Abstract: A software verification method and apparatus are provided. The method includes: reading flag information, where the flag information is used to indicate a target digital certificate; selecting one of a plurality of digital certificates as a target digital certificate based on the flag information, where the plurality of digital certificates include a first digital certificate and a second digital certificate, and the target digital certificate includes a cryptographic resource; and verifying software deployed on a device based on the cryptographic resource. Using the foregoing technical solution can ensure continuity of the software verification service in the device.

Abstract: A hardware detection method includes sending first verification data to a physical carrier, where the physical carrier carries a plurality of pieces of hardware; receiving a ciphertext and binding relationship information from the physical carrier, where the ciphertext is obtained after at least two of the pieces of hardware respectively encrypt the first verification data using respective keys, and where the binding relationship information indicates a binding relationship between the at least two pieces of hardware; verifying the ciphertext and the binding relationship information; and determining security of the at least two pieces of hardware based on a verification result.

Abstract: This application discloses a method for performing secure boot based on a redundant cryptographic algorithm and a device. The method includes: obtaining first indication information and second indication information, and updating first baseline information based on the first indication information and the second indication information. The first indication information uniquely identifies a first cryptographic algorithm, the second indication information is used to instruct a network device to update the first cryptographic resource baseline information stored in a secure storage entity, and the first cryptographic resource baseline information is used to perform integrity verification on a first cryptographic resource used by the network device in a secure boot process.

Abstract: This application discloses a method for performing secure boot based on a redundant cryptographic algorithm and a device. The method includes: obtaining first indication information and second indication information, and updating first baseline information based on the first indication information and the second indication information. The first indication information uniquely identifies a first cryptographic algorithm, the second indication information is used to instruct a network device to update the first cryptographic resource baseline information stored in a secure storage entity, and the first cryptographic resource baseline information is used to perform integrity verification on a first cryptographic resource used by the network device in a secure boot process.

Abstract: A software verification method and apparatus are provided. The method includes: reading flag information, where the flag information is used to indicate a target digital certificate; selecting one of a plurality of digital certificates as a target digital certificate based on the flag information, where the plurality of digital certificates include a first digital certificate and a second digital certificate, and the target digital certificate includes a cryptographic resource; and verifying software deployed on a device based on the cryptographic resource. Using the foregoing technical solution can ensure continuity of the software verification service in the device.

Abstract: A hardware detection method a includes sending first verification data to a physical carrier, where the physical carrier carries a plurality of pieces of hardware; receiving a ciphertext and binding relationship information from the physical carrier, where the ciphertext is obtained after at least two of the f pieces of hardware respectively encrypt the first verification data using respective keys, and where the binding relationship information indicates a binding relationship between the at least two pieces of hardware; verifying the ciphertext and the binding relationship information; and determining security of the at least two pieces of hardware based on a verification result.