CN107292135A - A kind of program code guard method and device - Google Patents
A kind of program code guard method and device Download PDFInfo
- Publication number
- CN107292135A CN107292135A CN201710419286.0A CN201710419286A CN107292135A CN 107292135 A CN107292135 A CN 107292135A CN 201710419286 A CN201710419286 A CN 201710419286A CN 107292135 A CN107292135 A CN 107292135A
- Authority
- CN
- China
- Prior art keywords
- function
- code instruction
- information
- function code
- instruction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 238000012545 processing Methods 0.000 claims abstract description 16
- 239000000284 extract Substances 0.000 claims abstract description 12
- 238000012986 modification Methods 0.000 claims abstract description 11
- 230000004048 modification Effects 0.000 claims abstract description 11
- 230000006870 function Effects 0.000 claims description 221
- 238000004590 computer program Methods 0.000 claims description 3
- 238000005314 correlation function Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 4
- 238000000605 extraction Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000009183 running Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
Embodiments of the present invention provide a kind of program code guard method.Program code guard method should be included, including:For each function included in DEX file, if it is judged that the corresponding function code instruction of the function needs encryption, then obtain and include function code instruction and its access identities in the structural information of the function, the structural information;The access identities are changed for preset value;And extract the instruction of the function corresponding function code and be encrypted.The function encrypted the need for for being included in the DEX file judged, according to access identities and the function code instruction included in its structural information, modification access identities are preset value, and function code instruction is encrypted, without whole DEX file is encrypted, so as to save system processing resources, DEX file encryption efficiency is improved, is that user brings more preferable experience.In addition, embodiments of the present invention provide a kind of program code protection device.
Description
Technical field
Embodiments of the present invention are related to technical field of software development, more specifically, embodiments of the present invention are related to one
Plant program code guard method and device.
Background technology
This part is it is intended that the embodiments of the present invention stated in claims provide background or context.Herein
Description recognizes it is prior art not because not being included in this part.
APP is the abbreviation of Application (application), typically refer to mobile device (including tablet personal computer, mobile phone and other
Mobile device) on third party exploitation application program.DEX file is that (Dalvik virtual machine) is held in Android platform
Style of writing part, equivalent to the exe files in windows platform, each Apk (AndroidPackage, Android kit) is installed
There is DEX file in bag, it is write by Java language and formed, it comprises required when the instruction of APP all operationss and operation
Data.DEX file can check its Java source code by third party's conversed analysis instrument, i.e., can by decompiling DEX file
To be immediately seen Java source codes, therefore, increasing App (including malicious virus App) all employ reinforcement technique to prevent
App is by decompiling easily.
In the prior art, generally DEX file is reinforced using following two methods, one kind is that source DEX is added
It is close, and the file packing storage after encryption to (shell adding) under APK some catalogue, so, when APP is run, shell DEX is first
First start, then will encrypt file decryption, it is to be decrypted go out source DEX after be dynamically loaded into internal memory operation source DEX again.Another is
By source DEX with shell DEX mixed processings into a new DEX, when APP is run, shell DEX starts first, then will be contained in
Source DEX in new DEX is decrypted, last dynamic load operating source DEX.
The content of the invention
But, in the first above-mentioned scheme, due to needing to load after encryption file and decryption and dynamic load encryption
Source DEX is, it is necessary to consume the more process resource of system;And in above-mentioned second scheme, which reduce DEX file internal memory and add
Carry, system resource overhead is reduced to a certain extent, still, it is in ciphering process, it is still desirable to which whole DEX file is entered
Row encryption, equally adds the expense of system processing resources.
Therefore, a kind of improved function code instruction guard method is highly desirable to, to improve function code instruction protection
Security.
In the present context, embodiments of the present invention are expected to provide a kind of program code guard method and device.
There is provided a kind of program code guard method in the first aspect of embodiment of the present invention, including:
For each function included in DEX file, if it is judged that the corresponding function code instruction of the function needs to add
It is close, then obtain and include function code instruction and its access identities in the structural information of the function, the structural information;
The access identities are changed for preset value;And
The corresponding function code instruction of the function is extracted to be encrypted.
Preferably, for each function included in DEX file, the function corresponding function generation is judged according to below scheme
Whether code instruction needs encryption:
For each function included in DEX file, judge that the function whether there is in the white list prestored;
If it is present determining that the corresponding function code instruction of the function needs encryption;
If it does not exist, then determining that the corresponding function code instruction of the function need not be encrypted.
Preferably, command offsets information is also included in the structural information of the function;And
Extract the corresponding function code instruction of the function to be encrypted, specifically include:
The original position and stop bit of the corresponding function code instruction of the function are determined according to the command offsets information
Put;
The function code instruction included between the starting position and final position is extracted to be encrypted.
Alternatively, program code guard method provided in an embodiment of the present invention, in addition to:
Function code instruction after storage encryption;And
The storage location information of function code instruction after recording of encrypted.
Alternatively, program code guard method provided in an embodiment of the present invention, in addition to:
When performing the DEX file, obtained according to the storage location information from corresponding storage location after encryption
Function code instruction is decrypted;And
Perform the function code instruction after decryption.
Alternatively, program code guard method provided in an embodiment of the present invention, in addition to:
When performing the DEX file, obtained according to the storage location information from corresponding storage location after encryption
Function code instruction is decrypted;And
The internal memory offset information that record system is distributed by the function code instruction after decryption;
The command offsets information included in the structural information for changing the function is the internal memory offset information of distribution.
There is provided a kind of program code protection device in the second aspect of embodiment of the present invention, including:
First acquisition unit, for each function for being included in DEX file, if it is judged that the corresponding letter of the function
Number code command needs encryption, then obtains and include function code instruction in the structural information of the function, the structural information
And its access identities;
First modification unit, for changing the access identities for preset value;
Ciphering unit, is encrypted for extracting the corresponding function code instruction of the function.
Alternatively, program code protection device provided in an embodiment of the present invention, in addition to:
Judging unit, for each function for being included in DEX file, judges that the function whether there is in prestoring
White list in;If it is present determining that the corresponding function code instruction of the function needs encryption;If it does not exist, then determining
The corresponding function code instruction of the function need not be encrypted.
Preferably, command offsets information is also included in the document structure information;And
The ciphering unit, specifically for determining the access identities corresponding function generation according to the command offsets information
The original position and final position of code instruction;Extract the function code included between the starting position and final position instruct into
Row encryption.
Alternatively, program code protection device provided in an embodiment of the present invention, in addition to:
Memory cell, for storing the function code instruction after encryption;
First recording unit, the storage location information for the function code instruction after recording of encrypted.
Alternatively, program code protection device provided in an embodiment of the present invention, in addition to:
Second acquisition unit, for when performing the DEX file, being stored according to the storage location information from corresponding
Function code instruction after position acquisition encryption is decrypted;
Execution unit, for performing the function code instruction after decryption.
Alternatively, program code protection device provided in an embodiment of the present invention, in addition to:
3rd acquiring unit, for when performing the DEX file, being stored according to the storage location information from corresponding
Function code instruction after position acquisition encryption is decrypted;
Second recording unit, distributed internal memory offset information is instructed for being recorded as the function code after decryption;
Second modification unit, the command offsets information included for changing in the document structure information is the internal memory of distribution
Offset information.
There is provided a kind of program code protection device in the third aspect of embodiment of the present invention, for example, can include
Memory and processor, wherein, processor can be used for reading the program in memory, perform following process:For DEX file
In each function for including, if it is judged that the corresponding function code instruction of the function needs encryption, then obtain the function
Include function code instruction and its access identities in structural information, the structural information;It is default to change the access identities
Value;And extract the instruction of the function corresponding function code and be encrypted.
There is provided a kind of program product in the fourth aspect of embodiment of the present invention, it includes function code instruction, when
When described program product is run, the function code is instructed for performing procedure below:For each letter included in DEX file
Number, if it is judged that the corresponding function code instruction of the function needs encryption, then obtains the structural information of the function, the knot
Include function code instruction and its access identities in structure information;The access identities are changed for preset value;And extract the letter
The corresponding function code instruction of number is encrypted.
According to the program protection method and device of embodiment of the present invention, for the need included in the DEX file judged
The function to be encrypted, is instructed according to the access identities and function code included in its structural information, and modification access identities are default
Value, and function code instruction is encrypted, without whole DEX file is encrypted, so as to save system processing
Resource, improves DEX file encryption efficiency, is that user brings more preferable experience.
Brief description of the drawings
Detailed description below, above-mentioned and other mesh of exemplary embodiment of the invention are read by reference to accompanying drawing
, feature and advantage will become prone to understand.In the accompanying drawings, if showing the present invention's by way of example, and not by way of limitation
Dry embodiment, wherein:
Fig. 1 is schematically shown to be illustrated according to the implementing procedure of the program code guard method of embodiment of the present invention
Figure;
Fig. 2 schematically shows the function structure information schematic diagram according to embodiment of the present invention;
Fig. 3 is schematically shown according to embodiment of the present invention to needing after its instruction code of the functions extract of encryption
Structural information schematic diagram;
Fig. 4 is schematically shown is according to the corresponding function code instruction of any function of judgement of embodiment of the present invention
The no schematic flow sheet for needing to encrypt;
Fig. 5 is schematically shown instructs the flow being encrypted to show according to the extraction function code of embodiment of the present invention
It is intended to;
Fig. 6 schematically shows the structural representation of the program code protection device according to embodiment of the present invention;
Fig. 7 is schematically shown to be shown according to the structure of another program code protection device of embodiment of the present invention
It is intended to;
Fig. 8 schematically shows the program product schematic diagram according to embodiment of the present invention;
In the accompanying drawings, identical or corresponding label represents identical or corresponding part.
Embodiment
The principle and spirit of the present invention is described below with reference to some illustrative embodiments.It should be appreciated that providing this
A little embodiments are used for the purpose of better understood when those skilled in the art and then realizing the present invention, and not with any
Mode limits the scope of the present invention.On the contrary, these embodiments are provided so that the disclosure is more thorough and complete, and energy
It is enough that the scope of the present disclosure is intactly conveyed into those skilled in the art.
One skilled in the art will appreciate that embodiments of the present invention can be implemented as a kind of system, device, equipment, method
Or computer program product.Therefore, the disclosure can be implemented as following form, i.e.,:Complete hardware, complete software
(including firmware, resident software, microcode etc.), or the form that hardware and software is combined.
According to the embodiment of the present invention, it is proposed that a kind of program code guard method and device.
Herein, it is to be understood that any number of elements in accompanying drawing is used to example and unrestricted and any
Name is only used for distinguishing, without any limitation.
Below with reference to the principle and spirit of some representative embodiments of the present invention, in detail the explaination present invention.
Summary of the invention
The inventors discovered that, when being reinforced to DEX file, it usually needs whole DEX file is encrypted, this increasing
Add system processing resources expense, reduce the treatment effeciency of DEX file encryption.
In view of this, in the embodiment of the present invention, for each function included in DEX file, first choice determines to need encryption
Function, and according to the structural information for the function that need to be encrypted, extract function code instruction therein and be encrypted, due to without right
Whole DEX file is encrypted, and from data processing amount is greatly reduced, has saved system resource overhead, has improved DEX file and add
Close efficiency.
After the general principle of the present invention is described, lower mask body introduces the various non-limiting embodiment party of the present invention
Formula.The preferred embodiments of the present invention are illustrated below in conjunction with Figure of description, it will be appreciated that preferred reality described herein
Apply example to be merely to illustrate and explain the present invention, be not intended to limit the present invention, and in the case where not conflicting, in the present invention
Feature in embodiment and embodiment can be mutually combined.
Illustrative methods
As shown in figure 1, it is implementation process diagram of program code guard method provided in an embodiment of the present invention, can be with
Comprise the following steps:
S11, each function for being included in DEX file, if it is judged that the corresponding function code instruction of the function is needed
Encrypt, then obtain and include function code instruction and its access identities in the structural information of the function, the structural information.
When it is implemented, this, for each function included in the DEX file, judges DEX file to be encrypted successively
Whether the function needs encryption, if it is, the structural information of the function is obtained, as shown in Fig. 2 it is the structural information of function
The function code instruction included in schematic diagram, the structural information of function and access identities.
Access identities in S12, modification structural information are preset value.
When it is implemented, when a function is declared as native functions in Java source code, its instruction
Code is being registered in its SO (shared object, sharing DLL) file not in DEX file.Cause
This, during the present invention is implemented, make use of the access identities of function in DEX file, by will not be that the function that native is identified is changed
The instruction code of function is hidden for native types, the instruction code of source function will be encrypted save, in APP operations
When again dynamically decryption perform.
The corresponding function code instruction of S13, the extraction function is encrypted.
As shown in figure 3, during it is the embodiment of the present invention, the structure after functions extract its instruction code for needing to encrypt is believed
Cease schematic diagram.In Fig. 3, if the access identities of function to be encrypted are not native, access identities are revised as native,
Command offsets information is changed for null, and extracts the corresponding function instruction code of the function and is encrypted.
When it is implemented, in step s 11, can be according to shown in Fig. 4 for any function included in DEX file
Flow judges whether the corresponding function code instruction of the function needs encryption:
S41, each function for being included in DEX file, judge that the function whether there is in the white list prestored
In, if it is, performing step S42, otherwise, perform step S43.
When it is implemented, function encrypting white list can be pre-established, wherein, the function in white list can be rule of thumb
Preset.
S42, determine that the instruction of the function corresponding function code needs encryption, flow terminates.
S43, determine that the instruction of the function corresponding function code need not be encrypted.
When it is implemented, as shown in Fig. 2 in the structural information of function also include command offsets information, based on this, step
, can be according to the flow implementation shown in Fig. 5 in S13:
S51, the original position for determining according to the command offsets information the corresponding function code instruction of the function and end
Stop bit is put.
The function code instruction included between S52, the extraction starting position and final position is encrypted.
In APP runnings, instruct and perform, the embodiment of the present invention to accurately obtain encrypted function code
In, after function instruction code is encrypted, it can also include needing to store the function code instruction after encryption, and record
The storage location information of function code instruction after encryption.
In the prior art, the first encryption method after decryption, due to needing to call dynamic load correlation function, this mistake
The source DEX after decryption may be obtained in journey by hooking correlation function by attacker, so as to reach the purpose cracked, reduced
The security of DEX file protection;And in second of encryption method, because it needs decryption source DEX, and use dynamic load skill
Art loads the source DEX after decryption, during this, however it remains the problem of identical with the first above-mentioned encryption method, you can
, so as to reach the purpose cracked, DEX can be equally reduced by attacker by hooking the source DEX after correlation function acquisition decryption
The security of file protection.
And, it is necessary to when performing encrypted function code instruction, be provided based on the embodiment of the present invention in APP runnings
Program code guard method, the embodiment of the present invention provides following two processing methods.
Function code instruction after method one, directly execution decryption.
Under this embodiment, when APP operations perform DEX file, according to the storage location information of record from corresponding
Storage location obtains the function code instruction after encryption and is decrypted, and performs the function code instruction after decryption.
Method two, the structural information for repairing encrypted function.
Under this embodiment, when APP operations perform DEX file, according to the storage location information of record from corresponding
Storage location obtains the function code instruction after encryption and is decrypted;And record system is by the function code instruction point after decryption
The internal memory offset information matched somebody with somebody;The command offsets information included in the structural information for changing the function is believed for the internal memory skew of distribution
Breath.So, the function code that can be accurately obtained after decryption according to internal memory offset information is instructed and performed.
In above two method, without calling dynamic load correlation function, therefore, it is to avoid by attacker by hooking phase
Close function to obtain the function instruction code after decryption, so as to improve the security of DEX file protection.
In program code guard method provided in an embodiment of the present invention, for the letter for the need encryption judged in DEX file
Number, corresponding function code instruction is extracted using the access identities of function and is encrypted, compared in the prior art, is encrypted whole
Individual DEX file, greatly reduces the data volume that need to be handled, so as to save system processing resources, improves program code protection
Efficiency, improve Consumer's Experience;And in the function code instruction process after performing decryption, due to dynamic load need not be called
Correlation function, obtains the function code instruction after decryption by hooking correlation function so as to avoid attacker, improves DEX
The security of file protection.
Example devices
After the method for exemplary embodiment of the invention is described, next, with reference to Fig. 6 to exemplary reality of the invention
Device applying mode, being protected for program code.
As shown in fig. 6, it is the structural representation of program code protection device provided in an embodiment of the present invention, it can wrap
Include:
First acquisition unit 61, for each function for being included in DEX file, if it is judged that the function is corresponding
Function code instruction needs encryption, then obtains and include function code in the structural information of the function, the structural information and refer to
Order and its access identities;
First modification unit 62, for changing the access identities for preset value;
Ciphering unit 63, is encrypted for extracting the corresponding function code instruction of the function.
Alternatively, program code protection device provided in an embodiment of the present invention, can also include:
Judging unit 64, for each function for being included in DEX file, judges that the function whether there is and is deposited in advance
In the white list of storage;If it is present determining that the corresponding function code instruction of the function needs encryption;If it does not exist, then really
Determining the corresponding function code instruction of the function need not encrypt.
Preferably, command offsets information is also included in the document structure information;And
The ciphering unit 63, specifically for determining the corresponding function of the access identities according to the command offsets information
The original position and final position of code command;Extract the function code instruction included between the starting position and final position
It is encrypted.
Alternatively, program code protection device provided in an embodiment of the present invention, can also include:
Memory cell 65, for storing the function code instruction after encryption;
First recording unit 66, the storage location information for the function code instruction after recording of encrypted.
Alternatively, program code protection device provided in an embodiment of the present invention, can also include:
Second acquisition unit 67, for when performing the DEX file, being deposited according to the storage location information from accordingly
Function code instruction after storage position acquisition encryption is decrypted;
Execution unit 68, for performing the function code instruction after decryption.
Alternatively, program code protection device provided in an embodiment of the present invention, can also include:
3rd acquiring unit 69, for when performing the DEX file, being deposited according to the storage location information from accordingly
Function code instruction after storage position acquisition encryption is decrypted;
Second recording unit 610, distributed internal memory offset information is instructed for being recorded as the function code after decryption;
Second modification unit 611, the command offsets information included for changing in the document structure information is distribution
Internal memory offset information.
After the program code guard method of exemplary embodiment of the invention and device is described, next, introducing
According to the program code protection device of the another exemplary embodiment of the present invention.
Person of ordinary skill in the field it is understood that various aspects of the invention can be implemented as system, method or
Program product.Therefore, various aspects of the invention can be implemented as following form, i.e.,:It is complete hardware embodiment, complete
Complete Software Implementation (including firmware, microcode etc.), or the embodiment combined in terms of hardware and software, it can unite here
Referred to as " circuit ", " module " or " system ".
In some possible embodiments, it can be included according to the program code protection device of the present invention at least one
Manage unit and at least one memory cell.Wherein, the memory cell be stored with function code instruction, when the function generation
When code instruction is performed by the processing unit so that the processing unit is performed in above-mentioned " illustrative methods " part of this specification
Various steps in the program code guard method according to various illustrative embodiments of the invention of description.For example, the place
Reason unit can perform step S11 as shown in fig. 1, for each function included in DEX file, if it is judged that the letter
The corresponding function code instruction of number needs encryption, then obtains in the structural information of the function, the structural information and include letter
Access identities in number code command and its access identities, step S12, modification structural information are preset value;And step S13,
The corresponding function code instruction of the function is extracted to be encrypted.
Program code protection device 70 according to the embodiment of the invention is described referring to Fig. 7.Fig. 7 is shown
Program code protection device be only an example, to the function of the embodiment of the present invention and range band should not be used to carry out any limit
System.
As shown in fig. 7, program code protection device 70 can be showed in the form of universal computing device, for example it can be
User equipment.The component of program code protection device 70 can include but is not limited to:It is at least one above-mentioned processing unit 71, above-mentioned
The bus 73 of at least one memory cell 72, connection different system component (including memory cell 72 and processing unit 71).
Bus 73 represents the one or more in a few class bus structures, including memory bus or Memory Controller,
Peripheral bus, processor or the local bus using any bus structures in a variety of bus structures.
Memory cell 72 can include the computer-readable recording medium of form of volatile memory, such as random access memory (RAM)
721 and/or cache memory 722, it can further include read-only storage (ROM) 723.
Memory cell 72 can also include program/utility 725 with one group of (at least one) program module 724,
Such program module 724 includes but is not limited to:Operating system, one or more application program, other program modules and
The realization of network environment is potentially included in each or certain combination in routine data, these examples.
Program code protection device 70 can also be logical with one or more external equipments 74 (such as keyboard, sensing equipment)
Letter, can also enable a user to the equipment communication interacted with the program code protection device 70 with one or more, and/or with making
Any equipment that calling program code protection device 70 can be communicated with one or more of the other computing device (such as router,
Modem etc.) communication.This communication can be carried out by input/output (I/O) interface 75.Also, program code is protected
Protection unit 70 can also pass through network adapter 76 and one or more network (such as LAN (LAN), wide area network (WAN)
And/or public network, such as internet) communication.Filled as illustrated, network adapter 76 is protected by bus 73 and program code
The other modules for putting 70 communicate.It should be understood that although not shown in the drawings, can be used with reference to program code protection device 70 other
Hardware and/or software module, include but is not limited to:Microcode, device driver, redundant processing unit, external disk driving battle array
Row, RAID system, tape drive and data backup storage system etc..
Exemplary process product
In some possible embodiments, various aspects of the invention are also implemented as a kind of shape of program product
Formula, it includes program code, when described program product is run on the computing device, and described program code is used to make the calculating
Equipment performs the journey according to various illustrative embodiments of the invention described in above-mentioned " illustrative methods " part of this specification
The step of sequence code protection method, for example, the computing device can perform step S11 as shown in fig. 1, for DEX texts
The each function included in part, if it is judged that the corresponding function code instruction of the function needs encryption, then obtains the function
Structural information, function code instruction and its access identities are included in the structural information, step S12 changes structural information
In access identities be preset value;And step S13, extract the corresponding function code instruction of the function and be encrypted.
Described program product can use any combination of one or more computer-readable recording mediums.Computer-readable recording medium can be readable letter
Number medium or readable storage medium storing program for executing.Readable storage medium storing program for executing for example may be-but not limited to-electricity, magnetic, optical, electromagnetic, red
System, device or the device of outside line or semiconductor, or any combination above.The more specifically example of readable storage medium storing program for executing
(non exhaustive list) includes:Electrical connection, portable disc with one or more wires, hard disk, random access memory
(RAM), read-only storage (ROM), erasable programmable read only memory (EPROM or flash memory), optical fiber, portable compact disc
Read memory (CD-ROM), light storage device, magnetic memory device or above-mentioned any appropriate combination.
As shown in figure 8, the program product 80 that program code is protected that is used for according to the embodiment of the present invention is described, its
Can be using portable compact disc read only memory (CD-ROM) and including program code, it is possible to transported on server apparatus
OK.However, the program product not limited to this of the present invention, in this document, readable storage medium storing program for executing can any be included or store
The tangible medium of program, the program can be commanded execution system, device or device and use or in connection.
Readable signal medium can be included in a base band or as the data-signal of carrier wave part propagation, wherein carrying
Readable program code.The data-signal of this propagation can take various forms, including --- but being not limited to --- electromagnetism letter
Number, optical signal or above-mentioned any appropriate combination.Readable signal medium can also be beyond readable storage medium storing program for executing it is any can
Read medium, the computer-readable recording medium can send, propagate or transmit for by instruction execution system, device or device use or
Program in connection.
The program code included on computer-readable recording medium can be transmitted with any appropriate medium, including --- but being not limited to ---
Wirelessly, wired, optical cable, RF etc., or above-mentioned any appropriate combination.
It can be write with any combination of one or more programming languages for performing the program that the present invention is operated
Code, described program design language includes object oriented program language-Java, C++ etc., in addition to conventional
Procedural programming language-such as " C " language or similar programming language.Program code can be fully in user
Perform, partly perform on a user device on computing device, being performed as an independent software kit, partly in user's calculating
Its upper side point is performed or performed completely in remote computing device or server on a remote computing.It is remote being related to
In the situation of journey computing device, remote computing device can be by the network of any kind --- including LAN (LAN) or wide
Domain net (WAN)-be connected to user calculating equipment, or, it may be connected to external computing device (for example utilizes Internet service
Provider comes by Internet connection).
Although it should be noted that being referred to some units or subelement of device, this stroke in above-detailed
What is point be merely exemplary is not enforceable.In fact, according to the embodiment of the present invention, it is above-described two or more
The feature and function of unit can embody in a unit.Conversely, the feature and function of an above-described unit can
To be further divided into being embodied by multiple units.
In addition, although the operation of the inventive method is described with particular order in the accompanying drawings, this do not require that or
Hint must be performed according to the particular order these operation, or the operation having to carry out shown in whole could realize it is desired
As a result.Additionally or alternatively, it is convenient to omit some steps, multiple steps are merged into a step execution, and/or by one
Step is decomposed into execution of multiple steps.
Although describing spirit and principles of the present invention by reference to some embodiments, it should be appreciated that, this
Invention is not limited to disclosed embodiment, and the division to each side does not mean that the feature in these aspects can not yet
Combination is this to divide merely to the convenience of statement to be benefited.It is contemplated that cover appended claims spirit and
In the range of included various modifications and equivalent arrangements.
Claims (14)
1. a kind of program code guard method, including:
For each function included in DEX file, if it is judged that the corresponding function code instruction of the function needs encryption, then
Obtain and include function code instruction and its access identities in the structural information of the function, the structural information;
The access identities are changed for preset value;And
The corresponding function code instruction of the function is extracted to be encrypted.
2. according to the method described in claim 1, for each function included in DEX file, judging according to below scheme should
Whether the corresponding function code instruction of function needs encryption:
For each function included in DEX file, judge that the function whether there is in the white list prestored;
If it is present determining that the corresponding function code instruction of the function needs encryption;
If it does not exist, then determining that the corresponding function code instruction of the function need not be encrypted.
3. also include command offsets information in method according to claim 2, the structural information of the function;And
Extract the corresponding function code instruction of the function to be encrypted, specifically include:
The original position and final position of the corresponding function code instruction of the function are determined according to the command offsets information;
The function code instruction included between the starting position and final position is extracted to be encrypted.
4. according to claim 1,2 or 3 methods describeds, in addition to:
Function code instruction after storage encryption;And
The storage location information of function code instruction after recording of encrypted.
5. method according to claim 4, in addition to:
When performing the DEX file, the function after encryption is obtained from corresponding storage location according to the storage location information
Code command is decrypted;And
Perform the function code instruction after decryption.
6. method according to claim 4, in addition to:
When performing the DEX file, the function after encryption is obtained from corresponding storage location according to the storage location information
Code command is decrypted;And
The internal memory offset information that record system is distributed by the function code instruction after decryption;
The command offsets information included in the structural information for changing the function is the internal memory offset information of distribution.
7. a kind of program code protection device, including:
First acquisition unit, for each function for being included in DEX file, if it is judged that the function corresponding function generation
Code instruction need encryption, then obtain include in the structural information of the function, the structural information function code instruction and its
Access identities;
First modification unit, for changing the access identities for preset value;
Ciphering unit, is encrypted for extracting the corresponding function code instruction of the function.
8. device according to claim 7, in addition to:
Judging unit, for each function for being included in DEX file, judges that the function whether there is white in what is prestored
In list;If it is present determining that the corresponding function code instruction of the function needs encryption;If it does not exist, then determining the letter
The corresponding function code instruction of number need not be encrypted.
9. also include command offsets information in device according to claim 8, the document structure information;And
The ciphering unit, specifically for determining that the corresponding function code of the access identities refers to according to the command offsets information
The original position and final position of order;The function code instruction included between the starting position and final position is extracted to be added
Close processing.
10. the device according to claim 7,8 or 9, in addition to:
Memory cell, for storing the function code instruction after encryption;
First recording unit, the storage location information for the function code instruction after recording of encrypted.
11. device according to claim 10, in addition to:
Second acquisition unit, for when performing the DEX file, according to the storage location information from corresponding storage location
The instruction of the function code after encryption is obtained to be decrypted;
Execution unit, for performing the function code instruction after decryption.
12. device according to claim 10, in addition to:
3rd acquiring unit, for when performing the DEX file, according to the storage location information from corresponding storage location
The instruction of the function code after encryption is obtained to be decrypted;
Second recording unit, distributed internal memory offset information is instructed for being recorded as the function code after decryption;
Second modification unit, the command offsets information included for changing in the document structure information offsets for the internal memory of distribution
Information.
13. a kind of computing device, including at least one processing unit and at least one memory cell.Wherein, the storage is single
Member is stored with computer program, when described program is performed by the processing unit so that the processing unit perform claim will
The step of seeking 1~6 any claim methods described.
14. a kind of computer-readable medium, its be stored with can by computing device computer program, when described program is in institute
State when being run on computing device so that the step of the computing device claim 1~6 any methods described.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110976917.5A CN113761482A (en) | 2017-06-06 | 2017-06-06 | Program code protection method and device |
| CN201710419286.0A CN107292135A (en) | 2017-06-06 | 2017-06-06 | A kind of program code guard method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710419286.0A CN107292135A (en) | 2017-06-06 | 2017-06-06 | A kind of program code guard method and device |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110976917.5A Division CN113761482A (en) | 2017-06-06 | 2017-06-06 | Program code protection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107292135A true CN107292135A (en) | 2017-10-24 |
Family
ID=60094873
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710419286.0A Pending CN107292135A (en) | 2017-06-06 | 2017-06-06 | A kind of program code guard method and device |
| CN202110976917.5A Pending CN113761482A (en) | 2017-06-06 | 2017-06-06 | Program code protection method and device |
Family Applications After (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110976917.5A Pending CN113761482A (en) | 2017-06-06 | 2017-06-06 | Program code protection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN107292135A (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107292163A (en) * | 2016-04-13 | 2017-10-24 | 中国科学院声学研究所 | It is a kind of that process separation method is rendered based on Chromium |
| CN109492353A (en) * | 2018-10-11 | 2019-03-19 | 北京奇虎科技有限公司 | Using reinforcement means, device, electronic equipment and storage medium |
| CN111639358A (en) * | 2020-06-15 | 2020-09-08 | 深圳供电局有限公司 | Instruction encryption method, encrypted instruction decryption method and device |
| CN111966972A (en) * | 2020-08-21 | 2020-11-20 | 北京元心科技有限公司 | Program encryption method and device, electronic equipment and computer readable storage medium |
| CN112052463A (en) * | 2020-08-05 | 2020-12-08 | 北京智游网安科技有限公司 | Code processing method, terminal and storage medium |
| CN112052461A (en) * | 2020-08-05 | 2020-12-08 | 北京智游网安科技有限公司 | Code processing method based on instruction injection, terminal and storage medium |
| CN112905543A (en) * | 2021-02-07 | 2021-06-04 | 网易(杭州)网络有限公司 | Anti-cracking method, medium, device and computing equipment for script file |
| CN113569269A (en) * | 2021-09-23 | 2021-10-29 | 苏州浪潮智能科技有限公司 | Encryption method, device, equipment and readable medium for code obfuscation |
| CN113987471A (en) * | 2021-10-29 | 2022-01-28 | 山西大鲲智联科技有限公司 | Executable file execution method and device, electronic equipment and computer readable medium |
| CN112052463B (en) * | 2020-08-05 | 2024-06-04 | 北京智游网安科技有限公司 | Code processing method, terminal and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103761475A (en) * | 2013-12-30 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for detecting malicious code in intelligent terminal |
| CN104573416A (en) * | 2013-10-25 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Method and device for generating application installation package and executing application |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2075728A1 (en) * | 2007-12-27 | 2009-07-01 | Thomson Licensing | A method and an apparatus for code protection |
| US9280490B2 (en) * | 2013-04-17 | 2016-03-08 | Laurence H. Cooke | Secure computing |
| EP3057019A1 (en) * | 2015-02-13 | 2016-08-17 | Thomson Licensing | Method and device for protecting an application and method and device for executing a protected application thus protected |
| CN104834838B (en) * | 2015-04-29 | 2017-11-24 | 福建天晴数码有限公司 | Prevent the method and device of DEX file unloading from internal memory |
| CN106203006A (en) * | 2016-08-31 | 2016-12-07 | 北京鼎源科技有限公司 | Android application reinforcement means based on dex Yu so file Dynamic Execution |
-
2017
- 2017-06-06 CN CN201710419286.0A patent/CN107292135A/en active Pending
- 2017-06-06 CN CN202110976917.5A patent/CN113761482A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104573416A (en) * | 2013-10-25 | 2015-04-29 | 腾讯科技(深圳)有限公司 | Method and device for generating application installation package and executing application |
| CN103761475A (en) * | 2013-12-30 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for detecting malicious code in intelligent terminal |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107292163A (en) * | 2016-04-13 | 2017-10-24 | 中国科学院声学研究所 | It is a kind of that process separation method is rendered based on Chromium |
| CN107292163B (en) * | 2016-04-13 | 2019-08-27 | 中国科学院声学研究所 | A kind of rendering process separation method based on Chromium |
| CN109492353A (en) * | 2018-10-11 | 2019-03-19 | 北京奇虎科技有限公司 | Using reinforcement means, device, electronic equipment and storage medium |
| CN109492353B (en) * | 2018-10-11 | 2024-04-16 | 北京奇虎科技有限公司 | Application reinforcement method, device, electronic equipment and storage medium |
| CN111639358A (en) * | 2020-06-15 | 2020-09-08 | 深圳供电局有限公司 | Instruction encryption method, encrypted instruction decryption method and device |
| CN111639358B (en) * | 2020-06-15 | 2023-08-22 | 深圳供电局有限公司 | Method and device for encrypting instruction and decrypting encrypted instruction |
| CN112052461A (en) * | 2020-08-05 | 2020-12-08 | 北京智游网安科技有限公司 | Code processing method based on instruction injection, terminal and storage medium |
| CN112052463A (en) * | 2020-08-05 | 2020-12-08 | 北京智游网安科技有限公司 | Code processing method, terminal and storage medium |
| CN112052463B (en) * | 2020-08-05 | 2024-06-04 | 北京智游网安科技有限公司 | Code processing method, terminal and storage medium |
| CN111966972B (en) * | 2020-08-21 | 2023-07-04 | 北京元心科技有限公司 | Program encryption method, device, electronic equipment and computer readable storage medium |
| CN111966972A (en) * | 2020-08-21 | 2020-11-20 | 北京元心科技有限公司 | Program encryption method and device, electronic equipment and computer readable storage medium |
| CN112905543A (en) * | 2021-02-07 | 2021-06-04 | 网易(杭州)网络有限公司 | Anti-cracking method, medium, device and computing equipment for script file |
| CN113569269A (en) * | 2021-09-23 | 2021-10-29 | 苏州浪潮智能科技有限公司 | Encryption method, device, equipment and readable medium for code obfuscation |
| CN113987471A (en) * | 2021-10-29 | 2022-01-28 | 山西大鲲智联科技有限公司 | Executable file execution method and device, electronic equipment and computer readable medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113761482A (en) | 2021-12-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107292135A (en) | A kind of program code guard method and device | |
| CN109766722B (en) | Method for constructing intelligent contract in block chain | |
| KR101471589B1 (en) | Method for Providing Security for Common Intermediate Language Program | |
| CN105683990B (en) | Method and apparatus for protecting dynamic base | |
| CN102473220B (en) | Information processing device, information processing method, and program distribution system | |
| CN102656561A (en) | Information processing device, virtual machine generation method, and application distribution system | |
| CN104680039B (en) | A kind of data guard method and device of application program installation kit | |
| WO2021217980A1 (en) | Java code packing method and system | |
| US20170116410A1 (en) | Software protection | |
| CN106778103A (en) | Reinforcement means, system and decryption method that a kind of Android application program anti-reversing is cracked | |
| CN103530535A (en) | Shell adding and removing method for Android platform application program protection | |
| CN104871174B (en) | User's portable equipment and the system and method for " carrying " evaluation work environment | |
| CN106796619B (en) | Genomic information services | |
| US7970133B2 (en) | System and method for secure and flexible key schedule generation | |
| CN106897587A (en) | The method and apparatus of reinforcement application, loading reinforcement application | |
| CN108399319A (en) | Source code guard method, application server and computer readable storage medium | |
| US20150113502A1 (en) | Method and system for encapsulation of application | |
| US20150113506A1 (en) | Method and system for adaptive loading of application | |
| CN110348206A (en) | Applied to the guard method of Android installation kit APK, medium, device and calculate equipment | |
| CN103530169B (en) | Method for protecting virtual machine files and user terminal | |
| CN116910712A (en) | Code protection method, system, electronic equipment and storage medium | |
| CN109214184A (en) | A kind of Android reinforcement application program general automated shelling method and apparatus | |
| CN115033870A (en) | Anti-malicious tampering code method and device based on big data cloud deployment | |
| KR20150047001A (en) | Method and apparatus for protecting application program | |
| CN106648770A (en) | Generating method, loading method and device for application program installation package |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171024 |