[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2023240941A1 - 下载数据的方法、装置和安全元件 - Google Patents

下载数据的方法、装置和安全元件 Download PDF

Info

Publication number
WO2023240941A1
WO2023240941A1 PCT/CN2022/136116 CN2022136116W WO2023240941A1 WO 2023240941 A1 WO2023240941 A1 WO 2023240941A1 CN 2022136116 W CN2022136116 W CN 2022136116W WO 2023240941 A1 WO2023240941 A1 WO 2023240941A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
downloaded
memory
download command
download
Prior art date
Application number
PCT/CN2022/136116
Other languages
English (en)
French (fr)
Inventor
罗建杰
冯涛
Original Assignee
深圳市汇顶科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市汇顶科技股份有限公司 filed Critical 深圳市汇顶科技股份有限公司
Publication of WO2023240941A1 publication Critical patent/WO2023240941A1/zh

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Definitions

  • the present application relates to the field of information security technology, and more specifically, to a method, device and secure element for downloading data.
  • Secure Element can provide functions such as secure storage of private information and secure execution of important programs.
  • the SE has a physically independent structure and an independent on-chip operating system (Card operation system, COS).
  • the SE can communicate with the outside through security protocols to implement application functions such as secure data storage and encryption and decryption operations. .
  • a method for downloading data is provided, which is applied to the secure element SE.
  • the method includes: receiving a first download command, which carries the first data to be downloaded; and writing the first data to the memory inside the SE. Data to be downloaded; sending the first preset response during at least part of the time period when the first data to be downloaded is written into the memory.
  • the SE does not need to wait for the execution of writing the first data to be downloaded to the memory to be completed before sending a response according to the execution result, but in the process of writing the first data to be downloaded to the memory. , directly sending the preset first preset response, thereby saving the SE's download processing time for the first download command and the carried first data to be downloaded, so as to improve the production efficiency of the SE and the user's experience of using the SE.
  • the method further includes: receiving a second download command during at least part of the time period when writing the first data to be downloaded to the memory. Carrying the second data to be downloaded.
  • the SE does not need to wait for the completion of writing the first data to be downloaded to the memory and sending a response to the upper computer indicating whether the execution of the written data is completed before it can receive the third data sent by the upper computer.
  • Second download command, and the second download command can be received during at least part of the time period when the first data to be downloaded is written to the memory, thereby saving the SE's processing time for the second download command and further saving the SE's processing time for the data to be downloaded. Overall download time.
  • the method further includes: sending a second response, where the second response is used to indicate: writing the first data to be downloaded to the memory. Whether the download data is executed successfully.
  • the second response is a real message generated according to the writing situation of the first data to be downloaded in the memory.
  • Sending the second response to the host computer in real time can facilitate the host computer to accurately and timely grasp the current data download situation in the SE, and perform subsequent operations based on the true second response to improve the efficiency of data downloading in the SE. , and ensure the overall performance of SE.
  • the method further includes: writing the second data to be downloaded to the memory while sending the second response.
  • the SE can synchronize the time of sending the second response to write the second data to be downloaded into the memory, thereby saving the SE's download time for the second data to be downloaded.
  • the method further includes: receiving a third download command during at least part of the time period when writing the second data to be downloaded to the memory, where the third download command carries The third data is to be downloaded.
  • the method further includes: determining that downloading the data fails and stopping receiving subsequent download commands.
  • the SE when the SE fails to write the first data to be downloaded to its internal memory, it can directly stop receiving subsequent download commands to avoid subsequent invalid command reception and data downloads that cause system resource damage. waste, thus improving the execution efficiency of data download in SE.
  • the overall production efficiency of the production line can be improved and the production capacity of SE can be improved.
  • the method further includes: receiving the i+1th download command, the i+th download command during at least part of the time period when writing the ith data to be downloaded to the memory, 1
  • the download command carries the i+1th data to be downloaded, where i is a positive integer; when the i+1th download command is the last download command, write the i+1th data to be downloaded into the memory; send The i+1th response, the i+1th response is used to indicate whether writing the ith data to be downloaded to the memory and the i+1th data to be downloaded are executed successfully.
  • SE can process the last download command in a timely and convenient manner, and send the last two download commands to carry the execution status of data writing in the memory, ensuring the integrity and reliability of the entire data download. performance, thereby ensuring the overall performance of SE.
  • the method further includes: receiving the i+1th download command, the i+th download command during at least part of the time period when writing the ith data to be downloaded to the memory, 1
  • the download command carries the i+1th data to be downloaded, where i is a positive integer; when the i+1th download command is the last download command, whether the ith data to be downloaded is written to the memory is executed successfully. , determine whether to write the i+1th data to be downloaded to the memory; send the i+1th response, the i+1th response is used to indicate: write the ith data to be downloaded to the memory and whether the i+1th data to be downloaded is executed success.
  • the SE may not perform the subsequent process of writing the i+1-th data to be downloaded into the memory, thereby avoiding the waste of system resources. , improve the execution efficiency of data download in SE.
  • SE can send the last two download commands to carry the execution status of data writing in the memory, ensuring the integrity and reliability of the entire data download, thereby ensuring the overall performance of SE.
  • the method further includes: receiving second to jth download commands, wherein the second download command carries second to-be-downloaded data, and the jth The download command carries the jth data to be downloaded, j is a positive integer greater than 1; the second data to be downloaded to the jth data to be downloaded are sequentially written to the memory; the second data to be downloaded to the jth data to be downloaded are sequentially written to the memory.
  • the second preset response is sent to the jth preset response.
  • the SE can be used to sequentially write the second data to be downloaded to at least part of the jth data to be downloaded into its internal memory, and send a second preset response to the host computer to the jth preset data. Set response.
  • the SE's processing time for the second download command to the j-th download command can be saved, that is, the SE's overall download processing time for the second to-be-downloaded data to the j-th data to be downloaded can be saved.
  • the method further includes: receiving second to jth download commands, wherein the second download command carries second to-be-downloaded data, and the jth The download command carries the jth data to be downloaded, where j is a positive integer greater than 1; the second data to be downloaded to the xth data to be downloaded are sequentially written to the memory, where the xth data to be downloaded is the data that failed to be written to the memory.
  • x is a positive integer greater than 1 and less than or equal to j; during at least part of the time period when the second data to be downloaded to the xth data to be downloaded are sequentially written to the memory, the second preset response is sent to the jth preset response.
  • the SE can be used to sequentially write the second data to be downloaded to at least part of the time period of the xth data to be downloaded into its internal memory, and send the second preset response to the host computer to the jth preset data. Assume the response, where the xth data to be downloaded is the data that failed to be written to the memory.
  • the SE can not only save the processing time of the second download command to the jth download command in SE, but also avoid the waste of system resources and improve the execution efficiency of data download in SE.
  • the method further includes: sequentially writing the second data to be downloaded to the x-th data to be downloaded into the memory for at least part of the time period Within, the j+1th download command is received, and the j+1th download command carries the j+1th data to be downloaded; the j+1th response is sent, and the j+1th response is used to indicate: write the first data to be downloaded into the memory. Download data to the j+1th data to be downloaded whether the execution is successful.
  • the SE can instruct the host computer through the j+1th response to write the first data to be downloaded into the memory to whether the j+1th data to be downloaded is executed successfully, so that the host computer can accurately know whether the j+1th data to be downloaded is successfully executed.
  • the relatively accurate download status of the data to be downloaded to the j+1th data to be downloaded in the SE is convenient for the host computer to perform subsequent actions based on the more accurate download status.
  • the first download command is an application protocol data unit APDU command; and/or the first data to be downloaded is on-chip operating system COS data.
  • the method is applied to the flash memory download unit in the SE, and the memory is the flash memory in the SE.
  • a device for downloading data which is provided on the secure element SE.
  • the device includes: a communication module for receiving a first download command, which carries the first data to be downloaded; and an operation module for In writing the first data to be downloaded into the memory inside the SE; during at least part of the time period when the operation module writes the first data to be downloaded into the memory, the communication module is also used to send a first preset response.
  • a device for downloading data including: a processor and a memory, the memory is used to store a program, and the processor is used to call and run the program from the memory to execute the first aspect or any one of the first aspects.
  • the method of downloading data in the implementation.
  • Figure 1 is a schematic diagram of the interaction structure between a host computer and an SE chip provided by an embodiment of the present application.
  • Figure 3 is a schematic flow chart of a method for downloading data provided by an embodiment of the present application.
  • Figure 4 is a schematic flow chart of another method for downloading data provided by an embodiment of the present application.
  • Figure 5 is a schematic flow chart of another method for downloading data provided by an embodiment of the present application.
  • Figure 7 is a schematic flow chart of another method for downloading data provided by an embodiment of the present application.
  • Figure 8 is a schematic flow chart of another method for downloading data provided by an embodiment of the present application.
  • Figure 9 is a schematic flow chart of another method for downloading data provided by an embodiment of the present application.
  • Figure 10 is a schematic flow chart of another method for downloading data provided by an embodiment of the present application.
  • Figure 12 is a schematic structural block diagram of another device for downloading data provided by an embodiment of the present application.
  • the technical solution of the embodiment of the present application relates to a secure element (SE), which is usually provided in the form of a chip.
  • SE secure element
  • the host computer for example, a production line machine or a card reader, etc.
  • the host computer can send the COS program data to the SE chip so that The SE chip burns the COS program data into its internal memory to complete the download of the COS program data in the SE chip.
  • the host computer 11 and the SE chip 12 can be connected to each other to achieve data communication between the two.
  • the host computer 11 can be connected to the SE chip 12 through physical wiring, or the host computer 11 can also be connected to the SE chip 12 through a network.
  • the SE chip 12 can be connected to the host computer 11 through a communication interface such as a serial peripheral interface (Serial Peripheral Interface, SPI) and corresponding communication lines.
  • the host computer 11 includes but is not limited to a production line machine or a card reader.
  • a memory 121 is provided in the SE chip 12, and the memory 121 may include a volatile memory and/or a non-volatile memory.
  • the non-volatile memory can be a read-only memory (Read Only Memory, ROM), a programmable read-only memory (Programmable ROM, PROM), an erasable programmable read-only memory (Erasable PROM, EPROM), an electrically removable memory. Erase programmable read-only memory (Electrically EPROM, EEPROM) or flash memory (Flash).
  • the volatile memory can be a random access memory (Random Access Memory, RAM), etc. This RAM has a fast read and write speed and can be used as an external cache.
  • memory 121 may include Flash.
  • the SE chip 12 receives the COS program data from the host computer 11 through a communication protocol, such as the SPI protocol, and the processor 122 is used to write the COS program data into Flash.
  • the COS program data can be cached in the RAM, and then the processor 122 can be used to write the COS data cached in the RAM to Flash.
  • a Flash loader program can be stored in Flash, and the processor 122 can call the Flash loader program to execute: receive the COS program data from the host computer 11, and transfer the COS program to Data is written to the data storage space of Flash.
  • the size of the COS program data compiled by the host computer is several hundred kilobytes (KB).
  • the host computer 11 can split the COS program data into multiple commands, sequentially Sent to SE chip 12.
  • the SE chip 12 After receiving the multiple commands, the SE chip 12 sequentially burns the COS program data carried by each command into the memory 121 to complete the download of the COS program data in the SE chip 12 .
  • Figure 2 shows a schematic diagram of the interaction flow between the host computer 11 and the SE chip 12.
  • the host computer 11 first sends a first command to the SE chip 12, and the first command may carry part of COS program data, that is, the first COS data.
  • the SE chip 12 After the SE chip 12 receives the first command, the SE chip 12 writes the first COS data into the memory 121 .
  • the SE chip 12 After the SE chip 12 completes writing the first COS data to the memory 121, the SE chip 12 may send a first response to the host computer 11 according to the writing situation of the first COS data in the memory 121. A response is used to indicate whether the first COS data is successfully written in the memory 121 .
  • the host computer 11 may receive the first response and then continue to send subsequent commands to the SE chip. Specifically, after receiving the n-1th response corresponding to the n-1th command, the host computer 11 continues to send the nth command to the SE chip 12, where n is a positive integer greater than 1, and the n-1th command and the n commands all carry part of the COS program data. After the SE chip 12 receives the nth command, the SE chip 12 writes the nth COS data carried by the nth command into the memory 121. Then, the SE chip 12 can write the nth COS data in the memory 121 according to the nth COS data. In the case of writing, the nth response is sent to the host computer 11.
  • the SE chip 12 serially processes multiple commands sent by the host computer 11 according to the above-mentioned process of processing the first command. Until the last command sent by the host computer 11 is processed, the COS of the SE chip 12 Data download is completed.
  • the SE chip 12 serially processes multiple commands sent by the host computer 11, and in the process of processing each command, the SE chip 12 serially executes the reception of commands, writing of data to the memory, and The response is sent.
  • This technical solution will cause the COS data download time of the SE chip 12 to be longer, affecting the production efficiency of the SE chip on the production line and the user experience of the SE chip.
  • Figure 3 shows a schematic flow chart of a method 300 for downloading data provided by an embodiment of the present application.
  • the method 300 for downloading data can be applied to SE, for example, it can be applied to the SE chip 12 shown in Figure 1 and Figure 2 above.
  • the method 300 for downloading data includes the following steps.
  • S310 Receive the first download command, which carries the first data to be downloaded.
  • S320 Write the first data to be downloaded into the memory inside the SE.
  • S330 Send the first preset response during at least part of the time period when the first data to be downloaded is written into the memory.
  • the SE may receive a first download command carrying the first data to be downloaded, where the first download command may be sent by the host computer 11 in the embodiments shown in FIGS. 1 and 2 above.
  • First download command may be any download command sent by the host computer 11 .
  • the first download command may be the first download command sent by the host computer 11 .
  • the first data to be downloaded carried in the first download command includes but is not limited to COS data.
  • the first download command includes but is not limited to an Application Protocol Data Unit (APDU) command.
  • APDU Application Protocol Data Unit
  • the host computer 11 can further split the file into multiple APDU commands, and each APDU command carries part of the COS data.
  • the first download command may be one APDU command among multiple APDU commands, and the first data to be downloaded carried by it may be partial COS data.
  • the SE may include a communication interface, such as an SPI interface.
  • the first data to be downloaded carried by the first download command can be temporarily cached in its internal cache module.
  • the first data to be downloaded can be cached in the RAM inside the SE. middle.
  • the memory inside the SE may be the memory 121 shown in Figure 1 above, which may specifically be NVM to ensure reliable storage of downloaded data.
  • the memory inside the SE includes but is not limited to Flash, or the memory inside the SE may also include Flash and cache memory (such as RAM, etc.).
  • step S320 the processor inside the SE (for example, the processor 122 shown in FIG. 1 above) may be used to write the first to-be-downloaded data carried in the first download command to the memory inside the SE.
  • step S320 may be understood as the processor writing the first to-be-downloaded data cached in the RAM into the NVM memory.
  • step S320 can also be understood as the processor caching the first to-be-downloaded data received by the SE in RAM and writing the first to-be-downloaded data in the RAM into the NVM memory.
  • the process of writing data to be downloaded into the memory inside the SE in the following embodiments is also similar to step S320 and will not be described in detail below.
  • step S330 during at least part of the time period when the SE writes the first data to be downloaded into its internal memory, the SE sends the first preset response.
  • the SE may send the first preset response to the host computer.
  • the first preset response is a preset fixed message.
  • the first preset response is a response message indicating that writing data to the memory is successful.
  • the host computer can identify the first preset response and send subsequent download commands based on the first preset response.
  • the first preset response may be an APDU response.
  • the method 300 of the embodiment of the present application can be applied to the flash loader unit in the SE.
  • the flash download unit may include a flash download program.
  • the processor calls the flash download program to implement the method 300 provided in the embodiment of the present application.
  • the flash memory download program can be stored in Flash, or the flash memory download program can also be stored in other memories in the SE.
  • Figure 4 shows a schematic flow chart of another method 400 for downloading data provided by an embodiment of the present application.
  • the method 400 for downloading data further includes the following steps in addition to the above steps S310 to S330 .
  • the time period during which the SE receives the second download command at least partially coincides with the time period during which the first data to be downloaded is written into the memory, that is, steps S320 and S440 can be executed in parallel.
  • the SE does not need to wait for the completion of writing the first data to be downloaded to the memory and sending a response to the host computer indicating whether the execution of the written data is completed before it can receive the second download sent by the host computer. command, and the second download command can be received during at least part of the time period when the first data to be downloaded is written to the memory, thereby saving the processing time of the second download command by the SE and further saving the overall download of the data to be downloaded by the SE. time.
  • the production efficiency of SE and the user's experience of using SE can be further improved.
  • the method 400 of downloading data also includes the following: step.
  • S450 Send a second response, which is used to indicate whether writing the first data to be downloaded to the memory is executed successfully.
  • the SE writes the first data to be downloaded to its internal memory
  • information indicating whether the first data to be downloaded is successfully written to the memory may be sent to the superior as a second response. machine.
  • the second response corresponds to the second download command.
  • the second download command is an APDU command
  • the second response may be an APDU response.
  • the SE modifies the second response originally used to indicate whether the second download data is written successfully to indicate whether the first data to be downloaded is written successfully, while for the host computer,
  • the second response still indicates whether the second download data is written successfully, that is, based on the content in the second response, the host computer determines whether the second download data carried in the second download command sent by it is successfully written in the SE, so that Determine whether to perform subsequent actions. Therefore, the host computer can still use the method process of the related technology to send the download command and process the corresponding command, which will not affect the reception of the download command and the download of the data to be downloaded by the SE in the embodiment of the present application.
  • the host computer can still process the response messages according to the original processing flow in the related technology.
  • the specific processing process will not be described in detail here.
  • the method 400 for downloading data further includes the following steps.
  • the SE when the SE fails to write the first data to be downloaded to its internal memory, it can directly stop receiving subsequent download commands to avoid subsequent invalid command reception and data downloads that cause system resource damage. waste, thus improving the execution efficiency of data download in SE.
  • the overall production efficiency of the production line can be improved and the production capacity of SE can be improved.
  • the method 400 for downloading data further includes the following steps.
  • the SE may continue to receive the third download command carrying the third data to be downloaded.
  • the third download command may be the next command sent by the host computer after sending the second download command.
  • the third download command may be of the same type as the above first download command and the second download command.
  • step S471 the processing of the third download command and the subsequent processing of each piece of download data may be performed in a similar manner from steps S450 to S461 or steps S450 to S462.
  • steps S450 to S461 or steps S450 to S462. please refer to the detailed descriptions of the above embodiments, and will not be described in detail here.
  • Figure 5 shows a schematic flow chart of another method 500 for downloading data provided by an embodiment of the present application.
  • the method 500 for downloading data may further include the following steps in addition to the above steps S310 to S330 .
  • S540 During at least part of the time period when the i-th data to be downloaded is written into the memory, receive the i+1th download command.
  • the i+1th download command carries the i+1th data to be downloaded, where i is positive. integer.
  • S560 Send the i+1th response, which is used to indicate whether writing the ith data to be downloaded to the memory and the i+1th data to be downloaded are executed successfully.
  • the i-th data to be downloaded may be the data carried by the i-th download command received by the SE.
  • the i-th download command may be any download command received by the SE.
  • the i-th download command may be The first download command, the second download command, the third download command and any subsequent command in the above embodiment.
  • the SE can simultaneously receive the i+1th download command to save the SE for the i-th download command and the i+th download command. 1The overall processing time of the download command.
  • step S550 when the i+1th download command is the last download command, after the SE writes the i-th to-be-downloaded data carried by the i-th download command into its internal memory, the SE then writes Write the i+1th data to be downloaded carried by the i+1th download command.
  • step S560 after the SE writes the i+1th data to be downloaded carried by the i+1th download command into its internal memory, the i+1th data to be downloaded and the i+1th data to be downloaded are stored in the memory according to In the case of writing, the SE can send the i+1th response to the host computer.
  • the i+1th response is used to indicate whether writing the ith data to be downloaded to the memory and the i+1th data to be downloaded are executed successfully.
  • the (i+1)th response may be used to indicate whether the writing of the (i)th data to be downloaded and the (i+1)th data to be downloaded to the memory is executed successfully. Specifically, if any one of the i-th data to be downloaded and the i+1-th data to be downloaded fails to be written in the memory, the i+1-th response may be used to indicate writing the i-th data to be downloaded into the memory and The overall execution of the i+1th data to be downloaded failed.
  • the i+1-th response can be used to indicate that the i-th data to be downloaded and the i+1-th data to be downloaded are written to the memory.
  • the overall execution of the data to be downloaded was successful.
  • the i+1th response may also be used to respectively indicate whether writing the i-th data to be downloaded to the memory is successfully executed, and whether writing the i+1th data to be downloaded to the memory is executed successfully.
  • SE can process the last download command in a timely and convenient manner, and send the last two download commands to carry the execution status of data writing in the memory, ensuring the integrity and reliability of the entire data download. performance, thereby ensuring the overall performance of SE.
  • Figure 6 shows a schematic flow chart of another method 600 for downloading data provided by an embodiment of the present application.
  • the method 600 for downloading data further includes the following steps in addition to the above steps S310 to S330 .
  • S640 During at least part of the time period when the i-th data to be downloaded is written into the memory, receive the i+1th download command.
  • the i+1th download command carries the i+1th data to be downloaded, where i is positive. integer.
  • S660 Send the i+1th response, which is used to indicate whether writing the ith data to be downloaded to the memory and the i+1th data to be downloaded are executed successfully.
  • step S640 can be referred to step S540 in Figure 5 above, and will not be described in detail here.
  • step S650 when the i+1th download command is the last download command, SE can determine whether to write the i+1th data to be downloaded to the memory based on the writing situation of the ith data to be downloaded in the memory. . Specifically, when the writing of the i-th data to be downloaded in the memory fails, the i+1th data to be downloaded may not be written to the memory. On the contrary, when the i-th data to be downloaded is successfully written in the memory, Only then the i+1th data to be downloaded is written to the memory.
  • the i+1th response may be used to indicate whether writing the ith data to be downloaded and the entire i+1th data to be downloaded to the memory is successfully executed.
  • the i+1th response may also be used to respectively indicate whether the writing of the ith data to be downloaded to the memory is successfully executed, and whether the writing of the i+1th data to be downloaded to the memory is executed successfully.
  • Figure 7 shows a schematic flow chart of another method 700 for downloading data provided by an embodiment of the present application.
  • the host computer After receiving the first preset response, the host computer sends a second download command to the communication module. During the process of the operation module writing the first data to be downloaded into the memory, the communication module also receives the second download command synchronously.
  • the communication module may send a second response to the host computer indicating whether the first data to be downloaded is successfully written into the memory.
  • the operation module synchronously writes the second data to be downloaded into the memory.
  • the operation module can write the second data to be downloaded to the memory immediately after writing the first data to be downloaded to the memory, with only a small time difference or even no time difference between the two. Further, since it takes a long time for the operation module to write the second data to be downloaded to the memory, the time for the operation module to write the second data to be downloaded to the memory can be used.
  • the communication module After sending the second response, the communication module also receives The third download command sent by the host computer.
  • the communication module also receives the mth download command synchronously. After the operation module writes the m-1th data to be downloaded into the memory, the communication module may send the mth response to the host computer indicating whether the m-1th data to be downloaded is successfully written into the memory. When the m-1th data to be downloaded is successfully written into the memory, while the communication module sends the mth response to the host computer, the operation module synchronously writes the mth data to be downloaded into the memory.
  • the communication module can send an instruction to the host computer to indicate the mth
  • the m+1th response is whether the data to be downloaded and the m+1th data to be downloaded are successfully written into the memory.
  • S840 Receive the second download command to the j-th download command, where the second download command carries the second data to be downloaded, the j-th download command carries the j-th data to be downloaded, and j is a positive integer greater than 1.
  • S860 Send the second preset response to the jth preset response during at least part of the time period when the second to-be-downloaded data to the j-th to-be-downloaded data are sequentially written into the memory.
  • step S850 after receiving the second download command to the j-th download command, the SE may sequentially write the second data to be downloaded to the j-th data to be downloaded into its internal memory.
  • step S860 the SE sends the second preset response to the jth preset response during at least part of the time period when the second to-be-downloaded data to the j-th to-be-downloaded data are sequentially written into its internal memory.
  • the SE after receiving the second download command sent by the upper computer, the SE sends a second preset response to the upper computer. After receiving the second preset response, the host computer sends a third download command to the SE.
  • the SE may receive the second download command to the j-th download command, and after receiving each download command, send its corresponding preset response.
  • the SE can send the second to the j-th preset response to the host computer.
  • the SE's processing time for the second download command to the j-th download command can be saved, that is, the SE's overall download time for the second to-be-downloaded data to the j-th data to be downloaded can be saved.
  • Figure 9 shows a schematic flow chart of another method 900 for downloading data provided by an embodiment of the present application.
  • the method 900 for downloading data further includes the following steps in addition to the above steps S310 to S330 .
  • S950 Write the second to-be-downloaded data to the x-th data to be downloaded sequentially into the memory, where the x-th data to be downloaded is the data that failed to be written into the memory, and x is a positive integer greater than 1 and less than or equal to j.
  • step S940 reference may be made to the relevant description of step S840 in Figure 8 above, which will not be described again here.
  • step S950 after receiving the second download command to the j-th download command, SE sequentially writes the to-be-downloaded data carried by the at least one download command into its internal memory. While downloading data, write execution failed. In this case, the SE no longer writes the data carried by the subsequent download command to the memory, thereby avoiding the waste of system resources caused by the writing of subsequent data.
  • step S960 the SE sends the second preset response to the jth preset response during at least part of the time period when the second to-be-downloaded data to the x-th to-be-downloaded data are sequentially written into its internal memory.
  • the SE after receiving the second download command sent by the upper computer, the SE sends a second preset response to the upper computer. After receiving the second preset response, the host computer sends a third download command to the SE.
  • the SE may receive the second download command to the j-th download command, and after receiving each download command, send its corresponding preset response.
  • the SE While the SE performs the above-mentioned data communication with the host computer, the SE also sequentially writes the second data to be downloaded to the xth data to be downloaded to its internal memory. That is to say, in the technical solution implemented in this application, the SE can be used to sequentially write the second data to be downloaded to at least part of the time period of the xth data to be downloaded into its internal memory, and send the second preset response to the host computer to the jth data. Canned response. Through this technical solution, it can not only save the processing time of the second download command to the jth download command in SE, but also avoid the waste of system resources and improve the execution efficiency of data download in SE.
  • the method 900 for downloading data may also include the following steps.
  • S980 Send the j+1th response, which is used to indicate whether writing the first data to be downloaded to the j+1th data to be downloaded in the memory is executed successfully.
  • the SE can be used to sequentially write the second to-be-downloaded data to at least part of the x-th data to be downloaded into its internal memory, and receive the j+1th download command sent by the host computer, thereby reducing the The overall processing time for the j+1th download command.
  • the j+1 download command is the next command after the jth download command sent by the host computer.
  • the SE may send the j+1th response to the host computer.
  • the j+1th response may be used to instruct the memory to write the first to-be-downloaded data to the j+th 1. Whether the entire data to be downloaded is executed successfully. Specifically, if any one of the first data to be downloaded to the j+1th data to be downloaded fails to be written into the memory, the j+1th response is used to instruct the writing of the first data to be downloaded into the memory. The overall execution of downloading data to the j+1th data to be downloaded failed.
  • steps S870 to S890 may also be further included.
  • steps S870 to S890 please refer to the related description of steps S970 to S990 in the embodiment of FIG. 9 , not to go into too much detail here.
  • the SE includes a communication module and an operation module.
  • the communication module and the operation module can work in parallel.
  • the communication module is used to realize data communication with the host computer, and the operation module is used to realize data communication with the host computer. To write data to the memory.
  • the operation module writes the first data to be downloaded into the memory.
  • the communication module synchronously sends the first preset response to the host computer.
  • the host computer After receiving the first preset response, the host computer sends a second download command to the communication module. During the process of the operation module writing the first data to be downloaded into the memory, the communication module also receives the second download command synchronously.
  • the communication module After the communication module receives the second download command, the communication module sends a second preset response to the host computer.
  • the operation module can synchronously write the first data to be downloaded to the memory, or write the second data to be downloaded to the memory.
  • the communication module also receives the m+1-th download command. After the operation module writes the first data to be downloaded to the m-th data to be downloaded into the memory, the operation module continues to write the m+1-th data to be downloaded into the memory. And after the operation module writes the m+1th data to be downloaded into the memory, the communication module sends the m+1th data to the host computer to indicate whether the first data to be downloaded to the m+1th data to be downloaded are successfully written into the memory. response.
  • the first data to be downloaded can be first written to the cache memory of the secure element, and then the first preset response can be sent, and then the cached first data to be downloaded can be Write to Flash memory.
  • the device 1100 for downloading data includes: a communication module 1110 and an operation module 1120.
  • the communication module 1110 is configured to receive a first download command, which carries the first data to be downloaded.
  • the operation module 1120 is used to write the first data to be downloaded into the memory inside the SE.
  • the communication module 1110 is also used to send a first preset response.
  • the communication module 1110 is also used to receive a second download command, and the second download command carries the second data to be downloaded. Download data.
  • the communication module 1110 after the communication module 1110 receives the second download command and the operation module 1120 writes the first data to be downloaded to the memory, the communication module 1110 is also used to: send a second response, the second response is used to Indicate: whether the operation module 1120 writes the first data to be downloaded to the memory successfully.
  • the operation module 1120 when the operation module 1120 writes the first data to be downloaded to the memory successfully, the operation module 1120 is also configured to write the first data to the memory while the communication module 1110 sends the second response. The second data is to be downloaded.
  • the operation module 1120 when the operation module 1120 fails to write the first data to be downloaded into the memory, the operation module 1120 is also configured to: determine that the execution of the download data fails, and stop receiving subsequent download commands.
  • the communication module 1110 is also used to: receive the i-th data to be downloaded. +1 download command, the i+1th download command carries the i+1th data to be downloaded, where i is a positive integer; when the i+1th download command is the last download command, the operation module 1120 also uses In: writing the i+1th data to be downloaded into the memory; the communication module 1110 is also used to: send the i+1th response, and the i+1th response is used to instruct: the operation module 1120 writes the ith data to be downloaded into the memory. And whether the i+1th data to be downloaded is executed successfully.
  • the communication module 1110 after the communication module 1110 sends the first preset response, and during at least part of the time period when the operation module 1120 writes the i-th data to be downloaded into the memory, the communication module 1110 is also used to: receive the i-th data to be downloaded.
  • the communication module 1110 is further configured to: receive the second download command to the j-th download command, wherein the second download command carries the second download command to be processed.
  • Download data the jth download command carries the jth data to be downloaded, j is a positive integer greater than 1;
  • the operation module 1120 is also used to: sequentially write the second data to be downloaded to the jth data to be downloaded to the memory; in the operation module 1120.
  • the communication module 1110 is also used to: send the second preset response to the j-th preset response.
  • the communication module 1110 after the communication module 1110 sends the second preset response to the j-th preset response, at least part of the time when the operation module 1120 sequentially writes the second data to be downloaded to the x-th data to be downloaded into the memory.
  • the communication module 1110 is also used to: receive the j+1th download command, which carries the j+1th data to be downloaded; the communication module 1110 is also used to: send the j+1th response, the jth The +1 response is used to indicate whether writing the first data to be downloaded to the j+1th data to be downloaded in the memory is executed successfully.
  • the device 1100 for downloading data is a flash memory download unit in the SE, and the memory is a flash memory in the SE.
  • the flash download unit may include a flash download program, where the flash download program may be stored in Flash, or the flash download program may also be stored in other memories in the SE.
  • the embodiment of the present application also provides a device 1200 for downloading data, including: a memory 1210 and a processor 1220; the memory 1210 is used to store a computer program, and the processor 1220 is used to call the computer program.
  • the device 1200 for downloading data executes the method for downloading data in any of the above embodiments.
  • An embodiment of the present application also provides a computer program product containing instructions, which when executed by a computer causes the computer to perform the method for downloading data in any of the above embodiments.
  • Figure 13 shows a schematic structural block diagram of a security element 1300 provided by an embodiment of the present application.
  • the secure element 1300 may include the above-mentioned device 1100 for downloading data or the device 1200 for downloading data.
  • the secure element 1300 may be a secure element chip.
  • the secure element 1300 may further include an encryption/decryption module for protecting relevant data in the secure element 1300 .
  • the size of the sequence numbers of each process does not mean the order of execution.
  • the execution order of each process should be determined by its functions and internal logic, and should not be used in the embodiments of the present application.
  • the implementation process constitutes any limitation.
  • the processor or processing unit in the embodiment of the present application may be an integrated circuit chip with signal processing capabilities.
  • each step of the above method embodiment can be completed through an integrated logic circuit of hardware in the processor or instructions in the form of software.
  • the steps of the method disclosed in conjunction with the embodiments of the present application can be directly implemented by a hardware decoding processor, or executed by a combination of hardware and software modules in the decoding processor.
  • the software module can be located in random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers and other mature storage media in this field.
  • the storage medium is located in the memory, and the processor reads the information in the memory and completes the steps of the above method in combination with its hardware.
  • the memory or storage unit in the embodiment of the present application may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memories.
  • the functions are implemented in the form of software functional units and sold or used as independent products, they can be stored in a computer-readable storage medium.
  • the technical solution of the present application is essentially or the part that contributes to the existing technology or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in various embodiments of this application.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM), random access memory (RAM), magnetic disk or optical disk and other various media that can store program codes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Stored Programmes (AREA)
  • Retry When Errors Occur (AREA)

Abstract

本申请提供一种下载数据的方法、装置和安全元件,能够降低该安全元件中数据的下载处理时间,从而提高安全元件的生产效率以及用户使用体验。该下载数据的方法应用于安全元件SE,包括:接收第一下载命令,第一下载命令中携带有第一待下载数据;向SE内部的存储器写入第一待下载数据;在向存储器写入第一待下载数据的至少部分时间段内,发送第一预设响应。在该技术方案中,SE不需要等待向存储器写入第一待下载数据执行完成之后,再根据执行结果发送响应,而是在向存储器中写入第一待下载数据的过程中,直接发送预设的第一预设响应,从而节省SE对第一下载命令以及携带的第一待下载数据的下载处理时间,以提高SE的生产效率以及用户对SE的使用体验。

Description

下载数据的方法、装置和安全元件
本申请要求2022年6月13日提交中国专利局、申请号为202210660260.6、发明名称为“下载数据的方法、装置和安全元件”的中国发明申请的优先权,其全部内容通过应用结合在本申请中。
技术领域
本申请涉及信息安全技术领域,并且更为具体地,涉及一种下载数据的方法、装置和安全元件。
背景技术
在信息安全领域,安全元件(Secure element,SE)能够提供私密信息的安全存储、重要程序的安全执行等功能。具体地,该SE在物理上具有独立结构,且具有独立的片内操作系统(Card operation system,COS),该SE能够通过安全协议与外部通讯,来实现数据安全存储、加解密运算等应用功能。
对于不同的应用领域,SE中需下载不同的程序数据以满足不同的使用要求,因此,在实际工业生产过程以及用户实际使用中,如何降低该SE中数据的下载处理时间,从而提高SE的生产效率以及用户使用体验,是一项亟待解决的技术问题。
发明内容
本申请提供一种下载数据的方法、装置和安全元件,能够降低该安全元件中数据的下载处理时间,从而提高安全元件的生产效率以及用户使用体验。
第一方面,提供一种下载数据的方法,应用于安全元件SE,该方法包括:接收第一下载命令,第一下载命令中携带有第一待下载数据;向SE内部的存储器写入第一待下载数据;在向存储器写入第一待下载数据的至少部分时间段内,发送第一预设响应。
在本申请实施例的技术方案中,SE不需要等待向存储器写入第一待下载数据执行完成之后,再根据执行结果发送响应,而是在向存储器中写入第一待下载数据的过程中,直接发送预设的第一预设响应,从而节省SE对第一下载命令以及携带的第一待下载数据的下载处理时间,以提高SE的生产效率以及用户对SE的使用体验。
在一些可能的实施方式中,在发送第一预设响应之后,该方法还包括:在向存储器写入第一待下载数据的至少部分时间段内,接收第二下载命令,第二下载命令中携带有第二待下载数据。
在该实施方式的技术方案中,SE不需要等待向存储器写入第一待下载数据执行完成且向上位机发送用于指示该写入数据是否执行完成的响应之后,才能接收上位机发送的第二下载命令,而可以在向存储器写入第一待下载数据的至少部分时间段内,即接收第二下载命令,从而节省SE对第二下载命令的处理时间,以进一步节省SE对待下载数据的整体下载时间。通过本申请实施例的技术方案,可以进一步提高SE的生产效率以及用户对SE的使用体验。
在一些可能的实施方式中,在接收第二下载命令且向存储器写入第一待下载数据之后,该方法还包括:发送第二响应,第二响应用于指示:向存储器写入第一待下载数据是否执行成功。
在该实施方式的技术方案中,该第二响应为根据第一待下载数据在存储器中的写入情况生成的真实报文。将该第二响应实时发送给上位机,可以便于上位机准确的且较为及时的掌握SE中当前数据的下载情况,且根据该真实的第二响应执行后续操作,以提升SE中数据下载的效率,并保证SE的整体性能。
在一些可能的实施方式中,在向存储器中写入第一待下载数据执行成功的情况下,该方法还包括:在发送第二响应的同时,向存储器写入第二待下载数据。
在该实施方式的技术方案中,SE可利用发送第二响应的时间同步向存储器写入第二待下载数据,从而节省SE对第二待下载数据的下载时间。通过本申请实施例的技术方案,可以进一步提高SE的生产效率以及用户对SE的使用体验。
在一些可能的实施方式中,在发送第二响应之后,该方法还包括:在向存储器写入第二待下载数据的至少部分时间段内,接收第三下载命令,第三下载命令中携带有第三待下载数据。
在一些可能的实施方式中,在向存储器中写入第一待下载数据执行失败的情况下,该方法还包括:确定下载数据执行失败,停止接收后续下载命令。
通过该实施方式的技术方案,SE在向其内部的存储器写入第一待下载数据执行失败的情况下,可直接停止接收后续的下载命令,避免后续无效的命令接收以及数据下载造成系统资源的浪费,从而提升SE中数据下载的执行效率。特别是在产线生产过程中,通过该实施方式的技术方案,可以提升产线整体的生产效率,提升SE的生产产能。
在一些可能的实施方式中,在发送第一预设响应之后,该方法还包括:在向存储器写入第i待下载数据的至少部分时间段内,接收第i+1下载命令,第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数;在第i+1下载命令为最后一条下载命令的情况下,向存储器写入第i+1待下载数据;发送第i+1响应,第i+1响应用于指示:向存储器写入第i待下载数据以及第i+1待下载数据是否执行成功。
通过该实施方式的技术方案,SE可较为及时且便捷的对最后一条下载命令进行处理,且发送最后两条下载命令携带数据在存储器中的写入执行情况,保证整个数据下载的完整性和可靠性,从而保证SE的整体性能。
在一些可能的实施方式中,在发送第一预设响应之后,该方法还包括:在向存储器写入第i待下载数据的至少部分时间段内,接收第i+1下载命令,第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数;在第i+1下载命令为最后一条下载命令的情况下,根据向存储器写入第i待下载数据是否执行成功,判断是否向存储器写入第i+1待下载数据;发送第i+1响应,第i+1响应用于指示:向存储器写入第i待下载数据以及第i+1待下载数据是否执行成功。
通过该实施方式的技术方案,在第i待下载数据在存储器中写入失败的情况下,SE可以不执行后续向存储器中写入第i+1待下载数据的过程,从而避免系统资源的浪费,提升SE中数据下载的执行效率。与此同时,SE可发送最后两条下载命令携带数据在存储器中的写入执行情况,保证整个数据下载的完整性和可靠性,从而保证SE的整体性能。
在一些可能的实施方式中,在发送第一预设响应之后,该方法还包括:接收第二下 载命令至第j下载命令,其中,第二下载命令中携带有第二待下载数据,第j下载命令携带有第j待下载数据,j为大于1的正整数;向存储器依次写入第二待下载数据至第j待下载数据;在向存储器依次写入第二待下载数据至第j待下载数据的至少部分时间段内,发送第二预设响应至第j预设响应。
在该实施方式的技术方案中,可利用SE向其内部的存储器依次写入第二待下载数据至第j待下载数据的至少部分时间段,向上位机发送第二预设响应至第j预设响应。通过该技术方案,可以节省SE对第二下载命令至第j下载命令的处理时间,即节省SE对第二待下载数据至第j待下载数据的整体下载处理时间。
在一些可能的实施方式中,在发送第一预设响应之后,该方法还包括:接收第二下载命令至第j下载命令,其中,第二下载命令中携带有第二待下载数据,第j下载命令携带有第j待下载数据,j为大于1的正整数;向存储器依次写入第二待下载数据至第x待下载数据,其中,第x待下载数据为向存储器写入失败的数据,x为大于1,且小于或等于j的正整数;在向存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段内,发送第二预设响应至第j预设响应。
在该实施方式的技术方案中,可利用SE向其内部的存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段,向上位机发送第二预设响应至第j预设响应,其中,第x待下载数据为向存储器写入失败的数据。通过该技术方案,不仅可以节省SE对第二下载命令至第j下载命令的处理时间,还可以避免对系统资源的浪费,提升SE中数据下载的执行效率。
在一些可能的实施方式中,在发送第二预设响应至第j预设响应之后,该方法还包括:在向存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段内,接收第j+1下载命令,第j+1下载命令携带有第j+1待下载数据;发送第j+1响应,第j+1响应用于指示:向存储器中写入第一待下载数据至第j+1待下载数据是否执行成功。
通过该实施方式的技术方案,SE可以通过第j+1响应向上位机指示向存储器中写入第一待下载数据至第j+1待下载数据是否执行成功,从而使得上位机能够准确获知第一待下载数据至第j+1待下载数据在SE中较为准确的下载情况,便于上位机根据该较为准确的下载情况执行后续动作。
在一些可能的实施方式中,第一下载命令为应用协议数据单元APDU命令;和/或,第一待下载数据为片内操作系统COS数据。
在一些可能的实施方式中,该方法应用于SE中的闪存下载单元,存储器为SE中的闪存。
第二方面,提供一种下载数据的装置,设置于安全元件SE,该装置包括:通讯模块,用于接收第一下载命令,第一下载命令中携带有第一待下载数据;操作模块,用于向SE内部的存储器写入第一待下载数据;在操作模块向存储器写入第一待下载数据的至少部分时间段内,通讯模块还用于发送第一预设响应。
第三方面,提供一种下载数据的装置,包括:处理器和存储器,该存储器用于存储程序,处理器用于从存储器中调用并运行程序以执行上述第一方面或第一方面中任一可能的实施方式中的下载数据的方法。
第四方面,提供一种安全元件,包括:第二方面或第三方面中的下载数据的装置。
附图说明
图1为本申请实施例提供的一种上位机与SE芯片的交互结构示意图。
图2为本申请实施例提供的一种上位机与SE芯片之间的交互流程示意图。
图3为本申请实施例提供的一种下载数据的方法的示意性流程框图。
图4为本申请实施例提供的另一下载数据的方法的示意性流程框图。
图5为本申请实施例提供的另一下载数据的方法的示意性流程框图。
图6为本申请实施例提供的另一下载数据的方法的示意性流程框图。
图7为本申请实施例提供的另一下载数据的方法的示意性流程框图。
图8为本申请实施例提供的另一下载数据的方法的示意性流程框图。
图9为本申请实施例提供的另一下载数据的方法的示意性流程框图。
图10为本申请实施例提供的另一下载数据的方法的示意性流程框图。
图11为本申请实施例提供的一种下载数据的装置的示意性结构框图。
图12为本申请实施例提供的另一下载数据的装置的示意性结构框图。
图13为本申请实施例提供的一种安全元件的示意性结构框图。
具体实施方式
下面将结合附图,对本申请实施例中的技术方案进行描述。
本申请实施例的技术方案涉及安全元件(SE),该SE通常以芯片形式提供。为防止外部恶意解析攻击,保护数据安全,在芯片中具有加密/解密逻辑电路。
在一些实现方式中,该SE芯片的内部组件包含有:处理器、存储器、加密引擎电路、传感器等元件。外在表现上,该SE芯片可以集成于在物理上独立的卡片或者集成于电子设备的内部。例如,该SE芯片可以集成于通用集成电路卡(Universal Integrated Circuit Card,UICC)或者安全数码记忆卡(Secure Digital Memory Card),又或者,该SE芯片可以为嵌入式安全单元(embedded Secure Element,eSE)芯片,由电子设备制造厂商在设备出厂前集成于设备内部。该SE芯片已经非常广泛的应用于各类电子设备,例如手机等用户终端设备,能够为用户提供可靠且安全的数据存储。
在SE芯片中,一般配置有独立的片内操作系统(COS)。根据不同的行业应用以及规范,该SE芯片中可配置形成不同类型的COS,以满足不同应用场景的需求。作为示例而非限定,该COS可烧写存储于SE芯片中的非易失性存储器(Non-Volatile Memory,NVM),以保证该COS在SE芯片中的可靠运行。
在SE芯片的生产制造过程中,或者,在SE芯片位于用户终端的实际使用过程中,上位机(例如,产线机台或者读卡器等)可将COS程序数据发送至SE芯片,以使得SE芯片将该COS程序数据烧写至其内部的存储器中,以完成SE芯片中COS程序数据的下载。
图1示出了一种上位机与SE芯片的交互结构示意图。
如图1所示,上位机11可与SE芯片12相互连接,以实现二者的数据通信。可选地,该上位机11可与SE芯片12通过实体走线连接,或者,该上位机11也可与SE芯片12 通过网络连接。作为示例而非限定,SE芯片12可通过串行外设接口(Serial Peripheral Interface,SPI)等通讯接口以及相应的通信走线连接于上位机11。可选地,该上位机11包括但不限于是产线机台或者读卡器等。
在SE芯片12中设置有存储器121,存储器121可以包括易失性存储器和/或非易失性存储器。其中,该非易失性存储器可以是只读存储器(Read Only Memory,ROM)、可编程只读存储器(Programmable ROM,PROM)、可擦除可编程只读存储器(Erasable PROM,EPROM)、电可擦除可编程只读存储器(Electrically EPROM,EEPROM)或闪存(Flash)。该易失性存储器可以为随机存取存储器(Random Access Memory,RAM)等,该RAM具有较快的读写速度,可用作外部高速缓存。
另外,SE芯片12中还设置有处理器122,该处理器122可以是通用处理器、中央处理器(Central Processing Unit,CPU)、数字信号处理器(Digital Signal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现成可编程门阵列(Field Programmable Gate Array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。
具体地,存储器121中可存储有计算机程序代码,处理器122可调用该计算机程序代码,以执行SE芯片12的相关操作。
在一些实施方式中,存储器121可包括Flash。SE芯片12通过通信协议,例如SPI协议从上位机11中接收COS程序数据,处理器122用于将该COS程序数据写入至Flash中。可选地,SE芯片12通过SPI协议从上位机11中获取COS程序数据后,该COS程序数据可缓存于RAM中,然后,处理器122可用于将RAM中缓存的COS数据写入至Flash。
可选地,在该实施方式下,Flash中可存储有闪存下载(Flash loader)程序,处理器122可调用该Flash loader程序以执行:从上位机11中接收COS程序数据,且将该COS程序数据写入至Flash的数据存储空间中。
在一般情况下,经过上位机编译的COS程序数据的大小为几百个千字节(Kilobyte,KB),在该情况下,上位机11可将该COS程序数据拆分为多个命令,依次向SE芯片12发送。该SE芯片12接收该多个命令后,将每个命令携带的COS程序数据依次烧写至存储器121中,以完成SE芯片12中COS程序数据的下载。
图2示出了一种上位机11与SE芯片12之间的交互流程示意图。
如图2所示,在本申请实施例中,在SE芯片下载上位机11传输的COS程序数据的过程中,上位机11首先向SE芯片12发送第一命令,该第一命令可携带有部分COS程序数据,即第一COS数据。在SE芯片12接收该第一命令之后,SE芯片12执行向存储器121中写入该第一COS数据。在SE芯片12在向存储器121中写入第一COS数据执行完成之后,该SE芯片12可根据该第一COS数据在存储器121中的写入情况,向上位机11发送第一响应,该第一响应用于指示该第一COS数据在存储器121中是否写入成功。
进一步地,上位机11可接收该第一响应,然后继续向SE芯片发送后续命令。具体地,上位机11在接收第n-1命令对应的第n-1响应之后,继续向SE芯片12发送第n命令,其中,n为大于1的正整数,该第n-1命令以及第n命令均携带有部分COS程序数据。在SE芯片12接收该第n命令之后,SE芯片12执行向存储器121中写入该第n命 令携带的第n COS数据,然后,该SE芯片12可根据该第n COS数据在存储器121中的写入情况,向上位机11发送第n响应。
以此类推,SE芯片12按照上述处理第一命令的过程,对上位机11发送的多个命令依次串行处理,直至将上位机11发送的最后一条命令处理完成后,该SE芯片12的COS数据下载完成。
在该技术方案中,SE芯片12依次串行处理上位机11发送的多个命令,且在处理每一个命令的过程中,SE芯片12串行执行命令的接收,向存储器中数据的写入以及响应的发送。该技术方案会造成SE芯片12的COS数据下载时间较长,影响产线上SE芯片的生产效率以及用户对于该SE芯片的使用体验。
鉴于此,本申请实施例提供一种应用于SE(例如,上文所述的SE芯片)的下载数据的方法,能够降低该SE中数据的下载处理时间,提升产线上SE的生产效率以及用户对该SE的使用体验。
图3示出了本申请实施例提供的一种下载数据的方法300的示意性流程框图。在本申请实施例中,该下载数据的方法300可应用于SE,例如,其可应用于上文图1和图2所示的SE芯片12。
如图3所示,该下载数据的方法300包括以下步骤。
S310:接收第一下载命令,该第一下载命令中携带有第一待下载数据。
S320:向SE内部的存储器写入该第一待下载数据。
S330:在向存储器写入第一待下载数据的至少部分时间段内,发送第一预设响应。
具体地,在步骤S310中,SE可接收携带有第一待下载数据的第一下载命令,其中,该第一下载命令可以为上文图1和图2所示实施例中上位机11发送的第一下载命令。可选地,该第一下载命令可以为上位机11发送的任意一条下载命令,例如,该第一下载命令可以为该上位机11发送的第一条下载命令。
在一些实施方式中,该第一下载命令中携带的第一待下载数据包括但不限于是COS数据。该第一下载命令包括但不限于是应用协议数据单元(Application Protocol Data Unit,APDU)命令。具体地,上位机11将待写入SE中完整的COS数据编译为文件后,上位机11可进一步将该文件拆分为多个APDU命令,每个APDU命令中携带有部分的COS数据。该第一下载命令可以为多个APDU命令中的其中一个APDU命令,其携带的第一待下载数据可以为部分COS数据。
在该实施方式中,APDU命令为专用于智能卡领域中主机端与智能卡之间的信息命令,其能够兼容适用于大部分的SE产品。另外,COS数据作为SE中必不可少的程序数据,降低该COS数据在SE中的下载时间,能够有效提升SE的生产效率,且提升用户对于SE的使用体验。
可选地,在一些实施方式中,SE可包括通讯接口,例如SPI接口等。SE通过该通讯接口接收第一下载命令后,可将该第一下载命令携带的第一待下载数据暂时缓存于其内部的缓存模块,例如,该第一待下载数据可缓存于SE内部的RAM中。
在步骤S320中,该SE内部的存储器可以为上文图1所示的存储器121,其具体可以为NVM,以保证下载数据的可靠存储。例如,该SE内部的存储器包括但不限于是Flash,或者,该SE内部的存储器还可以包括Flash以及缓存存储器(例如RAM等)。
具体地,在步骤S320中,SE内部的处理器(例如,上文图1中所示的处理器122) 可用于执行向SE内部的存储器写入第一下载命令中携带的第一待下载数据。作为示例,在SE接收的第一待下载数据缓存于RAM的情况下,步骤S320可理解为处理器将缓存于该RAM中的第一待下载数据写入NVM存储器。作为另一示例,步骤S320也可理解为处理器将SE接收的第一待下载数据缓存于RAM且将该RAM中的第一待下载数据写入NVM存储器。类似地,下文实施例中向SE内部的存储器写入待下载数据的过程也与该步骤S320类似,下文不再具体赘述。
在步骤S330中,SE在向其内部的存储器写入第一待下载数据的至少部分时间段内,SE发送第一预设响应。具体地,SE在向其内部的存储器写入第一待下载数据的至少部分时间段内,该SE可向上位机发送该第一预设响应。其中,该第一预设响应为预设的固定报文,例如,该第一预设响应为指示向存储器写入数据成功的响应报文。上位机可以识别该第一预设响应,且根据该第一预设响应发送后续的下载命令。
可选地,对应于第一下载命令,在该第一下载命令为APDU命令时,该第一预设响应可以为APDU响应。
在本申请实施例中,SE发送第一预设响应的时间段与向存储器中写入第一待下载数据的时间段至少部分重合,即步骤S320和步骤S330可并行执行。因此,在本申请实施例中,SE不需要等待向存储器写入第一待下载数据执行完成之后,再根据执行结果发送响应,而是在向存储器中写入第一待下载数据的过程中,直接发送预设的第一预设响应,从而节省SE对第一下载命令以及携带的第一待下载数据的下载处理时间。通过本申请实施例的技术方案,可以提高SE的生产效率以及用户对SE的使用体验。
可选地,在存储器为Flash的情况下,本申请实施例的方法300可以应用于SE中的闪存下载(Flash loader)单元。该闪存下载单元可包括闪存下载程序,具体地,处理器调用该闪存下载程序,以实现本申请实施例所提供的方法300。作为示例而非限定,该闪存下载程序可存储于Flash中,或者,该闪存下载程序也可存储于SE中的其它存储器中。
具体地,在步骤S310和步骤S330中,处理器可通过调用闪存下载程序,通过通讯接口接收第一下载命令以及发送第一预设响应。在步骤S320中,处理器可通过调用闪存下载程序,将第一下载命令中携带的第一待下载数据写入至存储器中。其中,该步骤S320和步骤S330可同步执行。
图4示出了本申请实施例提供的另一下载数据的方法400的示意性流程框图。
如图4所示,该下载数据的方法400在包括上述步骤S310至步骤S330的基础上,还进一步包括以下步骤。
S440:在向存储器写入第一待下载数据的至少部分时间段内,接收第二下载命令,该第二下载命令中携带有第二待下载数据。
具体地,在本步骤中,在接收携带有第一待下载数据的第一下载命令之后,SE可接收携带有第二待下载数据的第二下载命令。可选地,该第二下载命令可以为上位机在发送第一下载命令之后发送的下一条命令,该第二下载命令可以与上文第一下载命令的类型相同。例如,该第二下载命令以及后续下载命令可以均为APDU命令。该第二下载命令以及后续下载命令携带的待下载数据均可以为COS数据。
在本申请实施例的技术方案中,SE接收第二下载命令的时间段与向存储器中写入第一待下载数据的时间段至少部分重合,即步骤S320和步骤S440可并行执行。在本申请实施例中,SE不需要等待向存储器写入第一待下载数据执行完成且向上位机发送用于指 示该写入数据是否执行完成的响应之后,才能接收上位机发送的第二下载命令,而可以在向存储器写入第一待下载数据的至少部分时间段内,即接收第二下载命令,从而节省SE对第二下载命令的处理时间,以进一步节省SE对待下载数据的整体下载时间。通过本申请实施例的技术方案,可以进一步提高SE的生产效率以及用户对SE的使用体验。
可选地,如图4所示,在本申请实施例中,在步骤S440之后,即在接收第二下载命令且向存储器写入第一待下载数据之后,该下载数据的方法400还包括以下步骤。
S450:发送第二响应,该第二响应用于指示:向存储器写入第一待下载数据是否执行成功。
具体地,在本步骤中,在SE向其内部的存储器写入第一待下载数据之后,可以将用于指示该第一待下载数据是否向存储器写入成功的信息作为第二响应发送给上位机。该第二响应对应于第二下载命令,在第二下载命令为APDU命令时,该第二响应可以为APDU响应。
具体地,区别于上述第一预设响应,在本申请实施例中,该第二响应为根据第一待下载数据在存储器中的写入情况生成的真实报文。将该第二响应实时发送给上位机,可以便于上位机准确的且较为及时的掌握SE中当前数据的下载情况,且根据该真实的第二响应执行后续操作,以提升SE中数据下载的效率,并保证SE的整体性能。
需要说明的是,对于SE而言,其将原本用于指示第二下载数据是否写入成功的第二响应修改为用于指示第一待下载数据是否写入成功,而对于上位机而言,该第二响应仍然指示第二下载数据是否写入成功,即上位机基于第二响应中的内容,判断其发送的第二下载命令中携带的第二下载数据是否在SE中写入成功,从而判断是否执行后续动作。因此,上位机仍然可以采用相关技术的方法流程执行下载命令的发送以及相应命令的处理,不会影响本申请实施例中SE对于下载命令的接收以及待下载数据的下载。类似地,在下文实施例中,对于SE发送的其它响应报文,上位机仍可按照相关技术中的原始处理流程对该响应报文进行处理,具体处理过程此处不做过多赘述。可选地,继续参见图4,该下载数据的方法400还包括以下步骤。
S461:在向存储器中写入第一待下载数据执行成功的情况下,在发送第二响应的同时,向存储器写入第二待下载数据。
S462:在向存储器中写入第一待下载数据执行失败的情况下,确定下载数据执行失败,停止接收后续下载命令。
具体地,在步骤S461中,SE在向其内部的存储器写入第一待下载数据执行成功的情况下,第一待下载数据能够准确且完整的存储于存储器中,且可继续向存储器写入后续数据。SE可在发送第二响应的同时,向存储器同步写入第二待下载数据。
在该实施方式中,SE在发送第二响应的同时,向存储器中写入第二待下载数据,即步骤S450和步骤S461可并行执行。在该实施方式的技术方案中,SE可利用发送第二响应的时间同步向存储器写入第二待下载数据,从而节省SE对第二待下载数据的下载时间。通过本申请实施例的技术方案,可以进一步提高SE的生产效率以及用户对SE的使用体验。
在步骤S462中,SE在向其内部的存储器写入第一待下载数据执行失败的情况下,第一待下载数据未能准确且完整的存储于存储器中,该第一待下载数据下载失败。在本申请实施例中,只要任一待下载数据下载失败,则会影响全部数据的下载结果,造成数 据整体下载失败。因此,在第一待下载数据下载失败的情况下,可直接确定整体的下载数据失败,SE可停止接收后续下载命令,结束当前的数据下载流程。
可选地,在一些实施方式中,在SE在向其内部的存储器写入第一待下载数据执行失败的情况下,SE向上位机发送的第二响应可用于指示该第一待下载数据执行失败,上位机可根据该第二响应,停止向SE发送后续下载命令,从而使得SE停止接收后续下载命令,结束当前的数据下载流程。
或者,在另一些实施方式中,在SE在向其内部的存储器写入第一待下载数据执行失败的情况下,SE可主动控制其内部的通讯模块停止接收后续下载命令,以结束当前的数据下载流程。
通过该实施方式的技术方案,SE在向其内部的存储器写入第一待下载数据执行失败的情况下,可直接停止接收后续的下载命令,避免后续无效的命令接收以及数据下载造成系统资源的浪费,从而提升SE中数据下载的执行效率。特别是在产线生产过程中,通过该实施方式的技术方案,可以提升产线整体的生产效率,提升SE的生产产能。
继续参见图4,在向存储器中写入第一待下载数据执行成功的情况下,该下载数据的方法400还包括以下步骤。
S471:在向存储器写入第二待下载数据的至少部分时间段内,接收第三下载命令,该第三下载命令中携带有第三待下载数据。
与上文步骤S440类似,在本步骤中,在接收携带有第二待下载数据的第二下载命令之后,SE可继续接收携带有第三待下载数据的第三下载命令。可选地,该第三下载命令可以为上位机在发送第二下载命令之后发送的下一条命令,该第三下载命令可以与上文第一下载命令、第二下载命令的类型相同。
在该步骤S471之后,可按照步骤S450至步骤S461或步骤S450至步骤S462类似的方式执行第三下载命令的处理以及后续每一条下载数据的处理。具体实施方式可参见上文实施例的具体描述,此处不做过多赘述。
图5示出了本申请实施例提供的另一下载数据的方法500的示意性流程框图。
如图5所示,该下载数据的方法500在包括上述步骤S310至步骤S330的基础上,还可进一步包括以下步骤。
S540:在向存储器写入第i待下载数据的至少部分时间段内,接收第i+1下载命令,该第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数。
S550:在第i+1下载命令为最后一条下载命令的情况下,向存储器写入第i+1待下载数据。
S560:发送第i+1响应,该第i+1响应用于指示向存储器写入第i待下载数据以及第i+1待下载数据是否执行成功。
具体地,在步骤S540中,第i待下载数据可以为SE接收的第i下载命令携带的数据,该第i下载命令可以为SE接收的任意一条下载命令,例如,该第i下载命令可以为上文实施例中的第一下载命令、第二下载命令、第三下载命令以及后续的任意一条命令。
在SE向其内部的存储器写入第i下载命令携带的第i待下载数据的至少部分时间段内,SE可同步接收第i+1下载命令,以节省SE对于第i下载命令以及第i+1下载命令整体的处理时间。
在步骤S550中,在第i+1下载命令为最后一条下载命令的情况下,在SE向其内部 的存储器写入第i下载命令携带的第i待下载数据之后,SE再向其内部的存储器写入第i+1下载命令携带的第i+1待下载数据。
在步骤S560中,在SE向其内部的存储器写入第i+1下载命令携带的第i+1待下载数据之后,根据该第i待下载数据以及第i+1待下载数据在存储器中的写入情况,SE可向上位机发送第i+1响应,该第i+1响应用于指示向存储器写入第i待下载数据以及第i+1待下载数据是否执行成功。
可选地,在一些实施方式中,该第i+1响应可用于指示向存储器写入第i待下载数据以及第i+1待下载数据的整体是否执行成功。具体地,在第i待下载数据以及第i+1待下载数据中的任意一个数据在存储器中写入失败的情况下,第i+1响应可用于指示向存储器写入第i待下载数据以及第i+1待下载数据的整体执行失败。反之,只有在第i待下载数据以及第i+1待下载数据均在存储器中写入成功的情况下,第i+1响应可用于指示向存储器写入第i待下载数据以及第i+1待下载数据的整体执行成功。
或者,在另一些实施方式中,该第i+1响应也可用于分别指示向存储器写入第i待下载数据是否执行成功,以及向存储器写入第i+1待下载数据是否执行成功。
通过该实施方式的技术方案,SE可较为及时且便捷的对最后一条下载命令进行处理,且发送最后两条下载命令携带数据在存储器中的写入执行情况,保证整个数据下载的完整性和可靠性,从而保证SE的整体性能。
图6示出了本申请实施例提供的另一下载数据的方法600的示意性流程框图。
如图6所示,该下载数据的方法600在包括上述步骤S310至步骤S330的基础上,还进一步包括以下步骤。
S640:在向存储器写入第i待下载数据的至少部分时间段内,接收第i+1下载命令,该第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数。
S650:在第i+1下载命令为最后一条下载命令的情况下,根据向存储器写入第i待下载数据是否执行成功,判断是否向存储器写入第i+1待下载数据。
S660:发送第i+1响应,该第i+1响应用于指示向存储器写入第i待下载数据以及第i+1待下载数据是否执行成功。
具体地,在本申请实施例中,步骤S640的具体实施方式可以参见上文图5中步骤S540,此处不做过多赘述。
在步骤S650中,在第i+1下载命令为最后一条下载命令的情况下,SE可根据第i待下载数据在存储器中的写入情况,判断是否向存储器写入第i+1待下载数据。具体地,在第i待下载数据在存储器中写入失败的情况下,可不向存储器写入第i+1待下载数据,反之,在第i待下载数据在存储器中写入成功的情况下,才向存储器写入第i+1待下载数据。
与上文图5中步骤S560类似,在步骤S660中,该第i+1响应可用于指示向存储器写入第i待下载数据以及第i+1待下载数据的整体是否执行成功。或者,该第i+1响应也可用于分别指示向存储器写入第i待下载数据是否执行成功,以及向存储器写入第i+1待下载数据是否执行成功。
通过该实施方式的技术方案,在第i待下载数据在存储器中写入失败的情况下,SE可以不执行后续向存储器中写入第i+1待下载数据的过程,从而避免系统资源的浪费,提升SE中数据下载的执行效率。与此同时,SE可发送最后两条下载命令携带数据在存 储器中的写入执行情况,保证整个数据下载的完整性和可靠性,从而保证SE的整体性能。
图7示出了本申请实施例提供的另一下载数据的方法700的示意性流程框图。
如图7所示,在本申请实施例中,SE包括可包括通讯模块和操作模块,该通讯模块和操作模块可并行工作,其中,通讯模块用于实现与上位机的数据通讯,操作模块用于实现向存储器写入数据。
具体地,通讯模块接收上位机发送的第一下载命令后,操作模块向存储器写入第一待下载数据。在操作模块向存储器写入第一待下载数据的过程中,通讯模块同步向上位机发送第一预设响应。
上位机接收第一预设响应后,向通讯模块发送第二下载命令。在操作模块向存储器写入第一待下载数据的过程中,通讯模块还同步接收第二下载命令。
参见图7,在本申请实施例中,操作模块向存储器写入第一待下载数据的时间较长,因此,可以利用该操作模块向存储器写入第一待下载数据的时间,通信模块同步发送第一预设响应且接收第二下载命令。
在操作模块向存储器写入第一待下载数据之后,通信模块可向上位机发送用于指示该第一待下载数据是否成功写入存储器的第二响应。在第一待下载数据成功写入存储器的情况下,通信模块向上位机发送第二响应的同时,操作模块同步向存储器写入第二待下载数据。且该操作模块可在向存储器写入第一待下载数据之后,立刻向存储器写入第二待下载数据,二者之间仅间隔很小的时间差乃至无时间差。进一步地,由于操作模块向存储器写入第二待下载数据的时间较长,因此,可以利用该操作模块向存储器写入第二待下载数据的时间,通信模块在发送第二响应后,还接收上位机发送的第三下载命令。
而在第一待下载数据未成功写入存储器的情况下,仅通信模块向上位机发送第二响应,操作模块不再向存储器写入第二待下载数据以及后续数据,且通信模块也不再接收第三下载命令以及后续命令。
依此类推,在操作模块向存储器写入第m-1待下载数据(图7中未示出)的过程中,通讯模块还同步接收第m下载命令。在操作模块向存储器写入第m-1待下载数据之后,通信模块可向上位机发送用于指示该第m-1待下载数据是否成功写入存储器的第m响应。在第m-1待下载数据成功写入存储器的情况下,通信模块向上位机发送第m响应的同时,操作模块同步向存储器写入第m待下载数据。进一步地,由于操作模块向存储器写入第m待下载数据的时间较长,因此,可以利用该操作模块向存储器写入第m待下载数据的时间,通信模块在发送第m响应后,还接收上位机发送的第m+1下载命令。其中,m为大于1的正整数。
在第m+1下载命令为最后一个下载命令的情况下,操作模块向存储器写入第m待下载数据以及第m+1待下载数据之后,通讯模块可向上位机发送用于指示该第m待下载数据以及第m+1待下载数据是否成功写入存储器的第m+1响应。
图8示出了本申请实施例提供的另一下载数据的方法800的示意性流程框图。
如图8所示,在本申请实施例中,该下载数据的方法800在包括上述步骤S310至步骤S330的基础上,还进一步包括以下步骤。
S840:接收第二下载命令至第j下载命令,其中,第二下载命令中携带有第二待下载数据,第j下载命令携带有第j待下载数据,j为大于1的正整数。
S850:向存储器依次写入第二待下载数据至第j待下载数据。
S860:在向存储器依次写入第二待下载数据至第j待下载数据的至少部分时间段内,发送第二预设响应至第j预设响应。
具体地,在步骤S840中,当j=2时,SE可接收第二下载命令,当j>2时,SE可接收第二下载命令至第j下载命令。该第二下载命令至第j下载命令可以为上位机在发送第一下载命令之后依次发送的至少一个命令。该第二下载命令至第j下载命令中每一下载命令均携带有待下载数据,且该每一下载命令均可以与第一下载命令的类型相同。
在步骤S850中,在接收第二下载命令至第j下载命令之后,SE可向其内部的存储器依次写入该第二待下载数据至第j待下载数据。
在步骤S860中,SE在向其内部的存储器依次写入第二待下载数据至第j待下载数据的至少部分时间段内,发送第二预设响应至第j预设响应。
可选地,在一些实施方式中,SE在接收上位机发送的第二下载命令之后,即向上位机发送第二预设响应。上位机接收到该第二预设响应后,再向SE发送第三下载命令。依次类推,SE可接收第二下载命令至第j下载命令,且在接收每一下载命令之后,发送其对应的预设响应。
在SE执行上述与上位机之间的数据通讯的同时,SE还同步向其内部的存储器依次写入第二待下载数据至第j待下载数据。由于SE与上位机之间的数据通讯时间较短,而向其内部的存储器写入下载数据的时间较长,因此,SE在向其内部的存储器写入待下载数据之前,该SE能够接收携带该待下载数据的下载命令。例如,SE在向其内部的存储器写入第一待下载数据的过程中,SE可同步接收第二下载命令乃至更多的后续下载命令。
利用该SE向其内部的存储器依次写入第二待下载数据至第j待下载数据的至少部分时间段,SE可向上位机发送第二预设响应至第j预设响应。通过该技术方案,可以节省SE对第二下载命令至第j下载命令的处理时间,即节省SE对第二待下载数据至第j待下载数据的整体下载时间。通过本申请实施例的技术方案,可以提高SE的生产效率以及用户对SE的使用体验。
图9示出了本申请实施例提供的另一下载数据的方法900的示意性流程框图。
如图9所示,在本申请实施例中,该下载数据的方法900在包括上述步骤S310至步骤S330的基础上,还进一步包括以下步骤。
S940:接收第二下载命令至第j下载命令,其中,第二下载命令中携带有第二待下载数据,第j下载命令携带有第j待下载数据,j为大于1的正整数。
S950:向存储器依次写入第二待下载数据至第x待下载数据,其中,第x待下载数据为向存储器写入失败的数据,x为大于1,且小于或等于j的正整数。
S960:在向存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段内,发送第二预设响应至第j预设响应。
具体地,在本申请实施例中,步骤S940可以参见上文图8中步骤S840的相关描述,此处不做过多赘述。
在步骤S950中,在接收第二下载命令至第j下载命令之后,SE向其内部存储器依次写入该至少一个下载命令携带的待下载数据,在写入到第x下载命令携带的第x待下载数据时,写入执行失败。在该情况下,SE不再向存储器写入后续下载命令携带的数据,避免了后续数据的写入造成系统资源的浪费。
在步骤S960中,SE在向其内部的存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段内,发送第二预设响应至第j预设响应。
可选地,在一些实施方式中,SE在接收上位机发送的第二下载命令之后,即向上位机发送第二预设响应。上位机接收到该第二预设响应后,再向SE发送第三下载命令。依次类推,SE可接收第二下载命令至第j下载命令,且在接收每一下载命令之后,发送其对应的预设响应。
在SE执行上述与上位机之间的数据通讯的同时,SE还同步向其内部的存储器依次写入第二待下载数据至第x待下载数据。即在本申请实施的技术方案中,可利用SE向其内部的存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段,向上位机发送第二预设响应至第j预设响应。通过该技术方案,不仅可以节省SE对第二下载命令至第j下载命令的处理时间,还可以避免对系统资源的浪费,提升SE中数据下载的执行效率。
继续参见图9所示,在本申请实施例中,该下载数据的方法900还可包括以下步骤。
S970:在向存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段内,接收第j+1下载命令。
S980:发送第j+1响应,该第j+1响应用于指示:向存储器中写入第一待下载数据至第j+1待下载数据是否执行成功。
具体地,在步骤S970中,可利用SE向其内部的存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段,接收上位机发送的第j+1下载命令,从而降低对第j+1下载命令整体的处理时间。其中,该j+1下载命令为上位机发送的第j下载命令的下一条命令。
在步骤S980中,在接收第j+1下载命令之后,SE可向上位机发送第j+1响应,该第j+1响应可用于指示向存储器中写入第一待下载数据至第j+1待下载数据的整体是否执行成功。具体地,在第一待下载数据至第j+1待下载数据中任意一个待下载数据向存储器写入失败的情况下,则该第j+1响应用于指示向存储器中写入第一待下载数据至第j+1待下载数据的整体执行失败。反之,在第一待下载数据至第j+1待下载数据中全部待下载数据均向存储器写入成功的情况下,则该第j+1响应用于指示向存储器中写入第一待下载数据至第j+1待下载数据的整体执行成功。
通过该实施方式的技术方案,SE可以通过第j+1响应向上位机指示向存储器中写入第一待下载数据至第j+1待下载数据是否执行成功,从而使得上位机能够准确获知第一待下载数据至第j+1待下载数据在SE中较为准确的下载情况,便于上位机根据该较为准确的下载情况执行后续动作。
可选地,返回参考图8,在图8所示实施例中,也可以进一步包括步骤S870至S890,该步骤S870至S890的相关技术方案可以参见图9实施例中步骤S970至S990的相关描述,此处不做过多赘述。
图10示出了本申请实施例提供的另一下载数据的方法1000的示意性流程框图。
如图10所示,在本申请实施例中,SE包括可包括通讯模块和操作模块,该通讯模块和操作模块可并行工作,其中,通讯模块用于实现与上位机的数据通讯,操作模块用于实现向存储器写入数据。
具体地,通讯模块接收上位机发送的第一下载命令后,操作模块向存储器写入第一 待下载数据。在操作模块向存储器写入第一待下载数据的过程中,通讯模块同步向上位机发送第一预设响应。
上位机接收第一预设响应后,向通讯模块发送第二下载命令。在操作模块向存储器写入第一待下载数据的过程中,通讯模块还同步接收第二下载命令。
在通讯模块接收第二下载命令后,该通讯模块向上位机发送第二预设响应。在该通讯模块向上位机发送第二预设响应时,操作模块可同步向存储器写入第一待下载数据,或者,向存储器写入第二待下载数据。
在本申请实施例中,通讯模块可依次接收第一下载命令至第m下载命令,且在接收每个下载命令之后,向上位机发送预设响应。在通讯模块执行数据通讯的同时,操作模块依次向存储器中写入第一待下载数据至第m待下载数据。其中,m为大于1的正整数。
在操作模块向存储器中写入第一待下载数据至第m待下载数据的过程中,通讯模块还接收第m+1下载命令。在操作模块向存储器中写入第一待下载数据至第m待下载数据之后,操作模块继续向存储器中写入第m+1待下载数据。且在操作模块向存储器中写入第m+1待下载数据之后,通讯模块向上位机发送用于指示第一待下载数据至第m+1待下载数据是否成功写入存储器的第m+1响应。
可选地,在操作模块依次向存储器中写入第一待下载数据至第m待下载数据的过程中,若其中的第x待下载数据写入失败,可不执行后续待下载数据在存储器中的写入。其中,x为小于m的正整数。
进一步地,在操作模块向存储器中写入第一待下载数据至第x待下载数据的过程中,通讯模块还接收第m+1下载命令,且在通讯模块接收第m+1下载命令之后,通讯模块向上位机发送用于指示第一待下载数据至第m+1待下载数据是否成功写入存储器的第m+1响应。具体地,由于第一待下载数据至第m+1待下载数据中的第x待下载数据写入失败,则该第m+1响应用于指示第一待下载数据至第m+1待下载数据写入失败。
需要说明的是,在上文各实施例提供的下载数据的方法中,至少部分步骤之间也可以串行执行。例如,在图3所示实施例的步骤S320和步骤S330中,可先向安全元件的缓存存储器写入第一待下载数据,然后发送第一预设响应,再将缓存的第一待下载数据写入Flash存储器。
上文结合图3至图10,详细描述了本申请中的方法实施例,下面结合图11至图12,描述本申请的装置实施例,下文中的装置实施例与上文中的方法实施例相互对应,因此未详细描述的部分可参见上文实施例的相关描述,此处不再过多赘述。
图11示出了本申请实施例提供的一种下载数据的装置1100的示意性结构框图。可选地,该下载数据的装置1100可设置于安全元件(SE),例如,该下载数据的装置1100可设置于SE芯片。
如图11所示,该下载数据的装置1100包括:通讯模块1110和操作模块1120。
具体地,通讯模块1110用于接收第一下载命令,第一下载命令中携带有第一待下载数据。操作模块1120用于向SE内部的存储器写入第一待下载数据。在操作模块1120向存储器写入第一待下载数据的至少部分时间段内,通讯模块1110还用于发送第一预设响应。
在一些可能的实施方式中,在操作模块1120向存储器写入第一待下载数据的至少部分时间段内,通讯模块1110还用于接收第二下载命令,第二下载命令中携带有第二待下 载数据。
在一些可能的实施方式中,在通讯模块1110接收第二下载命令且操作模块1120向存储器写入第一待下载数据之后,通讯模块1110还用于:发送第二响应,该第二响应用于指示:操作模块1120向存储器写入第一待下载数据是否执行成功。
在一些可能的实施方式中,在操作模块1120向存储器中写入第一待下载数据执行成功的情况下,操作模块1120还用于:在通讯模块1110发送第二响应的同时,向存储器写入第二待下载数据。
在一些可能的实施方式中,在通讯模块1110发送第二响应之后,在操作模块1120向存储器写入第二待下载数据的至少部分时间段内,通讯模块1110还用于:接收第三下载命令,第三下载命令中携带有第三待下载数据。
在一些可能的实施方式中,在操作模块1120向存储器中写入第一待下载数据执行失败的情况下,操作模块1120还用于:确定下载数据执行失败,停止接收后续下载命令。
在一些可能的实施方式中,在通讯模块1110发送第一预设响应之后,在操作模块1120向存储器写入第i待下载数据的至少部分时间段内,通讯模块1110还用于:接收第i+1下载命令,第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数;在第i+1下载命令为最后一条下载命令的情况下,操作模块1120还用于:向存储器中写入第i+1待下载数据;通讯模块1110还用于:发送第i+1响应,第i+1响应用于指示:操作模块1120向存储器写入第i待下载数据以及第i+1待下载数据是否执行成功。
在一些可能的实施方式中,在通讯模块1110发送第一预设响应之后,在操作模块1120向存储器写入第i待下载数据的至少部分时间段内,通讯模块1110还用于:接收第i+1下载命令,第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数;在第i+1下载命令为最后一条下载命令的情况下,操作模块1120还用于:根据向存储器写入第i待下载数据是否执行成功,判断是否向存储器写入第i+1待下载数据;通讯模块1110还用于:发送第i+1响应,第i+1响应用于指示:向存储器写入第i待下载数据以及第i+1待下载数据是否执行成功。
在一些可能的实施方式中,在通讯模块1110发送第一预设响应之后,通讯模块1110还用于:接收第二下载命令至第j下载命令,其中,第二下载命令中携带有第二待下载数据,第j下载命令携带有第j待下载数据,j为大于1的正整数;操作模块1120还用于:向存储器依次写入第二待下载数据至第j待下载数据;在操作模块1120向存储器依次写入第二待下载数据至第j待下载数据的至少部分时间段内,通讯模块1110还用于:发送第二预设响应至第j预设响应。
在一些可能的实施方式中,在通讯模块1110发送第一预设响应之后,通讯模块1110还用于:接收第二下载命令至第j下载命令,其中,第二下载命令中携带有第二待下载数据,第j下载命令携带有第j待下载数据,j为大于1的正整数;操作模块1120还用于:向存储器依次写入第二待下载数据至第x待下载数据,其中,第x待下载数据为向存储器写入失败的数据,x为大于1,且小于或等于j的正整数;在操作模块1120向存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段内,通讯模块1110还用于:发送第二预设响应至第j预设响应。
在一些可能的实施方式中,在通讯模块1110发送第二预设响应至第j预设响应之后,在操作模块1120向存储器依次写入第二待下载数据至第x待下载数据的至少部分时间段 内,通讯模块1110还用于:接收第j+1下载命令,第j+1下载命令携带有第j+1待下载数据;通讯模块1110还用于:发送第j+1响应,第j+1响应用于指示:向存储器中写入第一待下载数据至第j+1待下载数据是否执行成功。
在一些可能的实施方式中,第一下载命令为应用协议数据单元APDU命令;和/或,第一待下载数据为片内操作系统COS数据。
在一些可能的实施方式中,上述下载数据的装置1100为SE中的闪存下载单元,存储器为SE中的闪存。
在该实施方式中,闪存下载单元可包括闪存下载程序,其中,该闪存下载程序可存储于Flash中,或者,该闪存下载程序也可存储于SE中的其它存储器中。
图12示出了本申请实施例提供的一种下载数据的装置1200的示意性结构框图。
如图12所示,本申请实施例还提供一种下载数据的装置1200,包括:存储器1210和处理器1220;该存储器1210用于存储计算机程序,该处理器1220用于调用该计算机程序,当该计算机程序被处理器执行时,使得下载数据的装置1200执行上述任一实施例中的下载数据的方法。
本申请实施例还提供一种计算机可读存储介质,其上存储有计算机程序,该计算机程序被计算机执行时使得,该计算机执行上述任一实施例中的下载数据的方法。
本申请实施例还提供一种包含指令的计算机程序产品,该指令被计算机执行时使得计算机执行上述任一实施例中的下载数据的方法。
图13示出了本申请实施例提供的一种安全元件1300的示意性结构框图。
如图13所示,该安全元件1300可包括上述下载数据的装置1100或下载数据的装置1200。
可选地,该安全元件1300可以为安全元件芯片。
该安全元件1300除了可包括上述下载数据的装置以外,还可进一步包括加密/解密模块,用于保护安全元件1300中的相关数据。
应理解,本文中的具体的例子只是为了帮助本领域技术人员更好地理解本申请实施例,而非限制本申请实施例的范围。
还应理解,在本申请的各种实施例中,各过程的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。
还应理解,本说明书中描述的各种实施方式,既可以单独实施,也可以组合实施,本申请实施例对此并不限定。
除非另有说明,本申请实施例所使用的所有技术和科学术语与本申请的技术领域的技术人员通常理解的含义相同。本申请中所使用的术语只是为了描述具体的实施例的目的,不是旨在限制本申请的范围。本申请所使用的术语“和/或”包括一个或多个相关的所列项的任意的和所有的组合。在本申请实施例和所附权利要求书中所使用的单数形式的“一种”、“上述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。
应理解,本申请实施例的处理器或处理单元可以是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述方法实施例的各步骤可以通过处理器中的硬件的集成逻辑电路或者软件形式的指令完成。结合本申请实施例所公开的方法的步骤可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件模块组合执行完成。软 件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器,处理器读取存储器中的信息,结合其硬件完成上述方法的步骤。
本申请实施例中的存储器或存储单元可以是易失性存储器或非易失性存储器,或可包括易失性和非易失性存储器两者。
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。
在本申请所提供的几个实施例中,应所述理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。
所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者所述技术方案的部分可以以软件产品的形式体现出来,所述计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM)、随机存取存储器(RAM)、磁碟或者光盘等各种可以存储程序代码的介质。
以上所述,仅为本申请的具体实施方式,但本申请的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本申请揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请的保护范围之内。因此,本申请的保护范围应所述以权利要求的保护范围为准。

Claims (24)

  1. 一种下载数据的方法,其特征在于,应用于安全元件SE,所述方法包括:
    接收第一下载命令,所述第一下载命令中携带有第一待下载数据;
    向所述安全元件内部的存储器写入所述第一待下载数据;
    在向所述存储器写入所述第一待下载数据的至少部分时间段内,发送第一预设响应。
  2. 根据权利要求1所述的方法,其特征在于,在所述发送第一预设响应之后,所述方法还包括:
    在向所述存储器写入所述第一待下载数据的至少部分时间段内,接收第二下载命令,所述第二下载命令中携带有第二待下载数据。
  3. 根据权利要求2所述的方法,其特征在于,在接收所述第二下载命令且向所述存储器写入所述第一待下载数据之后,所述方法还包括:
    发送第二响应,所述第二响应用于指示:向所述存储器写入所述第一待下载数据是否执行成功。
  4. 根据权利要求3所述的方法,其特征在于,在向所述存储器中写入所述第一待下载数据执行成功的情况下,所述方法还包括:
    在发送所述第二响应的同时,向所述存储器写入所述第二待下载数据。
  5. 根据权利要求4所述的方法,其特征在于,在发送所述第二响应之后,所述方法还包括:
    在向所述存储器写入所述第二待下载数据的至少部分时间段内,接收第三下载命令,所述第三下载命令中携带有第三待下载数据。
  6. 根据权利要求3所述的方法,其特征在于,在向所述存储器中写入所述第一待下载数据执行失败的情况下,所述方法还包括:
    确定下载数据执行失败,停止接收后续下载命令。
  7. 根据权利要求1所述的方法,其特征在于,在所述发送第一预设响应之后,所述方法还包括:
    在向所述存储器写入第i待下载数据的至少部分时间段内,接收第i+1下载命令,所述第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数;
    在所述第i+1下载命令为最后一条下载命令的情况下,向所述存储器写入所述第i+1待下载数据;
    发送第i+1响应,所述第i+1响应用于指示:向所述存储器写入所述第i待下载数据以及所述第i+1待下载数据是否执行成功。
  8. 根据权利要求1所述的方法,其特征在于,在所述发送第一预设响应之后,所述方法还包括:
    在向所述存储器写入第i待下载数据的至少部分时间段内,接收第i+1下载命令,所述第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数;
    在所述第i+1下载命令为最后一条下载命令的情况下,根据向所述存储器写入所述第i待下载数据是否执行成功,判断是否向所述存储器写入所述第i+1待下载数据;
    发送第i+1响应,所述第i+1响应用于指示:向所述存储器写入所述第i待下载数据以及所述第i+1待下载数据是否执行成功。
  9. 根据权利要求1所述的方法,其特征在于,在所述发送第一预设响应之后,所述方法还包括:
    接收第二下载命令至第j下载命令,其中,所述第二下载命令中携带有第二待下载数据,所述第j下载命令携带有第j待下载数据,j为大于1的正整数;
    向所述存储器依次写入所述第二待下载数据至第j待下载数据;
    在向所述存储器依次写入所述第二待下载数据至所述第j待下载数据的至少部分时间段内,发送第二预设响应至第j预设响应。
  10. 根据权利要求1所述的方法,其特征在于,在所述发送第一预设响应之后,所述方法还包括:
    接收第二下载命令至第j下载命令,其中,所述第二下载命令中携带有第二待下载数据,所述第j下载命令携带有第j待下载数据,j为大于1的正整数;
    向所述存储器依次写入所述第二待下载数据至第x待下载数据,其中,所述第x待下载数据为向所述存储器写入失败的数据,x为大于1,且小于或等于j的正整数;
    在向所述存储器依次写入所述第二待下载数据至所述第x待下载数据的至少部分时间段内,发送第二预设响应至第j预设响应。
  11. 根据权利要求10所述的方法,其特征在于,在所述发送第二预设响应至第j预设响应之后,所述方法还包括:
    在向所述存储器依次写入所述第二待下载数据至所述第x待下载数据的至少部分时间段内,接收第j+1下载命令,所述第j+1下载命令携带有第j+1待下载数据;
    发送第j+1响应,所述第j+1响应用于指示:向所述存储器中写入所述第一待下载数据至所述第j+1待下载数据是否执行成功。
  12. 根据权利要求1至11中任一项所述的方法,其特征在于,所述第一下载命令为应用协议数据单元APDU命令;和/或,
    所述第一待下载数据为片内操作系统COS数据。
  13. 根据权利要求1至11中任一项所述的方法,其特征在于,所述方法应用于所述安全元件中的闪存下载单元,所述存储器为所述安全元件中的闪存。
  14. 一种下载数据的装置,其特征在于,设置于安全元件SE,所述装置包括:
    通讯模块,用于接收第一下载命令,所述第一下载命令中携带有第一待下载数据;
    操作模块,用于向所述安全元件内部的存储器写入所述第一待下载数据;
    在所述操作模块向所述存储器写入所述第一待下载数据的至少部分时间段内,所述通讯模块还用于发送第一预设响应。
  15. 根据权利要求14所述的装置,其特征在于,在所述操作模块向所述存储器写入所述第一待下载数据的至少部分时间段内,所述通讯模块还用于接收第二下载命令,所述第二下载命令中携带有第二待下载数据。
  16. 根据权利要求15所述的装置,其特征在于,在所述通讯模块接收所述第二下载命令且所述操作模块向所述存储器写入所述第一待下载数据之后,所述通讯模块还用于:
    发送第二响应,所述第二响应用于指示:所述操作模块向所述存储器写入所述第一待下载数据是否执行成功。
  17. 根据权利要求16所述的装置,其特征在于,在所述操作模块向所述存储器中写入所述第一待下载数据执行成功的情况下,所述操作模块还用于:
    在所述通讯模块发送所述第二响应的同时,向所述存储器写入所述第二待下载数据。
  18. 根据权利要求16所述的装置,其特征在于,在所述操作模块向所述存储器中写入所述第一待下载数据执行失败的情况下,所述操作模块还用于:
    确定下载数据执行失败,停止接收后续下载命令。
  19. 根据权利要求14所述的装置,其特征在于,在所述通讯模块发送所述第一预设响应之后,在所述操作模块向所述存储器写入第i待下载数据的至少部分时间段内,所述通讯模块还用于:
    接收第i+1下载命令,所述第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数;
    在所述第i+1下载命令为最后一条下载命令的情况下,所述操作模块还用于:向所述存储器中写入所述第i+1待下载数据;
    所述通讯模块还用于:发送第i+1响应,所述第i+1响应用于指示:所述操作模块向所述存储器写入所述第i待下载数据以及所述第i+1待下载数据是否执行成功。
  20. 根据权利要求14所述的装置,其特征在于,在所述通讯模块发送所述第一预设响应之后,在所述操作模块向所述存储器写入第i待下载数据的至少部分时间段内,所述通讯模块还用于:
    接收第i+1下载命令,所述第i+1下载命令中携带有第i+1待下载数据,其中,i为正整数;
    在所述第i+1下载命令为最后一条下载命令的情况下,所述操作模块还用于:根据向所述存储器写入所述第i待下载数据是否执行成功,判断是否向所述存储器写入所述第i+1待下载数据;
    所述通讯模块还用于:发送第i+1响应,所述第i+1响应用于指示:向所述存储器写入所述第i待下载数据以及所述第i+1待下载数据是否执行成功。
  21. 根据权利要求14至20中任一项所述的装置,其特征在于,所述第一下载命令为应用协议数据单元APDU命令;和/或,
    所述第一待下载数据为片内操作系统COS数据。
  22. 根据权利要求14至20中任一项所述的装置,其特征在于,所述装置为所述安全元件中的闪存下载单元,所述存储器为所述安全元件中的闪存。
  23. 一种下载数据的装置,其特征在于,包括:处理器和存储器,所述存储器用于存储程序,所述处理器用于从存储器中调用并运行所述程序以执行权利要求1至13中任一项所述的下载数据的方法。
  24. 一种安全元件,其特征在于,包括:如权利要求14至22中任一项所述的下载数据的装置。
PCT/CN2022/136116 2022-06-13 2022-12-02 下载数据的方法、装置和安全元件 WO2023240941A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210660260.6A CN114760276B (zh) 2022-06-13 2022-06-13 下载数据的方法、装置和安全元件
CN202210660260.6 2022-06-13

Publications (1)

Publication Number Publication Date
WO2023240941A1 true WO2023240941A1 (zh) 2023-12-21

Family

ID=82336790

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/136116 WO2023240941A1 (zh) 2022-06-13 2022-12-02 下载数据的方法、装置和安全元件

Country Status (2)

Country Link
CN (1) CN114760276B (zh)
WO (1) WO2023240941A1 (zh)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114760276B (zh) * 2022-06-13 2022-09-09 深圳市汇顶科技股份有限公司 下载数据的方法、装置和安全元件

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103019755A (zh) * 2011-09-26 2013-04-03 东莞易步机器人有限公司 嵌入式系统中多cpu的无线程序下载方法
US20160188208A1 (en) * 2014-12-24 2016-06-30 Samsung Electronics Co., Ltd. Nonvolatile memory system and operation method of the same
CN106888448A (zh) * 2015-12-15 2017-06-23 中国移动通信集团公司 应用下载方法、安全元件及终端
CN111404706A (zh) * 2019-01-02 2020-07-10 中国移动通信有限公司研究院 应用下载方法、安全元件、客户端设备及服务管理设备
CN112702418A (zh) * 2020-12-21 2021-04-23 潍柴动力股份有限公司 双缓存数据下载控制方法、装置及车辆
CN114760276A (zh) * 2022-06-13 2022-07-15 深圳市汇顶科技股份有限公司 下载数据的方法、装置和安全元件

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2788051C (en) * 2011-12-15 2015-11-24 Research In Motion Limited Method and device for managing a secure element
US9240994B2 (en) * 2013-10-28 2016-01-19 At&T Intellectual Property I, Lp Apparatus and method for securely managing the accessibility to content and applications
EP3295310A4 (en) * 2015-05-14 2018-12-26 Adesto Technologies Corporation Concurrent read and reconfigured write operations in a memory device
CN105592091B (zh) * 2015-12-30 2018-12-25 中国银联股份有限公司 安全性应用下载方法
CN106940776A (zh) * 2016-01-04 2017-07-11 中国移动通信集团公司 一种敏感数据操作方法和移动终端
US11282056B2 (en) * 2016-04-20 2022-03-22 Thales Dis Usa, Inc. Method, servers and system for downloading an updated profile
CN108696579A (zh) * 2018-04-28 2018-10-23 北京奇艺世纪科技有限公司 一种请求响应方法、装置及电子设备
CN108959117B (zh) * 2018-06-22 2021-01-19 深圳忆联信息系统有限公司 H2d写操作加速方法、装置、计算机设备及存储介质
KR102657876B1 (ko) * 2018-09-07 2024-04-17 삼성전자주식회사 Ssp 단말과 서버가 디지털 인증서를 협의하는 방법 및 장치
CN111124503B (zh) * 2018-11-01 2021-09-14 华为终端有限公司 一种nfc应用的自动激活方法及终端
CN110673849B (zh) * 2019-08-14 2023-04-21 惠州市德赛西威智能交通技术研究院有限公司 一种批量预设置文件安全上下文的方法及装置
CN111143854B (zh) * 2019-12-25 2021-11-30 眸芯科技(上海)有限公司 芯片的安全启动装置、系统及方法
CN110929254B (zh) * 2020-01-09 2023-08-22 成都三零嘉微电子有限公司 安全可信cpu芯片otp数据批量加载系统及方法
CN112540729A (zh) * 2020-12-11 2021-03-23 捷德(中国)科技有限公司 数据下载的方法、装置、智能卡及存储介质

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103019755A (zh) * 2011-09-26 2013-04-03 东莞易步机器人有限公司 嵌入式系统中多cpu的无线程序下载方法
US20160188208A1 (en) * 2014-12-24 2016-06-30 Samsung Electronics Co., Ltd. Nonvolatile memory system and operation method of the same
CN106888448A (zh) * 2015-12-15 2017-06-23 中国移动通信集团公司 应用下载方法、安全元件及终端
CN111404706A (zh) * 2019-01-02 2020-07-10 中国移动通信有限公司研究院 应用下载方法、安全元件、客户端设备及服务管理设备
CN112702418A (zh) * 2020-12-21 2021-04-23 潍柴动力股份有限公司 双缓存数据下载控制方法、装置及车辆
CN114760276A (zh) * 2022-06-13 2022-07-15 深圳市汇顶科技股份有限公司 下载数据的方法、装置和安全元件

Also Published As

Publication number Publication date
CN114760276B (zh) 2022-09-09
CN114760276A (zh) 2022-07-15

Similar Documents

Publication Publication Date Title
JP4960364B2 (ja) ハードウェア支援されたデバイス設定検出
US10783086B2 (en) Method and apparatus for increasing a speed of accessing a storage device
CN109726163B (zh) 一种基于spi的通信系统、方法、设备和储存介质
TWI430097B (zh) 資訊處理設備、資訊處理系統、資訊處理方法及電腦程式
US6810444B2 (en) Memory system allowing fast operation of processor while using flash memory incapable of random access
US5263168A (en) Circuitry for automatically entering and terminating an initialization mode in a data processing system in response to a control signal
KR102331926B1 (ko) 저장 장치를 포함하는 호스트 시스템의 동작 방법 및 저장 장치 제어기의 동작 방법
WO2023240941A1 (zh) 下载数据的方法、装置和安全元件
WO2024093542A1 (zh) Usb免驱通信方法、装置、电子设备及存储介质
CN112596808A (zh) 一种嵌入式系统的参数存储机制
US20190095359A1 (en) Peripheral device controlling device, operation method thereof, and operation method of peripheral device controlling device driver
KR20020036717A (ko) 마이크로컴퓨터 및 그 제어 방법
JP7355876B2 (ja) プログラム起動方法及び機器、記憶媒体
KR20040067063A (ko) 디지털 신호 처리장치의 저전력 소비형 캐시 메모리 장치및 이에 대한 제어방법
US6718405B2 (en) Hardware chain pull
JP4793798B2 (ja) マイクロコンピュータ
KR100658918B1 (ko) 블록 단위 입출력 명령어를 이용한 시스템 전역 변수초기화 장치 및 그 방법
CN115599408B (zh) 处理器的数据烧录方法、设备及存储介质
JP4988982B2 (ja) マイクロコンピュータの制御方法
WO2023201648A1 (zh) 文件的操作装置、计算机设备和操作设备
CN108509013B (zh) 一种处理指令的方法及装置
CN117220861A (zh) 秘钥烧录系统、方法、智能网卡以及可读存储介质
CN118796247A (zh) 固件切换方法、装置、电子设备和计算机程序产品
CN116340208A (zh) 基于QSPI的flash访问方法及应用
CN115617521A (zh) 一种收取应用进程内存快照的方法、装置及介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22946607

Country of ref document: EP

Kind code of ref document: A1