CN108599959A - Certificate of authority method of calibration, device and readable storage medium storing program for executing, application apparatus - Google Patents

Certificate of authority method of calibration, device and readable storage medium storing program for executing, application apparatus Download PDF

Info

Publication number
CN108599959A
CN108599959A CN201810407491.XA CN201810407491A CN108599959A CN 108599959 A CN108599959 A CN 108599959A CN 201810407491 A CN201810407491 A CN 201810407491A CN 108599959 A CN108599959 A CN 108599959A
Authority
CN
China
Prior art keywords
certificate
authority
current device
initial authorization
built
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810407491.XA
Other languages
Chinese (zh)
Other versions
CN108599959B (en
Inventor
李涛
曹芝勇
龙超
王蔼丽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen TCL New Technology Co Ltd
Shenzhen TCL Digital Technology Co Ltd
Original Assignee
Shenzhen TCL New Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen TCL New Technology Co Ltd filed Critical Shenzhen TCL New Technology Co Ltd
Priority to CN201810407491.XA priority Critical patent/CN108599959B/en
Publication of CN108599959A publication Critical patent/CN108599959A/en
Application granted granted Critical
Publication of CN108599959B publication Critical patent/CN108599959B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention provides a kind of certificate of authority method of calibration, including:After current device installation built-in browser application, confirm whether current device runs the built-in browser application for the first time;If current device is non-to run the built-in browser application for the first time, the generated certificate of authority is read, and whether verify the certificate of authority legal;If the certificate of authority is legal, verification passes through;If the certificate of authority is illegal, the initial authorization certificate is reacquired, and whether verify the initial authorization certificate legal;If the initial authorization certificate is legal, the initial authorization certificate is encrypted, to update the certificate of authority of current device.The present invention also provides a kind of certificate of authority calibration equipment and readable storage medium storing program for executing, application apparatus.The present invention solves the problems, such as that the certificate of authority because of built-in browser has damage or leads to authorization failure by modification.

Description

Certificate of authority method of calibration, device and readable storage medium storing program for executing, application apparatus
Technical field
The present invention relates to built-in browser application technical field more particularly to certificate of authority method of calibration, device and Readable storage medium storing program for executing, application apparatus.
Background technology
Currently, all kinds of embedded devices have been widely used in people’s lives and work, play increasingly heavier The effect wanted.For example, most of DTV STB, interactive network television set top box belong to embedded set at present It is standby.Embedded device can generally install built-in browser application, to realize reception, processing and display to web data stream, User is allow easily to carry out multimedia audio-visual, interaction entertainment etc..
Built-in browser refers to the browser application application operated in various embedded devices.It is existing embedded clear When device of looking at is interacted with network server, basic data can be stored in the memory block of embedded device, built-in browser pair (Hyper Text Mark-up Language, i.e. hypertext markup language are a kind of to the HTML answered for describing web document A kind of markup language) page uses interpreted languages, compiling cannot be packaged.Therefore, built-in browser is calling When the basic data of local, debug command can be sent to embedded device;If the debug command is obtained by a hacker, hacker can be light It changes places and distorts the application source file of built-in browser so that embedded device quotes illegal link and content, influences to be embedded in The brand image of formula device product, the more serious loss that can also cause user benefit.
Existing prevention method is at present:When embedded device receives debug command, the preset certificate of authority is read, with Verify whether the debug command is tampered, to prevent being tampered using source file.But certificate of authority file itself is frequent Ground is read, and there is also the possibilities of damage.In addition, after hacker obtains system permission, it is also possible to maliciously distort the certificate of authority.It authorizes Certificate, which is damaged or is tampered, can lead to not read certificate of authority file;At this point, embedded device just will appear unauthorized Prompt, influences the brand image of the brand image of embedded device product.
The above is only used to facilitate the understanding of the technical scheme, and is not represented and is recognized that the above is existing skill Art.
Invention content
The main purpose of the present invention is to provide a kind of certificate of authority method of calibration, device and readable storage medium storing program for executing, applications Equipment, it is intended to solve the problems, such as that the certificate of authority because of built-in browser has damage or leads to authorization failure by modification, keep away Exempt to influence the brand image of embedded device product because of authorization failure.
To achieve the above object, the present invention provides a kind of certificate of authority method of calibration, the described method comprises the following steps:
After current device installation built-in browser application, it is described embedded clear to confirm whether current device runs for the first time Look at device application;
If current device is non-to run the built-in browser application for the first time, the generated certificate of authority, and school are read Whether legal test the certificate of authority;Wherein, the certificate of authority is to be based on applying corresponding one with the built-in browser Initial authorization certificates constructing;
If the certificate of authority is legal, verification passes through;
If the certificate of authority is illegal, the initial authorization certificate is reacquired, and verifies the initial authorization card Whether book is legal;
If the initial authorization certificate is legal, the initial authorization certificate is encrypted, is awarded described in current device with updating Warrant book.
Preferably, described after current device installation built-in browser application, confirm whether current device runs for the first time Before the step of built-in browser application, further include:
The built-in browser is being compiled in application, obtaining the application file of the built-in browser application;
Default calibration feature information corresponding with the application file is obtained, to generate the initial authorization certificate;Wherein, The initial authorization certificate includes the default calibration feature information;
The initial authorization certificate is preset in the compiling source file of built-in browser application;
According to the compiling source file, compiles and generate and apply corresponding executable file with the built-in browser; Wherein, current device completes the installation of the built-in browser application based on the executable file.
Preferably, described after current device installation built-in browser application, confirm whether current device runs for the first time After the step of built-in browser application, further include:
If current device runs the built-in browser application for the first time, the initial authorization certificate is obtained, and verify Whether the initial authorization certificate is legal;
If the initial authorization certificate is legal, the initial authorization certificate is encrypted, is awarded described in current device with generating Warrant book.
Preferably, the whether legal step of the verification initial authorization certificate, specifically includes:
The default calibration feature information is extracted from the initial authorization certificate;
It is special to generate practical verification corresponding with the application file that the built-in browser mounted on current device is applied Reference ceases;Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information;
Judge whether the default calibration feature information is consistent with the practical calibration feature information;
If consistent, judge that the initial authorization certificate is legal;
If inconsistent, judge that the initial authorization certificate is illegal.
Preferably, the step of encryption initial authorization certificate, the certificate of authority to generate current device, tool Body includes:
Read the default identifier of current device;
Using the default identifier of current device as key, the initial authorization certificate is encrypted according to predetermined encryption algorithm and is carried out Encryption, to generate the certificate of authority of current device;
Wherein, the certificate of authority of generation is stored in the default storage protection subregion of current device.
Preferably, described to read the generated certificate of authority, and the whether legal step of the certificate of authority is verified, specifically Including:
Read the certificate of authority;
According to the default identifier of current device and default decipherment algorithm, the certificate of authority is decrypted, to obtain The target certificate of authority;
Read the practical calibration feature information in the target certificate of authority, and judge the practical calibration feature information with Whether the default calibration feature information that the initial authorization certificate includes is consistent;
If the practical calibration feature information is consistent with the default calibration feature information, judge that the certificate of authority closes Method;
If the practical calibration feature information and the default calibration feature information are inconsistent, the certificate of authority is judged It is illegal;
Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information.
Preferably, the default identifier includes one or more below:The sequence number of MAC Address, current device.
In addition, to achieve the above object, the present invention also provides a kind of certificate of authority calibration equipments, including:Memory, processing Device and it is stored in the certificate of authority checking routine that can be run on the memory and on the processor, wherein:
The certificate of authority checking routine realizes certificate of authority method of calibration as described above when being executed by the processor The step of.
In addition, to achieve the above object, the present invention also provides a kind of readable storage medium storing program for executing, being deposited on the readable storage medium storing program for executing Certificate of authority checking routine is contained, the certificate of authority checking routine realizes the certificate of authority as described above when being executed by processor The step of method of calibration.
In addition, to achieve the above object, the present invention also provides a kind of application apparatus, including certificate of authority school as described above Experiment device.
A kind of certificate of authority method of calibration, device and readable storage medium storing program for executing, the application apparatus that the embodiment of the present invention proposes, when Preceding equipment is running built-in browser in application, encryption is demonstrate,proved with the unique corresponding initial authorization of built-in browser application for the first time Book, to generate the certificate of authority of current device.In this way, existing being replaced in a manner of the certificate of authority for verifying current device The mode for verifying initial authorization certificate, avoids and is transferred to initial authorization certificate, can efficiently identify built-in browser Using source file, either whether initial authorization certificate is tampered or damages, and protects the information completely of initial authorization certificate file Property and safety, the information integrity of the encrypted certificate of authority and safety also greatly improve.Current device runs embedding again When entering formula browser application, the legitimacy of the certificate of authority need to be only verified, without transferring initial authorization certificate;Meanwhile when verification is awarded When warrant book is illegal, initial authorization certificate is just transferred, and new mandate is generated after the legitimacy of verification initial authorization certificate Certificate solves certificate of authority file itself and is led by continually reading to maintain certificate of authority legitimacy verifies next time Cause damage the problem of, avoid because certificate of authority file read failure, embedded device there is unauthorized prompt, maintain equipment and The brand image of application product.
Description of the drawings
Fig. 1 is the structural schematic diagram of the running environment of certificate of authority calibration equipment of the present invention;
Fig. 2 is the flow diagram of certificate of authority method of calibration first embodiment of the present invention;
Fig. 3 is the flow diagram of certificate of authority method of calibration second embodiment of the present invention;
Fig. 4 is to verify the whether legal step of the initial authorization certificate in certificate of authority method of calibration second embodiment of the present invention Rapid refinement flow diagram;
Fig. 5 is the flow diagram of certificate of authority method of calibration 3rd embodiment of the present invention;
Fig. 6 is the flow diagram that certificate of authority method of calibration the 4th of the present invention applies example.
The object of the invention is realized, the embodiments will be further described with reference to the accompanying drawings for functional characteristics and advantage.
Specific implementation mode
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
As shown in Figure 1, the present embodiments relate to certificate of authority calibration equipment can be all kinds of computers, microcontroller, MCU (Microcontroller Unit, i.e. micro-control unit), smart mobile phone, tablet computer, laptop.Such as Fig. 1 institutes Show, Fig. 1 is the structural schematic diagram for the certificate of authority calibration equipment running environment that the embodiment of the present invention is related to, running environment Structure can specifically include:Processor 1001, such as CPU, network interface 1004, user interface 1003, memory 1005, communication Bus 1002.Wherein, communication bus 1002 is for realizing the connection communication between these components.User interface 1003 may include Display screen (Display), input unit such as keyboard (Keyboard), optional user interface 1003 can also include having for standard Line interface, wireless interface.Network interface 1004 may include optionally that (such as WI-FI connects standard wireline interface and wireless interface Mouthful).Memory 1005 can be high-speed RAM memory, can also be stable memory (non-volatile memory), Such as magnetic disk storage.Memory 1005 optionally can also be the storage device independently of aforementioned processor 1001.
It will be understood by those skilled in the art that the structure of running environment shown in Fig. 1 is not constituted to certificate of authority school The restriction of experiment device may include either combining certain components or different component cloth than illustrating more or fewer components It sets.
As shown in Figure 1, as may include operating system, network communication in a kind of memory 1005 of readable storage medium storing program for executing Module, Subscriber Interface Module SIM and certificate of authority checking routine.
In terminal shown in Fig. 1, network interface 1004 is mainly used for connecting background server, is carried out with background server Data communicate;User interface 1003 is mainly used for connecting client (user terminal), with client into row data communication;And processor 1001 can be used for calling the certificate of authority checking routine stored in memory 1005, and execute following operation:
After current device installation built-in browser application, it is described embedded clear to confirm whether current device runs for the first time Look at device application;
If current device is non-to run the built-in browser application for the first time, the generated certificate of authority, and school are read Whether legal test the certificate of authority;Wherein, the certificate of authority is to be based on applying corresponding one with the built-in browser Initial authorization certificates constructing;
If the certificate of authority is legal, verification passes through;
If the certificate of authority is illegal, the initial authorization certificate is reacquired, and verifies the initial authorization card Whether book is legal;
If the initial authorization certificate is legal, the initial authorization certificate is encrypted, is awarded described in current device with updating Warrant book.
Further, processor 1001 can call the certificate of authority checking routine stored in memory 1005, also execute It operates below:
The built-in browser is being compiled in application, obtaining the application file of the built-in browser application;
Obtain default calibration feature information corresponding with the application file;
Generate the initial authorization certificate;Wherein, the initial authorization certificate includes the default calibration feature information;
The initial authorization certificate is preset in the compiling source file of built-in browser application;
According to the compiling source file, compiles and generate and apply corresponding executable file with the built-in browser; Wherein, current device completes the installation of the built-in browser application based on the executable file.
Further, processor 1001 can call the certificate of authority checking routine stored in memory 1005, also execute It operates below:
If current device runs the built-in browser application for the first time, the initial authorization certificate is obtained, and verify Whether the initial authorization certificate is legal;
If the initial authorization certificate is legal, the initial authorization certificate is encrypted, is awarded described in current device with generating Warrant book.
Further, processor 1001 can call the certificate of authority checking routine stored in memory 1005, also execute It operates below:
The default calibration feature information is extracted from the initial authorization certificate;
It is special to generate practical verification corresponding with the application file that the built-in browser mounted on current device is applied Reference ceases;Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information;
Judge whether the default calibration feature information is consistent with the practical calibration feature information;
If consistent, judge that the initial authorization certificate is legal;
If inconsistent, judge that the initial authorization certificate is illegal.
Further, processor 1001 can call the certificate of authority checking routine stored in memory 1005, also execute It operates below:
Read the default identifier of current device;
Using the default identifier of current device as key, the initial authorization certificate is encrypted according to predetermined encryption algorithm and is carried out Encryption, to generate the certificate of authority of current device;
Wherein, the certificate of authority of generation is stored in the default storage protection subregion of current device.
Further, processor 1001 can call the certificate of authority checking routine stored in memory 1005, also execute It operates below:
Read the certificate of authority;
According to the default identifier of current device and default decipherment algorithm, the certificate of authority is decrypted, to obtain The target certificate of authority;
Read the practical calibration feature information in the target certificate of authority, and judge the practical calibration feature information with Whether the default calibration feature information that the initial authorization certificate includes is consistent;
If the practical calibration feature information is consistent with the default calibration feature information, judge that the certificate of authority closes Method;
If the practical calibration feature information and the default calibration feature information are inconsistent, the certificate of authority is judged It is illegal;
Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information.
Preferably, the default calibration feature information includes one or more below:The number of the application file, MD5 check values.
Fig. 2 is please referred to, certificate of authority method of calibration first embodiment of the present invention includes the following steps:
For the first time whether step S10 confirm current device described in operation after current device installation built-in browser application Built-in browser application;
Wherein, the built-in browser application of various embodiments of the present invention meaning refers to operating in various embedded devices Browser application, embedded device include but not limited to:(smart mobile phone is put down for DTV STB, mobile intelligent terminal Plate computer), PDA (Personal Digital Assistant, palm PC).
Current device runs mounted built-in browser in application, to judge whether current device runs for the first time described embedding Enter formula browser application.Specific implementation can read the usage log of built-in browser application, if usage log is without before Using information, then judge that current device runs the built-in browser application for the first time;Conversely, judgement current device is non- The built-in browser application is run for the first time.
Step S20 reads generated warrant if current device is non-to run the built-in browser application for the first time Book, and whether verify the certificate of authority legal;Wherein, the certificate of authority is to be based on and built-in browser application pair The initial authorization certificates constructing answered;
In the specific implementation, the certificate of authority is to apply corresponding initial authorization certificate with the built-in browser The certificate of authority generated after being encrypted.Wherein, the built-in browser is being compiled in application, according to generated described embedding The application file for entering formula browser application generates the initial authorization certificate, and specific embodiment is as detailed below.
Preferably, the certificate of authority of generation is stored in the default storage protection subregion of current device.Wherein, it presets Storage protection subregion is specifically the protection subregion of the operating system of current device.
As shown in figure 3, verifying the whether legal specific implementation of the certificate of authority and including:
A1 extracts the default calibration feature information from the initial authorization certificate;
A2 generates practical verification corresponding with the application file that the built-in browser mounted on current device is applied Characteristic information;Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information;
The application file applied again according to the built-in browser for being mounted on current device generates practical verification Characteristic information (number of such as described application file, MD5 check values);Wherein, it needs to ensure:The practical calibration feature information Classification is identical as the default classification of calibration feature information.For example, if default calibration feature information includes application file simultaneously Number and MD5 check values, then practical calibration feature information also include the number and MD5 check values of application file simultaneously.
A3 judges whether the default calibration feature information is consistent with the practical calibration feature information;
A4, if unanimously, judging that the initial authorization certificate is legal;
A5 judges that the initial authorization certificate is illegal if inconsistent.
When the two is consistent, as the above situation (1) judges that the initial authorization certificate is legal;Conversely, being then the above situation (2), judge that the initial authorization certificate is illegal.The default school generated by the application file applied based on built-in browser Test characteristic information and initial authorization certificate, can with verification Application file, either whether initial authorization certificate damages or is changed, To realize the identification of application file or initial authorization certificate information integrality, the information security of file is helped to improve.
Step S21, if the certificate of authority is legal, verification passes through;
Step S22 reacquires the initial authorization certificate if the certificate of authority is illegal, and verifies described first Whether the beginning certificate of authority is legal;
When the certificate of authority is illegal, it was demonstrated that the certificate of authority may be damaged or be changed.It needs to obtain again at this time The initial authorization certificate is taken, and whether verify the initial authorization certificate legal.
Step S23 encrypts the initial authorization certificate, to update current device if the initial authorization certificate is legal The certificate of authority.
Step S22, the purpose of step S23 is, when confirming that the current certificate of authority may be damaged or be changed, to need Again the new certificate of authority is regenerated according to initial authorization certificate, for the verification of the subsequent certificate of authority.Preferably, weight It newly encrypts the certificate of authority generated after the initial authorization certificate to be stored in the default storage protection subregion, to update The certificate of authority before instead.
In this way, the side replacing existing verification initial authorization certificate in a manner of the certificate of authority for verifying current device Formula is avoided and is transferred to initial authorization certificate, significantly reduce initial authorization certificate transferred and cause damage or by The risk of modification ensure that the file integrality and information security of initial authorization certificate.Meanwhile the present embodiment is realized to awarding Whether warrant book damages the identification either changed and generates new mandate when identifying certificate of authority damage or being changed Certificate, to update the certificate of authority for having damaged or having been changed;Thus avoid damaging in the certificate of authority or when being changed after It is continuous to execute debug command, and the certificate of authority generated therewith reading failure, embedded device is avoided the prompt of unauthorized occur And influence the brand image of embedded device product.That is, solve because built-in browser the certificate of authority exist damage or Person is changed the problem of leading to authorization failure, and the brand image of embedded device product is maintained.
Further, as shown in figure 4, the first embodiment based on certificate of authority method of calibration of the present invention, is awarded in the present invention In the second embodiment of warrant book method of calibration, described after current device installation built-in browser application, confirmation is currently set Before standby the step of whether running the built-in browser application for the first time, further include:
Step S30 is compiling the built-in browser in application, obtaining the practical writing of the built-in browser application Part;
Step S31 obtains default calibration feature information corresponding with the application file;
Step S32 generates the initial authorization certificate;Wherein, the initial authorization certificate includes that the default verification is special Reference ceases;
(such as dynamic link library file dll files, configuration i.e. after the types of applications file for generating built-in browser application File), the application file based on built-in browser application generates corresponding default calibration feature information.Preferably, described pre- If calibration feature information includes one or more below:The number of the application file, MD5 check values.Wherein, the schools MD5 It tests value (Message-Digest Algorithm5, i.e. the 5th generation Message Digest 5) and has and be difficult to replicate, be highly reliable excellent Point.
The initial authorization certificate is preset in the compiling source file of built-in browser application by step S33;
Step S34 is compiled and is generated and held using corresponding with the built-in browser according to the compiling source file Style of writing part;Wherein, current device completes the installation of the built-in browser application based on the executable file.
It generates after presetting calibration feature information, correspondingly generates unique initial authorization certificate.The initial authorization certificate Include default calibration feature information.And default calibration feature information is pacified for carrying out consistency check in embedded device After having filled built-in browser application, after whether being applied with installation built-in browser by the default calibration feature information of judgement, The practical calibration feature information for being stored in the application file of embedded device is consistent, verifies the application file or initial authorization card Whether book damages or is changed.
Further, as shown in Fig. 2, the first embodiment based on certificate of authority method of calibration of the present invention, is awarded in the present invention In the 3rd embodiment of warrant book method of calibration, described after current device installation built-in browser application, confirmation is currently set Before standby the step of whether running the built-in browser application for the first time, further include:
Step S40 obtains the initial authorization card if current device runs the built-in browser application for the first time Book, and whether verify the initial authorization certificate legal;
After current device is mounted with built-in browser application, initial authorization certificate is stored in the built-in browser and answers Installation site (installation folder).Current device runs the built-in browser in application, from described embedded for the first time The installation site (installation folder) of browser application obtains the certificate of authority.That is, described in only being run for the first time in current device Built-in browser just transfers initial authorization certificate when applying
It verifies the whether legal specific implementation of the initial authorization certificate to be identical with the first embodiment, which is not described herein again.
Since the application file that initial authorization certificate is applied with the built-in browser is uniquely corresponding, described in verification Whether initial authorization certificate legal, it can be determined that built-in browser application source file or initial authorization certificate whether damage or Person is changed, and to realize the identification of application file or initial authorization certificate information integrality, helps to improve the letter of file Cease safety.If identifying, either initial authorization certificate is damaged or changed built-in browser application source file, is shown embedding Enter the running environment existence information security risk of formula browser application;User can also be prompted to reinstall embedded browsing at this time Device application.
Step S41 encrypts the initial authorization certificate, to generate current device if the initial authorization certificate is legal The certificate of authority.
Initial authorization certificate is encrypted according to preset cipher mode, generates the certificate of authority of current device.In addition, The certificate of authority can be stored in the default storage protection subregion of current device, for calling, and reduce the certificate of authority The risk changed;Wherein, the protection subregion that storage protection subregion is specifically the operating system of current device is preset.
Further, as shown in figure 5, step S41 is specifically included:
Step S411 reads the default identifier of current device;
Wherein, the default identifier is for realizing the unique mark to current device;Preferably, including one kind below Or it is a variety of:The sequence number of MAC Address, current device.
Step S412 is initially awarded using the default identifier of current device as key according to predetermined encryption algorithm encryption is described Warrant book is encrypted, to generate the certificate of authority of current device;
Wherein, the certificate of authority of generation is stored in the default storage protection subregion of current device.
Symmetric encipherment algorithm or rivest, shamir, adelman may be used in predetermined encryption algorithm.In this way, current device is awarded Warrant book replaces initial authorization certificate as the usual manner for authorizing verification, eliminates frequently transferring to initial authorization certificate, Improve the information safety protection dynamics to initial authorization certificate;Simultaneously because the certificate of authority of current device is encrypted, when The information security of the certificate of authority of preceding equipment is also strengthened.
Further, as shown in fig. 6, the second embodiment based on certificate of authority method of calibration of the present invention, is awarded in the present invention It is described to read the generated certificate of authority in the fourth embodiment of warrant book method of calibration, and whether verify the certificate of authority Legal step, specifically includes:
Step S201 reads the certificate of authority;
Step S202 solves the certificate of authority according to the default identifier of current device and default decipherment algorithm It is close, to obtain the target certificate of authority;
Preferably, the default identifier includes one or more below:The sequence number of MAC Address, current device. In addition, default decipherment algorithm is the inverse operation algorithm of the predetermined encryption algorithm in 3rd embodiment.
Step S203 reads the practical calibration feature information in the target certificate of authority, and judges the practical verification Whether characteristic information and the default calibration feature information that the initial authorization certificate includes are consistent;
Step S204, if the practical calibration feature information is consistent with the default calibration feature information, described in judgement The certificate of authority is legal;
Step S205 judges institute if the practical calibration feature information and the default calibration feature information are inconsistent It is illegal to state the certificate of authority;
Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information.
By 3rd embodiment above it is found that authorized certificate after the encryption of initial authorization certificate, therefore to current device The certificate of authority can obtain a target certificate of authority after carrying out reverse decryption.Read the reality in the target certificate of authority Calibration feature information, and consistency checking is carried out with the default calibration feature information in initial authorization certificate, if the two is consistent, card The improving eyesight mark certificate of authority is consistent with initial authorization certificate, i.e., the target certificate of authority and initial authorization certificate without damage or not by Modification, the target certificate of authority is legal at this time.If the two is inconsistent, it was demonstrated that the target certificate of authority and initial authorization certificate are inconsistent, I.e. the damage of the target certificate of authority is either by modification (assuming that initial authorization certificate is without damage or is not changed), at this time target mandate Certificate is illegal.To realize the identification of application file or initial authorization certificate information integrality, file is helped to improve Information security.
In addition, the present invention provides a kind of application apparatus, including certificate of authority calibration equipment as described above.Specifically, should Application apparatus can be used for realizing the installation and debugging of built-in browser application;The application apparatus can be specifically digital television Top box, interactive network television set top box.
In addition, the embodiment of the present invention also proposes a kind of readable storage medium storing program for executing, mandate is stored on the readable storage medium storing program for executing Certificate checking routine realizes following operation when the certificate of authority checking routine is executed by processor:
After current device installation built-in browser application, it is described embedded clear to confirm whether current device runs for the first time Look at device application;
If current device is non-to run the built-in browser application for the first time, the generated certificate of authority, and school are read Whether legal test the certificate of authority;Wherein, the certificate of authority is to be based on applying corresponding one with the built-in browser Initial authorization certificates constructing;
If the certificate of authority is legal, verification passes through;
If the certificate of authority is illegal, the initial authorization certificate is reacquired, and verifies the initial authorization card Whether book is legal;
If the initial authorization certificate is legal, the initial authorization certificate is encrypted, is awarded described in current device with updating Warrant book.
Further, following operation is also realized when the certificate of authority checking routine is executed by processor:
The built-in browser is being compiled in application, obtaining the application file of the built-in browser application;
According to preset rules, default calibration feature information corresponding with the application file is generated;
Generate the initial authorization certificate;Wherein, the initial authorization certificate includes the default calibration feature information;
The initial authorization certificate is preset in the compiling source file of built-in browser application;
According to the compiling source file, compiles and generate and apply corresponding executable file with the built-in browser; Wherein, current device completes the installation of the built-in browser application based on the executable file.
Further, following operation is also realized when the certificate of authority checking routine is executed by processor:
If current device runs the built-in browser application for the first time, the initial authorization certificate is obtained, and verify Whether the initial authorization certificate is legal;
If the initial authorization certificate is legal, the initial authorization certificate is encrypted, is awarded described in current device with generating Warrant book.
Further, following operation is also realized when the certificate of authority checking routine is executed by processor:
The default calibration feature information is extracted from the initial authorization certificate;
It is special to generate practical verification corresponding with the application file that the built-in browser mounted on current device is applied Reference ceases;Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information;
Judge whether the default calibration feature information is consistent with the practical calibration feature information;
If consistent, judge that the initial authorization certificate is legal;
If inconsistent, judge that the initial authorization certificate is illegal.
Further, following operation is also realized when the certificate of authority checking routine is executed by processor:
Read the default identifier of current device;
Using the default identifier of current device as key, the initial authorization certificate is encrypted according to predetermined encryption algorithm and is carried out Encryption, to generate the certificate of authority of current device;
Wherein, the certificate of authority of generation is stored in the default storage protection subregion of current device.
Further, following operation is also realized when the certificate of authority checking routine is executed by processor:
Read the certificate of authority;
According to the default identifier of current device and default decipherment algorithm, the certificate of authority is decrypted, to obtain The target certificate of authority;
Read the practical calibration feature information in the target certificate of authority, and judge the practical calibration feature information with Whether the default calibration feature information that the initial authorization certificate includes is consistent;
If the practical calibration feature information is consistent with the default calibration feature information, judge that the certificate of authority closes Method;
If the practical calibration feature information and the default calibration feature information are inconsistent, the certificate of authority is judged It is illegal;
Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information.
Preferably, the default identifier includes one or more below:The sequence number of MAC Address, current device.
It should be noted that herein, the terms "include", "comprise" or its any other variant are intended to non-row His property includes, so that process, method, article or system including a series of elements include not only those elements, and And further include other elements that are not explicitly listed, or further include for this process, method, article or system institute it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including this There is also other identical elements in the process of element, method, article or system.
The embodiments of the present invention are for illustration only, can not represent the quality of embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Based on this understanding, technical scheme of the present invention substantially in other words does the prior art Going out the part of contribution can be expressed in the form of software products, which is stored in one as described above In storage medium (such as ROM/RAM, magnetic disc, CD), including some instructions are used so that a station terminal equipment executes the present invention respectively Method described in a embodiment.
It these are only the preferred embodiment of the present invention, be not intended to limit the scope of the invention, it is every to utilize this hair Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills Art field, is included within the scope of the present invention.

Claims (10)

1. a kind of certificate of authority method of calibration, which is characterized in that the described method comprises the following steps:
After current device installation built-in browser application, confirm whether current device runs the built-in browser for the first time Using;
If current device is non-to run the built-in browser application for the first time, the generated certificate of authority is read, and verify institute Whether legal state the certificate of authority;Wherein, the certificate of authority is based on initial using corresponding one with the built-in browser What the certificate of authority generated;
If the certificate of authority is legal, verification passes through;
If the certificate of authority is illegal, the initial authorization certificate is reacquired, and verify the initial authorization certificate to be It is no legal;
If the initial authorization certificate is legal, the initial authorization certificate is encrypted, to update the warrant of current device Book.
2. certificate of authority method of calibration as described in claim 1, which is characterized in that described embedded clear in current device installation After device of looking at application, before confirming the step of whether current device runs the built-in browser application for the first time, further include:
The built-in browser is being compiled in application, obtaining the application file of the built-in browser application;
According to preset rules, default calibration feature information corresponding with the application file is generated;
Generate the initial authorization certificate;Wherein, the initial authorization certificate includes the default calibration feature information;
The initial authorization certificate is preset in the compiling source file of built-in browser application;
According to the compiling source file, compiles and generate and apply corresponding executable file with the built-in browser;Wherein, Current device completes the installation of the built-in browser application based on the executable file.
3. certificate of authority method of calibration as described in claim 1, which is characterized in that described embedded clear in current device installation After device of looking at application, after confirming the step of whether current device runs the built-in browser application for the first time, further include:
If current device runs the built-in browser application for the first time, the initial authorization certificate is obtained, and described in verification Whether initial authorization certificate is legal;
If the initial authorization certificate is legal, the initial authorization certificate is encrypted, to generate the warrant of current device Book.
4. the certificate of authority method of calibration as described in claim 1 or 3, which is characterized in that the verification initial authorization card The whether legal step of book, specifically includes:
The default calibration feature information is extracted from the initial authorization certificate;
Practical calibration feature corresponding with the application file that the built-in browser mounted on current device is applied is generated to believe Breath;Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information;
Judge whether the default calibration feature information is consistent with the practical calibration feature information;
If consistent, judge that the initial authorization certificate is legal;
If inconsistent, judge that the initial authorization certificate is illegal.
5. certificate of authority method of calibration as claimed in claim 3, which is characterized in that the encryption initial authorization certificate, It the step of certificate of authority to generate current device, specifically includes:
Read the default identifier of current device;
Using the default identifier of current device as key, the initial authorization certificate is encrypted according to predetermined encryption algorithm and is added It is close, to generate the certificate of authority of current device;
Wherein, the certificate of authority of generation is stored in the default storage protection subregion of current device.
6. certificate of authority method of calibration as claimed in claim 2, which is characterized in that it is described to read the generated certificate of authority, And the whether legal step of the certificate of authority is verified, it specifically includes:
Read the certificate of authority;
According to the default identifier of current device and default decipherment algorithm, the certificate of authority is decrypted, to obtain target The certificate of authority;
Read the practical calibration feature information in the target certificate of authority, and judge the practical calibration feature information with it is described Whether the default calibration feature information that initial authorization certificate includes is consistent;
If the practical calibration feature information is consistent with the default calibration feature information, judge that the certificate of authority is legal;
If the practical calibration feature information and the default calibration feature information are inconsistent, judge that the certificate of authority does not conform to Method;
Wherein, the classification of the practical calibration feature information is identical as the default classification of calibration feature information.
7. such as certificate of authority method of calibration described in claim 5 or 6, which is characterized in that the default identifier includes following One or more:The sequence number of MAC Address, current device.
8. a kind of certificate of authority calibration equipment, which is characterized in that including:It memory, processor and is stored on the memory And the certificate of authority checking routine that can be run on the processor, wherein:
Awarding as described in any one of claim 1 to 7 is realized when the certificate of authority checking routine is executed by the processor The step of warrant book method of calibration.
9. a kind of readable storage medium storing program for executing, which is characterized in that be stored with certificate of authority checking routine, institute on the readable storage medium storing program for executing State the certificate of authority verification realized when certificate of authority checking routine is executed by processor as described in any one of claim 1 to 7 The step of method.
10. a kind of application apparatus, which is characterized in that including certificate of authority calibration equipment as claimed in claim 8.
CN201810407491.XA 2018-04-28 2018-04-28 Authorization certificate checking method and device, readable storage medium and application equipment Active CN108599959B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810407491.XA CN108599959B (en) 2018-04-28 2018-04-28 Authorization certificate checking method and device, readable storage medium and application equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810407491.XA CN108599959B (en) 2018-04-28 2018-04-28 Authorization certificate checking method and device, readable storage medium and application equipment

Publications (2)

Publication Number Publication Date
CN108599959A true CN108599959A (en) 2018-09-28
CN108599959B CN108599959B (en) 2021-08-24

Family

ID=63620335

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810407491.XA Active CN108599959B (en) 2018-04-28 2018-04-28 Authorization certificate checking method and device, readable storage medium and application equipment

Country Status (1)

Country Link
CN (1) CN108599959B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111414588A (en) * 2019-01-08 2020-07-14 杭州海康威视数字技术股份有限公司 Authorization key generation method, authorization key generation device and authorization server
CN112532390A (en) * 2019-08-30 2021-03-19 华为技术有限公司 Method and device for loading certificate of digital certificate certification authority
CN115022091A (en) * 2022-08-04 2022-09-06 亿次网联(杭州)科技有限公司 Digital certificate-based autonomous authorization method and system
US11520885B1 (en) * 2021-12-01 2022-12-06 Uab 360 It Method and apparatus for using a dynamic security certificate

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103297816A (en) * 2013-05-08 2013-09-11 深圳创维数字技术股份有限公司 Safety downloading method and digital television receiving terminal
CN104123491A (en) * 2014-07-18 2014-10-29 广州金山网络科技有限公司 Method and device for detecting whether application program installation package is tempered
CN105512519A (en) * 2015-11-30 2016-04-20 北大方正集团有限公司 Digital resource copyright protection method, opening method and device, and hardware storage device
CN105553668A (en) * 2015-12-21 2016-05-04 北京飞杰信息技术有限公司 Method and system for verifying user authorization certificate through verifying authorization time
CN106209751A (en) * 2015-05-08 2016-12-07 中标软件有限公司 Service-oriented interface authentication method based on the operating system certificate of authority
US20160378983A1 (en) * 2015-06-27 2016-12-29 Mcafee, Inc. Malware detection using a digital certificate
CN107302535A (en) * 2017-06-28 2017-10-27 深圳市欧乐在线技术发展有限公司 A kind of access authentication method and device
CN107508682A (en) * 2017-08-16 2017-12-22 努比亚技术有限公司 Browser certificate authentication method and mobile terminal

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103297816A (en) * 2013-05-08 2013-09-11 深圳创维数字技术股份有限公司 Safety downloading method and digital television receiving terminal
CN104123491A (en) * 2014-07-18 2014-10-29 广州金山网络科技有限公司 Method and device for detecting whether application program installation package is tempered
CN106209751A (en) * 2015-05-08 2016-12-07 中标软件有限公司 Service-oriented interface authentication method based on the operating system certificate of authority
US20160378983A1 (en) * 2015-06-27 2016-12-29 Mcafee, Inc. Malware detection using a digital certificate
CN105512519A (en) * 2015-11-30 2016-04-20 北大方正集团有限公司 Digital resource copyright protection method, opening method and device, and hardware storage device
CN105553668A (en) * 2015-12-21 2016-05-04 北京飞杰信息技术有限公司 Method and system for verifying user authorization certificate through verifying authorization time
CN107302535A (en) * 2017-06-28 2017-10-27 深圳市欧乐在线技术发展有限公司 A kind of access authentication method and device
CN107508682A (en) * 2017-08-16 2017-12-22 努比亚技术有限公司 Browser certificate authentication method and mobile terminal

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
AHMED DALHATU YUSUF: "《Automated batch certificate generation and verification system》", 《IEEE》 *
郑婷: "《基于公钥密码体制的软件授权系统设计与实现》", 《中国优秀硕士学位论文全文数据库》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111414588A (en) * 2019-01-08 2020-07-14 杭州海康威视数字技术股份有限公司 Authorization key generation method, authorization key generation device and authorization server
CN111414588B (en) * 2019-01-08 2023-03-31 杭州海康威视数字技术股份有限公司 Authorization key generation method, authorization key generation device and authorization server
CN112532390A (en) * 2019-08-30 2021-03-19 华为技术有限公司 Method and device for loading certificate of digital certificate certification authority
US11520885B1 (en) * 2021-12-01 2022-12-06 Uab 360 It Method and apparatus for using a dynamic security certificate
CN115022091A (en) * 2022-08-04 2022-09-06 亿次网联(杭州)科技有限公司 Digital certificate-based autonomous authorization method and system

Also Published As

Publication number Publication date
CN108599959B (en) 2021-08-24

Similar Documents

Publication Publication Date Title
CN108599959A (en) Certificate of authority method of calibration, device and readable storage medium storing program for executing, application apparatus
CN108322461B (en) Method, system, device, equipment and medium for automatically logging in application program
CN107679393B (en) Android integrity verification method and device based on trusted execution environment
CN109710315A (en) BIOS writes with a brush dipped in Chinese ink the processing method of method and BIOS image file
EP2854070A1 (en) Method and apparatus of creating application package, method and apparatus of executing application package, and recording medium storing application package
CN104866739A (en) Application program encryption method and application program encryption system in Android system
CN105022936A (en) Class file encryption and decryption method and class file encryption and decryption device
KR102013983B1 (en) Method and server for authenticating an application integrity
CN104199654A (en) Open platform calling method and device
CN106384042B (en) A kind of electronic equipment and security system
GB2507749A (en) Ensuring completeness of a displayed web page
CN107273142A (en) Method for updating program, program operating method and device
CN101360110B (en) Set-top box application security detecting method, apparatus and system
CN107743067A (en) Awarding method, system, terminal and the storage medium of digital certificate
CN104199657A (en) Call method and device for open platform
CN105101169A (en) Method and apparatus of information processing by trusted execution environment, terminal and SIM card
CN104217175A (en) Data read-write method and device
CN107196907A (en) A kind of guard method of Android SO files and device
CN104239099A (en) Mobile phone flushing control method
US8874927B2 (en) Application execution system and method of terminal
CN110245464B (en) Method and device for protecting file
US9129139B2 (en) Solid state memory and method for protecting digital contents by interrupting copying or accessing and proceeding only upon user verification or authentication
Zhauniarovich et al. Enabling trusted stores for android
CN108923910A (en) A kind of method that mobile application APK is anti-tamper
CN105930730A (en) Terminal system security update method and apparatus in trusted execution environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant