阅读说明：本技术 固件更新方法、装置和系统 (Firmware updating method, device and system ) 是由 丁大军 李海雄 卓进超 于 2021-08-13 设计创作，主要内容包括：本申请提供一种固件更新方法、装置和系统,在方法中,接收固件更新文件,所述固件更新文件包括：签名文件以及固件文件；获取第一证书,所述第一证书是用于固件更新的证书；根据所述第一证书生成公钥；根据所述公钥以及所述签名文件对所述固件文件进行签名验证；如果所述签名验证通过,使用所述固件文件进行固件更新。本申请能够解决现有技术中非法更新图像形成装置固件,导致图像形成装置被恶意程序、木马攻击,造成数据信息泄露的问题。(The application provides a firmware updating method, a device and a system, in the method, a firmware updating file is received, and the firmware updating file comprises: signature files and firmware files; obtaining a first certificate, wherein the first certificate is a certificate for firmware update; generating a public key according to the first certificate; performing signature verification on the firmware file according to the public key and the signature file; and if the signature passes the verification, updating the firmware by using the firmware file. The method and the device can solve the problem that data information leakage is caused by the fact that the image forming device is attacked by malicious programs and trojans due to illegal updating of the firmware of the image forming device in the prior art.)

1. A firmware updating method applied to an image forming apparatus, comprising:

receiving a firmware update file, the firmware update file comprising: signature files and firmware files;

obtaining a first certificate, wherein the first certificate is a certificate for firmware update;

generating a public key according to the first certificate;

performing signature verification on the firmware file according to the public key and the signature file;

and if the signature passes the verification, updating the firmware by using the firmware file.

2. The method of claim 1, wherein obtaining the first certificate comprises:

sending a root certificate acquisition request to a second server, wherein the second server is a server for providing trusted platform services; and receiving the root certificate sent by the second server in response to the root certificate acquisition request.

3. The method of claim 2, wherein obtaining the first certificate comprises:

storing the root certificate in a security chip, the security chip being built in the image forming apparatus;

deriving the first certificate from the root certificate.

4. The method of claim 1, wherein receiving the firmware update file comprises:

receiving a firmware update message sent by a first electronic device, wherein the firmware update message is used for instructing the image forming apparatus to update firmware, and the firmware update message comprises the firmware update file; the firmware update message is sent after the first electronic device receives a firmware update operation instruction.

5. The method according to any one of claims 1 to 4, wherein performing signature verification on the firmware file according to the public key and the signature file comprises:

and performing signature verification on the firmware file by using an asymmetric algorithm according to the public key and the signature file.

6. A firmware updating method applied to a first server is characterized by comprising the following steps:

obtaining a first certificate, wherein the first certificate is a certificate for firmware update;

generating a private key according to the first certificate;

signing the firmware file by using the private key to obtain a signature file;

generating a firmware update file according to the signature file and the firmware file;

and issuing the firmware update file.

7. The method of claim 6, wherein said publishing the firmware update file comprises:

displaying a download link of the firmware update file in a preset website; alternatively, the first and second electrodes may be,

pushing a download link of the firmware update file to a first electronic device or an image forming apparatus;

the method further comprises the following steps:

receiving a download request sent by a first electronic device or the image forming apparatus;

and sending the firmware update file to the first electronic equipment or the image forming device in response to the downloading request.

8. The method of claim 6, wherein said publishing the firmware update file comprises:

and pushing the firmware update file to the first electronic equipment or the image forming device.

9. The method of any of claims 6 to 8, further comprising:

receiving a root certificate sent by a third server, wherein the third server is a server of a trusted authority;

deriving the first certificate from the root certificate.

10. A firmware update apparatus, comprising:

a receiving unit configured to receive a firmware update file, the firmware update file including: signature files and firmware files;

an acquisition unit configured to acquire a first certificate, the first certificate being a certificate for firmware update;

a generating unit, configured to generate a public key according to the first certificate;

the verification unit is used for performing signature verification on the firmware file according to the public key and the signature file;

and the updating unit is used for updating the firmware by using the firmware file if the signature verification is passed.

11. A firmware update apparatus, comprising:

an acquisition unit configured to acquire a first certificate, the first certificate being a certificate for firmware update;

a first generating unit, configured to generate a private key according to the first certificate;

the signature unit is used for signing the firmware file by using the private key to obtain a signature file;

a second generating unit, configured to generate a firmware update file according to the signature file and the firmware file;

and the issuing unit is used for issuing the firmware update file.

12. An image forming apparatus, comprising:

one or more processors; a memory; and one or more computer programs, wherein the one or more computer programs are stored in the memory, the one or more computer programs comprising instructions which, when executed by the apparatus, cause the apparatus to perform the method of any of claims 1 to 5.

13. A server, comprising:

one or more processors; a memory; and one or more computer programs, wherein the one or more computer programs are stored in the memory, the one or more computer programs comprising instructions which, when executed by the apparatus, cause the apparatus to perform the method of any of claims 6 to 9.

14. A firmware update system, comprising:

an image forming apparatus for receiving a firmware update file, the firmware update file including: signature files and firmware files; obtaining a first certificate, wherein the first certificate is a certificate for firmware update; generating a public key according to the first certificate; performing signature verification on the firmware file according to the public key and the signature file; if the signature passes the verification, updating the firmware by using the firmware file;

a first server for obtaining a first certificate, the first certificate being a certificate for firmware update; generating a private key according to the first certificate; signing the firmware file by using the private key to obtain a signature file; generating a firmware update file according to the signature file and the firmware file; and issuing the firmware update file.

15. A computer-readable storage medium, in which a computer program is stored which, when run on a computer, causes the computer to carry out the method of any one of claims 1 to 5.

16. A computer-readable storage medium, in which a computer program is stored which, when run on a computer, causes the computer to carry out the method of any one of claims 6 to 9.

Technical Field

The present application relates to the field of image forming technologies, and in particular, to a firmware updating method, apparatus, and system.

Background

An Image forming apparatus (Image forming apparatus) is a device that forms an Image on a recording medium by the principle of Image formation, such as a printer, a copying machine, a facsimile machine, a multifunction Image making and copying apparatus, an electrostatic printing apparatus, and any other similar apparatus. At present, individuals, enterprises, or other institutions are required to use image forming apparatuses in large quantities for performing corresponding business processes in daily operations. For example, internal documents (e.g., notes, presentations, various records and procedures, etc.) are created, as well as documents for external use (e.g., patient, client, etc.), and so forth.

With the progress of electronic science and technology, the development of image forming apparatuses has become more sophisticated, but as a computer peripheral, the image forming apparatuses are vulnerable to attacks by lawbreakers such as hackers. One way of attack is by means of a firmware update process of the image forming apparatus. When the image forming apparatus performs firmware updating, an illegal firmware file for firmware updating may appear, the illegal firmware file may carry malicious programs and trojans without validity verification, and after the firmware of the image forming apparatus is updated by using the firmware file, the malicious programs and trojans carried in the firmware file may attack the image forming apparatus, steal data information of the image forming apparatus, and cause the image forming apparatus to have a risk of data leakage.

Disclosure of Invention

The application provides a firmware updating method, a firmware updating device and a firmware updating system, which can solve the problem that in the prior art, the firmware of an image forming device is illegally updated, so that the image forming device is attacked by malicious programs and trojans, and data information is leaked.

In a first aspect, an embodiment of the present application provides a firmware updating method applied to an image forming apparatus, including:

receiving a firmware update file, the firmware update file comprising: signature files and firmware files;

obtaining a first certificate, wherein the first certificate is a certificate for firmware update;

generating a public key according to the first certificate;

performing signature verification on the firmware file according to the public key and the signature file;

and if the signature passes the verification, updating the firmware by using the firmware file.

In the firmware updating method, the firmware updating file comprises a signature file and a firmware file, and the firmware file is used for updating the firmware only after the signature verification of the firmware file by using the public key of the first certificate and the signature file is passed, so that the validity and the reliability of the firmware updating are ensured.

In one possible implementation, the obtaining the first certificate includes:

sending a certificate acquisition request to a second server, wherein the second server is a server for providing trusted platform services;

and receiving a root certificate sent by the second server in response to the certificate acquisition request.

In one possible implementation, the obtaining the first certificate includes:

storing the root certificate in a security chip, the security chip being built in the image forming apparatus;

deriving the first certificate from the root certificate.

In one possible implementation, the receiving the firmware update file includes:

receiving a firmware update message sent by a first electronic device, wherein the firmware update message is used for instructing the image forming apparatus to update firmware, and the firmware update message comprises the firmware update file; the firmware update message is sent after the first electronic device receives a firmware update operation instruction.

In one possible implementation manner, performing signature verification on the firmware file according to the public key and the signature file includes:

and performing signature verification on the firmware file by using an asymmetric algorithm according to the public key and the signature file.

In a second aspect, an embodiment of the present application provides a firmware update method, applied to a first server, including:

obtaining a first certificate, wherein the first certificate is a certificate for firmware update;

generating a private key according to the first certificate;

signing the firmware file by using the private key to obtain a signature file;

generating a firmware update file according to the signature file and the firmware file;

and issuing the firmware update file.

In one possible implementation, the publishing the firmware update file includes:

displaying a download link of the firmware update file in a preset website; alternatively, the first and second electrodes may be,

pushing a download link of the firmware update file to a first electronic device or an image forming apparatus;

the method further comprises the following steps:

receiving a download request sent by a first electronic device or the image forming apparatus;

and sending the firmware update file to the first electronic equipment or the image forming device in response to the downloading request.

In one possible implementation, the publishing the firmware update file includes:

and pushing the firmware update file to the first electronic equipment or the image forming device.

In one possible implementation manner, the method further includes:

receiving a root certificate sent by a third server, wherein the third server is a server of a trusted authority;

deriving the first certificate from the root certificate.

In a fourth aspect, an embodiment of the present application provides a firmware updating apparatus, including:

a receiving unit configured to receive a firmware update file, the firmware update file including: signature files and firmware files;

an acquisition unit configured to acquire a first certificate, the first certificate being a certificate for firmware update;

a generating unit, configured to generate a public key according to the first certificate;

the verification unit is used for performing signature verification on the firmware file according to the public key and the signature file;

and the updating unit is used for updating the firmware by using the firmware file if the signature verification is passed.

In a fifth aspect, an embodiment of the present application provides a firmware updating apparatus, including:

an acquisition unit configured to acquire a first certificate, the first certificate being a certificate for firmware update;

a first generating unit, configured to generate a private key according to the first certificate;

the signature unit is used for signing the firmware file by using the private key to obtain a signature file;

a second generating unit, configured to generate a firmware update file according to the signature file and the firmware file;

and the issuing unit is used for issuing the firmware update file.

In a sixth aspect, an embodiment of the present application provides an image forming apparatus including:

one or more processors; a memory; and one or more computer programs, wherein the one or more computer programs are stored in the memory, the one or more computer programs comprising instructions which, when executed by the apparatus, cause the apparatus to perform the method of any of claims 1 to 5.

In a seventh aspect, an embodiment of the present application provides a server, including:

one or more processors; a memory; and one or more computer programs, wherein the one or more computer programs are stored in the memory, the one or more computer programs comprising instructions which, when executed by the apparatus, cause the apparatus to perform the method of any of claims 6 to 8.

In an eighth aspect, an embodiment of the present application provides a firmware update system, including:

an image forming apparatus for receiving a firmware update file, the firmware update file including: signature files and firmware files; obtaining a first certificate, wherein the first certificate is a certificate for firmware update; generating a public key according to the first certificate; performing signature verification on the firmware file according to the public key and the signature file; if the signature passes the verification, updating the firmware by using the firmware file;

a first server for obtaining a first certificate, the first certificate being a certificate for firmware update; generating a private key according to the first certificate; signing the firmware file by using the private key to obtain a signature file; generating a firmware update file according to the signature file and the firmware file; and issuing the firmware update file.

In a ninth aspect, embodiments of the present application provide a computer-readable storage medium, which stores a computer program, and when the computer program runs on a computer, the computer program causes the computer to execute the method of any one of the first aspect.

In a tenth aspect, embodiments of the present application provide a computer-readable storage medium, in which a computer program is stored, which, when run on a computer, causes the computer to perform the method of any one of the second aspects.

In an eleventh aspect, the present application provides a computer program for performing the method of the first or second aspect when the computer program is executed by a computer.

In a possible design, the program in the eleventh aspect may be stored in whole or in part on a storage medium packaged with the processor, or in part or in whole on a memory not packaged with the processor.

The application provides a firmware updating method, a firmware updating device and a firmware updating system, which can ensure the legality of updated firmware in an image forming device and reduce the risk of data leakage of the image forming device.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.

FIG. 1 is a flowchart of an embodiment of a firmware update method according to the present application;

FIG. 2 is a flowchart of another embodiment of a firmware update method according to the present application;

FIG. 3 is a diagram illustrating a scenario of the firmware update method according to the present application;

FIG. 4 is a flowchart of an embodiment of a firmware update method according to the present application;

FIG. 5 is a flowchart of an embodiment of a firmware update method according to the present application;

FIG. 6 is a schematic diagram of an interface for issuing a firmware update file in the firmware update method according to the present application;

FIG. 7 is a flowchart of an embodiment of a firmware update method according to the present application;

FIG. 8 is a schematic diagram of a firmware update interface provided for a user in the firmware update method of the present application;

FIG. 9 is a schematic view of the structure of an image forming apparatus according to the present application;

FIG. 10 is a block diagram of an embodiment of a firmware update apparatus according to the present application;

FIG. 11 is a block diagram of another embodiment of a firmware update apparatus according to the present application.

Detailed Description

The terminology used in the description of the embodiments section of the present application is for the purpose of describing particular embodiments of the present application only and is not intended to be limiting of the present application.

With the progress of electronic science and technology, the development of image forming apparatuses has become more sophisticated, but as a computer peripheral, the image forming apparatuses are vulnerable to attacks by lawbreakers such as hackers. Taking a laser printer (one of various types of image forming apparatuses) with scanning and/or facsimile functions as an example, the scanned or facsimile data may carry confidential data of a user, and even on a photosensitive drum of a core part in laser imaging, confidential data to be printed by the user may be carried, and once the data is leaked, many unnecessary troubles are brought to the user. One way of attack is by means of a firmware update process of the image forming apparatus.

Firmware (Firmware) is a program written into Erasable Programmable read-only memory (EPROM) or Electrically Erasable Programmable read-only memory (EEPROM). The firmware is a device "driver" stored in the device, and the operating system can realize the running action of a specific machine according to the standard device driver through the firmware.

Early firmware chips generally used Read-Only Memory (ROM) designs, whose firmware was solidified during the manufacturing process and could not be modified by any means. However, with the continuous development of technology, it is an urgent requirement of users to modify firmware to adapt to the continuously updated hardware environment. Therefore, the current firmware is generally written into EPROM or EEPROM, and the chip can be repeatedly flashed to allow the firmware to be modified and upgraded.

When the image forming apparatus performs firmware updating, an illegal firmware file for firmware updating may appear, the illegal firmware file may carry malicious programs and trojans without validity verification, and after the firmware of the image forming apparatus is updated by using the firmware file, the malicious programs and trojans carried in the firmware file may attack the image forming apparatus, steal data information of the image forming apparatus, and cause the image forming apparatus to have a risk of data leakage.

Therefore, the application provides a firmware updating method, device and system, which can ensure the validity of the updated firmware in the image forming device and reduce the risk of data leakage of the image forming device.

Fig. 1 is a flowchart of an embodiment of a firmware update method according to the present application, which may be applied to a first server, where the first server may be a server provided by a manufacturer of an image forming apparatus. As shown in fig. 1, the method may include:

step 101: the first server obtains a first certificate, the first certificate being a certificate for a firmware update.

Alternatively, to improve the fairness and reliability of the first Certificate, the first Certificate may be a secondary Certificate generated from a root Certificate issued by a trusted Authority, such as a Certificate Authority (CA), and may also be referred to as a child Certificate of the root Certificate.

The root certificate is a digital certificate issued by a trusted digital certificate authority (namely the trusted authority) for the user after the user identity is verified, and can have the functions of server identity verification and data transmission encryption. The root certificate may be a Secure Sockets Layer (SSL) certificate.

The root certificate may be applied to the trusted authority by a manufacturer of the image forming apparatus, issued to the manufacturer of the image forming apparatus by the trusted authority, and set in the first server by the manufacturer of the image forming apparatus.

Step 102: the first server generates a private key from the first certificate.

In general, the first server may generate a key pair of a public key and a private key using the first certificate, and to ensure the uniqueness of the key pair, the key pair may be generated only once for performing one or several times of firmware update. In this step, the private key generated by the first server according to the first certificate may be a private key in the above key pair.

The method for generating the key pair by the first server according to the first certificate is not limited in the embodiments of the present application.

Step 103: the first server signs the firmware file by using a private key to obtain a signature file.

Step 104: the first server generates a firmware update file according to the signature file and the firmware file.

Step 105: the first server issues a firmware update file.

In one possible implementation manner, the first server may set a download link of the firmware update file in a target website, which may be an official website of a manufacturer of the image forming apparatus, for a user using the image forming apparatus to download the firmware update file and update the firmware autonomously.

In another possible implementation manner, the first server may push the firmware update file to the image forming apparatus that needs to perform the firmware update. For example, several image forming apparatuses may be connected to a first server via a network, and the first server may transmit a firmware update file to an image forming apparatus that needs to perform firmware update.

In yet another possible implementation manner, the firmware update file or the download link of the firmware update file may be pushed to the electronic device in which the image forming apparatus management system is installed, and whether to perform firmware update is autonomously determined by the user.

In the firmware updating method shown in fig. 1, the first server signs the firmware file by using the private key to obtain a signature file, and generates the firmware updating file according to the firmware file and the signature file, so that signature verification is required for firmware updating, and the validity and reliability of firmware updating are improved.

Fig. 2 is a flowchart of another embodiment of the firmware updating method of the present application, and as shown in fig. 2, the method may include:

step 201: the image forming apparatus receives a firmware update file, the firmware update file including: signature files and firmware files.

In one possible implementation, a user may download a self-downloading firmware update file on an electronic device, such as a Personal Computer (PC), through a firmware update file provided by a manufacturer of the image forming apparatus, and self-trigger firmware update of the image forming apparatus.

In another possible implementation manner, if an automatic update firmware update file is set in the electronic device, if the electronic device receives the firmware update file pushed by the first server, a firmware update operation instruction may be triggered based on the automatic update setting, and the firmware update file is sent to the image forming apparatus; or, if the electronic device sets the automatic update firmware update file, if the electronic device receives a download link of the firmware update file pushed by the first server, the electronic device may trigger a firmware update operation instruction based on the automatic update setting, download the firmware update file from the download link of the firmware update file, and send the firmware update file to the image forming apparatus, and then the image forming apparatus receives the firmware update file.

In yet another possible implementation manner, the image forming apparatus may receive a firmware update file pushed by a first server; alternatively, the image forming apparatus may receive a download link of the firmware update file pushed by the first server, and the image forming apparatus receives the firmware update file when the firmware update file is downloaded from the download link.

Step 202: the image forming apparatus acquires a first certificate, which is a certificate for firmware update.

In one possible implementation, the first certificate may be provided in the image forming apparatus.

In another possible implementation, the image forming apparatus may acquire the first certificate from an external trusted platform. The trusted platform may be a trusted platform provided by the trusted authority, or a trusted platform provided by a manufacturer. The trusted platform may be to issue a first certificate for firmware update to the image forming apparatus.

Step 203: the image forming apparatus generates a public key from the first certificate.

The public key generated by the image forming apparatus according to the first certificate in this step should be the public key in the key pair generated by the first server according to the first certificate in step 102, that is, the image forming apparatus may generate the key pair by using the same method as that of the first server in step 102, and the public key in the key pair is the public key required in this step.

Step 204: the image forming apparatus performs signature verification on the firmware file according to the public key and the signature file.

The signature verification method corresponds to the method in which the first server signs the firmware file by using the private key in step 103, so that the image forming apparatus can verify the signature of the firmware file in this step.

Step 205: if the signature verification passes, the image forming apparatus performs firmware update using the firmware file.

Specifically, the image forming apparatus may erase the original firmware in the target memory, and burn the firmware file into the target memory.

In the firmware updating method shown in fig. 2, the firmware updating file includes a signature file and a firmware file, and the firmware file is used for updating the firmware after the signature verification of the firmware file by using the public key of the first certificate and the signature file is passed, so as to ensure the validity and reliability of the firmware updating.

Moreover, the first certificate can be a sub-certificate generated by a root certificate issued by a trusted authority, so that the fairness and the reliability of signature verification are further increased, and the reliability of firmware updating is improved.

Hereinafter, the firmware update method of the present application will be described in more detail by way of specific examples.

The firmware updating method can comprise the following three stages of obtaining a first certificate for updating the firmware, issuing a firmware updating file and updating the firmware in the image forming device. Examples are given below.

Fig. 3 is a schematic view of a scenario of a first certificate obtaining phase in the firmware updating method of the application, as shown in fig. 3, including:

the first server 310, which may be a server provided by a manufacturer of the image forming apparatus, may be used to distribute and support a user's download of a firmware update file of the image forming apparatus.

A third server 320, which may be a server provided by a trusted authority, for issuing root certificates.

The first server 310 and the third server 320 have a communication connection therebetween, and a specific implementation manner of the communication connection is not limited in this embodiment as long as data interaction between the two servers is possible.

The processing procedure of the first certificate acquisition phase is shown in fig. 4, for example, and includes:

step 401: the first server sends a first request to the third server, the first request requesting a root certificate.

The first request may include information of the manufacturer.

Step 402: the third server generates a root certificate in response to the first request, and sends the root certificate to the first server.

The third server may generate a root certificate corresponding to the first request according to manufacturer information and the like carried in the first request.

In general, a root certificate may include the following 3 parts: the information of the user, the public key of the user, and the signature of the information in the certificate by the trusted authority.

Step 403: the first server receives a root certificate, and derives a first certificate using the root certificate, the first certificate being a certificate for a firmware update.

Based on the same root certificate, a plurality of sub-certificates can be derived by using different calculation methods and different calculation parameters, and one of the sub-certificates can be used as a certificate used for updating the firmware, namely the first certificate.

The method for deriving the sub-certificate by using the root certificate is not limited in the embodiments of the present application.

Optionally, in order to reduce the amount of computation of the first server, the first certificate may be used for a plurality of firmware updates, and in this case, the first server may store the first certificate, and use the first certificate each time a firmware update is performed.

The above is a flow of steps of the firmware updating method in which the first server obtains the first certificate.

The following describes a process in which the first server issues a firmware update file in the firmware update method. As shown in fig. 5, may include:

step 501: the first server obtains a firmware file.

The firmware file is a file obtained by compiling a program, and is a file that can be written into a memory of the image forming apparatus to update the firmware.

The embodiment of the present application is not limited to the specific method for the first server to obtain the firmware file, and for example, the first server may compile a program to obtain the firmware file, or other electronic devices may send the firmware file to the first server.

Step 502: the first server obtains a first certificate.

The first certificate may be the first certificate exported and stored by the first server in step 403, in this case, the first server may read the first certificate from the storage location of the first certificate in this step.

Step 503: the first server generates a private key from the first certificate.

The step 102 may be referred to for implementation of this step, and details are not described here.

Step 504: the first server signs the firmware file by using a private key to obtain a signature file.

The method for signing the firmware file by using the private key is not limited in the embodiment of the present application, and may be, for example, a signature method such as RSA or SM 2.

Step 505: the first server generates a firmware update file according to the signature file and the firmware file.

Step 506: the first server issues a firmware update file.

In a possible implementation manner, the image forming apparatus may have a communication connection with the first server to enable data transmission, and the specific communication connection manner is not limited in this embodiment of the application. The first server may push the firmware update file to the image forming apparatus that needs to be firmware updated. At this time, the step may include: the first server sends the firmware update file to the image forming apparatus.

In order to take security of an image forming apparatus into consideration, it is generally determined by a user of the image forming apparatus whether or not to update the image forming apparatus, and a firmware update file is autonomously acquired. At this time, in another possible implementation, the first server may issue a download link of the firmware update file in a provided web page, such as a manufacturer official network of the image forming apparatus, for example, as shown in fig. 6, for a user using the image forming apparatus to download the firmware update file. Accordingly, the user can access the webpage by using an electronic device such as a Personal Computer (PC), and the like, and download the firmware update file into the electronic device.

Assuming that a user uses first electronic equipment to access the webpage, and downloading a firmware update file to the first electronic equipment; the first electronic device is an electronic device, such as a PC of a user, in which management software of the image forming apparatus is installed. Then, a firmware update process in the firmware update method of the present application is shown in fig. 7, and includes:

step 701: and after receiving the firmware updating operation instruction, the first electronic equipment sends the firmware updating file to the image forming device.

For example, referring to fig. 8, a user may open a firmware update interface in management software installed in the first electronic device, select a firmware update control, and accordingly, the first electronic device receives a firmware update operation instruction from the user.

Or, if the first electronic device sets the automatic update firmware file, the first electronic device receives the firmware update file or the firmware update file link pushed by the first server, and triggers the firmware update operation instruction according to the setting information of the automatic update firmware file, that is, the first electronic device receives the firmware update operation instruction.

Step 702: the image forming apparatus receives a firmware update file.

Step 703: the image forming apparatus acquires a first certificate.

In a first possible implementation manner, the root certificate may be stored in the image forming apparatus, and a security chip may be provided in the image forming apparatus for security of the certificate, and the root certificate may be stored in the security chip. Specifically, the security chip may be disposed on a digital circuit board of the image forming apparatus, and the image forming apparatus may be installed with corresponding trusted platform software for managing a root certificate stored in the security chip, and may generate a first certificate for firmware update according to the root certificate and feed the first certificate back to the image forming apparatus.

In another possible implementation, the first certificate may be stored in the image forming apparatus. For security of the certificate, a security chip may be provided in the image forming apparatus, and the first certificate may be stored in the security chip.

In a second possible implementation manner, the image forming apparatus may obtain the first certificate from a second server, and the second server may be a trusted platform provided by a trusted authority or an image forming apparatus manufacturer, and the like, for providing the first certificate of the firmware update for the image forming apparatus.

The image forming apparatus may have a communication connection with the second server, and a specific communication connection manner is not limited in the embodiment of the present application as long as data interaction between the image forming apparatus and the second server is possible.

Step 704: the image forming apparatus generates a public key from the first certificate.

The image forming apparatus may generate a key pair of a public key and a private key from the first certificate. The method for generating the key pair by the image forming apparatus according to the first certificate should be consistent with the method for generating the key pair by the first server according to the first certificate, so as to ensure that the public key generated by the image forming apparatus corresponds to the private key used by the first server to sign the firmware file.

Step 705: the image forming apparatus performs signature verification on the firmware file according to the public key and the signature file.

The method of signature verification should correspond to the method of the first server signing the firmware file. Methods of signature verification may include, but are not limited to, RSA, SM2, etc., as described above.

If the signature verification fails, the image forming apparatus may feed back a first response message to the first electronic device, for indicating the firmware update failure to the first electronic device, and optionally, may further indicate that the reason for the firmware update failure is the signature verification failure.

Optionally, if the signature verification fails, the image forming apparatus may also report the event that the signature fails to pass to a remote configuration management center, where the configuration management center is configured to collect the state of the operation of updating the firmware, so that non-repudiation of the user operation may be achieved, and the security of the device in the whole system may be guaranteed.

If the signature verification passes, step 706 is performed.

Step 706: the image forming apparatus performs firmware update using the firmware file.

Specifically, the image forming apparatus may erase the original firmware in the target memory, and burn the firmware file into the target memory.

Referring to fig. 9, taking an example of disposing a security chip inside an image forming apparatus, an internal structure and an interaction relationship of the image forming apparatus are shown, including: a firmware update module 91, a target memory 92, a trusted platform module 93; wherein the content of the first and second substances,

the firmware update module 91 receives a firmware update file; the firmware update module 91 requests the trusted platform module 93 for a first certificate for firmware update; the trusted platform module 93 generates a first certificate according to a root certificate preset in the security chip, and sends the first certificate to the firmware updating module 91; the firmware updating module 91 generates a public key according to the first certificate, performs signature verification on the firmware file by using the public key and the signature file, and if the signature verification passes, the firmware updating module 91 erases the original firmware in the target memory 92 and burns the firmware file into the target memory.

Optionally, the trusted platform module 93 may further include a trusted service module, and the trusted service module may monitor a signature verification process of the firmware update module 91 and report a signature verification result to a remote configuration management center. Especially, if the signature verification fails, the monitoring result that the signature fails can be reported to a remote configuration management center.

Optionally, after the firmware update module 91 finishes updating the firmware, the firmware update event may also be reported to the trusted platform module 93, and then reported to the remote configuration management center.

It is to be understood that some or all of the steps or operations in the above-described embodiments are merely examples, and other operations or variations of various operations may be performed by the embodiments of the present application. Further, the various steps may be performed in a different order presented in the above-described embodiments, and it is possible that not all of the operations in the above-described embodiments are performed.

Fig. 10 is a schematic structural diagram of a firmware update apparatus according to the present application, which may be disposed in an image forming apparatus, and the firmware update apparatus 100 may include:

a receiving unit 110, configured to receive a firmware update file, where the firmware update file includes: signature files and firmware files;

an obtaining unit 120 configured to obtain a first certificate, where the first certificate is a certificate for firmware update;

a generating unit 130, configured to generate a public key according to the first certificate;

a verification unit 140, configured to perform signature verification on the firmware file according to the public key and the signature file;

an updating unit 150, configured to update the firmware using the firmware file if the signature verification passes.

Optionally, the obtaining unit 120 may specifically be configured to: acquiring a root certificate from a security chip, wherein the root certificate is stored in the security chip, and the security chip is arranged in the image forming device; deriving a first certificate from the root certificate.

Optionally, the obtaining unit 120 may specifically be configured to: sending a certificate acquisition request to a second server, wherein the second server is a server for providing trusted platform services; receiving a certificate sent by the second server in response to the request.

Optionally, the receiving unit 110 may specifically be configured to: receiving a firmware update message sent by a first electronic device, wherein the firmware update message is used for instructing the image forming apparatus to update firmware, and the firmware update message comprises the firmware update file; the firmware update message is sent after the first electronic device receives a firmware update operation instruction.

Optionally, the verification unit 140 may specifically be configured to: and performing signature verification on the firmware file by using an asymmetric algorithm according to the public key and the signature file.

Fig. 11 is a schematic structural diagram of a firmware update apparatus according to the present application, where the apparatus may be disposed in a first server, and the first server 1100 may include:

an acquisition unit 111 configured to acquire a first certificate, which is a certificate for firmware update;

a first generating unit 112, configured to generate a private key according to the first certificate;

the signature unit 113 is configured to sign the firmware file by using the private key to obtain a signature file;

a second generating unit 114 configured to generate a firmware update file according to the signature file and the firmware file;

the issuing unit 115 is configured to issue the firmware update file.

Optionally, the publishing unit 115 may specifically be configured to: displaying a download link of the firmware update file in a preset website; or pushing a downloading link of the firmware updating file to the first electronic equipment or the image forming device;

the first server 1100 may further include:

a first receiving unit configured to receive a download request transmitted by a first electronic device or the image forming apparatus;

a transmitting unit configured to transmit the firmware update file to the first electronic device or the image forming apparatus in response to the download request.

Optionally, the publishing unit 115 may specifically be configured to: and pushing the firmware update file to the first electronic equipment or the image forming device.

Optionally, the first server 1100 may further include:

a second receiving unit, configured to receive a root certificate sent by a third server, where the third server is a server of a trusted authority;

a third generating unit configured to derive the first certificate from the root certificate.

The embodiments shown in fig. 10 to 11 provide apparatuses that can be used to implement the technical solutions of the method embodiments shown in fig. 1 to 9 of the present application, and the implementation principles and technical effects thereof can be further referred to the related descriptions in the method embodiments.

It should be understood that the division of the modules of the apparatuses shown in fig. 10 to 11 is merely a logical division, and the actual implementation may be wholly or partially integrated into one physical entity or may be physically separated. And these modules can be realized in the form of software called by processing element; or may be implemented entirely in hardware; and part of the modules can be realized in the form of calling by the processing element in software, and part of the modules can be realized in the form of hardware. For example, the receiving unit may be a separate processing element, or may be integrated into a chip of the electronic device. Other modules are implemented similarly. In addition, all or part of the modules can be integrated together or can be independently realized. In implementation, each step of the above method or each module above may be implemented by an integrated logic circuit of hardware in a processor element or an instruction in the form of software.

For example, the above modules may be one or more integrated circuits configured to implement the above methods, such as: one or more Application Specific Integrated Circuits (ASICs), one or more microprocessors (DSPs), one or more Field Programmable Gate Arrays (FPGAs), etc. For another example, these modules may be integrated together and implemented in the form of a System-On-a-Chip (SOC).

An embodiment of the present application provides an image forming apparatus including: a processor and a memory; a computer program is stored in the memory which, when executed by the apparatus, causes the image forming apparatus to perform the method of any of the embodiments of fig. 1 to 9.

An embodiment of the present application provides a first server, including: a processor and a memory; a computer program is stored in the memory, which when executed by the apparatus, causes the first server to perform the method of any of the embodiments of fig. 1-9.

An embodiment of the present application provides a firmware update system, including: an image forming apparatus and a first server, which may be used to perform the method of any of the embodiments of fig. 1-9.

An embodiment of the present application further provides a computer-readable storage medium, in which a computer program is stored, and when the computer program runs on a computer, the computer is enabled to execute the method provided by the embodiment shown in fig. 1 to 9 of the present application.

Embodiments of the present application further provide a computer program product, which includes a computer program and when the computer program runs on a computer, the computer executes the method provided in the embodiments shown in fig. 1 to 9 of the present application.

In the embodiments of the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" describes the association relationship of the associated objects, and means that there may be three relationships, for example, a and/or B, and may mean that a exists alone, a and B exist simultaneously, and B exists alone. Wherein A and B can be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" and similar expressions refer to any combination of these items, including any combination of singular or plural items. For example, at least one of a, b, and c may represent: a, b, c, a and b, a and c, b and c or a and b and c, wherein a, b and c can be single or multiple.

Those of ordinary skill in the art will appreciate that the various elements and algorithm steps described in connection with the embodiments disclosed herein can be implemented as electronic hardware, computer software, or combinations of electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the several embodiments provided in the present application, any function, if implemented in the form of a software functional unit and sold or used as a separate product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

The above description is only for the specific embodiments of the present application, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present disclosure, and all the changes or substitutions should be covered by the protection scope of the present application. The protection scope of the present application shall be subject to the protection scope of the claims.