CN106709281A - Patch releasing and obtaining method and device - Google Patents
Patch releasing and obtaining method and device Download PDFInfo
- Publication number
- CN106709281A CN106709281A CN201510413349.2A CN201510413349A CN106709281A CN 106709281 A CN106709281 A CN 106709281A CN 201510413349 A CN201510413349 A CN 201510413349A CN 106709281 A CN106709281 A CN 106709281A
- Authority
- CN
- China
- Prior art keywords
- patch
- data
- code
- platform database
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000012795 verification Methods 0.000 claims abstract description 32
- 238000012423 maintenance Methods 0.000 claims abstract description 16
- 238000004422 calculation algorithm Methods 0.000 claims description 16
- 238000000605 extraction Methods 0.000 claims description 6
- 230000008901 benefit Effects 0.000 claims description 3
- 238000001514 detection method Methods 0.000 claims description 2
- 238000012545 processing Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 8
- 230000005540 biological transmission Effects 0.000 abstract description 7
- 238000003860 storage Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000012856 packing Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000246 remedial effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
Landscapes
- Stored Programmes (AREA)
Abstract
The invention provides a patch releasing method and device and a patch obtaining method and device. The patch releasing method comprises the following steps of: extracting corresponding patch data from a patch platform database according to a patch obtaining request sent by a client; returning the patch data to the client, wherein the patch data comprises a patch code and verification information corresponding to the patch code; and verifying the patch code by the client according to the verification information. Through the technical scheme, the patch management and maintenance processes can be simplified, and the patch transmission safety can be enhanced.
Description
Technical field
The application is related to Internet technical field, more particularly to patch granting and acquisition methods, device.
Background technology
User can be by installing application program on smart machine, it is possible to achieve corresponding operation is controlled
Function.However, application program cannot often take into account various aspects on stream, may exist
The addition of some mistakes or New functions, but be not intended to do the application program renewal of whole version and (cover
Lid installs the application program of more redaction), can now be applied equivalent to script by installing patch
" repairing " of program, you can correct mistake or realize New function.
The content of the invention
In view of this, the application provides a kind of patch granting and acquisition methods, device, can simplify patch
Management and maintenance process, improve the transmission security of patch.
To achieve the above object, the application offer technical scheme is as follows:
According to the first aspect of the application, it is proposed that a kind of patch distribution method, including:
The patch sent according to client obtains request, and corresponding patch is extracted from patch platform database
Data;
The patch data is returned into the client;Wherein, the patch data include patch code and
Check information corresponding with the patch code, with by the client according to the check information to described
Patch code is verified.
According to the second aspect of the application, it is proposed that a kind of patch acquisition methods, including:
Patch is sent to service end obtain request;
The patch data that the service end is returned is received, the patch data includes that patch code and verification are believed
Breath;
The patch code is verified according to the check information, and is held in the case of by verification
The row patch code.
According to the third aspect of the application, it is proposed that a kind of patch dispensing apparatus, including:
Extraction unit, the patch sent according to client obtains request, is extracted from patch platform database
Corresponding patch data;
Returning unit, the client is returned by the patch data;Wherein, the patch data includes
Patch code and check information corresponding with the patch code, with by the client according to the verification
Information is verified to the patch code.
According to the fourth aspect of the application, it is proposed that a kind of patch acquisition device, including:
Transmitting element, sends patch and obtains request to service end;
Receiving unit, receives the patch data that the service end is returned, and the patch data includes patch generation
Code and check information;
Verification unit, verifies according to the check information to the patch code, and by verification
In the case of perform the patch code.
From above technical scheme, the application manages patch data by patch platform database, makes
Developer is obtained without carry out being packaged as patch file to patch data, patch file is entered without client
Row parsing, be also convenient for patch platform database is carried out to attributes such as system type, the version numbers of patch file
Read and manage.By including patch code and check information simultaneously in patch data, make the client can
To be verified accordingly, identify that patch source is substituted, patch code is tampered equivalent risk situation, have
Help lift the security that patch is installed.
Brief description of the drawings
Fig. 1 is a kind of flow chart of the patch distribution method provided according to the exemplary embodiment of the application one;
Fig. 2 is a kind of flow chart of the patch acquisition methods provided according to the exemplary embodiment of the application one;
Fig. 3 is a kind of application scenarios schematic diagram provided according to the exemplary embodiment of the application one;
Fig. 4 is a kind of showing for the enclosed structure of the patch data provided according to the exemplary embodiment of the application one
It is intended to;
Fig. 5 A-5D are a kind of the dimensions to patch data according to the offer of the exemplary embodiment of the application one
The interface schematic diagram of shield;
Fig. 6 is a kind of stream of the patch granting and acquisition methods provided according to the exemplary embodiment of the application one
Cheng Tu;
Fig. 7 is a kind of electronic equipment based on service end provided according to the exemplary embodiment of the application one
Structural representation;
Fig. 8 is a kind of block diagram of the patch dispensing apparatus provided according to the exemplary embodiment of the application one;
Fig. 9 is a kind of electronic equipment based on service end provided according to the exemplary embodiment of the application one
Structural representation;
Figure 10 is a kind of block diagram of the patch acquisition device provided according to the exemplary embodiment of the application one.
Specific embodiment
In the related art, after developer needs for the data such as patch code to be packaged into document form, will
The patch file is stored in server.Due to patch file by packing process, thus server without
Method reads the attribute information of the patch file so that developer needs to access patch file to realize checking
Or during edit operation, be merely able to be realized by downloading corresponding patch file from server.
Additionally, when user downloads patch file and installed from server, not provided in correlation technique
To the verification means of patch file, cause hacker to be easy to the patch file such as distort, cause serious
Security risks.
Therefore, the application is by the improvement to patch maintenance mode and content authentication, to improve correlation technique
Present in above-mentioned technical problem.It is that the application is further described, there is provided the following example:
Fig. 1 is a kind of flow chart of the patch distribution method provided according to the exemplary embodiment of the application one,
As shown in figure 1, the method is applied to service end (i.e. server or server end), can include following
Step:
Step 102, the patch sent according to client obtains request, is extracted from patch platform database
Corresponding patch data.
In the present embodiment, system type information and the application program version that the patch is obtained in request are read
This information;Extracted from the patch platform database and the system type information and the application program
The latest edition patch data that version information matches.
Step 104, the client is returned by the patch data;Wherein, the patch data includes
Patch code and check information corresponding with the patch code, with by the client according to the verification
Information is verified to the patch code.
In the present embodiment, check information is to be signed via the private key at the patch platform database
Summary info, the summary info is that the patch code is calculated according to default digest algorithm
Arrive.By calculating the corresponding summary info of patch code, the data length for being used in private key signature is controllable,
Solve the problems, such as patch code overabundance of data and cannot directly sign or efficiency of signing is low.
With embodiment illustrated in fig. 1 accordingly, Fig. 2 be according to the exemplary embodiment of the application one provide
A kind of flow chart of patch acquisition methods, as shown in Fig. 2 the method is applied to client (being provided with
The terminal of the application program of the client, such as computer, mobile phone, flat board equipment), can include following
Step:
Step 202, sends patch and obtains request to service end.
Step 204, receives the patch data that the service end is returned, and the patch data includes patch generation
Code and check information.
In the present embodiment, check information can be to be carried out via the private key at the patch platform database
The summary info of signature, the summary info is that the patch code is counted according to default digest algorithm
Obtain.
Step 206, verifies according to the check information to the patch code, and by verification
In the case of perform the patch code.
In the present embodiment, client can calculate the patch code according to the default digest algorithm
Corresponding real-time summary info;When the check information meets following conditions, the patch code is judged
The verification of the check information is passed through:Involved in signature de is carried out to the check information by local public key, and
The decoded information for obtaining is consistent with the real-time summary info.In this embodiment, by local public key pair
Check information carries out involved in signature de, can verify whether the source of the patch data is correct, that is, whether there is
Hacker is intercepted by such as DNS, sets the modes such as agency to the client unsafe patch data of transmission;Together
When, by the checking to summary info, patch code can be avoided from being made a mistake in data transmission procedure
Or be tampered, thereby further ensure that the validity and security of patch data.
In the technical scheme of the application, it is related to interacting between service end and client and coordinates, than
As shown in figure 3, under the application scenarios of an exemplary embodiment, server is configured with service end, terminal
On be provided with as the application program of client, then server can be safeguarded to patch data, and eventually
Request is initiated in end by server, to obtain corresponding patch data and install.
1st, patch is safeguarded
After service end receives the patch code of developer's upload, read by the attribute to the patch code
After taking and generating corresponding check information, you can the corresponding patch data of generation, and set up corresponding data
Structure, in order to safeguard.
Fig. 4 is the data structure of the patch maintenance of an exemplary embodiment, and the data structure can include three
Individual level:System type, application version and patch release.
System type.System type refers to the OS Type that terminal is used, different types of operation system
System is needed using different types of application program, and corresponding patch is also differed.Such as system type can be with
Including iOS, Android, Win (i.e. Windows Phone) etc..
Application version.One or more application versions are there may be under every kind of system type, should
With the version updating of program mean the whole updating of application program and reinstall, it is necessary to user again under
Carry the installation file of whole application program and update;And if amendment or function only for minor error add
Plus, then need not often version updating be carried out to application program, but repaired by way of patch.
Made a distinction by version number between different editions, be the situation of iOS than system type as shown in Figure 4
Under, there is version number is the application program of multiple versions such as " 1.0.0 ", " 1.0.1 ".
Patch release.The application program of same version there may be one or more patches, such as Fig. 4
Under the application program that shown system type is iOS, version number is 1.0.1, including 2 patches:Patch
1 and patch 2.
Because service end is safeguarded in the form of database to patch data, i.e., developer is uploading
Packing treatment will not be carried out during patch so that service end can directly read the attribute information of patch data,
And sorted out and managed by the patch data structure shown in Fig. 4.Correspondingly, developer need not adopt
With the form of " download ", you can the patch data in database is conducted interviews.Such as, developer
Web access requests can be initiated to service end by local browser, then service end is demonstrating exploit person
After the identity and access rights of member, the net corresponding to the patch situation in the patch platform database is returned
Page data, allows local browser to generate the system type administration interface shown in Fig. 5 A;Then, open
Hair personnel can send patch maintenance instruction by the administration interface, then service end is according to the patch for receiving
Maintenance instruction, you can patch maintenance is carried out to patch platform database.
In the system type administration interface shown in Fig. 5 A, developer can intuitively check existing
The patch situation of every kind of system type, can also add more system types by " newly-increased ".It is false
Determine developer and click " iOS " corresponding " entrance " operation, be then transferred to the application journey shown in Fig. 5 B
Sequence version management interface.
In the application version administration interface shown in Fig. 5 B, developer can intuitively check
In the case that system type is iOS, existing patch under existing application version and each version
Quantity;Such as " 1.0.1 ", " 1.0.2 ", " 2.0.1 ".Meanwhile, developer can also be by " new
Increase " add more application versions.It is assumed that developer have selected certain existing version, then turn
Enter the patch management interface shown in Fig. 5 C.
In the patch management interface shown in Fig. 5 C, developer can be intuitively checked in system type
In the case of iOS, the patch details under each application version.It is 3.3.0 such as in version number
Application program under, including two patches that numbering is 1 and 2, and developer can be to existing benefit
Fourth carries out the management of the form such as " editor " or " deletion ".
It is assumed that developer clicks " editor " operation of patch 2, then the patch shown in Fig. 5 D is transferred to
Editing interface, can enter edlin to " patch description ", " patch code " etc..Additionally, Fig. 5 D
In also show " Override (force covering) " option of patch, when developer chooses the option
Afterwards, whether client will force to obtain the patch from service end and carry out covering installation, regardless of whether locally
Patch through there is same numbering, the option is used to carry out the patch provided remedial pressure corrigendum.
Because developer directly by such as browser form can be visited the patch in service end
Ask and operated with online editing etc., without the operation such as being downloaded patch, packing, help to simplify patch
Maintenance and management operation.
2nd, patch is obtained
Fig. 6 is a kind of stream of the patch granting and acquisition methods provided according to the exemplary embodiment of the application one
Cheng Tu, as shown in fig. 6, the method may comprise steps of:
Step 602, service end obtains patch code.
In the present embodiment, patch code is generated by developer and stored to service end;For example, exploitation
Personnel can be transferred to administration interface shown in Fig. 5 A-5D by browser, and to every kind of system type, every
Patch under individual application version is managed, including new patch generation or the editor to existing patch
Deng.
Step 604, service end calculates the corresponding summary info of patch code.
In the present embodiment, because check information and patch code are corresponded, then for newly-generated benefit
Fourth code or by the existing patch code after editor, service end is required to regenerate corresponding verification letter
Breath.
In the present embodiment, service end can be calculated patch code pair by such as MD5 scheduling algorithms
The summary info answered.Such as when patch code is " Hello World ", corresponding MD5 values are plucked
It is " b10a8db164e0754105b7a99be72e3fe5 " to want information.
Step 606, service end is signed using private key to summary info, obtains check information.
In the present embodiment, private key is preserved at service end, between the public key at the private key and client
It is mutually matched.By private key to the signature of summary info, then client is tested the signature using public key
During card, you can whether the source for identifying corresponding patch data is really service end, such as to above-mentioned
After " b10a8db164e0754105b7a99be72e3fe5 " summary info is signed, signature string is obtained
It is " PAzf7S/eT/IUOm7LLqXx ".
In the present embodiment, because the length of different patch codes does not know, if then patch code mistake
Long, time that private key may be caused to be signed is long, efficiency is low, is unfavorable for that the patch of service end is safeguarded;
Meanwhile, also there is the length limitation to being signed content under certain situation, when private key is signed, then it is interior
Hold the long patch code of excessive, length to be likely to effectively to be signed.Therefore, pass through in the application
After the uncontrollable patch code of length is converted into the summary info of regular length, patch code can be avoided
Length it is long and cannot sign or inefficiency of signing problem, so as to the patch for contributing to service end is tieed up
Shield, and client in follow-up phase to the safety check of patch data.
Patch code and check information are associated storage by step 608, service end as patch data.
Step 610, the patch that service end receives client transmission obtains request.
In the present embodiment, when detecting patch and upgrading demand, can travel through first is locally client
It is no to there is patch data.If locally there is patch data, can be solved by local patch data described
Patch is upgraded demand;If not existing patch data locally, just please by initiating patch acquisition to service end
Ask, patch data is obtained with from service end.
Step 612, service end reads the system type information and application version that patch is obtained in request
Information.
Step 614, service end is extracted and system type information, application version information from database
The patch data for matching.
In the present embodiment, according to system type information and application version information, service end can be selected
Take corresponding latest patch and return to client.Such as in the case of shown in Fig. 5 C, if client
It is 3.3.0 for iOS, application version information to hold the system type information of transmission, then service end can be looked into
Ask and return newest patch 2.
Step 616, service end returns to the patch data for extracting to client.
Step 618, client obtains the patch code and check information in patch data.
Step 620, client executing data check.
In the present embodiment, the data check of client can include two parts:
1st, signature check.Be stored with public key at client, and the public key matches with the private key at service end,
Client carries out involved in signature de by public key to the check information for receiving, if be successfully decoded made a summary
Information, it is determined that patch data comes from service end, otherwise illustrates that the source of patch data there may be risk,
Such as hacker such as may intercept at the address that mode has distorted service end by DNS, make client from false clothes
Business end obtains unsafe patch data.
It is assumed that check information is " PAzf7S/eT/IUOm7LLqXx ", if then smoothly decoding, you can
Obtain corresponding summary info " b10a8db164e0754105b7a99be72e3fe5 ".
2nd, data tampering verification.Client understands the summary info algorithm of use with service end in advance, such as
MD5 algorithms, then client the corresponding real-time summary info of patch code is calculated by MD5 algorithms.
If situations such as patch code data there occurs missing in transmitting procedure, distort, real-time summary info
It is inevitable from the summary info decoded in " signature check " different, illustrate that patch code has security risk,
Should not install;And if patch data has passed through signature check and data tampering verification, then illustrate patch
Data safety reliability, can perform patch code to complete to install.
In other words, if the patch code that client is received remains as " Hello World ", generate
MD5 values necessarily be " b10a8db164e0754105b7a99be72e3fe5 ", with " signature check "
In the summary info that decodes it is identical so that by verification.
Step 622, if by data check, client executing patch code is not performed otherwise.
From above technical scheme, the application manages patch data by patch platform database, makes
Developer is obtained without carry out being packaged as patch file to patch data, patch file is entered without client
Row parsing, be also convenient for patch platform database is carried out to attributes such as system type, the version numbers of patch file
Read and manage.By including patch code and check information simultaneously in patch data, make the client can
To be verified accordingly, identify that patch source is substituted, patch code is tampered equivalent risk situation, have
Help lift the security that patch is installed.
Fig. 7 shows the schematic configuration diagram of the electronic equipment of the exemplary embodiment according to the application.Please
With reference to Fig. 7, in hardware view, the electronic equipment includes processor, internal bus, network interface, interior
Deposit and nonvolatile memory, the hardware required for other business are also possible that certainly.Processor from
Corresponding computer program to then operation in internal memory is read in nonvolatile memory, on logic level
Form patch dispensing apparatus.Certainly, in addition to software realization mode, the application is not precluded from other realities
Existing mode, such as mode of logical device or software and hardware combining etc., that is to say, that following handling process
Executive agent be not limited to each logic unit, or hardware or logical device.
Refer to Fig. 8, in Software Implementation, the patch dispensing apparatus can include extraction unit and
Returning unit.Wherein:
Extraction unit, the patch sent according to client obtains request, is extracted from patch platform database
Corresponding patch data;
Returning unit, the client is returned by the patch data;Wherein, the patch data includes
Patch code and check information corresponding with the patch code, with by the client according to the verification
Information is verified to the patch code.
Optionally, the check information is to be signed via the private key at the patch platform database
Summary info, the summary info is that the patch code is calculated according to default digest algorithm.
Optionally, the extraction unit specifically for:
Read the system type information and application version information during the patch obtains request;
Extracted from the patch platform database and the system type information and the application version
The latest edition patch data of information match.
Optionally, also include:
Request reception unit, receives web access requests, and the web access requests are passed through by developer
Local browser is initiated;
Data returning unit, returns to the webpage number corresponding to the patch situation in the patch platform database
According to so that the local browser generates the pipe to the patch platform database according to the web data
Reason interface;
Patch maintenance unit, is received the developer and is referred to by the patch maintenance that the administration interface sends
Order, patch maintenance is carried out to the patch platform database.
Fig. 9 shows the schematic configuration diagram of the electronic equipment of the exemplary embodiment according to the application.Please
With reference to Fig. 9, in hardware view, the electronic equipment includes processor, internal bus, network interface, interior
Deposit and nonvolatile memory, the hardware required for other business are also possible that certainly.Processor from
Corresponding computer program to then operation in internal memory is read in nonvolatile memory, on logic level
Form patch acquisition device.Certainly, in addition to software realization mode, the application is not precluded from other realities
Existing mode, such as mode of logical device or software and hardware combining etc., that is to say, that following handling process
Executive agent be not limited to each logic unit, or hardware or logical device.
Refer to Figure 10, in Software Implementation, the patch acquisition device can include transmitting element,
Receiving unit and verification unit.Wherein:
Transmitting element, sends patch and obtains request to service end;
Receiving unit, receives the patch data that the service end is returned, and the patch data includes patch generation
Code and check information;
Verification unit, verifies according to the check information to the patch code, and by verification
In the case of perform the patch code.
Optionally, also include:
Detection unit, detects whether that there is patch upgrades demand;
Traversal Unit, when there is the patch and upgrade demand, traversal locally whether there is patch data;
Processing unit, when locally there is patch data, the patch is solved more by local patch data
New demand;When locally in the absence of patch data, send the patch to the service end and obtain request,
Patch data is obtained with from the service end.
Optionally, the check information is to be signed via the private key at the patch platform database
Summary info, the summary info is that the patch code is calculated according to default digest algorithm.
Optionally, the verification unit specifically for:
The corresponding real-time summary info of the patch code is calculated according to the default digest algorithm;
When the check information meets following conditions, judge that the patch code has passed through the verification letter
The verification of breath:Carry out involved in signature de to the check information by local public key, and the decoded information for obtaining with
The real-time summary info is consistent.
In a typical configuration, computing device include one or more processors (CPU), input/
Output interface, network interface and internal memory.
Internal memory potentially includes the volatile memory in computer-readable medium, random access memory
And/or the form, such as read-only storage (ROM) or flash memory (flash such as Nonvolatile memory (RAM)
RAM).Internal memory is the example of computer-readable medium.
Computer-readable medium includes that permanent and non-permanent, removable and non-removable media can be by
Any method or technique realizes information Store.Information can be computer-readable instruction, data structure,
The module of program or other data.The example of the storage medium of computer includes, but are not limited to phase transition internal memory
(PRAM), static RAM (SRAM), dynamic random access memory (DRAM),
Other kinds of random access memory (RAM), read-only storage (ROM), electrically erasable
Read-only storage (EEPROM), fast flash memory bank or other memory techniques, read-only optical disc read-only storage
(CD-ROM), digital versatile disc (DVD) or other optical storages, magnetic cassette tape, tape magnetic
Disk storage or other magnetic storage apparatus or any other non-transmission medium, can be used for storage can be counted
The information that calculation equipment is accessed.Defined according to herein, computer-readable medium does not include that temporary computer can
Read media (transitory media), such as data-signal and carrier wave of modulation.
Also, it should be noted that term " including ", "comprising" or its any other variant be intended to it is non-
It is exclusive to include, so that process, method, commodity or equipment including a series of key elements are not only
Including those key elements, but also other key elements including being not expressly set out, or also include being this
Process, method, commodity or the intrinsic key element of equipment.In the absence of more restrictions, by language
The key element that sentence "including a ..." is limited, it is not excluded that in the process including the key element, method, business
Also there is other identical element in product or equipment.
The preferred embodiment of the application is the foregoing is only, is not used to limit the application, it is all at this
Within the spirit and principle of application, any modification, equivalent substitution and improvements done etc. should be included in
Within the scope of the application protection.
Claims (16)
1. a kind of patch distribution method, it is characterised in that including:
The patch sent according to client obtains request, and corresponding patch is extracted from patch platform database
Data;
The patch data is returned into the client;Wherein, the patch data include patch code and
Check information corresponding with the patch code, with by the client according to the check information to described
Patch code is verified.
2. method according to claim 1, it is characterised in that the check information is via described
The summary info that private key at patch platform database is signed, the summary info is plucked according to default
Algorithm is wanted to be calculated the patch code.
3. method according to claim 1, it is characterised in that the benefit sent according to client
Fourth obtains request, and corresponding patch data is extracted from patch platform database, including:
Read the system type information and application version information during the patch obtains request;
Extracted from the patch platform database and the system type information and the application version
The latest edition patch data of information match.
4. method according to claim 1, it is characterised in that also include:
Web access requests are received, the web access requests are initiated by developer by local browser;
The web data corresponding to the patch situation in the patch platform database is returned to, so that described
Ground browser generates the administration interface to the patch platform database according to the web data;
The patch maintenance instruction that the developer is sent by the administration interface is received, to the patch
Platform database carries out patch maintenance.
5. a kind of patch acquisition methods, it is characterised in that including:
Patch is sent to service end obtain request;
The patch data that the service end is returned is received, the patch data includes that patch code and verification are believed
Breath;
The patch code is verified according to the check information, and is held in the case of by verification
The row patch code.
6. method according to claim 5, it is characterised in that also include:
Detect whether that there is patch upgrades demand;
When there is the patch and upgrade demand, traversal locally whether there is patch data;
When locally there is patch data, the patch being solved by local patch data and is upgraded demand;When
When locally in the absence of patch data, send the patch to the service end and obtain request, with from the clothes
Business end obtains patch data.
7. method according to claim 6, it is characterised in that the check information is via described
The summary info that private key at patch platform database is signed, the summary info is plucked according to default
Algorithm is wanted to be calculated the patch code.
8. method according to claim 7, it is characterised in that described according to the check information pair
The patch code is verified, including:
The corresponding real-time summary info of the patch code is calculated according to the default digest algorithm;
When the check information meets following conditions, judge that the patch code has passed through the verification letter
The verification of breath:Carry out involved in signature de to the check information by local public key, and the decoded information for obtaining with
The real-time summary info is consistent.
9. a kind of patch dispensing apparatus, it is characterised in that including:
Extraction unit, the patch sent according to client obtains request, is extracted from patch platform database
Corresponding patch data;
Returning unit, the client is returned by the patch data;Wherein, the patch data includes
Patch code and check information corresponding with the patch code, with by the client according to the verification
Information is verified to the patch code.
10. device according to claim 9, it is characterised in that the check information is via institute
The summary info that the private key at patch platform database is signed is stated, the summary info is according to default
Digest algorithm is calculated to the patch code.
11. devices according to claim 9, it is characterised in that the extraction unit specifically for:
Read the system type information and application version information during the patch obtains request;
Extracted from the patch platform database and the system type information and the application version
The latest edition patch data of information match.
12. devices according to claim 9, it is characterised in that also include:
Request reception unit, receives web access requests, and the web access requests are passed through by developer
Local browser is initiated;
Data returning unit, returns to the webpage number corresponding to the patch situation in the patch platform database
According to so that the local browser generates the pipe to the patch platform database according to the web data
Reason interface;
Patch maintenance unit, is received the developer and is referred to by the patch maintenance that the administration interface sends
Order, patch maintenance is carried out to the patch platform database.
A kind of 13. patch acquisition device, it is characterised in that including:
Transmitting element, sends patch and obtains request to service end;
Receiving unit, receives the patch data that the service end is returned, and the patch data includes patch generation
Code and check information;
Verification unit, verifies according to the check information to the patch code, and by verification
In the case of perform the patch code.
14. devices according to claim 13, it is characterised in that also include:
Detection unit, detects whether that there is patch upgrades demand;
Traversal Unit, when there is the patch and upgrade demand, traversal locally whether there is patch data;
Processing unit, when locally there is patch data, the patch is solved more by local patch data
New demand;When locally in the absence of patch data, send the patch to the service end and obtain request,
Patch data is obtained with from the service end.
15. devices according to claim 13, it is characterised in that the check information is via institute
The summary info that the private key at patch platform database is signed is stated, the summary info is according to default
Digest algorithm is calculated to the patch code.
16. devices according to claim 15, it is characterised in that the verification unit specifically for:
The corresponding real-time summary info of the patch code is calculated according to the default digest algorithm;
When the check information meets following conditions, judge that the patch code has passed through the verification letter
The verification of breath:Carry out involved in signature de to the check information by local public key, and the decoded information for obtaining with
The real-time summary info is consistent.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510413349.2A CN106709281B (en) | 2015-07-14 | 2015-07-14 | Patch granting and acquisition methods, device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510413349.2A CN106709281B (en) | 2015-07-14 | 2015-07-14 | Patch granting and acquisition methods, device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106709281A true CN106709281A (en) | 2017-05-24 |
CN106709281B CN106709281B (en) | 2019-09-17 |
Family
ID=58899687
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510413349.2A Active CN106709281B (en) | 2015-07-14 | 2015-07-14 | Patch granting and acquisition methods, device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106709281B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107481173A (en) * | 2017-09-05 | 2017-12-15 | 王东红 | A kind of Platform of Experimental Teaching experimental project update method and system |
CN107992319A (en) * | 2017-12-11 | 2018-05-04 | 北京奇虎科技有限公司 | Patch data update method and device |
CN108039945A (en) * | 2017-12-11 | 2018-05-15 | 北京奇虎科技有限公司 | A kind of endorsement method of service packs, method of calibration and device |
CN110058874A (en) * | 2019-03-14 | 2019-07-26 | 广东九联科技股份有限公司 | A kind of code patch inspection System and method for |
CN116506176A (en) * | 2023-04-27 | 2023-07-28 | 江苏汤谷智能科技有限公司 | Programmable network communication method and system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1659494A (en) * | 2002-04-12 | 2005-08-24 | 英特尔公司 | Microcode patch authentication |
CN101944032A (en) * | 2009-07-03 | 2011-01-12 | 华为技术有限公司 | Microware updating method, client, server and system |
CN102053844A (en) * | 2009-10-28 | 2011-05-11 | 无锡华润上华半导体有限公司 | Software upgrading method and software upgrading system using same |
CN102571778A (en) * | 2011-12-28 | 2012-07-11 | 奇智软件(北京)有限公司 | Method and device for providing data |
CN103763354A (en) * | 2014-01-06 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for downloading upgrading data |
-
2015
- 2015-07-14 CN CN201510413349.2A patent/CN106709281B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1659494A (en) * | 2002-04-12 | 2005-08-24 | 英特尔公司 | Microcode patch authentication |
CN101944032A (en) * | 2009-07-03 | 2011-01-12 | 华为技术有限公司 | Microware updating method, client, server and system |
CN102053844A (en) * | 2009-10-28 | 2011-05-11 | 无锡华润上华半导体有限公司 | Software upgrading method and software upgrading system using same |
CN102571778A (en) * | 2011-12-28 | 2012-07-11 | 奇智软件(北京)有限公司 | Method and device for providing data |
CN103763354A (en) * | 2014-01-06 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for downloading upgrading data |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107481173A (en) * | 2017-09-05 | 2017-12-15 | 王东红 | A kind of Platform of Experimental Teaching experimental project update method and system |
CN107992319A (en) * | 2017-12-11 | 2018-05-04 | 北京奇虎科技有限公司 | Patch data update method and device |
CN108039945A (en) * | 2017-12-11 | 2018-05-15 | 北京奇虎科技有限公司 | A kind of endorsement method of service packs, method of calibration and device |
CN107992319B (en) * | 2017-12-11 | 2021-08-20 | 北京奇虎科技有限公司 | Patch data updating method and device |
CN110058874A (en) * | 2019-03-14 | 2019-07-26 | 广东九联科技股份有限公司 | A kind of code patch inspection System and method for |
CN110058874B (en) * | 2019-03-14 | 2022-03-15 | 广东九联科技股份有限公司 | Code patch checking system and method |
CN116506176A (en) * | 2023-04-27 | 2023-07-28 | 江苏汤谷智能科技有限公司 | Programmable network communication method and system |
Also Published As
Publication number | Publication date |
---|---|
CN106709281B (en) | 2019-09-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11100546B2 (en) | Method and system for provenance tracking in software ecosystems | |
JP6609047B2 (en) | Method and device for application information risk management | |
KR101723937B1 (en) | Cloud-assisted method and service for application security verification | |
CN102982258B (en) | A kind of system of mobile applications being carried out to master verification | |
CN106484453B (en) | Method and device for realizing system upgrading | |
US9632765B1 (en) | Customized application package with context specific token | |
CN106709281A (en) | Patch releasing and obtaining method and device | |
CN106055341A (en) | Application installation package checking method and device | |
CN104391729B (en) | Programme upgrade method and device based on Root authority | |
US10148440B2 (en) | Binary code authentication | |
US10694330B2 (en) | Validating mobile applications for accessing regulated content | |
CN112231702A (en) | Application protection method, device, equipment and medium | |
CN106682491A (en) | Application downloading method and device | |
CN109522683B (en) | Software tracing method, system, computer equipment and storage medium | |
CN109657454A (en) | A kind of Android application trust authentication method based on TF crypto module | |
CN112416395A (en) | Hot repair updating method and device | |
CN102148831B (en) | Method and system for safely controlling terminal application | |
CN109635558B (en) | Access control method, device and system | |
CN109145591B (en) | Plug-in loading method of application program | |
CN108052842B (en) | Signature data storage and verification method and device | |
CN104158812A (en) | Method and system of safety control of terminal application | |
CN115048630A (en) | Integrity verification method and device of application program, storage medium and electronic equipment | |
CN110572371B (en) | Identity uniqueness check control method based on HTML5 local storage mechanism | |
CN107295078A (en) | A kind of patch distribution tracking and control system and method | |
CN112966308A (en) | Software delivery method, processing device and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240219 Address after: # 01-21, Lai Zan Da Building 1, 51 Belarusian Road, Singapore Patentee after: Alibaba Singapore Holdings Ltd. Country or region after: Singapore Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Patentee before: ALIBABA GROUP HOLDING Ltd. Country or region before: United Kingdom |
|
TR01 | Transfer of patent right |