CN100437615C - Method for protecting dynamic chanining bank interface under windows platform - Google Patents
Method for protecting dynamic chanining bank interface under windows platform Download PDFInfo
- Publication number
- CN100437615C CN100437615C CNB2006100220469A CN200610022046A CN100437615C CN 100437615 C CN100437615 C CN 100437615C CN B2006100220469 A CNB2006100220469 A CN B2006100220469A CN 200610022046 A CN200610022046 A CN 200610022046A CN 100437615 C CN100437615 C CN 100437615C
- Authority
- CN
- China
- Prior art keywords
- dll
- dynamic
- windows platform
- protected
- bank interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a protection method for DLL interface on Windows platform, its characteristic is that: A first, renaming the export function of the goal DLL for use by Windows API LoadLibrary, B reversibly encrypting the renamed export table of DLL, and sending to customers, C when DLL is in use, memory mapping the DLL on disk, and decrypting the export table of DLL in memory, which is the contra-process of step B. Finally, dynamically loads the DLL in memory. This method can ensure the safety when AP uses DL to realize modularization, and protect that Windows API LoadLibrary is used to dynamiclly loading DLL. Meanwhile, it will not destroy the DLL export table, which can still be used normally, and do not need key to control, being convenient in use.
Description
Technical field
The present invention relates to the interface safety problem of dynamic link library, particularly a kind of windows platform is the method for protection dynamic chanining bank interface down.
Background technology
Dynamic link library is meant a kind of module that can be employed procedure sharing, and the dynamic link library under the windows platform is suffix .dll by name normally .sys, the file of .drv.The prerequisite that application program uses dynamic link library to realize that module is shared is that dynamic link library can be derived some interfaces, as function, and variable, perhaps class.
At present generally use dynamic link library to improve the modularization of software; for the purpose of safety; software vendors is not wish the function of its derivation by other routine call for providing the dynamic link library of giving the user, therefore with regard to being necessary the interface of dynamic link library is protected.Traditional salvo is to use and adds shell software DLL is added shell.According to the difference that adds shell software, different inconveniences is arranged: as add shell software AsProtect, adopt the method for thoroughly destroying the derived table of DLL, cause normally using DLL; Another money adds shell software AcProtect for another example, must safeguard a decryption key, and this method can be brought inconvenience in the use to the user.Because using the conventional method of DLL is to call Windows API LoadLibrary to come dynamic loading DLL, Windows API is meant the application programming interface of windows platform, and at this some the method that the simple protective means are provided is not arranged at present.
Summary of the invention
The purpose of this invention is to provide a kind of method of under windows platform, protecting dynamic chanining bank interface; can guarantee to use dynamic link to realize modular safety problem, come dynamic loading DLL to protect at calling Windows APILoadLibrary in application program.
Technical scheme of the present invention is as follows:
A kind of windows platform is the method for protection dynamic chanining bank interface down, it is characterized in that:
A, by Windows API LoadLibrary, at first the derivative function of the target DLL that will use renames;
B, the derived table of the target DLL that renamed is carried out reversible encryption, again DLL is provided to the user;
C, when using DLL, the DLL on the disk is carried out memory-mapped, the derived table to DLL is decrypted in internal memory again, deciphering is the inverse process of encrypting in the B step, the DLL in the last dynamic loading internal memory.
Described DLL refers to dynamic link library.
Described renaming is divided into: for the DLL with source code, directly revise the function name in the source code; For the DLL that does not have source code, the function name in the derived table of modification DLL.
The interface of described protection dynamic link library refers to protect the function of dynamic link library derivation.
Described loading refers to the code of DLL is mapped to the process space, thereby can use the process of DLL.
Described derived table is a joint of PE file, and it comprises the external interface message of this PE.The PE file is Portable executable format, is the executable file format under the Windows32 platform.
Described memory-mapped is a kind of method of shared drive under the windows platform.
Advantage of the present invention is as follows:
This method can guarantee to use dynamic link to realize modular safety problem in application program, and comes dynamic loading DLL to protect at calling Windows API LoadLibrary; Can not destroy simultaneously the derived table of DLL, DLL still can normally use, and does not also need secret key to control, and does not therefore just more need to safeguard secret key, and is very convenient in the use.
Description of drawings
Fig. 1 is a workflow synoptic diagram of the present invention
Embodiment
Embodiment 1
A kind of windows platform is the method for protection dynamic chanining bank interface down, is:
A, by Windows API LoadLibrary, at first the derivative function of the target DLL that will use renames;
B, the derived table of the target DLL that renamed is carried out reversible encryption, again DLL is provided to the user;
C, when using DLL, the DLL on the disk is carried out memory-mapped, the derived table to DLL is decrypted in internal memory again, deciphering is the inverse process of encrypting in the B step, the DLL in the last dynamic loading internal memory.
Described DLL refers to dynamic link library.
Described encryption, deciphering can adopt the mathematic(al) manipulation method to realize.
The interface of described protection dynamic link library refers to protect the function of dynamic link library derivation.
Described loading refers to the code of DLL is mapped to the process space, thereby can use the process of DLL.
Described derived table is a joint of PE file, and it comprises the external interface message of this PE.The PE file is Portable executable format, is the executable file format under the Windows32 platform.
Described memory-mapped is a kind of method of shared drive under the windows platform.
Embodiment 2
A kind of windows platform is the method for protection dynamic chanining bank interface down, the derivative function of the target DLL that will use by Windows APILoadLibrary renames, described renaming is divided into: for the DLL with source code, directly revise the function name in the source code; For the DLL that does not have source code, the function name in the derived table of modification DLL.
Wherein:
For DLL, can directly realize renaming by revising the .def file with source code;
For the DLL that does not have source code, rename by the derived table of revising DLL, for example use third-party storehouse, there is not the DLL of source code exactly, at this moment just rename by the derived table of revising DLL, can destroy getting final product the derived table of DLL.
Claims (7)
1, a kind of windows platform is protected the method for dynamic chanining bank interface down, it is characterized in that:
A, by Windows API LoadLibrary, at first the derivative function of the target DLL that will use renames;
B, the derived table of the target DLL that renamed is carried out reversible encryption, again DLL is provided to the user;
C, when using DLL, the DLL on the disk is carried out memory-mapped, the derived table to DLL is decrypted in internal memory again, deciphering is the inverse process of encrypting in the B step, the DLL in the last dynamic loading internal memory.
2, a kind of windows platform according to claim 1 is protected the method for dynamic chanining bank interface down, and it is characterized in that: described DLL refers to dynamic link library.
3, a kind of windows platform according to claim 1 is protected the method for dynamic chanining bank interface down, and it is characterized in that: described renaming is divided into: for the DLL with source code, directly revise the function name in the source code; For the DLL that does not have source code, the function name in the derived table of modification DLL.
4, a kind of windows platform according to claim 1 is protected the method for dynamic chanining bank interface down, it is characterized in that: the interface of described protection dynamic link library refers to protect the function of dynamic link library derivation.
5, a kind of windows platform according to claim 1 is protected the method for dynamic chanining bank interface down, and it is characterized in that: described loading refers to the code of DLL is mapped to the process space, thereby can use the process of DLL.
6, a kind of windows platform according to claim 1 is protected the method for dynamic chanining bank interface down, and it is characterized in that: described derived table is a joint of PE file, and it comprises the external interface message of this PE; The PE file is Portable executable format, is the executable file format under the Windows32 platform.
7, a kind of windows platform according to claim 1 is protected the method for dynamic chanining bank interface down, and it is characterized in that: described memory-mapped is a kind of method of shared drive under the windows platform.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100220469A CN100437615C (en) | 2006-10-16 | 2006-10-16 | Method for protecting dynamic chanining bank interface under windows platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100220469A CN100437615C (en) | 2006-10-16 | 2006-10-16 | Method for protecting dynamic chanining bank interface under windows platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1945589A CN1945589A (en) | 2007-04-11 |
| CN100437615C true CN100437615C (en) | 2008-11-26 |
Family
ID=38044988
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100220469A Active CN100437615C (en) | 2006-10-16 | 2006-10-16 | Method for protecting dynamic chanining bank interface under windows platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100437615C (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102938036B (en) * | 2011-11-29 | 2016-01-13 | Ut斯达康(中国)有限公司 | The segment of double re-encryption of Windows dynamic link library and method for secure loading |
| CN102799815B (en) * | 2012-06-29 | 2015-07-29 | 安科智慧城市技术(中国)有限公司 | A kind of method and apparatus of safe loading procedure storehouse |
| CN103246848B (en) * | 2013-03-26 | 2016-05-18 | 北京深思数盾科技股份有限公司 | The method and apparatus of protection software security |
| CN103198244B (en) * | 2013-03-26 | 2016-06-29 | 北京深思数盾科技股份有限公司 | The method of protection dynamic link library |
| CN103186730B (en) * | 2013-03-26 | 2016-05-18 | 北京深思数盾科技股份有限公司 | The method and apparatus of protection .NET software security |
| CN104679561B (en) * | 2015-02-15 | 2018-07-06 | 福建天晴数码有限公司 | A kind of method and system of dynamic link library file loading |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6618735B1 (en) * | 1999-06-30 | 2003-09-09 | Microsoft Corporation | System and method for protecting shared system files |
| CN1535408A (en) * | 2001-07-31 | 2004-10-06 | Method for protecting software using renaming principle against its unauthorised use |
-
2006
- 2006-10-16 CN CNB2006100220469A patent/CN100437615C/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6618735B1 (en) * | 1999-06-30 | 2003-09-09 | Microsoft Corporation | System and method for protecting shared system files |
| CN1535408A (en) * | 2001-07-31 | 2004-10-06 | Method for protecting software using renaming principle against its unauthorised use |
Non-Patent Citations (4)
| Title |
|---|
| Windows动态链接库的原理及编程方法. 贾慧.电脑编程技巧与维护,第1996卷第5期. 1996 |
| Windows动态链接库的原理及编程方法. 贾慧.电脑编程技巧与维护,第1996卷第5期. 1996 * |
| Windows和Linux动态链接库研究及应用. 肖竟华.电脑与信息技术,第13卷第2期. 2005 |
| Windows和Linux动态链接库研究及应用. 肖竟华.电脑与信息技术,第13卷第2期. 2005 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1945589A (en) | 2007-04-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100437615C (en) | Method for protecting dynamic chanining bank interface under windows platform | |
| US9443064B2 (en) | Protecting method and system of java source code | |
| WO2005052841A3 (en) | Tamper-resistant trusted virtual machine | |
| AU2006205315B2 (en) | Method and portable storage device for allocating secure area in insecure area | |
| WO2021217980A1 (en) | Java code packing method and system | |
| WO2007142615A3 (en) | System and method for intelligence based security | |
| CN101308475A (en) | Safe mobile storage system and method of use thereof | |
| AU2002359210A1 (en) | Robust and flexible digital rights management involving a tamper-resistant identity module | |
| US8286001B2 (en) | Method and central processing unit for processing encrypted software | |
| WO2000052875A8 (en) | Transparent encryption and decryption with algorithm independent cryptographic engine that allows for containerization of encrypted files | |
| NO985275D0 (en) | Procedure for storing and using sensitive information in a security module and an associated security module | |
| CN101814124A (en) | Java-based method for enhancing software security | |
| WO2004072891A3 (en) | System and method for regulating execution of computer software | |
| WO2009051471A3 (en) | Trusted computer platform method and system without trust credential | |
| WO2007115332A3 (en) | File decryption interface | |
| US20050246551A1 (en) | System and method for rendering selective presentation of documents | |
| US20100205459A1 (en) | Method and system for protecting against access to a machine code of a device | |
| WO2009032732A3 (en) | Secure computer working environment utilizing a read-only bootable media | |
| JP2006085676A (en) | Encryption instruction processing apparatus | |
| CN105303074A (en) | Method for protecting security of Web application | |
| CN103488954A (en) | File encryption system | |
| CN107480478A (en) | A kind of encryption method and operation method of JAVA application programs | |
| CN111177773B (en) | Full disk encryption and decryption method and system based on network card ROM | |
| CN107066842A (en) | A kind of method and system of reinforcing SDK projects | |
| GB2349250A (en) | Method for protecting bytecode |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee |
Owner name: ZHUHAI KING SOFT CO.,LTD. Free format text: FORMER NAME: ZHUHAI JINSHAN SOFTWARE CO. LTD. |
|
| CP01 | Change in the name or title of a patent holder |
Address after: Jingshan Hill Road, Lane 510195 Lianshan Jida Guangdong province Zhuhai City No. 8 Patentee after: Zhuhai Kingsoft Software Co., Ltd. Address before: Jingshan Hill Road, Lane 510195 Lianshan Jida Guangdong province Zhuhai City No. 8 Patentee before: Zhuhai Jinshan Software Co., Ltd. |