公开(公告)号：US20130091353A1

公开(公告)日：2013-04-11

申请号：US13564643

申请日：2012-08-01

申请人： Jiang Zhang ,  Alexander Medvinsky ,  Kwan Chen ,  Paul Moroney ,  Petr Peterka

发明人： Jiang Zhang ,  Alexander Medvinsky ,  Kwan Chen ,  Paul Moroney ,  Petr Peterka

IPC分类号： H04L9/32 ,  H04L9/08

CPC分类号： H04L9/3268 ,  H04L9/0825 ,  H04L9/083 ,  H04L2209/16

摘要： A method and apparatus are for transferring a client device certificate and an associated encrypted client private key to a client device from a secure device. The secure device receives over a secure connection, a secure device certificate, a secure device private key and a plurality of client device certificates. Each client certificate is associated with a bootstrap public key but is not assigned to any particular client device. A plurality of encrypted client private keys is also received. Each of the encrypted client private keys comprises a client private key associated with one of the client device certificates encrypted with the bootstrap public key. The plurality of client device certificates is stored. The encrypted client private keys are stored in double encrypted protected form. A client device certificate and an associated encrypted client private key are transferred to a client device that has successfully registered with the secure device.

摘要翻译： 一种方法和装置用于将客户端设备证书和相关联的加密的客户端私钥从安全设备传送到客户端设备。 安全设备通过安全连接，安全设备证书，安全设备私钥和多个客户端设备证书接收。 每个客户端证书与引导公钥相关联，但不分配给任何特定的客户端设备。 还接收多个加密的客户端私钥。 每个加密的客户端专用密钥包括与用引导公钥加密的客户端设备证书之一相关联的客户端专用密钥。 存储多个客户端设备证书。 加密的客户端私钥以双加密保护形式存储。 客户端设备证书和相关联的加密客户端私钥被传送到已经成功地向安全设备注册的客户端设备。