CN105873044A - Application program issuance method based on Android platform, developer tracing method and developer tracing device - Google Patents
Application program issuance method based on Android platform, developer tracing method and developer tracing device Download PDFInfo
- Publication number
- CN105873044A CN105873044A CN201510031080.1A CN201510031080A CN105873044A CN 105873044 A CN105873044 A CN 105873044A CN 201510031080 A CN201510031080 A CN 201510031080A CN 105873044 A CN105873044 A CN 105873044A
- Authority
- CN
- China
- Prior art keywords
- digital certificate
- developer
- application
- issued
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention relates to an application program issuance method based on an Android platform, a developer tracing method and a developer tracing device. The application program issuance method based on the Android platform comprises the following steps: user identity information of an application program developer is acquired; an application program apk packet is analyzed, a self-signed digital certificate of the apk packet is read, and a public key in the self-signed digital certificate is extracted; with the user identity information and the public key, a same key digital certificate is applied to a third party certification service center; the same key digital certificate audited and issued by the third party certification service center are repackaged to the apk packet; and the repackaged apk packet is issued. The identity of the developer is ensured to be real and credible through the same key digital certificate issued by the third party, tracing on the developer can be realized when the same key digital certificate is repackaged to the apk packet, a security authentication mechanism for the Android system is also compatible, and normal upgrading of the application program is not influenced.
Description
Technical field
The present invention relates to the information security technology of mobile Internet, more particularly, it relates to a kind of application issued method based on Android platform, developer's retroactive method and device.
Background technology
Along with universal, mobile Internet business flourish of mobile intelligent terminal, information security center of gravity shifts from the Internet to mobile Internet.The prelude having opened mobile Internet industry development is changed in the subversiveness that mobile intelligent terminal causes, and intelligent terminal changes the Working Life mode of people.But, at mobile terminal while intelligent, Opening develop, also face increasing security threat.
Android (Android) operating system of Google is open platform, thus becomes mobile phone Malware main infection platform.Developer's identity of Android mobile phone Malware effectively cannot be traced to the source and then investigate its legal responsibility, cause Malware developer's WeiZhao's Notes low, be the one of the main reasons causing Android platform mobile phone Malware to spread unchecked.
At present, the identity of developer is mainly reviewed by Android platform by code signature technology, i.e. developer uses digital certificate to sign application program, by reading the digital signature information in application program, confirms the identity of application developer.Can be divided into according to the kind of signing certificate:
1, self-signed certificate signature, i.e. uses self-signed certificate that Android software is carried out code signature.
2, third party's trusted certificates signature, i.e. uses the certificate applied for legal Third Party Authentication service centre (CA) again to sign the application of announced storage.
Existing these Android platforms developer's retroactive method is disadvantageous in that:
1, major part developer is code signature when, uses self-signed certificate, it is impossible to ensure that its identity is genuine and believable.
2, for the most issued substantial amounts of storage application, storage application is signed by digital certificate again that use the Third Party Authentication service centre of constituted by law to sign and issue, this mode can cause the signing certificate of Android application program to change, and causes Android application program normally not upgrade.
Summary of the invention
The technical problem to be solved in the present invention is, drawbacks described above for prior art, there is provided a kind of application issued method and apparatus based on Android platform and the developer's retroactive method of application program based on Android platform issued by the method and device and device and a kind of Android platform, it can be ensured that developer's identity is genuine and believable, can review and do not affect Android application program simultaneously and normally upgrade.
The technical solution adopted for the present invention to solve the technical problems is: proposes a kind of application issued method based on Android platform, comprises the steps:
Obtain the subscriber identity information of application developer;
Resolve application program apk bag, read the digital certificate of certainly signing of described apk bag, and extract described PKI in signature digital certificate;
Same key digital certificate is applied for Third Party Authentication service centre with described subscriber identity information and described PKI;
The same key digital certificate audited by described Third Party Authentication service centre and signed and issued is repacked into described apk bag;
The apk bag repacked described in issue.
According in application issued method based on Android platform of the present invention, described repacking with key digital certificate farther includes into described apk bag: be packaged in the META-INF catalogue of apk bag by described same key digital certificate.
The present invention solves that its technical problem also proposes a kind of application issued device based on Android platform, including:
User identity acquisition module, for obtaining the subscriber identity information of application developer;
Key Acquisition Module, is used for resolving application program apk bag, reads the digital certificate of certainly signing of described apk bag, and extracts described PKI in signature digital certificate;
Certificate acquisition module, for applying for same key digital certificate with described subscriber identity information and described PKI to Third Party Authentication service centre;
Application packetization module, for repacking the same key digital certificate audited by described Third Party Authentication service centre and signed and issued into described apk bag;
Application release module, is used for the apk bag repacked described in issuing.
According in application issued device based on Android platform of the present invention, described same key digital certificate is packaged in the META-INF catalogue of apk bag by described application packetization module.
The present invention solves that its technical problem also proposes developer's retroactive method of a kind of application program based on Android platform using method as above to issue, comprise the steps:
The apk bag issued after repacking described in parsing;
Obtain the same key digital certificate signed and issued by Third Party Authentication service centre in described apk bag;
Extract the subscriber identity information in described same key digital certificate.
The present invention solves that its technical problem also proposes developer's retrospective device of a kind of application program based on Android platform using method as above to issue, including:
Parsing module, the apk bag issued after repacking described in resolving;
Third party's certificate acquisition module, for obtaining the same key digital certificate signed and issued by Third Party Authentication service centre in described apk bag;
Certificate information extraction module, for extracting the subscriber identity information in described same key digital certificate.
The present invention solves that its technical problem also proposes a kind of Android application software system, including application issued device as above and developer's retrospective device as above.
By signing and issuing third party's Trusted Digital certificate (PKI in this certificate is identical with the PKI of developer's self-signed certificate) to software developer, the present invention ensure that the identity of Android application program developer is genuine and believable;By same key digital certificate being bundled in the apk bag of Android application program, read with the developer's information in key digital certificate, just can realize developer is reviewed;And, same key digital certificate is bundled in the apk bag of Android application program, the security authentication mechanism of compatible Android system, does not affect Android application program and normally upgrade.
Accompanying drawing explanation
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the system architecture diagram of the Android application software system of one embodiment of the invention;
Fig. 2 is the flow chart of the application issued method based on Android platform of one embodiment of the invention;
Fig. 3 is the flow chart of developer's retroactive method of the application program based on Android platform of one embodiment of the invention.
Detailed description of the invention
In order to make the purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
In order to strengthen application supervision, hit mobile Internet Malware, the developer of Malware is reviewed, the application devises a kind of Android application software system, carry out the issue of Android application program based on third party's Trusted Digital certificate and developer reviews, by signing and issuing third party's Trusted Digital certificate (and the PKI in this certificate is identical with the PKI of developer's self-signed certificate) to software developer, guarantee that developer's identity is genuine and believable, same key digital certificate is bundled to the apk bag of Android application program simultaneously, and (apk is the abbreviation of AndroidPackage, i.e. Android installation kit) in, by reading with the developer's information in key digital certificate, realize developer is reviewed, but also do not interfere with the normal upgrading of Android application program.
Fig. 1 shows the system architecture diagram of the Android application software system 100 of one embodiment of the invention.As it is shown in figure 1, this Android application software system 100 includes application issued device 110 and 120 two parts of developer's retrospective device.Application issued device 110 is for obtaining the public signature key information in signature digital certificate of subscriber identity information and apk bag, then same key digital certificate is applied for Third Party Authentication service (CA) center, the same key digital certificate that Bing Jiang CA audits and signs and issues in center is repacked in apk bag, then the apk bag after repacking is issued.When developer's identity reviewed by needs, developer's retrospective device 120 reads same key digital certificate from apk bag, so read this with the developer's identity information in key digital certificate, reach to review the purpose of developer.
It is concrete as it is shown in figure 1, application issued device 110 includes user identity acquisition module 111, Key Acquisition Module 112, certificate acquisition module 113, application packetization module 114 and application release module 115.User identity acquisition module 111 is for obtaining the subscriber identity information of application developer.Key Acquisition Module 112 is used for resolving application program apk bag, reads the digital certificate of certainly signing of this apk bag, and extracts this PKI in signature digital certificate.Certificate acquisition module 113 applies for same key digital certificate for carrying subscriber identity information and the PKI in signature digital certificate to CA center 200.As it is shown in figure 1, CA center 200 is made up of certificate request messaging interface module 210, user identity auditing module 220, certificate issuance module 230 and certificate information sending module 240.Certificate request information receiving module 210 receives the application that certificate acquisition module 113 sends, it is thus achieved that subscriber identity information and public key information.Then developer's identity is audited by user identity auditing module 220 based on this subscriber identity information.Audit by then being signed and issued same key digital certificate by certificate issuance module 230 based on this subscriber identity information and this public key information, then by certificate information sending module 240, the same key digital certificate signed and issued is returned to certificate acquisition module 113.Then, application packetization module 114 certificate acquisition module 113 is applied for from CA center 200 to same key digital certificate repack into apk bag.In one specific embodiment, this can be packaged in the META-INF catalogue of apk bag by application packetization module 114 with key digital certificate.Application release module 115 is for issuing this apk bag repacked through application packetization module 114.Due to this apk bag repacking issue, to have the PKI in third party's Trusted Digital certificate and this certificate identical with the PKI of developer's self-signed certificate), guarantee that developer's identity can also realize reviewing developer while genuine and believable, and do not interfere with the normal upgrading of Android application program.
When developer's identity reviewed by needs, developer's retrospective device 120 can read same key digital certificate based on the request of reviewing from the apk bag issued by application issued device 110, and then read this with the developer's identity information in key digital certificate, reach to review the purpose of developer.It is concrete as it is shown in figure 1, developer's retrospective device 120 includes parsing module 121, third party's certificate acquisition module 122 and certificate information extraction module 123.Wherein, parsing module 121 is for resolving the apk bag that application issued device 110 is issued, third party's certificate acquisition module 122 is for from obtaining the same key digital certificate signed and issued by Third Party Authentication service centre 200 through the apk package informatin that parsing module 121 resolves, and certificate information extraction module 123 is for extracting this with the subscriber identity information in key digital certificate.Then developer's retrospective device 120 can respond the request of reviewing, and returns the subscriber identity information extracted, it is achieved developer reviews.
Based on Android application software system described above, the present invention proposes a kind of application issued method based on Android platform.Fig. 2 shows the flow chart of the application issued method 300 based on Android platform of one embodiment of the invention.As in figure 2 it is shown, should application issued method 300 based on Android platform comprise the steps:
First, in step S301, the subscriber identity information of application developer is obtained.
In later step S302, resolve this application program apk bag, read the digital certificate of certainly signing of this apk bag, and extract this PKI in signature digital certificate.
In later step S303, apply for same key digital certificate with the subscriber identity information obtained and the PKI in signature digital certificate to Third Party Authentication service centre.
In later step S304, will be repacked in application program apk bag based on the same key digital certificate that this subscriber identity information and PKI are audited and signed and issued by Third Party Authentication service centre.In one specific embodiment, the same key digital certificate can Third Party Authentication service centre signed and issued in this step is repacked in the META-INF catalogue of apk bag.
In later step S305, issue this apk bag repacked.
Based on Android application software system described above, the present invention also proposes developer's retroactive method of a kind of application program based on Android platform, for reviewing the Android application program person of developing issued by application issued method described above.Fig. 3 shows the flow chart of developer's retroactive method 400 of the application program based on Android platform of one embodiment of the invention.As it is shown on figure 3, the developer's retroactive method 400 being somebody's turn to do application program based on Android platform comprises the steps:
First, in step S401, the apk bag issued after this is repacked is resolved.
In later step S402, analytically after apk package informatin in obtain the same key digital certificate signed and issued by Third Party Authentication service centre.
In later step S403, extract this with the subscriber identity information in key digital certificate, it is achieved developer reviews.
The foregoing is only presently preferred embodiments of the present invention, not in order to limit the present invention, all any amendment, equivalent and improvement etc. made within the spirit and principles in the present invention, should be included within the scope of the present invention.
Claims (7)
1. an application issued method based on Android platform, it is characterised in that comprise the steps:
Obtain the subscriber identity information of application developer;
Resolve application program apk bag, read the digital certificate of certainly signing of described apk bag, and extraction is described certainly
PKI in signature digital certificate;
Same key digital is applied for Third Party Authentication service centre with described subscriber identity information and described PKI
Certificate;
The same key digital certificate audited by described Third Party Authentication service centre and signed and issued is repacked into
Described apk bag;
The apk bag repacked described in issue.
Method the most according to claim 1, it is characterised in that described will be with key digital certificate weight
Newly it is packed into described apk bag to farther include: described same key digital certificate is packaged in apk bag
In META-INF catalogue.
3. an application issued device based on Android platform, it is characterised in that including:
User identity acquisition module, for obtaining the subscriber identity information of application developer;
Key Acquisition Module, is used for resolving application program apk bag, reads the numeral of certainly signing of described apk bag
Certificate, and extract described PKI in signature digital certificate;
Certificate acquisition module, for described subscriber identity information and described PKI in Third Party Authentication services
The same key digital certificate of heart application;
Application packetization module, for the same cipher key number will audited by described Third Party Authentication service centre and signed and issued
Word certificate is repacked into described apk bag;
Application release module, is used for the apk bag repacked described in issuing.
Device the most according to claim 3, it is characterised in that described application packetization module is by described
It is packaged in the META-INF catalogue of apk bag with key digital certificate.
5. one kind uses the application journey based on Android platform that method as claimed in claim 1 or 2 is issued
Developer's retroactive method of sequence, it is characterised in that comprise the steps:
The apk bag issued after repacking described in parsing;
Obtain the same key digital certificate signed and issued by Third Party Authentication service centre in described apk bag;
Extract the subscriber identity information in described same key digital certificate.
6. one kind uses the application journey based on Android platform that method as claimed in claim 1 or 2 is issued
Developer's retrospective device of sequence, it is characterised in that including:
Parsing module, the apk bag issued after repacking described in resolving;
Third party's certificate acquisition module, for obtaining being signed by Third Party Authentication service centre in described apk bag
The same key digital certificate sent out;
Certificate information extraction module, for extracting the subscriber identity information in described same key digital certificate.
7. an Android application software system, it is characterised in that include applying as claimed in claim 3
Program distributing device and developer's retrospective device as claimed in claim 6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510031080.1A CN105873044B (en) | 2015-01-21 | 2015-01-21 | application program publishing method based on android platform, developer tracing method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510031080.1A CN105873044B (en) | 2015-01-21 | 2015-01-21 | application program publishing method based on android platform, developer tracing method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105873044A true CN105873044A (en) | 2016-08-17 |
CN105873044B CN105873044B (en) | 2019-12-17 |
Family
ID=56623121
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510031080.1A Active CN105873044B (en) | 2015-01-21 | 2015-01-21 | application program publishing method based on android platform, developer tracing method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105873044B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106778086A (en) * | 2016-11-28 | 2017-05-31 | 北京小米移动软件有限公司 | theme packet processing method and device |
CN107463806A (en) * | 2017-06-20 | 2017-12-12 | 国家计算机网络与信息安全管理中心 | The signature and sign test method of a kind of Android application programs installation kit |
CN110287656A (en) * | 2019-06-21 | 2019-09-27 | 深圳市趣创科技有限公司 | Method and device based on electronic copyright authentication signature |
CN116070250A (en) * | 2023-03-07 | 2023-05-05 | 卓望数码技术(深圳)有限公司 | Password algorithm evaluation method and device for android system application program |
US11750732B1 (en) | 2023-02-20 | 2023-09-05 | 14788591 Canada Inc. | System for introducing features to an in-vehicle infotainment system and method of use thereof |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2562674A1 (en) * | 2011-08-24 | 2013-02-27 | Pantech Co., Ltd. | Terminal and method for providing risk of application using the same |
CN104156638A (en) * | 2014-06-06 | 2014-11-19 | 国家计算机网络与信息安全管理中心 | Implementation method of extended signature for Android system software |
-
2015
- 2015-01-21 CN CN201510031080.1A patent/CN105873044B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2562674A1 (en) * | 2011-08-24 | 2013-02-27 | Pantech Co., Ltd. | Terminal and method for providing risk of application using the same |
CN104156638A (en) * | 2014-06-06 | 2014-11-19 | 国家计算机网络与信息安全管理中心 | Implementation method of extended signature for Android system software |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106778086A (en) * | 2016-11-28 | 2017-05-31 | 北京小米移动软件有限公司 | theme packet processing method and device |
CN106778086B (en) * | 2016-11-28 | 2019-11-29 | 北京小米移动软件有限公司 | Theme packet processing method and device |
CN107463806A (en) * | 2017-06-20 | 2017-12-12 | 国家计算机网络与信息安全管理中心 | The signature and sign test method of a kind of Android application programs installation kit |
CN107463806B (en) * | 2017-06-20 | 2020-08-14 | 国家计算机网络与信息安全管理中心 | Signature and signature verification method for Android application program installation package |
CN110287656A (en) * | 2019-06-21 | 2019-09-27 | 深圳市趣创科技有限公司 | Method and device based on electronic copyright authentication signature |
US11750732B1 (en) | 2023-02-20 | 2023-09-05 | 14788591 Canada Inc. | System for introducing features to an in-vehicle infotainment system and method of use thereof |
CN116070250A (en) * | 2023-03-07 | 2023-05-05 | 卓望数码技术(深圳)有限公司 | Password algorithm evaluation method and device for android system application program |
CN116070250B (en) * | 2023-03-07 | 2023-06-23 | 卓望数码技术(深圳)有限公司 | Password algorithm evaluation method and device for android system application program |
Also Published As
Publication number | Publication date |
---|---|
CN105873044B (en) | 2019-12-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Jung et al. | Repackaging attack on android banking applications and its countermeasures | |
WO2015169158A1 (en) | Information protection method and system | |
CN106209379B (en) | A kind of Android APK countersignature and verification method | |
Viennot et al. | A measurement study of google play | |
Dietz et al. | Quire: Lightweight provenance for smart phone operating systems | |
CN101834860B (en) | Method for remote dynamic verification on integrality of client software | |
CN104933366B (en) | A kind of application program for mobile terminal processing method | |
CN107301343B (en) | Safety data processing method and device and electronic equipment | |
CN105873044A (en) | Application program issuance method based on Android platform, developer tracing method and developer tracing device | |
CN106656513B (en) | The secondary packing signature verification method of APK file on Android platform | |
US10164777B2 (en) | Privacy control using unique identifiers associated with sensitive data elements of a group | |
CN109960903A (en) | A kind of method, apparatus, electronic equipment and storage medium that application is reinforced | |
CN105099705B (en) | A kind of safety communicating method and its system based on usb protocol | |
KR101498820B1 (en) | Method for Detecting Application Repackaging in Android | |
CN107980132A (en) | A kind of APK signature authentications method and system | |
CN104049973A (en) | Safety verification method and device for android application program | |
KR20170089352A (en) | Firmware integrity verification for performing the virtualization system | |
EP1561301B1 (en) | Software integrity test in a mobile telephone | |
CN110021291B (en) | Method and device for calling voice synthesis file | |
CN106709281A (en) | Patch releasing and obtaining method and device | |
CN106888094B (en) | A kind of endorsement method and server | |
Vella et al. | D-Cloud-Collector: Admissible Forensic Evidence from Mobile Cloud Storage | |
CN108052842B (en) | Signature data storage and verification method and device | |
CN110535663B (en) | Method and system for realizing trusted timestamp service based on block chain | |
CN111556060B (en) | Method, device, equipment and storage medium for embedding target software into external H5 page |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |