CN105320535B - A kind of method of calibration of installation kit, client, server and system - Google Patents

A kind of method of calibration of installation kit, client, server and system Download PDF

Info

Publication number
CN105320535B
CN105320535B CN201410379582.9A CN201410379582A CN105320535B CN 105320535 B CN105320535 B CN 105320535B CN 201410379582 A CN201410379582 A CN 201410379582A CN 105320535 B CN105320535 B CN 105320535B
Authority
CN
China
Prior art keywords
apk
client
value
server
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410379582.9A
Other languages
Chinese (zh)
Other versions
CN105320535A (en
Inventor
陈桌升
杨允乐
王传举
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba China Co Ltd
Original Assignee
Guangzhou I9Game Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou I9Game Information Technology Co Ltd filed Critical Guangzhou I9Game Information Technology Co Ltd
Priority to CN201410379582.9A priority Critical patent/CN105320535B/en
Priority to PCT/CN2015/084272 priority patent/WO2016019790A1/en
Publication of CN105320535A publication Critical patent/CN105320535A/en
Application granted granted Critical
Publication of CN105320535B publication Critical patent/CN105320535B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention provides method of calibration, client, server and the system of a kind of installation kit, and wherein method includes: that the signature value of the first APK is obtained under C language environment;And it is used to request the required parameter of network data to carry out the first encryption using the label name-value pair of the first APK, obtain encrypted word throttling;Encrypted word throttling is sent to server, for the signature value of preconfigured 2nd APK of server by utilizing, decrypts the encrypted word throttling;Wherein, the 2nd APK is original APK;What reception was returned when server does not decrypt the required parameter is used to identify the information that the first APK is the APK being tampered.Using this method, the check logic of installation kit can be prevented by decompiling, improve the reliability that installation kit is examined.

Description

A kind of method of calibration of installation kit, client, server and system
Technical field
The present invention relates to the data processing fields of mobile communication, more specifically, be related to a kind of installation kit method of calibration, Client, server and system.
Background technique
With the prevalence of Android platform, many outstanding Android installation kits are distorted by criminal: or implantation is disliked Meaning virus;Or addition advertisement, channel is then again introduced by secondary packing.
Anti-tamper for installation kit, existing market mainly uses anti-tamper checkschema, checking procedure Java language reality It is existing, wherein checking process: to be obtained in NDK (Native Development Kit, primary development kit) layer with Java language APK signature value is taken, APK (Android Package, Android installation kit) signature value is examined to be with preconfigured APK signature value No matching;If it matches, then illustrating that APK is legal is not tampered with;If it does not match, illustrating that APK is tampered.
However since Java is interpreted languages, virtual machine environment is operated in when being verified in the form of intermediate code In, this makes check logic be easy that check logic ' is being reduced or is being deleted in * .smali ', thus reached by decompiling Less than the purpose of installation kit verification, the reliability of installation kit inspection is reduced.
Summary of the invention
It is an object of the invention to propose a kind of method of calibration of installation kit, apparatus and system, installation kit can be prevented Check logic improves the reliability that installation kit is examined by decompiling.
According to an aspect of the invention, there is provided a kind of method of calibration of installation kit, wherein comprising steps of
The signature value of the first APK is obtained under C language environment;And it is used to ask using the label name-value pair of the first APK It asks the required parameter of network data to carry out the first encryption, obtains encrypted word throttling;Encrypted word throttling is sent to clothes Business device decrypts the encrypted word throttling for the signature value of preconfigured 2nd APK of server by utilizing;Wherein, described second APK is original APK;Receiving the first APK that is used to identify returned when server does not decrypt the required parameter is quilt The information of the APK distorted.
According to another aspect of the present invention, a kind of method of calibration of installation kit is provided, wherein comprising steps of
Receive the encrypted word throttling that client is sent;Wherein, the encrypted word throttling is using client in C language environment The label name-value pair of first APK of lower acquisition is for requesting the required parameter of network data to be encrypted;Using pre- The signature value of the 2nd APK first configured decrypts the encrypted word throttling;Wherein, the 2nd APK is original APK;If not decrypting The required parameter out is then returned to client for identifying the information that the first APK is the APK being tampered.
According to another aspect of the present invention, a kind of method of calibration of installation kit is provided, wherein comprising steps of
Client obtains the signature value of the first APK under C language environment;Client utilizes the signature value of the first APK To for requesting the required parameter of network data to carry out the first encryption, encrypted word throttling is obtained;Client is by the encryption Byte stream is sent to server;The signature value of preconfigured 2nd APK of server by utilizing, decrypts the encrypted byte Stream;Wherein, the 2nd APK is original APK;If not decrypting the required parameter, return to client for identifying State the information that the first APK is the APK being tampered.
According to another aspect of the present invention, a kind of client is provided, wherein include:
First acquisition unit, for obtaining the signature value of the first APK under C language environment;
Encryption unit for the label name-value pair using the first APK is used to that the required parameter of network data is requested to carry out First encryption obtains encrypted word throttling;
First transmission unit, for encrypted word throttling to be sent to server, so that server by utilizing is pre-configured with The 2nd APK signature value, decrypt encrypted word throttling;Wherein, the 2nd APK is original APK;
First receiving unit, for receive returned when server does not decrypt the required parameter it is described for identifying The information that first APK is the APK being tampered.
According to another aspect of the present invention, a kind of server is provided, wherein include:
Second receiving unit, for receiving the encrypted word throttling of client transmission;Wherein, the encrypted word throttling is to utilize The label name-value pair for the first APK that client obtains under C language environment is for requesting the required parameter of network data to be encrypted What processing obtained;
Decryption unit decrypts the encrypted word throttling for the signature value using preconfigured 2nd APK;Wherein, institute Stating the 2nd APK is original APK;
Second transmission unit, if being returned to client for identifying described for not decrypting the required parameter One APK is the information for the APK being tampered.
According to another aspect of the present invention, a kind of check system of installation kit is provided, wherein include: above-mentioned client End and above-mentioned server.
Using the present invention, client obtains the signature value of APK in C language environment and encrypts APK using the signature value Network data request and by encrypted byte stream be sent to server verification, due to above process logic in C language into ' * .so file ' is generated after row compiling, would become hard to crack ' * .so file ' inner logic by decompiling instrument, in breaking techniques Ratio is greatly increased using the scheme that Java language is realized in difficulty;In server side, the signature of preconfigured original APK is utilized Value goes to decrypt the byte stream of above-mentioned encryption, if energy successful decryption goes out above-mentioned network data request, illustrates to pacify in above-mentioned client Dress is original APK, if above-mentioned network data request cannot be decrypted, illustrate to install in above-mentioned client is to be tampered APK, so as to forbid being equipped with the APK being tampered client correlation function.It therefore, can be with by above-mentioned processing It prevents the check logic of APK by decompiling, improves the reliability that installation kit is examined.
To achieve the goals above, one or more aspects of the present invention includes being particularly described below and in claim In the feature that particularly points out.Certain illustrative aspects of the invention is described in detail in the following description and the annexed drawings.However, these Aspect instruction is only that some of the various ways in the principles of the present invention can be used.In addition, the present invention is intended to include All such aspects and their equivalent.
Detailed description of the invention
According to following detailed descriptions carried out referring to attached drawing, above and other objects, features and advantages of the invention will become It must become apparent.In the accompanying drawings:
Fig. 1 shows an a kind of flow chart of the method for calibration of installation kit proposed by the present invention;
Fig. 2 shows a kind of another flow charts of the method for calibration of installation kit proposed by the present invention;
Fig. 3 shows a kind of another flow chart of the method for calibration of installation kit proposed by the present invention;
Fig. 4 shows a kind of another flow chart of the method for calibration of installation kit proposed by the present invention;
Fig. 5 shows an a kind of structural schematic diagram of client proposed by the present invention;
Fig. 6 shows a kind of another structural schematic diagram of client proposed by the present invention;
Fig. 7 shows a kind of another structural schematic diagram of client proposed by the present invention;
Fig. 8 shows a kind of structural schematic diagram of server proposed by the present invention;
Fig. 9 shows a kind of structural schematic diagram of the check system of installation kit proposed by the present invention.
Identical label indicates similar or corresponding feature or function in all the appended drawings.
Specific embodiment
Various aspects of the disclosure is described below.It is to be understood that teaching herein can have in the form of varied Body embodies, and any specific structure disclosed herein, function or both are only representative.Religion based on this paper It leads, should be understood by those skilled in the art that, one aspect disclosed herein can be realized independently of any other aspect, And two or more aspects in these aspects can combine in various manners.It is, for example, possible to use described in this paper Any number of aspect, realization device or practices method.Further, it is possible to use other structures, function or in addition to described herein One or more aspects except or be not one or more aspects described herein structure and function, realize this device Or practice this method.In addition, any aspect described herein may include at least one element of claim.
Each embodiment of the invention is described below with reference to accompanying drawings.
The present invention proposes that a kind of method of calibration of installation kit, process can refer to Fig. 1;Specifically, comprising steps of
Step S101: the signature value of the first APK is obtained under C language environment;
Wherein, the first APK refers to that user downloads to the APK of client;Specifically, when obtaining the signature value of the first APK, The signature value sign of the first APK can be obtained by getPost function call getSign function;
Step S102: it is used to request the required parameter of network data to carry out the first encryption using the label name-value pair of the first APK Processing obtains encrypted word throttling;
Specifically, can by getPost function call encodeData function using the signature value of the first APK as plus Close key pair network request parameter carries out the first encryption, obtains encrypted word throttling.Wherein, what the first encryption used adds Close algorithm is reversible symmetry algorithm, and such as: DES algorithm, RC5 algorithm can also use M9 Encryption Algorithm.
Then it carries out step S103: encrypted word throttling being sent to server, for server by utilizing preconfigured the The signature value of two APK decrypts encrypted word throttling;
Wherein, the 2nd APK is original APK;Step S101 and step S102 is carried out under C language environment, and by encrypted word Throttling is sent to server, generates ' * .so file ' after being compiled in C language due to above process logic, passes through decompiling Tool would become hard to crack ' * .so file ' inner logic, in breaking techniques difficulty significantly than the scheme using Java language realization Increase;
Step S104: receiving the first APK that is used to identify returned when server does not decrypt required parameter is to be tampered APK information.Wherein, the letter for identifying the first APK as original APK returned when server decrypts required parameter Breath.
Above-mentioned function getPost, getSign, encodeData, realization process are all located at NDK layers of Android, Realized with C language, belong to system primary code, ' * .so file ' can be generated after compiling, with decompiling instrument can not decompiling go out This class file.
Using the present invention, client obtains the signature value of APK in C language environment and encrypts APK using the signature value Network data request and by encrypted byte stream be sent to server verification, due to above process logic in C language into ' * .so file ' is generated after row compiling, would become hard to crack ' * .so file ' inner logic by decompiling instrument, in breaking techniques Ratio is greatly increased using the scheme that Java language is realized in difficulty;In server side, the signature of preconfigured original APK is utilized Value goes to decrypt the byte stream of above-mentioned encryption, if energy successful decryption goes out above-mentioned network data request, illustrates to pacify in above-mentioned client The original APK of dress illustrates that installs in above-mentioned client is tampered if above-mentioned network data request cannot be decrypted APK, so as to forbid being equipped with the APK being tampered client correlation function;Therefore the check logic of APK can be prevented By decompiling, the reliability that installation kit is examined is improved.
In order to further prevent the check logic of APK by decompiling, the reliability of installation kit detection is improved, for above-mentioned reality Example is applied, in step s 102, is used to request the required parameter of network data to carry out the first encryption using the label name-value pair of the first APK When processing, it can specifically sequentially include the following steps: and 1) be carried out at the second encryption by signature value of the pre-defined algorithm to the first APK Reason, obtains the signature value of encrypted first APK;Specifically, getPost function tune can be passed through when carrying out the second encryption It is encrypted with getKey function according to pre-defined algorithm come the signature value to APK;Wherein, pre-defined algorithm can be md5 and add Close algorithm is also possible to can produce the algorithm of regular length character string;2) it is used using the label name-value pair of encrypted first APK To request the required parameter of network data to carry out the first encryption.
Corresponding, after encrypted word throttling is sent to server by step S103, preconfigured press of server by utilizing should The signature value of encrypted 2nd APK of pre-defined algorithm decrypts encrypted word throttling.It is encrypted i other words making an appointment in client The mode decrypted in the server, this mode only have client and server to know, simultaneously because in the environment of C language Lower progress, therefore this mode will not be acquired by decompiling, can fully ensure that safety.
In one aspect of the invention, the initial detecting of APK first can be carried out in client, only passes through initial detecting , just carry out the installation kit testing process in above-described embodiment after step S102;One of optional method of initial detecting It is detection APK signature value;Specifically, initial detecting carries out after step slol, comprising steps of
The signature value of first APK is compared by client with the signature value in preconfigured 2nd APK of client, if Equal, then client carries out the S102 step and testing process later;If unequal, return for identifying the first APK Information for the APK being tampered.
Another optional method of initial detecting is to obtain dex (type of executable file in Android platform) file CRC (Cyclical Redundancy Check, cyclic redundancy check) value, the CRC of the crc value and pre-configuration that will acquire Value compares;Specifically, initial detecting carries out after step slol, comprising steps of
Client obtains the crc value of the dex file of the first APK;
Client is by the crc value of the dex file compared with the crc value of pre-configuration, wherein the crc value of pre-configuration is original The crc value of the dex file of APK;
When the crc value of dex file is equal with the crc value of pre-configuration, client carries out above-mentioned S102 step and later Testing process.If the crc value of dex file and the crc value of pre-configuration are unequal, returning for identifying the first APK is to be usurped The information of the APK changed.
Another optional method of initial detecting is to detect the crc value of dex file again after detecting APK signature value;Tool Body, initial detecting carries out after step slol, comprising steps of
The signature value of first APK is compared by client with the signature value in preconfigured 2nd APK of client, if Equal, then client obtains the crc value of dex file;If unequal, returning for identifying the first APK is the APK being tampered Information;
When the crc value of the dex file is equal with the crc value of pre-configuration, client carries out the S102 step and later Testing process;If unequal, return for identifying the information that the first APK is the APK being tampered.
As long as APK, by decompiling, dex file will generate variation, crc value can also change.Therefore according to dex file Crc value can tentatively judge whether the first APK is tampered.
One preferred embodiment process is as shown in Fig. 2, this method is based on client-side.It, can before carrying out detailed process Advanced line code is obscured: the class name of the first APK, packet name are obscured for Window system and linux system two systems name system System forbid strictly using filename, such as com1, Com1, wherein obscure and refer to that the class name to the first APK, packet name carry out Reorganize and processing, obtain Window system and linux system two systems naming system forbid strictly using filename; Then process is carried out the following processing:
Step S201: client obtains the signature value of the first APK under C language environment;
Step S202: client judge the signature value of the first APK and preconfigured 2nd APK signature value whether phase Deng;Wherein, the 2nd APK is original APK;If judging result be it is no, carry out step S203;If the determination result is YES, then it carries out Step S204;
Step S203: client is returned for identifying the information that the first APK is the APK being tampered;
Step S204: client obtains the crc value of the dex file of the first APK;
Step S205: client judges whether the crc value of dex file is equal with the crc value of pre-configuration;Wherein, it is pre-configured Crc value be crc value for reference, i.e., the crc value of the dex file of original APK;When judge the crc value of dex file with it is prewired When the crc value set is unequal, step S203 is carried out;When the crc value for judging dex file is equal with the crc value of pre-configuration, carry out Step S206;
Step S206: client is used to request the required parameter of network data to carry out the using the label name-value pair of the first APK One encryption obtains encrypted word throttling;Specifically, client can also by pre-defined algorithm first to the signature value of the first APK into Row encryption;Then it is used to request the required parameter of network data to carry out the further according to the signature value of encrypted first APK One encryption.
Step S207: encrypted word throttling is sent to server by client, for server by utilizing preconfigured second The signature value of APK decrypts encrypted word throttling;Specifically, being used when in step S206 according to the signature value of encrypted first APK Come when the required parameter of network data being requested to carry out the first encryption, server by utilizing is preconfigured to be encrypted by pre-defined algorithm The signature value of the 2nd APK afterwards decrypts encrypted word throttling.
Step S208: client is received when server decrypts required parameter, by server return for identifying the One APK is the information of original APK;And when server does not decrypt required parameter, by server return for identifying the One APK is the information for the APK being tampered.
The invention also provides the method for calibration of another installation kit, this method is based on server side, and process can refer to Shown in Fig. 3, comprising steps of
Step S301: server receives the encrypted word throttling that client is sent;Wherein, encrypted word throttling is to utilize client Hold the label name-value pair of the first APK obtained under C language environment for requesting the required parameter of network data to be encrypted It obtains;
Step S302: preconfigured 2nd APK of server by utilizing signature value decryption encrypted word throttling;Wherein, this Two APK are original APK;
Step S303: if server decrypts required parameter, it is original for returning to client for identifying the first APK The information of APK;If server does not decrypt required parameter, returning to client for identifying the first APK is the APK being tampered Information.
The invention also provides the method for calibration of another installation kit, process be can refer to shown in Fig. 4, and this method is based on visitor The interaction at family end and server, specific steps include:
Step S401: client obtains the signature value of the first APK under C language environment;
Step S402: the required parameter that client utilizes the label name-value pair of the first APK to be used to request network data carries out the One encryption obtains encrypted word throttling;
Step S403: client sends above-mentioned encrypted word and throttles to server;
Step S404: preconfigured 2nd APK of server by utilizing signature value decryption encrypted word throttling;Wherein, this Two APK are original APK;Then step S405 or step S406 is carried out according to decrypted result.
Step S405: if server decrypts the required parameter, returning to client for identifying the first APK is to be somebody's turn to do The information of original APK;
Step S406: if server does not decrypt the required parameter, it is for identifying the first APK to client return The information for the APK being tampered.
Another aspect of the present invention, it is also proposed that a kind of client 801, structural schematic diagram can refer to Fig. 5, client 801 include:
First acquisition unit 601, for obtaining the signature value of the first APK under C language environment;
Encryption unit 602 for the label name-value pair using the first APK is used to that the required parameter of network data is requested to carry out First encryption obtains encrypted word throttling;
First transmission unit 603, for encrypted word throttling to be sent to server, so that server by utilizing is pre-configured with The 2nd APK signature value, decrypt the encrypted word throttling;Wherein, the 2nd APK is original APK;
First receiving unit 604, for receive returned when server does not decrypt the required parameter for identifying this The information that first APK is the APK being tampered.And receive returned when server decrypts the required parameter for identifying First APK is the information of the original APK.
The another aspect of above-mentioned client can be additionally configured to sign name-value pair APK progress initial detecting, tool according to APK Body, referring to Fig. 6;Client further include:
First comparing unit 605, for carrying out the signature value of the signature value of the first APK and preconfigured 2nd APK Compare;
First notification unit 606, for notifying the encryption unit when the comparison result of first comparing unit is equal To for requesting the required parameter of network data to carry out the first encryption;When the comparison result of first comparing unit is not phase Whens equal, the information for being the APK being tampered for identifying the first APK is returned;Wherein, the 2nd APK is original APK.
The another aspect of above-mentioned client can be additionally configured to carry out initial detecting to APK according to crc value.Specifically, Referring to Fig. 7, client further include:
Second acquisition unit 607, the crc value of the dex file for obtaining the first APK;
Second comparing unit 608, for the crc value of the dex file to be compared with the crc value of pre-configuration;
Second notification unit 609, for notifying the encryption unit pair when the comparison result of the second comparing unit is equal For requesting the required parameter of network data to carry out the first encryption;When the comparison result of the second comparing unit is unequal When, return to the information for being the APK being tampered for identifying the first APK;Wherein, the crc value of pre-configuration is the dex of original APK The crc value of file.
Another aspect of the present invention, it is also proposed that a kind of server 802, structural schematic diagram can refer to Fig. 8, server 802 include:
Second receiving unit 701, for receiving the encrypted word throttling of client transmission;Wherein, encrypted word throttling is benefit The label name-value pair of the first APK obtained under C language environment with client is for requesting the required parameter of network data to be added What close processing obtained;
Decryption unit 702 throttles for decrypting the encrypted word using the signature value of preconfigured 2nd APK;Wherein, should 2nd APK is original APK;
Second transmission unit 703, if for decrypting the required parameter, to client return for identify this first APK is the information of the original APK;If not decrypting the required parameter, returning to client for identifying the first APK is quilt The information of the APK distorted.
Another aspect of the present invention, it is also proposed that a kind of check system of installation kit, structural schematic diagram can refer to Fig. 9, The system includes: client 801 shown in fig. 5 and server shown in Fig. 8 802.It is also possible to the client of Fig. 6 or Fig. 7 And the server of Fig. 8.
Using the present invention, client obtains the signature value of APK in C language environment and encrypts APK using the signature value Network data request and by encrypted byte stream be sent to server verification, due to above process logic in C language into * .so file is generated after row compiling, being packaged party would become hard to crack the logic in * .so by decompiling instrument, in breaking techniques hardly possible Ratio is greatly increased using the scheme that Java language is realized on degree;In server side, the signature value of preconfigured original APK is utilized The byte stream for decrypting above-mentioned encryption is gone to illustrate to install in above-mentioned client if energy successful decryption goes out above-mentioned network data request Original APK illustrate that installs in above-mentioned client is tampered if the request of above-mentioned network data cannot be decrypted APK, so as to forbid being equipped with the APK being tampered client correlation function;Therefore the check logic of APK can be prevented By decompiling, the reliability that installation kit is examined is improved.
In addition, typically, mobile terminal of the present invention can be various hand-held terminal devices bluetooth-capable, example Such as mobile phone bluetooth-capable, personal digital assistant (PDA).
In addition, being also implemented as being executed by the processor (such as CPU) in mobile terminal according to the method for the present invention Computer program, and store in a memory in the mobile terminal.When the computer program is executed by processor, sheet is executed The above-mentioned function of being limited in the method for invention.
In addition, it is also implemented as a kind of computer program product according to the method for the present invention, the computer program product Including computer-readable medium, be stored on the computer-readable medium for execute limited in method of the invention it is above-mentioned The computer program of function.
In addition, above method step and system unit also can use controller and for storing so that controller is real The computer readable storage devices of the computer program of existing above-mentioned steps or Elementary Function are realized.
Those skilled in the art will also understand is that, various illustrative logical blocks, mould in conjunction with described in disclosure herein Block, circuit and algorithm steps may be implemented as the combination of electronic hardware, computer software or both.It is hard in order to clearly demonstrate This interchangeability of part and software, with regard to various exemplary components, square, module, circuit and step function to its into General description is gone.This function is implemented as software and is also implemented as hardware depending on concrete application and application To the design constraint of whole system.Those skilled in the art can realize described in various ways for every kind of concrete application Function, but this realization decision should not be interpreted as causing a departure from the scope of the present.
Although content disclosed above shows exemplary embodiment of the present invention, it should be noted that without departing substantially from power Under the premise of benefit requires the scope of the present invention limited, it may be many modifications and modify.It is real according to invention described herein The function, step and/or movement for applying the claim to a method of example are not required to the execution of any particular order.In addition, although the present invention Element can describe or require in the form of individual, be unless explicitly limited odd number it is also contemplated that multiple.
Although describing each embodiment according to the present invention above with reference to figure to be described, those skilled in the art Member can also do it should be appreciated that each embodiment proposed to aforementioned present invention on the basis of not departing from the content of present invention Various improvement out.Therefore, protection scope of the present invention should be determined by the content of appended claims.

Claims (12)

1. a kind of method of calibration of installation kit, comprising the following steps:
The signature value of the first APK is obtained under C language environment;And it is used to request net using the label name-value pair of the first APK The required parameter of network data carries out the first encryption, obtains encrypted word throttling;
Encrypted word throttling is sent to server, so that the signature value of preconfigured 2nd APK of server by utilizing is decrypted The encrypted word throttling;Wherein, the 2nd APK is original APK;
What reception was returned when server does not decrypt the required parameter is the APK being tampered for identifying the first APK Information.
2. the method for calibration of installation kit as described in claim 1, wherein the label name-value pair using the first APK is used to ask Ask network data required parameter carry out the first encryption the step of include:
The second encryption is carried out by signature value of the pre-defined algorithm to the first APK, obtains the signature of encrypted first APK Value;It is used to request the required parameter of network data to carry out at the first encryption using the label name-value pair of encrypted first APK Reason;
The signature value of preconfigured 2nd APK of server by utilizing decrypts the step of encrypted word throttling and includes:
The preconfigured signature value by encrypted 2nd APK of the pre-defined algorithm of the server by utilizing, decryption is described to be added Close byte stream.
3. the method for calibration of installation kit as claimed in claim 2, the pre-defined algorithm is that can produce regular length character string Algorithm;The Encryption Algorithm that first encryption uses is reversible symmetry algorithm.
4. the method for calibration of installation kit as described in claim 1, wherein the label for obtaining the first APK under C language environment It is further comprising the steps of after the step of name value:
The signature value of first APK is compared with the signature value of preconfigured 2nd APK, if equal, it is described right to carry out For the step of requesting the required parameter of network data to carry out the first encryption;If unequal, return described for identifying The information that first APK is the APK being tampered;Wherein, the 2nd APK is original APK.
5. the method for calibration of installation kit as described in claim 1, wherein the label for obtaining the first APK under C language environment It is further comprising the steps of after the step of name value:
Obtain the crc value of the dex file of the first APK;
When the crc value of the dex file is equal with the crc value of pre-configuration, carry out described to for requesting network data to be asked The step of asking parameter to carry out the first encryption;If unequal, returning for identifying the first APK is the APK being tampered Information;Wherein, the crc value of pre-configuration is the crc value of the dex file of original APK.
6. a kind of method of calibration of installation kit, comprising the following steps:
Receive the encrypted word throttling that client is sent;Wherein, the encrypted word throttling is obtained under C language environment using client The label name-value pair of the first APK taken is for requesting the required parameter of network data to be encrypted;
The encrypted word is decrypted using the signature value of preconfigured 2nd APK to throttle;Wherein, the 2nd APK is original APK;
If not decrypting the required parameter, return to client for identifying the letter that the first APK is the APK being tampered Breath.
7. a kind of method of calibration of installation kit, comprising the following steps:
Client obtains the signature value of the first APK under C language environment;
The required parameter that client utilizes the label name-value pair of the first APK to be used to request network data carries out at the first encryption Reason obtains encrypted word throttling;
Encrypted word throttling is sent to server by client;
The signature value of preconfigured 2nd APK of server by utilizing decrypts the encrypted word throttling;Wherein, described second APK is original APK;
If server does not decrypt the required parameter, returns to client and be tampered for identifying the first APK The information of APK.
8. a kind of client, comprising:
First acquisition unit, for obtaining the signature value of the first APK under C language environment;
Encryption unit is used to request the required parameter of network data to carry out first for the label name-value pair using the first APK Encryption obtains encrypted word throttling;
First transmission unit, for encrypted word throttling to be sent to server, for server by utilizing preconfigured the The signature value of two APK decrypts the encrypted word throttling;Wherein, the 2nd APK is original APK;
First receiving unit, for receive returned when server does not decrypt the required parameter for identifying described first APK is the information for the APK being tampered.
9. client as claimed in claim 8, further includes:
First comparing unit, for the signature value of the first APK to be compared with the signature value of preconfigured 2nd APK;
First notification unit, for notifying the encryption unit pair when the comparison result of first comparing unit is equal For requesting the required parameter of network data to carry out the first encryption;When the comparison result of first comparing unit is not phase Whens equal, return for identifying the information that the first APK is the APK being tampered;Wherein, the 2nd APK is original APK.
10. client as claimed in claim 8, further includes:
Second acquisition unit, the crc value of the dex file for obtaining the first APK;
Second comparing unit, for the crc value of the dex file to be compared with the crc value of pre-configuration;
Second notification unit, for notifying the encryption unit to being used for when the comparison result of the second comparing unit is equal The required parameter of network data is requested to carry out the first encryption;When the comparison result of the second comparing unit is unequal, return It is back to the information for identifying that the first APK is the APK being tampered;Wherein, the crc value of pre-configuration is the dex file of original APK Crc value.
11. a kind of server, comprising:
Second receiving unit, for receiving the encrypted word throttling of client transmission;Wherein, the encrypted word throttling is to utilize client Hold the label name-value pair of the first APK obtained under C language environment for requesting the required parameter of network data to be encrypted It obtains;
Decryption unit decrypts the encrypted word throttling for the signature value using preconfigured 2nd APK;Wherein, described Two APK are original APK;
Second transmission unit, if being returned to client for identifying the first APK for not decrypting the required parameter Information for the APK being tampered.
12. a kind of check system of installation kit, comprising: clothes described in client and claim 11 as claimed in claim 8 Business device.
CN201410379582.9A 2014-08-04 2014-08-04 A kind of method of calibration of installation kit, client, server and system Active CN105320535B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201410379582.9A CN105320535B (en) 2014-08-04 2014-08-04 A kind of method of calibration of installation kit, client, server and system
PCT/CN2015/084272 WO2016019790A1 (en) 2014-08-04 2015-07-16 Verification method, client, server and system for installation package

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410379582.9A CN105320535B (en) 2014-08-04 2014-08-04 A kind of method of calibration of installation kit, client, server and system

Publications (2)

Publication Number Publication Date
CN105320535A CN105320535A (en) 2016-02-10
CN105320535B true CN105320535B (en) 2019-02-15

Family

ID=55247961

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410379582.9A Active CN105320535B (en) 2014-08-04 2014-08-04 A kind of method of calibration of installation kit, client, server and system

Country Status (2)

Country Link
CN (1) CN105320535B (en)
WO (1) WO2016019790A1 (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106778099A (en) * 2016-11-29 2017-05-31 北京奇虎科技有限公司 The generation method and device of anti-tamper APK, install and operation method and device
CN107046541B (en) * 2017-04-18 2023-02-03 深圳市法马新智能设备有限公司 Wireless transceiving encryption communication method and device thereof
CN108563953B (en) * 2018-03-26 2021-12-21 南京微可信信息技术有限公司 Safe and extensible trusted application development method
CN108923910B (en) * 2018-07-12 2021-06-25 南方电网科学研究院有限责任公司 Mobile application APK tamper-proofing method
CN110276173A (en) * 2019-06-18 2019-09-24 福州数据技术研究院有限公司 Dual system termi-nal with server prevents bis- packing operation methods of apk
CN110278115B (en) 2019-06-20 2022-11-08 京东方科技集团股份有限公司 Hot update method and device
CN110262834A (en) * 2019-06-25 2019-09-20 上海缤游网络科技有限公司 A kind of method and device producing installation kit
CN112114824B (en) * 2020-09-07 2023-05-02 上海上讯信息技术股份有限公司 Linux-based software deployment method and device
CN113094660A (en) * 2021-04-02 2021-07-09 上海中通吉网络技术有限公司 Interface calling method, device and equipment and storage medium
CN112861191B (en) * 2021-04-23 2023-01-10 腾讯科技(深圳)有限公司 Application program monitoring method and device
CN114760078B (en) * 2022-06-15 2022-09-06 北京亿赛通科技发展有限责任公司 Method and system for preventing malicious tampering of page request parameters
CN115495716B (en) * 2022-08-15 2023-10-10 荣耀终端有限公司 Local authentication method and electronic equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102982258A (en) * 2012-11-09 2013-03-20 北京深思洛克软件技术股份有限公司 System for conducting original-edition check to mobile application program
CN103577206A (en) * 2012-07-27 2014-02-12 北京三星通信技术研究有限公司 Method and device for installing application software

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050102669A1 (en) * 2003-10-15 2005-05-12 Siemens Medical Solutions Usa, Inc. Software installation file verification media and methods for medical equipment
CN101256607B (en) * 2008-03-10 2011-08-10 北京深思洛克软件技术股份有限公司 Method for remote updating and controlling use of software protection apparatus
CN102457574A (en) * 2011-10-21 2012-05-16 北京安天电子设备有限公司 Method and system for intelligent multi-address downloading of installation package
CN103544046A (en) * 2013-10-25 2014-01-29 苏州通付盾信息技术有限公司 Mobile application software reinforcement method
CN103823751B (en) * 2013-12-13 2016-05-11 国家计算机网络与信息安全管理中心 A kind of counterfeit application program monitoring method of injecting based on feature

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103577206A (en) * 2012-07-27 2014-02-12 北京三星通信技术研究有限公司 Method and device for installing application software
CN102982258A (en) * 2012-11-09 2013-03-20 北京深思洛克软件技术股份有限公司 System for conducting original-edition check to mobile application program

Also Published As

Publication number Publication date
CN105320535A (en) 2016-02-10
WO2016019790A1 (en) 2016-02-11

Similar Documents

Publication Publication Date Title
CN105320535B (en) A kind of method of calibration of installation kit, client, server and system
CN112019493B (en) Identity authentication method, identity authentication device, computer equipment and medium
JP6771565B2 (en) Securing web pages, web apps, and applications
KR100823738B1 (en) Method for integrity attestation of a computing platform hiding its configuration information
CN109639661B (en) Server certificate updating method, device, equipment and computer readable storage medium
US9009463B2 (en) Secure delivery of trust credentials
US9419803B2 (en) Flexible data authentication
CN111262889B (en) Authority authentication method, device, equipment and medium for cloud service
US20170116410A1 (en) Software protection
KR101744747B1 (en) Mobile terminal, terminal and method for authentication using security cookie
CN102855274A (en) Method and device for detecting suspicious progresses
CN111666564B (en) Application program safe starting method and device, computer equipment and storage medium
CN106936588B (en) Hosting method, device and system of hardware control lock
EP3206329A1 (en) Security check method, device, terminal and server
CN106055936A (en) Method and device for encryption/decryption of executable program data package
US11882327B2 (en) Verifying display of third party content at a client device
US20210111892A1 (en) Scalabe attestation for trusted execution environments
CN113626840A (en) Interface authentication method and device, computer equipment and storage medium
JP6914436B2 (en) Systems and methods for authentication
CN113378147A (en) Method for user to log in service platform
CN106648770B (en) Generation method, loading method and device of application program installation package
US11552804B1 (en) Code sign white listing (CSWL)
AU2013237707A1 (en) Prevention of forgery of web requests to a server
CN105323287B (en) Third-party application program login method and system
KR102534012B1 (en) System and method for authenticating security level of content provider

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20160912

Address after: 510627 Guangdong city of Guangzhou province Whampoa Tianhe District Road No. 163 Xiping Yun Lu Yun Ping radio square B tower 13 floor 02 unit self

Applicant after: GUANGZHOU I9GAME INFORMATION TECHNOLOGY CO., LTD.

Address before: 100083 Beijing City, Haidian District Road, No. 28 into the house on the 12 floor

Applicant before: Excelle View Technology Co., Ltd.

GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20200811

Address after: 310052 room 508, floor 5, building 4, No. 699, Wangshang Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province

Patentee after: Alibaba (China) Co.,Ltd.

Address before: 510627 Guangdong city of Guangzhou province Whampoa Tianhe District Road No. 163 Xiping Yun Lu Yun Ping radio square B tower 13 floor 02 unit self

Patentee before: Guangzhou Aijiuyou Information Technology Co.,Ltd.

TR01 Transfer of patent right