Storage medium having stored therein boot program, information processing apparatus, information processing system, information processing method, semiconductor apparatus, and storage medium having stored therein program
First Claim
Patent Images
1. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:
- initiating execution of a boot program;
authenticating the firmware after the initiation of execution of the boot program;
acquiring identification information of the firmware;
setting usability of a piece of key data in a range corresponding to the identification information, among a plurality of pieces of key data to be used for the firmware, andstarting the firmware, whereinthe identification information is a version set for the firmware;
the plurality of pieces of key data are different with respect to each version; and
in the setting of the usability of the piece of key date, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquire version is set to be unusable.
1 Assignment
0 Petitions
Accused Products
Abstract
Identification information of a program read from outside, such as firmware, is acquired, and usability of a piece of key data in a range corresponding to the identification information is set, among a plurality of pieces of key data to be used for the program. As another example, based on new key data generated based on key data stored in advance in a memory and identification information, firmware corresponding to the identification information is decrypted.
10 Citations
29 Claims
-
1. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:
-
initiating execution of a boot program; authenticating the firmware after the initiation of execution of the boot program; acquiring identification information of the firmware; setting usability of a piece of key data in a range corresponding to the identification information, among a plurality of pieces of key data to be used for the firmware, and starting the firmware, wherein the identification information is a version set for the firmware;
the plurality of pieces of key data are different with respect to each version; andin the setting of the usability of the piece of key date, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquire version is set to be unusable. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An information processing apparatus comprising:
-
a key data storage memory configured to store a plurality of pieces of key data to be used for firmware; and a computer processor configured to; execute a boot program; acquire identification information of the firmware in accordance with the execution of the boot program after initiation of execution of the boot program; set usability of a piece of key data in a range corresponding to the identification information, among the plurality of pieces of key data; after the usability of the piece of key data is set, start the firmware corresponding to the acquired identification information; and after the firmware is started, encrypt or input data using the piece of key data set to be usable. - View Dependent Claims (7)
-
-
8. An information processing system comprising:
-
a key data storage memory configured to store a plurality of pieces of key data to be used for firmware; and a computer processor configured to; initiate execution of a boot program; acquire identification information of the firmware in accordance with execution of the boot program after the initiation of execution of the boot program; set usability of a piece of key data in a range corresponding to the identification information, among the plurality of pieces of key data; and after the usability of the piece of key data is set, start the firmware corresponding to the acquired identification information, wherein the identification information is a version set for the firmware; the plurality of pieces of key data are different with respect to each version; and in the setting of the usability of the piece of key data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquired version is set to be unusable.
-
-
9. An information processing method to be performed by a computer of an information processing apparatus before firmware is started, the information processing method comprising causing the computer to execute:
-
initiating execution of a boot program; acquiring identification information of the firmware after the initiation of the boot program; and setting usability of a piece of key data in a range corresponding to the identification information, among a plurality of pieces of key data to be used for the firmware, and starting the firmware, wherein the identification information is version set for the firmware; the plurality of pieces of key data are different with respect to each version; and in the setting of the usability of the piece of key data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquired version is set to be unusable.
-
-
10. A semiconductor device comprising:
-
a processor; a first memory configured to store a boot program; and a second memory configured to store a plurality of pieces of key data, wherein in accordance with execution of the boot program stored in the first memory, the processor is configured to; acquire identification information of firmware after initiation of the boot program; if a plurality of pieces of key data are stored in the second memory, set usability of a piece of key data in a range corresponding to the identification information, among the pieces of key data; and after the usability of the piece of key data is set, start the firmware corresponding to the acquired identification information, wherein the identification information is a version set for the firmware; the plurality of pieces of key data are different with respect to each version; and in the setting of the usability of the piece of y data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquire version is set to be unusable.
-
-
11. An information processing apparatus, including a memory configured to store an internal program, for executing an external program subsequently to execution of the internal program, the information processing apparatus comprising:
-
a key data storage memory configured to store a plurality of pieces of key data; and a computer processor configured to; initiate execution of a boot program; acquire the external program from outside the information processing apparatus after the initiation of execution of the boot program; acquire identification information of the external program; set usability of a piece of key data in a range corresponding to the identification information, among the pieces of key data stored in the key data storage memory; and after the usability of the piece of key data is set, start the acquired external program, wherein the identification information is a version set for the firmware; the plurality of pieces of key data are different with respect to each version; and in the setting of the usability of the pies y data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquired version is set to be unusable.
-
-
12. A non-transitory computer-readable storage medium having stored therein a program that cannot be updated and is executed by a computer of an information processing apparatus before a program that can be updated is started, the program causing the computer to execute:
-
initiating execution of a boot program; acquiring version information of the program that can be updated after the initiation of execution of the boot program; based on the acquired version information, setting usability of a piece of key data in a range corresponding to the version information, among a plurality of pieces of key data to be used for the program that can be updated, and starting the program that can be updated, wherein the identification information is a version set for the firmware; the plurality of pieces of key data are different with respect to each version; and in the setting of the usability of the piece of key data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquired version is set to be unusable.
-
-
13. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:
-
initiating execution of the boot program; acquiring identification information of the firmware after the initiation of execution of the boot program; based on key data stored in advance in a memory and the identification information, generating new key data; based on the generated key data, decrypting the firmware corresponding to the identification information; disabling generation of key data in the generation of the key data; and starting the decrypted firmware, wherein in the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. An information processing apparatus comprising:
-
a key data storage memory configured to store key data to be used for firmware; and a computer processor configured to; execute a boot program; acquire identification information of the firmware in accordance with the execution of the boot program after initiation of the execution of the boot program; based on the key data stored in the key data storage memory and the identification information, generate new key data; based on the generated key data, decrypt the firmware corresponding to the identification information; disable generation of key data in the generation of the key data; and start the decrypted firmware, wherein in the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data.
-
-
22. An information processing system comprising:
-
a key data storage memory configured to store key data to be used for firmware; and a computer processor configured to; execute a boot program; acquire identification information of the firmware in accordance with the execution of the boot program after initiation of the execution of the boot program; based on the key data stored in the key data storage memory and the identification information, generate new key data; based on the generated key data, decrypt the firmware corresponding to the identification information; and disable generation of key data in the generation of the key data; and start the decrypted firmware, wherein in the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data.
-
-
23. An information processing method to be performed by a computer of an information processing apparatus before firmware is started, the information processing method comprising causing the computer to execute:
-
initiating execution of a boot program; acquiring identification information of the firmware after the initiation of execution of the boot program; based on key data stored in advance in a memory and the identification information, generating new key data; based on the generated key data, decrypting the firmware corresponding to the identification information; disabling generation of key data in the generation of the key data; and starting the decrypted firmware, wherein in the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data.
-
-
24. A semiconductor device comprising:
-
a processor; a first memory configured to store a boot program; and a second memory configured to store key data, wherein in accordance with execution of the boot program stored in the first memory, the processor is configured to; acquire identification information of firmware after initiation of execution of the boot program; based on the key data stored in the second memory and the identification information, generate new key data; based on the generated key data, decrypt the firmware corresponding to the identification information; disable generation of key data in the generation of the key data; and start the decrypted firmware, wherein in the disabling of generation of key data, a key generation function in the generation of the key data is set only once, thereby disabling generation of key data in the generation of the key data.
-
-
25. An information processing apparatus, including a memory configured to store an internal boot program, for executing an external program subsequently to execution of the internal program, the information processing apparatus comprising:
-
a key data storage memory configured to store key data to be used for the external program; and a computer processor configured to; execute the internal boot program; acquire the external program from outside the information processing apparatus; acquire identification information of the external program in accordance with the execution of the internal program after initiation of execution of the internal program; based on the key data stored in the key data storage memory and the identification information, generate new key data; based on the generated key data, decrypt the external program corresponding to the identification information; disable generation of key data in the generation of the key data; and start the decrypted external program, wherein in the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data.
-
-
26. A non-transitory computer-readable storage medium having stored therein a program that cannot be updated and is executed by a computer of an information processing apparatus before a program that can be updated is started, the program that cannot be updated causing the computer to execute:
-
initiating execution of a boot program; acquiring version information of the program that can be updated after the initiation of execution of the boot program; based on key data stored in advance in a memory and the acquired version information, generating new key data; based on the generated key data, decrypting the program that can be updated corresponding to the version information; disabling generation of key data in the generation of the key data; and starting the decrypted program that can be updated, wherein in the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disable generation of key data in the generation of the key data.
-
-
27. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:
-
initiating execution of a boot program; authenticating the firmware after the initiation of execution of the boot program; acquiring identification information of the firmware; setting usability of a piece of key data in a range corresponding to the identification information, among a plurality of pieces of key data to be used for the firmware; starting the firmware; and reading the firmware, wherein in the acquisition of the identification information, the identification information of the read firmware is acquired, in the acquisition of the identification information, identification information described in a header of the firmware read in the reading of the firmware is acquired as the acquired identification information of the firmware, and in the setting of the usability of the piece of key data, the usability of the piece of key data is set in accordance with the identification information described in the header.
-
-
28. An information processing apparatus comprising:
-
a key data storage memory configured to store a plurality of pieces of key data to be used for firmware; and a computer processor configured to; execute a boot program; acquire identification information of the firmware in accordance with the execution of the boot program after initiation of execution of the boot program; set usability of a piece of key data in a range corresponding to the identification information, among the plurality of pieces of key data; and after the usability of the piece of key data is set, start the firmware corresponding to the acquired identification information, wherein store the identification information of the started firmware in a non-volatile memory, the identification information stored in the non-volatile memory is acquired as the identification information of the firmware, the usability of the piece of key data is set in accordance with the identification information stored in the non-volatile memory, and if the identification information stored in the non-volatile memory is updated, the usability of the piece of key data is reset after the update.
-
-
29. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:
-
initiating execution of the boot program; acquiring identification information of the firmware after the initiation of execution of the boot program; based on key data stored in advance in a memory and the identification information, generating new key data; based on the generated key data, decrypting the firmware corresponding to the identification information; disabling generation of key data in the generation of the key data; and starting the decrypted firmware; reading the firmware;
whereinin the acquisition of the identification information, the identification information of the read firmware is acquired, in the acquisition of the identification information, identification information described in a header of the firmware read in the reading of the firmware is acquired as the acquired identification information of the firmware, and in the generation of the key data, based on the key data stored in advance in the memory and the identification information described in the header, new key data is generated.
-
Specification