-
公开(公告)号:US11283626B2
公开(公告)日:2022-03-22
申请号:US16331055
申请日:2016-09-06
Applicant: Huawei Technologies Co., Ltd.
Inventor: Gang Lian , Sampo Sovio , Taisheng Deng , Xiaopu Wang , Zongbo Ye
Abstract: An apparatus including a processor and a memory, where the processor and the memory are configured to provide a secure execution environment and the memory stores a hardware unique key and a class key. The processor is configured to recover, in the secure execution environment, a certificate signing key based on the class key, where the certificate signing key is associated with a certificate authority. The processor is further configured to derive a device key pair based on the hardware unique key, where the device key pair includes a device public key and a device private key, and generate a device certificate based on the device public key and the certificate signing key. The generated device certificate is configured to be validated based on a public key associated with the certificate authority.
-
公开(公告)号:US20190238342A1
公开(公告)日:2019-08-01
申请号:US16331055
申请日:2016-09-06
Applicant: Huawei Technologies Co., Ltd.
Inventor: Gang Lian , Sampo Sovio , Taisheng Deng , Xiaopu Wang , Zongbo Ye
CPC classification number: H04L9/3263 , H04L9/0894 , H04L9/321 , H04L63/0823 , H04L2209/64 , H04L2209/80 , H04L2463/061
Abstract: An apparatus including a processor and a memory, where the processor and the memory are configured to provide a secure execution environment and the memory stores a hardware unique key and a class key. The processor is configured to recover, in the secure execution environment, a certificate signing key based on the class key, where the certificate signing key is associated with a certificate authority. The processor is further configured to derive a device key pair based on the hardware unique key, where the device key pair includes a device public key and a device private key, and generate a device certificate based on the device public key and the certificate signing key. The generated device certificate is configured to be validated based on a public key associated with the certificate authority.
-