公开(公告)号：US20170109533A1

公开(公告)日：2017-04-20

申请号：US15335101

申请日：2016-10-26

Applicant: GOOGLE INC.

Inventor： Gaurav SHAH ,  William A. DREWRY ,  Randall SPANGLER ,  Ryan TABONE ,  Sumit GWALANI ,  Luigi SEMENZATO

IPC: G06F21/57 ,  G06F21/64 ,  H04L9/30 ,  H04L9/32

CPC classification number: G06F21/575 ,  G06F21/554 ,  G06F21/64 ,  G06F21/74 ,  H04L9/30 ,  H04L9/3236 ,  H04L9/3247

Abstract: Methods and apparatus for verifying a boot process of a computing system are disclosed. An example computer-implemented method includes reading, by a computing system during a boot process, a header section of a read-write portion of firmware of the computing system. The example method further includes generating, using a first cryptographic hash algorithm, a message digest corresponding with the header. The example method also includes decrypting, using a first public-key, an encrypted signature corresponding with the header. The example method still further includes comparing the message digest corresponding with the header and the decrypted signature corresponding with the header. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header match, the example method includes continuing the boot process. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header do not match, the example method includes halting the boot process.