CN111931213A - File processing method, device, terminal and storage medium - Google Patents
File processing method, device, terminal and storage medium Download PDFInfo
- Publication number
- CN111931213A CN111931213A CN202010846604.3A CN202010846604A CN111931213A CN 111931213 A CN111931213 A CN 111931213A CN 202010846604 A CN202010846604 A CN 202010846604A CN 111931213 A CN111931213 A CN 111931213A
- Authority
- CN
- China
- Prior art keywords
- rollback
- file
- target file
- encrypted
- parameters
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/16—File or folder operations, e.g. details of user interfaces specifically adapted to file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The application discloses a file processing method, which comprises the following steps: responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation; encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters; and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing. The application also discloses a file processing device, a terminal and a computer readable storage medium. The method and the device for preventing the rollback operation are not only capable of only matching the mirror image as in the prior art, and the related faces and contents of the files are wider, so that the limitation of the rollback operation is reduced, the limitation of the rollback operation is avoided, and the diversity of the rollback operation is improved.
Description
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a file processing method, an apparatus, a terminal, and a storage medium.
Background
At present, an Anti-Rollback mechanism (ARB) on Android equipment has safe starting provided by a platform manufacturer, and AVB2.0 provided by Google can provide an ARB mechanism for some important images. However, the current ARB mechanism can only perform operations for images, resulting in the limitation of the ARB mechanism.
Disclosure of Invention
The embodiment of the application provides a file processing method, a device terminal and a storage medium, and aims to solve the technical problem that the existing anti-rollback mechanism only can execute operation aiming at a mirror image, so that the limitation of the anti-rollback mechanism is caused.
In order to achieve the above object, an aspect of the present application provides a file processing method, including:
responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters;
and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
In order to achieve the above object, another aspect of the present application further provides a document processing apparatus, including: an acquisition module, an encryption module and a processing module,
the acquisition module is used for responding to the anti-rollback processing operation of the file and acquiring the encryption information and the anti-rollback parameters required by the anti-rollback processing operation;
the encryption module is used for encrypting the anti-rollback parameter by using the encryption information to form an encrypted anti-rollback parameter;
and the processing module is used for adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
In order to achieve the above object, another aspect of the present application further provides a terminal, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor executes the computer program to implement the following steps:
responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters;
and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
To achieve the above object, another aspect of the present application further provides a computer-readable storage medium, on which a computer program is stored, the computer program, when executed by a processor, implementing the steps of:
responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters;
and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
According to the method and the device, the anti-rollback operation is performed on the file, the encrypted anti-rollback parameter is added to the target file in an encryption anti-rollback parameter mode, and anti-rollback processing is performed on the target file. The anti-rollback processing is performed by taking the file as a unit, and not only mirror images as in the prior art, so that the related faces and contents of the file are wider, the limitation of anti-rollback operation is reduced, the limitation of the anti-rollback operation is avoided, and the diversity of the anti-rollback operation is improved.
Drawings
Fig. 1 is a schematic diagram of a hardware structure of a terminal implementing various embodiments of the present application;
FIG. 2 is a schematic operational flow diagram illustrating an embodiment of a document processing method according to the present application;
FIG. 3 is a schematic operational flow chart of another embodiment of a document processing method of the present application;
FIG. 4 is a flowchart illustrating an operation of encrypting anti-rollback parameters according to an embodiment of the present application;
fig. 5 is a schematic view illustrating an operation flow of adding the encrypted anti-rollback parameter to the target file in an embodiment of the present application;
FIG. 6 is a schematic flow chart illustrating operation of yet another embodiment of a document processing method of the present application;
FIG. 7 is a flowchart illustrating an operation performed by the load operation of the target file according to an embodiment of the present application;
FIG. 8 is a schematic diagram illustrating an operational flow used by an anti-rollback mechanism according to an embodiment of the present application;
FIG. 9 is a flowchart illustrating operation of yet another embodiment of the document processing method of the present application;
FIG. 10 is a flowchart illustrating operations performed to load the target file according to yet another embodiment of the document processing method of the present application;
FIG. 11 is a block diagram illustrating an architecture of a document processing apparatus according to an embodiment of the present application;
FIG. 12 is a block diagram of a document processing apparatus according to another embodiment of the present application;
FIG. 13 is a block diagram of a document processing apparatus according to another embodiment of the present application.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
Embodiments of the present application are: responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation; encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters; and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
The terminal described herein may be implemented in various forms. For example, the terminal may include a mobile terminal such as a mobile phone, a tablet computer, a notebook computer, a palm top computer, a Personal Digital Assistant (PDA), a Portable Media Player (PMP), a navigation device, a wearable device, a smart band, a pedometer, and the like.
Referring to fig. 1, fig. 1 is a schematic device structure diagram of a hardware operating environment related to a method according to an embodiment of the present application
As shown in fig. 1, the mobile terminal may include: a processor 1001 such as a CPU, a memory 1003, a communication bus 1004, a user input unit 1002, a display unit 1005. The communication bus 1004 is used for realizing connection and communication between the processor 1001 and the memory 1003. The memory 1003 may be a high-speed RAM memory or a non-volatile memory (e.g., a disk memory). The memory 1003 may alternatively be a storage device separate from the processor 1001.
Optionally, the mobile terminal further comprises at least one sensor, such as a light sensor, a motion sensor, and other sensors. The accelerometer sensor is used as one of the motion sensors, can detect the magnitude of acceleration in each direction (generally three axes), can detect the magnitude and direction of gravity when the mobile phone is static, and can be used for applications of recognizing the gesture of the mobile phone (such as horizontal and vertical screen switching, related games, magnetometer gesture calibration), vibration recognition related functions (such as pedometer and knocking) and the like; as for other sensors such as a fingerprint sensor, a pressure sensor, an iris sensor, a molecular sensor, a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured on the mobile phone, further description is omitted here.
Alternatively, the display unit 1005 is used to display a message input by the user or a message provided to the user. The Display unit 1005 may include a Display panel, and the Display panel may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like.
Alternatively, the user input unit 1002 may be used to receive input numeric or character messages and generate key signal inputs related to user settings and function control of the mobile terminal. In particular, the user input unit 1002 may include a touch panel and other input devices. The touch panel, also called a touch screen, may collect touch operations of a user (for example, operations of the user on or near the touch panel using any suitable object or accessory such as a finger, a stylus, etc.) and drive the corresponding connection device according to a preset program. The user input unit 1002 may include other input devices in addition to a touch panel. In particular, the other input devices may include, but are not limited to, one or more of a physical keyboard, a function key (such as a volume control key, a switch key, etc.), a trackball, a mouse, a joystick, and the like, which are not limited herein.
Alternatively, the processor 1001 is a control center of the mobile terminal, connects various parts of the entire mobile terminal using various interfaces and lines, and performs various functions of the mobile terminal and processes data by running or executing software programs and/or modules stored in the memory 1003 and calling data stored in the memory 1003, thereby performing overall monitoring of the mobile terminal. Processor 1001 may include one or more processing units; optionally, the processor 1001 may integrate an application processor and a modem processor, wherein the application processor mainly handles operating systems, user interfaces, application programs, and the like, and the modem processor mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 1001.
Alternatively, the memory 1003 may be used to store software programs as well as various data. The memory 1003 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, and the like), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, the memory 1003 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
Those skilled in the art will appreciate that the mobile terminal architecture shown in fig. 1 is not intended to be limiting of the terminal, and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
In the mobile terminal shown in fig. 1, the processor 1001 is configured to execute a file processing application in the memory 1003, and implements the following steps:
responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters;
and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
To better illustrate the examples of the present application, some terms used in the present application are explained in the following table:
EFUSE, only one fuse at a time can be programmed.
ARB, anti-rollback mechanism, set ARB value.
Referring to fig. 2, fig. 2 is a schematic view illustrating an operation flow of the document processing method of the present application; the file processing method comprises the following steps:
step S10, responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
the file category is very wide, and software or programs such as antivirus and game running on a computer can be called files. A file is an ordered sequence of a set of associated elements with symbols. A file may contain a very wide range of content. Both the system and the user may name a program module, a set of data or a set of text with certain independent functions as a file.
The file may be an application program file in the terminal, a file recorded by the user, daily call data of the user, daily system file data of the user, and the like, and is not limited to the above-mentioned exemplary data.
Generally, data stored in a terminal involves a use operation such as an outgoing process, a call, or an open. The main body performing the anti-rollback operation may be software loaded in the terminal or a file processing server.
Triggering file rollback prevention processing operation, wherein the triggering can be manual triggering or automatic triggering of a user; and manually triggering, namely selecting to enter anti-rollback processing operation software by a user, importing a target file to be processed through an operation interface of the software, and triggering anti-rollback processing operation through a virtual key on the operation interface provided by the anti-rollback processing operation software. The automatic triggering may be triggered by detecting a file type, for example, whether the file type is an anti-rollback processing operation, or a file usage type, for example, whether the file type is an outgoing type or an open type or an update type, where the anti-rollback processing operation is triggered when the set usage type of the anti-rollback processing operation is the same, for example, when the file is an update type, the anti-rollback processing operation is triggered, and after the automatic triggering, the anti-rollback operation is executed in the background without affecting the operation of the user in the foreground.
After the anti-rollback processing operation of the file is triggered, the encryption information and the anti-rollback parameters required by the anti-rollback processing operation are obtained in response to the anti-rollback processing operation of the file.
The encrypted information is a set of encryption key pairs, the encryption key pairs can be symmetric encryption key pairs or asymmetric encryption key pairs, the secret information can be a pair of encryption and decryption keys generated in advance, the secret information can be generated fixedly, and the set of keys can be generated randomly by openssl. The anti-rollback operation may be an ARB value, e.g., 0, 1, 2, or 5, etc., set in advance. Among them, Openssl, Open Secure Sockets Layer, Open Secure socket Layer protocol.
In an embodiment, referring to fig. 3, before the step of obtaining the encryption information and the anti-rollback parameters required by the anti-rollback processing operation in response to the anti-rollback processing operation of the file, the method further includes:
step S40, when compiling the software, determining the compiling environment of the software compiling;
and step S50, receiving compiled and input anti-rollback parameters in the compiling environment, and taking the compiled and input anti-rollback parameters as anti-rollback parameters required by anti-rollback processing operation.
The process for forming the anti-rollback parameter is related to the compiling environment, different anti-rollback parameters are configured according to different compiling environments, and specifically, at the time of software compiling, namely, at the time of file processing software compiling, different ARB values can be input according to different compiling environments according to ARB values configured in the compiling environment (default or factory compiling input). The ARB values of different compiling inputs under different compiling conditions are distinguished through different compiling environments, and the ARB value setting accuracy is improved. Of course, in an embodiment, the ARB value may also be directly determined according to a compiling environment, corresponding ARB values are set in different compiling environments, and after the compiling environment is determined, the ARB value is used as the rollback prevention parameter in the current compiling environment according to the set corresponding ARB value.
The encryption key may be a more stringent key, such as an asymmetric key.
In order to avoid repeated use of the key or string use between different items or different files, different keys can be executed for different items or different files, the different keys are used for safekeeping, the keys are identified through different file types or different file item identifications, and different keys are used for encrypting different file types or different items.
Optionally, in an embodiment, for the important file, the important file includes: for example, a call record, a WeChat file and the like are provided with labels, the important files need to be subjected to a rollback prevention mechanism, the files need to be subjected to the rollback prevention mechanism through an ARB encryption mechanism, and the problems that the files are used wrongly and the use is influenced due to the use of previous versions are solved.
Step S20, encrypting the anti-rollback parameter by using the encryption information to form an encrypted anti-rollback parameter;
after the encryption information and the anti-rollback parameter required by the anti-rollback processing operation are obtained, the anti-rollback parameter is encrypted by using the encryption information to form the encrypted anti-rollback parameter, and the encryption operation can be to encrypt an ARB value by using a secret key and generate a ciphertext with a fixed length after encryption. A fixed-length cipher text is generated by a fixed-size key and a fixed algorithm. The fixed algorithm can be an AES algorithm, a DES algorithm or an RC4 algorithm, and the fixed length can be 45 bits or other lengths according to requirements.
In one embodiment, referring to fig. 4, the process of encryption, for example, AES encrypting 0 (original ARB value), using symmetric key "test", results in 4-bit ciphertext after encryption: 2FsdGVkX198b1BHxv2g1GJ8CF2w3ytypJLVR + U04y4 ═ y; if ART is 5, encryption is carried out, the key is not changed, and a ciphertext with a fixed length is obtained: u2FsdGvkX1+ ol/Qk00ULevi0whHTzScOddfP3fWYa/k ═ g. The formed cipher text is the encrypted anti-rollback parameter.
And step S30, adding the encrypted anti-rollback parameter to a target file to generate the anti-rollback processed target file, wherein the target file is a file needing anti-rollback processing.
After the anti-rollback parameters are encrypted, the encrypted anti-rollback parameters need to be added to a target file, wherein the target file is a file needing to be opened or a file needing to be used, namely the file needing anti-rollback processing; the mode of anti-rollback processing files is as follows: and adding the anti-rollback parameter to the target file by encrypting the anti-rollback parameter so as to finish anti-rollback processing of the target file. When such files are transferred, used and opened subsequently, the original file can be obtained only by decryption, namely the target file before anti-rollback processing is carried out. The adding of the encrypted anti-rollback parameter to the target file may be adding the encrypted anti-rollback parameter to a head of the target file or to another position, where the another position is a position that does not affect a structure of the target file, for example, a file tail.
In the embodiment, the anti-rollback operation is performed on the file, and the encrypted anti-rollback parameter is added to the target file in an encryption anti-rollback parameter mode, so that the anti-rollback processing is performed on the target file. The anti-rollback processing is performed by taking the file as a unit, and not only mirror images as in the prior art, so that the related faces and contents of the file are wider, the limitation of anti-rollback operation is reduced, the limitation of the anti-rollback operation is avoided, and the diversity of the anti-rollback operation is improved.
In an embodiment of the present application, referring to fig. 5, the step of adding the encrypted anti-rollback parameter to the target file includes:
and step S31, adding the encrypted anti-rollback parameter to the head of the target file.
The target file is a file which needs to be added with the ARB anti-rollback processing, namely, the file needs to be added with the ARB mechanism, after the anti-rollback parameter is encrypted to form an encrypted anti-rollback parameter, a ciphertext needed by the anti-rollback processing is formed, and then the ciphertext is put into the head of the target file which needs to be added with the ARB mechanism.
The embodiment adds the ciphertext into the head of the target file, so that the structure of the target file is not affected, the probability of damage to the target file caused by anti-rollback processing is reduced, the integrity of the target file is ensured, the ciphertext is added to the head, when the file is used, the anti-rollback processing mark can be determined quickly through recognition of file head information, the original file is recognized and processed, and the recognition performance and the operation convenience of the file are improved.
In an embodiment of the present application, referring to fig. 6, after the step of adding the encrypted anti-rollback parameter to the target file to generate the anti-rollback processed target file, the method further includes:
step S60, responding to the file loading operation, reading the target file added with the encrypted anti-rollback parameter;
step S70, executing decryption operation on the encrypted anti-rollback parameters in the target file to obtain decrypted anti-rollback parameters;
and step S80, when the decrypted anti-rollback parameter matches with the anti-rollback parameter in the storage device, executing the loading operation of the target file.
The method comprises the steps that a terminal loads a target file subjected to anti-rollback processing, encrypted anti-rollback parameters in the target file need to be decrypted first, the decrypted anti-rollback parameters are obtained after decryption operation, the decrypted ARB needs to be compared with an ARB value stored in terminal storage equipment, when the ARB values are the same or matched, the target file is loaded, and when the ARB values are different or not matched, the target file is not loaded.
In the embodiment, the anti-rollback parameter is encrypted and then added to the target file, and when the target file needs to be opened or used, the anti-rollback parameter needs to be decrypted, so that the problem that the anti-rollback is invalid due to file overlapping updating can be avoided, the use safety of the file is improved, the anti-rollback operation can be realized only by mirroring, and the expansibility of the anti-rollback operation is improved.
In an embodiment, referring to fig. 7, the step of executing the load operation of the target file includes:
and step S61, skipping the anti-rollback parameters in the target file added with the encrypted anti-rollback parameters, acquiring the target file, and completing the loading operation of the target file.
Exemplary description: and adding the encrypted anti-rollback parameter to the head of the file in the target file after the anti-rollback operation, namely forming a ciphertext at the head of the target file, wherein the ciphertext is formed by encrypting the anti-rollback parameter. When reading the target file, the ciphertext needs to be skipped to operate.
Optionally, the step of skipping the anti-rollback parameter in the target file to which the encrypted anti-rollback parameter is added includes: deleting the part of the target file added with the encrypted anti-rollback parameters, which comprises the encrypted anti-rollback parameters; alternatively, the first and second electrodes may be,
and skipping the part of the target file added with the encrypted anti-rollback parameters, which comprises the encrypted anti-rollback parameters, by adopting an offset mode.
Illustratively, when a target file is read, a ciphertext with a fixed length is cut off from a file header file, or the ciphertext is directly skipped through an offset mode to obtain original file data for loading use, that is, the ciphertext is directly avoided to obtain the target file.
When the terminal is operated, an anti-rollback mechanism is added to some important configuration files and is bound with the ART value of the equipment, and if important modification exists, replacement of the important configuration files into early files for use can be prevented in such a way; not only files, including some newly added images, executables, etc. may be defended in this way.
According to the embodiment, the anti-rollback mechanism is bound with the terminal, the correctness of the target file can be judged through the verification of the ARB value, the use incorrectness of the file is avoided, the safety of the file is improved, and meanwhile the accuracy of the operation of matching the file and the file is improved.
In one embodiment, referring to fig. 8, the anti-rollback mechanism uses a process comprising:
1. encrypting the file, and adding an anti-rollback mechanism:
1.1, generating a pair of encryption and decryption keys, wherein the encryption and decryption keys can be generated fixedly and randomly by openssl;
and 1.2, during software compiling, encrypting the ART value by using the secret key according to the ART value (manufacturer compiling input) configured in the compiling environment, and generating a ciphertext with a fixed length after encrypting. (fixed size keys and fixed algorithms to generate fixed length ciphertexts);
specific processes, for example: AES encryption is carried out on 0 (original ART value), a symmetric key 'test' is used, and a 45-bit ciphertext is obtained after encryption;
U2FsdGVkX198b1BHxv2g1GJ8CF2w3ytypJLVR+U04y4=
if ART is 5, encrypt, the key does not change, get the ciphertext fixed in length;
U2FsdGVkX1+ol/Qk00ULevi0whHTzScOddfP3fWYa/k=
and putting the ciphertext into the head of the file needing to be added with an ARB mechanism.
2. File read/load process:
2.1, when the file is loaded by the equipment, reading the head data with fixed length;
2.2, decrypting the head data;
2.3, matching with an ARB value in an equipment EFUSE (one-time programmable memory), if equal, loading, and if different, not loading;
and 2.4, cutting off the ciphertext with the fixed length from the file header, or directly skipping the ciphertext through offset to obtain the original file data for loading and using.
The anti-rollback mechanism of the embodiment is set, and the anti-rollback mechanism is added to some important configuration files and is bound with the ART value of the equipment, and if important modification exists, the important configuration files can be prevented from being replaced by early files for use; not only files, including some newly added images, executables, etc. can be defended in this way; a file-level anti-rollback mechanism is newly added, so that the safety of the equipment is not only mirror image, but also deep into the file. According to the concept that Linux is all files, the set of mechanism can be used on a plurality of files and mirror images and is supplemented to places where google and qualcomm are not defended.
In an embodiment, referring to fig. 9, the file processing method includes:
step S01, responding to the file loading operation, reading the target file added with the encrypted anti-rollback parameter;
step S02, executing decryption operation on the anti-rollback parameters in the target file to obtain decrypted anti-rollback parameters;
and step S03, when the decrypted anti-rollback parameter matches with the anti-rollback parameter in the storage device, executing the loading operation of the target file.
The method comprises the steps that a terminal loads a target file subjected to anti-rollback processing, encrypted anti-rollback parameters in the target file need to be decrypted first, the decrypted anti-rollback parameters are obtained after decryption operation, the decrypted ARB needs to be compared with an ARB value stored in terminal storage equipment, when the ARB values are the same or matched, the target file is loaded, and when the ARB values are different or not matched, the target file is not loaded.
In the embodiment, the anti-rollback parameter is encrypted and then added to the target file, and when the target file needs to be opened or used, the anti-rollback parameter needs to be decrypted, so that the problem that the anti-rollback is invalid due to file overlapping updating can be avoided, the use safety of the file is improved, the anti-rollback operation can be realized only by mirroring, and the expansibility of the anti-rollback operation is improved.
In an embodiment, referring to fig. 10, the step of executing the load operation of the target file includes:
and step S11, skipping the anti-rollback parameters in the target file added with the encrypted anti-rollback parameters, acquiring the target file, and completing the loading operation of the target file.
Exemplary description: and adding the encrypted anti-rollback parameter to the head of the file in the target file after the anti-rollback operation, namely forming a ciphertext at the head of the target file, wherein the ciphertext is formed by encrypting the anti-rollback parameter. When reading the target file, the ciphertext needs to be skipped to operate.
Optionally, the step of skipping the anti-rollback parameter in the target file to which the encrypted anti-rollback parameter is added includes: deleting the part of the target file added with the encrypted anti-rollback parameters, which comprises the encrypted anti-rollback parameters; alternatively, the first and second electrodes may be,
and skipping the part of the target file added with the encrypted anti-rollback parameters, which comprises the encrypted anti-rollback parameters, by adopting an offset mode.
Illustratively, when a target file is read, a ciphertext with a fixed length is cut off from a file header file, or the ciphertext is directly skipped through an offset mode to obtain original file data for loading use, that is, the ciphertext is directly avoided to obtain the target file.
When the terminal is operated, an anti-rollback mechanism is added to some important configuration files and is bound with the ART value of the equipment, and if important modification exists, replacement of the important configuration files into early files for use can be prevented in such a way; not only files, including some newly added images, executables, etc. may be defended in this way.
According to the embodiment, the anti-rollback mechanism is bound with the terminal, the correctness of the target file can be judged through the verification of the ARB value, the use incorrectness of the file is avoided, the safety of the file is improved, and meanwhile the accuracy of the operation of matching the file and the file is improved.
Before loading the file, the following steps can be also carried out: responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation; encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters; and adding the encrypted anti-rollback parameter to a target file to generate the anti-rollback processed target file, wherein the target file is a file needing anti-rollback processing.
The present application also proposes a document processing apparatus, referring to fig. 11, the apparatus including: an acquisition module 10, an encryption module 20 and a processing module 30,
the obtaining module 10 is configured to respond to a rollback prevention processing operation of a file, and obtain encryption information and rollback prevention parameters required by the rollback prevention processing operation;
the encryption module 20 is configured to encrypt the anti-rollback parameter by using the encryption information to form an encrypted anti-rollback parameter;
the processing module 30 is configured to add the encrypted anti-rollback parameter to a target file to generate an encrypted target file, where the target file is a file that needs to be subjected to anti-rollback processing
Further, the encryption module 20 is further configured to add the encrypted anti-rollback parameter to the header of the target file.
Further, referring to fig. 12, the apparatus further includes: a determination module 40 and a receiving module 50,
the determining module 40 is configured to determine a compiling environment of software compiling when the software compiling is performed;
the receiving module 50 is configured to receive the compiled and input anti-rollback parameter in the compiling environment, and use the compiled and input anti-rollback parameter as an anti-rollback parameter required by the anti-rollback processing operation.
Further, referring to fig. 13, the apparatus further includes: a reading module 60 and a decryption module 70,
the reading module 60 is configured to read, in response to a file loading operation, a target file to which the encrypted anti-rollback parameter is added;
the decryption module 60 is configured to perform a decryption operation on the encrypted anti-rollback parameter in the target file to obtain a decrypted anti-rollback parameter;
the processing module 30 is further configured to execute a loading operation of the target file when the decrypted anti-rollback parameter matches the anti-rollback parameter in the storage device.
Further, the processing module 30 is further configured to skip the anti-rollback parameter in the target file to which the encrypted anti-rollback parameter is added, obtain the target file, and complete the loading operation of the target file.
Further, the processing module 30 is further configured to delete a part of the target file to which the encrypted anti-rollback parameter is added, which includes the encrypted anti-rollback parameter;
the processing module 30 is further configured to skip the part of the target file to which the encrypted anti-rollback parameter is added, which includes the encrypted anti-rollback parameter, in an offset manner.
The present application also proposes a terminal, where the terminal includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and the processor executes the computer program to implement the following steps:
responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters;
and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
The terminal is provided with a processor, an encryption unit and a decryption unit which are connected with the processor, wherein the encryption unit in the processor encrypts anti-rollback parameters to form encrypted anti-rollback parameters, namely, a ciphertext is formed, the ciphertext is added into a file, when the file is read, the ciphertext needs to be decrypted firstly, the decrypted anti-rollback parameters are obtained through decryption by the decryption unit, the decrypted anti-rollback parameters are compared with the anti-rollback parameters stored in a memory in the terminal and are consistent, the original file is read, the original file is failed to be read, the original file is not read through an anti-rollback mechanism, and the equipment is safe to be a mirror image and is deep into the file through the anti-rollback mechanism with a new file level. According to the concept that Linux is all files, the set of mechanism can be used on a plurality of files and mirror images and is supplemented to places where google and qualcomm are not defended.
The terminal adds the encrypted anti-rollback parameters to the target file by performing anti-rollback operation on the file and encrypting the anti-rollback parameters, and performs anti-rollback processing on the target file. The anti-rollback processing is performed by taking the file as a unit, and not only mirror images as in the prior art, so that the related faces and contents of the file are wider, the limitation of anti-rollback operation is reduced, the limitation of the anti-rollback operation is avoided, and the diversity of the anti-rollback operation is improved.
The present application also proposes a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, realizes the steps of:
responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters;
and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It should be noted that in the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The application can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
While alternative embodiments of the present application have been described, additional variations and modifications of these embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following appended claims be interpreted as including alternative embodiments and all such alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (12)
1. A file processing method, characterized in that the file processing method comprises:
responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters;
and adding the encrypted anti-rollback parameter to a target file to generate the anti-rollback processed target file, wherein the target file is a file needing anti-rollback processing.
2. The method of claim 1, wherein the step of adding the encrypted anti-rollback parameter to the target file comprises:
and adding the encrypted anti-rollback parameter to the head of the target file.
3. The file processing method according to claim 1, wherein, before the step of obtaining the encryption information and the anti-rollback parameter required for the anti-rollback processing operation in response to the anti-rollback processing operation of the file, the method further comprises:
when software compiling is carried out, determining a compiling environment of the software compiling;
and receiving the compiled and input anti-rollback parameters in the compiling environment, and taking the compiled and input anti-rollback parameters as anti-rollback parameters required by anti-rollback processing operation.
4. The file processing method according to any one of claims 1 to 3, wherein the step of adding the encrypted anti-rollback parameter to a target file to generate an anti-rollback processed target file, where the target file is a file that needs anti-rollback processing, further comprises:
reading the target file added with the encrypted anti-rollback parameters in response to file loading operation;
executing decryption operation on the encrypted anti-rollback parameters in the target file to obtain decrypted anti-rollback parameters;
and when the decrypted anti-rollback parameters are matched with the anti-rollback parameters in the storage device, executing the loading operation of the target file.
5. The file processing method according to claim 4, wherein the step of performing the load operation of the target file comprises:
skipping the anti-rollback parameters in the target file added with the encrypted anti-rollback parameters, obtaining the target file, and completing the loading operation of the target file.
6. The file processing method according to claim 5, wherein the step of skipping the anti-rollback parameter in the target file to which the encrypted anti-rollback parameter is added comprises:
deleting the part of the target file added with the encrypted anti-rollback parameters, which comprises the encrypted anti-rollback parameters; alternatively, the first and second electrodes may be,
and skipping the part of the target file added with the encrypted anti-rollback parameters, which comprises the encrypted anti-rollback parameters, by adopting an offset mode.
7. A file processing method, characterized in that the file processing method comprises:
reading the target file added with the encrypted anti-rollback parameters in response to file loading operation;
executing decryption operation on the anti-rollback parameters in the target file to obtain decrypted anti-rollback parameters;
and when the decrypted anti-rollback parameters are matched with the anti-rollback parameters in the storage device, executing the loading operation of the target file.
8. The file processing method according to claim 7, wherein the step of performing the load operation of the target file comprises:
skipping the anti-rollback parameters in the target file added with the encrypted anti-rollback parameters, obtaining the target file, and completing the loading operation of the target file.
9. The file processing method according to claim 8, wherein the step of skipping the anti-rollback parameter in the target file to which the encrypted anti-rollback parameter is added comprises:
deleting the part of the target file added with the encrypted anti-rollback parameters, which comprises the encrypted anti-rollback parameters; alternatively, the first and second electrodes may be,
and skipping the part of the target file added with the encrypted anti-rollback parameters, which comprises the encrypted anti-rollback parameters, by adopting an offset mode.
10. A document processing apparatus, characterized in that the apparatus comprises: an acquisition module, an encryption module and a processing module,
the acquisition module is used for responding to the anti-rollback processing operation of the file and acquiring the encryption information and the anti-rollback parameters required by the anti-rollback processing operation;
the encryption module is used for encrypting the anti-rollback parameter by using the encryption information to form an encrypted anti-rollback parameter;
and the processing module is used for adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
11. A terminal comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the computer program:
responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters;
and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
12. A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, carries out the steps of:
responding to the anti-rollback processing operation of the file, and acquiring encryption information and anti-rollback parameters required by the anti-rollback processing operation;
encrypting the anti-rollback parameters by using the encryption information to form encrypted anti-rollback parameters;
and adding the encrypted anti-rollback parameter to a target file to generate an encrypted target file, wherein the target file is a file needing anti-rollback processing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010846604.3A CN111931213A (en) | 2020-08-20 | 2020-08-20 | File processing method, device, terminal and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010846604.3A CN111931213A (en) | 2020-08-20 | 2020-08-20 | File processing method, device, terminal and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111931213A true CN111931213A (en) | 2020-11-13 |
Family
ID=73304930
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010846604.3A Pending CN111931213A (en) | 2020-08-20 | 2020-08-20 | File processing method, device, terminal and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111931213A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102105883A (en) * | 2008-06-23 | 2011-06-22 | Nxp股份有限公司 | Electronic device and method of software or firmware updating of an electronic device |
| CN104956374A (en) * | 2013-03-01 | 2015-09-30 | 意法爱立信有限公司 | A method for software anti-rollback recovery |
| CN108304727A (en) * | 2017-01-12 | 2018-07-20 | 联发科技股份有限公司 | The method and apparatus of data processing |
| CN108985049A (en) * | 2018-06-06 | 2018-12-11 | 晶晨半导体(上海)股份有限公司 | Anti- rollback method and system |
| CN109691060A (en) * | 2016-11-17 | 2019-04-26 | 华为技术有限公司 | Electronic equipment, software issue server and its method |
| CN111417926A (en) * | 2018-12-13 | 2020-07-14 | 深圳市大疆软件科技有限公司 | Unmanned aerial vehicle and firmware upgrading method thereof |
-
2020
- 2020-08-20 CN CN202010846604.3A patent/CN111931213A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102105883A (en) * | 2008-06-23 | 2011-06-22 | Nxp股份有限公司 | Electronic device and method of software or firmware updating of an electronic device |
| CN104956374A (en) * | 2013-03-01 | 2015-09-30 | 意法爱立信有限公司 | A method for software anti-rollback recovery |
| CN109691060A (en) * | 2016-11-17 | 2019-04-26 | 华为技术有限公司 | Electronic equipment, software issue server and its method |
| CN108304727A (en) * | 2017-01-12 | 2018-07-20 | 联发科技股份有限公司 | The method and apparatus of data processing |
| CN108985049A (en) * | 2018-06-06 | 2018-12-11 | 晶晨半导体(上海)股份有限公司 | Anti- rollback method and system |
| CN111417926A (en) * | 2018-12-13 | 2020-07-14 | 深圳市大疆软件科技有限公司 | Unmanned aerial vehicle and firmware upgrading method thereof |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6871393B2 (en) | Login information processing method and device | |
| US10963542B2 (en) | Blockchain-based image processing method and apparatus | |
| WO2018090642A1 (en) | Application program upgrade method, user terminal and storage medium | |
| KR102224553B1 (en) | Key storage method, key management method and device | |
| CN112596802A (en) | Information processing method and device | |
| US20140289535A1 (en) | Cryptographic System and Methodology for Securing Software Cryptography | |
| BR112012022783B1 (en) | METHOD, DEVICE AND COMPUTER READABLE STORAGE MEDIA | |
| WO2018090818A1 (en) | Version check method, apparatus and terminal device | |
| EP3455779B1 (en) | Techniques for determining an anti-replay counter for preventing replay attacks | |
| CN106598584A (en) | Resource file processing method, apparatus and system | |
| CN105809000A (en) | Information processing method and electronic device | |
| CN111475832B (en) | Data management method and related device | |
| KR102180529B1 (en) | Application access control method and electronic device implementing the same | |
| CN107209837A (en) | The block-based integrity protection technique of selectivity | |
| CN108334754B (en) | Encryption and decryption method and system for embedded system program | |
| US10567157B2 (en) | Virtual enigma cipher | |
| CN111931213A (en) | File processing method, device, terminal and storage medium | |
| CN109977692B (en) | Data processing method and device, storage medium and electronic equipment | |
| CN109560927B (en) | Equipment fingerprint implementation method and device | |
| US20140366156A1 (en) | Method and device for protecting privacy information with browser | |
| CN109313688A (en) | Key generates source determining device, key generates source and determines that method and key generate source and determine program | |
| US20210218545A1 (en) | Protecting cryptographic key data | |
| KR102368208B1 (en) | File leakage prevention based on security file system and commonly used file access interface | |
| CN110990848A (en) | Sensitive word encryption method and device based on hive data warehouse and storage medium | |
| CN106453335B (en) | Data transmission method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |