公开(公告)号：US20170093586A1

公开(公告)日：2017-03-30

申请号：US14865448

申请日：2015-09-25

Applicant: QUALCOMM Incorporated

Inventor： Maria MIRANDA ,  Qazi BASHIR ,  Satyajit PATNE ,  Ron KEIDAR

IPC: H04L9/32

CPC classification number: H04L9/3268 ,  H04L9/3236 ,  H04L9/3247 ,  H04L9/3263 ,  H04L2209/38 ,  H04W12/04

Abstract: Techniques for managing certificates on a computing device are provided. An example method according to these techniques includes receiving an image file comprising a hash value of a certificate on which a certificate action is to be performed, the certificate action being a revocation action or an activation action, the image file having been signed by a signing certificate, determining whether the image file has been signed by a valid certificate by comparing a hash value of the signing certificate to a plurality of hash values associated with certificates stored in a one-time programmable memory of the computing device, and performing the certificate action, responsive to the image file having been signed by the valid certificate and the certificate on which the certificate action is to be performed having been found in the memory, by setting a value of an indicator associated with the certificate in the memory.

公开(公告)号：US20180330095A1

公开(公告)日：2018-11-15

申请号：US15631575

申请日：2017-06-23

Applicant: QUALCOMM Incorporated

Inventor： Dhamim PACKER ALI ,  Dhaval PATEL ,  Justin Yongjin KIM ,  Maria MIRANDA ,  Cory David FEITELSON ,  Eric TASESKI

IPC: G06F21/57 ,  G06F15/78 ,  H04L9/32 ,  G06F21/44

CPC classification number: G06F21/575 ,  G06F8/65 ,  G06F15/76 ,  G06F15/781 ,  G06F21/44 ,  G06F21/51 ,  G06F21/572 ,  G06F21/64 ,  G06F2221/033 ,  H04L9/0643 ,  H04L9/0891 ,  H04L9/3236 ,  H04L9/3247 ,  H04L2209/12

Abstract: Various additional and alternative aspects are described herein. In some aspects, the present disclosure provides a method of authenticating executable images in a system-on-chip (SoC), the method comprising: storing a plurality of executable images; storing, as separate from the plurality of executable images, a signed image of hashes comprising a plurality of hashes corresponding to the plurality of executable images and a first signature; authenticating the signed image of hashes based on the first signature; and using a first hash of the plurality of hashes to authenticate a first executable image of the plurality of executable images when the signed image of hashes passes authentication.