CN117492636A

CN117492636A - Data storage method and electronic equipment

Info

Publication number: CN117492636A
Application number: CN202210879893.6A
Authority: CN
Inventors: 李忠月
Original assignee: Honor Device Co Ltd
Current assignee: Honor Device Co Ltd
Priority date: 2022-07-25
Filing date: 2022-07-25
Publication date: 2024-02-02

Abstract

The embodiment of the application is applicable to the field of data processing, and provides a data storage method and electronic equipment, because a security key is not stored in a first TEE, if a first TA needs to store data to be stored in an RPMB, the security key cannot be acquired to perform authentication calculation on the data to be stored, so that the first TA cannot directly store the data to be stored in the RPMB; because the second TEE stores the security key, the first TA in the first TEE can send the data to be stored to the second TA in the second TEE, so that the second TA obtains the first authentication data by adopting the stored security key, generates a first data packet, and sends the first data packet to the RPMB, so that the data to be stored in the first TEE without the stored security key is stored to the RPMB; therefore, any one TEE can store data to the RPMB when the multiple TEEs in the electronic equipment run.

Description

Data storage method and electronic equipment

Technical Field

The present application relates to the field of data processing, and more particularly, to a data storage method and an electronic device.

Background

Replay protected memory block (Replay Protected Memory Block, RPMB) generally refers to a separate physical partition in memory that is often used to store sensitive data such as keys. The memory may include, among other things, a universal file memory (Universal Flash Storage, UFS), and an embedded multimedia memory card (Embedded Multi Media Card, eMMC). When writing data into the RPMB, the trusted execution environment (Trusted execution environment, TEE) calculates the data to be stored by adopting a Secure Key (Secure Key) to generate first authentication data, then sends the data to be stored and the first authentication data to the RPMB, the RPMB receives the data, and similarly, the RPMB calculates the data to be stored by using the same authentication algorithm and using the Secure Key (Secure Key) to generate second authentication data, and if the first authentication data and the second authentication data are the same, the data to be stored is stored.

With the continuous advancement of terminal technology, the multi-trusted execution environment (Trustedexecution environment, TEE) architecture becomes a common architecture. Typically, the Secure Key can only be stored in one TEE. Under the condition that the terminal equipment adopts a multi-TEE framework, because the Secure Key can only be stored in one TEE, other TEEs can not call the Secure Key to calculate data to obtain first authentication data, so that the RPMB can not finish authentication of the data to be stored, the RPMB can not store the data to be written, and the function that each TEE can not write the data into the RPMB can not be realized.

Based on this, how to implement how each TEE in the multi-TEE framework can write data to RPMB is a problem to be solved.

Disclosure of Invention

The application provides a data storage method which can realize the function that each TEE in a multi-TEE framework can write data into an RPMB.

In a first aspect, a data storage method is provided, where the method is applied to an electronic device including at least two trusted execution environments TEE, where the at least two TEE includes a first TEE and a second TEE, the first TEE is a TEE that does not store a security key, and the second TEE is a TEE that stores a security key, and the method includes:

The method comprises the steps that a first trusted application TA sends data to be stored to a second trusted application TA, wherein the first TA refers to a trusted application running on a first TEE, and the second TA refers to a trusted application running in a second TEE;

the second TA performs authentication calculation on the data to be stored by adopting the security key to obtain first authentication data;

the second TA obtains a first data packet according to the first authentication data and the data to be stored;

the second TA sends the first data packet to a replay protection memory block RPMB;

the RPMB stores data to be stored in the first data packet.

The data storage method provided in the embodiment of the application is applied to an electronic device including at least two TEEs, wherein the at least two TEEs include a first TEE and a second TEE, the first TEE refers to a TEE which does not store a security key, and the second TEE refers to a TEE which stores a security key, and the method includes: the method comprises the steps that a first TA sends data to be stored to a second TA, wherein the first TA refers to a trusted application program running on a first TEE, and the second TA refers to a trusted application program running in a second TEE; the second TA calculates the data to be stored by adopting the security key to obtain first authentication data, and obtains a first data packet according to the first authentication data and the data to be stored; the second TA sends the first data packet to a replay protection memory block RPMB; and the RPMB storage adopts a security key to carry out calculation authentication on the first data packet, and stores the data to be stored in the first data packet under the condition that the authentication is passed. That is, in the embodiment of the present application, since the security key is not stored in the first TEE, if the first TA running in the first TEE needs to store the data to be stored in the RPMB, the first TA cannot acquire the security key to perform authentication calculation on the data to be stored, so that the first TA cannot directly store the data to be stored in the RPMB; meanwhile, since the security key is stored in the second TEE, the first TA in the first TEE can send the data to be stored to the second TA in the second TEE, so that the second TA performs authentication calculation on the data to be stored by adopting the stored security key to obtain first authentication data, generates a second data packet according to the first authentication data and the data to be stored, and sends the second data packet to the RPMB, so that the data to be stored in the first TEE without the stored security key is stored to the RPMB; therefore, any one TEE can store data to the RPMB when the multiple TEEs in the electronic equipment run.

With reference to the first aspect, in certain implementations of the first aspect, the sending, by a first trusted application TA running in a first TEE, data to be stored to a second trusted application TA running in a second TEE includes:

the first TA sends data to be stored to a client application program CA running in a rich execution environment REE;

the CA sends the data to be stored to the second TA.

In the embodiment of the application, in the process of sending the data to be stored to the second TA by the first TA, the data to be stored is sent to the CA running in the re, and then the data to be stored is forwarded to the second TA by the CA, so that when the first TA sends the data to be stored to the second TA, the data channel between the existing re and the first TEE and the data channel between the re and the second TEE can be used, and the data channel between the first TEE and the second TEE is not required to be additionally established. That is, the CA running in the REE forwards the data to be stored to the second TA, so that the first TA can perform data transmission to the second TA through the existing data channel, and the unstable data transmission caused by the newly built data channel is avoided.

With reference to the first aspect, in certain implementation manners of the first aspect, the sending, by the first TA, the data to be stored to the client application CA running in the rich execution environment re includes:

The first TA sends the acquired data to be stored to a kernel;

the kernel sends the data to be stored to the CA.

In the embodiment of the application, the data transmission between the first TA, the second TA and the CA running in the REE needs to be forwarded through the kernel, which is equivalent to the data transmission between different execution environments realized through the kernel. Under the condition that the security key is not stored in the first TEE, the first TA can send the data to be stored to a second TA in the second TEE through the kernel, so that the second TA calculates the data to be stored by adopting the security key to obtain first authentication data, and a first data packet is obtained according to the first authentication data and the data to be stored; the second TA sends the first data packet to a replay protection memory block RPMB; and the RPMB storage adopts a security key to carry out calculation authentication on the first data packet, and stores the data to be stored in the first data packet under the condition that the authentication is passed. That is, in the electronic device adopting at least two TEEs, the first TA running in the first TEE not storing the security key may send the data to be stored to the second TA running in the second TEE storing the security key through the kernel, and calculate the data to be stored by using the security key through the second TA to obtain the first authentication data, and obtain the first data packet according to the first authentication data and the data to be stored, and further send the first data packet to the RPMB through the kernel to store the data to be stored, so that the first TA running in the first TEE not storing the security key can also store the data to be stored in the RPMB, which is equivalent to realizing the function that the application program running in each TEE in the multi-TEE architecture can write the data into the RPMB.

With reference to the first aspect, in certain implementation manners of the first aspect, the RPMB stores data to be stored in the first data packet, including:

the RPMB checks the first data packet based on the security key;

and the RPMB stores the data to be stored in the first data packet under the condition that the check passes.

In the embodiment of the application, when the first data packet is received by the RPMB, the first data packet can be checked by adopting the security key, and under the condition that the check passes, the data to be stored is stored in the RPMB, that is, the data stored in the RPMB is checked by the security key and then can be stored in the RPMB, so that the attack of the data stored in the RPMB by the data with unknown source can be effectively avoided, and the security of the data stored in the RPMB is improved.

With reference to the first aspect, in certain implementations of the first aspect, the method further includes:

the RPMB transmits response information to the second TA, wherein the response information is used for indicating that the data to be stored is stored in the RPBM.

In the embodiment of the application, after the RPMB stores the data to be stored, response information for indicating that the data to be stored has been successfully stored is returned to the second TA, so that the second TA does not need to send the first data packet to the RPMB again after receiving the response information, and unnecessary data transmission between the second TA and the PRMB is avoided.

the RPMB updates the count value in the RPMB based on the stored data to be stored, and obtains the updated count value.

It should be understood that the response information may include an updated count value, where the updated count value is a count value obtained by updating the RPMB based on the stored data to be stored.

Illustratively, the updated count value is obtained by adding 1 to the current count value by the RPMB after storing the data to be stored.

the second TA transmits response information to the first TA.

In the embodiment of the application, when the RPMB returns the response information to the second TA based on the stored data to be stored, the second TA also sends the received response information to the first TA, so that the first TA does not need to send the data to be stored to the second TA again after receiving the response information, and resource waste caused by unnecessary data transmission between the first TA and the second TA is avoided.

With reference to the first aspect, in certain implementation manners of the first aspect, the sending, by the second TA, response information to the first TA includes:

The second TA sends response information to the kernel;

the kernel sends response information to the CA running in REE;

the CA sends response information to the first TA.

With reference to the first aspect, in some implementations of the first aspect, the data to be stored is data acquired by a first sensor called for the first TA.

With reference to the first aspect, in certain implementations of the first aspect, the first sensor includes a fingerprint sensor.

the CA running in REE sends a fingerprint data acquisition request to the first TA under the condition that the first operation is detected, wherein the first operation is used for indicating acquisition of fingerprint data;

and the first TA responds to the fingerprint data acquisition request, calls the fingerprint sensor to acquire fingerprint data, and obtains data to be stored according to the fingerprint data.

In a second aspect, there is provided a data storage device comprising means for performing any of the methods of the first aspect. The device can be a server, terminal equipment or a chip in the terminal equipment. The apparatus may include an acquisition unit and a processing unit.

When the apparatus is a terminal device, the processing unit may be a processor, and the input unit may be a communication interface; the terminal device may further comprise a memory for storing computer program code which, when executed by the processor, causes the terminal device to perform any of the methods of the first aspect.

When the device is a chip in the terminal device, the processing unit may be a processing unit inside the chip, and the input unit may be an output interface, a pin, a circuit, or the like; the chip may also include memory, which may be memory within the chip (e.g., registers, caches, etc.), or memory external to the chip (e.g., read-only memory, random access memory, etc.); the memory is for storing computer program code which, when executed by the processor, causes the chip to perform any of the methods of the first aspect.

In one possible implementation, the memory is used to store computer program code; a processor executing the computer program code stored in the memory, the processor, when executed, configured to perform:

in a third aspect, there is provided a computer readable storage medium storing computer program code which, when executed by data storage means, causes the data storage means to perform any one of the data storage methods of the first aspect.

In a fourth aspect, there is provided a computer program product comprising: computer program code which, when run by data storage means, causes the data storage means to perform any of the data storage methods of the first aspect.

Drawings

FIG. 1 is a schematic flow chart of RPMB write data;

FIG. 2 is a schematic diagram of a hardware system suitable for use with the electronic device of the present application;

FIG. 3 is a schematic diagram of a software system suitable for use with the electronic device of the present application;

fig. 4 is a schematic diagram of an application scenario provided in an embodiment of the present application;

FIG. 5 is a schematic diagram of an electronic device for data storage according to an embodiment of the present application;

FIG. 6 is a schematic flow chart of a data storage method according to an embodiment of the present disclosure;

FIG. 7 is a schematic diagram of another electronic device for data storage provided by embodiments of the present application;

FIG. 8 is a flowchart of another data storage method according to an embodiment of the present disclosure;

FIG. 9 is a schematic diagram of another electronic device for data storage provided by embodiments of the present application;

FIG. 10 is a flowchart of another data storage method according to an embodiment of the present disclosure;

fig. 11 is a schematic diagram of a data format of a first data packet according to an embodiment of the present application;

FIG. 12 is a schematic diagram of an electronic device provided herein;

fig. 13 is a schematic diagram of an electronic device for data storage provided herein.

Detailed Description

The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. Wherein, in the description of the embodiments of the present application, "/" means or is meant unless otherwise indicated, for example, a/B may represent a or B; "and/or" herein is merely an association relationship describing an association object, and means that three relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. In addition, in the description of the embodiments of the present application, "plurality" means two or more than two.

The terms "first," "second," "third," and the like, are used below for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first", "a second", or a third "may explicitly or implicitly include one or more such feature.

For ease of understanding, the description of the concepts related to the embodiments of the present application is given in part by way of example for reference.

1、RPMB

RPMB refers to an independent physical partition in memory, and is generally used to store data required for preventing illegal tampering, such as public keys, serial numbers, etc. related to fingerprint payment on a mobile phone. Typically, the RPMB will authenticate the write operation, but the read operation does not require authentication.

It will be appreciated that during the production of electronic devices, a unique security key is generated for each electronic device and programmed into a one-time programmable (One Time Programmable, OTP) area in the memory of the electronic device. The OTP area refers to an area that can be written only once. While the Host of the electronic device will store the secure key in a secure execution environment (e.g., TEE). The security key may be used by the RPMB to authenticate when the Host writes data to the RPMB.

Illustratively, the writing of data to a Device (e.g., UFS) by a Host (trusted application TA in TEE) is illustrated.

As shown in fig. 1, the Host sends a read count value Write Cnt request and a random number to the Device to obtain a count value Write Cnt in the Device. After receiving a request for reading the count value Write Cnt, the Device calculates the count value Write Cnt and the random number by adopting the security key to generate a first MAC, and then fills the Write Cnt, the random number and the first MAC into a corresponding area of the RPMB data packet to generate the RPMB data packet, and sends the RPMB data packet to a Host. When the Host receives the RPMB data packet, performing HMAC calculation on the Write Cnt and the random number in the RPMB data packet by adopting a security key to obtain a second MAC, comparing whether the values of the first MAC and the second MAC are consistent, comparing whether the random number sent to the Device by the Host is consistent with the random number in the RPMB data packet when the values of the first MAC and the second MAC are consistent, and determining the Write Cnt trust in the RPMB data packet when the random number sent to the Device by the Host is consistent with the random number in the RPMB data packet.

Further, the Host uses the security key to perform HMAC calculation on the destination address of the data to be stored, the data to be stored and the Write Cnt to obtain a third MAC, and fills the third MAC into the MAC area in the RPMB data packet to obtain an updated RPMB data packet, and then sends the updated RPMB data packet to the Device. And (3) carrying out HMAC calculation on the destination address of the data to be stored, the data to be stored and the Write Cnt by using the security key to obtain a fourth MAC, comparing the fourth MAC with the third MAC, comparing whether the Write Cnt in the updated RPMB data packet is consistent with the Write Cnt in the Device under the condition that the fourth MAC is consistent with the third MAC, and storing the data to be stored in the updated RPMB data packet into the destination address corresponding to the data to be stored under the condition that the Write Cnt in the updated RPMB data packet is consistent with the Write Cnt in the Device, and carrying out 1 adding operation on the Write Cnt in the Device to obtain the updated Write Cnt.

2. Trusted execution environment (Trusted execution environment, TEE)

TEE refers to a separate secure operating environment in the terminal device, typically a logically isolated operating environment from the rich execution environment (Rich execution environment, REE). Strict protection measures are defined on the TEE, and the TEE can resist the software attack of easy operation of the conventional REE side. TEE is therefore commonly used to handle high security level tasks.

3. Rich execution environment (Rich execution environment, REE)

The REEs generally refer to general operating environments on terminal devices, which are operating environments without specific security functions. For example, the Andorid system, the IOS system, all belong to REEs.

The TEE and the REEs are isolated from each other, and usually the REEs cannot directly access hardware and software resources of the TEE and can only interact through authorized application programming interfaces.

4. Trusted application (Trusted Application, TA)

TA generally refers to an application running on a TEE. Security services can be provided for applications running outside the TEE.

5. Client application program (Client Application, CA)

CA generally refers to an application running on a REE.

6. Hypervisor module

The Hypervisor module refers to an intermediate software layer running between a basic physical server and an operating system, and all physical devices including disks and memories on the electronic device can be accessed through the Hypervisor module. The Hypervisor module coordinates hardware resource access and protection among the virtual machines. After the server is started, the Hypervisor module loads the operating systems of all the virtual machine clients, and allocates memory, disks, networks and the like for the virtual machines. Based on the Hypervisor mechanism, the electronic device may support multiple TEEs to run simultaneously.

7、ATF

ATF(Trusted Firmware) is a target +.>The bottom layer of open source firmware code given by the chip. The firmware divides the whole system into four operation levels, namely: EL0, EL1, EL2, and EL3. The running level of the application program is ELO, the running level of the driver is EL1, the running level of the Hypervisor module is EL2, and the running level of the ATF module is EL3.

The data storage method provided by the embodiment of the application can be applied to electronic equipment. Optionally, the electronic device includes a terminal device, which may also be referred to as a terminal (terminal), a User Equipment (UE), a Mobile Station (MS), a Mobile Terminal (MT), and so on. The terminal device may be a mobile phone, a smart television, a wearable device, a tablet (Pad), a computer with wireless transceiving function, a Virtual Reality (VR) terminal device, an augmented reality (augmented reality, AR) terminal device, a wireless terminal in industrial control (industrial control), a wireless terminal in unmanned driving (self-driving), a wireless terminal in teleoperation (remote medical surgery), a wireless terminal in smart grid (smart grid), a wireless terminal in transportation safety (transportation safety), a wireless terminal in smart city (smart city), a wireless terminal in smart home (smart home), or the like. The embodiment of the application does not limit the specific technology and the specific equipment form adopted by the terminal equipment.

By way of example, fig. 2 shows a schematic structural diagram of the electronic device 100. The electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, a universal serial bus (universal serial bus, USB) interface 130, a charge management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, a sensor module 180, keys 190, a motor 191, an indicator 192, a camera 193, a display 194, and a subscriber identity module (subscriber identification module, SIM) card interface 195, etc. The sensor module 180 may include a pressure sensor 180A, a gyro sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, and the like.

It is to be understood that the structure illustrated in the embodiments of the present application does not constitute a specific limitation on the electronic device 100. In other embodiments of the present application, electronic device 100 may include more or fewer components than shown, or certain components may be combined, or certain components may be split, or different arrangements of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.

The processor 110 may include one or more processing units, such as: the processor 110 may include an application processor (application processor, AP), a modem processor, a graphics processor (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), a controller, a memory, a video codec, a digital signal processor (digital signal processor, DSP), a baseband processor, and/or a neural network processor (neural-network processing unit, NPU), etc. Wherein the different processing units may be separate devices or may be integrated in one or more processors.

The controller may be a neural hub and a command center of the electronic device 100, among others. The controller can generate operation control signals according to the instruction operation codes and the time sequence signals to finish the control of instruction fetching and instruction execution.

A memory may also be provided in the processor 110 for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may hold instructions or data that the processor 110 has just used or recycled. If the processor 110 needs to reuse the instruction or data, it can be called directly from the memory. Repeated accesses are avoided and the latency of the processor 110 is reduced, thereby improving the efficiency of the system.

The fingerprint sensor 180H is used to collect a fingerprint. The electronic device 100 may utilize the collected fingerprint feature to unlock the fingerprint, access the application lock, photograph the fingerprint, answer the incoming call, etc.

Optionally, the memory in the electronic device comprises eMMC and universal file storage (Universal File Store, UFS). The RPMB in the memory is generally used for storing data with security requirements, and when writing data into the RPMB, encryption is required by a pre-stored security key. The RPMB verifies the written data with the security key stored thereon, and after verification passes, the written data is stored on the RPMB.

It should be noted that any of the electronic devices mentioned in the embodiments of the present application may include more or fewer modules in the electronic device 100.

The software system of the electronic device 100 may employ a layered architecture, an event driven architecture, a microkernel architecture, a microservice architecture, or a cloud architecture. In this embodiment, taking an Android system with a layered architecture as an example, a software structure of the electronic device 100 is illustrated.

Fig. 3 is a software configuration block diagram of the electronic device 100 according to the embodiment of the present application.

The layered architecture of the electronic device 100 divides the software into several layers, each with a distinct role and division of labor. The layers communicate with each other through a software interface. In some embodiments, the Android system is divided into four layers, from top to bottom, an application layer, an application framework layer, an Zhuoyun row (Android run) and system libraries, and a kernel layer, respectively.

The application layer may include a series of application packages.

As shown in fig. 3, the application package may include applications for cameras, gallery, calendar, phone calls, maps, navigation, WLAN, bluetooth, music, video, short messages, etc.

The application framework layer provides an application programming interface (application programming interface, API) and programming framework for application programs of the application layer. The application framework layer includes a number of predefined functions.

As shown in FIG. 3, the application framework layer may include a window manager, a content provider, a view system, a telephony manager, a resource manager, a notification manager, and the like.

The window manager is used for managing window programs. The window manager can acquire the size of the display screen, judge whether a status bar exists, lock the screen, intercept the screen and the like.

The content provider is used to store and retrieve data and make such data accessible to applications. The data may include video, images, audio, calls made and received, browsing history and bookmarks, phonebooks, etc.

The view system includes visual controls, such as controls to display text, controls to display pictures, and the like. The view system may be used to build applications. The display interface may be composed of one or more views. For example, a display interface including a text message notification icon may include a view displaying text and a view displaying a picture.

The telephony manager is used to provide the communication functions of the electronic device 100. Such as the management of call status (including on, hung-up, etc.).

The resource manager provides various resources for the application program, such as localization strings, icons, pictures, layout files, video files, and the like.

The notification manager allows the application to display notification information in a status bar, can be used to communicate notification type messages, can automatically disappear after a short dwell, and does not require user interaction. Such as notification manager is used to inform that the download is complete, message alerts, etc. The notification manager may also be a notification in the form of a chart or scroll bar text that appears on the system top status bar, such as a notification of a background running application, or a notification that appears on the screen in the form of a dialog window. For example, a text message is prompted in a status bar, a prompt tone is emitted, the electronic device vibrates, and an indicator light blinks, etc.

Android run time includes a core library and virtual machines. Android run time is responsible for scheduling and management of the Android system.

The core library consists of two parts: one part is a function which needs to be called by java language, and the other part is a core library of android.

The application layer and the application framework layer run in a virtual machine. The virtual machine executes java files of the application program layer and the application program framework layer as binary files. The virtual machine is used for executing the functions of object life cycle management, stack management, thread management, security and exception management, garbage collection and the like.

The system library may include a plurality of functional modules. For example: surface manager (surface manager), media Libraries (Media Libraries), three-dimensional graphics processing Libraries (e.g., openGL ES), 2D graphics engines (e.g., SGL), etc.

The surface manager is used to manage the display subsystem and provides a fusion of 2D and 3D layers for multiple applications.

Media libraries support a variety of commonly used audio, video format playback and recording, still image files, and the like. The media library may support a variety of audio video encoding formats, such as: MPEG4, h.264, MP3, AAC, AMR, JPG, PNG, etc.

The three-dimensional graphic processing library is used for realizing three-dimensional graphic drawing, image rendering, synthesis, layer processing and the like.

The 2D graphics engine is a drawing engine for 2D drawing.

The kernel layer is a layer between hardware and software. The kernel layer at least comprises a display driver, a camera driver, an audio driver, a sensor driver, a Wi-Fi driver and the like.

It should be noted that, the electronic device according to the embodiment of the present application may include more or fewer modules in the electronic device.

The application scenario provided by the embodiment of the application is described below with reference to the accompanying drawings.

With the continuous development of terminal technology, the multi-TEE architecture becomes a common architecture. Illustratively, as shown in fig. 4, the terminal device includes two TEEs, one re and RPMB, which are a first TEE, a second TEE, a re and an RPMB, respectively. The first TEE stores no security key, and the second TEE stores the security key. Under the condition that a first TA running in a first TEE needs to write data into an RPMB, the first TA running in the first TEE can send the data to be stored to a second TA running in a second TEE, the second TA encrypts the data to be stored by adopting a security key stored in the second TEE, and sends the encrypted data to the RPMB for storage.

The data to be stored may be data acquired by the first TA calling the first sensor. Illustratively, the first sensor is a fingerprint sensor, and the data to be stored may refer to fingerprint data collected by the first TA calling the fingerprint sensor.

Typically the fingerprint data is used for encrypting and decrypting in the terminal device, so that the fingerprint data needs to be stored in a secure area, e.g. RPMB. In the case that the security key used to verify the data written in the RPMB is not stored in the first TA, transmission may be performed through a data channel between the first TEE, the second TEE, and the re.

It should be understood that the foregoing is illustrative of an application scenario, and is not intended to limit the application scenario of the present application in any way.

The data storage method provided in the embodiment of the present application is described in detail below with reference to fig. 5 to 11.

The data storage method provided by the embodiment of the application can be applied to electronic equipment comprising at least two TEEs.

As shown in fig. 5, the electronic device includes a first TEE and a second TEE, where the first TEE refers to a TEE that does not store a security key, the second TEE refers to a TEE that stores a security key, a first TA running in the first TEE sends data to be stored to a second TA running in the second TEE, and the second TA uses the security key to perform encryption authentication on the data to be stored. And the second TA sends the data to be stored and the first authentication data obtained after encryption authentication to the RPMB.

A data storage method applied to the electronic device shown in fig. 5 is described in detail below with reference to fig. 6.

Fig. 6 is a flow chart of a data storage method according to an embodiment of the present application, and as shown in fig. 6, the method is applied to the electronic device shown in fig. 5. The method comprises the following steps:

s101, the first TA sends data to be stored to the second TA.

It should be appreciated that when the electronic device is produced by the production line, the security key is written into the memory in the electronic device, and at the same time, the security key is written into the TEE, so that the TEE may encrypt the data to be stored using the security key when writing the data into the RPMB. In the case of an electronic device comprising at least two TEEs, in order to avoid situations where multiple TEEs write data into the RPMB simultaneously resulting in counter collisions, the security key is typically written into only one TEE.

It should be understood that the security key may be stored in any of the at least two TEEs.

Illustratively, the at least two TEEs include a first TEE, which refers to a TEE that does not store the security key, and a second TEE, which refers to a TEE that stores the security key.

It should be appreciated that the first TA running in the first TEE needs to write data into the RPMB, since the security key is not stored in the first TEE. Therefore, the first TA cannot encrypt the data to be stored by using the secure key, so that the first TA cannot directly send the data to be stored to the RPMB for storage.

Wherein the first TA may refer to a trusted application running in the first TEE.

In this case, the first TA may transmit the data to be stored to the second TA running in the second TEE.

The data to be stored may refer to data acquired by the first TA on the first TEE.

Illustratively, the first TA in the first TEE is an application that requires encryption and decryption of fingerprint data. The data to be stored may refer to fingerprint data acquired by the first TA through the fingerprint acquirer.

Illustratively, the first TA in the first TEE is an application that requires encryption and decryption of sound data. The data to be stored may refer to sound data acquired by the first TA through the microphone.

Illustratively, the first TA in the first TEE is an application that requires a character password for encryption and decryption. The data to be stored may refer to character data obtained by the first TA through receiving a click operation of the user on the display screen.

Illustratively, the first TA in the first TEE is an application that requires encryption and decryption of the eye print data. The data to be stored may refer to eye pattern data acquired by the first TA through the camera.

The first TA in the first TEE is an application program that requires encryption and decryption of a face. The data to be stored may refer to face data acquired by the first TA through the camera.

The first TA may also be an application program that provides security services to the CA, and the data to be stored may refer to password data sent by the CA to the first TA, including, but not limited to, fingerprint data, voice data, character data, eye print data, and face data, as described above.

In the process of sending the data to be stored to the second TA, the first TA optionally sends the data to be stored to a CA running in the REE, and the CA sends the data to be stored to the second TA.

Wherein, CA in REE refers to client application program running in REE.

In one possible scenario, the first TA in the first TEE may also send the data to be stored to the kernel first, through which the data to be stored is sent to the CA in the re.

Wherein the second TA refers to a trusted application running in the second TEE.

For example, in the process that the CA in the re sends the data to be stored to the second TA in the second TEE, the CA in the re may send the data to be stored to the kernel, and then the kernel sends the data to be stored to the second TA in the second TEE.

S102, the second TA calculates the data to be stored by adopting the security key to obtain first authentication data, and generates a first data packet according to the first authentication data and the data to be stored.

The second TA may encrypt the data to be stored with a Hash-message authentication code (Hash-based Message Authentication Code, HMAC) using the security key. The HMAC is a method for authenticating messages based on a Hash function and a secret key, is a mode for providing authentication services selected by many security protocols at present, has wide application, for example, in internet security protocols (Internet Protocol Security, IPSec) and other network protocols (e.g. SSL), has wide application, and is resistant to various attacks. Based on this, HMACs may also be referred to as existing Internet security standards.

Optionally, the second TA may also calculate the data to be stored by using the secure key and a cipher block chaining message authentication code (Cipher Block Chaining-Message Authentication Code, CMAC) to obtain the first authentication data.

S103, the second TA sends the first data packet to the RPMB.

Alternatively, the second TA may send the first data packet to the RPMB through the kernel.

For example, the second TA in the second TEE may send the first data packet to the kernel, which in turn sends the first data packet to the RPMB.

And S104, performing calculation authentication on the basis of the first data packet by the RPMB, and storing data to be stored in the first data packet under the condition that the authentication is passed.

Optionally, when the RPMB stores the data to be stored, the security key is used to calculate the data to be stored to obtain second authentication data, and if the first authentication data and the second authentication data are the same, it is determined that the first data packet passes the authentication, and the data to be stored is stored.

The data storage method provided in the embodiment of the application is applied to an electronic device including at least two TEEs, wherein the at least two TEEs include a first TEE and a second TEE, the first TEE is a TEE which does not store a security key, and the second TEE is a TEE which stores a security key, and the method includes: the method comprises the steps that a first TA sends data to be stored to a second TA, wherein the first TA refers to a trusted application program running on a first TEE, and the second TA refers to a trusted application program running in a second TEE; the second TA calculates the data to be stored by adopting the security key to obtain first authentication data, and obtains a first data packet according to the first authentication data and the data to be stored; the second TA sends the first data packet to a replay protection memory block RPMB; and the RPMB storage adopts a security key to carry out calculation authentication on the first data packet, and stores the data to be stored in the first data packet under the condition that the authentication is passed. That is, in the electronic device adopting at least two TEEs, the first TA running in the first TEE that does not store the security key may send the data to be stored to the second TA running in the second TEE that stores the security key, and calculate and authenticate the data to be stored by using the security key through the second TA to obtain first authentication data, and generate the first data packet according to the first authentication data and the data to be stored, so that after the first data packet is received by the RPMB, the first data packet may be calculated and authenticated by using the security key, and the data to be stored in the first data packet is stored under the condition that the authentication passes, which is equivalent to realizing the function that the application program running in each TEE in the multi-TEE architecture can write data into the RPMB.

The data transfer between the first TEE, the second TEE, and the RPMB may be performed by a kernel and CA running in the re, as one possible scenario. Meanwhile, after the RPMB stores the encrypted data, the current count value can be increased by one to obtain an updated count value, and then the updated count value is returned to the first TEE and the second TEE, so that the first TEE or the second TEE determines that the data to be stored is stored in the RPMB based on response information, the first TEE and the second TEE do not need to send the data to the RPMB again, unnecessary data transmission of the first TEE, the second TEE, kernel, REE and the RPMB is avoided, and resource waste is further avoided. Described in detail below by way of the embodiment shown in fig. 7 and 8.

The data storage method provided by the embodiment of the application can be applied to an electronic device as shown in fig. 7. As shown in fig. 7, the electronic device includes a first TEE, a second TEE, kernel, REE, and an RPMB. The first TEE refers to a TEE which does not store a security key, and the second TEE refers to a TEE which stores a security key. The first TA running in the first TEE sends the data to be stored to the CA running in the REE, the CA sends the data to be stored to the second TA running in the second TEE, and the second TA encrypts the data to be stored by adopting the security key to obtain encrypted data. The second TA sends the encrypted data to the kernel. The kernel sends the encrypted data to the RPMB. The RPMB stores the encrypted data.

A data storage method applied to the electronic device shown in fig. 7 is described in detail below with reference to fig. 8.

Fig. 8 is a flowchart of a data storage method according to an embodiment of the present application, where the method is applied to the electronic device shown in fig. 7. As shown in fig. 8, the method includes:

s201, the first TA sends data to be stored to a kernel.

Wherein the first TA refers to a trusted credit program running in the first TEE.

Kernel is understood to mean the core component in the operating system, the primary interface between the physical hardware of a computer and the processes running on it. Kernel may include a plurality of modules therein.

Illustratively, kernel includes a TEE tz driver module, a storage device driver module, a Hypervisor module, and an ATF module.

S202, the kernel sends the data to be stored to the CA running in REE.

Wherein, the CA running in REE can refer to a TEE agent module,

illustratively, the CA running in the re may include a first TEE agent CA and a second TEE agent CA.

S203, the CA sends the data to be stored to the kernel.

And S204, the kernel sends the data to be stored to the second TA.

S205, the second TA calculates the data to be stored to the first authentication data by adopting the security key, and generates a first data packet according to the first authentication data and the data to be stored.

S206, the second TA sends the first data packet to the kernel.

S207, the kernel sends the first data packet to the RPMB.

S208, the RPMB adopts the security key to check the first data packet, and after the first data packet passes the check, S209 is executed.

S209, RPMB stores data to be stored.

S210, the RPMB sends response information to the kernel.

And the response information is used for indicating that the data to be stored is stored in the RPBM.

The response information may include an updated count value, where the updated count value is a count value obtained by updating the RPMB based on the stored data to be stored. Illustratively, the updated count value is obtained by adding 1 to the current count value by the RPMB after storing the data to be stored.

And S211, the kernel sends response information to a second TA running in the second TEE.

S212, the second TA sends response information to the kernel.

S213, the kernel sends the response information to the CA running in REE.

And S214, the CA running in REE sends the response information to the kernel.

And S215, the kernel sends the response information to the first TA running in the first TEE.

In one possible case, the data to be stored may be data acquired by a fingerprint sensor. And the CA operates in the Android system, and under the condition that a fingerprint registration request initiated by a user is received, the CA sends a fingerprint registration request to a fingerprint TA (first TA) in the first TEE, and the fingerprint TA invokes a fingerprint sensor based on the fingerprint registration request to collect fingerprint data and sends the collected fingerprint data to the fingerprint TA. How the fingerprint TA stores the fingerprint data acquired by the fingerprint sensor in RPMB is described in detail below with reference to fig. 9 and 10.

It should be understood that the electronic device may be divided into four operational levels, EL0, EL1, EL2, and EL3, respectively. The running level of the application program is ELO, the running level of the driver is EL1, the running level of the Hypervisor module is EL2, and the running level of the ATF module is EL3.

The data storage method provided by the embodiment of the application can be applied to an electronic device as shown in fig. 9. And running a fingerprint CA, a first TEE agent CA and a second TEE agent CA in Android. The first TEE is provided with a fingerprint TA and a first RPMB service module. The second TEE has a proxy TA and a second RPMB service module running therein. The second RPMB service module stores a security key therein. It should be appreciated that the fingerprint CA, the first TEE agent CA, the second TEE agent CA, the fingerprint TA, the first RPMB service module, the agent TA, and the second RPMB service module operate at a level EL0. The Kernel comprises a storage device driving module, a second TEE tz driving module, a first TEE tz driving module, a Hypervisor module and an ATF module, wherein the operation level of the storage device driving module, the second TEE tz driving module and the first TEE tz driving module is EL1. The Hypervisor module operates at an EL2 level. The ATF module operates at an EL3 level. As shown in fig. 9, an Android (re), a first TEE (first TEE), and a second TEE (second TEE) are run in the electronic device, wherein the first TEE does not store a security key, and the second TEE stores a security key. Under the condition that fingerprint registration operation is received, fingerprint CA running in Android can send fingerprint registration request to fingerprint TA in first TEE. The fingerprint TA responds to the fingerprint registration request, calls the fingerprint sensor to collect fingerprint data, then sends the fingerprint data to the agent TA running in the second TEE through the agent CA running in Android, further calculates and authenticates the fingerprint data through the agent TA to obtain first authentication data, and generates a first data packet according to the first authentication data and data to be stored. The agent TA sends the first data packet to the RPMB through a Hypervisor module, an ATF module and a drive module in the kernel.

The data storage method applied to the electronic device shown in fig. 9 will be described in detail with reference to fig. 10.

Fig. 10 is a flowchart of another data storage method according to an embodiment of the present application, where the method is applied to the electronic device shown in fig. 9, and includes:

s301, responding to fingerprint registration operation, and sending a fingerprint registration request to a first TEE tz driving module in kernel by a fingerprint CA running in Android (REE).

S302, the first TEE tz driving module sends a fingerprint registration request to the Hypervisor module.

S303, the Hypervisor module sends a fingerprint registration request to a fingerprint TA (first TA) in a first TEE (first TEE).

S304, the fingerprint TA calls a fingerprint sensor to collect fingerprint data (data to be stored) in response to the fingerprint registration request.

S305, the fingerprint TA sends the fingerprint data and the RPMB write request type to the first RPMB service module in the first TEE.

And S306, the first RPMB service module in the first TEE encrypts the fingerprint data and the RPMB writing request by using the first security key to obtain first encrypted data, and adds the operation request type of a second TEE (second TEE) RPMB in the first encrypted data to generate a second data packet.

It should be understood that the first secure key is a secure key used for encryption and decryption in the first TEE and the second TEE, and is different from the secure key of the RPMB. Since the fingerprint TA running in the first TEE needs to forward the fingerprint data to the proxy TA running in the second TEE through the CA running in the android, in order to ensure the security of the fingerprint data in the CA running in the android, the fingerprint data may be encrypted by using the first security key to ensure the security of the fingerprint data.

Optionally, the generated first data packet may further include an RPMB operation cmd id and an RPMB write cmd id, where the RPMB operation cmd id is used to indicate that the operation corresponding to the current data is an RPMB operation. So that the application program confirms that the operation corresponding to the fingerprint data in the first data packet is the RPMB operation based on the RPMB operation cmd id. The RPMB write cmd id is used to indicate that the operation corresponding to the current data is an operation to write to the RPMB. After the RPMB device receives the first data packet, it may determine, based on the RPMB write cmd id, that fingerprint data in the first data packet is data written into the RPMB.

Illustratively, the data format of the second data packet may include an RPMB operation cmd id, an RPMB write cmd id, a data amount of RPMB data, and RPMB data, as shown in fig. 11. Wherein, RPMB data may be fingerprint data.

Optionally, the generated second data packet may further include a VM id of the first TEE.

It should be appreciated that the Hypervisor module may assign a VM id to different virtual machines. The VM id of the first TEE is the VM id assigned to the first TEE by the Hypervisor module for representing the first TEE.

S307, the first RPMB service module in the first TEE sends the second data packet to the Hypervisor module in the kernel.

S308, the Hypervisor module sends the second data packet to the first TEE tz driver in the kernel.

S309, the first TEE tz driving module in the kernel sends the second data packet to the first TEE agent CA in the Android.

S310, the first TEE agent CA sends the second data packet to a second TEE agent CA in Android.

And S311, the second TEE agent CA in Android sends the second data packet to a second TEE tz driving module in kernel.

And S312, the second TEE tz driving module in the kernel sends the second data packet to the Hypervisor module in the kernel.

S313, the Hypervisor module sends the second data packet to the ATF module in the kernel according to the VM id in the second data packet.

S314, the ATF module sends the second data packet to the proxy TA (second TA) running in the second TEE.

S315, the proxy TA decrypts the first encrypted data in the second data packet by using the first security key according to the type of the RPMB writing request in the second data packet, and obtains fingerprint data and the RPMB writing request.

And S316, the proxy TA sends the decrypted fingerprint data and the RPMB writing request to a second RPMB service module running in the second TEE.

And S317, the second RPMB service module running in the second TEE generates a first data packet according to the fingerprint data and the RPMB writing request.

The second RPMB service module may perform authentication calculation on the fingerprint data by using a second security key to obtain first authentication data, and then generate a first data packet according to the first authentication data, the fingerprint data and the RPMB write request.

It should be appreciated that the second security key is the security key that the RPMB uses to verify the stored RPMB data. Wherein the first packet is a packet written to the RPMB.

And S318, the second RPMB service module sends the first data packet to the ATF module.

And S319, the ATF module sends the first data packet to the Hypervisor module.

S320, the Hypervisor module sends the first data packet to the second TEE tz driving module.

S321, the second TEE tz driving module sends the first data packet to the storage device driving module.

The memory device driver module refers to an eMMC driver module, for example.

Illustratively, the storage device drive module refers to a UFS drive module.

S322, the storage device driving module sends the first data packet to the RPMB.

In the embodiment of the application, the fingerprint TA running in the first TEE forwards fingerprint data to the proxy TA running in the second TEE through the first TEE proxy CA and the second TEE proxy CA running in the android, the proxy TA sends the fingerprint data to the second RPMB service module in the second TEE, the second RPMB service module stored with the security key can conduct authentication calculation on the fingerprint data to obtain first authentication data, then a first data packet is generated according to the first authentication data, the fingerprint data and an RPMB writing request, the first data packet is sent to the RPMB through the ATF module, the Hypervisor module, the second TEE tz driving module and the storage device driving module, the RPMB adopts the security key to verify the first data packet, and the fingerprint data in the first data packet is stored under the condition that verification is passed. Therefore, the fingerprint TA in the first TEE without the security key can also store fingerprint data in the RPMB through the data channel, that is, by adopting the data storage method provided by the embodiment of the application, the function that the application program running in each TEE in the multi-TEE architecture can write data into the RPMB is realized.

It should be understood that, although the steps in the flowcharts in the above embodiments are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least a portion of the steps in the flowcharts may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order in which the sub-steps or stages are performed is not necessarily sequential, and may be performed in turn or alternately with at least a portion of the sub-steps or stages of other steps or other steps.

Fig. 12 is a schematic structural diagram of an electronic device according to an embodiment of the present application.

It should be appreciated that the electronic device may perform the data storage methods shown in fig. 5-11; an electronic device includes: an acquisition unit 610 and a processing unit 620.

The processing unit 620 is configured to control the first trusted application TA to send the data to be stored to the second trusted application TA, where the first TA is a trusted application running on the first TEE, and the second TA is a trusted application running in the second TEE; the second TA performs authentication calculation on the data to be stored by adopting the security key to obtain first authentication data; the second TA obtains a first data packet according to the first authentication data and the data to be stored; the second TA sends the first data packet to a replay protection memory block RPMB; the RPMB stores data to be stored in the first data packet.

Optionally, as an embodiment, the processing unit 620 is specifically configured to control the first TA to send the data to be stored to the client application CA running in the rich execution environment REE; the CA sends the data to be stored to the second TA.

Optionally, as an embodiment, the processing unit 620 is specifically configured to control the first TA to send the acquired data to be stored to the kernel; the kernel sends the data to be stored to the CA.

Optionally, as an embodiment, the processing unit 620 is specifically configured to control the RPMB to verify the first data packet based on the security key; and the RPMB stores the data to be stored in the first data packet under the condition that the check passes.

Optionally, as an embodiment, the processing unit 620 is specifically configured to control the RPMB to send response information to the second TA, where the response information is used to indicate that the data to be stored is stored in the RPBM.

Optionally, as an embodiment, the processing unit 620 is specifically configured to control the RPMB to update the count value in the RPMB based on the stored data to be stored, and obtain the updated count value.

Optionally, as an embodiment, the processing unit 620 is specifically configured to control the second TA to send the response information to the first TA.

Optionally, as an embodiment, the processing unit 620 is specifically configured to control the second TA to send response information to the kernel; the kernel sends response information to the CA running in REE; the CA sends response information to the first TA.

Optionally, as an embodiment, the data to be stored is data acquired by the first sensor and called by the first TA.

Optionally, as an embodiment, the first sensor comprises a fingerprint sensor.

Optionally, as an embodiment, the processing unit 620 is specifically configured to control the CA running in the re to send a fingerprint data acquisition request to the first TA if the first operation is detected, where the first operation is used to instruct to acquire fingerprint data; and the first TA responds to the fingerprint data acquisition request, calls the fingerprint sensor to acquire fingerprint data, and obtains data to be stored according to the fingerprint data.

The electronic device provided in this embodiment is configured to execute the data storage method in the foregoing embodiment, and the technical principles and technical effects are similar and are not repeated herein.

The electronic device described above is embodied in the form of a functional unit. The term "unit" herein may be implemented in software and/or hardware, without specific limitation.

It will be appreciated that in order to achieve the above-described functionality, the electronic device comprises corresponding hardware and/or software modules that perform the respective functionality. The steps of an algorithm for each example described in connection with the embodiments disclosed herein may be embodied in hardware or a combination of hardware and computer software. Whether a function is implemented as hardware or computer software driven hardware depends upon the particular application and design constraints imposed on the solution. Those skilled in the art may implement the described functionality using different approaches for each particular application in conjunction with the embodiments, but such implementation is not to be considered as outside the scope of this application.

The embodiment of the application may divide the functional modules of the electronic device according to the above method example, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one module. It should be noted that, in the embodiment of the present application, the division of the modules is schematic, which is merely a logic function division, and other division manners may be implemented in actual implementation. It should be noted that, in the embodiment of the present application, the names of the modules are schematic, and the names of the modules are not limited in actual implementation.

For example, a "unit" may be a software program, a hardware circuit or a combination of both that implements the functions described above. The hardware circuitry may include application specific integrated circuits (application specific integrated circuit, ASICs), electronic circuits, processors (e.g., shared, proprietary, or group processors, etc.) and memory for executing one or more software or firmware programs, merged logic circuits, and/or other suitable components that support the described functions.

Thus, the elements of the examples described in the embodiments of the present application can be implemented in electronic hardware, or in a combination of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

Fig. 13 shows a schematic structural diagram of an electronic device provided in the present application. The dashed line in fig. 13 indicates that the unit or the module is optional. The electronic device 700 may be used to implement the data storage methods described in the method embodiments above.

The electronic device 700 includes one or more processors 701, which one or more processors 701 may support the electronic device 700 to implement the data storage method in the method embodiments. The processor 701 may be a general-purpose processor or a special-purpose processor. For example, the processor 701 may be a central processing unit (central processing unit, CPU), digital signal processor (digital signal processor, DSP), application specific integrated circuit (application specific integrated circuit, ASIC), field programmable gate array (field programmable gate array, FPGA), or other programmable logic device such as discrete gates, transistor logic, or discrete hardware components.

The processor 701 may be used to control the electronic device 700, execute a software program, and process data of the software program. The electronic device 700 may further comprise a communication unit 705 for enabling input (reception) and output (transmission) of signals.

For example, the electronic device 700 may be a chip, the communication unit 705 may be an input and/or output circuit of the chip, or the communication unit 705 may be a communication interface of the chip, which may be an integral part of a terminal device or other electronic device.

For another example, the electronic device 700 may be a terminal device, the communication unit 705 may be a transceiver of the terminal device, or the communication unit 705 may be a transceiver circuit of the terminal device.

The electronic device 700 may include one or more memories 702 having a program 704 stored thereon, the program 704 being executable by the processor 701 to generate instructions 703 such that the processor 701 performs the impedance matching method described in the above method embodiments according to the instructions 703.

Optionally, the memory 702 may also have data stored therein. Alternatively, processor 701 may also read data stored in memory 702, which may be stored at the same memory address as program 704, or which may be stored at a different memory address than program 704.

The processor 701 and the memory 702 may be provided separately or may be integrated together; for example, integrated on a System On Chip (SOC) of the terminal device.

Illustratively, the memory 702 may be used to store a related program 704 of the data storage method provided in the embodiments of the present application, and the processor 701 may be used to invoke the related program 704 of the data storage method stored in the memory 702 when performing data storage, to execute the data storage method of the embodiments of the present application; comprising the following steps: the method comprises the steps that a first trusted application TA sends data to be stored to a second trusted application TA, wherein the first TA refers to a trusted application running on a first TEE, and the second TA refers to a trusted application running in a second TEE; the second TA performs authentication calculation on the data to be stored by adopting the security key to obtain first authentication data; the second TA obtains a first data packet according to the first authentication data and the data to be stored; the second TA sends the first data packet to a replay protection memory block RPMB; the RPMB stores data to be stored in the first data packet.

The present application also provides a computer program product which, when executed by the processor 701, implements the data storage method of any of the method embodiments of the present application.

The computer program product may be stored in the memory 702, for example, the program 704, and the program 704 is finally converted into an executable object file capable of being executed by the processor 701 through preprocessing, compiling, assembling, and linking.

The present application also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a computer, implements a data storage method according to any of the method embodiments of the present application. The computer program may be a high-level language program or an executable object program.

Such as memory 702. The memory 702 may be volatile memory or nonvolatile memory, or the memory 702 may include both volatile and nonvolatile memory. The nonvolatile memory may be a read-only memory (ROM), a Programmable ROM (PROM), an Erasable PROM (EPROM), an electrically Erasable EPROM (EEPROM), or a flash memory. The volatile memory may be random access memory (random access memory, RAM) which acts as an external cache. By way of example, and not limitation, many forms of RAM are available, such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), enhanced SDRAM (ESDRAM), synchronous DRAM (SLDRAM), and direct memory bus RAM (DR RAM).

In the present application, "at least one" means one or more, and "a plurality" means two or more. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b, or c may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or plural.

It should be understood that, in various embodiments of the present application, the sequence numbers of the foregoing processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic thereof, and should not constitute any limitation on the implementation process of the embodiments of the present application.

Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.

In the several embodiments provided in this application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the device embodiments described above are merely illustrative; for example, the division of the units is only one logic function division, and other division modes can be adopted in actual implementation; for example, multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.

The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.

The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A data storage method, wherein the method is applied to an electronic device including at least two trusted execution environment TEEs, the at least two TEEs including a first TEE and a second TEE, the first TEE being a TEE that does not store a security key, the second TEE being a TEE that stores the security key, the method comprising:

a first trusted application TA sends data to be stored to a second trusted application TA, wherein the first TA refers to a trusted application running on the first TEE, and the second TA refers to a trusted application running in the second TEE;

the RPMB stores the data to be stored in the first data packet.

2. The method of claim 1, wherein the first trusted application TA running in the first TEE sends data to be stored to the second trusted application TA running in the second TEE, comprising:

the first TA sends the data to be stored to a client application program CA running in a rich execution environment REE;

and the CA sends the data to be stored to the second TA.

3. The method according to claim 2, wherein the first TA transmitting the data to be stored to a client application CA running in a rich execution environment re, comprises:

the first TA sends the acquired data to be stored to a kernel;

and the kernel sends the data to be stored to the CA.

4. A method according to any one of claims 1 to 3, wherein the RPMB stores the data to be stored in the first data packet, comprising:

The RPMB verifies the first data packet based on the security key;

5. The method according to claim 4, wherein the method further comprises:

and the RPMB sends response information to the second TA, wherein the response information is used for indicating that the data to be stored is stored in the RPBM.

6. The method of claim 5, wherein the response information includes an updated count value, further comprising:

and the RPMB updates the count value in the RPMB based on the stored data to be stored, and obtains the updated count value.

7. The method according to claim 5 or 6, characterized in that the method further comprises:

the second TA sends the response information to the first TA.

8. The method of claim 7, wherein the second TA transmitting the response information to the first TA comprises:

the second TA sends the response information to the kernel;

the kernel sends the response information to the CA running in REE;

the CA sends the response information to the first TA.

9. The method according to any one of claims 1 to 8, wherein the data to be stored is data acquired by a first sensor called by the first TA.

10. The method of claim 9, wherein the first sensor comprises a fingerprint sensor.

11. The method according to any one of claims 1 to 10, further comprising:

the CA running in REE sends a fingerprint data acquisition request to the first TA under the condition that a first operation is detected, wherein the first operation is used for indicating acquisition of fingerprint data;

and the first TA responds to the fingerprint data acquisition request, calls a fingerprint sensor to acquire fingerprint data, and obtains the data to be stored according to the fingerprint data.

12. A chip comprising a processor which, when executing instructions, performs the method of any of claims 1 to 11.

13. An electronic device comprising a processor for coupling with a memory and reading instructions in the memory and, in accordance with the instructions, causing the electronic device to perform the method of any one of claims 1 to 11.

14. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program, which when executed by a processor causes the processor to perform the method of any of claims 1 to 11.