Storage medium having stored therein boot program, information processing apparatus, information processing system, information processing method, semiconductor apparatus, and storage medium having stored therein program

US 10,061,927 B2
Filed: 10/05/2015
Issued: 08/28/2018
Est. Priority Date: 10/08/2014
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:

initiating execution of a boot program;

authenticating the firmware after the initiation of execution of the boot program;

acquiring identification information of the firmware;

setting usability of a piece of key data in a range corresponding to the identification information, among a plurality of pieces of key data to be used for the firmware, andstarting the firmware, whereinthe identification information is a version set for the firmware;

the plurality of pieces of key data are different with respect to each version; and

in the setting of the usability of the piece of key date, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquire version is set to be unusable.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Identification information of a program read from outside, such as firmware, is acquired, and usability of a piece of key data in a range corresponding to the identification information is set, among a plurality of pieces of key data to be used for the program. As another example, based on new key data generated based on key data stored in advance in a memory and identification information, firmware corresponding to the identification information is decrypted.

10 Citations

View as Search Results

29 Claims

1. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:
- initiating execution of a boot program;
  
  authenticating the firmware after the initiation of execution of the boot program;
  
  acquiring identification information of the firmware;
  
  setting usability of a piece of key data in a range corresponding to the identification information, among a plurality of pieces of key data to be used for the firmware, andstarting the firmware, whereinthe identification information is a version set for the firmware;
  
  the plurality of pieces of key data are different with respect to each version; and
  
  in the setting of the usability of the piece of key date, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquire version is set to be unusable.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 1, whereinin the acquisition of the identification information, identification information of firmware started before a current moment is acquired.
  - 3. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 1, whereinin the setting of the usability of the piece of key data, after the firmware is started, the setting of the piece of key data cannot be changed at least from unusable to usable.
  - 4. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 1, whereinin the setting of the usability of the piece of key data, among the plurality of pieces of key data, a piece of key data corresponding to the version acquired in the acquisition of the identification information is set to be usable, and at least one of pieces of key data corresponding to a version older than the acquired version is set to be usable.
  - 5. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 1, the boot program further causing the computer to executebefore the usability of the piece of key data is set in the setting of the usability of the piece of key data, decrypting the firmware corresponding to the acquired identification information, using any of the plurality of pieces of key data.

6. An information processing apparatus comprising:
- a key data storage memory configured to store a plurality of pieces of key data to be used for firmware; and
  
  a computer processor configured to;
  
  execute a boot program;
  
  acquire identification information of the firmware in accordance with the execution of the boot program after initiation of execution of the boot program;
  
  set usability of a piece of key data in a range corresponding to the identification information, among the plurality of pieces of key data;
  
  after the usability of the piece of key data is set, start the firmware corresponding to the acquired identification information; and
  
  after the firmware is started, encrypt or input data using the piece of key data set to be usable.
- View Dependent Claims (7)
- - 7. The information processing apparatus according to claim 6, whereinthe computer processor is further configured to, after the firmware is started, decrypt another program using the piece of key data set to be usable.

8. An information processing system comprising:
- a key data storage memory configured to store a plurality of pieces of key data to be used for firmware; and
  
  a computer processor configured to;
  
  initiate execution of a boot program;
  
  acquire identification information of the firmware in accordance with execution of the boot program after the initiation of execution of the boot program;
  
  set usability of a piece of key data in a range corresponding to the identification information, among the plurality of pieces of key data; and
  
  after the usability of the piece of key data is set, start the firmware corresponding to the acquired identification information, whereinthe identification information is a version set for the firmware;
  
  the plurality of pieces of key data are different with respect to each version; and
  
  in the setting of the usability of the piece of key data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquired version is set to be unusable.

9. An information processing method to be performed by a computer of an information processing apparatus before firmware is started, the information processing method comprising causing the computer to execute:
- initiating execution of a boot program;
  
  acquiring identification information of the firmware after the initiation of the boot program; and
  
  setting usability of a piece of key data in a range corresponding to the identification information, among a plurality of pieces of key data to be used for the firmware, andstarting the firmware, whereinthe identification information is version set for the firmware;
  
  the plurality of pieces of key data are different with respect to each version; and
  
  in the setting of the usability of the piece of key data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquired version is set to be unusable.

10. A semiconductor device comprising:
- a processor;
  
  a first memory configured to store a boot program; and
  
  a second memory configured to store a plurality of pieces of key data, whereinin accordance with execution of the boot program stored in the first memory, the processor is configured to;
  
  acquire identification information of firmware after initiation of the boot program;
  
  if a plurality of pieces of key data are stored in the second memory, set usability of a piece of key data in a range corresponding to the identification information, among the pieces of key data; and
  
  after the usability of the piece of key data is set, start the firmware corresponding to the acquired identification information, whereinthe identification information is a version set for the firmware;
  
  the plurality of pieces of key data are different with respect to each version; and
  
  in the setting of the usability of the piece of y data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquire version is set to be unusable.

11. An information processing apparatus, including a memory configured to store an internal program, for executing an external program subsequently to execution of the internal program, the information processing apparatus comprising:
- a key data storage memory configured to store a plurality of pieces of key data; and
  
  a computer processor configured to;
  
  initiate execution of a boot program;
  
  acquire the external program from outside the information processing apparatus after the initiation of execution of the boot program;
  
  acquire identification information of the external program;
  
  set usability of a piece of key data in a range corresponding to the identification information, among the pieces of key data stored in the key data storage memory; and
  
  after the usability of the piece of key data is set, start the acquired external program, whereinthe identification information is a version set for the firmware;
  
  the plurality of pieces of key data are different with respect to each version; and
  
  in the setting of the usability of the pies y data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquired version is set to be unusable.

12. A non-transitory computer-readable storage medium having stored therein a program that cannot be updated and is executed by a computer of an information processing apparatus before a program that can be updated is started, the program causing the computer to execute:
- initiating execution of a boot program;
  
  acquiring version information of the program that can be updated after the initiation of execution of the boot program;
  
  based on the acquired version information, setting usability of a piece of key data in a range corresponding to the version information, among a plurality of pieces of key data to be used for the program that can be updated, andstarting the program that can be updated, whereinthe identification information is a version set for the firmware;
  
  the plurality of pieces of key data are different with respect to each version; and
  
  in the setting of the usability of the piece of key data, among the plurality of pieces of key data, a piece of key data corresponding to a version newer than the acquired version is set to be unusable.

13. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:
- initiating execution of the boot program;
  
  acquiring identification information of the firmware after the initiation of execution of the boot program;
  
  based on key data stored in advance in a memory and the identification information, generating new key data;
  
  based on the generated key data, decrypting the firmware corresponding to the identification information;
  
  disabling generation of key data in the generation of the key data; and
  
  starting the decrypted firmware, whereinin the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 13, whereinin the starting of the firmware, the decrypted firmware is started after generation of key data is disabled in the disabling of generation of key data.
  - 15. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 13, whereinin the disabling of generation of key data, after the firmware is decrypted, the key data stored in the memory is set to be unusable, thereby disabling generation of new key data using the key data.
  - 16. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 13, whereinin the disabling of generation of key data, after the firmware is decrypted, access to a unit configured to achieve the generation of the key data is set to be impossible, thereby disabling generation of key data in the generation of the key data.
  - 17. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 13, whereinthe memory stores a single piece of key data for generating the key data, andin the generation of the key data, based on the single piece of key data stored in the memory and the identification information, new key data is generated.
  - 18. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 13, the boot program further causing the computer to executedisabling the new key data generated in the generation of the key data.
  - 19. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 13, whereinin the acquisition of the identification information, identification information of firmware started before a current moment is acquired.
  - 20. The non-transitory computer-readable storage medium having stored therein the boot program according to claim 13, whereinthe identification information is a version set for the firmware.

21. An information processing apparatus comprising:
- a key data storage memory configured to store key data to be used for firmware; and
  
  a computer processor configured to;
  
  execute a boot program;
  
  acquire identification information of the firmware in accordance with the execution of the boot program after initiation of the execution of the boot program;
  
  based on the key data stored in the key data storage memory and the identification information, generate new key data;
  
  based on the generated key data, decrypt the firmware corresponding to the identification information;
  
  disable generation of key data in the generation of the key data; and
  
  start the decrypted firmware, whereinin the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data.

22. An information processing system comprising:
- a key data storage memory configured to store key data to be used for firmware; and
  
  a computer processor configured to;
  
  execute a boot program;
  
  acquire identification information of the firmware in accordance with the execution of the boot program after initiation of the execution of the boot program;
  
  based on the key data stored in the key data storage memory and the identification information, generate new key data;
  
  based on the generated key data, decrypt the firmware corresponding to the identification information; and
  
  disable generation of key data in the generation of the key data; and
  
  start the decrypted firmware, whereinin the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data.

23. An information processing method to be performed by a computer of an information processing apparatus before firmware is started, the information processing method comprising causing the computer to execute:
- initiating execution of a boot program;
  
  acquiring identification information of the firmware after the initiation of execution of the boot program;
  
  based on key data stored in advance in a memory and the identification information, generating new key data;
  
  based on the generated key data, decrypting the firmware corresponding to the identification information;
  
  disabling generation of key data in the generation of the key data; and
  
  starting the decrypted firmware, whereinin the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data.

24. A semiconductor device comprising:
- a processor;
  
  a first memory configured to store a boot program; and
  
  a second memory configured to store key data, whereinin accordance with execution of the boot program stored in the first memory, the processor is configured to;
  
  acquire identification information of firmware after initiation of execution of the boot program;
  
  based on the key data stored in the second memory and the identification information, generate new key data;
  
  based on the generated key data, decrypt the firmware corresponding to the identification information;
  
  disable generation of key data in the generation of the key data; and
  
  start the decrypted firmware, whereinin the disabling of generation of key data, a key generation function in the generation of the key data is set only once, thereby disabling generation of key data in the generation of the key data.

25. An information processing apparatus, including a memory configured to store an internal boot program, for executing an external program subsequently to execution of the internal program, the information processing apparatus comprising:
- a key data storage memory configured to store key data to be used for the external program; and
  
  a computer processor configured to;
  
  execute the internal boot program;
  
  acquire the external program from outside the information processing apparatus;
  
  acquire identification information of the external program in accordance with the execution of the internal program after initiation of execution of the internal program;
  
  based on the key data stored in the key data storage memory and the identification information, generate new key data;
  
  based on the generated key data, decrypt the external program corresponding to the identification information;
  
  disable generation of key data in the generation of the key data; and
  
  start the decrypted external program, whereinin the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disabling generation of key data in the generation of the key data.

26. A non-transitory computer-readable storage medium having stored therein a program that cannot be updated and is executed by a computer of an information processing apparatus before a program that can be updated is started, the program that cannot be updated causing the computer to execute:
- initiating execution of a boot program;
  
  acquiring version information of the program that can be updated after the initiation of execution of the boot program;
  
  based on key data stored in advance in a memory and the acquired version information, generating new key data;
  
  based on the generated key data, decrypting the program that can be updated corresponding to the version information;
  
  disabling generation of key data in the generation of the key data; and
  
  starting the decrypted program that can be updated, whereinin the disabling of generation of key data, a key generation function in the generation of the key data is set to be usable only once, thereby disable generation of key data in the generation of the key data.

27. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:
- initiating execution of a boot program;
  
  authenticating the firmware after the initiation of execution of the boot program;
  
  acquiring identification information of the firmware;
  
  setting usability of a piece of key data in a range corresponding to the identification information, among a plurality of pieces of key data to be used for the firmware;
  
  starting the firmware; and
  
  reading the firmware, whereinin the acquisition of the identification information, the identification information of the read firmware is acquired,in the acquisition of the identification information, identification information described in a header of the firmware read in the reading of the firmware is acquired as the acquired identification information of the firmware, andin the setting of the usability of the piece of key data, the usability of the piece of key data is set in accordance with the identification information described in the header.

28. An information processing apparatus comprising:
- a key data storage memory configured to store a plurality of pieces of key data to be used for firmware; and
  
  a computer processor configured to;
  
  execute a boot program;
  
  acquire identification information of the firmware in accordance with the execution of the boot program after initiation of execution of the boot program;
  
  set usability of a piece of key data in a range corresponding to the identification information, among the plurality of pieces of key data; and
  
  after the usability of the piece of key data is set, start the firmware corresponding to the acquired identification information, whereinstore the identification information of the started firmware in a non-volatile memory,the identification information stored in the non-volatile memory is acquired as the identification information of the firmware,the usability of the piece of key data is set in accordance with the identification information stored in the non-volatile memory, andif the identification information stored in the non-volatile memory is updated, the usability of the piece of key data is reset after the update.

29. A non-transitory computer-readable storage medium having stored therein a boot program to be executed by a computer of an information processing apparatus before firmware is started, the boot program causing the computer to execute:
- initiating execution of the boot program;
  
  acquiring identification information of the firmware after the initiation of execution of the boot program;
  
  based on key data stored in advance in a memory and the identification information, generating new key data;
  
  based on the generated key data, decrypting the firmware corresponding to the identification information;
  
  disabling generation of key data in the generation of the key data; and
  
  starting the decrypted firmware;
  
  reading the firmware;
  
  whereinin the acquisition of the identification information, the identification information of the read firmware is acquired,in the acquisition of the identification information, identification information described in a header of the firmware read in the reading of the firmware is acquired as the acquired identification information of the firmware, andin the generation of the key data, based on the key data stored in advance in the memory and the identification information described in the header, new key data is generated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nintendo Company Limited
Original Assignee
Nintendo Company Limited
Inventors
Murakami, Yutaka, Hatamoto, Minoru, Shirai, Tatsuhiro
Primary Examiner(s)
Okeke, Izunna

Application Number

US14/874,799
Publication Number

US 20160103994A1
Time in Patent Office

1,058 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/572 Secure firmware programming...

G06F 2221/2109 Game systems

Storage medium having stored therein boot program, information processing apparatus, information processing system, information processing method, semiconductor apparatus, and storage medium having stored therein program

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

10 Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

Storage medium having stored therein boot program, information processing apparatus, information processing system, information processing method, semiconductor apparatus, and storage medium having stored therein program

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links