CN104751049A - Application program installing method and mobile terminal - Google Patents
Application program installing method and mobile terminal Download PDFInfo
- Publication number
- CN104751049A CN104751049A CN201510102762.7A CN201510102762A CN104751049A CN 104751049 A CN104751049 A CN 104751049A CN 201510102762 A CN201510102762 A CN 201510102762A CN 104751049 A CN104751049 A CN 104751049A
- Authority
- CN
- China
- Prior art keywords
- application program
- test value
- proof test
- attribute information
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000009434 installation Methods 0.000 claims description 90
- 230000005540 biological transmission Effects 0.000 claims description 12
- 238000004364 calculation method Methods 0.000 abstract description 3
- 238000012795 verification Methods 0.000 abstract 7
- 238000004422 calculation algorithm Methods 0.000 description 23
- 238000004590 computer program Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
Landscapes
- Stored Programmes (AREA)
Abstract
The embodiment of the invention provides an application program installing method and a mobile terminal. The method comprises the following steps that a verification request carrying attribute information of an application program to be installed is transmitted to a server so that the server can search for a first verification value corresponding to the attribute information of the application program to be installed; when the first verification value exists in the server, the first verification value transmitted by the server is obtained, and a second verification value is obtained through calculation according to the application program to be installed; when the first verification value is the same as the second verification value, the application program to be installed is installed. According to the method, the application program can be prevented from being tampered, and the safety of the mobile terminal is improved.
Description
Technical field
The present invention relates to technical field of mobile terminals, be specifically related to a kind of application program installation method and mobile terminal.
Background technology
Along with on mobile terminal, application program kind gets more and more, and the safety problem of the installation kit of application program is day by day remarkable, and the installation kit that lawless person's malice distorts application program makes the system of mobile terminal, data are in danger.The main mode of signature that adopts prevents lawless person's malice from distorting the installation kit of application program at present, its specific implementation process is, after destination application compiling generates installation kit, computing is carried out to all paths in installation kit and file and obtains a unique eigenwert A, then with the private key of developer, computing is encrypted to eigenwert A and obtains cryptographic calculation result B, eigenwert A and encryption operation result B are kept in installation kit, when the installation kit of installation targets application program, cryptographic calculation result B is decrypted, if the result after deciphering is consistent with eigenwert A, then think that installation kit is not tampered, allow to install on mobile terminals.
But, once the private key of developer is revealed, lawless person just can utilize the signature of the private key of leakage to any installation kit to modify thus obtain authority corresponding to signature, just can steal arbitrarily data in mobile terminal if lawless person obtains System Privileges, destroy system file, the safety of serious threat mobile terminal.
Summary of the invention
The embodiment of the present invention provides a kind of application program installation method and mobile terminal, and application program can be avoided to be tampered, and improves the security of mobile terminal.
Embodiment of the present invention first aspect provides a kind of application program installation method, can comprise:
Transmission carries the checking request of the attribute information of application program to be installed to server, with the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed;
When there is described first proof test value in described server, obtaining described first proof test value that described server sends, and obtaining the second proof test value according to described application computes to be installed;
When described second proof test value is identical with described first proof test value, described application program to be installed is installed.
Embodiment of the present invention second aspect provides a kind of mobile terminal, can comprise:
Transmitting element, for sending the checking request of the attribute information carrying application program to be installed to server, with the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed;
Computing unit, for when there is described first proof test value in described server, obtaining described first proof test value that described server sends, and obtaining the second proof test value according to described application computes to be installed;
Installation unit, for when described second proof test value is identical with described first proof test value, installs described application program to be installed.
In embodiments of the present invention, by sending the checking request carrying the attribute information of application program to be installed to server, make the first proof test value that whois lookup is corresponding with the attribute information of application program to be installed, when there is the first proof test value in server, obtain the first proof test value of server transmission and obtain the second proof test value according to application computes to be installed, when the first proof test value is identical with the second test value, application program to be installed is installed, can guarantee that the application program of installing is not tampered, prevent lawless person from obtaining data in mobile terminal, improve the security of mobile terminal.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
The schematic flow sheet of a kind of application program installation method that Fig. 1 provides for the embodiment of the present invention;
The schematic flow sheet of the another kind of application program installation method that Fig. 2 provides for the embodiment of the present invention;
The structural representation of a kind of mobile terminal that Fig. 3 provides for the embodiment of the present invention;
The structural representation of the another kind of mobile terminal that Fig. 4 provides for the embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
A kind of application program installation method that the embodiment of the present invention provides and mobile terminal can be applied to the scene that user downloaded and installed, upgraded the installation kit of application program on mobile terminals, mobile terminal is by the scene etc. of the installation kit downloading and installing, upgrade application program that is connected with computer, guarantee that the application program of installing is not tampered, prevent lawless person from obtaining System Privileges by the signature revising application program and steal data in mobile terminal, improve the security of mobile terminal.
The mobile terminal that the embodiment of the present invention provides can include but not limited to the electronic equipments such as mobile phone, PAD (panel computer), intelligent wearable device, and the system of mobile terminal can include but not limited to android system, Saipan system, Windows system, IOS (Mobile operating system of Apple's exploitation) system etc.It should be noted that, Android terminal refers to the terminal of android system, and Saipan terminal refers to the terminal of Saipan system, etc.
The application program installation method provided below in conjunction with accompanying drawing 1 and accompanying drawing 2 pairs of embodiment of the present invention describes in detail.
Refer to Fig. 1, be the schematic flow sheet of a kind of application program installation method that the embodiment of the present invention provides, the method can comprise step S101-step S103.
S101, transmission carries the checking request of the attribute information of application program to be installed to server, with the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed.
Concrete, before execution step S101, mobile terminal receives the installation instruction of application program to be installed and obtains the attribute information of described application program to be installed according to described installation instruction, described attribute information is the installation kit signing messages of application program, comprises the signature type of application program, bag name and version number information.For android system, android system requires that each Android application program just can must be installed in system through digital signature, if the signature type of certain application program is platform, then show that this application program is system application, this application program can obtain System Privileges, and the application program of acquisition System Privileges can check arbitrarily the data in mobile terminal.
Server stores in the embodiment of the present invention the attribute information of each application program at least one application program and at least one application program described, described server adopts particular verified algorithm, such as message digest algorithm 5 (MD5, Message-Digest Algorithm 5), the proof test value obtaining each application program described is calculated to the installation kit data of each application program at least one application program described, and preserves the proof test value of each application program described.
When described mobile terminal receives described installation instruction, the attribute information of application program to be installed described in described acquisition for mobile terminal also sends checking request to described server, and described checking request carries the attribute information of described application program to be installed.Described server searches the attribute information of application program described to be installed entrained in described checking request in the attribute information of each application program stored, after the attribute information finding application program described to be installed entrained in described checking request, can obtain further with described verify ask in corresponding the first proof test value of the attribute information of entrained application program described to be installed, described first proof test value is the proof test value corresponding with the attribute information of described application program to be installed adopting described particular verified algorithm to precompute by described server.Such as, it is platform, bag A by name that described checking asks the attribute information of the application program described to be installed of carrying to comprise signature type, version number is B, it is platform, bag A by name that described server searches signature type in the attribute information of each application program stored, version number is the attribute information of B, if described whois lookup is to this attribute information, then obtain first proof test value corresponding with this attribute information.
S102, when there is described first proof test value in described server, obtaining described first proof test value that described server sends, and obtaining the second proof test value according to described application computes to be installed.
Concrete, if store the attribute information of described application program to be installed and described application program to be installed in described server, described server just can obtain and adopt the attribute information of described particular verified algorithm to described application program to be installed to precalculate to obtain the first proof test value; If there is not the attribute information of described application program to be installed or described application program to be installed in described server, also first proof test value corresponding with the attribute information of described application program to be installed just can not be found in described server, described server just can send invalid information to described mobile terminal, and described mobile terminal just can stop installing described application program to be installed according to described invalid information.When there is described first proof test value in described server, be understandable that in described server to there is described application program to be installed, described first proof test value is sent to described mobile terminal by described server.Described first test value that server described in described acquisition for mobile terminal sends, and use the particular verified algorithm installation kit data to described to be installed application program identical with described server to calculate the second proof test value.
S103, when described second proof test value is identical with described first proof test value, installs described application program to be installed.
Concrete, described second proof test value may be identical with described first proof test value, also may not be identical.When described second proof test value is identical with described first proof test value, illustrate that the installation kit data belonging to the attribute information corresponding to described first proof test value that the installation kit data of the application program described to be installed on described mobile terminal and described server store are identical, be understandable that the installation kit data of the application program described to be installed on described mobile terminal were not tampered, described application program to be installed is application program legal safely; When described second proof test value is not identical with described first proof test value, illustrate that the installation kit data belonging to attribute information corresponding to described first proof test value that the installation kit data of the application program described to be installed on described mobile terminal and described server store are inconsistent, be understandable that the installation kit data of the application program described to be installed on described mobile terminal were tampered, described application program to be installed may threaten the safety of described mobile terminal.When described second proof test value is identical with described first proof test value, illustrate that the application program described to be installed on described mobile terminal is application program legal safely, described mobile terminal allows to install described application program to be installed and the installation completed described application program to be installed.Such as, if the first proof test value that the installation kit data of described server to described application program to be installed calculate is M, the second test value that described mobile terminal calculates also is M, then described mobile terminal allows to install described application program to be installed and the installation completed described application program to be installed.
In embodiments of the present invention, by sending the checking request carrying the attribute information of application program to be installed to server, make the first proof test value that whois lookup is corresponding with the attribute information of application program to be installed, when there is the first proof test value in server, obtain the first proof test value of server transmission and obtain the second proof test value according to application computes to be installed, when the first proof test value is identical with the second test value, application program to be installed is installed, can guarantee that the application program of installing is not tampered, prevent lawless person from obtaining data in mobile terminal, improve the security of mobile terminal.
Refer to Fig. 2, be the schematic flow sheet of the another kind of application program installation method that the embodiment of the present invention provides, the method can comprise step S201-step S209.
S201, transmission carries the checking request of the attribute information of application program to be installed to server, with the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed.
Server stores in the embodiment of the present invention the attribute information of each application program at least one application program and at least one application program described, described server adopts particular verified algorithm, such as message digest algorithm 5, the proof test value obtaining each application program described is calculated to the installation kit data of each application program at least one application program described, and preserves the proof test value of each application program described.
Concrete, before execution step S201, mobile terminal receives the installation instruction of application program to be installed and obtains the attribute information of described application program to be installed according to described installation instruction, described attribute information is the installation kit signing messages of application program, comprises the signature type of application program, bag name and version number information.For android system, android system requires that each Android application program just can must be installed in system through digital signature, if the signature type of certain application program is platform, then show that this application program is system application, this application program can obtain System Privileges, and the application program of acquisition System Privileges can check arbitrarily the data in mobile terminal.
When described mobile terminal receives described installation instruction, the attribute information of application program to be installed described in described acquisition for mobile terminal also sends checking request to described server, and described checking request carries the attribute information of described application program to be installed.Described server searches the attribute information of application program described to be installed entrained in described checking request in the attribute information of each application program stored, after the attribute information finding application program described to be installed entrained in described checking request, can obtain further with described verify ask in corresponding the first proof test value of the attribute information of entrained application program described to be installed, described first proof test value is the proof test value corresponding with the attribute information of described application program to be installed adopting described particular verified algorithm to precompute by described server.Such as, it is platform, bag A by name that described checking asks the attribute information of the application program described to be installed of carrying to comprise signature type, version number is B, it is platform, bag A by name that described server searches signature type in the attribute information of each application program stored, version number is the attribute information of B, if described whois lookup is to this attribute information, then obtain first proof test value corresponding with this attribute information.
S202, judges whether there is described first proof test value in described server.
Concrete, if store the attribute information of described application program to be installed and described application program to be installed in described server, described server just can obtain and adopt the attribute information of described particular verified algorithm to described application program to be installed to precalculate to obtain the first proof test value; If there is not the attribute information of described application program to be installed or described application program to be installed in described server, in described server, also first proof test value corresponding with the attribute information of described application program to be installed just can not be found.Therefore described mobile terminal needs to judge whether there is described first proof test value in described server.
S203, when the result judged is as being, obtains described first proof test value that described server sends.
Concrete, when the result judged that execution step S202 obtains is as being, be understandable that in described server to there is described first proof test value, described first proof test value is sent to described mobile terminal by described server, described first proof test value that server described in described acquisition for mobile terminal sends.
S204, when the result judged is no, obtains the invalid information that described server sends, and stops installing described application program to be installed according to described invalid information.
Concrete, when the result performing the judgement that step S202 obtains is no, be understandable that in described server the attribute information that there is not described application program to be installed or described application program to be installed, also first proof test value corresponding with the attribute information of described application program to be installed just can not be found in described server, described server just can send invalid information to described mobile terminal, and described mobile terminal just can stop installing described application program to be installed according to described invalid information.
S205, judges whether described first proof test value is illegal value.
Concrete, in at least one application program stored in described server, the attribute information of each application program can also comprise the attribute information of unauthorized applications, the proof test value corresponding with the attribute information of described illegal program can be set to illegal value by described server, described illegal value can be "-1 ", or other numerical value, occurrence is determined by described server.Described mobile terminal, when receiving the first proof test value that described server sends, judges whether described first proof test value is illegal value.
S206, stops installing described application program to be installed.
Concrete, when the result judged that execution step S205 obtains is as being, described first proof test value being understandable that described acquisition for mobile terminal is illegal value, and described application program to be installed is unauthorized applications, and therefore described mobile terminal stops installing described application program to be installed.
S207, when the result judged is no, obtains the second proof test value according to described application computes to be installed.
Concrete, when the result performing the judgement that step S205 obtains is no, be understandable that described first proof test value is not described illegal value, described application program to be installed is valid application program, what described server adopted the installation kit data of described particular verified algorithm to described application program to be installed to calculate is concrete proof test value, and described mobile terminal uses the particular verified algorithm installation kit data to described to be installed application program identical with described server to calculate the second proof test value.
S208, judges that whether described second proof test value is identical with described first proof test value.
Concrete, the attribute information of the application program described to be installed in described server is identical with the attribute information of the application program described to be installed on described mobile terminal, both installation kit data may not be identical, also just cause described second proof test value may not be identical with described first proof test value, therefore described mobile terminal needs to judge that whether described second proof test value is identical with described first test value.
S209, when judged result is for being, installs described application program to be installed.
Concrete, when the result judged that execution step S208 obtains is as being, be understandable that described second proof test value is identical with described first proof test value, illustrate that the installation kit data belonging to the attribute information corresponding to described first proof test value that the installation kit data of the application program described to be installed on described mobile terminal and described server store are identical, be understandable that the installation kit data of the application program described to be installed on described mobile terminal were not tampered, described application program to be installed is application program legal safely, described mobile terminal installs described application program to be installed.Such as, if the first proof test value that the installation kit data of described server to described application program to be installed calculate is M, the second test value that described mobile terminal calculates also is M, then described mobile terminal allows to install described application program to be installed and the installation completed described application program to be installed.
When the result performing the judgement that step S208 obtains is no, be understandable that described second proof test value is not identical with described first proof test value, illustrate that the installation kit data belonging to attribute information corresponding to described first proof test value that the installation kit data of the application program described to be installed on described mobile terminal and described server store are inconsistent, be understandable that the installation kit data of the application program described to be installed on described mobile terminal were tampered, described application program to be installed may threaten the safety of described mobile terminal, therefore described mobile terminal performs step S206, stop described application program to be installed is installed.Such as, if the first proof test value that the installation kit data of described server to described application program to be installed calculate is M, the second test value that described mobile terminal calculates is N, and both are not identical, then described mobile terminal stops the installation to described application program to be installed.
In embodiments of the present invention, by sending the checking request carrying the attribute information of application program to be installed to server, make the first proof test value that whois lookup is corresponding with the attribute information of application program to be installed, when there is the first proof test value in server, obtain the first proof test value of server transmission and obtain the second proof test value according to application computes to be installed, when the first proof test value is identical with the second test value, application program to be installed is installed, repeatedly judge that the first test value guarantees that the application program of installing is application program legal safely, the attribute information preventing lawless person from passing through to distort application program obtains the data in mobile terminal, improve the security of mobile terminal.
It should be noted that, embodiment shown in accompanying drawing 1 and accompanying drawing 2 is application programming interface (the Application Program Interface by revising on described mobile terminal, API) realize, but all need inspection first proof test value and the second proof test value during each set up applications, implementation procedure is more loaded down with trivial details, therefore the embodiment of the present invention increases the API that does not check proof test value, to start shooting first Auto-mounting application program at described mobile terminal, aerial download (Over The Air, OTA) update application program, the API of described increase can be called during root authority set up applications, complete the installation to above-mentioned application program fast.
The mobile terminal provided below in conjunction with accompanying drawing 3 and accompanying drawing 4 pairs of embodiment of the present invention describes in detail.It should be noted that, mobile terminal shown in accompanying drawing 3 and accompanying drawing 4, for performing Fig. 1 of the present invention and method embodiment illustrated in fig. 2, for convenience of explanation, illustrate only the part relevant to the embodiment of the present invention, concrete ins and outs do not disclose, and please refer to the embodiment shown in Fig. 1 and Fig. 2 of the present invention.
Referring to Fig. 3, is the structural representation of a kind of mobile terminal provided by the invention; This terminal 10 can comprise: transmitting element 101, computing unit 102 and installation unit 103.
Transmitting element 101, for sending the checking request of the attribute information carrying application program to be installed to server, with the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed.
In specific implementation, described transmitting element 101 transmission carries the checking request of the attribute information of application program to be installed to server, with the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed.Server stores in the embodiment of the present invention the attribute information of each application program at least one application program and at least one application program described, described server adopts particular verified algorithm, such as message digest algorithm 5, the proof test value obtaining each application program described is calculated to the installation kit data of each application program at least one application program described, and preserves the proof test value of each application program described.
Send the checking request that carries the attribute information of application program to be installed to server at described transmitting element 101 before, described mobile terminal 10 receives the installation instruction of application program to be installed and obtains the attribute information of described application program to be installed according to described installation instruction, described attribute information is the installation kit signing messages of application program, comprises the signature type of application program, bag name and version number information.For android system, android system requires that each Android application program just can must be installed in system through digital signature, if the signature type of certain application program is platform, then show that this application program is system application, this application program can obtain System Privileges, and the application program of acquisition System Privileges can check arbitrarily the data in mobile terminal.
When described mobile terminal 10 receives described installation instruction, described transmitting element 101 obtains the attribute information of described application program to be installed and sends checking request to described server, and described checking request carries the attribute information of described application program to be installed.Described server searches the attribute information of application program described to be installed entrained in described checking request in the attribute information of each application program stored, after the attribute information finding application program described to be installed entrained in described checking request, can obtain further with described verify ask in corresponding the first proof test value of the attribute information of entrained application program described to be installed, described first proof test value is the proof test value corresponding with the attribute information of described application program to be installed adopting described particular verified algorithm to precompute by described server.Such as, it is platform, bag A by name that described checking asks the attribute information of the application program described to be installed of carrying to comprise signature type, version number is B, it is platform, bag A by name that described server searches signature type in the attribute information of each application program stored, version number is the attribute information of B, if described whois lookup is to this attribute information, then obtain first proof test value corresponding with this attribute information.
Computing unit 102, for when there is described first proof test value in described server, obtaining described first proof test value that described server sends, and obtaining the second proof test value according to described application computes to be installed.
In specific implementation, if store the attribute information of described application program to be installed and described application program to be installed in described server, described server just can obtain and adopt the attribute information of described particular verified algorithm to described application program to be installed to precalculate to obtain the first proof test value; If there is not the attribute information of described application program to be installed or described application program to be installed in described server, also first proof test value corresponding with the attribute information of described application program to be installed just can not be found in described server, described server just can send invalid information to described mobile terminal 10, and described mobile terminal 10 just can stop installing described application program to be installed according to described invalid information.
When there is described first proof test value in described server, be understandable that in described server to there is described application program to be installed, described first proof test value is sent to described mobile terminal 10 by described server.Described computing unit 102 obtains described first test value that described server sends, and uses the particular verified algorithm installation kit data to described to be installed application program identical with described server to calculate the second proof test value.
Installation unit 103, for when described second proof test value is identical with described first proof test value, installs described application program to be installed.
In specific implementation, described second proof test value may be identical with described first proof test value, also may not be identical.When described second proof test value that described computing unit 102 calculates is identical with described first proof test value, illustrate that the installation kit data belonging to the attribute information corresponding to described first proof test value that the installation kit data of the application program described to be installed on described mobile terminal 10 and described server store are identical, be understandable that the installation kit data of the application program described to be installed on described mobile terminal 10 were not tampered, described application program to be installed is application program legal safely; When described second proof test value that described computing unit 102 calculates is not identical with described first proof test value, illustrate that the installation kit data belonging to attribute information corresponding to described first proof test value that the installation kit data of the application program described to be installed on described mobile terminal 10 and described server store are inconsistent, be understandable that the installation kit data of the application program described to be installed on described mobile terminal 10 were tampered, described application program to be installed may threaten the safety of described mobile terminal.When described second proof test value is identical with described first proof test value, illustrate that the application program described to be installed on described mobile terminal 10 is application program legal safely, described installation unit 103 allows to install described application program to be installed and the installation completed described application program to be installed.Such as, if the first proof test value that the installation kit data of described server to described application program to be installed calculate is M, the second test value that described mobile terminal calculates also is M, then described installation unit 103 allows to install described application program to be installed and the installation completed described application program to be installed.
In embodiments of the present invention, by sending the checking request carrying the attribute information of application program to be installed to server, make the first proof test value that whois lookup is corresponding with the attribute information of application program to be installed, when there is the first proof test value in server, obtain the first proof test value of server transmission and obtain the second proof test value according to application computes to be installed, when the first proof test value is identical with the second test value, application program to be installed is installed, can guarantee that the application program of installing is not tampered, prevent lawless person from obtaining data in mobile terminal, improve the security of mobile terminal.
Referring to Fig. 4, is the structural representation of another kind of mobile terminal provided by the invention; This terminal 20 can comprise: acquiring unit 201, transmitting element 202, invalid information acquiring unit 203, computing unit 204 and installation unit 205, and wherein said computing unit 204 comprises judging unit 2041, stops installation unit 2042 and proof test value computing unit 2043.
Acquiring unit 201, for receiving the installation instruction of application program to be installed and obtaining the attribute information of described application program to be installed according to described installation instruction.
In specific implementation, described acquiring unit 201 receives the installation instruction of application program to be installed and obtains the attribute information of described application program to be installed according to described installation instruction.Wherein, described attribute information is the installation kit signing messages of application program, comprises the signature type of application program, bag name and version number information.For android system, android system requires that each Android application program just can must be installed in system through digital signature, if the signature type of certain application program is platform, then show that this application program is system application, this application program can obtain System Privileges, and the application program of acquisition System Privileges can check arbitrarily the data in mobile terminal.
Transmitting element 202, for sending the checking request of the attribute information carrying application program to be installed to server, with the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed.
In specific implementation, when described acquiring unit 201 receives described installation instruction and gets the attribute information of described application program to be installed, described transmitting element 202 sends checking request to server, and described checking request carries the attribute information of described application program to be installed.Server stores in the embodiment of the present invention the attribute information of each application program at least one application program and at least one application program described, described server adopts particular verified algorithm, such as message digest algorithm 5, the proof test value obtaining each application program described is calculated to the installation kit data of each application program at least one application program described, and preserves the proof test value of each application program described.Described server searches the attribute information of application program described to be installed entrained in described checking request in the attribute information of each application program stored, after the attribute information finding application program described to be installed entrained in described checking request, can obtain further with described verify ask in corresponding the first proof test value of the attribute information of entrained application program described to be installed, described first proof test value is the proof test value corresponding with the attribute information of described application program to be installed adopting described particular verified algorithm to precompute by described server.Such as, it is platform, bag A by name that described checking asks the attribute information of the application program described to be installed of carrying to comprise signature type, version number is B, it is platform, bag A by name that described server searches signature type in the attribute information of each application program stored, version number is the attribute information of B, if described whois lookup is to this attribute information, then obtain first proof test value corresponding with this attribute information.
Invalid information acquiring unit 203, for when there is not described first proof test value in described server, obtains the invalid information that described server sends, and stops installing described application program to be installed according to described invalid information.
In specific implementation, if store the attribute information of described application program to be installed and described application program to be installed in described server, described server just can obtain and adopt the attribute information of described particular verified algorithm to described application program to be installed to precalculate to obtain the first proof test value; If there is not the attribute information of described application program to be installed or described application program to be installed in described server, in described server, also just just first proof test value corresponding with the attribute information of described application program to be installed can not be found.Therefore described mobile terminal 20 needs to judge whether there is described first proof test value in described server.When described mobile terminal 20 judge to draw in described server there is not described first proof test value time, described server sends invalid information to described invalid information acquiring unit 20, described invalid information acquiring unit 203 obtains the invalid information that described server sends, and stops installing described application program to be installed according to described invalid information.
Computing unit 204, when there is described first proof test value in described server, obtaining described first proof test value that described server sends, and obtaining the second proof test value according to described application computes to be installed.In specific implementation, described computing unit 2044 comprises judging unit 2041, stops installation unit 2042 and proof test value computing unit 2043.
Judging unit 2041, for when there is described first proof test value in described server, obtaining described first proof test value that described server sends, and judging whether described first proof test value is illegal value.
In specific implementation, in at least one application program stored in described server, the attribute information of each application program can also comprise the attribute information of unauthorized applications, the proof test value corresponding with the attribute information of described illegal program can be set to illegal value by described server, described illegal value can be "-1 ", or other numerical value, occurrence is determined by described server.When there is described first proof test value in described server, described first proof test value is sent to described judging unit 2041 by described server, described judging unit 2041 obtains described first proof test value that described server sends, and judges whether described first proof test value is illegal value.
Stopping installation unit 2042, for when the result judged is as being, stopping described application program to be installed is installed.
In specific implementation, when the result judged of described judging unit 2041 is as being, be understandable that described first proof test value that described judging unit 2041 obtains is illegal value, described application program to be installed is unauthorized applications, and described stopping installation unit 2042 stops installing described application program to be installed.
Proof test value computing unit 2043, for when the result judged is no, obtains the second proof test value according to described application computes to be installed.
In specific implementation, when the result of the judgement of described judging unit 2041 is no, be understandable that described first proof test value is not described illegal value, described application program to be installed is valid application program, what described server adopted the installation kit data of described particular verified algorithm to described application program to be installed to calculate is concrete proof test value, described proof test value computing unit 2043 uses the particular verified algorithm installation kit data to described to be installed application program identical with described server to calculate the second proof test value according to described application program to be installed.
Installation unit 205, for when described second proof test value is identical with described first proof test value, installs described application program to be installed.
In specific implementation, the attribute information of the application program described to be installed in described server is identical with the attribute information of the application program described to be installed on described mobile terminal 20, both installation kit data may not be identical, also just cause described second proof test value may not be identical with described first proof test value, therefore described mobile terminal 20 needs to judge that whether described second proof test value is identical with described first test value.If described second proof test value that described proof test value computing unit 2043 calculates is identical with described first proof test value, be understandable that the application program described to be installed stored in application program described to be installed on described mobile terminal 20 and described server is same application, application program described to be installed on described mobile terminal 20 is not tampered, and is safety, legal application program; If described second proof test value that described proof test value computing unit 2043 calculates is not identical with described first proof test value, be understandable that the application program described to be installed on described mobile terminal 20 is different application programs from the application program described to be installed stored in described server, application program described to be installed on described mobile terminal 20 is tampered, and may threaten the safety of described mobile terminal.
When described second proof test value is identical with described first proof test value, be understandable that the application program described to be installed on described mobile terminal is the application program of legitimate secure, described installation unit 205 installs described application program to be installed.When described second proof test value is not identical with described first proof test value, the application program described to be installed being understandable that on described mobile terminal may threaten the safety of described mobile terminal, and described mobile terminal 20 calls described stopping installation unit 2042 to be stopped installing described application program to be installed.
In embodiments of the present invention, by sending the checking request carrying the attribute information of application program to be installed to server, make the first proof test value that whois lookup is corresponding with the attribute information of application program to be installed, when there is the first proof test value in server, obtain the first proof test value of server transmission and obtain the second proof test value according to application computes to be installed, when the first proof test value is identical with the second test value, application program to be installed is installed, can guarantee that the application program of installing is not tampered, prevent lawless person from obtaining data in mobile terminal, improve the security of mobile terminal.
One of ordinary skill in the art will appreciate that all or part of flow process realized in above-described embodiment method, that the hardware that can carry out instruction relevant by computer program has come, described program can be stored in a computer read/write memory medium, this program, when performing, can comprise the flow process of the embodiment as above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.
Above disclosedly be only present pre-ferred embodiments, certainly can not limit the interest field of the present invention with this, therefore according to the equivalent variations that the claims in the present invention are done, still belong to the scope that the present invention is contained.
Claims (10)
1. an application program installation method, is characterized in that, comprising:
Transmission carries the checking request of the attribute information of application program to be installed to server, with the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed;
When there is described first proof test value in described server, obtaining described first proof test value that described server sends, and obtaining the second proof test value according to described application computes to be installed;
When described second proof test value is identical with described first proof test value, described application program to be installed is installed.
2. method according to claim 1, is characterized in that, the checking request carrying the attribute information of application program to be installed in described transmission to server step before, also comprise:
Receive the installation instruction of application program to be installed and obtain the attribute information of described application program to be installed according to described installation instruction.
3. method according to claim 1, is characterized in that, described first proof test value is the proof test value corresponding with the attribute information of described application program to be installed precomputed by described server.
4. method according to claim 1, it is characterized in that, described when there is described first proof test value in described server, obtain described first proof test value that described server sends, and obtain the second proof test value according to described application computes to be installed, comprising:
When there is described first proof test value in described server, obtaining described first proof test value that described server sends, and judging whether described first proof test value is illegal value;
When the result judged is as being, stop described application program to be installed is installed;
When the result judged is no, obtain the second proof test value according to described application computes to be installed.
5. method according to claim 1, it is characterized in that, the checking request of the attribute information of application program to be installed is carried to server in described transmission, after the step of the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed, also comprise:
When there is not described first proof test value in described server, obtain the invalid information that described server sends, and stop described application program to be installed is installed according to described invalid information.
6. a mobile terminal, is characterized in that, comprising:
Transmitting element, for sending the checking request of the attribute information carrying application program to be installed to server, with the first proof test value making described whois lookup corresponding with the attribute information of described application program to be installed;
Computing unit, for when there is described first proof test value in described server, obtaining described first proof test value that described server sends, and obtaining the second proof test value according to described application computes to be installed;
Installation unit, for when described second proof test value is identical with described first proof test value, installs described application program to be installed.
7. terminal according to claim 6, is characterized in that, also comprises:
Acquiring unit, for receiving the installation instruction of application program to be installed and obtaining the attribute information of described application program to be installed according to described installation instruction.
8. terminal according to claim 6, is characterized in that, described first proof test value is the proof test value corresponding with the attribute information of described application program to be installed precomputed by described server.
9. terminal according to claim 6, is characterized in that, described computing unit comprises:
Judging unit, for when there is described first proof test value in described server, obtaining described first proof test value that described server sends, and judging whether described first proof test value is illegal value;
Stopping installation unit, for when the result judged is as being, stopping described application program to be installed is installed;
Proof test value computing unit, for when the result judged is no, obtains the second proof test value according to described application computes to be installed.
10. terminal according to claim 6, is characterized in that, also comprises:
Invalid information acquiring unit, for when there is not described first proof test value in described server, obtains the invalid information that described server sends, and stops installing described application program to be installed according to described invalid information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510102762.7A CN104751049B (en) | 2015-03-09 | 2015-03-09 | A kind of application program installation method and mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510102762.7A CN104751049B (en) | 2015-03-09 | 2015-03-09 | A kind of application program installation method and mobile terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104751049A true CN104751049A (en) | 2015-07-01 |
| CN104751049B CN104751049B (en) | 2018-09-04 |
Family
ID=53590721
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510102762.7A Expired - Fee Related CN104751049B (en) | 2015-03-09 | 2015-03-09 | A kind of application program installation method and mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104751049B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106339634A (en) * | 2016-08-30 | 2017-01-18 | 中国民生银行股份有限公司 | Data protection method and device of terminal equipment |
| WO2017041606A1 (en) * | 2015-09-11 | 2017-03-16 | 北京金山安全软件有限公司 | Program file check method and apparatus, server, and terminal |
| CN107016279A (en) * | 2016-12-13 | 2017-08-04 | 蔚来汽车有限公司 | Using installation method and apply installation system |
| WO2017206185A1 (en) * | 2016-06-03 | 2017-12-07 | 华为技术有限公司 | Method, apparatus and system for verifying legitimacy of application program |
| CN107480519A (en) * | 2017-08-04 | 2017-12-15 | 深圳市金立通信设备有限公司 | A kind of method and server for identifying risk application |
| CN107766747A (en) * | 2017-10-31 | 2018-03-06 | 维沃移动通信有限公司 | Method, mobile terminal and the server of verification Application program installation kit integrality |
| CN107766061A (en) * | 2017-11-20 | 2018-03-06 | 烽火通信科技股份有限公司 | The installation method and installation system of a kind of Android application program |
| CN108549826A (en) * | 2018-03-30 | 2018-09-18 | 努比亚技术有限公司 | Method of calibration, terminal, server and the readable storage medium storing program for executing of application program |
| CN108604991A (en) * | 2016-07-12 | 2018-09-28 | 金主汉 | The binary channels authentication proxy system and method that application program is distorted can be detected |
| CN110362967A (en) * | 2019-07-15 | 2019-10-22 | 北京奇艺世纪科技有限公司 | The anti-tamper detection method of application program, device, terminal device and storage medium |
| CN111723365A (en) * | 2020-06-30 | 2020-09-29 | 湖北亿咖通科技有限公司 | Method and equipment for installing application program in vehicle-mounted information entertainment system |
| CN114676463A (en) * | 2022-03-31 | 2022-06-28 | 安天科技集团股份有限公司 | File tampering detection method and device, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130076528A1 (en) * | 2011-09-27 | 2013-03-28 | General Electric Company | Health monitoring system utilizing service consumption data |
| CN103577206A (en) * | 2012-07-27 | 2014-02-12 | 北京三星通信技术研究有限公司 | Method and device for installing application software |
| CN103646215A (en) * | 2013-12-23 | 2014-03-19 | 北京奇虎科技有限公司 | Application installation control method, related system and related device |
| CN104123491A (en) * | 2014-07-18 | 2014-10-29 | 广州金山网络科技有限公司 | Method and device for detecting whether application program installation package is tempered |
| CN104391729A (en) * | 2014-12-19 | 2015-03-04 | 北京奇虎科技有限公司 | Root privilege based procedure upgrading method and device |
-
2015
- 2015-03-09 CN CN201510102762.7A patent/CN104751049B/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130076528A1 (en) * | 2011-09-27 | 2013-03-28 | General Electric Company | Health monitoring system utilizing service consumption data |
| CN103577206A (en) * | 2012-07-27 | 2014-02-12 | 北京三星通信技术研究有限公司 | Method and device for installing application software |
| CN103646215A (en) * | 2013-12-23 | 2014-03-19 | 北京奇虎科技有限公司 | Application installation control method, related system and related device |
| CN104123491A (en) * | 2014-07-18 | 2014-10-29 | 广州金山网络科技有限公司 | Method and device for detecting whether application program installation package is tempered |
| CN104391729A (en) * | 2014-12-19 | 2015-03-04 | 北京奇虎科技有限公司 | Root privilege based procedure upgrading method and device |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017041606A1 (en) * | 2015-09-11 | 2017-03-16 | 北京金山安全软件有限公司 | Program file check method and apparatus, server, and terminal |
| WO2017206185A1 (en) * | 2016-06-03 | 2017-12-07 | 华为技术有限公司 | Method, apparatus and system for verifying legitimacy of application program |
| CN108604991A (en) * | 2016-07-12 | 2018-09-28 | 金主汉 | The binary channels authentication proxy system and method that application program is distorted can be detected |
| CN108604991B (en) * | 2016-07-12 | 2021-06-15 | 金主汉 | Dual-channel authentication agent system capable of detecting tampering of application program and method thereof |
| CN106339634A (en) * | 2016-08-30 | 2017-01-18 | 中国民生银行股份有限公司 | Data protection method and device of terminal equipment |
| CN107016279A (en) * | 2016-12-13 | 2017-08-04 | 蔚来汽车有限公司 | Using installation method and apply installation system |
| WO2018107765A1 (en) * | 2016-12-13 | 2018-06-21 | 蔚来汽车有限公司 | Method for installing application and system for installing application |
| CN107480519A (en) * | 2017-08-04 | 2017-12-15 | 深圳市金立通信设备有限公司 | A kind of method and server for identifying risk application |
| CN107766747A (en) * | 2017-10-31 | 2018-03-06 | 维沃移动通信有限公司 | Method, mobile terminal and the server of verification Application program installation kit integrality |
| CN107766747B (en) * | 2017-10-31 | 2020-03-17 | 维沃移动通信有限公司 | Method for verifying integrity of application program installation package, mobile terminal and server |
| CN107766061A (en) * | 2017-11-20 | 2018-03-06 | 烽火通信科技股份有限公司 | The installation method and installation system of a kind of Android application program |
| CN108549826A (en) * | 2018-03-30 | 2018-09-18 | 努比亚技术有限公司 | Method of calibration, terminal, server and the readable storage medium storing program for executing of application program |
| CN110362967A (en) * | 2019-07-15 | 2019-10-22 | 北京奇艺世纪科技有限公司 | The anti-tamper detection method of application program, device, terminal device and storage medium |
| CN111723365A (en) * | 2020-06-30 | 2020-09-29 | 湖北亿咖通科技有限公司 | Method and equipment for installing application program in vehicle-mounted information entertainment system |
| CN114676463A (en) * | 2022-03-31 | 2022-06-28 | 安天科技集团股份有限公司 | File tampering detection method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104751049B (en) | 2018-09-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104751049A (en) | Application program installing method and mobile terminal | |
| JP6888011B2 (en) | Mobile device with a reliable execution environment | |
| CN109214168B (en) | Firmware upgrading method and device | |
| US10635807B2 (en) | Method and system for preventing and detecting security threats | |
| US8850211B2 (en) | Method and apparatus for improving code and data signing | |
| CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
| CN104462965A (en) | Method for verifying integrity of application program and network device | |
| CN104573435A (en) | Method for terminal authority management and terminal | |
| CN106548065B (en) | Application program installation detection method and device | |
| CN108880859B (en) | Configuration method, device, server, terminal and storage medium of upgrade file | |
| CN104680061A (en) | Method and system for verifying code signing during startup of application in Android environment | |
| US11443031B2 (en) | Method for determining a validity of an application code, corresponding device and computer program product | |
| CN112231702B (en) | Application protection method, device, equipment and medium | |
| CN111149106A (en) | Apparatus and method for key authentication using multiple device certificates | |
| CN110941825B (en) | Application monitoring method and device | |
| CN108197469B (en) | Method and device for verifying application program, storage medium and electronic equipment | |
| CN117610083A (en) | File verification method and device, electronic equipment and computer storage medium | |
| CN109905408B (en) | Network security protection method, system, readable storage medium and terminal equipment | |
| CN106712964A (en) | Application verification method and application verification system based on Java card | |
| CN114629658B (en) | Application signature method, device, equipment and storage medium | |
| CN106971105B (en) | IOS-based application program defense method against false face attack | |
| Titze et al. | Preventing library spoofing on android | |
| CN114675865A (en) | Method and device for upgrading over-the-air technology, storage medium and terminal equipment | |
| CN112632553A (en) | Vulnerability processing method and related product | |
| KR101588533B1 (en) | Method and Apparatus for Tightening Security of Application in Android System |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder | ||
| CP01 | Change in the name or title of a patent holder |
Address after: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18 Patentee after: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd. Address before: Changan town in Guangdong province Dongguan 523860 usha Beach Road No. 18 Patentee before: GUANGDONG OPPO MOBILE TELECOMMUNICATIONS Corp.,Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180904 |