Data processing method and device, computer device, readable storage medium and product

By acquiring and signing the firmware data from the equipment vendor, and generating signed firmware data, the security problem caused by the leakage of equipment vendor keys is solved, ensuring the security and integrity of the equipment on the equipment vendor's side.

CN117278219BActive Publication Date: 2026-06-26TENCENT TECHNOLOGY (SHENZHEN) CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
TENCENT TECHNOLOGY (SHENZHEN) CO LTD
Filing Date
2022-06-13
Publication Date
2026-06-26

AI Technical Summary

Technical Problem

In the existing technology, the security problems caused by the leakage of equipment manufacturer's keys are that the existing technology cannot effectively protect the integrity of the device firmware data and the security of the equipment manufacturer's key leakage.

Method used

By obtaining the device vendor's firmware data and using a key identifier that matches the device to be managed, the firmware is signed to generate signed firmware data, which is then sent to the device vendor for publication. The device to be managed can then manage the firmware after verification, thus preventing the device vendor from accessing the target customer's key.

Benefits of technology

It effectively protects the integrity of the device vendor's firmware data, prevents key leakage, ensures the security of the managed devices, and improves the security of the device vendor's end.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN117278219B_ABST
    Figure CN117278219B_ABST
Patent Text Reader

Abstract

Embodiments of the present application disclose a data processing method and device, computer equipment, readable storage medium and product. The device vendor firmware data of a device vendor side is acquired, and a key identifier matched with a device to be managed is acquired. The device vendor firmware data is signed based on a target customer key matched with the key identifier, to obtain signed firmware data containing signature information. The signed firmware data is sent to the device vendor side, so that the device vendor side publishes the signed firmware data to obtain published firmware data. If the published firmware data acquired from the device vendor side is verified based on the signature information, the published firmware data is sent to the device to be managed, so that the device to be managed performs firmware management based on the published firmware data. The device vendor side does not contact the target customer key required for signing the device vendor firmware data, and can avoid security problems caused by key leakage, thereby ensuring the security of the device to be managed.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of communication technology, specifically to a data processing method, apparatus, computer equipment, readable storage medium, and product, wherein the readable storage medium is a computer-readable storage medium, and the product is a computer program product. Background Technology

[0002] Firmware and other data stored in a device may be vulnerable to attack, leading to unauthorized modification or the implantation of malware, thus compromising the device's operational security. To protect firmware and other data, devices typically employ digital signature verification methods. Generally, before booting or upgrading firmware, the device verifies the firmware's signature information using a key; only after successful verification can the device boot or upgrade.

[0003] With the development of communication technology and the increasing specialization of labor, devices involving multiple manufacturers are becoming more and more common. Typically, the keys used to sign firmware are generated and managed by the respective equipment vendors. Some vendors sign firmware directly on employee computers, posing a risk of key loss and leakage. If a key is leaked, it can be used to compile trusted firmware data for attacking the device. For the equipment vendors' customers, since it's uncertain whether the vendors have properly safeguarded the keys, there are security issues such as key leaks when providing equipment-related services. The more equipment vendors involved, the greater the security risk. Summary of the Invention

[0004] This application provides a data processing method, apparatus, computer equipment, storage medium, and product to ensure the data integrity of the device manufacturer's firmware data, thereby ensuring the security of the device to be managed.

[0005] This application provides a data processing method, including:

[0006] Obtain the device vendor firmware data from the device vendor's end, and obtain the key identifier that matches the device to be managed. The device vendor firmware data is used to perform firmware management on the device to be managed.

[0007] Based on the target customer key that matches the key identifier, the device vendor firmware data is signed to obtain signed firmware data containing signature information.

[0008] The signed firmware data is sent to the device manufacturer so that the device manufacturer can publish the signed firmware data and obtain the published firmware data.

[0009] If the verification of the released firmware data obtained from the device vendor is successful based on the signature information, the released firmware data is sent to the device to be managed, so that the device to be managed can perform firmware management based on the released firmware data.

[0010] Accordingly, this application also provides a data processing apparatus, including:

[0011] The acquisition unit is used to acquire the device vendor firmware data from the device vendor's end, and to acquire the key identifier that matches the device to be managed. The device vendor firmware data is used to perform firmware management on the device to be managed.

[0012] The signing unit is used to sign the device manufacturer firmware data based on the target customer key that matches the key identifier, so as to obtain signed firmware data containing signature information.

[0013] The sending unit is used to send the signed firmware data to the device vendor so that the device vendor can publish the signed firmware data and obtain the published firmware data.

[0014] The management unit is configured to send the released firmware data to the device to be managed if the verification of the released firmware data obtained from the device vendor is successful based on the signature information, so that the device to be managed can perform firmware management based on the released firmware data.

[0015] In one embodiment, the signature unit includes:

[0016] An identifier sending subunit is used to send the key identifier to the key server, so that the key server can obtain a matching target customer key based on the key identifier. The key server is used to manage keys.

[0017] The signature processing subunit is used to perform signature processing on the device manufacturer firmware data based on the target customer key through the key server to obtain signed firmware data containing signature information.

[0018] A receiving subunit is used to receive the signed firmware data sent by the key server.

[0019] In one embodiment, the management unit includes:

[0020] The first data acquisition subunit is used to acquire the released firmware data from the device vendor.

[0021] A verification subunit is used to perform data integrity verification on the released firmware data based on the signature information.

[0022] The data sending subunit is used to send the published firmware data to the device to be managed if the data integrity verification passes.

[0023] In one embodiment, the acquisition unit includes:

[0024] The second data acquisition subunit is used to acquire signed firmware data from the equipment vendor, wherein the encrypted firmware contains verification information generated based on the equipment vendor firmware data.

[0025] The signature verification processing subunit is used to perform data signature verification processing on the encrypted firmware data to obtain the firmware data to be verified and the verification information.

[0026] A data verification subunit is used to perform data verification on the firmware data to be verified based on the verification information.

[0027] A subunit is obtained, which is used to obtain the device manufacturer's firmware data if the firmware data to be verified passes the verification.

[0028] In one embodiment, the acquisition unit includes:

[0029] The display subunit is used to display the firmware archive page, which includes a key selection control and a scenario selection control.

[0030] The scene determination subunit is used to determine the firmware management scene in response to a scene selection operation on the scene selection control;

[0031] The key identifier acquisition subunit is used to acquire the key identifier for the firmware management scenario in response to the key selection operation of the key selection control corresponding to the firmware management scenario.

[0032] In one embodiment, the firmware archiving page includes a signature archiving method selection control, and the acquisition unit includes:

[0033] The method determination subunit is used to determine the target method for signing and archiving the device vendor firmware data in response to a method selection operation of the signature archiving method selection control.

[0034] The instruction generation subunit is used to generate a signature archiving instruction based on the firmware management scenario, the key identifier, and the target method.

[0035] The signature unit includes:

[0036] The instruction subunit is used to instruct the key server to use the signature archiving method to sign the device manufacturer firmware data based on the target customer key matched by the key identifier, thereby obtaining the signed firmware data containing signature information corresponding to the firmware management scenario.

[0037] In one embodiment, the display subunit includes:

[0038] The identity information acquisition module is used to acquire the object identity information of the object being operated on.

[0039] The page display module is used to display the firmware archive page if the authentication of the object's identity information is successful.

[0040] The data processing device further includes:

[0041] An operation recording unit is used to record the operations performed on the operation object and generate firmware management records for the device.

[0042] Accordingly, this application also provides a computer device including a memory and a processor; the memory stores a computer program, and the processor is used to run the computer program in the memory to execute any of the data processing methods provided in this application.

[0043] Accordingly, embodiments of this application also provide a computer-readable storage medium for storing a computer program, which is loaded by a processor to execute any of the data processing methods provided in embodiments of this application.

[0044] Accordingly, this application also provides a computer program product, including a computer program, which, when executed by a processor, implements any of the data processing methods provided in this application.

[0045] This application embodiment obtains device vendor firmware data from the device vendor's end and obtains a key identifier that matches the device to be managed. The device vendor firmware data is used for firmware management of the device to be managed. Based on the target customer key that matches the key identifier, the device vendor firmware data is signed to obtain signed firmware data containing signature information. The signed firmware data is sent to the device vendor so that the device vendor can publish the signed firmware data to obtain published firmware data. If the verification of the published firmware data obtained from the device vendor based on the signature information is successful, the published firmware data is sent to the device to be managed so that the device to be managed can perform firmware management based on the published firmware data.

[0046] In this embodiment, after obtaining the firmware data from the equipment vendor, the firmware data is signed and then sent to the equipment vendor. During this process, the equipment vendor does not have access to the target customer key required for signing the firmware data, which avoids security issues caused by key leakage and ensures the security of the managed equipment. Attached Figure Description

[0047] To more clearly illustrate the technical solutions in the embodiments of this application, the accompanying drawings used in the description of the embodiments will be briefly introduced below. Obviously, the accompanying drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0048] Figure 1 This is a scenario diagram of the data processing method provided in the embodiments of this application;

[0049] Figure 2 This is a flowchart of the data processing method provided in the embodiments of this application;

[0050] Figure 3 This is the firmware archive page provided in the embodiments of this application;

[0051] Figure 4 This is a schematic diagram of pre-packaging provided in an embodiment of this application;

[0052] Figure 5 This is another flowchart of the data processing method provided in the embodiments of this application;

[0053] Figure 6 This is a schematic diagram of the data processing apparatus provided in an embodiment of this application;

[0054] Figure 7 This is a schematic diagram of the structure of the computer device provided in the embodiments of this application. Detailed Implementation

[0055] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.

[0056] This application provides a data processing method, apparatus, computer device, and computer-readable storage medium. The data processing apparatus can be integrated into a computer device, which may be a server or a terminal, etc.

[0057] The terminal may include mobile phones, wearable smart devices, tablets, laptops, personal computers (PCs), and in-vehicle computers, etc.

[0058] The server can be a standalone physical server, a server cluster or distributed system composed of multiple physical servers, or a cloud server that provides basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDN, and big data and artificial intelligence platforms.

[0059] The computer equipment is a client-side device (hereinafter referred to as client equipment), for example, such as Figure 1 As shown, the client device obtains the firmware data from the equipment vendor for firmware management of the device to be managed, as well as a key identifier that matches the device to be managed; based on the target client key that matches the key identifier, the firmware data from the equipment vendor is signed to obtain signed firmware data containing signature information; the signed firmware data is sent to the equipment vendor, which publishes the signed firmware data to obtain published firmware data; if the published firmware data obtained from the equipment vendor passes the verification based on the signature information, the published firmware data is sent to the device to be managed, and the device to be managed performs firmware management based on the published firmware data.

[0060] In this embodiment, after obtaining the firmware data from the equipment vendor, the firmware data is signed and then sent to the equipment vendor. During this process, the equipment vendor does not have access to the target customer key required for signing the firmware data, which avoids security issues caused by key leakage and ensures the security of the managed equipment.

[0061] The following sections provide detailed descriptions of each example. It should be noted that the order in which the embodiments are described is not intended to limit the preferred order of the embodiments.

[0062] This embodiment will be described from the perspective of a data processing device, which can be integrated into a computer device, such as a server or a terminal.

[0063] This application provides a data processing method, such as... Figure 2 As shown, the specific flow of this data processing method can be as follows:

[0064] 101. Obtain the device vendor firmware data from the device vendor's end, and obtain the key identifier that matches the device to be managed. The device vendor firmware data is used for firmware management of the device to be managed.

[0065] The devices to be managed may include electronic devices such as cloud servers, servers, IoT devices, personal computers, and mobile terminals. The equipment vendors may include manufacturers that provide all or part of the devices to be managed, such as manufacturers that provide the hardware equipment for the devices to be managed.

[0066] Among them, the equipment vendor's end refers to the equipment vendor's server or terminal.

[0067] Among them, the equipment vendor firmware data is the data required by the equipment vendor to manage the firmware of the equipment it provides, and the equipment vendor firmware data is provided by the equipment vendor.

[0068] Firmware management can include firmware upgrades and secure boot, among other things.

[0069] Among them, the key identifier matching the device to be managed corresponds to the target customer key. The target customer key can be a private key that matches the device key in the device to be managed. For example, the target customer key and the device key can be an asymmetric key pair. The device key is a public key stored in the device to be managed, and the target customer key can be a private key. Based on the device key, data encrypted with the target customer key can be decrypted.

[0070] The target customer key is not stored on the equipment vendor's end, but on the customer's side. The customer obtains services from the equipment vendor's end. For example, the customer purchases or leases hardware equipment generated by the equipment vendor and integrates it to obtain the device to be managed, or directly purchases or leases the device to be managed from the vendor. Since the target customer key is stored on the customer's side, the equipment vendor cannot access the target customer key, which ensures the security of the target customer key and avoids security problems caused by the equipment vendor leaking the key.

[0071] For example, the equipment manufacturer can upload the equipment manufacturer's firmware data to the server (equipment manufacturer's side) or store it in the terminal (equipment manufacturer's side), obtain the equipment manufacturer's firmware data from the equipment manufacturer's side, or obtain the equipment manufacturer's firmware data from the equipment manufacturer's side through serial port or other means, as well as obtain the key identifier that matches the device to be managed.

[0072] Optionally, the terminal or server can pre-store the correspondence between devices to be managed and key identifiers. Based on the correspondence, the key identifier matching the device to be managed can be obtained. For example, the terminal or server first determines the device to be managed for firmware management, which can be determined based on the user's selection of the device. Then, based on the pre-stored correspondence between devices to be managed and key identifiers, the key identifier of the device to be managed can be retrieved. Optionally, the correspondence between devices to be managed and key identifiers can also be stored in a key server. The terminal can send a request to the key server based on the device identifier of the device to be managed to request the key server to sign the device firmware data based on the key matching the key identifier of the device to be managed. The key server can obtain the key identifier based on the device identifier.

[0073] Optionally, a firmware archiving client can be provided to allow users to select firmware management scenarios and key identifiers. This eliminates the need to pre-store the mapping between managed devices and key identifiers, and avoids the need to promptly modify the pre-stored mapping when the key of a managed device changes. It allows for the signing of device data required for firmware management of newly added, different, or key-modified devices at any time, improving the flexibility of firmware data signing and archiving for device vendors. Specifically, the step "Obtain the key identifier matching the managed device" can include:

[0074] Display the firmware archive page, which includes a key selection control and a scenario selection control;

[0075] In response to a scene selection operation on the scene selection control, determine the firmware management scene;

[0076] In response to the key selection operation of the key selection control corresponding to the firmware management scenario, obtain the key identifier used in the firmware management scenario.

[0077] The firmware archive page can be a user interface included in the firmware archive client.

[0078] For example, specifically it could be like this Figure 3 As shown, the firmware archive page is displayed through the firmware archive client. The firmware archive page includes a scenario selection control. Firmware management scenarios can include firmware secure boot and firmware upgrade, etc. The firmware archive page also includes a key selection control. Users can click on the scenario selection control (i.e., scenario selection operation) to select the firmware management scenario. Clicking on the key selection control can display a key identifier drop-down list, from which users can select the desired key identifier.

[0079] The client responds to the selection operation (scenario selection operation and key selection operation) on the firmware archive page, determines the firmware management scenario, and the key identifier required in the firmware management scenario. Obtaining the key identifier through the user's selection operation can support firmware management of newly added devices without having to pre-set the corresponding key identifier for the newly added device, thus increasing the flexibility of firmware management of devices.

[0080] Since the method by which the key service signs and archives firmware data needs to match the device to be managed in order for the managed device to verify the obtained firmware data to be released, and when firmware management is required for multiple devices, different managed devices support different data verification methods. In order to adapt to different managed devices and improve the flexibility of firmware signing and archiving, the firmware archiving page can also include a signing and archiving method selection control to select the signing and archiving method. That is, the data processing method provided in this application embodiment can also specifically include:

[0081] In response to the method selection operation of the signature archiving method selection control, determine the target method for signing and archiving the device vendor firmware data;

[0082] Generate signature archiving instructions based on firmware management scenarios, key identification, and target methods;

[0083] The step "based on the target customer key that matches the key identifier, the device vendor firmware data is signed to obtain signed firmware data containing signature information" can specifically include:

[0084] The signature archiving instruction instructs the key server to use the signature archiving method. Based on the target customer key matched by the key identifier, the firmware data of the device manufacturer is signed to obtain the signed firmware data containing the signature information corresponding to the firmware management scenario.

[0085] For example, the signature archiving method can include hash algorithms such as SHA256, SHA384, and SHA512, and signature algorithms such as RSA2048, RSA3072, RSA4096, and ECDSA384. Users can select the target method from multiple signature archiving methods through the signature archiving method selection control (e.g., clicking). In response to the user's method selection operation, the target method for signing and archiving the device manufacturer's firmware can be determined. Based on the selected firmware management scenario, key identifier, and target method, a signature archiving instruction is generated. This instruction instructs the key server to obtain the target customer key corresponding to the key identifier. The selected signature archiving method and target customer key are used to sign the device vendor's firmware data, resulting in signed firmware data applicable to the selected firmware management scenario. For example, if the selected target method is SHA256 hash algorithm and RSA2048 signature algorithm, the hash value of the device vendor's firmware data is calculated using the SHA256 hash algorithm, and the calculated hash value is signed using the RSA2048 signature algorithm to obtain a digital signature value. The signed firmware data is then obtained based on the digital signature value and the device vendor's firmware data.

[0086] Users can sign and archive device manufacturer firmware data through the firmware archive page. Security can be further enhanced through authorization operations. Specifically, in one embodiment, the step "displaying the firmware archive page" may include:

[0087] Obtain the object identity information of the object being operated on;

[0088] If the object's identity information is authenticated, the firmware archive page will be displayed;

[0089] Following the step "If the verification of the released firmware data obtained from the device vendor based on the signature information passes, then the released firmware data is sent to the device to be managed," the data processing method provided in this application embodiment may further include:

[0090] The operations performed on the target object are recorded, generating firmware management records for the device.

[0091] The object to be operated on may include the object that is to be logged into the firmware archive client.

[0092] The object's identity information may include information that can identify the object, such as account and password, facial information, or fingerprint information.

[0093] For example, it could involve obtaining the object's identity information. The user can enter their account and password in the user interface displayed on the client. The terminal sends the entered account and password to the server. The server verifies the object's identity information to confirm whether the object has the necessary permissions. If the account and password are verified and the object is indicated to have the necessary permissions, the object's identity information is authenticated, and the firmware archiving page is displayed so that the object can sign and archive the device manufacturer's firmware data.

[0094] Record the operation log of the operation object, such as the firmware management scenario selected by the operation object, key identification and signature archiving method, as well as the operation time and operation object, so that the firmware management process of the managed device is traceable and the faults of the managed device can be investigated in a timely manner.

[0095] The digital signing process for device vendor firmware data is completed on the customer side. The signing and archiving of device vendor data requires authorization and is traceable, ensuring that the signing and archiving process is secure and controllable.

[0096] 102. Based on the target customer key that matches the key identifier, the device manufacturer's firmware data is signed to obtain signed firmware data containing signature information.

[0097] Among them, the key identifier can uniquely identify the target customer's key.

[0098] For example, it can be done by obtaining a matching target customer key based on the key identifier, digitally signing the device vendor's firmware data with the target key to obtain signed firmware data containing signature information, and then the managed device can verify the signed firmware data based on the device key to confirm the sender's identity.

[0099] Optionally, the device vendor firmware data can be hashed using a hash function to obtain a digest of the firmware data. This digest is then encrypted using the target customer's key. The encrypted digest and the firmware data are used as the signed firmware data; the encrypted digest is the signature information. Signing the firmware data using the target customer's key ensures the data is not tampered with. Furthermore, since the target customer's key is stored on the customer's side, others cannot obtain it, preventing them from forging the trusted identity of the managed device and thus attacking it.

[0100] Keys can be managed through a key server, which can also be used to sign device vendor firmware data. The key server can be a client-side server, preventing device vendors from obtaining keys directly from it. Furthermore, during the processing of device vendor firmware data, relevant personnel cannot access the target key. To further ensure key security, in one embodiment, the step "signing the device vendor firmware data based on the target client key matching the key identifier to obtain signed firmware data containing signature information" can specifically include:

[0101] The key identifier is sent to the key server so that the key server can obtain the matching target customer key based on the key identifier. The key server is used to manage the keys.

[0102] The device manufacturer's firmware data is signed by the key server based on the target customer's key to obtain signed firmware data containing signature information.

[0103] Receive signed firmware data sent by the key server.

[0104] For example, a key identifier can be sent to a key server, which pre-stores multiple asymmetric key pairs. Each asymmetric key pair corresponds to a key identifier, and the private key in the asymmetric key pair is used to sign the device manufacturer's firmware data.

[0105] The key server obtains the matching target customer key based on the key identifier, calculates the digest information of the device vendor firmware data using a hash function, then signs the digest information of the device vendor firmware data based on the target customer key to obtain the signature information, packages the digest information and the signature information of the device vendor firmware data to obtain the signed firmware data, and then sends the signed firmware data.

[0106] Receive signed firmware data sent by the key service.

[0107] The target client key used for signature processing is generated and stored by the key server. Keys from the key server are prohibited from being exported, and no one else can access the key, thus ensuring key security. This, in turn, ensures that the managed device will not be attacked or damaged due to processing insecure data, thereby preventing the data stored on the managed device from being leaked.

[0108] The equipment vendor can sign the equipment vendor firmware data. This signed firmware data allows the recipient to verify the signature and confirm that the equipment vendor firmware data has not been tampered with. In one embodiment, the step "obtaining equipment vendor firmware data from the equipment vendor" may specifically include:

[0109] Obtain signed firmware data from the equipment vendor; the signed firmware data contains verification information generated based on the equipment vendor's firmware data.

[0110] The signed firmware data is processed for signature verification to obtain the firmware data to be verified and the verification information.

[0111] Data verification is performed on the firmware data to be verified based on the verification information.

[0112] If the firmware data to be verified passes the verification, the device manufacturer's firmware data will be obtained.

[0113] For example, the device manufacturer can sign and package the device manufacturer's firmware data. For instance, the device manufacturer can use a package manager, also known as a software package management tool, to sign and package the device manufacturer's firmware data, such as apt-get, DNF, aptitude, and Harmony Package Manager (HPM).

[0114] Taking HPM as an example, equipment manufacturers use the HPM protocol, which is common to servers, to package and digitally sign their firmware data, ultimately generating an HPM format file, i.e., the signed firmware data, such as... Figure 4 As shown, the header of the generated HPM format file contains formatting information such as manufacturer and product, including BMC, BIOS, PSU, CPLD, etc. The header may also include an address code (BordID), which is the terminal address receiving serial port commands, extended component information, and a checksum of the header data (header checksum). The HPM format file also includes Action header formatting information, device vendor firmware data, and a tail data checksum (tail checksum). The HPM format file also includes a digital signature value, which is a hash value calculated from the above content and then obtained using the device vendor's private key.

[0115] Optionally, the firmware data can be digitally signed to obtain verification information (equivalent to signature information). The firmware data and verification information can then be compressed into a single file using a compression and packaging tool, such as tar, to obtain the signed firmware data.

[0116] The signed firmware data is obtained from the equipment vendor. The signed firmware data is decrypted using the equipment vendor's public key to obtain the first hash value calculated by hashing the equipment vendor's firmware data and the firmware data to be verified. The second hash value of the firmware data to be verified is calculated using the hash function. If the first hash value and the second hash value are the same, it is considered that the firmware data to be verified has not been tampered with and that the firmware data to be verified is the equipment vendor's firmware data. If they are not the same, it is considered that the firmware data to be verified has been tampered with and the subsequent steps are not executed.

[0117] 103. Send the signed firmware data to the device manufacturer so that the device manufacturer can publish the signed firmware data and obtain the published firmware data.

[0118] For example, the signed firmware data could be sent to the device manufacturer, who would then obtain the signed firmware data, perform functional tests on it, and release the signed firmware data once the tests are passed.

[0119] Optionally, to prevent the signed firmware data from being tampered with during the transmission to the device vendor, which could lead to malicious attacks on the managed device, the device vendor can perform data integrity verification on the signed firmware data. For example, the device vendor can obtain the device key and decrypt the signature information in the signed firmware data using the device key to obtain the digest information of the device vendor firmware data (denoted as the first digest information). Then, it can calculate the digest information of the device vendor firmware data in the signed firmware data (denoted as the second digest information) based on a hash function. If the first digest information and the second digest information are consistent, the device vendor firmware data has not been tampered with; otherwise, the device vendor firmware data has been tampered with.

[0120] Optionally, the signed firmware data can be uploaded to a file-sharing platform, and the equipment manufacturer can then obtain the signed firmware data from the file-sharing platform. The file-sharing platform can be a platform for data transmission between the equipment manufacturer and the customer. The equipment manufacturer and the customer transmit the signed firmware data through a specific channel, which can realize closed-loop transmission of the signed firmware data and ensure that the data is not tampered with during the transmission process.

[0121] 104. If the verification of the released firmware data obtained from the device vendor is successful based on the signature information, the released firmware data will be sent to the device to be managed, so that the device to be managed can perform firmware management based on the released firmware data.

[0122] For example, it could involve obtaining the released firmware data, performing data integrity verification on the released firmware, and confirming that the released firmware data is the signed firmware data and has not been tampered with.

[0123] If it is confirmed that the firmware data has not been tampered with after release, the released firmware data is sent to the device to be managed. After the device to be managed receives the released firmware data, it decrypts the released firmware data based on the device key and verifies the integrity of the device vendor firmware data in the released firmware data. If the verification is successful, firmware management is performed based on the device vendor firmware data. For example, if the firmware management is firmware upgrade, the firmware is upgraded based on the device vendor firmware data.

[0124] In one embodiment, the step "based on the signature information, if the verification of the released firmware data obtained from the device vendor passes, then the released firmware data is sent to the device to be managed" may specifically include:

[0125] Obtain the released firmware data from the device vendor;

[0126] Data integrity verification is performed on the released firmware data based on the signature information;

[0127] If the data integrity verification passes, the released firmware data will be sent to the device to be managed.

[0128] For example, it could involve obtaining the released firmware data from the device vendor, decrypting the signature information in the released firmware data using the device key to obtain verification information for verifying data integrity, calculating the verification information for firmware data used for firmware management contained in the released firmware data, and comparing it with the verification information contained in the signature information to determine whether the released firmware data has been tampered with. If it has not been tampered with, the data integrity verification of the released firmware data passes, and the released firmware data is sent to the device to be managed.

[0129] Optionally, after the device manufacturer passes the functional test based on the signed firmware data, they can upload the signed device firmware data to a file-sharing platform for publication, thus obtaining the published firmware data. The customer can then download the published firmware data from the file-sharing platform and perform firmware management on the devices to be managed based on the published firmware data. This achieves closed-loop transmission of the device manufacturer's firmware data throughout the entire firmware management process, ensuring the security of the device manufacturer's firmware data.

[0130] As can be seen from the above, this embodiment of the application obtains the device vendor firmware data from the device vendor's end and obtains a key identifier that matches the device to be managed. The device vendor firmware data is used for firmware management of the device to be managed. Based on the target customer key that matches the key identifier, the device vendor firmware data is signed to obtain signed firmware data containing signature information. The signed firmware data is sent to the device vendor so that the device vendor can publish the signed firmware data to obtain published firmware data. If the verification of the published firmware data obtained from the device vendor based on the signature information is successful, the published firmware data is sent to the device to be managed so that the device to be managed can perform firmware management based on the published firmware data.

[0131] In this embodiment, after obtaining the firmware data from the equipment vendor, the firmware data is signed and then sent to the equipment vendor. During this process, the equipment vendor does not have access to the target customer key required for signing the firmware data, which avoids security issues caused by key leakage due to the equipment vendor and ensures the security of the managed equipment.

[0132] Based on the above embodiments, the following examples will provide further detailed explanations.

[0133] This embodiment will be described from the perspective of a data processing system. Specifically, the data processing system may include devices such as equipment vendors, client terminals, client key servers, and cloud servers. The cloud server is the device to be managed in the above embodiment. Both the client terminal and the client key server belong to the client side. The equipment vendor is a manufacturer (Original Design Manufacturer, ODM) that provides cloud servers to the client side.

[0134] Equipment vendors and customers can transmit data through a file-sharing platform, and transmitting data through a dedicated channel can improve the security and reliability of the data transmission process.

[0135] The customer key server is the key server described in the above embodiments. The equipment vendor cannot access the keys and other data stored in the customer key server, and the keys in the key server are exported to ensure they are not leaked. Multiple asymmetric key pairs can be created in the key server. The private keys are used for digital signatures in firmware management scenarios such as firmware upgrades, secure firmware boot, and Boot Guard. The key server can also store the vendor's public key for verifying data obtained from the equipment vendor.

[0136] This application provides a data processing method, such as... Figure 5 As shown, the specific flow of this data processing method can be as follows:

[0137] 201. The equipment vendor pre-packages the equipment vendor's firmware data to obtain pre-packaged firmware data, and then uploads the pre-packaged firmware data to the file sharing platform.

[0138] For example, the device manufacturer can sign and package the device manufacturer's firmware data. This process is called pre-packaging. For example, the device manufacturer can use a package manager, also known as a software package management tool, to sign and package the device manufacturer's firmware data. Package managers such as apt-get, DNF, aptitude, and HarmonyPackageManager (HPM) can be used to obtain pre-packaged firmware data.

[0139] Taking HPM as an example, equipment manufacturers use the HPM protocol, which is common to servers, to package and digitally sign their firmware data, ultimately generating an HPM format file, i.e., the signed firmware data, such as... Figure 4As shown, the header of the generated HPM format file contains formatting information such as manufacturer and product, including BMC, BIOS, PSU, CPLD, etc. The header may also include an address code (BordID), which is the terminal address receiving serial port commands, extended component information, and a checksum of the header data. The HPM format file also includes Action header formatting information, device manufacturer firmware data, and a tail data checksum. The HPM format file also includes a digital signature value, which is a hash value calculated from the above content and then obtained using the device manufacturer's private key.

[0140] Optionally, the firmware data can be digitally signed to obtain verification information (equivalent to signature information). The firmware data and verification information can then be compressed into a single file using a compression and packaging tool, such as tar, to obtain the signed firmware data (i.e., pre-packaged firmware data).

[0141] The equipment vendor uploads the pre-packaged firmware data to a file-sharing platform.

[0142] 202. The client terminal downloads the pre-packaged firmware data from the file sharing platform and performs signature verification on the pre-packaged firmware data.

[0143] For example, the client terminal might download pre-packaged firmware data from the device vendor's server from a file-sharing platform. Using the vendor's public key, the signed firmware data is decrypted to obtain a first hash value calculated using a hash function on the device vendor's firmware data, along with the firmware data to be verified. A second hash value is then calculated using the same hash function. If the first and second hash values ​​match, the firmware data to be verified is considered tamper-proof and is the device vendor's firmware data; verification is successful, and step 203 is executed. If they do not match, the firmware data to be verified is considered tampered with, subsequent steps are skipped, and the process ends.

[0144] 203. In response to the selection operation on the firmware archiving page, the client terminal generates a signed archiving instruction for the device manufacturer's firmware data.

[0145] For example, the client terminal can obtain the object identity information of the object to be operated, verify the object identity information, confirm whether the object has the operation permission, and if the object has the operation permission, the authentication is passed and the firmware archiving page is displayed so that the object can sign and archive the device manufacturer's firmware data.

[0146] The selection operation can include scenario selection, key selection, and scenario selection control. In response to the selection operation on the firmware archiving page, the client terminal determines the firmware management scenario, the key identifier required in the firmware management scenario, and the target method for signing and archiving. Based on the selected firmware management scenario, key identifier, and target method, the client terminal generates a signing and archiving instruction and sends the signing and archiving instruction to the client key server.

[0147] Record the operation log of the operation object, such as the firmware management scenario selected by the operation object, key identification and signature archiving method, as well as the operation time and operation object, so that the firmware management process of the managed device is traceable and the faults of the managed device can be investigated in a timely manner.

[0148] The digital signing process for device vendor firmware data is completed on the customer side. The signing and archiving of device vendor data requires authorization and is traceable, ensuring that the signing and archiving process is secure and controllable.

[0149] 204. Based on the signature archiving instruction, the customer key server obtains the target customer's private key and performs signature archiving processing on the device manufacturer's firmware data to obtain the signed firmware data.

[0150] For example, the selected target method is: SHA256 hash algorithm and RSA2048 signature algorithm. The client key server obtains the target client private key (i.e. the target client key in the above embodiment) that matches the key identifier based on the signature archiving instruction, calculates the hash value of the device manufacturer's firmware data using the SHA256 hash algorithm, signs the calculated hash value using the RSA2048 signature algorithm to obtain the digital signature value, and obtains the signed firmware data based on the digital signature value and the device manufacturer's firmware data.

[0151] 205. The customer key service uploads the signed firmware data to the file sharing platform.

[0152] For example, the customer key service uploads the signed firmware data to a file sharing platform.

[0153] 206. The device vendor downloads the signed firmware data from the file sharing platform and performs functional tests based on the signed firmware data.

[0154] For example, the device vendor can download the signed firmware data from a file-sharing platform and verify the integrity of the signed firmware data using the client's public key that matches the target client's private key. If the signed firmware data has not been tampered with, the encrypted firmware data can be burned into the test device for functional testing.

[0155] 207. If the test passes, the device vendor will release the signed firmware data and obtain the released firmware data.

[0156] For example, if the test passes, the device manufacturer publishes the signed firmware data. The device manufacturer can then publish the signed firmware data on a file-sharing platform and obtain the published firmware data. If the test fails, the process ends.

[0157] 208. The client terminal obtains the released firmware data from the file sharing platform, performs signature verification on the released firmware data, and then manages the firmware on the cloud server.

[0158] For example, it could involve obtaining the released firmware data, performing data integrity verification on the released firmware, and confirming that the released firmware data is the signed firmware data and has not been tampered with.

[0159] If it is confirmed that the released firmware data has not been tampered with, then the released firmware data is used to manage the firmware on the cloud server. After the cloud server obtains the released firmware data, it decrypts the released firmware data based on the customer's public key and verifies the integrity of the device vendor firmware data in the released firmware data. If the verification is successful, then firmware management is performed based on the device vendor firmware data. For example, if the firmware management is for firmware upgrade, then the firmware is upgraded based on the device vendor firmware data.

[0160] The method provided in this application ensures that all firmware updates, secure boots, and secure measurements of all cloud server hardware (BMC, BIOS, CPLD, PSU, FPGA, RoT, and network card FW, etc.) are secure and reliable, guaranteeing the security of all cloud server hardware.

[0161] As described above, the data processing system in this embodiment pre-packages the firmware data of the equipment vendor at the equipment vendor's end to obtain pre-packaged firmware data, and uploads the pre-packaged firmware data to the file sharing platform; the client terminal downloads the pre-packaged firmware data from the file sharing platform and performs signature verification on the pre-packaged firmware data; the client terminal responds to the selection operation on the firmware archiving page and generates a signature archiving instruction for the equipment vendor's firmware data; the client key server obtains the target client's private key based on the signature archiving instruction and performs signature archiving processing on the equipment vendor's firmware data to obtain signed firmware data; the client key service uploads the signed firmware data to the file sharing platform; the equipment vendor downloads the signed firmware data from the file sharing platform and performs functional testing based on the signed firmware data; if the test passes, the equipment vendor publishes the signed firmware data to obtain published firmware data; the client terminal obtains the published firmware data from the file sharing platform, performs signature verification on the published firmware data, and then manages the firmware on the cloud server.

[0162] In this embodiment, after obtaining the firmware data from the equipment vendor, the firmware data is signed before being sent back to the vendor. During this process, the vendor does not access the target client key required for signing the firmware data, and the client's private key is stored on a client key server, preventing external access and thus avoiding security issues caused by private key leakage. This ensures the security of the cloud server. Furthermore, the interaction between the vendor and the client is a closed loop, with data integrity verification performed at each stage to ensure data integrity and prevent attacks on the cloud server.

[0163] To facilitate better implementation of the data processing method provided in the embodiments of this application, a data processing apparatus is also provided in one embodiment. The meanings of the terms used are the same as in the data processing method described above, and specific implementation details can be found in the description of the method embodiments.

[0164] This data processing device can be integrated into a computer device, such as... Figure 6 As shown, the data processing device may include: an acquisition unit 301, a signature unit 302, a sending unit 303, and a management unit 304, as detailed below:

[0165] (1) Acquisition unit 301: used to acquire the device vendor firmware data from the device vendor's end, and to acquire the key identifier that matches the device to be managed. The device vendor firmware data is used to perform firmware management on the device to be managed.

[0166] In one embodiment, the acquisition unit 301 may include a second data acquisition subunit, a signature verification processing subunit, a data verification subunit, and a obtaining subunit, specifically:

[0167] The second data acquisition subunit is used to obtain signed firmware data from the equipment vendor. The encrypted firmware contains verification information generated based on the equipment vendor's firmware data.

[0168] Signature verification processing subunit: Used to perform signature verification processing on encrypted firmware data to obtain firmware data to be verified and verification information;

[0169] Data verification subunit: used to perform data verification on the firmware data to be verified based on verification information;

[0170] Obtain sub-unit: Used to obtain the device manufacturer's firmware data if the firmware data to be verified passes the verification.

[0171] In one embodiment, the acquisition unit 301 may include a display subunit, a scene determination subunit, and a key identifier acquisition subunit, specifically:

[0172] Display subunit: Used to display the firmware archive page, which includes key selection controls and scenario selection controls;

[0173] Scene determination subunit: Used to determine the firmware management scene in response to a scene selection operation on the scene selection control;

[0174] Key Identifier Acquisition Subunit: Used to acquire the key identifier for the firmware management scenario in response to the key selection operation of the key selection control corresponding to the firmware management scenario.

[0175] In one embodiment, the firmware archiving page includes a signature archiving method selection control, and the acquisition unit 301 may include a method determination subunit and an instruction generation subunit, specifically:

[0176] Method Determination Subunit: Used to determine the target method for signing and archiving device vendor firmware data in response to the method selection operation of the signature archiving method selection control;

[0177] Instruction generation subunit: used to generate signed archive instructions based on firmware management scenario, key identifier, and target method;

[0178] The signature unit may include an instruction subunit, specifically:

[0179] Instruction subunit: Used to instruct the key server to use the signature archiving method through the signature archiving instruction, and to perform signature processing on the device manufacturer's firmware data based on the target customer key matched by the key identifier, so as to obtain the signed firmware data containing signature information corresponding to the firmware management scenario.

[0180] In one embodiment, the display subunit may include an identity information acquisition module and a page display module, specifically:

[0181] Identity information acquisition module: used to acquire the object identity information of the object being operated on;

[0182] Page display module: Used to display the firmware archive page if the object's identity information is successfully authenticated;

[0183] The data processing device may also include an operation recording unit, specifically:

[0184] Operation recording unit: Used to record the operations performed on the target device and generate firmware management records for the device.

[0185] (2) Signature unit 302: used to sign the device manufacturer firmware data based on the target customer key that matches the key identifier, and obtain signed firmware data containing signature information.

[0186] In one embodiment, the signature unit 302 may include an identifier sending subunit, a signature processing subunit, and a receiving subunit, specifically:

[0187] Identifier Sending Subunit: Used to send the key identifier to the key server, so that the key server can obtain the matching target customer key based on the key identifier. The key server is used to manage keys.

[0188] The signature processing subunit is used to process the firmware data of the device manufacturer based on the target customer key through the key server, so as to obtain signed firmware data containing signature information.

[0189] Receiver subunit: Used to receive signed firmware data sent by the key server.

[0190] (3) Sending unit 303: Used to send the signed firmware data to the equipment vendor so that the equipment vendor can publish the signed firmware data and obtain the published firmware data.

[0191] (4) Management unit 304: If the firmware data obtained from the device vendor is verified based on the signature information, the firmware data will be sent to the device to be managed, so that the device to be managed can perform firmware management based on the firmware data.

[0192] In one embodiment, the management unit 304 may include a first data acquisition subunit, a verification subunit, and a data transmission subunit, specifically:

[0193] First data acquisition subunit: used to acquire released firmware data from the device vendor;

[0194] Verification subunit: Used to verify the integrity of firmware data after release based on signature information;

[0195] Data transmission subunit: Used to send the released firmware data to the device to be managed if the data integrity verification passes.

[0196] As can be seen from the above, the data processing device in this embodiment of the application obtains the device vendor firmware data from the device vendor's end through the acquisition unit 301, and obtains the key identifier that matches the device to be managed. The device vendor firmware data is used for firmware management of the device to be managed. The signature unit 302 performs signature processing on the device vendor firmware data based on the target customer key that matches the key identifier to obtain signed firmware data containing signature information. The sending unit 303 sends the signed firmware data to the device vendor's end so that the device vendor's end can publish the signed firmware data to obtain published firmware data. If the verification of the published firmware data obtained from the device vendor's end based on the signature information is successful, the management unit 304 sends the published firmware data to the device to be managed so that the device to be managed can perform firmware management based on the published firmware data.

[0197] In this embodiment of the application, after the data processing device obtains the firmware data from the equipment vendor, it signs the firmware data and then sends the signed firmware data back to the equipment vendor. During this process, the equipment vendor does not have access to the target customer key required for signing the firmware data, which can avoid security problems caused by key leakage due to the equipment vendor and ensure the security of the managed equipment.

[0198] This application also provides a computer device, which can be a terminal or a server, such as... Figure 7 As shown, it illustrates a structural schematic diagram of the computer device involved in the embodiments of this application, specifically:

[0199] The computer device may include components such as a processor 1001 with one or more processing cores, a memory 1002 with one or more computer-readable storage media, a power supply 1003, and an input unit 1004. Those skilled in the art will understand that... Figure 7 The computer device structure shown does not constitute a limitation on the computer device and may include more or fewer components than shown, or combine certain components, or have different component arrangements. Wherein:

[0200] The processor 1001 is the control center of the computer device. It connects various parts of the computer device via various interfaces and lines. By running or executing software programs and / or modules stored in the memory 1002, and by calling data stored in the memory 1002, it performs various functions of the computer device and processes data, thereby performing overall detection of the computer device. Optionally, the processor 1001 may include one or more processing cores; preferably, the processor 1001 may integrate an application processor and a modem processor, wherein the application processor mainly handles the operating system, user interface, and computer programs, and the modem processor mainly handles wireless communication. It is understood that the modem processor may not be integrated into the processor 1001.

[0201] The memory 1002 can be used to store software programs and modules. The processor 1001 executes various functional applications and data processing by running the software programs and modules stored in the memory 1002. The memory 1002 may mainly include a program storage area and a data storage area. The program storage area may store the operating system, computer programs required for at least one function (such as sound playback function, image playback function, etc.), etc.; the data storage area may store data created according to the use of the computer device, etc. In addition, the memory 1002 may include high-speed random access memory, and may also include non-volatile memory, such as at least one disk storage device, flash memory device, or other volatile solid-state storage device. Accordingly, the memory 1002 may also include a memory controller to provide the processor 1001 with access to the memory 1002.

[0202] The computer equipment also includes a power supply 1003 that supplies power to the various components. Preferably, the power supply 1003 can be logically connected to the processor 1001 through a power management system, thereby enabling functions such as charging, discharging, and power consumption management through the power management system. The power supply 1003 may also include one or more DC or AC power supplies, recharging systems, power fault detection circuits, power converters or inverters, power status indicators, and other arbitrary components.

[0203] The computer device may also include an input unit 1004, which can be used to receive input digital or character information and generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control.

[0204] Although not shown, the computer device may also include a display unit, etc., which will not be described in detail here. Specifically, in this embodiment, the processor 1001 in the computer device loads the executable files corresponding to the processes of one or more computer programs into the memory 1002 according to the following instructions, and the processor 1001 runs the computer programs stored in the memory 1002 to realize various functions, as follows:

[0205] Obtain the device vendor firmware data from the device vendor's end, and obtain the key identifier that matches the device to be managed. The device vendor firmware data is used for firmware management of the device to be managed.

[0206] Based on the target customer key that matches the key identifier, the device manufacturer's firmware data is signed to obtain signed firmware data containing signature information.

[0207] The signed firmware data is sent to the equipment manufacturer so that the equipment manufacturer can publish the signed firmware data and obtain the published firmware data.

[0208] If the verification of the released firmware data obtained from the device vendor is successful based on the signature information, the released firmware data will be sent to the device to be managed, enabling the device to manage the firmware based on the released firmware data.

[0209] In this embodiment, after obtaining the firmware data from the equipment vendor, the firmware data is signed and then sent to the equipment vendor. During this process, the equipment vendor does not have access to the target customer key required for signing the firmware data, which avoids security issues caused by key leakage due to the equipment vendor and ensures the security of the managed equipment.

[0210] For details on the implementation of each of the above operations, please refer to the previous examples, which will not be repeated here.

[0211] As can be seen from the above, after the computer device in this embodiment of the application obtains the firmware data from the device vendor, it signs the firmware data and then sends the signed firmware data to the device vendor. During this process, the device vendor does not have access to the target customer key required for signing the firmware data, which can avoid security problems caused by key leakage due to the device vendor and ensure the security of the device to be managed.

[0212] According to one aspect of this application, a computer program product is provided, comprising a computer program containing computer instructions stored in a computer-readable storage medium. A processor of a computer device reads the computer instructions from the computer-readable storage medium and executes the computer instructions, causing the computer device to perform the methods provided in the various optional implementations of the above embodiments.

[0213] Those skilled in the art will understand that all or part of the steps in the various methods of the above embodiments can be performed by a computer program, or by a computer program controlling related hardware. The computer program can be stored in a computer-readable storage medium and loaded and executed by a processor.

[0214] Therefore, embodiments of this application provide a computer-readable storage medium storing a computer program that can be loaded by a processor to execute any of the data processing methods provided in embodiments of this application.

[0215] For details on the implementation of each of the above operations, please refer to the previous examples, which will not be repeated here.

[0216] The computer-readable storage medium may include: read-only memory (ROM), random access memory (RAM), disk or optical disk, etc.

[0217] Since the computer program stored in the computer-readable storage medium can execute any of the data processing methods provided in the embodiments of this application, the beneficial effects that any of the data processing methods provided in the embodiments of this application can achieve can be realized. For details, please refer to the previous embodiments, which will not be repeated here.

[0218] The data processing method, apparatus, computer device, and computer-readable storage medium provided in the embodiments of this application have been described in detail above. Specific examples have been used to illustrate the principles and implementation methods of this application. The description of the above embodiments is only for the purpose of helping to understand the method and core ideas of this application. At the same time, for those skilled in the art, there will be changes in the specific implementation methods and application scope based on the ideas of this application. Therefore, the content of this specification should not be construed as a limitation of this application.

Claims

1. A data processing method, characterized in that, include: Obtain the device vendor firmware data from the device vendor's end, and obtain the key identifier that matches the device to be managed. The device vendor firmware data is used to perform firmware management on the device to be managed. Based on the target customer key that matches the key identifier, the device vendor firmware data is signed to obtain signed firmware data containing signature information. The signed firmware data is sent to the device manufacturer so that the device manufacturer can publish the signed firmware data and obtain the published firmware data. If the verification of the released firmware data obtained from the device vendor is successful based on the signature information, the released firmware data is sent to the device to be managed, so that the device to be managed can perform firmware management based on the released firmware data.

2. The method according to claim 1, characterized in that, The step of signing the device vendor firmware data based on the target customer key that matches the key identifier to obtain signed firmware data containing signature information includes: The key identifier is sent to the key server so that the key server can obtain the matching target customer key based on the key identifier. The key server is used to manage the key. The key server performs signature processing on the device manufacturer's firmware data based on the target customer key to obtain signed firmware data containing signature information. Receive the signed firmware data sent by the key server.

3. The method according to claim 2, characterized in that, The step of verifying the released firmware data obtained from the device vendor based on the signature information, and then sending the released firmware data to the device to be managed, includes: Obtain the released firmware data from the device vendor's end; The data integrity of the released firmware data is verified based on the signature information. If the data integrity verification passes, the published firmware data will be sent to the device to be managed.

4. The method according to claim 1, characterized in that, The acquisition of the device vendor firmware data from the device vendor's end includes: Obtain signed firmware data from the equipment vendor, the signed firmware data containing verification information generated based on the equipment vendor firmware data; The signed firmware data is subjected to data verification processing to obtain firmware data to be verified and the verification information. The firmware data to be verified is verified based on the verification information. If the firmware data to be verified passes the verification, the device manufacturer's firmware data is obtained.

5. The method according to any one of claims 1-4, characterized in that, The process of obtaining the key identifier that matches the device to be managed includes: Display the firmware archive page, which includes a key selection control and a scenario selection control; In response to a scene selection operation on the scene selection control, a firmware management scene is determined; In response to a key selection operation of the key selection control corresponding to the firmware management scenario, a key identifier for the firmware management scenario is obtained.

6. The method according to claim 5, characterized in that, The firmware archiving page includes a signature archiving method selection control, and the method further includes: In response to the method selection operation of the signature archiving method selection control, a target method for signing and archiving the device vendor firmware data is determined. Generate a signature archiving instruction based on the firmware management scenario, the key identifier, and the target method; The step of signing the device vendor firmware data based on the target customer key that matches the key identifier to obtain signed firmware data containing signature information includes: The signature archiving instruction instructs the key server to use the signature archiving method to sign the device manufacturer's firmware data based on the target customer key matched by the key identifier, thereby obtaining the signed firmware data containing signature information corresponding to the firmware management scenario.

7. The method according to claim 5, characterized in that, The firmware archive display page includes: Obtain the object identity information of the object being operated on; If the object's identity information is authenticated, the firmware archive page will be displayed; If, based on the signature information, the verification of the released firmware data obtained from the device vendor passes, and the released firmware data is then sent to the device to be managed, the method further includes: The operations performed on the object are recorded to generate firmware management records for the device.

8. A data processing apparatus, characterized in that, include: The acquisition unit is used to acquire the device vendor firmware data from the device vendor's end, and to acquire the key identifier that matches the device to be managed. The device vendor firmware data is used to perform firmware management on the device to be managed. The signing unit is used to sign the device manufacturer firmware data based on the target customer key that matches the key identifier, so as to obtain signed firmware data containing signature information. The sending unit is used to send the signed firmware data to the device vendor so that the device vendor can publish the signed firmware data and obtain the published firmware data. The management unit is configured to send the released firmware data to the device to be managed if the verification of the released firmware data obtained from the device vendor is successful based on the signature information, so that the device to be managed can perform firmware management based on the released firmware data.

9. The apparatus according to claim 8, characterized in that, The signature unit includes: An identifier sending subunit is used to send the key identifier to the key server, so that the key server can obtain a matching target customer key based on the key identifier. The key server is used to manage keys. The signature processing subunit is used to perform signature processing on the device manufacturer firmware data based on the target customer key through the key server to obtain signed firmware data containing signature information. A receiving subunit is used to receive the signed firmware data sent by the key server.

10. The apparatus according to claim 9, characterized in that, The management unit includes: The first data acquisition subunit is used to acquire the released firmware data from the device vendor. A verification subunit is used to perform data integrity verification on the released firmware data based on the signature information. The data sending subunit is used to send the published firmware data to the device to be managed if the data integrity verification passes.

11. The apparatus according to claim 10, characterized in that, The acquisition unit includes: The second data acquisition subunit is used to acquire signed firmware data from the equipment vendor, the signed firmware data including verification information generated based on the equipment vendor firmware data; The signature verification processing subunit is used to perform data signature verification processing on the signed firmware data to obtain the firmware data to be verified and the verification information. A data verification subunit is used to perform data verification on the firmware data to be verified based on the verification information. A subunit is obtained, which is used to obtain the device manufacturer's firmware data if the firmware data to be verified passes the verification.

12. The apparatus according to any one of claims 8 to 11, characterized in that, The acquisition unit includes: The display subunit is used to display the firmware archive page, which includes a key selection control and a scenario selection control. The scene determination subunit is used to determine the firmware management scene in response to a scene selection operation on the scene selection control; The key identifier acquisition subunit is used to acquire the key identifier for the firmware management scenario in response to the key selection operation of the key selection control corresponding to the firmware management scenario.

13. The apparatus according to claim 12, characterized in that, The firmware archiving page includes a signature archiving method selection control, and the acquisition unit includes: The method determination subunit is used to determine the target method for signing and archiving the device vendor firmware data in response to a method selection operation of the signature archiving method selection control. The instruction generation subunit is used to generate a signature archiving instruction based on the firmware management scenario, the key identifier, and the target method. The signature unit includes: The instruction subunit is used to instruct the key server to use the signature archiving method to sign the device manufacturer firmware data based on the target customer key matched by the key identifier, thereby obtaining the signed firmware data containing signature information corresponding to the firmware management scenario.

14. The apparatus according to claim 12, characterized in that, The display subunit includes: The identity information acquisition module is used to acquire the object identity information of the object being operated on. The page display module is used to display the firmware archive page if the authentication of the object's identity information is successful. The data processing device further includes: An operation recording unit is used to record the operations performed on the operation object and generate firmware management records for the device.

15. A computer device, characterized in that, It includes a memory and a processor; the memory stores a computer program, and the processor is used to run the computer program in the memory to perform the data processing method according to any one of claims 1 to 7.

16. A computer-readable storage medium, characterized in that, The computer-readable storage medium is used to store a computer program, which is loaded by a processor to perform the data processing method according to any one of claims 1 to 7.

17. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the data processing method according to any one of claims 1 to 7.