CN103605927B - Encryption and decryption method and device based on embedded Linux system - Google Patents
Encryption and decryption method and device based on embedded Linux system Download PDFInfo
- Publication number
- CN103605927B CN103605927B CN201310557177.7A CN201310557177A CN103605927B CN 103605927 B CN103605927 B CN 103605927B CN 201310557177 A CN201310557177 A CN 201310557177A CN 103605927 B CN103605927 B CN 103605927B
- Authority
- CN
- China
- Prior art keywords
- function
- encryption
- decryption
- code
- kernel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The invention discloses an encryption and decryption method and device based on an embedded Linux system, and belongs to the technical field of computer software. The method includes adding an encryption function and decryption function definition and an implementation code into a system call file of a Linux kernel code; adding an encryption function statement and a decryption function statement into a system call function list of a corresponding kernel code of a processor; recompiling and re-solidifying the kernel code; calling an encryption function to encrypt and/or calling a decryption function for decryption in application software according to the function statement. According to the method, through encryption and decryption codes of a system call kernel, an encryption and decryption coexisting mode correlated with the kernel is realized, data decryption difficulty is increased, and safety of codes and data is improved. Meanwhile, complexity of application software with the embedded Linux kernel code is lowered, and same encryption and decryption functions can be applied to different application software.
Description
Technical field
The invention belongs to automotive field, relate more specifically to a kind of based on embedded Linux system realization encryption
With decryption method and device.
Background technology
Obtain in the world along with computer technology using widely, for enterprise or the office of personal user
Provide a great convenience, but be also faced with many potential safety hazards, in full during computer is universal
It is broken, according to storehouse system of defense, the loss that meeting cause the user is huge, under information age background, grasps various adding
Close, decryption method is to ensure that the effective measures of data safety.Along with developing rapidly of electronic technology, embedded
Equipment is the most prosperous, and various encryption and decryption methods have also been obtained deep development in built-in field.
In existing encryption and decryption method, that the most famous is MD5 (Message-Digest Algorithm
5), RSA etc., also have many symmetry algorithms (can encrypt and can also decipher), MD5 be in the early 1990s by
The experiment examination of MIT computer science and RSA Data Security Inc invent, via MD2, MD3 and MD4
Develop.Random length " byte serial " is transformed into the big integer of a 128bit by MD5, and
And be an irreversible character string mapping algorithm, in other words, even if you see source program and algorithm
Describe, also the value of a MD5 cannot be switched back to original character string, say from data principles, be because former
The character string begun has infinite multiple.Typical case's application of MD5 is to produce one section of Message (word string)
Fingerprint (fingerprint), to prevent from being tampered.RSA (Rivest-Shamir-Adleman) is one
Data encryption can be used for and can be used for the Digital Signature Algorithm of deciphering.It should be readily appreciated that and operate, and flows the most very much
OK.It experienced by various attack, is not changed brokenly completely to the present.But existing encryption and decryption method exists
Windows system is easier realize, is applied to during embedded system field have the disadvantage in that
(1) various encryption and decryption methods are relatively complicated, do not have very professional aid to support very
Difficult realization;
(2) encryption and decryption approaches can not be put together (i.e. to data encryption in code, also in same section generation
It is decrypted in Ma), safety also can not get ensureing.
Summary of the invention
In view of this, the present invention provides a kind of and realizes encryption and decryption approaches based on embedded Linux system,
In the way of realizing coexisting with the encryption that kernel associates and deciphering, increase code and the safety of data.
According to an aspect of the present invention, it is provided that one based on embedded Linux system realize encryption conciliate
Close method, comprises the following steps:
Encryption function and the definition of decryption function and reality is added in the system call file of linux kernel code
Modern code;
System at the corresponding kernel code of processor is called and is added encryption function statement and deciphering in function list
Function is declared;
Recompilate kernel code, and again solidify;
In application software, call encryption function according to encryption function statement be encrypted and/or call deciphering letter
Number is decrypted.
Preferably, in the system call file of linux kernel code, add encryption function definition and realize generation
Code farther includes: increase encryption function definition and the realization generation of encryption function in kernel/sys.c file
Code and decryption function definition and decryption function realize code.
Preferably, the code that realizes of encryption function and decryption function includes MD5, RSA and/or custom algorithm.
Preferably, the system at the corresponding kernel code of processor calls addition encryption function sound in function list
Bright statement with decryption function farther includes: at the corresponding title of arch/ processor/kernel/calls.S file
Middle addition encryption function call entry, No. ID that recording of encrypted function is corresponding;In arch/ processor correspondence name
Title/kernel/calls.S file adds encryption function call entry, record corresponding No. ID of decryption function.
Preferably, in application software, call encryption function according to encryption function statement and be encrypted bag further
Include: in application software No. ID of encryption function according to function declaration by system calling function API Calls
Encryption function is encrypted.In application software according to decryption function statement call decryption function be decrypted into
One step includes: in application software No. ID of decryption function according to function declaration by system calling function API
Call decryption function to be decrypted.
According to another aspect of the present invention, it is provided that one based on embedded Linux system realize encryption and
The device of deciphering, including with lower module:
Function realizes module, fixed for adding decryption function in the system call file of linux kernel code
Justice and realize code;
Function statement module, adds for calling in function list in the system of the corresponding kernel code of processor
Decryption function is stated;
Curing module, is used for recompilating kernel code, and again solidifies;
Application module, in application software according to encryption function statement call encryption function be encrypted and/
Or state that calling decryption function is decrypted according to decryption function.
Preferably, function realize module specifically for: in kernel/sys.c file, increase decryption function fixed
Justice realizes code with decryption function and increases decryption function definition reconciliation in kernel/sys.c file
Close function realize code.
Preferably, the code that realizes of decryption function includes MD5, RSA and/or custom algorithm.
Preferably, function statement module specifically for: at arch/ processor correspondence title/kernel/calls.S
File adds encryption function call entry, No. ID that recording of encrypted function is corresponding;At arch/ processor pair
Answering addition decryption function call entry in title/kernel/calls.S file, record decryption function is corresponding
No. ID.
Preferably, application module specifically for: in application software according to encryption function statement encryption function
No. ID be decrypted by system calling function API Calls encryption function;And/or, in application software
No. ID of decryption function according to decryption function statement is carried out by system calling function API Calls decryption function
Deciphering.
What the embodiment of the present invention provided realizes encryption and decryption approaches and device based on embedded Linux system,
Encryption and decryption program is performed by the encryption and decrypted code using system calling function API Calls kernel,
Realize the encryption that associates with kernel and mode that deciphering coexists, add the difficulty that data crack, increase code
Safety with data.Meanwhile, the complexity in the application software of embedded Linux kernel code is reduced
Spend, and different application softwaries can use identical Encrypt and Decrypt function.
Accompanying drawing explanation
The one that Fig. 1 provides for the embodiment of the present invention realizes encryption method flow process based on embedded Linux system
Figure.
The one that Fig. 2 provides for the embodiment of the present invention realizes decryption method flow process based on embedded Linux system
Figure.
Detailed description of the invention
In order to make the technical problem to be solved, technical scheme and beneficial effect clearer, clear,
Below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that this place is retouched
The specific embodiment stated only in order to explain the present invention, is not intended to limit the present invention.
As it is shown in figure 1, the one for embodiment of the present invention offer realizes encryption based on embedded Linux system
Method comprises the following steps:
S102, in the system call file of linux kernel code add encryption function definition and realize code.
Preferably, encryption function definition and the realization of encryption function can be increased in kernel/sys.c file
Code, wherein, AES can be current various AESs (such as MD5, RSA etc.), it is possible to
To be self-defining AES.Even if using fairly simple AES, encryption can be reached too
Purpose.
Such as: SYSCALL_DEFINE2 (encrypt, void*, src, int, len);
Wherein, encrypt represents the function name of encryption, and 2 indicate two parameters, and void* represents parameter 1
Type, src represents the parameter 1 title memory address pointer of encryption data (void*src be here), int
Representing parameter 2 type, len represents that (int len represents encrypted data length, and type is for the title of parameter 2
Integer).
S104, call in the system of the corresponding kernel code of processor function list adds encryption function statement.
Preferably, this step farther includes: at arch/ processor correspondence title/kernel/calls.S literary composition
Part adds encryption function call entry, and records the entrance ID of correspondence.
As a example by arm processor, then in arch/arm/kernel/calls.S file, add encryption function
The statement of the ID that encrypt is corresponding, in the present embodiment, ID can select 300.
S106, recompility kernel code, and again solidify;
Specifically, the kernel of code will be newly increased, compile and be burnt on embedded device.
S108, call encryption function be encrypted according to encryption function statement in application software.
Preferably, this step farther includes: the encryption stated according to described encryption function in application software
No. ID of function is encrypted by system calling function API Calls encryption function.When such as ID is 300,
Syscall (300, encryption data, length) can be passed through and call encryption function.I.e. realize data at needs
The place of encryption, by the way of system is called, completes the encryption of data.
As in figure 2 it is shown, the one that the embodiment of the present invention provides realizes decryption side based on embedded Linux system
Method:
S202, in the system call file of linux kernel code add decryption function definition and realize code;
Preferably, decryption function definition and the realization of decryption function can be increased in kernel/sys.c file
Code, wherein, decipherment algorithm can be current various decipherment algorithms (such as MD5, RSA etc.), it is possible to
To be self-defining decipherment algorithm.
Such as: SYSCALL_DEFINE2 (dencrypt, void*, src);
Wherein, encrypt represents the function name of deciphering, and 2 indicate two parameters, and void* represents parameter 1
Type, src represents parameter 1 title (void*src is the memory address pointer deciphering ciphertext data here),
Int represents parameter 2 type, and len represents that (int len represents deciphering data length, class for the title of parameter 2
Type is integer).
S204, call in the system of the corresponding kernel code of processor function list adds decryption function statement.
Preferably, this step farther includes: at arch/ processor correspondence title/kernel/calls.S literary composition
Part adds decryption function call entry, and records the entrance ID of correspondence.
As a example by arm processor, then in arch/arm/kernel/calls.S file, add decryption function
The statement of corresponding ID, in the present embodiment, No. ID can select 301.
S206, recompility kernel code, and again solidify.
Specifically, the kernel of code will be newly increased, compile and be burnt on embedded device.
S208, call decryption function be decrypted according to decryption function statement in application software.
Preferably, this step farther includes: the deciphering stated according to described decryption function in application software
No. ID of function is encrypted by system calling function API Calls decryption function.When such as ID is 301,
Syscall (301, solve ciphertext data, length) can be passed through and call decryption function.I.e. realize data at needs
The place of deciphering, by the way of system is called, completes the deciphering of data.
What the embodiment of the present invention provided realizes encryption and decryption approaches based on embedded Linux system, by making
Call the encryption of kernel by system and decrypted code performs encryption and decryption program, it is achieved associate with kernel adds
The mode that close and deciphering coexists, adds the difficulty that data crack, and increases code and the safety of data.With
Time, reduce the complexity in the application software of embedded Linux kernel code, and different application is soft
Part can use identical Encrypt and Decrypt function.
Illustrate the preferred embodiments of the present invention above by reference to accompanying drawing, not thereby limit to the right model of the present invention
Enclose.Those skilled in the art are without departing from any amendment made in the scope of the present invention and essence, equivalent
And improvement, all should be within the interest field of the present invention.
Claims (10)
1. one kind realizes encryption and the method for deciphering based on embedded Linux system, it is characterised in that the party
Method comprises the following steps:
Encryption function and the definition of decryption function and reality is added in the system call file of linux kernel code
Modern code;
System at the corresponding kernel code of processor is called and is added encryption function statement and deciphering in function list
Function declaration;
Recompilate kernel code, and again solidify;
In application software, call described encryption function according to the statement of described encryption function be encrypted and/or root
Call described decryption function according to the statement of described decryption function to be decrypted.
Method the most according to claim 1, it is characterised in that described at linux kernel code be
Tracking file adds encryption function and the definition of decryption function and realizes code and farther include:
In kernel/sys.c file increase encryption function definition and encryption function realize code and solve
The definition of close function realizes code with decryption function.
Method the most according to claim 2, it is characterised in that described encryption function and decryption function
Realize code and include MD5, RSA and/or custom algorithm.
Method the most according to claim 1, it is characterised in that described in processor corresponding kernel generation
The system of code is called to add encryption function statement in function list and decipher function declaration and is farther included:
Encryption function call entry is added in arch/ processor correspondence title/kernel/calls.S file,
And the entrance ID that recording of encrypted function is corresponding;And in arch/ processor correspondence title
/ kernel/calls.S file adds decryption function call entry, and records the entrance that decryption function is corresponding
No. ID.
Method the most according to claim 4, it is characterised in that described in application software according to described
Encryption function statement is called described encryption function and is encrypted and farther includes:
No. ID of the encryption function stated according to described encryption function in application software passes through system calling function
Described in API Calls, encryption function is encrypted;
Described call described decryption function be decrypted into one according to the statement of described decryption function in application software
Step includes: No. ID of the decryption function stated according to described decryption function in application software is called by system
Decryption function described in function API Calls is decrypted.
6. one kind realizes encryption and the device of deciphering based on embedded Linux system, it is characterised in that this dress
Put and include:
Function realizes module, in the system call file of linux kernel code add decryption function and
The definition of decryption function and realize code;
Function statement module, adds for calling in function list in the system of the corresponding kernel code of processor
Encryption function statement and deciphering function declaration;
Curing module, is used for recompilating kernel code, and again solidifies;
Application module, adds for calling encryption function according to the statement of described encryption function in application software
Close and/or call described decryption function be decrypted according to the statement of described decryption function.
Device the most according to claim 6, it is characterised in that described function realize module specifically for:
Kernel/sys.c file increases the definition of encryption function and encryption function realize code and
The definition of decryption function and decryption function realize code.
Device the most according to claim 7, it is characterised in that described encryption function and decryption function
Realize code and include MD5, RSA and/or custom algorithm.
Device the most according to claim 6, it is characterised in that described function statement module specifically for:
Decryption function call entry is added in arch/ processor correspondence title/kernel/calls.S file,
And the entrance ID that recording of encrypted function is corresponding;
And/or
Decryption function call entry is added in arch/ processor correspondence title/kernel/calls.S file,
And record entrance corresponding to decryption function No. ID number.
Device the most according to claim 9, it is characterised in that described application module specifically for:
No. ID of the encryption function stated according to described encryption function in application software passes through system calling function
Described in API Calls, encryption function is encrypted;
And/or
No. ID of the decryption function stated according to described decryption function in application software passes through system calling function
Described in API Calls, decryption function is decrypted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310557177.7A CN103605927B (en) | 2013-11-08 | 2013-11-08 | Encryption and decryption method and device based on embedded Linux system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310557177.7A CN103605927B (en) | 2013-11-08 | 2013-11-08 | Encryption and decryption method and device based on embedded Linux system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103605927A CN103605927A (en) | 2014-02-26 |
| CN103605927B true CN103605927B (en) | 2017-01-11 |
Family
ID=50124148
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310557177.7A Active CN103605927B (en) | 2013-11-08 | 2013-11-08 | Encryption and decryption method and device based on embedded Linux system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103605927B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105373744A (en) * | 2015-10-29 | 2016-03-02 | 成都卫士通信息产业股份有限公司 | Method for encrypting extended file system based on Linux |
| CN106355097A (en) * | 2016-08-30 | 2017-01-25 | 北京壹人壹本信息科技有限公司 | Method and system for encryption and decryption in Linux operation system |
| CN106372497B (en) * | 2016-08-31 | 2020-01-03 | 北京深思数盾科技股份有限公司 | Application programming interface API protection method and protection device |
| CN109858276B (en) * | 2018-12-28 | 2022-03-04 | 航天信息股份有限公司 | Method and system for performing multistage locking on embedded equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103164251A (en) * | 2013-04-10 | 2013-06-19 | 苏州苏灵仪表有限公司 | Method for outputting program check codes of embedded type microprocessor |
| CN103294958A (en) * | 2013-05-21 | 2013-09-11 | 中国人民解放军国防科学技术大学 | Kernel-level virtual polymerization and parallel encryption method for class-oriented Linux system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1932758A (en) * | 2006-09-28 | 2007-03-21 | 江苏恒宝股份有限公司 | Multi-application smart card |
-
2013
- 2013-11-08 CN CN201310557177.7A patent/CN103605927B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103164251A (en) * | 2013-04-10 | 2013-06-19 | 苏州苏灵仪表有限公司 | Method for outputting program check codes of embedded type microprocessor |
| CN103294958A (en) * | 2013-05-21 | 2013-09-11 | 中国人民解放军国防科学技术大学 | Kernel-level virtual polymerization and parallel encryption method for class-oriented Linux system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103605927A (en) | 2014-02-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6078555B2 (en) | Virtual machine device and method using key-driven obfuscation | |
| CN103563290B (en) | The method and system of combination key control information in the service of public encryption architecture | |
| CN108712412B (en) | Database encryption and decryption methods and devices, storage medium and terminal | |
| US20160117518A1 (en) | File Encryption/Decryption Device And File Encryption/Decryption Method | |
| JP5167348B2 (en) | Software encryption method, software decryption method, software encryption device, and software decryption device | |
| US10461944B2 (en) | Challenge-response method and associated computing device | |
| CN103902858A (en) | APK application reinforcing method and system | |
| KR20170056613A (en) | Media decoding control with hardware-protected digital rights management | |
| CN105681039A (en) | Method and device for secret key generation and corresponding decryption | |
| CN102334124A (en) | File protection method and device | |
| CN109726571B (en) | Electronic signature method and device for document, storage medium and electronic equipment | |
| CN103605927B (en) | Encryption and decryption method and device based on embedded Linux system | |
| CN111385084A (en) | Key management method and device for digital assets and computer readable storage medium | |
| CN105825143A (en) | Application program data writing and reading method and device | |
| KR20170097509A (en) | Operation method based on white-box cryptography and security apparatus for performing the method | |
| CN110262908A (en) | A kind of processing method and processing device of shear plate data | |
| CN109510702A (en) | A method of it key storage based on computer characteristic code and uses | |
| CN104156673B (en) | File processing method and device | |
| CN106375080B (en) | Flash file encryption and decryption method and device | |
| JP2014081613A (en) | Encryption and decryption method for session state information | |
| CN106548351A (en) | A kind of optimization method and terminal of fingerprint payment flow | |
| CN107871066A (en) | code compiling method and device based on Android system | |
| CN109065077B (en) | Method and device for manufacturing encrypted optical disk | |
| CN111143879A (en) | Android platform SD card file protection method, terminal device and storage medium | |
| CN109995526A (en) | A kind of storage method of key and the call method and device of device, key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent for invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 518000 Guangdong city of Shenzhen province Nanshan District Xili Street Xueyuan Road No. 1001 Chi Park B1 building 7 layer, 8 layer, 10 layer Applicant after: SHENZHEN AUTEL TECHNOLOGY CO., LTD. Address before: 518000 Guangdong city of Shenzhen province Nanshan District Xili town tea light road on the south side of Shenzhen integrated circuit design and application of Industrial Park 106, 107, 109, 114 Applicant before: Shenzhen Autel Technology Co., Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180110 Address after: 410000 Hunan province Changsha City Lugu high tech Development Zone, Road No. 662 Building No. 558 Software Center Patentee after: Hunan Provincial Highway Technology Co., Ltd. Address before: 518000 Shenzhen Nanshan District City Xili Street Xueyuan Road No. 1001 Chi Park B1 building 7 layer, 8 layer, 10 layer Patentee before: SHENZHEN AUTEL TECHNOLOGY CO., LTD. |
|
| TR01 | Transfer of patent right |