CN111049897B - Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package - Google Patents

Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package Download PDF

Info

Publication number
CN111049897B
CN111049897B CN201911257866.XA CN201911257866A CN111049897B CN 111049897 B CN111049897 B CN 111049897B CN 201911257866 A CN201911257866 A CN 201911257866A CN 111049897 B CN111049897 B CN 111049897B
Authority
CN
China
Prior art keywords
data
applet
encrypted
length
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911257866.XA
Other languages
Chinese (zh)
Other versions
CN111049897A (en
Inventor
张洪涛
谢马林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN201911257866.XA priority Critical patent/CN111049897B/en
Publication of CN111049897A publication Critical patent/CN111049897A/en
Application granted granted Critical
Publication of CN111049897B publication Critical patent/CN111049897B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses methods, devices, equipment and media for encrypted uploading and decrypted deployment of small program packages, and relates to the field of data security. The specific implementation scheme is as follows: acquiring the package data of the small program to be uploaded; generating header confusion data through at least one secret key appointed with the applet server and an encryption processing algorithm; adding the head confusion data to the head of the applet inclusion data to generate an applet encryption package; and uploading the applet encrypting package to the applet server. The header confusion data is inserted into the header of the body data of the applet, so that the position of the body data of the applet in the whole applet packet is confused, the purpose of encrypting the applet data packet is realized, and the applet packet can be effectively prevented from being tampered in the process of uploading the applet packet to a server.

Description

Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to the field of data security, and specifically relates to methods, devices, equipment and media for encrypted uploading and decrypted deployment of small program packages.
Background
As applications become more widely used, applets are beginning to be more and more applied and used. The existing small program development process comprises several links, namely, development, debugging and compiling of source codes are firstly carried out on a small program development tool, then compiled codes can preview small programs in a simulator, finally compiled code packages are uploaded to a server, and then the server carries out subsequent processes such as deployment, management and the like of the small program packages. At present, data protection measures for the small program package are lacked in the uploading process of the small program package from a tool end to a server end, and the illegal small program package is easily uploaded by a third-party tool simulation interface.
Disclosure of Invention
The embodiment of the application discloses a method, a device, equipment and a medium for encrypted uploading and decrypted deployment of a small program package, so that the process of uploading the small program package through a small program development tool end is prevented from being tampered, a third-party small program development tool is effectively prevented from simulating an uploading interface, and an illegal small program package is submitted to a server end.
In a first aspect, an embodiment of the present application discloses an encrypted uploading method of an applet package, including:
acquiring the package data of the small program to be uploaded;
generating header confusion data through at least one secret key appointed with the applet server and an encryption processing algorithm;
adding the head confusion data to the head of the applet inclusion data to generate an applet encryption package;
and uploading the applet encrypting package to the applet server.
One embodiment in the above application has the following advantages or benefits: by inserting the header confusion data into the header of the applet packet body data, the position of the packet body data in the whole applet packet is confused, the purpose of encrypting the applet data packet is achieved, and the applet packet can be effectively prevented from being tampered in the process of uploading to a server.
In addition, the encryption uploading method of the applet package according to the above embodiment of the application may further have the following additional technical features:
optionally, the generating the header confusion data by at least one key agreed with the applet server includes:
generating a first random character string, and generating encrypted data according to the length of the first random character string, the data length of the applet inclusion data and a data encryption key;
and taking the first random character string, the encrypted data and the data length of the encrypted data as the header confusion data.
Optionally, before generating the first random character string, the method further includes:
acquiring at least one item of target parameter, and generating a standard signature string according to the at least one item of target parameter and the signature encryption key;
generating encrypted data according to the length of the first random character string, the data length of the applet inclusion data and the data encryption key, wherein the generating of the encrypted data comprises the following steps:
and generating the encrypted data according to the standard signature string, the length of the character string, the data length of the applet inclusion data and a data encryption key.
One embodiment in the above application has the following advantages or benefits: the small program package is signed by combining the appointed secret key and the target parameter, and the signature string, the length of the first random character string and the length of the small program package body data are generated into encrypted data, so that the server for safely uploading the encrypted small program package can be deployed, and meanwhile, a third party can be prevented from compiling a similar development tool to upload the illegal small program package.
Optionally, generating a standard signature string according to the at least one target parameter and the signature encryption key, including:
sequencing the target parameters to obtain a first character string;
splicing the first character string and the signature encryption key to obtain a second character string;
and performing digital signature calculation on the second character string to generate the standard signature string.
Optionally, adding the header confusion data to the header of the applet inclusion data to generate an applet encryption package, including:
adding a first random character string to the head of the applet inclusion data to obtain first intermediate data;
adding the encrypted data to the head of the first intermediate data to obtain second intermediate data;
and filling the data length of the encrypted data into a fixed-length field, and adding the fixed-length field to the head of the first intermediate data to generate the applet encrypted packet.
One embodiment in the above application has the following advantages or benefits: the confusion data is inserted into the head of the small program package, the position of the package body data in the whole small program package is confused, and the safety of the small program package data is ensured.
Optionally, generating encrypted data according to the standard signature string, the length of the character string, the length of the applet packet data, and the data encryption key, includes:
splicing the standard signature string, the length of the character string and the data length of the small program inclusion data to obtain original data;
and encrypting the original data by using the data encryption key to obtain the encrypted data.
Optionally, after acquiring the applet inclusion data to be uploaded, the method further includes:
generating a second random character string as tail confusion data;
adding the header confusion data to the header of the applet inclusion data to generate an applet encryption package, specifically comprising:
and adding the head confusion data to the head of the applet inclusion data, and adding the tail confusion data to the tail of the applet inclusion data to generate the applet encrypted packet.
One embodiment in the above application has the following advantages or benefits: the confusion data is added to the head and the tail of the package body data of the applet, so that the position of the package body data in the whole applet package is further confused, and the safety of the applet package data is ensured.
Optionally, the method is performed by a client tool, the client tool being pre-assigned by an applet server;
acquiring at least one target parameter, comprising:
acquiring at least one interface parameter of an applet uploading interface matched with the client tool as the target parameter;
uploading the applet encryption package to the applet server, comprising:
and uploading the applet encrypted package to the applet server through the applet uploading interface.
In a second aspect, an embodiment of the present application discloses a decryption deployment method for a small program package, including:
acquiring an applet encryption package uploaded by a client tool, wherein the applet encryption package comprises: the applet inclusion data and the header obfuscation data located at a header of the applet inclusion data;
extracting the applet inclusion data from the applet encryption package by at least one key and a decryption processing algorithm agreed with the client tool;
and deploying the small programs according to the small program inclusion data.
One embodiment in the above application has the following advantages or benefits: after receiving the small program encryption package, the server deploys the small program after decryption verification processing, so that the illegal program is prevented from being deployed to the server.
Optionally, the extracting the applet body data from the applet encryption package through at least one key and a decryption processing algorithm agreed with the client tool includes:
unpacking the small program packet, acquiring a fixed-length field from the head of unpacking result data, and acquiring the data length of encrypted data according to the fixed-length field;
reading the encrypted data from the unpacking result data according to the data length of the encrypted data, and decrypting the encrypted data by using a data decryption key to obtain original data;
extracting a standard signature string, the length of a character string of a first random character string and the data length of the small program inclusion data from the original data;
and when the standard signature string is verified to be a legal signature through the signature decryption key, extracting the applet inclusion data from the unpacking result data according to the length of the character string and the data length of the applet inclusion data.
One embodiment in the above application has the following advantages or benefits: after the applet encryption package is decrypted, the signature string is verified to determine whether the applet package is legal or not, screening of the illegally uploaded applets is achieved, and deployment of the illegal applets is avoided.
Optionally, verifying that the standard signature string is a legal signature by using the signature decryption key includes:
acquiring at least one interface parameter of the applet uploading interface, and sequencing the interface parameters to obtain a first character string;
splicing the first character string signature decryption secret keys to obtain a second character string;
performing data signature calculation on the second character string to obtain a verification signature string;
and if the standard signature string of the verification signature string is the same, determining that the standard signature string is a legal signature.
One embodiment in the above application has the following advantages or benefits: it can be determined whether the applet package is legitimate by verifying the signature string.
Optionally, after extracting the standard signature string, the string length of the first random string, and the data length of the applet inclusion data from the original data, the method further includes:
and if the standard signature string is verified to be an illegal signature through the signature decryption key, discarding the small program encryption packet.
One embodiment in the above application has the following advantages or benefits: and discarding the applet encryption packet for determining that the standard signature string is an illegal signature without deployment, so as to avoid destroying the ecology of the application program due to the deployment of the illegal applet.
In a third aspect, an embodiment of the present application discloses an encrypted uploading apparatus for an applet package, including:
the acquisition module is used for acquiring the applet inclusion data to be uploaded;
the data generation module is used for generating head confusion data through at least one secret key appointed with the applet server and an encryption processing algorithm;
the encryption module is used for adding the head confusion data into the head of the applet inclusion data to generate an applet encryption package;
and the uploading module is used for uploading the applet encrypted package to the applet server.
In a fourth aspect, an embodiment of the present application discloses a decryption deployment apparatus for an applet package, including:
the encryption package acquisition module is used for acquiring an applet encryption package uploaded by a client tool, wherein the applet encryption package comprises: the applet body data and the header confusion data located at the applet body data header;
the decryption module is used for extracting the applet body data from the applet encryption package through at least one secret key and a decryption processing algorithm which are agreed with the client tool;
and the deployment module is used for deploying the small programs according to the small program inclusion data.
In a fifth aspect, an embodiment of the present application further provides an electronic device, including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a method for encrypted upload of a applet package according to any of the embodiments of the application.
In a sixth aspect, an embodiment of the present application further provides an electronic device, including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a method of decrypting a small program package in accordance with any of the embodiments of the present application.
In a seventh aspect, this application further provides a non-transitory computer-readable storage medium storing computer instructions for causing a computer to execute the encrypted uploading method of a small program package according to any embodiment of this application.
In an eighth aspect, embodiments of the present application further provide a non-transitory computer-readable storage medium storing computer instructions for causing a computer to execute the method for decrypting a small program package according to any of the embodiments of the present application.
Other effects of the above-described alternative will be described below with reference to specific embodiments.
Drawings
The drawings are included to provide a better understanding of the present solution and are not intended to limit the present application. Wherein:
fig. 1 is a flowchart illustrating an encrypted upload method of an applet package according to a first embodiment of the present application;
fig. 2 is a flowchart illustrating an encrypted upload method of an applet package according to a second embodiment of the present application;
fig. 3 is a flowchart illustrating an encrypted upload method of an applet package according to a third embodiment of the present application;
FIG. 4 is a schematic flow chart diagram of a method of decrypted deployment of an applet package according to a fourth embodiment of the present application;
fig. 5 is a schematic structural diagram of an encrypted uploading device of an applet package according to a fifth embodiment of the present application;
fig. 6 is a schematic structural diagram of a decryption deployment apparatus for an applet package according to a sixth embodiment of the present application;
fig. 7 is a block diagram of an electronic device for implementing an encrypted upload method of an applet package according to an embodiment of the present application.
Detailed Description
The following description of the exemplary embodiments of the present application, taken in conjunction with the accompanying drawings, includes various details of the embodiments of the application to assist in understanding, which are to be considered exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present application. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Fig. 1 is a schematic flow chart of an applet package encryption uploading method in an embodiment of the present application, which is applicable to a case where a compiled applet installation package is uploaded through an applet development tool. The method can be executed by a small program package encryption uploading device which is implemented by software and/or hardware, and is preferably configured in an electronic device, such as a server or a computer device. As shown in fig. 1, the method specifically includes the following steps:
s101, acquiring the package data of the small program to be uploaded.
Wherein, the applet inclusion data refers to a code packet of the applet which is debugged and compiled in the applet development tool. In order to ensure that the applet inclusion data is not tampered in the uploading process, the security of the applet inclusion data is ensured by encrypting the applet inclusion data. Encryption is performed, and compiled applet packet body data are obtained before uploading.
And S102, generating header confusion data through at least one secret key agreed with the applet server and an encryption processing algorithm.
The head confusion data is data which needs to be added to the head of the small program package and is used for confusing the position of the packet body data of the small program in the small program package, so that illegal personnel cannot accurately position the packet body data, the falsification of the packet body data of the small program package by the illegal personnel is further avoided, and the safety of the small program installation package is ensured. When generating the header confusion data, the generation may be performed according to at least one key agreed with the applet server, and an encryption processing algorithm, where the at least one key may be a public key or a private key, which is not specifically limited herein, for example, the key may be an agreed character string, and the encryption algorithm may optionally utilize an irreversible MD5 encryption algorithm.
And S103, adding the head confusion data into the head of the applet inclusion data to generate an applet encryption package.
And after the head confusion data is added to the head of the applet packet body data, generating an applet encryption packet, so that in the applet encryption packet, the head confusion data confuses the position of the packet body data in the applet packet, namely, the applet packet body data is encrypted.
And S104, uploading the applet encrypted package to the applet server.
On the basis of S103, the small program encryption package is uploaded to the small program server, and the position of the small program inclusion data is confused in the small program encryption package, so that the inclusion data can be effectively prevented from being illegally tampered in the uploading process. Further, after the applet encrypted package is uploaded to the applet application server, the applet application server can decrypt the applet encrypted package based on a preset secret key to obtain the applet inclusion data, and then the applet deployment work is completed according to the applet inclusion data.
In the embodiment of the application, the header confusion data is inserted into the header of the package body data of the applet, so that the position of the package body data in the whole applet package is confused, the purpose of encrypting the applet data package is achieved, and the applet package can be effectively prevented from being tampered in the process of uploading to a server.
On the basis of the foregoing embodiments, generating the header obfuscation data by at least one key agreed with the applet server may include:
generating a first random character string, and generating encrypted data according to the length of the first random character string, the data length of the applet inclusion data and a data encryption key;
and taking the first random character string, the encrypted data and the data length of the encrypted data as the header confusion data.
Specifically, a first random character string with a random character string length may be randomly generated, and the length of the first random character string and the data length of the applet inclusion data are encrypted using a data encryption key to obtain the encrypted data; and then, after the first random character string, the encrypted data and the data length of the encrypted data are used as the head confusion data and added to the head of the applet inclusion data, the initial position of the applet inclusion data can be confused.
After the applet server successfully acquires the encrypted data according to the data length of the encrypted data, if the encrypted data is successfully decrypted, the length of the first random character string and the data length of the applet inclusion data can be acquired, and then the initial position and the end position of the applet inclusion data can be successfully acquired.
Fig. 2 is a schematic flowchart of an encrypted uploading method of an applet package according to an embodiment of the present application, and referring to fig. 2, the method specifically includes:
s201, acquiring the package data of the small program to be uploaded.
S202, at least one item of target parameter is obtained, and a standard signature string is generated according to the at least one item of target parameter and the signature encryption key.
In the embodiment of the application, the encrypted uploading method of the applet package is executed by a client tool (such as an applet development tool), and the client tool is pre-distributed by an applet server. Therefore, at least one target parameter is obtained, that is, at least one interface parameter of an applet uploading interface (for example, a port of an http protocol) matched with the client tool is obtained as the target parameter, where the interface parameter may be selected from various related information for identifying the applet and the applet developer, for example, an applet identifier and a developer identifier.
In the embodiment of the application, in order to avoid that a third party writes a similar applet development tool and uploads an illegal applet to destroy the application ecology, when the applet is signed, optionally, a standard signature string is generated according to at least one interface parameter and a signature encryption key. Because the standard signature string comprises at least one interface parameter, whether the applet is uploaded by an illegal third-party tool can be determined when the signature is verified by the applet server subsequently.
And generating a standard signature string according to the at least one target parameter and the signature encryption key as follows:
s1, sequencing the target parameters to obtain a first character string.
S2, splicing the first character string and the signature encryption key to obtain a second character string.
And S3, performing digital signature calculation on the second character string to generate the standard signature string.
Optionally, MD5 calculation is performed on the second character string to obtain a standard signature string.
S203, generating a first random character string, and calculating the character string length of the first random character string.
Optionally, a random number generation algorithm is used to generate a first random character string, and the character string length of the first random character string is calculated, so that the applet inclusion data is positioned with reference to the character string length of the first random character string during subsequent decryption.
And S204, generating encrypted data according to the standard signature string, the length of the character string, the data length of the small program inclusion data and the data encryption key.
Optionally, the standard signature string, the length of the character string, and the data length of the applet inclusion data are spliced to obtain original data, and then the data encryption key is used to encrypt the original data, for example, the original data is encrypted based on the encryption data encryption key agreed with the applet service end to obtain encrypted data, and the length of the encrypted data is calculated.
S205, using the first random character string, the encrypted data, and the data length of the encrypted data as the header confusion data.
And S206, adding the head confusion data into the head of the applet inclusion data to generate an applet encryption package.
Optionally, adding a first random character string to the head of the applet inclusion data to obtain first intermediate data; adding the encrypted data to the head of the first intermediate data to obtain second intermediate data; and filling the data length of the encrypted data into a fixed-length field, and adding the fixed-length field to the head of the first intermediate data to generate the applet encrypted packet. It should be noted that, by filling the length of the encrypted data in the fixed-length field, it is ensured that the encrypted data is located directly according to the data in the fixed-length field during decryption.
And S207, uploading the applet encrypted package to the applet server.
Optionally, the applet encrypted packet is uploaded to the applet server through the applet upload interface, where the upload interface is optionally a port of an http protocol.
According to the embodiment of the invention, the small program package is encrypted to prevent the small program package from being tampered in the transmission process, the small program package is signed by adopting a mode of combining an agreed signature encryption key and interface parameters, and the signature string, the length of the first random character string and the length of the small program package body data are generated into encrypted data, so that the server for safely uploading the encrypted small program package can be ensured to be deployed, and meanwhile, a third party can be prevented from compiling a similar development tool to upload an illegal small program package.
Fig. 3 is a schematic flowchart of an encrypted upload method of an applet package according to an embodiment of the present application, and referring to fig. 3, the method specifically includes:
s301, acquiring the package data of the small program to be uploaded.
S302, generating header confusion data through at least one secret key agreed with the applet server and an encryption processing algorithm.
And S303, generating a second random character string as tail confusion data.
In the embodiment of the application, in order to improve the encryption level, that is, to further obfuscate the position of the applet packet body data in the applet encryption packet, a second random character string may be generated based on a random number generation algorithm to serve as tail obfuscated data.
And S304, adding the head confusion data into the head of the applet inclusion data, and adding the tail confusion data into the tail of the applet inclusion data to generate the applet encrypted packet.
The head confusion data and the tail confusion data are respectively added into the head part and the tail part of the applet inclusion data to obtain the applet encrypted packet, so that the applet inclusion data are more difficult to position, the applet inclusion data are not easy to be falsified in the uploading process, and the safety of the inclusion data is ensured.
S305, uploading the applet encrypted package to the applet server.
Specifically, after the applet server obtains the applet encryption package, the applet server may decrypt the applet inclusion data according to the at least one key to obtain the applet inclusion data for deployment.
In the embodiment of the application, before the applet inclusion data is uploaded, corresponding head confusion data and tail confusion data are added to the head and the tail of the inclusion data, the difficulty in positioning the inclusion data is increased, and therefore the inclusion data is not easy to be tampered in the uploading process.
Fig. 4 is a flowchart of a decryption deployment method for an applet package according to an embodiment of the present application, where the method is applied to a case where a received applet encryption package is decoded and an applet is deployed at an applet service end, and the method may be executed by an applet package encryption uploading apparatus, which is implemented in software and/or hardware, and is preferably configured in an electronic device, such as a server or a computer device. As shown in fig. 4, the method specifically includes the following steps:
s401, acquiring an applet encryption package uploaded by a client tool.
Wherein, the applet encryption package comprises: the applet inclusion data and header obfuscation data at a header of the applet inclusion data and tail obfuscation data at a tail of the applet inclusion data.
S402, extracting the applet body data from the applet encryption package through at least one secret key and a decryption processing algorithm which are agreed with the client tool.
Illustratively, referring to the above embodiment, in the process of encrypting the applet, two keys, namely a data encryption key and a signature encryption key, need to be maintained. Therefore, the applet inclusion data can be extracted from the applet encryption package through a data decryption key, a signature decryption key and a corresponding decryption processing algorithm respectively corresponding to the data encryption key and the signature encryption key, and specific operations can include:
s1, unpacking the small program packet, acquiring a fixed-length field from the head of unpacking result data, and acquiring the data length of encrypted data according to the fixed-length field.
Illustratively, according to a predetermined decryption algorithm, the applet encrypted packet is unpacked, and as can be seen from the encryption process in the foregoing embodiment, the structure data after being packed sequentially from the head to the tail are: the device comprises a fixed-length field, encrypted data, a first random character string, inclusion data and a second random character string. Therefore, after unpacking, the data length of the encrypted data is first determined from the data described in the fixed-length field.
S2, reading the encrypted data from the unpacking result data according to the data length of the encrypted data, and decrypting the encrypted data by using the data decryption secret key to obtain original data.
And reading the encrypted data from the unpacking result data according to the data length of the encrypted data, and decrypting the read encrypted data based on a pre-agreed data decryption key and a decryption algorithm to obtain original data.
And S3, extracting the standard signature string, the string length of the first random string and the data length of the small program inclusion data from the original data.
And S4, when the standard signature string is verified to be a legal signature through the signature decryption secret key, extracting the applet inclusion data from the unpacking result data according to the length of the character string and the data length of the applet inclusion data.
Optionally, the process of verifying that the standard signature string is a legal signature by using the signature decryption key is as follows:
acquiring at least one interface parameter of an applet uploading interface, and sequencing the interface parameters to obtain a first character string; splicing the first character string and the signature decryption key to obtain a second character string; performing data signature calculation on the second character string to obtain a verification signature string; and if the standard signature string of the verification signature string is the same, determining that the standard signature string is a legal signature.
And after the standard signature string is verified to be a legal signature, reading the first character string according to the character string length of the first random character string, and further reading the applet inclusion data according to the data length of the applet inclusion data.
And S403, deploying the small programs according to the small program inclusion data.
The signature of the applet encrypted package is verified to be legal, so that the extracted applet package data only needs to be directly installed and deployed on the applet server.
In the embodiment of the application, after the applet encryption package is received, decryption operation is carried out through a decryption key and a corresponding decryption algorithm, whether a standard signature string obtained through decryption is legal or not is verified, and the applet is deployed under the legal condition, so that the phenomenon that the applet ecology is damaged due to installation and deployment of illegal applets is avoided.
Further, if the standard signature string is verified to be an illegal signature through the signature decryption key, the applet encryption package is discarded, and therefore deployment of illegal applets is avoided.
Fig. 5 is a schematic structural diagram of an encrypted applet package uploading apparatus according to an embodiment of the present application, where the apparatus can implement the encrypted applet package uploading method according to any embodiment of the present application. The apparatus 500 specifically includes the following:
an obtaining module 501, configured to obtain applet inclusion data to be uploaded;
a data generating module 502, configured to generate header confusion data through at least one key agreed with the applet server and an encryption processing algorithm;
the encryption module 503 is configured to add the header confusion data to the header of the applet inclusion data to generate an applet encryption packet;
an upload module 504, configured to upload the applet encrypted package to the applet server.
Optionally, the data generating module includes:
the encrypted data generating unit is used for generating a first random character string and generating encrypted data according to the length of the first random character string, the data length of the applet inclusion data and a data encryption key;
an obfuscated data generating unit configured to use the first random string, the encrypted data, and a data length of the encrypted data as the header obfuscated data.
Optionally, the apparatus further comprises:
the signature string generating module is used for acquiring at least one item of target parameter and generating a standard signature string according to the at least one item of target parameter and the signature encryption key;
correspondingly, the encrypted data generating unit is specifically configured to:
and generating encrypted data according to the standard signature string, the length of the character string, the data length of the applet inclusion data and the data encryption key.
Optionally, the signature string generating module is specifically configured to:
sequencing the target parameters to obtain a first character string;
splicing the first character string and the signature encryption key to obtain a second character string;
and performing digital signature calculation on the second character string to generate the standard signature string.
Optionally, the encryption module includes:
the first adding unit is used for adding a first random character string to the head of the applet inclusion data to obtain first intermediate data;
a second adding unit, configured to add the encrypted data to a header of the first intermediate data to obtain second intermediate data;
and the encryption unit is used for filling the data length of the encrypted data into a fixed-length field, adding the fixed-length field into the head of the first intermediate data and generating the applet encryption packet.
Optionally, the encrypted data generating unit is specifically configured to:
splicing the standard signature string, the length of the character string and the data length of the small program inclusion data to obtain original data;
and encrypting the original data by using the data encryption key to obtain the encrypted data.
Optionally, the apparatus further comprises:
the random number generation module is used for generating a second random character string as tail confusion data;
the encrypted data generation unit is specifically configured to:
and adding the head confusion data to the head of the applet inclusion data, and adding the tail confusion data to the tail of the applet inclusion data to generate the applet encrypted packet.
Optionally, the device configuration is assigned by a client tool, the client tool being pre-assigned by the applet server;
the signature string generation unit includes:
the acquisition subunit is used for acquiring at least one interface parameter of the applet uploading interface matched with the client tool as the target parameter;
the uploading module is specifically configured to:
and uploading the applet encrypted package to the applet server through the applet uploading interface.
The encryption uploading device of the small program package provided by the embodiment of the application can execute the encryption uploading method of the small program package provided by any embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method. Reference may be made to the description of any method embodiment of the present application for details not explicitly described in this embodiment.
Fig. 6 is a schematic structural diagram of an applet package decryption deployment apparatus according to an embodiment of the present application, which can implement the applet package decryption deployment method according to any embodiment of the present application. The apparatus 600 specifically includes the following:
an encryption package obtaining module 601, configured to obtain an applet encryption package uploaded by a client tool, where the applet encryption package includes: the applet inclusion data and the header obfuscation data located at a header of the applet inclusion data;
a decryption module 602, configured to extract the applet body data from the applet encryption package through at least one key and a decryption processing algorithm that are agreed with the client tool;
and the deployment module 603 is configured to perform applet deployment according to the applet inclusion data.
Optionally, the decryption module includes:
the unpacking unit is used for unpacking the small program package, acquiring a fixed-length field from the head of unpacking result data and acquiring the data length of encrypted data according to the fixed-length field;
the reading unit is used for reading the encrypted data from the unpacking result data according to the data length of the encrypted data and decrypting the encrypted data by using a data decryption secret key to obtain original data;
the extraction unit is used for extracting a standard signature string, the string length of a first random string and the data length of the applet inclusion data from the original data;
and the verification unit is used for extracting the applet inclusion data from the unpacking result data according to the length of the character string and the data length of the applet inclusion data when the standard signature string is verified to be a legal signature through the signature decryption key.
Optionally, the verification unit is specifically configured to:
acquiring at least one interface parameter of the applet uploading interface, and sequencing the interface parameters to obtain a first character string;
splicing the first character string signature decryption secret keys to obtain a second character string;
performing data signature calculation on the second character string to obtain a verification signature string;
and if the standard signature string of the verification signature string is the same, determining that the standard signature string is a legal signature.
Optionally, the apparatus further comprises:
and the discarding module is used for discarding the applet encryption package if the standard signature string is verified to be an illegal signature through the signature decryption key.
The decryption deployment device of the applet package provided by the embodiment of the application can execute the decryption deployment method of the applet package provided by any embodiment of the application, and has the corresponding functional modules and the beneficial effects of the execution method. Reference may be made to the description of any method embodiment of the present application for details not explicitly described in this embodiment.
According to an embodiment of the present application, an electronic device and a readable storage medium are also provided.
Fig. 7 is a block diagram of an electronic device according to an encrypted uploading method of an applet package according to an embodiment of the application. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the present application that are described and/or claimed herein.
As shown in fig. 7, the electronic apparatus includes: one or more processors 701, a memory 702, and interfaces for connecting the various components, including a high-speed interface and a low-speed interface. The various components are interconnected using different buses and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions for execution within the electronic device, including instructions stored in or on the memory to display graphical information of a GUI on an external input/output apparatus (such as a display device coupled to the interface). In other embodiments, multiple processors and/or multiple buses may be used, along with multiple memories and multiple memories, as desired. Also, multiple electronic devices may be connected, with each device providing portions of the necessary operations (e.g., as a server array, a group of blade servers, or a multi-processor system). One processor 701 is illustrated in fig. 7.
The memory 702 is a non-transitory computer readable storage medium as provided herein. Wherein the memory stores instructions executable by at least one processor to cause the at least one processor to perform the method for encrypted upload of applets provided herein. The non-transitory computer readable storage medium of the present application stores computer instructions for causing a computer to perform the encrypted upload method of a applet package provided herein.
The memory 702, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules (e.g., the obtaining module 501, the data generating module 502, and the encryption module 503 shown in fig. 5) corresponding to the encrypted uploading method of the applet package in the embodiment of the present application. The processor 701 executes various functional applications of the server and data processing, i.e., implements the encryption uploading method of the applet package in the above method embodiments, by running the non-transitory software programs, instructions and modules stored in the memory 702.
The memory 702 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of the electronic device that implements the encrypted upload method of the applet package, and the like. Further, the memory 702 may include high-speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 702 may optionally include memory located remotely from the processor 701, which may be connected over a network to an electronic device implementing the encrypted upload method of the applet package. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The electronic device implementing the encrypted uploading method of the applet package may further include: an input device 703 and an output device 704. The processor 701, the memory 702, the input device 703 and the output device 704 may be connected by a bus or other means, and fig. 7 illustrates an example of a connection by a bus.
The input device 703 may receive input numeric or character information and generate key signal inputs related to user settings and function control of the electronic apparatus implementing the encrypted upload method of the applet package, such as a touch screen, a keypad, a mouse, a track pad, a touch pad, a pointing stick, one or more mouse buttons, a track ball, a joystick, etc. The output devices 704 may include a display device, auxiliary lighting devices (e.g., LEDs), and tactile feedback devices (e.g., vibrating motors), among others. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device can be a touch screen.
Various implementations of the systems and techniques described here can be realized in digital electronic circuitry, integrated circuitry, application specific ASICs (application specific integrated circuits), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
These computer programs (also known as programs, software applications, or code) include machine instructions for a programmable processor, and may be implemented using high-level procedural and/or object-oriented programming languages, and/or assembly/machine languages. As used herein, the terms "machine-readable medium" and "computer-readable medium" refer to any computer program product, apparatus, and/or device (e.g., magnetic discs, optical disks, memory, programmable Logic Devices (PLDs)) used to provide machine instructions and/or data to a programmable processor, including a machine-readable medium that receives machine instructions as a machine-readable signal. The term "machine-readable signal" refers to any signal used to provide machine instructions and/or data to a programmable processor.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.
According to the technical scheme of the embodiment of the application, the header confusion data is inserted into the header of the body data of the applet, so that the position of the body data in the whole applet packet is confused, the purpose of encrypting the applet data packet is achieved, and the applet packet can be effectively prevented from being tampered in the process of uploading the applet packet to a server.
It should be noted that, the hardware structure of the electronic device (for example, an applet application server) that implements decryption deployment of an applet package is similar to that of the electronic device that implements encryption uploading of an applet package, and details about the electronic device that implements decryption deployment of an applet package are not described herein again.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present application may be executed in parallel, sequentially, or in different orders, and the present invention is not limited thereto as long as the desired results of the technical solutions disclosed in the present application can be achieved.
The above-described embodiments should not be construed as limiting the scope of the present application. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Claims (17)

1. An encrypted uploading method of an applet package, comprising:
acquiring the body data of the small program to be uploaded;
generating header confusion data through at least one secret key appointed with the applet server and an encryption processing algorithm; the secret key comprises a data encryption secret key and a signature encryption secret key;
adding the head confusion data to the head of the applet inclusion data to generate an applet encryption package;
uploading the applet encrypted package to the applet server;
wherein generating header obfuscation data by at least one key agreed with the applet server comprises:
generating a first random character string, and generating encrypted data according to the length of the first random character string, the data length of the applet inclusion data and a data encryption key;
taking the first random character string, the encrypted data, and a data length of the encrypted data as the header obfuscation data;
adding the header obfuscation data to a header of the applet inclusion data to generate an applet encryption package, comprising:
adding a first random character string to the head of the applet inclusion data to obtain first intermediate data;
adding the encrypted data to the head of the first intermediate data to obtain second intermediate data;
and filling the data length of the encrypted data into a fixed-length field, and adding the fixed-length field to the head of the first intermediate data to generate the applet encrypted packet.
2. The method of claim 1, prior to generating the first random string, further comprising:
acquiring at least one item of target parameter, and generating a standard signature string according to the at least one item of target parameter and the signature encryption key;
generating encrypted data according to the length of the first random character string, the data length of the applet inclusion data and the data encryption key, wherein the generating of the encrypted data comprises the following steps:
and generating the encrypted data according to the standard signature string, the length of the character string, the data length of the applet inclusion data and a data encryption key.
3. The method of claim 2, wherein generating a standard signature string from the at least one target parameter and a signature encryption key comprises:
sequencing the target parameters to obtain a first character string;
splicing the first character string and the signature encryption key to obtain a second character string;
and performing digital signature calculation on the second character string to generate the standard signature string.
4. The method of claim 2, wherein generating encrypted data based on the standard signature string, the string length, the data length of the applet body data, and the data encryption key comprises:
splicing the standard signature string, the length of the character string and the data length of the small program inclusion data to obtain original data;
and encrypting the original data by using the data encryption key to obtain the encrypted data.
5. The method of any one of claims 1-4, further comprising, after obtaining the applet inclusion data to be uploaded:
generating a second random character string as tail confusion data;
adding the header confusion data to the header of the applet inclusion data to generate an applet encryption package, specifically comprising:
and adding the head confusion data to the head of the applet inclusion data, and adding the tail confusion data to the tail of the applet inclusion data to generate the applet encrypted packet.
6. The method of any of claims 2-4, wherein the method is performed by a client tool pre-assigned by an applet server;
acquiring at least one target parameter, comprising:
acquiring at least one interface parameter of an applet uploading interface matched with the client tool as the target parameter;
uploading the applet encryption package to the applet server, comprising:
and uploading the applet encrypted package to the applet server through the applet uploading interface.
7. A decryption deployment method of an applet package, comprising:
acquiring an applet encryption package uploaded by a client tool, wherein the applet encryption package comprises: the applet inclusion data and the header obfuscation data located at a header of the applet inclusion data;
extracting the applet inclusion data from the applet encryption package by at least one key and a decryption processing algorithm agreed with the client tool; the secret key comprises a data encryption secret key and a signature encryption secret key;
deploying the small programs according to the small program inclusion data;
the generation process of the head confusion data comprises the following steps:
generating a first random character string, and generating encrypted data according to the length of the first random character string, the data length of the applet inclusion data and a data encryption key;
taking the first random character string, the encrypted data, and a data length of the encrypted data as the header obfuscation data;
the generation process of the applet encrypted package comprises the following steps:
adding a first random character string to the head of the applet inclusion data to obtain first intermediate data;
adding the encrypted data to the head of the first intermediate data to obtain second intermediate data;
and filling the data length of the encrypted data into a fixed-length field, and adding the fixed-length field to the head of the first intermediate data to generate the applet encrypted packet.
8. The method of claim 7, wherein extracting the applet inclusion data from the applet encryption package via at least one key agreed upon with the client tool and a decryption processing algorithm comprises:
unpacking the small program packet, acquiring a fixed-length field from the head of unpacking result data, and acquiring the data length of encrypted data according to the fixed-length field;
reading the encrypted data from the unpacking result data according to the data length of the encrypted data, and decrypting the encrypted data by using a data decryption key to obtain original data;
extracting a standard signature string, the length of a character string of a first random character string and the data length of the applet inclusion data from the original data;
and when the standard signature string is verified to be a legal signature through the signature decryption key, extracting the applet packet body data from the unpacking result data according to the length of the character string and the data length of the applet packet body data.
9. The method of claim 8, wherein verifying the canonical signature string as a legitimate signature by a signature decryption key comprises:
acquiring at least one interface parameter of the applet uploading interface, and sequencing the interface parameters to obtain a first character string;
splicing the first character string signature decryption secret keys to obtain a second character string;
performing data signature calculation on the second character string to obtain a verification signature string;
and if the standard signature string of the verification signature string is the same, determining that the standard signature string is a legal signature.
10. The method of claim 8, further comprising, after extracting the standard signature string, the string length of the first random string, and the data length of the applet inclusion data from the original data:
and if the standard signature string is verified to be an illegal signature through the signature decryption key, discarding the small program encryption packet.
11. An encrypted upload apparatus for an applet package, comprising:
the acquisition module is used for acquiring the applet inclusion data to be uploaded;
the data generation module is used for generating head confusion data through at least one secret key appointed with the applet server and an encryption processing algorithm;
the encryption module is used for adding the head confusion data into the head of the applet inclusion data to generate an applet encryption package; the secret key comprises a data encryption secret key and a signature encryption secret key;
the uploading module is used for uploading the applet encrypted package to the applet server;
wherein, the data generation module includes:
the encrypted data generating unit is used for generating a first random character string and generating encrypted data according to the length of the first random character string, the data length of the applet inclusion data and the data encryption key;
an obfuscated data generating unit configured to use the first random character string, the encrypted data, and a data length of the encrypted data as the header obfuscated data;
the encryption module includes:
the first adding unit is used for adding a first random character string to the head of the applet inclusion data to obtain first intermediate data;
a second adding unit, configured to add the encrypted data to a header of the first intermediate data to obtain second intermediate data;
and the encryption unit is used for filling the data length of the encrypted data into a fixed-length field, adding the fixed-length field into the head of the first intermediate data and generating the applet encryption packet.
12. An apparatus for decryption deployment of an applet package, comprising:
the encryption package acquisition module is used for acquiring an applet encryption package uploaded by a client tool, wherein the applet encryption package comprises: the applet inclusion data and the header obfuscation data located at a header of the applet inclusion data;
the decryption module is used for extracting the applet body data from the applet encryption package through at least one secret key and a decryption processing algorithm which are agreed with the client tool; the secret key comprises a data encryption secret key and a signature encryption secret key;
the deployment module is used for deploying the small programs according to the small program inclusion data;
the generation process of the head confusion data comprises the following steps:
generating a first random character string, and generating encrypted data according to the length of the first random character string, the data length of the applet inclusion data and a data encryption key;
taking the first random character string, the encrypted data, and a data length of the encrypted data as the header obfuscation data;
the generation process of the applet encrypted package comprises the following steps:
adding a first random character string to the head of the applet inclusion data to obtain first intermediate data;
adding the encrypted data to the head of the first intermediate data to obtain second intermediate data;
and filling the data length of the encrypted data into a fixed-length field, and adding the fixed-length field to the head of the first intermediate data to generate the applet encrypted packet.
13. The apparatus of claim 12, wherein the decryption module comprises:
the unpacking unit is used for unpacking the small program packet, acquiring a fixed-length field from the head of unpacking result data, and acquiring the data length of encrypted data according to the fixed-length field;
the reading unit is used for reading the encrypted data from the unpacking result data according to the data length of the encrypted data and decrypting the encrypted data by using a data decryption secret key to obtain original data;
the extraction unit is used for extracting a standard signature string, the string length of a first random string and the data length of the applet inclusion data from the original data;
and the verification unit is used for extracting the applet packet body data from the unpacking result data according to the character string length and the data length of the applet packet body data when the standard signature string is verified to be a legal signature through the signature decryption secret key.
14. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method for encrypted upload of a applet package according to any one of claims 1-6.
15. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of decrypted deployment of a applet package according to any one of claims 7 to 10.
16. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the encrypted upload method of a applet package according to any one of claims 1 to 6.
17. A non-transitory computer readable storage medium storing computer instructions for causing a computer to execute the method for decrypting the small program package according to any one of claims 7 to 10.
CN201911257866.XA 2019-12-10 2019-12-10 Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package Active CN111049897B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911257866.XA CN111049897B (en) 2019-12-10 2019-12-10 Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911257866.XA CN111049897B (en) 2019-12-10 2019-12-10 Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package

Publications (2)

Publication Number Publication Date
CN111049897A CN111049897A (en) 2020-04-21
CN111049897B true CN111049897B (en) 2023-02-17

Family

ID=70235414

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911257866.XA Active CN111049897B (en) 2019-12-10 2019-12-10 Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package

Country Status (1)

Country Link
CN (1) CN111049897B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111708990A (en) * 2020-05-15 2020-09-25 支付宝(杭州)信息技术有限公司 Applet starting method, signature method, device, server and medium
CN112016104B (en) * 2020-07-14 2024-04-23 北京淇瑀信息科技有限公司 Encryption method, device and system for financial sensitive data
CN112559980B (en) * 2020-11-24 2023-05-05 深圳凡泰极客科技有限责任公司 Applet runtime capable of embedding a plurality of random APP
CN112764801A (en) * 2021-01-19 2021-05-07 浪潮金融信息技术有限公司 Software deployment and version control system, method and medium for self-service terminal

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103544414B (en) * 2013-10-25 2015-08-19 江苏通付盾信息科技有限公司 A kind of degree of depth Code obfuscation method of android system application
CN105701410A (en) * 2015-12-31 2016-06-22 华为技术有限公司 Information, device and system for obtaining information in source codes
CN106034119A (en) * 2015-03-16 2016-10-19 阿里巴巴集团控股有限公司 Encryption mixing method and device for application installation package
CN106326693A (en) * 2016-08-18 2017-01-11 广州优视网络科技有限公司 Obfuscation method and obfuscation device for application program code
CN107122629A (en) * 2017-04-19 2017-09-01 山东省计算中心(国家超级计算济南中心) It is a kind of that reinforcement means is cooperateed with based on the Android software obscured at random
CN108769027A (en) * 2018-05-31 2018-11-06 深圳壹账通智能科技有限公司 Safety communicating method, device, mobile terminal and storage medium
CN109241707A (en) * 2018-08-09 2019-01-18 北京邮电大学 Application program obscures method, apparatus and server
CN109858203A (en) * 2018-12-21 2019-06-07 厦门市美亚柏科信息股份有限公司 A kind of safety protecting method, device and the storage medium of Android platform application

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070217603A1 (en) * 2006-03-15 2007-09-20 Terayon Communication Systems, Inc. Decryption key reuse in encrypted digital data stream distribution systems
CN106161179B (en) * 2015-03-26 2019-12-20 中兴通讯股份有限公司 Media processing method and device based on real-time communication of webpage
CN108259479B (en) * 2017-12-28 2021-05-11 广州启生信息技术有限公司 Business data processing method, client and computer readable storage medium
CN108197439B (en) * 2018-01-04 2020-05-08 武汉斗鱼网络科技有限公司 File encryption method and device and server
CN108989325A (en) * 2018-08-03 2018-12-11 华数传媒网络有限公司 Encryption communication method, apparatus and system
CN109992935B (en) * 2019-03-15 2021-05-25 同盾控股有限公司 Source code protection method and device
CN110225059A (en) * 2019-06-26 2019-09-10 南京奥拓电子科技有限公司 A kind of banking machine people's safe transmission method based on ZigBee

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103544414B (en) * 2013-10-25 2015-08-19 江苏通付盾信息科技有限公司 A kind of degree of depth Code obfuscation method of android system application
CN106034119A (en) * 2015-03-16 2016-10-19 阿里巴巴集团控股有限公司 Encryption mixing method and device for application installation package
CN105701410A (en) * 2015-12-31 2016-06-22 华为技术有限公司 Information, device and system for obtaining information in source codes
CN106326693A (en) * 2016-08-18 2017-01-11 广州优视网络科技有限公司 Obfuscation method and obfuscation device for application program code
CN107122629A (en) * 2017-04-19 2017-09-01 山东省计算中心(国家超级计算济南中心) It is a kind of that reinforcement means is cooperateed with based on the Android software obscured at random
CN108769027A (en) * 2018-05-31 2018-11-06 深圳壹账通智能科技有限公司 Safety communicating method, device, mobile terminal and storage medium
CN109241707A (en) * 2018-08-09 2019-01-18 北京邮电大学 Application program obscures method, apparatus and server
CN109858203A (en) * 2018-12-21 2019-06-07 厦门市美亚柏科信息股份有限公司 A kind of safety protecting method, device and the storage medium of Android platform application

Also Published As

Publication number Publication date
CN111049897A (en) 2020-04-21

Similar Documents

Publication Publication Date Title
CN111049897B (en) Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package
JP6616471B2 (en) Stochastic processing
US10587589B2 (en) System and methods for dynamically and randomly encrypting and decrypting data
CN106687980B (en) Management program and virtual machine protection
CN105339890A (en) Framework for running untrusted code
CN109284585B (en) Script encryption method, script decryption operation method and related device
CN105320535A (en) Checking method of installation package, client side, server and system
KR101695639B1 (en) Method and system for providing application security service based on cloud
WO2023029447A1 (en) Model protection method, device, apparatus, system and storage medium
CN105099676A (en) User login method, user terminal and server
CN112564887A (en) Key protection processing method, device, equipment and storage medium
CN103853943A (en) Program protection method and device
US8918653B2 (en) Protection of interpreted source code in virtual appliances
CN115795513A (en) File encryption method, file decryption method, file encryption device, file decryption device and equipment
CN114363088B (en) Method and device for requesting data
CN105404470B (en) Date storage method and safety device, data-storage system
Graf et al. Checking applications using security APIs with JOANA
CN110932853B (en) Key management device and key management method based on trusted module
CN117201120A (en) Information encryption method, device, computer equipment and storage medium
CN112654986A (en) Enabling software distribution
CN112597453A (en) Program code encryption and decryption method and device
CN112825093A (en) Security baseline checking method, host, server, electronic device and storage medium
CN115828228B (en) Method and device for verifying memory horse detection capability and electronic equipment
CN114124542B (en) Method for exporting confidential data to shared security area after approval by research and development network
CN110780884B (en) Information processing method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant