TW201901407A - Method for updating firmware of data storage device - Google Patents

Abstract

A firmware updating method of a data storage device includes: obtaining a predetermined sorting mechanism from a efuse wherein the efuse is arranged within a controller of the data storage device; obtaining a firmware package; obtaining a first sorting hash data from the firmware package; performing a hash calculation on a firmware data of the firmware package to obtain a second hash data; performing the predetermined hash mechanism on the second hash data to generate a second sorting hash data; and if the first sorting hash data is identical to the second sorting hash data, updating the firmware of the data storage device by the firmware data.

Description

 Method for firmware update of data storage device  

The invention relates to a data storage device and a data storage method, in particular to a data storage device and a data storage method capable of effectively authenticating firmware data.

Flash memory is a popular non-volatile data storage device that is electrically erased and programmed. For example, non-NAND flash memory (NAND FLASH) is often used as a memory card, a universal flash memory device, a solid-state hard disk (SSD), embedded flash memory. Body module (eMMC), universal flash memory (UFS), etc.

In general, data storage devices can improve their performance and reliability by upgrading firmware. The firmware update ensures that the data storage device remains up-to-date and ensures compatibility. However, if the data storage device is updated with an error or an illegal firmware, the data storage device may not be able to perform operations such as reading or writing normally, or even cause damage to the data storage device. Therefore, there is a need for a data storage device and data storage method that can efficiently and conveniently authenticate firmware data to ensure that the updated firmware data is legal and correct.

In order to solve the above problems, the present invention provides a data storage device and a data storage method capable of efficiently and conveniently authenticating firmware data to ensure that the updated firmware information is updated.

In detail, the present invention provides a secure hashing mechanism and a predetermined sorting mechanism for accurately detecting whether the firmware information to be installed is legal and correct. First, the secure hash mechanism encrypts and compresses the firmware data to produce hash data. The predetermined sorting mechanism then reorders the hashed data and stores it at a particular location in the data storage device. The predetermined ordering mechanism described above is set by the manufacturer of the data storage device. By judging whether the firmware information to be installed and the related hash data are the same as the sorting hash data, it is possible to detect whether the firmware information to be installed is correct and legally certified by the manufacturer of the data storage device. Body data. According to the data storage device and the data storage method of the present invention, it is possible to determine whether the firmware data is correct and legal, so as to prevent the data storage device from being maliciously damaged.

An embodiment of the present invention provides a method for updating a firmware of a data storage device, comprising: obtaining a predetermined sorting mechanism from an electronic fuse, wherein the electronic fuse is disposed inside a controller of the data storage device Obtaining a firmware packet; obtaining a first sorting hash data from the firmware packet; performing a hash calculation on the firmware information in the firmware packet to obtain a second hash data; and executing the second hash data The predetermined sorting mechanism generates a second sorted hash data; and if the first sorted hash data is identical to the second sorted hash data, the firmware update of the data storage device is performed with the firmware data.

An embodiment of the present invention provides a method for updating a firmware of a data storage device, comprising: obtaining a predetermined sorting mechanism from an electronic fuse, wherein the electronic fuse is disposed inside a controller of the data storage device Obtaining a firmware packet; obtaining a plurality of first sorter hash data from the firmware packet; and dividing a firmware data in the firmware packet into a plurality of firmware information according to a predetermined segmentation mechanism; Performing a hash calculation on the plurality of sub-mesh data to obtain a plurality of sub-heap data; performing a predetermined sorting mechanism on each of the sub-heap data to generate a plurality of second sorted hash data; and if the first sorting hash data Similar to the second sorter hash data, the firmware update of the data storage device is performed using the firmware data.

An embodiment of the present invention provides a method for updating a firmware of a data storage device, comprising: obtaining a predetermined sorting mechanism from an electronic fuse, wherein the electronic fuse is disposed inside a controller of the data storage device Obtaining a firmware packet; obtaining a plurality of first sorter hash data from the firmware packet; and dividing a firmware data in the firmware packet into a plurality of firmware information according to a predetermined segmentation mechanism; Performing a data compression calculation and a hash calculation to obtain a plurality of sub-heap data; performing a predetermined ordering mechanism on each of the sub-heap data to generate a plurality of second sort sub-heap data; and if the A sorted hashed data is identical to the second sorted hashed data, and the firmware of the data storage device is updated with the firmware data.

Other data and storage methods disclosed in the method of the present invention can be made by those skilled in the art without departing from the spirit and scope of the present invention.

10A, 10A-1, 10A-2, 10A-3, 10A-4, 20A‧‧‧ firmware data

10B, 10B-1, 10B-2, 10B-3, 10B-4, 10B-5, 10B-6, 10B-7, 20B‧‧‧ hash information

10C, 10C-1, 10C-2, 10C-3, 10C-4, 10C-5, 20C‧‧‧ Sorting hash data

10D‧‧‧Other Information

10X‧‧‧ firmware package

100‧‧‧ data storage device

120‧‧‧ Controller

122‧‧‧Electronic fuse area

122-1 to 122-8‧‧‧Specific areas

140‧‧‧Flash memory

160-16N‧‧‧ Block

160A, 160Z...16NA, 16NZ‧‧‧ pages

180‧‧‧ Random access memory

200‧‧‧Host

300‧‧‧Safety hash mechanism

320‧‧‧Predetermined sorting mechanism

340‧‧‧Scheduled segmentation mechanism

360‧‧‧Pre-recompression mechanism

The full disclosure is based on the following detailed description and in conjunction with the drawings. It should be noted that the illustrations are not necessarily drawn to scale in accordance with the general operation of the industry. In fact, the size of the components may be arbitrarily enlarged or reduced for a clear explanation.

1 is a schematic diagram showing a data storage device and a host according to an embodiment of the invention; FIG. 2A is a schematic diagram showing a data storage method for authenticating firmware data according to an embodiment of the invention; 2B is a schematic diagram showing a data storage method for authenticating firmware data according to another embodiment of the present invention; FIG. 2C is a schematic diagram showing firmware data according to an embodiment of the present invention; A schematic diagram of a data storage method for authenticating firmware data according to an embodiment of the invention; and FIG. 4 is a diagram showing a data storage method for authenticating firmware data according to another embodiment of the present invention. FIG. 5A is a schematic diagram showing an electronic fuse region for authenticating firmware data according to an embodiment of the invention.

FIG. 5B is a schematic diagram showing an electronic fuse region for authenticating firmware data according to another embodiment of the present invention.

Figure 6 is a flow chart showing a method of storing data for authenticating firmware data according to an embodiment of the invention.

Figure 7 is a flow chart showing a method of storing data for authenticating firmware data according to another embodiment of the present invention.

Figure 8 is a flow chart showing a method of storing data for authenticating firmware data according to another embodiment of the present invention.

Figure 9 is a diagram showing a data storage method for authenticating firmware data according to another embodiment of the present invention.

In order to make the objects, features and advantages of the present invention more comprehensible, the specific embodiments of the invention are set forth in the accompanying drawings. The intention is to illustrate the spirit of the invention and not to limit the scope of the invention, it being understood that the following embodiments can be implemented by software, hardware, firmware, or any combination of the above.

1 is a schematic diagram showing a data storage device 100 and a host 200 according to an embodiment of the invention. In one embodiment, the data storage device 100 includes a controller 120, a non-volatile memory, and a random access memory (RAM) 180. Controller 120 includes an electronic efuse region 122. The data storage device 100 is coupled to the host 200 for transmitting data and instructions, or for receiving data and instructions. The non-volatile memory can be a NAND Flash, a Magnetoresistive RAM, a Ferroelectric RAM, or a Resistive memory. RAM, RRAM), Spin Transfer Torque-RAM (STT-RAM), etc., so that data can be saved for a long time. In the following description, the flash memory 140 will be described as an example, but not limited thereto. The data storage device 100 conforms to specifications of communication standards such as embedded flash memory module (eMMC) specifications, general flash memory (UFS), serial ATA (SATA), or non-volatile fast memory (NVMe). The host computer 200 can be various electronic products such as a mobile phone, a tablet computer, a notebook computer, a navigation machine, or an in-vehicle system.

As shown in FIG. 1 , the controller 120 is coupled to the flash memory 140 and the random access memory 180 . The random access memory 180 is used for temporarily storing and prefetching the data required by the controller 120, or for temporarily storing the data that the host 200 is to write to the flash memory 140 to speed up the access time of the data storage device 100. . The controller 120 performs a read operation on the flash memory 140 by controlling the flash memory 140 to perform a read operation in units of clusters. In addition, the controller 120 is coupled to the flash memory 140 to transmit data and instructions or receive data and instructions to each other.

The electronic fuse area 122 primarily stores important information about the security and access operations of the data storage device 100, such as a second key used to decode the first key. In the normal mode of operation, only the controller 120 can read the data stored in the electronic fuse area 122. In the debug mode, the electronic fuse area 122 is turned off/screened to prevent reading. It is to be noted that the firmware data is written to the electronic fuse area 122 at one time.

Flash memory 140 includes a plurality of blocks 160-16N, N being a positive integer, such as 2048. In detail, each of the blocks 160-16N further includes a plurality of physical pages 160A-16NZ, and A and Z are positive integers, for example, A=0 and Z=256. Block 160 includes physical pages 160A-160Z, and block 16N includes physical pages 16NA~16NZ. When the controller 120 performs a data writing or storing operation on the flash memory 140, the controller 120 performs a data writing or stylization operation by controlling the flash memory 140 in units of physical pages.

For flash memory 140, each of its physical pages 160A-16NZ has a different physical address. In other words, each of the physical pages 160A~16NZ has one physical address, and the physical addresses of each of the physical pages 160A~16NZ are different. When the data storage device 100 performs a write operation, the controller 120 determines a physical address of the flash memory 140 to write or store data. In addition, the controller 120 records the mapping relationship between the physical address and the logical address of the data, and the record is stored in the mapping table H2F. Therefore, for the host 200, the host 200 reads or writes the data stored in the logical storage address of the data storage device 100 by using the logical address.

FIG. 2A is a schematic diagram showing a data storage method for authenticating firmware data according to an embodiment of the invention. The firmware data 10A is generated by a compiler. Next, as shown in FIG. 2A, the firmware data 10A generates a hash data 10B by a Secure Hash Algorithm (SHA) 300. For example, the firmware data 10A is operated by SHA-256 to generate a 256-bit length hash data 10B. It is to be noted that the above SHA is for illustrative purposes only and is not intended to limit the invention.

In one embodiment, the controller 120 receives the firmware data 10A and performs a secure hashing mechanism 300 on the firmware data 10A to generate and receive the hash data 10B. In another embodiment, the firmware data 10A is subjected to a secure hash mechanism 300 by other devices (e.g., host 200) to generate hash material 10B, and controller 120 receives the hash data 10B.

In an embodiment, the controller 120 divides the hash data 10B into a plurality of data groups, and sorts the data groups by a predetermined sorting mechanism 320 to generate sorting hash data 10C. The predetermined ordering mechanism 320 is stored in the electronic fuse area 122 of the controller 120. For example, the size of the hash data 10B is 8 bytes, and its contents are as follows:

Table 1 shows the data for each tuple of the hash data 10B. In an embodiment, the controller 120 groups the above 8 byte data to generate a plurality of data groups. For example, the size of each data group is 1 byte, that is, each 1 byte of data becomes a data group. In another embodiment, each data group has a size of 2 bytes, that is, two 1 byte data is a data group. For example, 0x54 and 0x47 in Table 1 are a data group, and 0x28 and 0x00 in Table 1 are another data group. It is to be noted that the size of the above data group is for illustration only and is not intended to limit the invention. Those skilled in the art will be able to set other sizes of data groups in accordance with the teachings of the present invention without departing from the spirit and scope of the present invention.

In this embodiment, the size of the hash material 10B is 8 bytes, and in another embodiment, the size of the hash material 10B is 32 bytes. If a more complex secure hash mechanism 300 is used with the predetermined sorting mechanism 320, or otherwise using other mechanisms (e.g., a predetermined splitting mechanism or a predetermined recompression mechanism), the e-fuse zone 122 requires a larger storage capacity to store the above mechanism. The predetermined division mechanism and the predetermined recompression mechanism described above will be described in detail in FIGS. 3 and 4, respectively.

In this embodiment, each 1 byte of data becomes a data group. In other words, 0x54 in Table 1 is a data group, and 0x28 is another data group. Then, the hash data 10B is sorted by the predetermined sorting mechanism 320 in units of data groups, and the sorting hash data 10C is generated. It is to be noted that the predetermined ordering mechanism 300 is stored in the electronic fuse area 122 in a tabular manner. For example, the predetermined ordering mechanism 300 is as shown in Table 2:

The predetermined sorting mechanism 320 changes the address of the content of the hash material 10B. As shown in FIG. 9, 0x54 is changed from the position of Byte 6 to the position of Byte 5, and 0x28 is changed from the position of Byte 4 to the position of Byte 1, 0x47 The position of Byte 2 is changed to the position of Byte 0, and finally the sorting hash data 10C is generated.

In detail, the data storage method of the present invention provides a dual protection mechanism, namely a security hash mechanism 300 and a predetermined ordering mechanism 320. The hash data 10B generated by the secure hash mechanism 300 (as shown in Table 1) is rearranged into sorted hash data 10C (as shown in Table 3) by a predetermined sorting mechanism 320. If a third person wants to update the illegal firmware information to the data storage device 100, the hash data generated by the above illegal firmware data through other security hash mechanisms will be different from the sorted hash data 10C of the present case. Therefore, the controller 120 can determine that the hash data is illegal and refuse to install or update the illegal firmware data to the data storage device 100.

2B is a schematic diagram showing a data storage method for authenticating firmware data according to another embodiment of the present invention. In this embodiment, the sorting hash data 10C forms a firmware packet 10X with the firmware data 10A. The predetermined sorting mechanism 320 then reverse sorts the sorted hash data 10C to produce the hash material 10B.

In one embodiment, the manner in which the hash data 10B is generated or the storage location is set by the manufacturer of the data storage device 100. Since the third person is not aware of the manner in which the hash data 10B is generated or the storage location, the controller 120 can detect whether the other firmware data is legal and correct. Therefore, the data storage method of the present invention can avoid installing or updating illegal firmware data to ensure that the data storage device 100 is not maliciously damaged.

In one embodiment, the predetermined ordering mechanism 320 is set by the manufacturer of the data storage device 100. For example, the third person learns the security hash mechanism 300 from the illegal means, and knows the storage location of the hash data 10B, and forms another firmware file and the hash data 10B into a firmware package, and the intention is that it is illegal. The other firmware data is updated to the data storage device 100. Since the third person does not know the predetermined sorting mechanism 320, the firmware packet contains the hashed material 10B instead of the sorted hash data 10C generated by the predetermined sorting mechanism 320. Therefore, the controller 120 can easily determine the difference between the sorted hash data 10C and the hash data 10B, thereby determining that the firmware information is illegal, and refuses to install or update the illegal firmware data to the data storage device 100. In order to prevent the data storage device 100 from being maliciously damaged.

2C is a schematic diagram showing firmware data according to an embodiment of the present invention. As shown in FIG. 2C, in an embodiment, the sorting hash data 10C is stored on the firmware data 10A. In addition, under the firmware data 10A, other materials related to the firmware 10D are stored. In other words, the firmware package 10X includes the firmware data 10A, the sorted hash data 10C, and other materials 10D. For example, other data 10D includes the firmware version, the version of the security hash mechanism 300, and other security information that the customer wants to store. It is conceivable that the sorting hash data 10C can also be stored under the firmware data 10A.

When the data storage device 100 receives the firmware package 10X, the controller 120 executes a secure hash mechanism 300 on the firmware data 10A of the firmware package 10X to obtain the hash data 20B, and then executes the predetermined sorting mechanism 320 to obtain the sorted hash data. 20C. In one embodiment, the controller 120 compares the sorted hash data 20C and the sorted hash data 10C stored by the firmware package 10X. If the comparison result is the same, it means that the firmware data 10A is legally correct. If the comparison result is different, it means that the firmware data 10A is illegal.

In another embodiment, when the storage device 100 receives the firmware package 10X, the controller 120 performs a secure hash mechanism 300 on the firmware data 10A of the firmware package 10X to obtain the hash data 20B. Then, the controller 120 performs a reverse predetermined sorting mechanism 320 on the sorted hash data 10C stored by the firmware packet 10X to obtain the hash data 10B. Then, the controller 120 compares the hash data 20B and the hash data 10B stored in the firmware package 10X. If the comparison result is the same, it means that the firmware data 10A is legally correct. If the comparison result is different, it means that the firmware data 10A is illegal.

3 is a schematic diagram showing a data storage method for authenticating firmware data according to an embodiment of the invention. In this embodiment, the data storage method further includes a predetermined segmentation mechanism 340 to facilitate authentication of the firmware data and improve security. As shown in FIG. 3, the predetermined segmentation mechanism 340 divides the firmware data 10A into four firmware data 10A-1, 10A-2, 10A-3, and 10A-4 (ie, child firmware data). In other words, the sum of the four firmware data 10A-1, 10A-2, 10A-3, and 10A-4 is the original firmware data 10A.

It is to be noted that the above four firmware data 10A-1~10A-4 are divided for illustration only and are not intended to limit the present invention. Those skilled in the art having the knowledge of the present invention are divided into other quantities of firmware data in accordance with the teachings of the present invention without departing from the scope of the present invention.

Then, the secure hash mechanism 300 performs a hash operation on the four firmware files 10A-1, 10A-2, 10A-3, and 10A-4, respectively, and generates four hash data 10B-1, 10B-2, and 10B-3, respectively. And 10B-4 (that is, sub-blind information). The sum of the four hash materials 10B-1, 10B-2, 10B-3, and 10B-4 is the hash data 10B.

In an embodiment, the predetermined ordering mechanism 320 sorts the four hash data 10B-1, 10B-2, 10B-3, and 10B-4, respectively, and generates four sorting hash data 10C-1, 10C-2, respectively. 10C-3 and 10C-4. The sum of the four sorting hash data 10C-1, 10C-2, 10C-3, and 10C-4 is the sorting hash data 10C. In another embodiment, the predetermined ranking mechanism 320 sorts all of the four hash materials 10B-1, 10B-2, 10B-3, and 10B-4 simultaneously, resulting in one sorted hash data 10C.

4 is a schematic diagram showing a data storage method for authenticating firmware data according to another embodiment of the present invention. In this embodiment, the data storage method further includes a predetermined recompression mechanism 360 for performing two or more encryptions and compressions on the firmware data 10A to facilitate the authentication of the firmware data 10A and improve security. As shown in FIG. 4, the predetermined segmentation mechanism 340 divides the firmware data 10A into four firmware files 10A-1, 10A-2, 10A-3, and 10A-4.

Then, the predetermined recompression mechanism 360 performs an arrangement of multiple compression (i.e., more than two encryption and compression) on the four firmware files 10A-1, 10A-2, 10A-3, and 10A-4. As shown in FIG. 4, the predetermined recompression mechanism 360 arranges the firmware data 10A-1 and 10A-2 into one group, and arranges the firmware data 10A-3 and 10A-4 as another group. Then, the two sets of firmware data are encrypted and compressed by the secure hash mechanism 300, respectively, and two hash data 10B-5 and 10B-6 (first sub-heap data) are generated respectively. In other words, the hash data 10B-5 is generated by the firmware data 10A-1 and 10A-2, and the hash data 10B-6 is produced by the firmware data 10A-3 and 10A-4.

Then, as shown in Fig. 4, the two hash data 10B-5 and 10B-6 are compressed by the secure hash mechanism 300 for the second time, and the hash data 10B-7 (second sub-mesh data) is generated. Then, in this embodiment, the predetermined ordering mechanism 320 sorts the hashed material 10B-7 to produce 1 sorted hash material 10C-5. Since this embodiment uses more than two security compression mechanisms 300, the reliability and accuracy of identifying the firmware data can be further improved.

It is to be noted that the division of the above four firmware data 10A-1~10A-4 and the second compression are for illustration only, and are not intended to limit the present invention. Those skilled in the art will be able to divide into other quantities of firmware data or perform other times of encryption and compression according to the content of the present invention without departing from the scope of the present invention.

Figure 5A is a schematic diagram showing an electronic fuse region 122 for authenticating firmware data in accordance with an embodiment of the present invention. In one embodiment, the e-fuse region 122 includes a plurality of specific regions 122-1 through 122-8 for storing specific data, respectively. As shown in FIG. 5A, the predetermined ordering mechanism 320 is stored in the specific area 122-1. In other words, the specific area 122-1 can only be used to store the predetermined ordering mechanism 320, and cannot store other mechanisms or other materials. Moreover, the predetermined ordering mechanism 320 described above is written to the electronic fuse area 122 at one time and can only be read by the controller 120.

FIG. 5B is a schematic diagram showing an electronic fuse region for authenticating firmware data according to another embodiment of the present invention. In some embodiments, the data storage method includes a predetermined segmentation mechanism 340 and a predetermined recompression mechanism 360 in addition to the predetermined ordering mechanism 320. It should be noted that if one or more of the above mechanisms are more complicated, more than two specific areas may be used to store one mechanism. As shown in FIG. 5B, the predetermined ordering mechanism 320 is stored in the specific area 122-1, the predetermined segmentation mechanism 340 is stored in the specific area 122-2, and the predetermined recompression mechanism 360 is stored in the specific area 122-3.

Figure 6 is a flow chart showing a method of storing data for authenticating firmware data according to an embodiment of the invention. In step S602, the controller 120 reads the predetermined ordering mechanism 320 from the electronic fuse area 122. Then, in step S604, the controller 120 obtains the firmware data and the related first sorting hash data, wherein the firmware data and the first sorting hash data are taken from the firmware packet. In step S606, the controller 120 executes a secure hash mechanism 300 on the firmware data to generate second hash data. In step S608, the controller 120 performs a predetermined sorting mechanism 320 on the second hash data to generate second sorting hash data. In step S610, the controller 120 determines whether the second sorting hash data is identical to the first sorting hash data. If the comparison result is no, step S614 is executed to suspend execution of the data storage method for authenticating the firmware data of the present invention. If the comparison result is yes, step S612 is executed, and the controller 120 performs firmware update on the data storage device 100 with the firmware data. Therefore, in step S610, by determining whether the second sorting hash data is identical to the first sorting hash data obtained in step S604, it is possible to detect whether the firmware information to be installed is the manufacturing of the data storage device 100. The correct legal firmware information certified by the firm. According to the data storage device and the data storage method of the present invention, it is possible to determine whether the firmware data is correct and legal to protect the data storage device 100.

In another embodiment, step S608 is further variable. The controller 120 performs a reverse predetermined ordering mechanism 320 on the first sorted hash data to generate the first hash data. The step S610 is further variable to determine whether the second hash data is the same. In the first hash information. The main difference between this embodiment and the above embodiment is the reason why the target of the predetermined sorting mechanism 320 is executed and the manner of execution. If the target is the second hashed material, a predetermined sorting mechanism 320 is performed on the second hashed material. If the target is the first sorted hash material, a reverse predetermined sorting mechanism 320 is performed on the first sorted hash material. The remaining steps are the same.

Figure 7 is a flow chart showing a method of storing data for authenticating firmware data according to another embodiment of the present invention. In step S702, the controller 120 obtains a predetermined ordering mechanism 320 from the electronic fuse area 122. In step S704, the controller 120 receives the firmware data and the first sorting hash data, wherein the firmware data and the first sorting hash data are taken from the firmware packet, and the first sorting hash data includes the first first sub-sorting. Hash data. In step S706, the controller 120 divides the firmware data into a plurality of second child firmware data by a predetermined segmentation mechanism. In step S708, the controller 120 performs a secure hashing mechanism 300 on each of the plurality of second child firmware data to generate a plurality of second sub-heap data. In step S710, the controller 120 performs a predetermined ordering mechanism 320 on each of the second sub-heap data to generate a plurality of second sorter hash data. In step S712, the controller 120 determines whether the second sorter hash data is identical to the first sorter hash data. If the result of the comparison is no, the execution of the data storage method for authenticating the firmware data of the present invention is suspended. If the comparison result is yes, step S714 is executed, and the controller 120 performs firmware update on the data storage device 100 with the firmware data.

Figure 8 is a flow chart showing a method of storing data for authenticating firmware data according to another embodiment of the present invention. In this embodiment, steps S802 to S806 are the same as steps S702 to S706 of FIG. 7, and therefore are not described herein again. In step S808, the controller 120 performs a predetermined recompression mechanism 360 and a secure hash mechanism 300 for each of the plurality of second child firmware data to generate a plurality of second sub-heap data. The predetermined recompression mechanism 360 is stored in a third specific area of the electronic fuse area 122.

Then, in step S810, the controller 120 executes a secure hashing mechanism 300 for each of the second sub-heap data to generate a third sub-heap material. In step S812, the controller 120 performs a predetermined ordering mechanism 320 on the third sub-heap material to generate a second sorted sub-heap material. In step S814, the controller 120 determines whether the second sorter hash data is the same as the first sorter hash data. If the comparison result is no, step S818 is performed to suspend execution of the data storage method for authenticating the firmware data of the present invention. If the comparison result is yes, then step S816 is performed, and the controller 120 performs firmware update on the data storage device 100 with the firmware data.

In another embodiment, the firmware data 10A may also encrypt the firmware data 10A by using an encryption mechanism, such as an Advanced Encryption Standard (AES) or an RSA encryption algorithm to generate the encrypted data 10B. .

The method of the invention, or a particular type or portion thereof, may exist in the form of a code. The code can be stored in a physical medium such as a floppy disk, a CD, a hard disk, or any other machine readable (such as computer readable) storage medium, or is not limited to an external form of computer program product, wherein When the code is loaded and executed by a machine, such as a computer, the machine becomes a device for participating in the present invention. The code can also be transmitted via some transmission medium, such as a wire or cable, fiber optics, or any transmission type, where the machine becomes part of the program when it is received, loaded, and executed by a machine, such as a computer. Invented device. When implemented in a general purpose processing unit, the code combination processing unit provides a unique means of operation similar to application specific logic.

The ordinal numbers in this specification and the scope of the patent application, such as "first", "second", "third", etc., have no sequential relationship with each other, and are only used to indicate that two are identical. Different components of the name. The term "coupled" in this specification refers to a variety of direct or indirect electrical connections. The present invention has been described above with reference to the preferred embodiments thereof, and is not intended to limit the scope of the present invention, and the invention may be modified and modified without departing from the spirit and scope of the invention. The scope of the invention is defined by the scope of the appended claims.

Claims (11)

 A method for updating a firmware of a data storage device, comprising: obtaining a predetermined sorting mechanism from an electronic fuse, wherein the electronic fuse is placed inside a controller of the data storage device; obtaining a firmware package; The firmware packet obtains a first sorting hash data; performing a hash calculation on a firmware data in the firmware packet to obtain a second hash data; and performing the predetermined sorting mechanism on the second hash data to generate a first And sorting the hash data; and if the first sorting hash data is identical to the second sorting hash data, performing firmware update of the data storage device with the firmware data.    The firmware update method of claim 1, wherein the firmware package is obtained from a memory device.    The firmware updating method according to claim 1, wherein the predetermined sorting mechanism adjusts a sequence of the plurality of data groups in the second hash data.    The firmware update method of claim 1, wherein the first sorted hash data has the same data length as the second sorted hash data.    The firmware update method of claim 1, wherein the firmware data is stored in a memory device of the data storage device to complete firmware update of the data storage device.    A method for updating a firmware of a data storage device, comprising: obtaining a predetermined sorting mechanism from an electronic fuse, wherein the electronic fuse is placed inside a controller of the data storage device; obtaining a firmware package; The firmware packet obtains a plurality of first sorter hash data; the firmware data in the firmware packet is segmented into a plurality of firmware data according to a predetermined segmentation mechanism; and a hash is performed on each of the child firmware data Calculating to obtain a plurality of sub-heap data; performing the predetermined sorting mechanism on each of the sub-heap data to generate a plurality of second sorting sub-heap data; and if the first sorting hash data is identical to the second sorting The hash data is used to update the firmware of the data storage device with the firmware data.    The firmware update method of claim 6, wherein the firmware package is obtained from a memory device.    The firmware updating method according to claim 6, wherein the predetermined sorting mechanism adjusts a sequence of the plurality of data groups in each of the sub-heap data.    The firmware update method of claim 6, wherein each of the first sorted hash data has the same data length as each of the second sorted hash data.    The firmware update method of claim 6, wherein the firmware data is stored in a memory device of the data storage device to complete firmware update of the data storage device.    A method for updating a firmware of a data storage device, comprising: obtaining a predetermined sorting mechanism from an electronic fuse, wherein the electronic fuse is placed inside a controller of the data storage device; obtaining a firmware package; The firmware packet obtains a plurality of first sorter hash data; the firmware data in the firmware packet is segmented into a plurality of firmware data according to a predetermined segmentation mechanism; and a data is performed on each of the child firmware data Compressing a calculation and a hashing calculation to obtain a plurality of sub-heap data; performing the predetermined sorting mechanism on each of the sub-heap data to generate a plurality of second sorting hash data; and if the first sorting hash data is the same The second sorting sub-mesh data is used to perform firmware update of the data storage device.