CN112637307B - File updating method, system, computer equipment and storage medium - Google Patents

File updating method, system, computer equipment and storage medium Download PDF

Info

Publication number
CN112637307B
CN112637307B CN202011489818.6A CN202011489818A CN112637307B CN 112637307 B CN112637307 B CN 112637307B CN 202011489818 A CN202011489818 A CN 202011489818A CN 112637307 B CN112637307 B CN 112637307B
Authority
CN
China
Prior art keywords
file
updated
terminal
update package
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011489818.6A
Other languages
Chinese (zh)
Other versions
CN112637307A (en
Inventor
周伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Consumer Finance Co Ltd
Original Assignee
Ping An Consumer Finance Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Consumer Finance Co Ltd filed Critical Ping An Consumer Finance Co Ltd
Priority to CN202011489818.6A priority Critical patent/CN112637307B/en
Publication of CN112637307A publication Critical patent/CN112637307A/en
Application granted granted Critical
Publication of CN112637307B publication Critical patent/CN112637307B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Power Engineering (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Stored Programmes (AREA)

Abstract

The present invention relates to the field of information security technologies, and in particular, to a method, a system, a computer device, and a storage medium for updating a file. The file updating method can be applied to a file updating system, and the file updating system comprises a debugging end, a server end and a terminal to be updated; the file updating method comprises the steps of sending an updating package file of a target application to a server through a debugging end; after the terminal to be updated starts the target application, the server side transmits the received update package file to the terminal to be updated; when the terminal to be updated receives an update package file carrying a file identifier, the terminal to be updated requests a first file hash value corresponding to the file identifier from a server, so that the terminal to be updated verifies the update package file based on the first file hash value to obtain a verification result; and when the verification result is that the verification is passed, the update package file is transmitted into the target application for loading and displaying through the terminal to be updated. The method can effectively solve the security problem of the bundle updating package file.

Description

File updating method, system, computer equipment and storage medium
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method, a system, a computer device, and a storage medium for updating a file.
Background
At present, in the development of Native apps, the real Native development is usually used in a mixed manner, and the real Native refers to a cross-platform mobile application development framework. Generally, if a developer modifies a function or configuration in an APP, an executable file of the APP, i.e., a Bundle, needs to be updated to enable the APP to display updated content.
In the current Bundle hot update scheme, a new Bundle is generally generated through a real Native development terminal and uploaded to a server, and then an APP dynamically issues the new Bundle to the APP terminal by responding to an update request through a request update interface by the APP, so as to realize hot update. However, the hot update scheme has a great potential safety hazard, such as that the Bundle package is replaced in the process of dynamically issuing a new Bundle package to the APP end, namely, a network request is maliciously intercepted, so that the APP end downloads an unofficial Bundle hot update package; or, the APP end adopts a root tool to replace the ReactNative bundle packet downloaded to the local after updating, which easily causes unpredictable security problems.
Disclosure of Invention
The embodiment of the invention provides a file updating method, a file updating system, computer equipment and a storage medium, which are used for solving the problems that when an existing salesman checks price inquiry data after modification of a underwriter, the prior submitted price inquiry data can only be compared according to memory so as to position modification points, time is consumed and the underwriter is low in underwriting efficiency.
The file updating method is applied to a file updating system, wherein the file updating system comprises a debugging end, a server end and a terminal to be updated; the file updating method comprises the following steps:
sending an update package file of the target application to a server through the debugging end; wherein, the update package file corresponds to a file identifier and a first file hash value;
after the terminal to be updated starts a target application, establishing network connection between the terminal to be updated and the server so as to send the received update package file to the terminal to be updated through the server;
when the terminal to be updated receives the update package file carrying the file identifier, the terminal to be updated requests a first file hash value corresponding to the file identifier from the server side, so that the terminal to be updated performs verification on the update package file based on the first file hash value to obtain a verification result;
and when the verification result is that the verification is passed, the update package file is transmitted into the target application for loading and displaying through the terminal to be updated, so that file updating is completed.
A file update system, comprising:
the update package file sending module is used for sending the update package file of the target application to the server through the debugging end; wherein, the update package file corresponds to a file identifier and a first file hash value;
the update package file issuing module is used for establishing network connection between the terminal to be updated and the server after the terminal to be updated starts the target application so as to issue the received update package file to the terminal to be updated through the server;
the hash verification module is used for requesting a first file hash value corresponding to the file identifier from the server through the terminal to be updated when the terminal to be updated receives the update package file carrying the file identifier, so that the terminal to be updated verifies the update package file based on the first file hash value to obtain a verification result;
and the file updating module is used for transmitting the updating package file into the target application for loading and displaying through the terminal to be updated when the verification result is that the verification is passed, so as to complete file updating.
A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the above-mentioned file updating method when the computer program is executed.
A computer storage medium storing a computer program which, when executed by a processor, implements the steps of the above-described file updating method.
In the method, the system, the computer equipment and the storage medium for updating the file, when the bundle package file (i.e. the APP executable file) of the real Native module in the target application is updated, the debugging end sends the updated package file (i.e. the updated bundle package file) of the target application, which carries the first file hash value, to the server end, so that after the target application is started by the terminal to be updated, network connection between the terminal to be updated and the server end is established, the received updated package file is issued to the terminal to be updated through the server end, when the terminal to be updated receives the updated package file carrying the file identification, the terminal to be updated requests the server end for the first file hash value corresponding to the file identification, so that the terminal to be updated checks the updated package file based on the first file hash value, and after the terminal to be updated receives the updated package file, the data request of the terminal to be updated returns the first file hash value in response to prevent the updated package file stored in the terminal to be updated from being tampered or replaced. When the verification result is that verification passes, the update package file is transmitted into the target application through the terminal to be updated to be loaded and displayed so as to finish file update, so that the terminal to be updated is ensured to always download the safe bundle update package provided by authorities when the terminal to be updated starts the loading target application each time, and the problem that a root tool replaces the bundle package file downloaded to the local can be effectively solved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments of the present invention will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of an application environment of a file update method according to an embodiment of the present invention;
FIG. 2 is a flow chart of a file update method according to an embodiment of the present invention;
FIG. 3 is a flowchart showing step S203 in FIG. 2;
FIG. 4 is a flow chart of a file update method according to an embodiment of the present invention;
FIG. 5 is a flowchart showing step S201 in FIG. 2;
FIG. 6 is a flowchart showing step S502 in FIG. 5;
FIG. 7 is a flowchart showing step S602 in FIG. 6;
FIG. 8 is a flow chart of a file update method according to an embodiment of the present invention;
FIG. 9 is a schematic diagram of a file update system according to an embodiment of the present invention;
FIG. 10 is a schematic diagram of a computer device in accordance with an embodiment of the invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The file updating method can be applied to an application environment as shown in fig. 1, and the file updating system comprises a debugging end, a server end and a terminal to be updated. The server communicates with the terminal to be updated and the debugging terminal through a network respectively. The debug side may include, but is not limited to, personal computers and notebook computers. Terminals to be updated may be, but are not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices. The server may be implemented by a separate server.
In one embodiment, as shown in fig. 2, a method for updating a file is provided, including the following steps:
s201: sending an update package file of the target application to a server through a debugging end; the update package file corresponds to a file identifier and a first file hash value.
The method can be applied to a file hot updating system, and the system comprises a debugging end, a server end and a terminal to be updated. The debugging end refers to a code editing end corresponding to the reactive module, and a developer can generate a corresponding updated bundle package file after debugging codes at the debugging end in a development test mode. The terminal to be updated may include, but is not limited to, a mobile phone or a tablet computer, etc. The server can respectively establish network connection with the terminal to be updated and the debugging terminal, and is used for receiving and sending the update package file (namely the updated bundle package file). The file identification is used to uniquely identify the update package file, such as a version number. The first file hash value is obtained by the hash calculation of the update package file by the debugging end.
S202: after the terminal to be updated starts the target application, establishing network connection between the terminal to be updated and the server, and sending the received update package file to the terminal to be updated through the server.
S203: when the terminal to be updated receives the update package file carrying the file identifier, the terminal to be updated requests a first file hash value corresponding to the file identifier from the server, so that the terminal to be updated verifies the update package file based on the first file hash value, and a verification result is obtained.
Specifically, in order to solve the problem that when the server side issues an updated bundle package file, the network is intercepted maliciously, so that the bundle package file is replaced, and a user downloads an unofficial bundle hot update package, in this embodiment, the debugging side uploads a hash value of the update package file corresponding to a first file, and uploads the hash value of the first file corresponding to the file identifier to the server side for storage, and when the server side issues the update package file to a terminal to be updated, the server side does not send the hash value of the first file to the terminal to be updated, and only sends the update package file and the corresponding file identifier to the terminal to be updated, so that reliability and security of data transmission between the terminal to be updated and the server side are ensured.
Furthermore, in this embodiment, hash verification is required after the target application is started at the terminal to be updated, and the update package file can be transferred into the target application for loading and displaying only after the verification is passed, so that the security and reliability of the update package file loaded by the target application are effectively ensured.
When the terminal to be updated receives the update package file issued by the server, the second file hash value of the update package file is calculated, the first file hash value of the server is requested to be compared with the second file hash value, so that the integrity of the update package file is checked, if the first file hash value is consistent with the second file hash value, the fact that the update package file received by the terminal to be updated at the moment is consistent with the update package file uploaded by the debugging end received by the server is proved, and a check result passing the check is obtained.
S204: when the verification result is that the verification passes, the update package file is transmitted into the target application for loading and displaying through the terminal to be updated, so that the file update is completed.
It can be appreciated that the thermal update scheme implemented by the present method is as follows: firstly, a debugging end sends an update package file of a target application to a server end; then, the server side transmits the received update package file to the terminal to be updated, the terminal to be updated downloads the update package file according to a bundle download link returned by the server side, and when the terminal to be updated receives the update package file, the terminal to be updated requests a first file hash value corresponding to the file identifier to the server side so that the terminal to be updated can verify the update package file based on the first file hash value to obtain a verification result; and when the verification result is that the verification is passed, transmitting the update package file into the target application for loading and displaying through the terminal to be updated, and finishing the hot update of the file.
In this embodiment, when a bundle file (i.e., an APP executable file) of a real Native module in a target application is hot updated, an update package file of the target application, which carries a first file hash value, is sent to a server through a debug end, so that after the target application is started by a terminal to be updated, a network connection between the terminal to be updated and the server is established, so that the received update package file is sent to the terminal to be updated through the server, when the update package file carrying a file identifier is received by the terminal to be updated, the first file hash value corresponding to the file identifier is requested to the server through the terminal to be updated, so that the update package file is checked by the terminal to be updated based on the first file hash value, so that the first file hash value is saved in the server, and after the update package file is received by the terminal to be updated, a data request of the terminal to be updated is responded again, so as to prevent the update package file stored in the terminal to be updated from being tampered or replaced. When the verification result is that verification passes, the update package file is transmitted into the target application through the terminal to be updated to be loaded and displayed so as to finish file update, so that the terminal to be updated is ensured to always download the safe bundle update package provided by authorities when the terminal to be updated starts the loading target application each time, and the problem that a root tool replaces the bundle package file downloaded to the local can be effectively solved.
In one embodiment, as shown in fig. 3, in step 203, the verification of the update package file based on the first file hash value specifically includes the following steps:
s301: and carrying out hash calculation on the update package file through the terminal to be updated to obtain a second file hash value.
S302: and checking whether the first file hash value is consistent with the second file hash value through the terminal to be updated, and if so, acquiring a checking result passing the checking.
The hash algorithm can be used for carrying out hash calculation on the update package file to obtain a second file hash value. Specifically, when the terminal to be updated receives an update package file issued by the server, a second file hash value of the update package file is calculated, the file hash value of the server is requested to be compared with the second file hash value, so that the integrity of the update package file is checked, if the first file hash value is consistent with the second hash value, it is proved that the update package file received by the terminal to be updated at the moment is consistent with the update package file uploaded by the debugging terminal received by the server, and a check result passing the check is obtained.
Further, when the verification fails, the update process is terminated or the server is requested to issue the update package file again, or the update package file is issued again by the server through feeding back the information of the update failure to the server.
In one embodiment, the update package file also corresponds to an encryption key; as shown in fig. 4, in step S204, that is, when the verification result is that the verification is passed, the update package file is transmitted to the target application for loading and displaying through the terminal to be updated, which specifically includes the following steps:
s401: sending an update package file of the target application to a server through a debugging end; the update package file corresponds to a file identifier, a first file hash value and an encryption key.
S402: after the terminal to be updated starts the target application, establishing network connection between the terminal to be updated and the server, and sending the received update package file to the terminal to be updated through the server.
S403: when the terminal to be updated receives the update package file carrying the file identifier, the terminal to be updated requests a first file hash value corresponding to the file identifier from the server, so that the terminal to be updated verifies the update package file based on the first file hash value, and a verification result is obtained.
S404: and when the verification result is that the verification passes, decrypting the update package file by adopting the encryption key through the terminal to be updated, and obtaining the decrypted update package file.
S405: and transmitting the decrypted update package file into a target application through the terminal to be updated for loading and displaying so as to finish file hot update.
The update package file specifically corresponds to a file identifier, an encryption key and a first file hash value, and when the debug end uploads the update package file, the parameters carried by the update package file are uploaded to the server end together for storage.
Specifically, in another embodiment, the hot update scheme further encrypts the bundle file by generating the bundle file at the debug end, so that when the debug end uploads the update package file, the encryption key of the update package file is uploaded to the server end to be saved, and therefore the security of the bundle file in the transmission process is ensured. When the server side issues the update package file to the terminal to be updated, the encryption key and the first file hash value are not given to the terminal to be updated, so that the reliability and the safety of data transmission between the terminal to be updated and the server side are ensured.
When the terminal to be updated receives an update package file issued by the server, calculating a second file hash value of the update package file, requesting the first file hash value of the server to be compared with the second hash value so as to verify the integrity of the update package file, if the first file hash value is consistent with the second file hash value, proving that the update package file received by the terminal to be updated at the moment is consistent with the update package file uploaded by the debugging terminal received by the server, and acquiring a verification node passing the verification; and when the verification is passed, the terminal to be updated decrypts the update package file by adopting the encryption key, and obtains the decrypted update package file, so that the update package file is transmitted into the target application for loading and displaying, and the file hot update is completed.
Specifically, when the bundle file (i.e. APP executable file) of the real Native module in the target application is subjected to hot update, the security of the bundle file transmitted between the debugging end and the service end and the bundle file transmitted between the service end and the terminal to be updated is ensured by performing one-layer encryption and two-layer hash processing when the debugging end and the service end of the real Native module are transmitted,
it can be understood that in this embodiment, when the terminal to be updated starts the loading target application, hash check and decryption operation are required to be performed on the encrypted file, so that the secure bundle update package provided by the authorities is ensured to be downloaded by the terminal to be updated all the time, and the problem that the root tool replaces the bundle package file downloaded to the local can be effectively solved.
Further, in step S403, when the terminal to be updated receives the update package file carrying the file identifier, the terminal to be updated stores the update package file in the private storage space corresponding to the target application.
It can be understood that when the terminal to be updated receives the encrypted update package file, the encrypted update package file is stored locally (i.e. the APP private storage space), and even if the terminal to be updated is acquired by a third party, the security of the update package file can be ensured.
In one embodiment, as shown in fig. 5, in step S201, an update package file of a target application is sent to a server through a debugging end, which specifically includes the following steps:
s501: and detecting whether the target application needs to be updated or not through the server, and if so, issuing an update package file corresponding to the target application to the terminal to be updated. Or alternatively, the process may be performed,
s502: and sending a file updating request to the server through the terminal to be updated so as to receive an updating packet file returned by the server in response to the file updating request.
In this embodiment, the manner of sending the received update package file to the terminal to be updated through the server includes, but is not limited to, two manners, one is that, when establishing a network connection between the terminal to be updated and the server, an update request is actively sent to the server to request the update package file; and in addition, when the network connection between the terminal to be updated and the server is established, the server detects whether the bundle file of the target application in the terminal to be updated needs to be updated, for example, whether the bundle file is the latest version file or not, and when the bundle file needs to be updated, the update package file is actively pushed to the terminal to be updated.
In one embodiment, the file update request includes a user ID and a terminal authentication token to be updated; as shown in fig. 6, in step S502, that is, a terminal to be updated sends a file update request to a server to receive an update package file returned by the server in response to the file update request, the method specifically includes the following steps:
s601: and sending a file updating request to the server through the terminal to be updated.
S602: when the server receives the file updating request, the user ID and the authentication token of the terminal to be updated are verified through the server, and a returned verification result is verified.
S603: if the verification result is that the verification fails, the file updating request is resent to the server or the file updating is terminated through the terminal to be updated.
S604: if the verification result is that the verification is successful, the server responds to the file update request, so that the terminal to be updated receives the update package file returned by the server in response to the file update request.
The user ID may be used to uniquely identify a user, for example, a terminal identifier to be updated or a user account number. The terminal authentication Token to be updated refers to a Token generated by the server after the user starts the target application and successfully logs in, and is used for interactive verification between the terminal to be updated and the server. Specifically, when the server receives a file update request sent by the mobile terminal to be updated, authentication is performed on the user, namely whether the user has update authority is verified, and the user ID and the terminal authentication token to be updated, which are carried by the file update request, are verified together with the updatable user ID and token prestored in the server, so that the user identity is ensured to be real and effective and the user identity has the update authority. When the verification result is that the verification fails, retransmitting a file update request to a server or terminating file update through the terminal to be updated; if the verification result is that the verification is successful, the server responds to the file update request, so that the terminal to be updated receives the update package file returned by the server in response to the file update request.
In one embodiment, as shown in fig. 7, in step S602, that is, a verification result returned by verifying the user ID and the terminal authentication token to be updated through the server, the method specifically includes the following steps:
s701: comparing and verifying the user ID with a prestored updatable user ID through a server; and comparing and verifying the authentication token of the terminal to be updated with the prestored authentication token.
S702: if the comparison of the user ID and the prestored updatable user ID fails and/or the comparison of the terminal authentication token to be updated and the prestored authentication token fails, acquiring a verification result of verification failure.
Specifically, the user ID and the terminal authentication token to be updated are verified together with the updatable user ID and token prestored in the server through verifying the request parameters carried by the file update request, so that the user identity is truly and effectively ensured and the user identity has update authority. When the user ID and the authentication token of the terminal to be updated pass through authentication, a successful authentication result is obtained, and when authentication of any one dimension of the user ID and the authentication token fails, an authentication result of the authentication failure is returned.
In one embodiment, as shown in fig. 8, before step S201, the method further includes the following steps:
s801: generating an update package file through the debugging end, and generating a file identifier corresponding to the update package file.
The generating the file identifier corresponding to the update package file includes, but is not limited to, generating a bundle ID that uniquely identifies the update package file by using a UUID, a snowflake algorithm, or a database increment, or the like, that is, the file identifier.
S802: and generating an encryption key of the update package file according to the file identifier through the debugging end, and encrypting the update package file by adopting the encryption key to obtain the update package file.
S803: and carrying out hash calculation on the update package file through the debugging end to obtain a first file hash value corresponding to the update package file, so as to upload the update package file carrying the file identification, the first file hash value and the encryption key to the server.
Specifically, after the debugging end packages and generates a bundle file, namely an update package file, aiming at the developed and modified code, a file identifier corresponding to the update file is generated, an encryption key of the update package file is generated through the file identifier, the update package file is encrypted by adopting the encryption key, so that the update package file is obtained, the safety of data transmission between the debugging end and the server end is ensured, the encryption key is stored to the server end, and the encryption key and the first file hash value are not given to the terminal to be updated when the server end issues the update package file to the terminal to be updated, so that the reliability and the safety of data transmission between the terminal to be updated and the server end are ensured.
After the encrypted update package file is obtained, hash calculation is further performed on the encrypted update package file to obtain a first file hash value corresponding to the update package file, and finally, the debugging end uploads the update package file carrying the file identifier, the first file hash value and the encryption key to a service, so that the service end stores the first file hash value and the encryption key, and only sends the update package file carrying the file identifier to a terminal to be updated when the update package file is issued, thereby ensuring validity of hash verification and the encryption key.
Further, in step S802, that is, through the debug end, based on the file identifier, an encryption key of the update package file is generated, which specifically includes the following steps:
s901: obtaining a preset key length of a special key by adopting a debugging end;
s902: and generating an encryption key with a preset key length by adopting the debugging end according to the file identification and the random number.
The preset key length includes, but is not limited to, 128 bits or 256 bits, and can be configured by experience in a customized manner, which is not limited herein.
In this embodiment, the length of the random number is dynamically determined by the length of the string of the file identifier, for example, the length of the string of the file identifier is 64 bits, and the preset key length is 128 bits, so that a 64-bit random number can be specified in the random number production function and combined with the 64-bit file identifier to obtain the 128-bit encryption key. Specifically, the random number and the file identifier may be combined, and may be implemented by a simple splicing or interval inserting method, which is not limited in this case.
Further, the file identifier may be processed by using an md5 information summarization algorithm to generate a hash value with a fixed length (a preset key length), i.e., an encryption key.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic, and should not limit the implementation process of the embodiment of the present invention.
In one embodiment, a file updating system is provided, which corresponds to the file updating method in the above embodiment one by one. As shown in fig. 9, the file update system includes an update package file transmission module 10, an update package file distribution module 20, a hash check module 30, and a file update module 40. The functional modules are described in detail as follows:
the update package file sending module 10 is configured to send an update package file of the target application to the server through the debug end; the update package file corresponds to a file identifier and a first file hash value.
And the update package file issuing module 20 is used for establishing network connection between the terminal to be updated and the server after the terminal to be updated starts the target application, so as to issue the received update package file to the terminal to be updated through the server.
The hash checking module 30 is configured to, when the terminal to be updated receives an update package file carrying a file identifier, request, from the server, a first file hash value corresponding to the file identifier by the terminal to be updated, so that the terminal to be updated checks the update package file based on the first file hash value, and obtain a check result.
And the file updating module 40 is used for transmitting the update package file into the target application for loading and displaying through the terminal to be updated when the verification result is that the verification is passed, so as to complete the file updating.
Specifically, the hash check module comprises a hash calculation unit and a hash value comparison unit.
And the hash calculation unit is used for carrying out hash calculation on the update package file through the terminal to be updated to obtain a second file hash value.
And the hash value comparison unit is used for checking whether the first file hash value is consistent with the second file hash value through the terminal to be updated, and if so, acquiring a check result passing the check.
Specifically, the update package file also corresponds to an encryption key; the file updating module comprises a decryption unit and a file updating unit.
And the decryption unit is used for decrypting the update package file by adopting the encryption key through the terminal to be updated when the verification result is that the verification is passed, and obtaining the decrypted update package file.
And the file updating unit is used for transmitting the decrypted update package file into the target application for loading and displaying through the terminal to be updated, and finishing the file hot update.
Specifically, the update package file transmission module includes a first transmission unit and a second transmission unit.
The first sending unit is used for detecting whether the target application needs to be updated through the server, and if so, sending an update package file corresponding to the target application to the terminal to be updated; or alternatively, the process may be performed,
a second sending unit, configured to send a file update request to the server through the terminal to be updated, so as to receive an update package file returned by the server in response to the file update request
Specifically, the file update request includes a user ID and a terminal authentication token to be updated; the second sending unit comprises a request sending subunit, a terminal verification subunit to be updated, a first verification result processing subunit and a second verification result processing subunit.
And the request sending subunit is used for sending a file updating request to the server through the terminal to be updated.
And the terminal verification subunit to be updated is used for verifying the user ID and the terminal authentication token to be updated through the server side when the server side receives the file update request.
And the first verification result processing subunit is used for retransmitting a file update request to the server or terminating file update through the terminal to be updated if the verification result is verification failure.
And the second verification result processing subunit is used for responding to the file update request through the server side if the verification result is successful, so that the terminal to be updated receives the update package file returned by the server side in response to the file update request.
Specifically, the terminal verification subunit to be updated includes a first verification subunit and a second verification subunit.
The first verification subunit is used for comparing and verifying the user ID with a prestored updatable user ID through the server; and comparing and verifying the authentication token of the terminal to be updated with the prestored authentication token.
And the second verification subunit is used for acquiring a verification result of verification failure if the comparison of the user ID and the prestored updatable user ID fails and/or the comparison of the authentication token of the terminal to be updated and the prestored authentication token fails.
Specifically, the file updating system further comprises a file identifier generating module, a file encrypting module and a file uploading module.
The file identifier generation module is used for generating an update package file through the debugging end and generating a file identifier corresponding to the update package file.
The file encryption module is used for generating an encryption key of the update package file according to the file identification through the debugging end, and encrypting the update package file by adopting the encryption key to obtain the update package file.
The file uploading module is used for carrying out hash calculation on the update package file through the debugging end to obtain a first file hash value corresponding to the update package file, so that the update package file carrying the file identification, the first file hash value and the encryption key is uploaded to the server.
For specific limitations of the file update system, reference may be made to the above limitations of the file update method, and no further description is given here. The various modules in the file update system described above may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in the processor in the terminal to be updated in a hardware form or can be independent from the processor in the terminal to be updated, and can also be stored in the memory in the terminal to be updated in a software form, so that the processor can call and execute the operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, and the internal structure of which may be as shown in fig. 10. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a computer storage medium, an internal memory. The computer storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the computer storage media. The database of the computer device is used for storing data, such as target pages, generated or acquired during the process of executing the file updating method. The network interface of the computer device is used for communicating with an external computer device through a network connection. The computer program is executed by a processor to implement a file updating method.
In one embodiment, a computer device is provided that includes a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the file updating method in the above embodiments when the computer program is executed, such as steps S201-S204 shown in fig. 2, or steps shown in fig. 3-8. Alternatively, the processor may implement the functions of each module/unit in this embodiment of the file updating system when executing the computer program, for example, the functions of each module/unit shown in fig. 9, which are not described herein again for the sake of avoiding repetition.
In an embodiment, a computer storage medium is provided, and a computer program is stored on the computer storage medium, where the computer program when executed by a processor implements the steps of the method for updating a file in the foregoing embodiment, for example, steps S201 to S204 shown in fig. 2, or steps shown in fig. 3 to 8, which are not repeated herein. Alternatively, the computer program when executed by the processor implements the functions of each module/unit in the embodiment of the file updating system, for example, the functions of each module/unit shown in fig. 9, which are not described herein again for avoiding repetition.
Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the various embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), memory bus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the system is divided into different functional units or modules to perform all or part of the above-described functions.
The above embodiments are only for illustrating the technical aspects of the present invention, not for limiting the same, and although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention, and are intended to be included in the scope of the present invention.

Claims (9)

1. The file updating method is characterized by being applied to a file updating system, wherein the file updating system comprises a debugging end, a server end and a terminal to be updated; the file updating method comprises the following steps:
sending an update package file of the target application to the server through the debugging end; wherein, the update package file corresponds to a file identifier and a first file hash value;
after the terminal to be updated starts a target application, establishing network connection between the terminal to be updated and the server so as to send the received update package file to the terminal to be updated through the server;
when the terminal to be updated receives the update package file carrying the file identifier, the terminal to be updated requests a first file hash value corresponding to the file identifier from the server side, so that the terminal to be updated performs verification on the update package file based on the first file hash value to obtain a verification result;
when the verification result is that verification passes, the update package file is transmitted into the target application for loading and displaying through the terminal to be updated, so that file updating is completed;
the update package file also corresponds to an encryption key;
when the verification result is that verification passes, the update package file is transmitted into the target application for loading display through the terminal to be updated, so that file update is completed, wherein the method comprises the steps of;
when the verification result is that verification passes, decrypting the update package file by the terminal to be updated by adopting the encryption key to obtain a decrypted update package file;
and transmitting the decrypted update package file into the target application through the terminal to be updated to load and display, thereby completing the file hot update.
2. The method of updating a file according to claim 1, wherein the verifying the update package file based on the first file hash value to obtain a verification result includes:
carrying out hash calculation on the update package file through the terminal to be updated to obtain a second file hash value;
and checking whether the first file hash value is consistent with the second file hash value or not through the terminal to be updated, and if so, acquiring a checking result passing the checking.
3. The method for updating a file according to claim 1, wherein the sending, by the debug side, the update package file of the target application to the server side includes:
detecting whether the target application needs to be updated or not through the server, and if so, issuing an update package file corresponding to the target application to the terminal to be updated; or alternatively, the process may be performed,
and sending a file updating request to the server through the terminal to be updated so as to receive an updating packet file returned by the server in response to the file updating request.
4. A file updating method according to claim 3, wherein the file updating request includes a user ID and a terminal authentication token to be updated;
the sending, by the terminal to be updated, a file update request to the server to receive an update package file returned by the server in response to the file update request, including:
sending a file updating request to a server through the terminal to be updated;
when the server receives the file updating request, the user ID and the terminal authentication token to be updated are verified through the server to obtain a returned verification result;
if the verification result is that the verification fails, retransmitting the file updating request to a server or stopping file updating through the terminal to be updated;
if the verification result is that the verification is successful, the server responds to the file update request, so that the terminal to be updated receives an update package file returned by the server in response to the file update request.
5. The method for updating a file according to claim 4, wherein the verification result returned by the server for verifying the user ID and the authentication token of the terminal to be updated includes:
comparing and verifying the user ID with a prestored updatable user ID through the server; comparing and verifying the authentication token of the terminal to be updated with a prestored authentication token;
and if the comparison of the user ID and the prestored updatable user ID fails and/or the comparison of the authentication token of the terminal to be updated and the prestored authentication token fails, acquiring a verification result of verification failure.
6. The file updating method according to claim 1, wherein before said sending, by said debugging end, the update package file of the target application to the server end, said file updating method further comprises:
generating an update package file through the debugging end, and generating a file identifier corresponding to the update package file;
generating an encryption key of the update package file according to the file identifier through the debugging end, and encrypting the update package file by adopting the encryption key to obtain the update package file;
and carrying out hash calculation on the update package file through the debugging end to obtain a first file hash value corresponding to the update package file, so as to upload the update package file carrying the file identifier, the first file hash value and the encryption key to the server.
7. A file update system, comprising:
the update package file sending module is used for sending the update package file of the target application to the server through the debugging end; wherein, the update package file corresponds to a file identifier and a first file hash value;
the update package file issuing module is used for establishing network connection between the terminal to be updated and the server after the terminal to be updated starts the target application so as to issue the received update package file to the terminal to be updated through the server;
the hash verification module is used for requesting a first file hash value corresponding to the file identifier from the server through the terminal to be updated when the terminal to be updated receives the update package file carrying the file identifier, so that the terminal to be updated verifies the update package file based on the first file hash value to obtain a verification result;
the file updating module is used for transmitting the updating package file into the target application for loading and displaying through the terminal to be updated when the verification result is that the verification is passed, so as to complete file updating;
the update package file also corresponds to an encryption key; the file updating module comprises a decryption unit and a file updating unit;
the decryption unit is used for decrypting the update package file by adopting the encryption key through the terminal to be updated when the verification result is that the verification is passed, and obtaining the decrypted update package file;
and the file updating unit is used for transmitting the decrypted update package file into the target application for loading and displaying through the terminal to be updated, and finishing the file hot update.
8. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the file updating method according to any of claims 1 to 6 when the computer program is executed.
9. A computer storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the steps of the file updating method according to any one of claims 1 to 6.
CN202011489818.6A 2020-12-16 2020-12-16 File updating method, system, computer equipment and storage medium Active CN112637307B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011489818.6A CN112637307B (en) 2020-12-16 2020-12-16 File updating method, system, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011489818.6A CN112637307B (en) 2020-12-16 2020-12-16 File updating method, system, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112637307A CN112637307A (en) 2021-04-09
CN112637307B true CN112637307B (en) 2023-07-11

Family

ID=75314093

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011489818.6A Active CN112637307B (en) 2020-12-16 2020-12-16 File updating method, system, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112637307B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113407213B (en) * 2021-06-21 2022-12-23 平安银行股份有限公司 Resource package updating method, device, equipment and storage medium
CN113900681A (en) * 2021-08-13 2022-01-07 西安万像电子科技有限公司 Zero-terminal software updating method, electronic device and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017218109A2 (en) * 2016-06-12 2017-12-21 Intel Corporation Technologies for secure software update using bundles and merkle signatures
CN107786504A (en) * 2016-08-26 2018-03-09 腾讯科技(深圳)有限公司 ELF file publishing methods, ELF file verifications method, server and terminal
CN108804321A (en) * 2018-05-25 2018-11-13 武汉华工正源光子技术有限公司 A kind of automatic test software update system and method
CN110221849A (en) * 2019-04-30 2019-09-10 山东省计算中心(国家超级计算济南中心) A kind of software update system and method
CN111143869A (en) * 2019-12-30 2020-05-12 Oppo广东移动通信有限公司 Application package processing method and device, electronic equipment and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017218109A2 (en) * 2016-06-12 2017-12-21 Intel Corporation Technologies for secure software update using bundles and merkle signatures
CN107786504A (en) * 2016-08-26 2018-03-09 腾讯科技(深圳)有限公司 ELF file publishing methods, ELF file verifications method, server and terminal
CN108804321A (en) * 2018-05-25 2018-11-13 武汉华工正源光子技术有限公司 A kind of automatic test software update system and method
CN110221849A (en) * 2019-04-30 2019-09-10 山东省计算中心(国家超级计算济南中心) A kind of software update system and method
CN111143869A (en) * 2019-12-30 2020-05-12 Oppo广东移动通信有限公司 Application package processing method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN112637307A (en) 2021-04-09

Similar Documents

Publication Publication Date Title
US11258792B2 (en) Method, device, system for authenticating an accessing terminal by server, server and computer readable storage medium
CN110365670B (en) Blacklist sharing method and device, computer equipment and storage medium
CN107710672B (en) Software distribution processing device, software distribution processing method, and vehicle
CN108322451B (en) Data processing method, data processing device, computer equipment and storage medium
CN108363580A (en) Application program installation method, device, computer equipment and storage medium
CN111666564B (en) Application program safe starting method and device, computer equipment and storage medium
CN103577206A (en) Method and device for installing application software
CN112637307B (en) File updating method, system, computer equipment and storage medium
CN109509099B (en) Data transaction method and device, computing equipment and storage medium
CN111107073A (en) Application automatic login method and device, computer equipment and storage medium
WO2022160697A1 (en) Authorization authentication and software development kit generation methods and apparatuses, and electronic device
CN103281187A (en) Security authentication method, equipment and system
CN113553572A (en) Resource information acquisition method and device, computer equipment and storage medium
CN111565182A (en) Vehicle diagnosis method and device and storage medium
CN113434889A (en) Service data access method, device, equipment and storage medium
CN105187410A (en) Application self-upgrading method and system
CN109657170B (en) Webpage loading method and device, computer equipment and storage medium
CN111212057B (en) Resource packet transmission method and device, computer equipment and readable storage medium
CN112446782A (en) Method for downloading initial key, computer equipment and storage medium
CN115242413A (en) Internet of things equipment firmware safety upgrading method and device, electronic equipment and medium
CN116909603A (en) Vehicle safety upgrading method and system
US20220216999A1 (en) Blockchain system for supporting change of plain text data included in transaction
WO2019019675A1 (en) Simulated website login method and apparatus, server end and readable storage medium
CN114143197A (en) OTA (over the air) upgrading method, device and equipment of Internet of things equipment and readable storage medium
CN114389790A (en) Secure multi-party computing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant