Secret key management method, controller and system

The invention discloses a secret key management method. The method comprise: a secret key management controller running in a trusted execution environment receiving a secret key request sent by a userterminal; analyzing user information in the key request, and verifying whether the user terminal belongs to a registered user terminal or not according to the user information; and if the user terminal belongs to the registered user terminal, executing the key operation corresponding to the operator, so that the key management controller manages the key in a trusted execution environment, a safeand reliable key management controller is provided for the user terminal, the key is prevented from being leaked, and the security of the key is improved. On the other hand, the invention also discloses a key management controller and a key management system. 本发明公开一种密钥管理方法，通过在可信执行环境中运行的密钥管理控制器接收用户终端发送的密钥请求；解析密钥请求中的用户信息，根据用户信息验证用户终端是否属于已注册用户终端；若用户终端属于已注册用户终端，执行与操作符相对应的密钥操作，实现将密钥管理控制器在可信执行环境中对密钥进行管理，为用户终端提供一个安全可靠的密钥管理控制器，保证密