Summary of the invention
In view of the above problems, the present invention is proposed to provide a kind of a kind of method and apparatus and APK reinforcing client and server reinforcing APK overcoming the problems referred to above or solve the problem at least in part.
According to one aspect of the present invention, provide a kind of method of reinforcing APK, the method comprises:
Obtain the Java code that at least one method treated in reinforcing APK is corresponding;
Java code corresponding at least one method described is converted respectively to the Native C code reflecting accordingly and call.
Alternatively, the described Java code obtaining at least one method treated in reinforcing APK corresponding comprises:
Wait that reinforcing APK carries out Java code corresponding to decompiling acquisition at least one method wherein to described.
Alternatively, Java code corresponding at least one method described is converted to respectively reflect the Native C code called accordingly and comprise:
The Java code corresponding to method carries out semanteme and resolves, and reflects the Native C code called, then compile Native C code according to semantic analysis result structure.
Alternatively, the described Java code corresponding to method carries out semanteme and resolves, and reflects the Native C code called comprise according to semantic analysis result structure:
Java code compilation corresponding for the method is become smali code, smali code is decompiled into a kind of intermediate language, then convert described intermediate language to Native C code.
Alternatively, described intermediate language is a kind of instruction set be made up of tlv triple instruction, and a tlv triple instruction comprises: the destination address of source address, operation and the type of operation.
Alternatively, the method comprises further:
Native C code after conversion in described APK is encrypted.
Alternatively, the method comprises further:
Obtain and wait to reinforce the ELF file in APK, carry out decompiling;
According to encryption beginning label and encryption end mark, from the ELF file of described decompiling, extract one or more snippets code to be protected, and a Hook Function is arranged to each extracting position; Wherein the reference position of every section of code to be protected and end position have encryption beginning label and encryption end mark respectively;
After being encrypted by one or more snippets code extracted, put into specified file;
Added to by described specified file in the APK of described decompiling, compiling generates reinforces APK;
Wherein, described reinforcing APK run process in, by arrange Hook Function learn need run protected one section of code time, from described specified file, decrypt this section of code; and when this section of code runs complete, again this section of code is encrypted.
Alternatively, described being encrypted by one or more snippets code extracted comprises:
VM carries out to the one end extracted or multistage code virtual; Or/and, sectional encryption is carried out to the one end extracted or multistage code; Or/and, Code obfuscation is carried out to the one end extracted or multistage code; Or/and, to the one end extracted or multistage code is counter debugs process.
Alternatively, described one or more snippets code extracted is encrypted after, put into specified file and comprise:
After being encrypted by one or more snippets code extracted, put into the afterbody of SO file.
Alternatively, said method is by the client executing being positioned at end side;
Or, obtain APK to be reinforced by the client being positioned at end side and upload onto the server, perform said method by server.
According to another aspect of the present invention, provide a kind of device reinforcing APK, this device comprises:
Acquiring unit, is suitable for obtaining the Java code that at least one method treated in reinforcing APK is corresponding;
Converting unit, is suitable for Java code corresponding at least one method described being converted respectively to the Native C code reflecting accordingly and call.
Alternatively, described acquiring unit, is suitable for waiting that reinforcing APK carries out Java code corresponding to decompiling acquisition at least one method wherein to described.
Alternatively, described converting unit, is suitable for the Java code corresponding to method and carries out semanteme and resolve, reflect the Native C code called, then compile Native C code according to semantic analysis result structure.
Alternatively, described converting unit, is suitable for Java code compilation corresponding for the method to become smali code, smali code is decompiled into a kind of intermediate language, then converts described intermediate language to Native C code.
Alternatively, the described intermediate language that described converting unit adopts is a kind of instruction set be made up of tlv triple instruction, and a tlv triple instruction comprises: the destination address of source address, operation and the type of operation.
Alternatively, this device comprises further:
Ciphering unit, is suitable for the Native C code after to the conversion in described APK and is encrypted.
Alternatively, this device comprises further: add compilation unit;
Described acquiring unit, is further adapted for obtain and waits to reinforce the ELF file in APK, carry out decompiling; And be suitable for, according to encryption beginning label and encryption end mark, from the ELF file of described decompiling, extracting one or more snippets code to be protected, and arranging a Hook Function to each extracting position; Wherein the reference position of every section of code to be protected and end position have encryption beginning label and encryption end mark respectively;
Described ciphering unit, is further adapted for after being encrypted by one or more snippets code extracted, puts into specified file;
Described interpolation compilation unit, is suitable for described specified file to add in the APK of described decompiling, and compiling generates reinforces APK;
Wherein, described reinforcing APK run process in, by arrange Hook Function learn need run protected one section of code time, from described specified file, decrypt this section of code; and when this section of code runs complete, again this section of code is encrypted.
Alternatively, described ciphering unit, is suitable for carrying out VM to the one end extracted or multistage code virtual; Or/and, be suitable for carrying out sectional encryption to the one end extracted or multistage code; Or/and, be suitable for carrying out Code obfuscation to the one end extracted or multistage code; Or/and, be suitable for the one end extracted or multistage code is counter debugs process.
Alternatively, described ciphering unit, after being suitable for one or more snippets code extracted to be encrypted, puts into the afterbody of SO file
According to another aspect of the present invention, provide a kind of APK and reinforce client, this client comprises the device of the reinforcing APK as above described in any one.
According to another aspect of the invention, provide a kind of APK and reinforce server, this server comprises the device of the reinforcing APK as above described in any one.
From the above, technical scheme provided by the invention is by converting the Native C code reflecting and call to by the Java code in APK, achieve the method call of the Native C method call of Java being converted into reciprocity grammer, when a method is called, the code realizing calling is Native C code instead of original Java code.Compared with Java code; put the process that there is not self reduction at any time; and the cost of reverse Native C code is very high; and the protected mode of Native C code is a lot; greatly reduce APK and be disassembled analysis; and then beat again the possibility that bag distributes again, improve the safe class of APK.
Above-mentioned explanation is only the general introduction of technical solution of the present invention, in order to technological means of the present invention can be better understood, and can be implemented according to the content of instructions, and can become apparent, below especially exemplified by the specific embodiment of the present invention to allow above and other objects of the present invention, feature and advantage.
Embodiment
Below with reference to accompanying drawings exemplary embodiment of the present disclosure is described in more detail.Although show exemplary embodiment of the present disclosure in accompanying drawing, however should be appreciated that can realize the disclosure in a variety of manners and not should limit by the embodiment set forth here.On the contrary, provide these embodiments to be in order to more thoroughly the disclosure can be understood, and complete for the scope of the present disclosure can be conveyed to those skilled in the art.
Fig. 1 shows a kind of according to an embodiment of the invention process flow diagram reinforcing the method for APK.As shown in Figure 1, the method comprises:
Step S110, obtains the Java code that at least one method treated in reinforcing APK is corresponding.
Step S120, converts the Native C code reflecting accordingly and call respectively to by Java code corresponding at least one method.
Visible, method shown in Fig. 1 is by converting the Native C code reflecting and call to by the Java code in APK, achieve the method call of the Native C method call of Java being converted into reciprocity grammer, when a method is called, the code realizing calling is Native C code instead of original Java code.Compared with Java code; put the process that there is not self reduction at any time; and the cost of reverse Native C code is very high; and the protected mode of Native C code is a lot; greatly reduce APK and be disassembled analysis; and then beat again the possibility that bag distributes again, improve the safe class of APK.
In one embodiment of the invention, the Java code that the step S110 of method shown in Fig. 1 obtains at least one method treated in reinforcing APK corresponding comprises: treat reinforcing APK and carry out Java code corresponding to decompiling acquisition at least one method wherein.
In one embodiment of the invention, Java code corresponding at least one method converts to and reflects the Native C code called accordingly and comprise by the step S120 of method shown in Fig. 1 respectively: the Java code corresponding to method carries out semanteme and resolve, reflect according to semantic analysis result structure the NativeC code called, then Native C code is compiled.The equity of the method that this process implementation Java calls and the method that NativeC calls transforms, and ensures the validity being reinforced rear APK n-back test.
In a specific embodiment, the Java code corresponding to method carries out semanteme and resolves, reflecting according to semantic analysis result structure the Native C code called can be specifically: Java code compilation corresponding for the method is become smali code, smali code is decompiled into a kind of intermediate language, then converts described intermediate language to Native C code.Wherein, intermediate language can be a kind of instruction set be made up of tlv triple instruction, and a tlv triple instruction comprises: the destination address of source address, operation and the type of operation.
After the Java code that method is corresponding converts the Native C code reflecting accordingly and call to, in order to improve safe class further, in one embodiment of the invention, the method shown in Fig. 1 comprises further: be encrypted the Native C code after the conversion in APK.Compared to Java code, the cipher mode of Native C code is varied, further increases the difficulty of dis-assembling.
In some embodiments of the invention, said method is by the client executing being positioned at end side; Or, in other embodiments of the present invention, obtain APK to be reinforced by the client being positioned at end side and upload onto the server, perform said method by server.Like this, developer both can reinforce APK in client, also can reinforce APK at server end, had suitable dirigibility.
Fig. 2 shows a kind of in accordance with another embodiment of the present invention process flow diagram reinforcing the method for APK.As shown in Figure 2, the method comprises:
Step S210, obtains and waits to reinforce the ELF file in APK, carry out decompiling.
In this step, ELF file is the executable file format in android system, also comprises .so or .o class file.
Step S220, according to encryption beginning label and encryption end mark, extracts one or more snippets code to be protected, and arranges a Hook Function to each extracting position from the ELF file of decompiling.
In this step; the reference position of every section of code to be protected and end position have encryption beginning label and encryption end mark respectively; this mark is used for any information or metadata to associate with program element, and itself can not perform source code and produce any impact.
Step S230, after being encrypted by one or more snippets code extracted, puts into specified file.
Step S240, adds in the APK of described decompiling by specified file, compiling generates reinforces APK.
The operational process of the reinforcing APK obtained through said process is as follows: in the process run; by arrange Hook Function learn need run protected one section of code time; this section of code is decrypted from specified file; and when this section of code runs complete, again this section of code is encrypted.Realize the dynamic encryption and decryption treating protecting code, make any time in internal memory there is not the reflection of complete source code, thus prevent APK by reverse reduction.
In one embodiment of the invention, one or more snippets code extracted is encrypted and comprises by the step S230 of method shown in Fig. 2: carry out VM to the one end extracted or multistage code virtual; Or/and, sectional encryption is carried out to the one end extracted or multistage code; Or/and, Code obfuscation is carried out to the one end extracted or multistage code; Or/and, to the one end extracted or multistage code is counter debugs process.Wherein, VM is virtual to be referred to presumptive instruction virtual, converts the instruction of third-party virtual machine to, APK by reverse time, the reverse result obtained is this virtualization instructions instead of presumptive instruction.
In one embodiment of the invention, the step S230 of method shown in Fig. 2, after being encrypted by one or more snippets code extracted, puts into the afterbody of SO file.
Method described in Fig. 2 makes APK developer that encryption beginning label and encryption end mark can be utilized to mark one or more snippets code needing to carry out.There is provided the server of encryption can be encrypted by the code to correspondent section according to encryption beginning label and encryption end mark.And one or more snippets code extracts and is placed in specified file after encrypting by the method shown in Fig. 2, wait that needing to run this section of code is just be decrypted, and encryption is re-started again after this section of code runs, be engraved in the complete dump that there is not this APK in internal memory when making any, make cracker cannot obtain complete dump.
Fig. 3 shows a kind of according to an embodiment of the invention schematic diagram reinforcing the device of APK.As shown in Figure 3, the device 300 of this reinforcing APK comprises:
Acquiring unit 310, is suitable for obtaining the Java code that at least one method treated in reinforcing APK is corresponding;
Converting unit 320, is suitable for Java code corresponding at least one method being converted respectively to the Native C code reflecting accordingly and call.
Visible, device shown in Fig. 3 is cooperatively interacted by each unit, Java code in APK is converted to the Native C code reflecting and call, achieve the method call of the Native C method call of Java being converted into reciprocity grammer, when a method is called, the code realizing calling is Native C code instead of original Java code.Compared with Java code, the cost of reverse Native C code is very high, and the protected mode of Native C code is a lot, greatly reduces APK and is disassembled analysis, and then beats again the possibility that bag distributes again, improves the safe class of APK.
In one embodiment of the invention, the acquiring unit 310 of Fig. 3 shown device, is suitable for treating reinforcing APK and carries out Java code corresponding to decompiling acquisition at least one method wherein.
In one embodiment of the invention, the converting unit 320 of Fig. 3 shown device, is suitable for the Java code corresponding to method and carries out semanteme and resolve, reflect the Native C code called, then compile Native C code according to semantic analysis result structure.The equity of converting unit 320 method that Java calls at this process implementation and the method that Native C calls transforms, and ensures the validity being reinforced rear APK n-back test.
In a specific embodiment, the Java code corresponding to method carries out semanteme and resolves, the process of the Native C code called is reflected specifically: converting unit 320 according to semantic analysis result structure, Java code compilation corresponding for the method is suitable for become smali code, smali code is decompiled into a kind of intermediate language, converts described intermediate language to Native C code.Wherein, intermediate language is a kind of instruction set be made up of tlv triple instruction, and a tlv triple instruction comprises: the destination address of source address, operation and the type of operation.
Fig. 4 shows a kind of in accordance with another embodiment of the present invention schematic diagram reinforcing the device of APK.As shown in Figure 4, the device 400 of this reinforcing APK comprises: acquiring unit 410, converting unit 420 and ciphering unit 430.
Wherein, acquiring unit 410, converting unit 420 are corresponding identical with the acquiring unit 310 of Fig. 3 shown device, converting unit 320 respectively, do not repeat them here.
Ciphering unit 430, is suitable for the Native C code after to the conversion in described APK and is encrypted.
Compared to Java code, the cipher mode of Native C code is more various, increases reverse difficulty further, prevents the leakage of APK key message.
Fig. 5 shows a kind of schematic diagram reinforcing the device of APK according to another embodiment of the present invention.As shown in Figure 5, the device 500 of this reinforcing APK comprises: acquiring unit 510, ciphering unit 520 and interpolation compilation unit 530.
Acquiring unit 510, is suitable for obtaining and waits to reinforce the ELF file in APK, carry out decompiling; And be suitable for, according to encryption beginning label and encryption end mark, from the ELF file of decompiling, extracting one or more snippets code to be protected, and arranging a Hook Function to each extracting position.
Wherein the reference position of every section of code to be protected and end position have encryption beginning label and encryption end mark respectively.
Ciphering unit 520, after being suitable for one or more snippets code extracted to be encrypted, puts into specified file.
Add compilation unit 530, be suitable for specified file to add in the APK of described decompiling, compiling generates reinforces APK.
The reinforcing APK obtained after the device shown in Fig. 5 is reinforced; run process in, by arrange Hook Function learn need run protected one section of code time, from specified file, decrypt this section of code; and when this section of code runs complete, again this section of code is encrypted.Realize the dynamic encryption and decryption treating protecting code, make any time in internal memory there is not the reflection of complete source code, thus prevent APK by reverse reduction.
In one embodiment of the invention, ciphering unit 520, is suitable for carrying out VM to the one end extracted or multistage code virtual; Or/and, be suitable for carrying out sectional encryption to the one end extracted or multistage code; Or/and, be suitable for carrying out Code obfuscation to the one end extracted or multistage code; Or/and, be suitable for the one end extracted or multistage code is counter debugs process.
In one embodiment of the invention, ciphering unit 520, after being suitable for one or more snippets code extracted to be encrypted, puts into the afterbody of SO file.
In one embodiment of the present of invention, additionally provide a kind of device reinforcing APK comprising Fig. 3 and Fig. 5 shown device, acquiring unit 310 wherein and acquiring unit 510 are same unit.In an alternative embodiment of the invention, additionally provide a kind of device reinforcing APK comprising device described in Fig. 4 and Fig. 5, acquiring unit 410 wherein and acquiring unit 510 are same unit.
Fig. 6 shows the schematic diagram that a kind of according to an embodiment of the invention APK reinforces client.As shown in Figure 6, this APK reinforces the device 610 that client comprises reinforcing APK.The device 610 of this reinforcing APK can be the device as the reinforcing APK above as described in any embodiment.
Fig. 7 shows the schematic diagram that a kind of according to an embodiment of the invention APK reinforces server.As shown in Figure 7, this APK reinforces the device 710 that server comprises reinforcing APK.The device 710 of this reinforcing APK can be the device as the reinforcing APK above as described in any embodiment.
In sum, technical scheme provided by the invention is by converting the Native C code reflecting and call to by the Java code in APK, achieve the method call of the NativeC method call of Java being converted into reciprocity grammer, when a method is called, the code realizing calling is Native C code instead of original Java code.And by being encrypted the Native C code after conversion, realize the further protection to NativeC code.Compared with Java code, the cost of reverse Native C code is very high, and the protected mode of Native C code is a lot, greatly reduces APK and is disassembled analysis, and then beats again the possibility that bag distributes again, improves the safe class of APK.
It should be noted that:
Intrinsic not relevant to any certain computer, virtual bench or miscellaneous equipment with display at this algorithm provided.Various fexible unit also can with use based on together with this teaching.According to description above, the structure constructed required by this kind of device is apparent.In addition, the present invention is not also for any certain programmed language.It should be understood that and various programming language can be utilized to realize content of the present invention described here, and the description done language-specific is above to disclose preferred forms of the present invention.
In instructions provided herein, describe a large amount of detail.But can understand, embodiments of the invention can be put into practice when not having these details.In some instances, be not shown specifically known method, structure and technology, so that not fuzzy understanding of this description.
Similarly, be to be understood that, in order to simplify the disclosure and to help to understand in each inventive aspect one or more, in the description above to exemplary embodiment of the present invention, each feature of the present invention is grouped together in single embodiment, figure or the description to it sometimes.But, the method for the disclosure should be construed to the following intention of reflection: namely the present invention for required protection requires feature more more than the feature clearly recorded in each claim.Or rather, as claims below reflect, all features of disclosed single embodiment before inventive aspect is to be less than.Therefore, the claims following embodiment are incorporated to this embodiment thus clearly, and wherein each claim itself is as independent embodiment of the present invention.
Those skilled in the art are appreciated that and adaptively can change the module in the equipment in embodiment and they are arranged in one or more equipment different from this embodiment.Module in embodiment or unit or assembly can be combined into a module or unit or assembly, and multiple submodule or subelement or sub-component can be put them in addition.Except at least some in such feature and/or process or unit be mutually repel except, any combination can be adopted to combine all processes of all features disclosed in this instructions (comprising adjoint claim, summary and accompanying drawing) and so disclosed any method or equipment or unit.Unless expressly stated otherwise, each feature disclosed in this instructions (comprising adjoint claim, summary and accompanying drawing) can by providing identical, alternative features that is equivalent or similar object replaces.
In addition, those skilled in the art can understand, although embodiments more described herein to comprise in other embodiment some included feature instead of further feature, the combination of the feature of different embodiment means and to be within scope of the present invention and to form different embodiments.Such as, in the following claims, the one of any of embodiment required for protection can use with arbitrary array mode.
All parts embodiment of the present invention with hardware implementing, or can realize with the software module run on one or more processor, or realizes with their combination.It will be understood by those of skill in the art that the some or all functions that microprocessor or digital signal processor (DSP) can be used in practice to realize reinforcing according to the device of the reinforcing APK of the embodiment of the present invention and APK the some or all parts in client and server.The present invention can also be embodied as part or all equipment for performing method as described herein or device program (such as, computer program and computer program).Realizing program of the present invention and can store on a computer-readable medium like this, or the form of one or more signal can be had.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or provides with any other form.
The present invention will be described instead of limit the invention to it should be noted above-described embodiment, and those skilled in the art can design alternative embodiment when not departing from the scope of claims.In the claims, any reference symbol between bracket should be configured to limitations on claims.Word " comprises " not to be got rid of existence and does not arrange element in the claims or step.Word "a" or "an" before being positioned at element is not got rid of and be there is multiple such element.The present invention can by means of including the hardware of some different elements and realizing by means of the computing machine of suitably programming.In the unit claim listing some devices, several in these devices can be carry out imbody by same hardware branch.Word first, second and third-class use do not represent any order.Can be title by these word explanations.
The invention discloses A1, a kind of method of reinforcing APK, wherein, the method comprises:
Obtain the Java code that at least one method treated in reinforcing APK is corresponding;
Java code corresponding at least one method described is converted respectively to the Native C code reflecting accordingly and call.
A2, method as described in A1, wherein, the described Java code waiting to reinforce at least one method in APK corresponding that obtains comprises:
Wait that reinforcing APK carries out Java code corresponding to decompiling acquisition at least one method wherein to described.
A3, method as described in A1, wherein, convert to Java code corresponding at least one method described respectively and reflect the Native C code called accordingly and comprise:
The Java code corresponding to method carries out semanteme and resolves, and reflects the Native C code called, then compile Native C code according to semantic analysis result structure.
A4, method as described in A3, wherein, the described Java code corresponding to method carries out semanteme and resolves, and reflects the Native C code called comprise according to semantic analysis result structure:
Java code compilation corresponding for the method is become smali code, smali code is decompiled into a kind of intermediate language, then convert described intermediate language to Native C code.
A5, method as described in A4, wherein,
Described intermediate language is a kind of instruction set be made up of tlv triple instruction, and a tlv triple instruction comprises: the destination address of source address, operation and the type of operation.
A6, method as described in A1, wherein, the method comprises further:
Native C code after conversion in described APK is encrypted.
A7, method as described in A1, wherein, the method comprises further:
Obtain and wait to reinforce the ELF file in APK, carry out decompiling;
According to encryption beginning label and encryption end mark, from the ELF file of described decompiling, extract one or more snippets code to be protected, and a Hook Function is arranged to each extracting position; Wherein the reference position of every section of code to be protected and end position have encryption beginning label and encryption end mark respectively;
After being encrypted by one or more snippets code extracted, put into specified file;
Added to by described specified file in the APK of described decompiling, compiling generates reinforces APK;
Wherein, described reinforcing APK run process in, by arrange Hook Function learn need run protected one section of code time, from described specified file, decrypt this section of code; and when this section of code runs complete, again this section of code is encrypted.
A8, method as described in A7, wherein, described being encrypted by one or more snippets code extracted comprises:
VM carries out to the one end extracted or multistage code virtual; Or/and, sectional encryption is carried out to the one end extracted or multistage code; Or/and, Code obfuscation is carried out to the one end extracted or multistage code; Or/and, to the one end extracted or multistage code is counter debugs process.
A9, method as described in A7, wherein, described one or more snippets code extracted is encrypted after, put into specified file and comprise:
After being encrypted by one or more snippets code extracted, put into the afterbody of SO file.
A10, method according to any one of A1-A9, wherein,
Said method is by the client executing being positioned at end side;
Or, obtain APK to be reinforced by the client being positioned at end side and upload onto the server, perform said method by server.
The invention discloses B11, a kind of device reinforcing APK, wherein, this device comprises:
Acquiring unit, is suitable for obtaining the Java code that at least one method treated in reinforcing APK is corresponding;
Converting unit, is suitable for Java code corresponding at least one method described being converted respectively to the Native C code reflecting accordingly and call.
B12, device as described in B11, wherein,
Described acquiring unit, is suitable for waiting that reinforcing APK carries out Java code corresponding to decompiling acquisition at least one method wherein to described.
B13, device as described in B11, wherein,
Described converting unit, is suitable for the Java code corresponding to method and carries out semanteme and resolve, reflect the Native C code called, then compile Native C code according to semantic analysis result structure.
B14, device as described in B13, wherein,
Described converting unit, is suitable for Java code compilation corresponding for the method to become smali code, smali code is decompiled into a kind of intermediate language, then converts described intermediate language to Native C code.
B15, device as described in B14, wherein,
The described intermediate language that described converting unit adopts is a kind of instruction set be made up of tlv triple instruction, and a tlv triple instruction comprises: the destination address of source address, operation and the type of operation.
B16, device as described in B11, wherein, this device comprises further:
Ciphering unit, is suitable for the Native C code after to the conversion in described APK and is encrypted.
B17, device as described in B11, wherein, this device comprises further: add compilation unit and ciphering unit;
Described acquiring unit, is further adapted for obtain and waits to reinforce the ELF file in APK, carry out decompiling; And be suitable for, according to encryption beginning label and encryption end mark, from the ELF file of described decompiling, extracting one or more snippets code to be protected, and arranging a Hook Function to each extracting position; Wherein the reference position of every section of code to be protected and end position have encryption beginning label and encryption end mark respectively;
Described ciphering unit, is further adapted for after being encrypted by one or more snippets code extracted, puts into specified file;
Described interpolation compilation unit, is suitable for described specified file to add in the APK of described decompiling, and compiling generates reinforces APK;
Wherein, described reinforcing APK run process in, by arrange Hook Function learn need run protected one section of code time, from described specified file, decrypt this section of code; and when this section of code runs complete, again this section of code is encrypted.
B18, device as described in B17, wherein,
Described ciphering unit, is suitable for carrying out VM to the one end extracted or multistage code virtual; Or/and, be suitable for carrying out sectional encryption to the one end extracted or multistage code; Or/and, be suitable for carrying out Code obfuscation to the one end extracted or multistage code; Or/and, be suitable for the one end extracted or multistage code is counter debugs process.
B19, device as described in B17, wherein,
Described ciphering unit, after being suitable for one or more snippets code extracted to be encrypted, puts into the afterbody of SO file
The invention discloses C20, a kind of APK and reinforce client, wherein, this client comprises the device of the reinforcing APK according to any one of B11-B19.
The invention also discloses D21, a kind of APK and reinforce server, wherein, this server comprises the device of the reinforcing APK according to any one of B11-B19.