[0041] The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be understood that the preferred embodiments described below are only used to illustrate and explain the present invention, and are not used to limit the present invention.
[0042] In view of the above situations, the present invention proposes a method and system based on encryption technology and digital signature technology to prevent mobile terminals from being upgraded to illegal firmware versions. this method
[0043] figure 1 It is a block diagram of a method for preventing a mobile terminal from upgrading to an illegal firmware version provided by an embodiment of the present invention, such as figure 1 As shown, the steps include:
[0044] Step 101: The upgrade tool verifies the legality of the firmware version to be upgraded stored on the master control device.
[0045] The firmware version to be upgraded has multiple version files, each of which has a digital signature, and the upgrade tool uses its pre-stored signature key to verify the digital signature of each version file. When each version file of the firmware version to be upgraded is successfully verified, the upgrade tool determines that the firmware version to be upgraded is a legal firmware version.
[0046] Step 102: The upgrade tool and the mobile terminal authenticate each other through a handshake.
[0047] First, after the upgrade tool determines that the firmware version to be upgraded stored on the main control device is a legal firmware version, it delivers handshake authentication information including handshake authentication instructions and handshake authentication data to the mobile terminal.
[0048] Secondly, after receiving the handshake authentication information, the mobile terminal verifies the handshake authentication data therein, and feeds back the handshake verification result to the upgrade tool. When the handshake verification succeeds, the mobile terminal determines that the upgrade tool is a legal upgrade tool, otherwise, the upgrade tool is determined to be an illegal upgrade tool.
[0049] Then, the upgrade tool receives the handshake authentication result from the mobile terminal, and if successful, sends mode switching information to the mobile terminal to notify the mobile terminal to switch to the upgrade mode.
[0050] Finally, after receiving the mode switching information, the mobile terminal checks whether the handshake authentication is successful, and if successful, it switches to the upgrade mode.
[0051] Step 103: The upgrade tool transmits the firmware version to be upgraded to the mobile terminal.
[0052] The firmware version to be upgraded has multiple version files, and the upgrade tool sequentially delivers the multiple version files to the mobile terminal.
[0053] Step 104: The mobile terminal sequentially receives the multiple version files, and verifies the received version files.
[0054] The mobile terminal uses its pre-stored signature key to perform digital signature verification on each version file of the received firmware version to be upgraded. If each version file is successfully verified, it is determined that the firmware version to be upgraded is a legal firmware version.
[0055] Step 105: The mobile terminal replaces the old version with the received firmware version to be upgraded.
[0056] The upgrade tool notifies the mobile terminal of the completion of all version files and requires the mobile terminal to replace the old version. At this time, the mobile terminal replaces the current version with the firmware version to be upgraded stored in the backup storage area.
[0057] Step 106: The mobile terminal restarts to complete the upgrade process.
[0058] The upgrade tool notifies the mobile terminal to exit the upgrade mode and restart. At this time, the mobile terminal restarts with the new firmware version, and digital signature verification is still performed on each version file of the firmware version during the startup process, and the upgrade process is completed.
[0059] It can be known from step 101 to step 106 that the present invention achieves the goal of preventing illegal firmware upgrades through the following four technical means:
[0060] 1. The upgrade tool performs signature verification on each version file of the firmware version.
[0061] The upgrade tool running on the master control device will first perform signature verification on each version of the firmware version saved on the master device before performing the upgrade operation. If there is no signature information or the signature information verification fails, it is not allowed Mobile terminal upgrade. Therefore, the upgrade tool level can effectively prevent illegal firmware version upgrades from unknown sources.
[0062] 2. Mutual authentication between the upgrade tool and the mobile terminal.
[0063] The mobile terminal is in an upgrade prohibited state when it starts normally. The upgrade tool will send handshake authentication information before issuing the firmware version to the mobile terminal, and the mobile terminal will perform verification after receiving the handshake authentication information. If the verification fails, the upgrade tool is considered to be an illegal upgrade tool, and the mobile terminal maintains an upgrade prohibited state and is not allowed to perform subsequent upgrade actions. Therefore, users can be prevented from using illegal upgrade tools to bypass the signature verification process of the version file.
[0064] 3. The mobile terminal verifies each version file of the firmware version.
[0065] During the upgrade process, each time the mobile terminal receives a version file, it will verify the digital signature of the version file, and stop the upgrade process if it fails. Therefore, illegal tools can be prevented from circumventing the mobile terminal authentication mechanism to upgrade its firmware.
[0066] 4. The verification of each version file of the firmware version during the startup process of the mobile terminal.
[0067] During the startup of the mobile terminal, the digital signature of the version file will be verified. If there is no digital signature information or the digital signature verification fails, the user will be prompted and enter the upgrade mode until it is upgraded to a legal digital signature version. Therefore, it is possible to prevent the mobile terminal from being upgraded to an illegal firmware version by directly burning the storage medium.
[0068] figure 2 It is an implementation flowchart of preventing a mobile terminal from upgrading to an illegal firmware version provided by an embodiment of the present invention, such as figure 2 As shown, the steps include:
[0069] Step 1: The upgrade tool uses the signature key paired with the key used for the digital signature of the mobile terminal manufacturer and the corresponding digest algorithm to verify the validity of each version file of the firmware version stored on the master control device one by one.
[0070] Step 2: If the version files of all firmware versions are legal, the upgrade tool issues handshake authentication instructions and handshake authentication information of the handshake authentication data to the mobile terminal, wherein the handshake authentication data includes the plaintext before encryption and the encrypted Ciphertext.
[0071] Step 3: After receiving the handshake authentication instruction, the mobile terminal uses its stored handshake key to decrypt the ciphertext data, and checks whether the decrypted data is consistent with the received plaintext data. If they are consistent, the internal handshake success flag is set to true, and the successful handshake information is fed back to the upgrade tool.
[0072] Step 4: After the upgrade tool receives the handshake verification result, it checks whether the handshake is successful. If successful, the mode switching information is sent to the mobile terminal to notify the mobile terminal to switch to the upgrade mode.
[0073] Step 5: After the mobile terminal receives the mode switching information, it checks whether the handshake success flag bit is true.
[0074] Step 6: If it is true, switch to the upgrade mode, and feedback the successful mode switch information to the upgrade tool.
[0075] Step 7: The upgrade tool receives and detects the feedback information of the mode switching information. If the handover is successful, the first version file of the firmware version is issued to the mobile terminal.
[0076] Step 8: The mobile terminal receives the version file, temporarily stores it in the backup storage area, and verifies the digital signature of the version file. If it is valid, it will report to the upgrade tool that the version file has been successfully received.
[0077] Step 9: Send each version file in the firmware version one by one, until all the files are issued, the upgrade tool notifies the mobile terminal that all version files have been issued, and requires the mobile terminal to replace the old version.
[0078] Step 10: The mobile terminal replaces the current version with the firmware version stored in the backup storage area, and feeds back the version replacement result to the upgrade tool.
[0079] Step 11: The upgrade tool checks the version replacement information, and if the replacement is successful, the mobile terminal is notified to exit the upgrade mode and restart.
[0080] Step 12: The mobile terminal restarts with the new firmware version. During the restarting process, it is checked whether the digital signature of each version file is legal. If they are all legal, start normally and the upgrade process is complete.
[0081] Step 13: If an abnormal version file is detected during the restart of the mobile terminal, the user is prompted and the upgrade mode is automatically entered. Until the terminal is upgraded to a legal firmware version.
[0082] In the above process, the steps to prevent illegal firmware upgrades are explained as follows:
[0083] 1. In step 1, the upgrade tool will verify the legitimacy of each version file of the firmware version. If the verification fails, the upgrade process will be aborted to prevent unauthorized firmware upgrades without signatures.
[0084] 2. In steps 2-5, the upgrade tool will shake hands with the mobile terminal to prevent unauthorized upgrade tools from upgrading the mobile terminal.
[0085] 3. In step 8, the mobile terminal will verify the validity of the received version file to ensure that the received version file is legal.
[0086] 4. In step 13, when the mobile terminal restarts for the first time after the upgrade is completed, the signature verification module solidified in the ROM of the mobile terminal will be used to verify the digital signature of each version file loaded. If it is not successful, it will automatically switch to the upgrade mode. , Wait for handshake authentication, until upgrade to the legal version.
[0087] The present invention also provides a system for preventing the mobile terminal from upgrading to an illegal firmware version, including the mobile terminal and the upgrade tool running on the main control device (such as PC), through mutual verification of the mobile terminal and the upgrade tool, and the treatment of both The verification of each version file of the upgraded firmware version realizes the function of preventing the device from being upgraded to an illegal firmware version.
[0088] The mobile terminal is configured to use the handshake authentication information to perform a handshake verification process on the upgrade tool, and according to the handshake verification result, receive the firmware version to be upgraded issued by the upgrade tool, and check the received firmware version to be upgraded The firmware version undergoes version legality verification processing, and the firmware version is upgraded based on the version legality verification result. image 3 Is a structural diagram of the mobile terminal provided by the embodiment of the present invention, such as image 3 Shown, including:
[0089] The handshake authentication module is used to decrypt the ciphertext data in the handshake authentication data by using its pre-stored handshake key after receiving the handshake authentication information, and combine the obtained plaintext data with the handshake authentication data Match the plaintext data of, in order to determine the successful handshake between the mobile terminal and the upgrade tool;
[0090] The signature verification module is used to use its pre-stored signature key to perform digital signature verification on each version file of the received firmware version to be upgraded. If each version file is successfully verified, it is determined to be upgraded The firmware version is a legal firmware version;
[0091] The upgrade agent module is used to interact with the upgrade tool;
[0092] Other service function modules are used to realize other service functions such as short message service and call service.
[0093] The upgrade tool is used to perform version legality verification processing on the firmware version to be upgraded, and according to the version legality verification result, send handshake authentication information to the mobile terminal. Figure 4 Is the composition structure diagram of the upgrade tool provided by the embodiment of the present invention, such as Figure 4 Shown, including:
[0094] The signature verification module is used to use its pre-stored signature key to perform digital signature verification on each version file of the firmware version to be upgraded, and if the verification of each version file is successful, determine the firmware version to be upgraded Is a legal firmware version;
[0095] The handshake verification module is used to generate and send handshake authentication information including handshake authentication instructions and handshake authentication data to the mobile terminal when it is determined that the firmware version to be upgraded is a legal firmware version;
[0096] The data transmission module is used to send the firmware version to be upgraded to the mobile terminal;
[0097] The instruction transceiver module is used to receive instructions from the mobile terminal or send instructions to the mobile terminal.
[0098] The main control device is responsible for providing the operating environment of the upgrade tool and providing a data channel for data interaction with the mobile terminal. The upgrade tool runs on the main control device, is responsible for verifying the legality of the firmware version file, handshake verification with the terminal, and delivers the version file stored on the main control device to the mobile terminal. The mobile terminal is responsible for shaking hands with the upgrade tool, receiving the version file issued by the upgrade tool, checking the validity of the received version file, and writing the legal version file into the storage medium of the mobile terminal. The firmware version can be composed of multiple version files, divided into legal version and illegal version. Figure 5 It is a structural diagram of the digital signature composition in the version file provided by the embodiment of the present invention. Each version file of the legal version contains the digital signature information of the terminal manufacturer, and the illegal version does not.
[0099] In summary, the present invention has the following technical effects:
[0100] The invention can prevent the user from upgrading the mobile terminal equipment to an illegal firmware version whose source is unknown and may affect the use of the mobile terminal, thereby effectively guaranteeing the normal operation and use of the mobile terminal and protecting the interests of users and operators.
[0101] Although the present invention is described in detail above, the present invention is not limited thereto, and those skilled in the art can make various modifications according to the principles of the present invention. Therefore, all modifications made in accordance with the principles of the present invention should be understood as falling within the protection scope of the present invention.
