting the firmware to be started by an encryption terminal through a preset encryption algorithm by utilizing an encryption key corresponding to the firmware to be started;
the verification terminal obtains the signature information of the firmware to be started; the signature information is obtained by signing the hash value of the ciphertext information of the firmware by using a preset signature algorithm by using a signature key corresponding to the firmware to be started by an encryption terminal;
The verification terminal obtains decryption information of the firmware to be started; the decryption information is obtained by decrypting the ciphertext information by using a preset decryption algorithm by using a stored or acquired decryption key of the firmware to be started by a decryption terminal;
The verification terminal obtains signature verification information of the firmware to be started; the signature verification information is obtained by signing a hash value of ciphertext information of the firmware by using a preset signature algorithm by using a stored or acquired signature key corresponding to the firmware to be started by a decryption terminal;
the verification terminal verifies the signature information of the firmware to be started and the signature verification information of the firmware to be started;
And if the verification is passed, the verification end executes starting processing by using the decryption information of the firmware to be started.
In an optional embodiment of the present application, the verifying the signature information of the firmware to be started and the signature verification information of the firmware to be started by the verification terminal includes:
judging whether the signature information is the same as the signature verification information or whether the signature information and the signature verification information accord with a preset rule;
when the signature information is the same as the signature verification information or the signature information and the signature verification information accord with a preset rule, checking is passed;
And when the signature information is different from the signature verification information or the signature information and the signature verification information do not accord with a preset rule, checking is not passed, and starting the firmware to be started is stopped.
In an optional embodiment of the present application, the verification terminal performs the step of obtaining the decryption information of the firmware to be started and the step of obtaining the signature verification information of the firmware to be started in parallel according to the direct memory access characteristic.
According to a third aspect of an embodiment of the present application, there is provided a computer apparatus including: a memory;
a processor; a computer program; wherein the computer program is stored in a memory and configured to be executed by a processor to carry out the steps of the method according to any of the first aspects of the embodiments of the application.
According to a fourth aspect of an embodiment of the present application, there is provided a computer-readable storage medium having a computer program stored thereon; the computer program is executed by a processor to implement the steps of the method according to any one of the first aspects of the embodiments of the present application.
The firmware safe starting method provided by the embodiment of the application has the following beneficial effects:
according to the application, firstly, the firmware is encrypted to obtain the ciphertext, then the hash value of the ciphertext is signed, and when verification is carried out, the ciphertext is decrypted and signature verification is carried out in parallel, so that the aim of safe starting is achieved, the time for safe starting is effectively shortened, the larger the firmware is, the more obvious the saving effect of the safe starting time is, and the efficiency of the safe starting of the whole firmware is improved.
Detailed Description
In order to make the technical solutions and advantages of the embodiments of the present application more apparent, the following detailed description of exemplary embodiments of the present application is provided in conjunction with the accompanying drawings, and it is apparent that the described embodiments are only some embodiments of the present application and not exhaustive of all embodiments. It should be noted that, without conflict, the embodiments of the present application and features of the embodiments may be combined with each other.
The inventor discovers that the existing secure boot process achieves the purpose of secure boot, but as firmware increases, the time spent in decryption and hash computation increases, which is not beneficial to quick secure boot. In order to meet the requirement of quick and safe starting of the firmware, the method also combines the processing capacity of parallel execution of a plurality of processes with DMA (Data Memory Access, direct memory access) characteristics, optimizes the processes of firmware decryption and signature verification, encrypts the firmware to obtain a ciphertext, and signs the hash value of the ciphertext. During verification, decryption and signature verification can be executed in parallel, so that the time for safe starting is effectively shortened, and the larger the firmware is, the more obvious the effect is, and the efficiency of safe starting of the whole firmware can be greatly improved.
Based on this, referring to fig. 2 and 3, the firmware security start-up method of the present application includes steps S110 to S150:
S110, acquiring ciphertext information of firmware to be started; the ciphertext information is obtained by encrypting the firmware to be started by an encryption terminal through a preset encryption algorithm by utilizing an encryption key corresponding to the firmware to be started.
S120, acquiring signature information of the firmware to be started; the signature information is obtained by the encryption end signing the hash value of the ciphertext information of the firmware by using a preset signature algorithm by using a signature key corresponding to the firmware to be started.
S130, obtaining decryption information of the firmware to be started; the decryption information is obtained by decrypting the ciphertext information by using a preset decryption algorithm through a decryption terminal by using a stored or acquired decryption key of the firmware to be started.
S140, acquiring signature verification information of the firmware to be started; the signature verification information is obtained by a decryption end signing the hash value of the ciphertext information of the firmware by using a preset signature algorithm by using a stored or acquired signature key corresponding to the firmware to be started.
And S150, verifying the signature information of the firmware to be started and the signature verification information of the firmware to be started.
And S160, if the verification is passed, executing starting processing by using the decryption information of the firmware to be started.
In an optional embodiment of the present application, signing the hash value of the ciphertext information of the firmware using the signing key corresponding to the firmware to be started in step S120 with a preset signing algorithm includes:
reading a file list of the firmware to be started;
calculating a hash value of ciphertext information corresponding to the file list;
And signing the hash value by using a preset signing algorithm by using the signing key.
In an optional embodiment of the present application, calculating a hash value of ciphertext information corresponding to the file list includes:
Calculating hash values of ciphertext information corresponding to all files in the file list;
and calculating hash values of all the files by using a preset hash algorithm to obtain hash values of ciphertext information corresponding to the file list.
The encryption algorithm and the signature algorithm are not limited in the embodiment of the invention, and if the RSA private key is used, the hash value is signed by the RSA algorithm; when using the ECC private key, the hash value is signed with an ECC algorithm.
Among them, the RSA signature algorithm is a widely used encryption algorithm. Its keys include public and private keys. Can be used for digital signature, identity authentication and key exchange. RSA key lengths typically use 1024 bits or higher. For the case that the content of the firmware to be started is already fixed, the signature calculation can be calculated in advance at a manufacturer server or can be calculated dynamically at the starting of the MCU.
In the embodiment of the invention, hash value calculation can be performed by adopting SHA256, the used hash value length is 256 bits, the SHA256 value is calculated by firstly calculating ciphertext information corresponding to all files in a file list, and then the final signature value is calculated by calculating the hash value of the ciphertext information corresponding to all files by using a preset hash algorithm. When the signature value is calculated, the private key is key, the private key (ECC, RSA, etc.) is generated according to the selected algorithm, and the signature algorithm is determined according to the algorithm for judging the generation of the private key. (RSA signature verification, ECC signature verification, etc.).
In the embodiment of the present invention, the process that the encryption end uses the signature key corresponding to the firmware to be started to sign the hash value of the ciphertext information of the firmware by using the preset signature algorithm in step S120 is the same as that in step S140, and the file list of the firmware to be started is read first; then calculating the hash value of the file list; and finally, signing the hash value by using a preset signature algorithm by using the secret key. The difference is that the file list of the firmware to be started read in step S120 is a file list stored in the vendor server of the firmware to be started, and the file list of the firmware to be started read in step S140 is a file list in the process of safely starting the MCU, and the firmware to be started may be tampered and forged. Therefore, the verification process of step S150 provided by the embodiment of the present invention performs the verification of the uniqueness of the firmware to be started.
In addition, in the embodiment of the present invention, the signing key used in step S120 is a corresponding key determined by the vendor server of the firmware to be started according to the information of the firmware to be started, and the signing key used in step S140 is a key corresponding to the firmware to be started, which is stored or obtained by the decryption end, because there is a possibility that a third party may forge or imitate the decryption end. Therefore, identity validity verification of the decryption end can be performed through the verification process of the step S150 provided by the embodiment of the invention.
The signature verification information is obtained by calculating a hash value of ciphertext information of the firmware to be started by a decryption end when the firmware to be started is started (the hash value is calculated before each start to prevent the firmware from being tampered with), and the algorithm of the signature verification information is the same as that of the signature information.
In an alternative embodiment of the present application, verifying the signature information of the firmware to be booted with the signature verification information of the firmware to be booted in step S150 includes:
judging whether the signature information is the same as the signature verification information or whether the signature information and the signature verification information accord with a preset rule;
when the signature information is the same as the signature verification information or the signature information and the signature verification information accord with a preset rule, checking is passed;
And when the signature information is different from the signature verification information or the signature information and the signature verification information do not accord with a preset rule, checking is not passed, and starting the firmware to be started is stopped.
In the embodiment of the invention, when the firmware to be started is started, the signature information and the signature verification information are verified, if the verification is passed, the starting processing is executed, and if the verification is not passed, the starting processing is stopped. Thus, the safe starting of the firmware to be started is realized.
In an alternative embodiment of the present application, the step of obtaining the decryption information of the firmware to be started and the step of obtaining the signature verification information of the firmware to be started are performed in parallel according to the direct memory access characteristic.
In the embodiment of the invention, the DMA characteristic can be utilized, and the decryption step and the signature verification step are executed in parallel, so that the time for safely starting the firmware is effectively shortened.
In the embodiment of the invention, the decryption step and the signature verification step are executed in parallel, and the method can be realized as follows:
s210, obtaining ciphertext information of the firmware to be started of the encryption end.
S220, signature information of firmware to be started of the encryption end is obtained.
S230, obtaining decryption information and signature verification information of the firmware to be started at the decryption end.
S240, verifying the signature information of the firmware to be started and the signature verification information of the firmware to be started.
S250, if the verification is passed, executing the starting process by using the decryption information of the firmware to be started.
In the embodiment of the invention, the decryption step can be performed before the signature verification step, and the decryption step can be realized as follows:
s310, obtaining ciphertext information of the firmware to be started of the encryption end.
S320, signature information of firmware to be started of the encryption end is obtained.
S330, obtaining decryption information of the firmware to be started at the decryption end.
S340, obtaining signature verification information of the firmware to be started at the decryption end.
S350, checking the signature information of the firmware to be started and the signature verification information of the firmware to be started.
And S360, if the verification is passed, executing the starting process by using the decryption information of the firmware to be started.
In the embodiment of the present invention, the decryption step may be performed after the signature verification step, and may be specifically implemented as follows:
S410, obtaining ciphertext information of the firmware to be started of the encryption end.
S420, signature information of firmware to be started of the encryption end is obtained.
S430, obtaining signature verification information of the firmware to be started at the decryption end.
S440, obtaining decryption information of the firmware to be started at the decryption end.
S450, checking the signature information of the firmware to be started and the signature verification information of the firmware to be started.
And S460, if the verification is passed, executing the starting process by using the decryption information of the firmware to be started.
In the embodiment of the invention, the decryption step can be executed after the verification of the signature is passed, and the decryption step can be realized as follows:
S510, obtaining ciphertext information of the firmware to be started of the encryption end.
S520, signature information of firmware to be started of the encryption end is obtained.
S530, obtaining signature verification information of the firmware to be started of the decryption end.
S540, verifying the signature information of the firmware to be started and the signature verification information of the firmware to be started.
S550, if the verification is passed, obtaining the decryption information of the firmware to be started at the decryption end.
S560, executing the starting process by using the decryption information of the firmware to be started.
In the embodiment of the present invention, in step S550, if the signature information and the signature verification information are not checked and passed, the decryption step is not executed, so that the resource consumption and time consumption of the decryption step can be saved (for the case that the decryption step and the signature verification step are executed in parallel, the execution time is the decryption step duration or the signature verification step duration, and in general, the decryption step duration and the signature verification step duration are not much different and can be ignored, and at this time, if the signature information and the signature verification information are not checked and passed, the decryption step is not executed, so that only the resource consumption is saved and the time consumption is not saved). If the signature information and the signature verification information pass verification, a decryption step is executed, and the execution time length is equal to the sum of the decryption step time length and the signature verification step time length.
One embodiment of the present application provides a firmware secure boot system, comprising: an encryption end, a decryption end and a verification end;
The verification terminal obtains ciphertext information of the firmware to be started; the ciphertext information is obtained by encrypting the firmware to be started by an encryption terminal through a preset encryption algorithm by utilizing an encryption key corresponding to the firmware to be started;
the verification terminal obtains the signature information of the firmware to be started; the signature information is obtained by signing the hash value of the ciphertext information of the firmware by using a preset signature algorithm by using a signature key corresponding to the firmware to be started by an encryption terminal;
The verification terminal obtains decryption information of the firmware to be started; the decryption information is obtained by decrypting the ciphertext information by using a preset decryption algorithm by using a stored or acquired decryption key of the firmware to be started by a decryption terminal;
The verification terminal obtains signature verification information of the firmware to be started; the signature verification information is obtained by signing a hash value of ciphertext information of the firmware by using a preset signature algorithm by using a stored or acquired signature key corresponding to the firmware to be started by a decryption terminal;
the verification terminal verifies the signature information of the firmware to be started and the signature verification information of the firmware to be started;
And if the verification is passed, the verification end executes starting processing by using the decryption information of the firmware to be started.
In an optional embodiment of the present application, the verifying the signature information of the firmware to be started and the signature verification information of the firmware to be started by the verification terminal includes:
judging whether the signature information is the same as the signature verification information or whether the signature information and the signature verification information accord with a preset rule;
when the signature information is the same as the signature verification information or the signature information and the signature verification information accord with a preset rule, checking is passed;
And when the signature information is different from the signature verification information or the signature information and the signature verification information do not accord with a preset rule, checking is not passed, and starting the firmware to be started is stopped.
In an optional embodiment of the present application, the verification terminal performs the step of obtaining the decryption information of the firmware to be started and the step of obtaining the signature verification information of the firmware to be started in parallel according to the direct memory access characteristic.
For specific limitations of the above firmware secure boot system, reference may be made to the above limitation of the firmware secure boot method, and no further description is given here. The various elements in the firmware secure boot system described above may be implemented in whole or in part by software, hardware, or a combination thereof. The units can be embedded in hardware or independent of a processor in the computer equipment, and can also be stored in a memory in the computer equipment in a software mode, so that the processor can call and execute the operations corresponding to the units.
In one embodiment, the present application also provides a computing device, referring to fig. 4, comprising a memory 1120, a processor 1110 and a computer program stored in said memory 1120 and executable by said processor 1110, the computer program being stored in a space 1130 for program code in the memory 1120, which computer program, when being executed by the processor 1110, implements a program 1131 for performing any of the method steps according to the present application.
The embodiment of the application also provides a computer readable storage medium. Referring to fig. 5, the computer-readable storage medium includes a storage unit for program code, the storage unit being provided with a program 1131' for performing the method steps according to the present application, the program being executed by a processor.
Embodiments of the present application also provide a computer program product comprising instructions. The computer program product, when run on a computer, causes the computer to perform the method steps according to the application.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The scheme in the embodiment of the application can be realized by adopting various computer languages, such as C language, VHDL language, verilog language, object-oriented programming language Java, an transliteration script language JavaScript and the like.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, systems, and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature. In the description of the present application, the meaning of "plurality" means at least two, for example, two, three, etc., unless specifically defined otherwise.
While preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the spirit or scope of the application. Thus, it is intended that the present application also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.