A kind of method and device of source code encryption and decryption
Technical field
The present invention relates to information security fields, and in particular to a kind of method and device of source code encryption and decryption.
Background technique
As the component part of software organization's product, source code belongs to the important Knowledge Assets of software organization.Such as program source
The leakage and loss of code can bring direct economic loss to software organization;It generally can include some sensitive informations in source code,
Such as Encryption Algorithm, important service logic etc., the leakage and loss of this part of original code can be to the data safeties of product user
Bring great risk;The safety management of source code is also critically important for clearly defining responsibilities.Which developer can operate source code,
If cannot control very well, it will bring no small influence to the quality of source code.
After general source code is encrypted in the prior art, decryption program loads dynamic base and carries out source code decryption, but decrypts
Program is not protected, can be tampered, and the source code byte stream after decryption, which can be inserted into, is output to external specified file, so as to
Meaning obtains the source code of decryption.
Summary of the invention
In view of this, the embodiment of the invention provides a kind of method and device of source code encryption and decryption, it is existing to solve
Protection of source codes in, decryption program is not protected, source code is caused to be easy the problem of arbitrarily being obtained.
For this purpose, the embodiment of the invention provides following technical solutions:
The embodiment of the invention provides a kind of source code encryption methods, comprising: obtains first using encipheror and random number
Key file;Source code is encrypted using the first key file, to obtain source code ciphertext;Based on decryption program, described
The second key file of generating random number, and the random number is stored in dynamic library file;Using second key file to institute
It states first key file to be encrypted, to obtain third key file;By the source code ciphertext, the decryption program, described
Three key files, the dynamic base are packaged, to obtain program bag.
Optionally, the random number is generated by the encipheror.
Optionally, described to be based on decryption program, the second key file of the generating random number, comprising: to be based on the decryption
Program obtains Hash file;The Hash file and the random number are spliced to obtain the second key file.
A kind of source code decryption method, comprising: obtain program bag, include source code ciphertext, decryption program, the in described program packet
Three key files, dynamic base have random number in the dynamic base;Based in the decryption program and the dynamic base with
Machine number obtains the second key file;The third key file is decrypted to obtain first using second key file
Key file;The source code ciphertext is decrypted according to the decryption program and the first key file, to be decrypted
Source code afterwards.
Optionally, the random number based in the decryption program and the dynamic base obtains the second key file,
It include: that Hash file is obtained based on the decryption program;The Hash file is spelled with the random number in the dynamic base
It connects to obtain the second key file.
A kind of computer equipment, comprising: at least one processor;And connect at least one described processor communication
Memory;Wherein, the memory is stored with the computer program that can be executed by least one described processor, the computer
Program is executed by least one described processor, so that at least one described processor executes above-mentioned source code encryption method.
A kind of computer equipment, comprising: at least one processor;And connect at least one described processor communication
Memory;Wherein, the memory is stored with the computer program that can be executed by least one described processor, the computer
Program is executed by least one described processor, so that at least one described processor executes above-mentioned source code decryption method.
The embodiment of the present invention has the advantages that
The embodiment of the invention provides a kind of method and device of source code encryption and decryption, encryption method, which passes through, utilizes encryption
Program and random number obtain first key file, are encrypted using first key file to source code, obtain source code ciphertext, pass through
It reads decryption program and generates Hash file, Hash file and random number splicing generate the second key file, utilize second key
File encrypts first key file, realizes the protection to decryption program and the protection to source code;
Decryption method includes obtaining program bag, include in the program bag source code ciphertext, decryption program, third key file,
Dynamic base has random number in dynamic base, generates Hash file by reading decryption program, in Hash file and dynamic base with
Machine number splices to obtain the second key file, is decrypted third key file to obtain first key using the second key file
File is decrypted source code ciphertext according to decryption program and first key file, with the source code after being decrypted, avoids understanding
Close program file is tampered, and reads what decryption program generated in the Hash file and ciphering process that decryption program generates if read
Hash file is consistent, then illustrates that decryption program was not tampered with, to protect decryption program, while could be to third key text
Part is decrypted.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below
Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor
It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is a flow chart of source code encryption method according to an embodiment of the present invention;
Fig. 2 is another flow chart of source code encryption method according to an embodiment of the present invention;
Fig. 3 is a flow chart of source code decryption method according to an embodiment of the present invention;
Fig. 4 is another flow chart of source code decryption method according to an embodiment of the present invention;
Fig. 5 is the structure chart of source code encryption device according to an embodiment of the present invention;
Fig. 6 is the structure chart for the source code decryption device implemented according to the present invention;
Fig. 7 is the hardware structural diagram of the computer equipment of source code encryption method according to an embodiment of the present invention;
Fig. 8 is the hardware structural diagram of the computer equipment of source code decryption method according to an embodiment of the present invention.
Specific embodiment
Technical solution of the present invention is clearly and completely described below in conjunction with attached drawing, it is clear that described implementation
Example is a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill
Personnel's every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that term " first ", " second ", " third " are used for description purposes only,
It is not understood to indicate or imply relative importance.
As long as in addition, the non-structure each other of technical characteristic involved in invention described below different embodiments
It can be combined with each other at conflict.
Embodiment 1
A kind of source code encryption method is provided in the present embodiment, and Fig. 1 is source code encryption side according to an embodiment of the present invention
One flow chart of method, as shown in Figure 1, this method comprises the following steps:
S101: first key file is obtained using encipheror and random number;Specifically, encipheror according to random number and
Certain rule generates the key of source code encryption, and exports first key file SourceKey.key, wherein random number is by encrypting
Program Generating;
S102: encrypting source code using first key file, to obtain source code ciphertext;Utilize first key file
SourceKey.key encrypts source code, and exports source code ciphertext;
S103: it is based on decryption program, the second key file of generating random number, and random number is stored in dynamic library file;It is logical
The code for reading decryption program is crossed, and one file of code building of special algorithm or function based on decryption program can be combined,
And this document is generated into the second key file in conjunction with random number, while random number is notified into dynamic base;
S104: first key file is encrypted using the second key file, to obtain third key file;Using upper
It states the second key file to encrypt first key file SourceKey.key, obtains third key file, with this by first
Key file protects;
S105: source code ciphertext, decryption program, third key file, dynamic base are packaged, to obtain program bag;It will be above-mentioned
Obtained source code ciphertext, third key file, dynamic base and decryption program is packaged external offer together, and receiving end is to obtain source
Code, then must first go through decryption program and dynamic base obtain the second key file, could be close to third using the second key file
Key file is decrypted, and obtains first key file, and decryption program decrypts source code ciphertext in conjunction with first key file.
Through the above steps, by obtaining first key file using encipheror and random number, first key text is utilized
Part encrypts source code, obtains source code ciphertext, generates the second key file, benefit by reading decryption program and random number splicing
First key file is encrypted with second key file, by obtained source code ciphertext and third key file, dynamic base
And decryption program is packaged and externally announces, and generates key file in conjunction with random number by decryption program, realizes to decryption program
Protection and protection to source code cause source code to be easy to solve not protect decryption program in existing protection of source codes
The problem of arbitrarily acquisition.
Above-mentioned steps S103 is related to based on decryption program, the second key file of generating random number, in an optional implementation
In mode, which includes obtaining Hash file based on decryption program, Hash file and random number is spliced to obtain the
Two key files specifically generate Hash file by reading decryption program, Hash file and random number, that is, dynamic password splice
It is used as the second key file together, by way of reading decruption key and in conjunction with dynamic password, decryption program is carried out
Protection, prevents decryption program to be tampered.
Fig. 2 is another flow chart of source code encryption method according to an embodiment of the present invention, in one alternate embodiment,
As shown in Fig. 2, encipheror generates the key file SourceKey.key of source code encryption using random number according to certain rule,
Key file SourceKey.key carries out symmetric cryptography to source code, obtains source code ciphertext;Read decryption program file generated
Hash, hash file adds random dynamic puzzle, notifies dynamic base developer as key, while dynamic password, is repaired
Change packing dynamic base, key pair SourceKey.key file carries out symmetric cryptography again, obtains key file Key.key, will
Source code ciphertext, dynamic base, key file, decryption program are packaged, and are obtained program bag and are externally announced.Wherein, the key solution of dynamic base
Analysis process are as follows: using received dynamic password as constant, read decryption program file generated Hash, then splice with dynamic password
Together, it as decruption key, reads key file Key.key and is symmetrically decrypted, obtained in SourceKey.key byte
Hold, returns to decryption program.
Embodiment 2
A kind of source code decryption method is provided in the present embodiment, and Fig. 3 is source code decryption side according to an embodiment of the present invention
One flow chart of method, as shown in figure 3, this method comprises the following steps:
S301: obtaining program bag, includes source code ciphertext, decryption program, third key file, dynamic base in program bag, is somebody's turn to do
There is random number in dynamic base;
S302: the second key file is obtained based on the random number in decryption program and dynamic base;Specifically, decryption is read
Program obtains Hash file, is spliced the random number in the Hash file and dynamic base to obtain the second key file;
S303: third key file is decrypted using the second key file to obtain first key file;Third is close
Key file is to be encrypted by the second key file to first key file, therefore in decryption, need to utilize the
Third key file is decrypted in two key files, obtains first key file;
S304: being decrypted source code ciphertext according to decryption program and first key file, with the source code after being decrypted;
First key file and source code is decrypted in decryption program, obtains source code in plain text.
Through the above steps, acquisition includes the program bag of source code ciphertext, decryption program, third key file, dynamic base,
There is random number in dynamic base, generates Hash file by reading decryption program, the random number in Hash file and dynamic base is spelled
It connects to obtain the second key file, third key file is decrypted using the second key file to obtain first key file,
Source code ciphertext is decrypted according to decryption program and first key file, with the source code after being decrypted, avoids decryption journey
Preface part is tampered, and the Hash that decryption program generates is read in the Hash file and ciphering process that decryption program generates if read
File is consistent, then illustrates that decryption program was not tampered with, to protect decryption program, while could to third key file into
Row decryption.
Fig. 4 is another flow chart of source code decryption method according to an embodiment of the present invention, as shown in figure 4, can at one
It selects in embodiment, first acquisition program bag, loads decryption program, dynamic base is called to carry out key-parsing, read decryption program
Then file generated hash file is stitched together as decruption key, using the decruption key to Key.key with dynamic password
It is symmetrically decrypted, obtains SourceKey.key byte content, return to decryption program, decryption program carries out source code symmetrical
Decryption obtains source code in plain text.
Embodiment 3
A kind of source code encryption device is additionally provided in the present embodiment, and the device is real for realizing above-described embodiment and preferably
Mode is applied, the descriptions that have already been made will not be repeated.As used below, the soft of predetermined function may be implemented in term " module "
The combination of part and/or hardware.Although device described in following embodiment is preferably realized with software, hardware, or
The realization of the combination of software and hardware is also that may and be contemplated.
Originally it applies example and a kind of source code encryption device is provided, as shown in figure 5, the device includes first key file acquisition module
51, for obtaining first key file using encipheror and random number, wherein random number is generated by encipheror;Source code
Ciphertext obtains module 52, for being encrypted using first key file to source code, to obtain source code ciphertext;Second key file
Module 53 is obtained, for being based on decryption program, the second key file of generating random number, and random number is stored in dynamic library file;
Third key file obtains module 54, for being encrypted using the second key file to first key file, to obtain third
Key file;Program bag obtains module 55, for source code ciphertext, decryption program, third key file, dynamic base to be packaged, with
Obtain program bag.
In an optional embodiment, it includes: Hash file obtaining unit that the second key file, which obtains module 53, is used for
Hash file is obtained based on decryption program;Second key text acquiring unit, for by Hash file and random number splice with
Obtain the second key file.
The further function description of above-mentioned modules is identical as above-mentioned corresponding embodiment, and details are not described herein.
Embodiment 4
A kind of source code decryption device is additionally provided in the present embodiment, and the device is real for realizing above-described embodiment and preferably
Mode is applied, the descriptions that have already been made will not be repeated.As used below, the soft of predetermined function may be implemented in term " module "
The combination of part and/or hardware.Although device described in following embodiment is preferably realized with software, hardware, or
The realization of the combination of software and hardware is also that may and be contemplated.
The present embodiment provides a kind of source codes to decrypt device, as shown in fig. 6, the device includes that program bag obtains module 61, uses
In obtaining program bag, includes source code ciphertext, decryption program, third key file, dynamic base in the program bag, have in dynamic base
Random number;Second key file obtains module 62, close for obtaining second based on the random number in decryption program and dynamic base
Key file;First key file acquisition module 63, for being decrypted third key file to obtain using the second key file
To first key file;Source code obtains module 64, for being solved according to decryption program and first key file to source code ciphertext
It is close, with the source code after being decrypted.
In an optional embodiment, it includes: Hash file obtaining unit that the second key file, which obtains module 62, is used for
Hash file is obtained based on decryption program;Second key text acquiring unit, for by the random number in Hash file and dynamic base
Spliced to obtain the second key file.
The further function description of above-mentioned modules is identical as above-mentioned corresponding embodiment, and details are not described herein.
Embodiment 5
Fig. 7 is the hardware structural diagram of the computer equipment of source code encryption method according to an embodiment of the present invention, such as Fig. 7
Shown, which includes one or more processors 710 and memory 720, in Fig. 7 by taking a processor 710 as an example.
The equipment for executing source code encryption method can also include: input unit 730 and output device 740.
Processor 710, memory 720, input unit 730 and output device 740 can pass through bus or other modes
It connects, in Fig. 7 for being connected by bus.
Processor 710 can be central processing unit (Central Processing Unit, CPU).Processor 710 may be used also
Think other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit
(Application Specific Integrated Circuit, ASIC), field programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
The combination of the chips such as discrete hardware components or above-mentioned all kinds of chips.General processor can be microprocessor or the processing
Device is also possible to any conventional processor etc..
Memory 720 is used as a kind of non-transient computer readable storage medium, can be used for storing non-transient software program, non-
Transient computer executable program and module, such as the corresponding program instruction/mould of source code encryption method in the embodiment of the present application
Block.Non-transient software program, instruction and the module that processor 710 is stored in memory 720 by operation, thereby executing clothes
The various function application and data processing of business device, i.e. source code encryption method in realization above method embodiment.
Memory 720 may include storing program area and storage data area, wherein storing program area can store operation system
Application program required for system, at least one function;Storage data area can storage source code encryption device use created number
According to etc..In addition, memory 720 may include high-speed random access memory, it can also include non-transient memory, for example, at least
One disk memory, flush memory device or other non-transient solid-state memories.In some embodiments, memory 720 can
Choosing includes the memory remotely located relative to processor 710, these remote memories can be added by network connection to source code
Close processing unit.The example of above-mentioned network include but is not limited to internet, intranet, local area network, mobile radio communication and
A combination thereof.
Input unit 730 can receive the number or character information of input, and generate and the processing unit of source code encryption
User setting and the related key signals input of function control.Output device 740 may include that display screen etc. shows equipment.
One or more of modules are stored in the memory 720, when by one or more of processors
When 710 execution, method as shown in Figure 1 to Figure 2 is executed.
Method provided by the embodiment of the present invention can be performed in the said goods, has the corresponding functional module of execution method and has
Beneficial effect and the not technical detail of detailed description in the present embodiment, for details, reference can be made to implementations as shown in Figure 1, Figure 2, Figure 5
Associated description in example.
Embodiment 6
Fig. 8 is the hardware structural diagram of the computer equipment of source code decryption method according to an embodiment of the present invention, such as Fig. 8
Shown, which includes one or more processors 810 and memory 820, in Fig. 8 by taking a processor 810 as an example.
The equipment for executing source code decryption method can also include: input unit 830 and output device 840.
Processor 810, memory 820, input unit 830 and output device 840 can pass through bus or other modes
It connects, in Fig. 8 for being connected by bus.
Processor 810 can be central processing unit (Central Processing Unit, CPU).Processor 810 may be used also
Think other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit
(Application Specific Integrated Circuit, ASIC), field programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
The combination of the chips such as discrete hardware components or above-mentioned all kinds of chips.General processor can be microprocessor or the processing
Device is also possible to any conventional processor etc..
Memory 820 is used as a kind of non-transient computer readable storage medium, can be used for storing non-transient software program, non-
Transient computer executable program and module, such as the corresponding program instruction/mould of source code decryption method in the embodiment of the present application
Block.Non-transient software program, instruction and the module that processor 810 is stored in memory 820 by operation, thereby executing clothes
The various function application and data processing of business device, i.e. source code decryption method in realization above method embodiment.
Memory 820 may include storing program area and storage data area, wherein storing program area can store operation system
Application program required for system, at least one function;Storage data area can store source code decryption device and use created number
According to etc..In addition, memory 820 may include high-speed random access memory, it can also include non-transient memory, for example, at least
One disk memory, flush memory device or other non-transient solid-state memories.In some embodiments, memory 820 can
Choosing includes the memory remotely located relative to processor 810, these remote memories can pass through network connection to source code solution
Close processing unit.The example of above-mentioned network include but is not limited to internet, intranet, local area network, mobile radio communication and
A combination thereof.
Input unit 830 can receive the number or character information of input, and generate and the processing unit of source code decryption
User setting and the related key signals input of function control.Output device 840 may include that display screen etc. shows equipment.
One or more of modules are stored in the memory 820, when by one or more of processors
When 810 execution, method as shown in Figure 3 to Figure 4 is executed.
Method provided by the embodiment of the present invention can be performed in the said goods, has the corresponding functional module of execution method and has
Beneficial effect and the not technical detail of detailed description in the present embodiment, for details, reference can be made to such as Fig. 3, Fig. 4, implementation shown in fig. 6
Associated description in example.
Embodiment 7
The embodiment of the invention also provides a kind of computer readable storage medium, the computer storage medium is stored with meter
The source code encryption method in above-mentioned any means embodiment can be performed in calculation machine executable instruction, the computer executable instructions.Its
In, the storage medium can be magnetic disk, CD, read-only memory (Read-Only Memory, ROM), random storage note
Recall body (Random Access Memory, RAM), flash memory (Flash Memory), hard disk (Hard Disk Drive,
Abbreviation: HDD) or solid state hard disk (Solid-State Drive, SSD) etc.;The storage medium can also include mentioned kind
The combination of memory.
Embodiment 8
The embodiment of the invention also provides a kind of computer readable storage medium, the computer storage medium is stored with meter
The source code decryption method in above-mentioned any means embodiment can be performed in calculation machine executable instruction, the computer executable instructions.Its
In, the storage medium can be magnetic disk, CD, read-only memory (Read-Only Memory, ROM), random storage note
Recall body (Random Access Memory, RAM), flash memory (Flash Memory), hard disk (Hard Disk Drive,
Abbreviation: HDD) or solid state hard disk (Solid-State Drive, SSD) etc.;The storage medium can also include mentioned kind
The combination of memory.
It should be understood by those skilled in the art that, the embodiment of the present invention can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the present invention
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the present invention, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The present invention be referring to according to the method for the embodiment of the present invention, the process of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Obviously, the above embodiments are merely examples for clarifying the description, and does not limit the embodiments.It is right
For those of ordinary skill in the art, can also make on the basis of the above description it is other it is various forms of variation or
It changes.There is no necessity and possibility to exhaust all the enbodiments.And it is extended from this it is obvious variation or
It changes still within the protection scope of the invention.