US 12,294,657 B2
Software integrity protection method and apparatus, and software integrity verification method and apparatus
Bin Cao, Nanjing (CN); Haiwu Chen, Beijing (CN); Yan Chen, Nanjing (CN); and Bo Wang, Beijing (CN)
Assigned to HUAWEI TECHNOLOGIES CO., LTD., Shenzhen (CN)
Filed by HUAWEI TECHNOLOGIES CO., LTD., Guangdong (CN)
Filed on Apr. 1, 2022, as Appl. No. 17/711,879.
Application 17/711,879 is a continuation of application No. PCT/CN2020/122503, filed on Oct. 21, 2020.
Claims priority of application No. 201911012940.1 (CN), filed on Oct. 23, 2019; and application No. 201911120987.X (CN), filed on Nov. 15, 2019.
Prior Publication US 2022/0224546 A1, Jul. 14, 2022
Int. Cl. H04L 9/32 (2006.01); H04L 9/00 (2022.01)
CPC H04L 9/3247 (2013.01) [H04L 9/006 (2013.01); H04L 9/3263 (2013.01)] 10 Claims
OG exemplary drawing
 
1. A software integrity protection method, comprising:
obtaining, by a first device, a first software package, wherein the first software package comprises a first signature and software, the first signature made by a first party for the software as part of a second software package using a first private key;
performing, by the first device, a signing operation on at least the software using a second private key, to obtain a third software package comprising a second signature and the software, wherein the first private key is controlled by the first party, and the second private key is controlled by a second party;
sending, by the first device, the third software package to a second device;
receiving, by the second device, the third software package; and
wherein the second device comprises a switching enable bit, and the method further comprises at least one of:
when the switching enable bit is invalid and a dual-root enable bit on the second device is valid:
determining, by the second device, that the first signature and the second signature are both valid; and
indicating, by the second device, that integrity verification on the software succeeds based on the switching enable bit being invalid, the dual-root enable bit being valid, and the first signature and second signature both being valid; or
when the switching enable bit on the second device is valid:
determining, by the second device, that the first signature is valid; and
indicating, by the second device, that integrity verification on the software succeeds based a on the switching enable bit being valid and the first signature being valid; or
when the switching enable bit is invalid and the dual-root enable bit on the second device is invalid:
determining, by the second device, that the second signature is valid;
and
indicating, by the second device, that integrity verification on the software succeeds based on the switching enable bit being invalid, the dual-root enable bit being invalid, and the second signature being valid.