CN105306434A - Program file checking method and device, server and terminal - Google Patents
Program file checking method and device, server and terminal Download PDFInfo
- Publication number
- CN105306434A CN105306434A CN201510578850.4A CN201510578850A CN105306434A CN 105306434 A CN105306434 A CN 105306434A CN 201510578850 A CN201510578850 A CN 201510578850A CN 105306434 A CN105306434 A CN 105306434A
- Authority
- CN
- China
- Prior art keywords
- cryptographic hash
- terminal
- file
- server
- verified
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Abstract
The embodiment of the invention provides a program file checking method and device, a server and a terminal, wherein the program file checking method applied to the server can comprise the following steps: after establishing communication connection with a terminal, acquiring the version number of an application program package; obtaining a random number for the application package; generating a first hash value by using a predetermined hash algorithm according to the random number and the file content of a preset file to be checked in an application program packet with a version number stored in advance by a server; sending the random number to a terminal so that the terminal generates a second hash value according to the random number and the file content of a preset file to be checked in an application program package of the local terminal by using a preset hash algorithm; obtaining related information about a second hash value generated by the terminal; and determining the integrity check result of the preset file to be checked in the terminal. Therefore, the accuracy rate of verifying the integrity of the program file can be improved through the scheme.
Description
Technical field
The present invention relates to file detection technique field, particularly relate to program file method of calibration and device, server and terminal.
Background technology
Because the application software being applied to some operating system adopts general code speech, make to be easy to victim decompiling, amendment as some file in the application package of the carrier of application software, and packing and issuing again, piracy software is made to walk crosswise like this, such as: the application software being applicable to Android system mainly adopts Java language to write, make the APK (AndroidPackage of the carrier as this kind of application software, Android application package) hold victim decompiling, amendment very much, and packing and issuing again.
And in order to prevent the secondary of application package from packing, need the completeness check of some file carried out in application package, the verification namely whether be modified.Existing program file method of calibration is: be built-in with one section of code in some file in application package, this section of code can verify the signature of these files in application package loading procedure, if signature is correct, show that these files in this application package are complete, then continue to run, otherwise quit a program.Wherein, described signature is the cryptographic Hash that the file content of these files in application programs bag calculates.
But, because the verification of existing program file is by local run time version, assailant is made to see correlative code like this, and effective operation of code is stoped by various mode, cause the accuracy rate of completeness check lower like this, wherein, effective operation of described prevention code specifically refers to: it is correct that check results is signature, or, skip whole checking procedure.
Summary of the invention
The object of the embodiment of the present invention is to provide program file method of calibration and device, server and terminal, to improve the accuracy rate of the integrality of checking routine file.Concrete technical scheme is as follows:
First aspect, embodiments provides a kind of program file method of calibration, is applied to server, and wherein, described server is: the server of providing services on the Internet for the application software being carried on application package for operating in terminal; Described method comprises:
After establishing a communications link with described terminal, obtain the version number of described application package;
Obtain the random number being directed to described application package;
According to the file content with the file default to be verified in the application package of described version number that described random number and server self prestore, and utilize predetermined Hash algorithm, generate and be directed to described the first cryptographic Hash presetting file to be tested;
Described random number is sent to described terminal, to make described terminal after receiving described random number, according to the described file content presetting file to be tested in the described application package of described random number and described terminal local, and utilize described predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be tested;
Obtain the relevant information of described second cryptographic Hash generated about described terminal;
According to about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal.
Optionally, the relevant information of described second cryptographic Hash that described acquisition generates about described terminal, comprising:
Described second cryptographic Hash that described terminal generates is obtained to described terminal request;
Or,
Receive described second cryptographic Hash that described terminal reports after generating described second cryptographic Hash;
Described basis, about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, is determined the described completeness check result presetting file to be verified in described terminal, being comprised:
Judge that whether described second cryptographic Hash obtained is identical with described first cryptographic Hash, if identical, determine that the described default file to be verified in described terminal is complete; Otherwise, determine that the described default file to be verified in described terminal is imperfect.
Optionally, the relevant information of described second cryptographic Hash that described acquisition generates about described terminal, comprising:
Multiple relevant to the predetermined number of bits numerical value of described second cryptographic Hash is obtained successively to described terminal request;
Described basis, about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, is determined the described completeness check result presetting file to be verified in described terminal, being comprised:
Judge that whether the numerical value that the multiple and predetermined number of bits of described second cryptographic Hash is correlated with is identical with the numerical value relevant with corresponding predetermined number of bits of described first cryptographic Hash successively, determine that the described default file to be verified in described terminal is complete if judged result is; Otherwise, determine that the described default file to be verified in described terminal is imperfect.
Optionally, the described numerical value relevant to predetermined number of bits, comprising:
Numerical value in predetermined number of bits;
Or,
Perform mathematical calculations to the numerical value at least two predetermined number of bits the numerical value of gained.
Optionally, when determining the described default file imperfection to be verified in described terminal, described method also comprises:
Disconnect the communication connection between described terminal.
Optionally, when determining the described default file imperfection to be verified in described terminal, described method also comprises:
Push prompting message to terminal, wherein, described prompting message is for pointing out described default file to be verified imperfect;
Or,
Push prompting message and download link address to terminal, wherein, described prompting message is for pointing out described default file to be verified imperfect, and described download link address is the download address of described application package.
Second aspect, embodiments provide a kind of program file method of calibration, be applied to terminal, described terminal is: for running the terminal of the application software being carried on application package; Described method comprises:
After establishing a communications link with the server for providing services on the Internet for described application software, receive the random number being directed to described application package that described server sends, wherein, described random number is: described server to obtain and sends after establishing a communications link with described terminal;
According to the file content of the file default to be verified in the described application package of described random number and described terminal local, and utilize predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be verified;
The relevant information of described second cryptographic Hash is sent to described server, after the relevant information obtained about described second cryptographic Hash to make described server, according to about the relevant information of described second cryptographic Hash and the relevant information about the first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal, wherein, described first cryptographic Hash is: described server is according to described random number and self prestore, there is the file content of the file default to be verified in the application package of the version number of the described application package in described terminal, and utilize described predetermined Hash algorithm to generate.
Optionally, the described relevant information sending described second cryptographic Hash to described server, comprising:
After the request about described second cryptographic Hash receiving the transmission of described server, to the second cryptographic Hash described in described server feedback;
Or,
After described second cryptographic Hash of generation, report described second cryptographic Hash to described server.
Optionally, the described relevant information sending described second cryptographic Hash to described server, comprising:
The request of multiple relevant to the predetermined number of bits numerical value about described second cryptographic Hash of reception server transmission successively;
After the request receiving each numerical value relevant to predetermined number of bits about described second cryptographic Hash that server sends, to corresponding to the predetermined number of bits relevant numerical value of described server feedback about described second cryptographic Hash.
Optionally, the described numerical value relevant to predetermined number of bits, comprising:
Numerical value in predetermined number of bits;
Or,
Perform mathematical calculations to the numerical value at least two predetermined number of bits the numerical value of gained.
Optionally, a kind of program file method of calibration that the embodiment of the present invention provides, also comprises:
Receive the prompting message of described server push, wherein, described prompting message is for pointing out described default file to be verified imperfect;
Or,
The prompting message that reception server pushes and download link address, wherein, described prompting message is for pointing out described default file to be verified imperfect, and described download link address is the download address of described application package.
The third aspect, embodiments provides a kind of program file calibration equipment, is applied to server, and wherein, described server is: the server of providing services on the Internet for the application software being carried on application package for operating in terminal; Described device comprises:
Version number obtains module, for after establishing a communications link with described terminal, obtains the version number of described application package;
Random number obtains module, for obtaining the random number being directed to described application package;
First cryptographic Hash generation module, for the file content with the file default to be verified in the application package of described version number prestored according to described random number and server self, and utilize predetermined Hash algorithm, generate and be directed to described the first cryptographic Hash presetting file to be tested;
Random number sending module, for described random number is sent to described terminal, to make described terminal after receiving described random number, according to the described file content presetting file to be tested in the described application package of described random number and described terminal local, and utilize described predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be tested;
Second cryptographic Hash information acquisition module, for obtaining the relevant information of described second cryptographic Hash generated about described terminal;
Completeness check module, for according to about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, determines the described completeness check result presetting file to be verified in described terminal.
Optionally, described second cryptographic Hash information acquisition module, comprising:
The first information obtains unit, for obtaining described second cryptographic Hash that described terminal generates to described terminal request;
Or,
Second information obtainment unit, for receiving described second cryptographic Hash that described terminal reports after generating described second cryptographic Hash;
Described completeness check module, comprising:
First completeness check unit, whether identical with described first cryptographic Hash for judging obtained described second cryptographic Hash, if identical, determine that the described default file to be verified in described terminal is complete; Otherwise, determine that the described default file to be verified in described terminal is imperfect.
Optionally, described second cryptographic Hash information acquisition module, comprising:
3rd information obtainment unit, for obtaining multiple relevant to the predetermined number of bits numerical value of described second cryptographic Hash successively to described terminal request;
Described completeness check module, comprising:
Second completeness check unit, whether identical with the numerical value relevant with corresponding predetermined number of bits of described first cryptographic Hash for judging the numerical value that the multiple and predetermined number of bits of described second cryptographic Hash is correlated with successively, determine that the described default file to be verified in described terminal is complete if judged result is; Otherwise, determine that the described default file to be verified in described terminal is imperfect.
Optionally, the described numerical value relevant to predetermined number of bits, comprising:
Numerical value in predetermined number of bits;
Or,
Perform mathematical calculations to the numerical value at least two predetermined number of bits the numerical value of gained.
Optionally, a kind of program file calibration equipment that the embodiment of the present invention provides also comprises:
Connecting and disconnect module, for when determining the described default file imperfection to be verified in described terminal, disconnecting the communication connection between described terminal.
Optionally, a kind of program file calibration equipment that the embodiment of the present invention provides also comprises:
First information sending module, for when determining the described default file imperfection to be verified in described terminal, pushes prompting message to terminal, and wherein, described prompting message is for pointing out described default file to be verified imperfect;
Or,
Second information sending module, for when determining the described default file imperfection to be verified in described terminal, prompting message and download link address is pushed to terminal, wherein, described prompting message is for pointing out described default file to be verified imperfect, and described download link address is the download address of described application package.
Fourth aspect, embodiments provide a kind of program file calibration equipment, be applied to terminal, described terminal is: for running the terminal of the application software being carried on application package; Described device comprises:
Random number receiver module, for after establishing a communications link with the server for providing services on the Internet for described application software, receive the random number being directed to described application package that described server sends, wherein, described random number is: described server to obtain and sends after establishing a communications link with described terminal;
Second cryptographic Hash generation module, for the file content according to the file default to be verified in the described application package of described random number and described terminal local, and utilizes predetermined Hash algorithm, generates and is directed to described the second cryptographic Hash presetting file to be verified;
Second cryptographic Hash information sending module, for sending the relevant information of described second cryptographic Hash to described server, after the relevant information obtained about described second cryptographic Hash to make described server, according to about the relevant information of described second cryptographic Hash and the relevant information about the first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal, wherein, described first cryptographic Hash is: described server is according to described random number and self prestore, there is the file content of the file default to be verified in the application package of the version number of the described application package in described terminal, and utilize described predetermined Hash algorithm to generate.
Optionally, described second cryptographic Hash information sending module, comprising:
First information transmitting element, for after the request about described second cryptographic Hash receiving the transmission of described server, to the second cryptographic Hash described in described server feedback;
Or,
Second information transmitting unit, for after described second cryptographic Hash of generation, reports described second cryptographic Hash to described server.
Optionally, described second cryptographic Hash information sending module, comprising:
Value request obtains unit, for the request of multiple relevant to the predetermined number of bits numerical value about described second cryptographic Hash of reception server transmission successively;
3rd information transmitting unit, for after the request receiving each numerical value relevant to predetermined number of bits about described second cryptographic Hash that server sends, to corresponding to the predetermined number of bits relevant numerical value of described server feedback about described second cryptographic Hash.
Optionally, the described numerical value relevant to predetermined number of bits, comprising:
Numerical value in predetermined number of bits;
Or,
Perform mathematical calculations to the numerical value at least two predetermined number of bits the numerical value of gained.
Optionally, a kind of program file calibration equipment that the embodiment of the present invention provides also comprises:
First message reception units, for receiving the prompting message of described server push, wherein, described prompting message is for pointing out described default file to be verified imperfect;
Or,
Second message reception units, the prompting message pushed for reception server and download link address, wherein, described prompting message is for pointing out described default file to be verified imperfect, and described download link address is the download address of described application package.
5th aspect, embodiments provides a kind of server, and described server is: the server of providing services on the Internet for the application software being carried on application package for operating in terminal, and wherein, described server comprises:
Processor, memory, communication interface and bus;
Described processor, described memory and described communication interface are connected by described bus and complete mutual communication;
Described memory stores executable programs code;
Described processor runs the program corresponding with described executable program code by reading the executable program code stored in described memory, for a kind of program file method of calibration of execution; Wherein, a kind of program file method of calibration comprises:
After establishing a communications link with described terminal, obtain the version number of described application package;
Obtain the random number being directed to described application package;
According to the file content with the file default to be verified in the application package of described version number that described random number and server self prestore, and utilize predetermined Hash algorithm, generate and be directed to described the first cryptographic Hash presetting file to be tested;
Described random number is sent to described terminal, to make described terminal after receiving described random number, according to the described file content presetting file to be tested in the described application package of described random number and described terminal local, and utilize described predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be tested;
Obtain the relevant information of described second cryptographic Hash generated about described terminal;
According to about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal.
6th aspect, embodiments provides a kind of terminal, and described terminal is: for running the terminal of the application software being carried on application package; Wherein, described terminal comprises: processor, memory, communication interface and bus;
Described processor, described memory and described communication interface are connected by described bus and complete mutual communication;
Described memory stores executable programs code;
Described processor runs the program corresponding with described executable program code by reading the executable program code stored in described memory, for a kind of program file method of calibration of execution; Wherein, a kind of program file method of calibration comprises:
After establishing a communications link with the server for providing services on the Internet for described application software, receive the random number being directed to described application package that described server sends, wherein, described random number is: described server to obtain and sends after establishing a communications link with described terminal;
According to the file content of the file default to be verified in the described application package of described random number and described terminal local, and utilize predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be verified;
The relevant information of described second cryptographic Hash is sent to described server, after the relevant information obtained about described second cryptographic Hash to make described server, according to about the relevant information of described second cryptographic Hash and the relevant information about the first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal, wherein, described first cryptographic Hash is: described server is according to described random number and self prestore, there is the file content of the file default to be verified in the application package of the version number of the described application package in described terminal, and utilize described predetermined Hash algorithm to generate.
In the embodiment of the present invention, when program file verifies, verification is completed by server, avoid the change of assailant to completeness check code, and, on the basis of presetting file to be verified, increase random number when calculating cryptographic Hash, improve the uncertainty of cryptographic Hash, reduce cryptographic Hash victim exhaustive go out risk, therefore, the accuracy rate of the integrality of checking routine file can be improved by this programme.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
The flow chart of a kind of program file method of calibration that Fig. 1 provides from server side for the embodiment of the present invention;
Another flow chart of a kind of program file method of calibration that Fig. 2 provides from server side for the embodiment of the present invention;
Another flow chart of a kind of program file method of calibration that Fig. 3 provides from server side for the embodiment of the present invention;
Another flow chart of a kind of program file method of calibration that Fig. 4 provides from server side for the embodiment of the present invention;
The flow chart of a kind of program file method of calibration that Fig. 5 provides from terminal point for the embodiment of the present invention;
Another flow chart of a kind of program file method of calibration that Fig. 6 provides from terminal point for the embodiment of the present invention;
Another flow chart of a kind of program file method of calibration that Fig. 7 provides from terminal point for the embodiment of the present invention;
Another flow chart of a kind of program file method of calibration that Fig. 8 provides from terminal point for the embodiment of the present invention;
The structural representation of a kind of program file calibration equipment that Fig. 9 provides from server side for the embodiment of the present invention;
The structural representation of a kind of program file calibration equipment that Figure 10 provides from terminal point for the embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
First, in order to improve the accuracy rate of the integrality of checking routine file, from the angle of server, embodiments provide a kind of program file method of calibration, wherein, this server is: the server of providing services on the Internet for the application software being carried on application package for operating in terminal.
Wherein, this application package for being applicable to the file of Android operation system, can be not limited thereto, such as certainly, this application package also can for be applicable to IOS (its be by Apple be iPhone develop operating system) file, etc.In addition, the application package of embodiment of the present invention indication is file that the application software carried needs server to provide services on the Internet.Further, the file default to be verified in application package can be the partial document in application package, also can be all files.
As shown in Figure 1, a kind of program file method of calibration that the present embodiment provides, can comprise the steps:
S101, after establishing a communications link with terminal, obtains the version number of application package;
Wherein, after server and terminal establish a communications link, can the integrity check process of opening program file, concrete, first server can obtain the version number of application package, and then utilizes this version number to perform follow-up flow process.
Be understandable that, after establishing a communications link with terminal, server can obtain the version number of application program APMB package by prior art.Wherein, it is emphasized that, can after establishing a communications link with terminal at every turn execution checking procedure, certainly, in actual applications, also can not after establishing a communications link at every turn all execution checking procedures, but after certain establishes a communications link several times execution checking procedure, or, execution checking procedure after establishing a communications link within some period, etc., this is all rational.
S102, obtains the random number being directed to this application package;
After opening program file verification process, the random number being directed to this application package can be obtained, and then utilize this random number to perform follow-up handling process.
Wherein, so-called acquisition is directed to the random number of this application package, specifically can comprise: generated the random number being directed to this application package by default Generating Random Number, or Stochastic choice random number is as the random number being directed to this application package from the set of random numbers built in advance.Be understandable that, described default Generating Random Number can be Generating Random Number of the prior art, also can be the Generating Random Number of designed, designed, and, which kind of Generating Random Number of concrete employing can be selected according to actual conditions, does not limit at this.
It should be noted that, in actual applications, there is not strict execution sequence in the step that the step of the version number of described acquisition application package and described acquisition are directed to the random number of this application package, such as: the step that the step of the version number of described acquisition application package and described acquisition are directed to the random number of this application package can be performed simultaneously, the step that also first can perform the version number of described acquisition application package performs the step that described acquisition is directed to the random number of this application package again, certainly, the step that also can be directed to the random number of this application package for first performing described acquisition performs the step of the version number of described acquisition application package again.
S103, according to the file content with the file default to be verified in the application package of this version number that this random number and server self prestore, and utilizes predetermined Hash algorithm, generates and is directed to the first cryptographic Hash that this presets file to be verified;
After acquisition is directed to the random number of this application package and the version number of this application package, in order to carry out the verification about integrality to the file default to be verified in the application package in terminal, the file content with the file default to be verified in the application package of this version number that can prestore according to this random number and server self, and utilize predetermined Hash algorithm, generate and be directed to the first cryptographic Hash that this presets file to be verified.Wherein, this predetermined Hash algorithm can be existing hash algorithm, and also can be the hash algorithm of designed, designed, this be all rational.
Wherein, this server self is previously stored with the application package with different editions number of this application software, and when generating the first cryptographic Hash being directed to this default file to be verified, the file content of the file default to be verified in the application package with this obtained version number can be utilized.
S104, this random number is sent to this terminal, to make this terminal after receiving this random number, according to the file content of this random number with the file default to be verified in this application package of this terminal local, and utilize this predetermined Hash algorithm, generate and be directed to the second cryptographic Hash that this presets file to be verified;
Wherein, after acquisition is directed to the random number of this application package, this random number can be sent to this terminal; Accordingly, this terminal is after receiving this random number, according to the file content of this random number with default file to be verified in this application package of this terminal local, and this predetermined Hash algorithm can be utilized, generate and be directed to the second cryptographic Hash that this presets file to be verified.Wherein, terminal generates hash value algorithms that the second cryptographic Hash utilizes and server, and to generate the hash algorithm that the first cryptographic Hash utilizes identical, to ensure that the first cryptographic Hash and the second cryptographic Hash have comparativity.
Be understandable that, the file default to be verified had in the application package of this obtained version number due to server stores is complete file, and when generating the first cryptographic Hash, utilize file content and the random number of the file default to be verified had in the application package of this obtained version number, therefore, if the file default to be verified in this application package in terminal is complete file, the second cryptographic Hash that then this terminal generates must be identical with the first cryptographic Hash that server generates, if and the file default to be verified in this application package in terminal is the file be modified, i.e. incomplete file, the second cryptographic Hash that then this terminal generates must be different from the first cryptographic Hash that server generates.
Wherein, the described step of this terminal that this random number sent to is inevitable after described acquisition is directed to the step of the random number of this application package, it is inevitable after described acquisition is directed to the step of the random number of this application package that described generation is directed to this step presetting the first cryptographic Hash of file to be verified, but, there is not strict execution sequence in described step this random number being sent to the step of this terminal and described generation to be directed to the first cryptographic Hash of this default file to be verified, such as: the described step this random number being sent to the step of this terminal and described generation to be directed to the first cryptographic Hash of this default file to be verified can be performed simultaneously, also first can perform described generation to be directed to this step of the first cryptographic Hash presetting file to be verified and to perform the described step this random number being sent to this terminal again, certainly, also first can perform and describedly this random number be sent to the step of this terminal to perform described generation to be again directed to the step of the first cryptographic Hash that this presets file to be verified, this is all rational.
S105, obtains the relevant information of this second cryptographic Hash generated about this terminal;
Wherein, owing to all make use of the random number that server generates and the file default to be verified had in this application package of same version number when the first cryptographic Hash and the second cryptographic Hash build, therefore, under the prerequisite that utilized hash algorithm is identical, if the file default to be verified in the application package in terminal complete (not namely being modified), then the first cryptographic Hash is inevitable identical with the second cryptographic Hash.Therefore, in order to realize completeness check, server is after sending to this terminal by this random number, the relevant information of described second cryptographic Hash generated about this terminal can be obtained, and then according to about the relevant information of this second cryptographic Hash and the relevant information about this first cryptographic Hash, determine the completeness check result of the file default to be verified in this terminal.
Wherein, the specific implementation obtaining the relevant information of this second cryptographic Hash generated about this terminal exists multiple, for the sake of clarity, the specific implementation of the follow-up relevant information to obtaining this second cryptographic Hash generated about this terminal carries out citing introduction.
S106, according to about the relevant information of this second cryptographic Hash and the relevant information about this first cryptographic Hash, determines the completeness check result of this default file to be verified in this terminal.
After the relevant information obtaining this second cryptographic Hash generated about this terminal, can according to about the relevant information of this second cryptographic Hash and the relevant information about this first cryptographic Hash, determine the completeness check result of this default file to be verified in this terminal, wherein, this completeness check result can comprise: it is imperfect that this presets complete maybe this default file to be verified of file to be verified.
Be understandable that, according to the relevant information about this second cryptographic Hash with determine based on the specific implementation of the relevant information obtaining this second cryptographic Hash generated about this terminal about this specific implementation presetting the completeness check result of file to be verified that the relevant information of this first cryptographic Hash is determined in this terminal, for the sake of clarity, follow-up combination is to the citing introduction of the specific implementation of the relevant information of this second cryptographic Hash that acquisition generates about this terminal, illustrate introduce according to about this second cryptographic Hash relevant information and about the relevant information of this first cryptographic Hash determine in this terminal this preset the specific implementation of completeness check result of file to be verified.
In the embodiment of the present invention, when program file verifies, verification is completed by server, avoid the change of assailant to completeness check code, and, on the basis of presetting file to be verified, increase random number when calculating cryptographic Hash, improve the uncertainty of cryptographic Hash, reduce cryptographic Hash victim exhaustive go out risk, therefore, the accuracy rate of the integrality of checking routine file can be improved by this programme.
Understandable, in program file checking procedure, the second complete cryptographic Hash that terminal generates can be obtained, to make to utilize this second cryptographic Hash and the first cryptographic Hash to complete the described determination presetting the completeness check result of file to be verified in terminal.Based on the thought obtaining the second complete cryptographic Hash that terminal generates, in one implementation, see Fig. 2, compared with the embodiment formed with aforesaid S101-S106, obtain the relevant information (S105) of this second cryptographic Hash generated about this terminal, can comprise:
S1051, obtains to this terminal request this second cryptographic Hash that this terminal generates;
Accordingly, see Fig. 2, compared with the embodiment formed with aforesaid S101-S106, according to about the relevant information of this second cryptographic Hash and the relevant information about this first cryptographic Hash, determine the completeness check result (S106) of this default file to be verified in this terminal, can comprise:
S1061, judges that whether this second cryptographic Hash obtained is identical with this first cryptographic Hash, if identical, performs S1062, if not identical, performs S1063;
S1062, determines that this default file to be verified in this terminal is complete;
S1063, determines that this default file to be verified in this terminal is imperfect.
Wherein, in this kind of implementation, server initiatively can obtain to this terminal request this second cryptographic Hash that this terminal generates, and terminal is after receiving the request of server about the second cryptographic Hash, the second generated cryptographic Hash can be fed back to server by terminal, and then, server can judge that whether this obtained second cryptographic Hash is identical with this first cryptographic Hash, if identical, determine that this default file to be verified in this terminal is complete, if not identical, determine that this default file to be verified in this terminal is imperfect.
Based on the thought obtaining the second complete cryptographic Hash that terminal generates, in another kind of implementation, see Fig. 3, compared with the embodiment formed with aforesaid S101-S106, obtain the relevant information (S105) of this second cryptographic Hash generated about this terminal, can comprise:
S1052, receives this second cryptographic Hash that this terminal reports after generating this second cryptographic Hash;
Accordingly, see Fig. 3, compared with the embodiment formed with aforesaid S101-S106, according to about the relevant information of this second cryptographic Hash and the relevant information about this first cryptographic Hash, determine the completeness check result (S106) of this default file to be verified in this terminal, can comprise:
S1064, judges that whether this second cryptographic Hash obtained is identical with this first cryptographic Hash, if identical, performs S1065, if not identical, performs S1066;
S1065, determines that this default file to be verified in this terminal is complete;
S1066, determines that this default file to be verified in this terminal is imperfect.
Wherein, in this kind of implementation, terminal is after generation second cryptographic Hash, initiatively can report this second cryptographic Hash to server, and after server receives this second cryptographic Hash that this terminal reports after generating this second cryptographic Hash, can judge that whether this obtained second cryptographic Hash is identical with this first cryptographic Hash, if identical, determine that this default file to be verified in this terminal is complete, if not identical, determine that this default file to be verified in this terminal is imperfect.
Further, consider internet security, to complete the second cryptographic Hash of terminal request, but by challenge response mode, repeatedly can not obtain the numerical value relevant to predetermined number of bits of this second cryptographic Hash to terminal request.Based on the thought of the numerical value relevant to predetermined number of bits of this second cryptographic Hash of acquisition, in another kind of implementation, see Fig. 4, compared with the embodiment formed with aforesaid S101-S106, obtain the relevant information (S105) of described second cryptographic Hash generated about described terminal, can comprise:
S1053, obtains multiple relevant to the predetermined number of bits numerical value of this second cryptographic Hash successively to this terminal request;
Accordingly, see Fig. 4, compared with the embodiment formed with aforesaid S101-S106, according to about the relevant information of this second cryptographic Hash and the relevant information about this first cryptographic Hash, determine the completeness check result (S106) of this default file to be verified in this terminal, can comprise:
S1067, judging that whether the numerical value that the multiple of this second cryptographic Hash are correlated with predetermined number of bits is identical with the numerical value relevant with corresponding predetermined number of bits of this first cryptographic Hash successively, is perform S1068 if judged result is, otherwise, perform S1069;
S1068, determines that this default file to be verified in this terminal is complete;
S1069, determines that this default file to be verified in this terminal is imperfect.
Wherein, in this kind of specific implementation, the numerical value relevant to predetermined number of bits can comprise: the numerical value in predetermined number of bits, or, perform mathematical calculations to the numerical value at least two predetermined number of bits the numerical value of gained, for example, the numerical value on first of this second cryptographic Hash is obtained successively to this terminal request, numerical value on numerical value on 3rd and the 4th, and then, can judge that whether the numerical value on first of the second cryptographic Hash is identical with the numerical value on first of the first cryptographic Hash successively, whether the numerical value on the 3rd of the second cryptographic Hash is identical with the numerical value on the 3rd of the first cryptographic Hash, whether the numerical value on the 4th of the second cryptographic Hash is identical with the numerical value on the 4th of the first cryptographic Hash, when judged result is identical, can determine that this default file to be verified in this terminal is complete, otherwise, determine that the file default to be verified in this terminal is imperfect, and for example: obtain the numerical value on first of this second cryptographic Hash to this terminal request successively, numerical value sum on numerical value on first and the 3rd, numerical value on 4th, and then, can judge that whether the numerical value on first of the second cryptographic Hash is identical with the numerical value on first of the first cryptographic Hash successively, whether the numerical value on first of the second cryptographic Hash is identical with the numerical value sum on the 3rd with the numerical value on first of the first cryptographic Hash with the numerical value sum on the 3rd, whether the numerical value on the 4th of the second cryptographic Hash is identical with the numerical value on the 4th of the first cryptographic Hash, when judged result is identical, can determine that the file default to be verified in this terminal is complete, otherwise, determine that the file default to be verified in this terminal is imperfect.
Demand it is emphasised that, the specific implementation of above-mentioned S105 and S106, as just example, should not form the restriction to the embodiment of the present invention.
Further, when determining that this default file to be verified in this terminal is complete, can continue to keep the communication connection with this terminal, continue as this terminal and provide services on the Internet, the application software being carried on this application package be in this terminal is provided services on the Internet; And in order to the software that effectively combats copyright piracy, when determining that this default file to be verified in this terminal is imperfect, the method that the embodiment of the present invention provides can also comprise: disconnect the communication connection between this terminal, namely no longer for the application software being carried on this application package in this terminal is provided services on the Internet.
Certainly, in order to improve the experience of user further, when determining that this default file to be verified in this terminal is imperfect, the method that the embodiment of the present invention provides, can also comprise:
Push prompting message to terminal, wherein, this prompting message is imperfect for pointing out this to preset file to be verified;
Or,
Push prompting message and download link address to terminal, wherein, this prompting message is imperfect for pointing out this to preset file to be verified, and this download link address is the download address of this application package.
Wherein, file to be verified can should be preset imperfect only by this information prompting user, thus user again can search for the application package that comprises complete file default to be verified voluntarily and download, certainly, after this information of propelling movement, the communication connection with this terminal can be disconnected; Further, in order to improve the experience of user, prompting message and download link address can be pushed to terminal simultaneously, with point out user should preset file to be verified incomplete while, for user provides download address, thus facilitate user again to download to comprise the application package of complete file default to be verified.
Secondly, in order to improve the accuracy rate of the integrality of checking routine file, from the angle of terminal, a kind of program file method of calibration is embodiments provided.Wherein, this terminal is: for running the terminal of the application software being carried on application package.Wherein, in actual applications, this terminal can be smart mobile phone, panel computer, notebook computer etc.Further, the functional software performing a kind of program file method of calibration that the present embodiment provides is the functional module being built in this application package.
As shown in Figure 5, a kind of program file method of calibration that the present embodiment provides, can comprise:
S201, after establishing a communications link with the server for providing services on the Internet for this application software, receives the random number being directed to this application package that this server sends;
Wherein, this random number is: this server to obtain and sends after establishing a communications link with terminal.
Wherein, because server can after establishing a communications link with this terminal, open this program file checking procedure, and then obtain and send the random number being directed to this application package to this terminal, therefore, this terminal after establishing a communications link with this server, can receive the random number being directed to this application package that this server sends, and then performs follow-up step.
S202, according to the file content of this random number with the file default to be tested in this application package of this terminal local, and utilizes predetermined Hash algorithm, generates and is directed to the second cryptographic Hash that this presets file to be verified;
Wherein, this terminal after receiving this random number, in order to realize completeness check, according to the file content of the file default to be tested in this application package of this random number and this terminal local, and utilize predetermined Hash algorithm, generate and be directed to the second cryptographic Hash that this presets file to be verified.Wherein, this predetermined Hash algorithm can be existing hash algorithm, and also can be the hash algorithm of designed, designed, this be all rational.
S203, sends the relevant information of this second cryptographic Hash to this server.
Wherein, this first cryptographic Hash is: server according to this random number and self prestore, the file content of file default to be verified in the application package of the version number with this application package in this terminal, and utilize this predetermined Hash algorithm to generate.
Wherein, in order to realize the completeness check of program file, terminal can send the relevant information of this second cryptographic Hash after generating the second cryptographic Hash being directed to this default file to be verified to this server; And then, after this server obtains the relevant information about this second cryptographic Hash, according to about the relevant information of this second cryptographic Hash and the relevant information about the first cryptographic Hash, determine the completeness check result of this default file to be verified in this terminal.Further, the specific implementation sending the relevant information of this second cryptographic Hash to this server exists multiple, for the sake of clarity, follow-up carry out citing introduce.
It should be noted that, terminal generates hash value algorithms that the second cryptographic Hash utilizes and server, and to generate the hash algorithm that the first cryptographic Hash utilizes identical, to ensure that the first cryptographic Hash and the second cryptographic Hash have comparativity.
In the embodiment of the present invention, when program file verifies, verification is completed by server, avoid the change of assailant to completeness check code, and, on the basis of presetting file to be verified, increase random number when calculating cryptographic Hash, improve the uncertainty of cryptographic Hash, reduce cryptographic Hash victim exhaustive go out risk, therefore, the accuracy rate of the integrality of checking routine file can be improved by this programme.
Understandable, in program file checking procedure, server can obtain the second complete cryptographic Hash that terminal generates, to make to utilize this second cryptographic Hash and the first cryptographic Hash to complete the determination of the completeness check result of this default file to be verified in terminal.The thought of the second complete cryptographic Hash that terminal generates is obtained based on server, in one implementation, see Fig. 6, compared with the embodiment formed with aforesaid S201-S203, the described relevant information (S203) sending this second cryptographic Hash to this server, can comprise:
S2031, after the request about this second cryptographic Hash receiving the transmission of this server, to this second cryptographic Hash of this server feedback.
Wherein, in this kind of specific implementation, after server obtains to this terminal request this second cryptographic Hash that this terminal generates, judge that whether this second cryptographic Hash obtained is identical with this first cryptographic Hash, if identical, determine that this default file to be verified in this terminal is complete, if not identical, determine that this default file to be verified in this terminal is imperfect.
The thought of the second complete cryptographic Hash that terminal generates is obtained based on server, in one implementation, see Fig. 7, compared with the embodiment formed with aforesaid S201-S203, the described relevant information (S203) sending this second cryptographic Hash to this server, can comprise:
S2032, after this second cryptographic Hash of generation, reports this second cryptographic Hash to this server.
Wherein, in this kind of specific implementation, server receives this terminal after generating this second cryptographic Hash reported after this second cryptographic Hash, judge that whether this second cryptographic Hash obtained is identical with this first cryptographic Hash, if identical, determine that this default file to be verified in this terminal is complete, if not identical, determine that this default file to be verified in this terminal is imperfect.
Further, consider internet security, server to complete the second cryptographic Hash of terminal request, but by challenge response mode, repeatedly can not obtain the numerical value relevant to predetermined number of bits of this second cryptographic Hash to terminal request.Based on the thought of the numerical value relevant to predetermined number of bits of this second cryptographic Hash of acquisition, in another kind of implementation, see Fig. 8, the described relevant information (S203) sending this second cryptographic Hash to this server, can comprise:
S2033, the request of multiple relevant to the predetermined number of bits numerical value about this second cryptographic Hash of reception server transmission successively;
S2034, after the request receiving each numerical value relevant to predetermined number of bits about this second cryptographic Hash that server sends, to corresponding to the predetermined number of bits relevant numerical value of this server feedback about this second cryptographic Hash.
Wherein, the described numerical value relevant to predetermined number of bits, can comprise: the numerical value in predetermined number of bits; Or, the numerical value of gained that the numerical value at least two predetermined number of bits is performed mathematical calculations.
In this kind of implementation, server obtains multiple relevant to the predetermined number of bits numerical value of this second cryptographic Hash successively to this terminal request after, server judges that whether the numerical value that the multiple of this second cryptographic Hash are correlated with predetermined number of bits is identical with the numerical value relevant with corresponding predetermined number of bits of this first cryptographic Hash successively, if judged result is be, determine that this default file to be verified in this terminal is complete, otherwise, determine that this default file to be verified in this terminal is imperfect.
Further, when this default file to be verified that server is determined in this terminal is complete, can continue to keep the communication connection with this terminal, continue as this terminal and provide services on the Internet, the application software being carried on this application package be in this terminal is provided services on the Internet; And in order to the software that effectively combats copyright piracy, when this default file to be verified that server is determined in this terminal is imperfect, server can disconnect the communication connection between this terminal, namely no longer for the application software being carried on this application package in this terminal is provided services on the Internet.
Certainly, in order to improve the experience of user further, when this default file to be verified that server is determined in this terminal is imperfect, server can push prompting message to terminal, wherein, this prompting message is imperfect for pointing out this to preset file to be verified; Thus terminal can receive the prompting message of this server push, wherein, this prompting message is imperfect for pointing out this to preset file to be verified.In addition, when this default file to be verified that server is determined in this terminal is imperfect, prompting message and download link address can also be pushed to terminal, wherein, this prompting message is imperfect for pointing out this to preset file to be verified, and this download link address is the download address of this application package; Accordingly, this terminal can reception server push prompting message and download link address, wherein, this prompting message for point out this preset file to be verified imperfect, this download link address is the download address of this application package.
Corresponding to the above-mentioned a kind of program file calibration equipment provided from server side, the embodiment of the present invention additionally provides a kind of program file calibration equipment, be applied to server, wherein, described server is: the server of providing services on the Internet for the application software being carried on application package for operating in terminal; As shown in Figure 9, described device can comprise:
Version number obtains module 310, for after establishing a communications link with described terminal, obtains the version number of described application package;
Random number obtains module 320, for obtaining the random number being directed to described application package;
First cryptographic Hash generation module 330, for the file content with the file default to be verified in the application package of described version number prestored according to described random number and server self, and utilize predetermined Hash algorithm, generate and be directed to described the first cryptographic Hash presetting file to be tested;
Random number sending module 340, for described random number is sent to described terminal, to make described terminal after receiving described random number, according to the described file content presetting file to be tested in the described application package of described random number and described terminal local, and utilize described predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be tested;
Second cryptographic Hash information acquisition module 350, for obtaining the relevant information of described second cryptographic Hash generated about described terminal;
Completeness check module 360, for according to about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, determines the described completeness check result presetting file to be verified in described terminal.
In the embodiment of the present invention, when program file verifies, verification is completed by server, avoid the change of assailant to completeness check code, and, on the basis of presetting file to be verified, increase random number when calculating cryptographic Hash, improve the uncertainty of cryptographic Hash, reduce cryptographic Hash victim exhaustive go out risk, therefore, the accuracy rate of the integrality of checking routine file can be improved by this programme.
Concrete, in one implementation, described second cryptographic Hash information acquisition module 350, can comprise:
The first information obtains unit, for obtaining described second cryptographic Hash that described terminal generates to described terminal request;
Or,
Second information obtainment unit, for receiving described second cryptographic Hash that described terminal reports after generating described second cryptographic Hash;
Described completeness check module 360, can comprise:
First completeness check unit, whether identical with described first cryptographic Hash for judging obtained described second cryptographic Hash, if identical, determine that the described default file to be verified in described terminal is complete; Otherwise, determine that the described default file to be verified in described terminal is imperfect.
Concrete, in another kind of implementation, described second cryptographic Hash information acquisition module 350, can comprise:
3rd information obtainment unit, for obtaining multiple relevant to the predetermined number of bits numerical value of described second cryptographic Hash successively to described terminal request;
Described completeness check module 360, can comprise:
Second completeness check unit, whether identical with the numerical value relevant with corresponding predetermined number of bits of described first cryptographic Hash for judging the numerical value that the multiple and predetermined number of bits of described second cryptographic Hash is correlated with successively, determine that the described default file to be verified in described terminal is complete if judged result is; Otherwise, determine that the described default file to be verified in described terminal is imperfect.
Concrete, the described numerical value relevant to predetermined number of bits, can comprise:
Numerical value in predetermined number of bits;
Or,
Perform mathematical calculations to the numerical value at least two predetermined number of bits the numerical value of gained.
Further, a kind of program file calibration equipment that the present embodiment provides can also comprise:
Connecting and disconnect module, for when determining the described default file imperfection to be verified in described terminal, disconnecting the communication connection between described terminal.
Further, a kind of program file calibration equipment that the present embodiment provides can also comprise:
First information sending module, for when determining the described default file imperfection to be verified in described terminal, pushes prompting message to terminal, and wherein, described prompting message is for pointing out described default file to be verified imperfect;
Or,
Second information sending module, for when determining the described default file imperfection to be verified in described terminal, prompting message and download link address is pushed to terminal, wherein, described prompting message is for pointing out described default file to be verified imperfect, and described download link address is the download address of described application package.
Corresponding to the above-mentioned a kind of program file calibration equipment provided from terminal point, the embodiment of the present invention additionally provides a kind of program file calibration equipment, is applied to terminal, and described terminal is: for running the terminal of the application software being carried on application package; As shown in Figure 10, described device can comprise:
Random number receiver module 410, for after establishing a communications link with the server for providing services on the Internet for described application software, receive the random number being directed to described application package that described server sends, wherein, described random number is: described server to obtain and sends after establishing a communications link with described terminal;
Second cryptographic Hash generation module 420, for the file content according to the file default to be verified in the described application package of described random number and described terminal local, and utilize predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be verified;
Second cryptographic Hash information sending module 430, for sending the relevant information of described second cryptographic Hash to described server, after the relevant information obtained about described second cryptographic Hash to make described server, according to about the relevant information of described second cryptographic Hash and the relevant information about the first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal, wherein, described first cryptographic Hash is: described server is according to described random number and self prestore, there is the file content of the file default to be verified in the application package of the version number of the described application package in described terminal, and utilize described predetermined Hash algorithm to generate.
In the embodiment of the present invention, when program file verifies, verification is completed by server, avoid the change of assailant to completeness check code, and, on the basis of presetting file to be verified, increase random number when calculating cryptographic Hash, improve the uncertainty of cryptographic Hash, reduce cryptographic Hash victim exhaustive go out risk, therefore, the accuracy rate of the integrality of checking routine file can be improved by this programme.
Concrete, in one implementation, described second cryptographic Hash information sending module 430, can comprise:
First information transmitting element, for after the request about described second cryptographic Hash receiving the transmission of described server, to the second cryptographic Hash described in described server feedback;
Or,
Second information transmitting unit, for after described second cryptographic Hash of generation, reports described second cryptographic Hash to described server.
Concrete, in another kind of specific implementation, described second cryptographic Hash information sending module 430, can comprise:
Value request obtains unit, for the request of multiple relevant to the predetermined number of bits numerical value about described second cryptographic Hash of reception server transmission successively;
3rd information transmitting unit, for after the request receiving each numerical value relevant to predetermined number of bits about described second cryptographic Hash that server sends, to corresponding to the predetermined number of bits relevant numerical value of described server feedback about described second cryptographic Hash.
Concrete, the described numerical value relevant to predetermined number of bits, can comprise:
Numerical value in predetermined number of bits;
Or,
Perform mathematical calculations to the numerical value at least two predetermined number of bits the numerical value of gained.
Further, a kind of program file calibration equipment that the present embodiment provides, also comprises:
First message reception units, for receiving the prompting message of described server push, wherein, described prompting message is for pointing out described default file to be verified imperfect;
Or,
Second message reception units, the prompting message pushed for reception server and download link address, wherein, described prompting message is for pointing out described default file to be verified imperfect, and described download link address is the download address of described application package.
In addition, the embodiment of the present invention additionally provides a kind of server, and described server is: the server of providing services on the Internet for the application software being carried on application package for operating in terminal, and wherein, described server comprises:
Processor, memory, communication interface and bus;
Described processor, described memory and described communication interface are connected by described bus and complete mutual communication;
Described memory stores executable programs code;
Described processor runs the program corresponding with described executable program code by reading the executable program code stored in described memory, for a kind of program file method of calibration of execution; Wherein, a kind of program file method of calibration comprises:
After establishing a communications link with described terminal, obtain the version number of described application package;
Obtain the random number being directed to described application package;
According to the file content with the file default to be verified in the application package of described version number that described random number and server self prestore, and utilize predetermined Hash algorithm, generate and be directed to described the first cryptographic Hash presetting file to be tested;
Described random number is sent to described terminal, to make described terminal after receiving described random number, according to the described file content presetting file to be tested in the described application package of described random number and described terminal local, and utilize described predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be tested;
Obtain the relevant information of described second cryptographic Hash generated about described terminal;
According to about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal.
In addition, the embodiment of the present invention additionally provides a kind of terminal, and described terminal is: for running the terminal of the application software being carried on application package; Wherein, described terminal comprises: processor, memory, communication interface and bus;
Described processor, described memory and described communication interface are connected by described bus and complete mutual communication;
Described memory stores executable programs code;
Described processor runs the program corresponding with described executable program code by reading the executable program code stored in described memory, for a kind of program file method of calibration of execution; Wherein, a kind of program file method of calibration comprises:
After establishing a communications link with the server for providing services on the Internet for described application software, receive the random number being directed to described application package that described server sends, wherein, described random number is: described server to obtain and sends after establishing a communications link with described terminal;
According to the file content of the file default to be verified in the described application package of described random number and described terminal local, and utilize predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be verified;
The relevant information of described second cryptographic Hash is sent to described server, after the relevant information obtained about described second cryptographic Hash to make described server, according to about the relevant information of described second cryptographic Hash and the relevant information about the first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal, wherein, described first cryptographic Hash is: described server is according to described random number and self prestore, there is the file content of the file default to be verified in the application package of the version number of the described application package in described terminal, and utilize described predetermined Hash algorithm to generate.
It should be noted that, in this article, the such as relational terms of first and second grades and so on is only used for an entity or operation to separate with another entity or operating space, and not necessarily requires or imply the relation that there is any this reality between these entities or operation or sequentially.And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, thus make to comprise the process of a series of key element, method, article or equipment and not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise by the intrinsic key element of this process, method, article or equipment.When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment comprising described key element and also there is other identical element.
Each embodiment in this specification all adopts relevant mode to describe, between each embodiment identical similar part mutually see, what each embodiment stressed is the difference with other embodiments.Especially, for system embodiment, because it is substantially similar to embodiment of the method, so description is fairly simple, relevant part illustrates see the part of embodiment of the method.
The foregoing is only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.All any amendments done within the spirit and principles in the present invention, equivalent replacement, improvement etc., be all included in protection scope of the present invention.
Claims (10)
1. a program file method of calibration, is characterized in that, is applied to server, and wherein, described server is: the server of providing services on the Internet for the application software being carried on application package for operating in terminal; Described method comprises:
After establishing a communications link with described terminal, obtain the version number of described application package;
Obtain the random number being directed to described application package;
According to the file content with the file default to be verified in the application package of described version number that described random number and server self prestore, and utilize predetermined Hash algorithm, generate and be directed to described the first cryptographic Hash presetting file to be tested;
Described random number is sent to described terminal, to make described terminal after receiving described random number, according to the described file content presetting file to be tested in the described application package of described random number and described terminal local, and utilize described predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be tested;
Obtain the relevant information of described second cryptographic Hash generated about described terminal;
According to about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal.
2. method according to claim 1, is characterized in that, the relevant information of described second cryptographic Hash that described acquisition generates about described terminal, comprising:
Described second cryptographic Hash that described terminal generates is obtained to described terminal request;
Or,
Receive described second cryptographic Hash that described terminal reports after generating described second cryptographic Hash;
Described basis, about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, is determined the described completeness check result presetting file to be verified in described terminal, being comprised:
Judge that whether described second cryptographic Hash obtained is identical with described first cryptographic Hash, if identical, determine that the described default file to be verified in described terminal is complete; Otherwise, determine that the described default file to be verified in described terminal is imperfect.
3. method according to claim 1, is characterized in that, the relevant information of described second cryptographic Hash that described acquisition generates about described terminal, comprising:
Multiple relevant to the predetermined number of bits numerical value of described second cryptographic Hash is obtained successively to described terminal request;
Described basis, about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, is determined the described completeness check result presetting file to be verified in described terminal, being comprised:
Judge that whether the numerical value that the multiple and predetermined number of bits of described second cryptographic Hash is correlated with is identical with the numerical value relevant with corresponding predetermined number of bits of described first cryptographic Hash successively, determine that the described default file to be verified in described terminal is complete if judged result is; Otherwise, determine that the described default file to be verified in described terminal is imperfect.
4. method according to claim 3, is characterized in that, the described numerical value relevant to predetermined number of bits, comprising:
Numerical value in predetermined number of bits;
Or,
Perform mathematical calculations to the numerical value at least two predetermined number of bits the numerical value of gained.
5. the method according to any one of claim 1-4, is characterized in that, when determining the described default file imperfection to be verified in described terminal, described method also comprises:
Disconnect the communication connection between described terminal.
6. a program file method of calibration, is characterized in that, is applied to terminal, and described terminal is: for running the terminal of the application software being carried on application package; Described method comprises:
After establishing a communications link with the server for providing services on the Internet for described application software, receive the random number being directed to described application package that described server sends, wherein, described random number is: described server to obtain and sends after establishing a communications link with described terminal;
According to the file content of the file default to be verified in the described application package of described random number and described terminal local, and utilize predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be verified;
The relevant information of described second cryptographic Hash is sent to described server, after the relevant information obtained about described second cryptographic Hash to make described server, according to about the relevant information of described second cryptographic Hash and the relevant information about the first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal, wherein, described first cryptographic Hash is: described server is according to described random number and self prestore, there is the file content of the file default to be verified in the application package of the version number of the described application package in described terminal, and utilize described predetermined Hash algorithm to generate.
7. a program file calibration equipment, is characterized in that, is applied to server, and wherein, described server is: the server of providing services on the Internet for the application software being carried on application package for operating in terminal; Described device comprises:
Version number obtains module, for after establishing a communications link with described terminal, obtains the version number of described application package;
Random number obtains module, for obtaining the random number being directed to described application package;
First cryptographic Hash generation module, for the file content with the file default to be verified in the application package of described version number prestored according to described random number and server self, and utilize predetermined Hash algorithm, generate and be directed to described the first cryptographic Hash presetting file to be tested;
Random number sending module, for described random number is sent to described terminal, to make described terminal after receiving described random number, according to the described file content presetting file to be tested in the described application package of described random number and described terminal local, and utilize described predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be tested;
Second cryptographic Hash information acquisition module, for obtaining the relevant information of described second cryptographic Hash generated about described terminal;
Completeness check module, for according to about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, determines the described completeness check result presetting file to be verified in described terminal.
8. a program file calibration equipment, is characterized in that, is applied to terminal, and described terminal is: for running the terminal of the application software being carried on application package; Described device comprises:
Random number receiver module, for after establishing a communications link with the server for providing services on the Internet for described application software, receive the random number being directed to described application package that described server sends, wherein, described random number is: described server to obtain and sends after establishing a communications link with described terminal;
Second cryptographic Hash generation module, for the file content according to the file default to be verified in the described application package of described random number and described terminal local, and utilizes predetermined Hash algorithm, generates and is directed to described the second cryptographic Hash presetting file to be verified;
Second cryptographic Hash information sending module, for sending the relevant information of described second cryptographic Hash to described server, after the relevant information obtained about described second cryptographic Hash to make described server, according to about the relevant information of described second cryptographic Hash and the relevant information about the first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal, wherein, described first cryptographic Hash is: described server is according to described random number and self prestore, there is the file content of the file default to be verified in the application package of the version number of the described application package in described terminal, and utilize described predetermined Hash algorithm to generate.
9. a server, is characterized in that, described server is: the server of providing services on the Internet for the application software being carried on application package for operating in terminal, and wherein, described server comprises:
Processor, memory, communication interface and bus;
Described processor, described memory and described communication interface are connected by described bus and complete mutual communication;
Described memory stores executable programs code;
Described processor runs the program corresponding with described executable program code by reading the executable program code stored in described memory, for a kind of program file method of calibration of execution; Wherein, a kind of program file method of calibration comprises:
After establishing a communications link with described terminal, obtain the version number of described application package;
Obtain the random number being directed to described application package;
According to the file content with the file default to be verified in the application package of described version number that described random number and server self prestore, and utilize predetermined Hash algorithm, generate and be directed to described the first cryptographic Hash presetting file to be tested;
Described random number is sent to described terminal, to make described terminal after receiving described random number, according to the described file content presetting file to be tested in the described application package of described random number and described terminal local, and utilize described predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be tested;
Obtain the relevant information of described second cryptographic Hash generated about described terminal;
According to about the relevant information of described second cryptographic Hash and the relevant information about described first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal.
10. a terminal, is characterized in that, described terminal is: for running the terminal of the application software being carried on application package; Wherein, described terminal comprises: processor, memory, communication interface and bus;
Described processor, described memory and described communication interface are connected by described bus and complete mutual communication;
Described memory stores executable programs code;
Described processor runs the program corresponding with described executable program code by reading the executable program code stored in described memory, for a kind of program file method of calibration of execution; Wherein, a kind of program file method of calibration comprises:
After establishing a communications link with the server for providing services on the Internet for described application software, receive the random number being directed to described application package that described server sends, wherein, described random number is: described server to obtain and sends after establishing a communications link with described terminal;
According to the file content of the file default to be verified in the described application package of described random number and described terminal local, and utilize predetermined Hash algorithm, generate and be directed to described the second cryptographic Hash presetting file to be verified;
The relevant information of described second cryptographic Hash is sent to described server, after the relevant information obtained about described second cryptographic Hash to make described server, according to about the relevant information of described second cryptographic Hash and the relevant information about the first cryptographic Hash, determine the described completeness check result presetting file to be verified in described terminal, wherein, described first cryptographic Hash is: described server is according to described random number and self prestore, there is the file content of the file default to be verified in the application package of the version number of the described application package in described terminal, and utilize described predetermined Hash algorithm to generate.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510578850.4A CN105306434A (en) | 2015-09-11 | 2015-09-11 | Program file checking method and device, server and terminal |
| PCT/CN2016/094628 WO2017041606A1 (en) | 2015-09-11 | 2016-08-11 | Program file check method and apparatus, server, and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510578850.4A CN105306434A (en) | 2015-09-11 | 2015-09-11 | Program file checking method and device, server and terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105306434A true CN105306434A (en) | 2016-02-03 |
Family
ID=55203189
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510578850.4A Pending CN105306434A (en) | 2015-09-11 | 2015-09-11 | Program file checking method and device, server and terminal |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105306434A (en) |
| WO (1) | WO2017041606A1 (en) |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105897781A (en) * | 2016-06-30 | 2016-08-24 | 北京奇虎科技有限公司 | Control method and control device for data transmission between mobile terminal and server |
| CN106161465A (en) * | 2016-08-29 | 2016-11-23 | 浪潮(北京)电子信息产业有限公司 | A kind of cloud storage method, cloud storage system and safe cloud storage system |
| WO2017041606A1 (en) * | 2015-09-11 | 2017-03-16 | 北京金山安全软件有限公司 | Program file check method and apparatus, server, and terminal |
| CN106648762A (en) * | 2016-11-30 | 2017-05-10 | 武汉斗鱼网络科技有限公司 | Development environment building method and device |
| CN107480068A (en) * | 2017-08-22 | 2017-12-15 | 武汉斗鱼网络科技有限公司 | Code integrity detection method, device, electric terminal and readable storage medium storing program for executing |
| CN107786504A (en) * | 2016-08-26 | 2018-03-09 | 腾讯科技(深圳)有限公司 | ELF file publishing methods, ELF file verifications method, server and terminal |
| CN108846266A (en) * | 2018-07-11 | 2018-11-20 | 中国联合网络通信集团有限公司 | A kind of method, system and the communication terminal of application program operation authorization |
| CN109582907A (en) * | 2018-12-06 | 2019-04-05 | 深圳前海微众银行股份有限公司 | Method of calibration, device, equipment and the readable storage medium storing program for executing of web page resources integrality |
| CN109939441A (en) * | 2019-03-14 | 2019-06-28 | 深圳市腾讯信息技术有限公司 | Using discs verifying method and system |
| CN109995700A (en) * | 2017-12-29 | 2019-07-09 | 北京易安睿龙科技有限公司 | A kind of safety protecting method of application program, applications client and ACR server |
| CN110750444A (en) * | 2019-09-10 | 2020-02-04 | 中国平安财产保险股份有限公司 | Application program handover method, application program handover device, computer device and storage medium |
| CN111104669A (en) * | 2018-10-29 | 2020-05-05 | 中兴通讯股份有限公司 | Cracking detection method, device, system, server, terminal and storage medium |
| CN112003704A (en) * | 2020-07-31 | 2020-11-27 | 中科扶云(杭州)科技有限公司 | Electronic evidence processing method and device and computer equipment |
| CN112307511A (en) * | 2020-11-06 | 2021-02-02 | 珠海格力电器股份有限公司 | File protection method and system |
| CN113127860A (en) * | 2019-12-30 | 2021-07-16 | Oppo广东移动通信有限公司 | Executable file detection method, device, terminal and storage medium |
| CN113139716A (en) * | 2021-03-31 | 2021-07-20 | 成都飞机工业(集团)有限责任公司 | Remote automatic error-proof checking method for numerical control machining program package |
| TWI735841B (en) * | 2019-01-19 | 2021-08-11 | 宏碁股份有限公司 | Computer system and method for verifying archived data |
| CN114398102A (en) * | 2022-01-18 | 2022-04-26 | 杭州米络星科技(集团)有限公司 | Application package generation method and device, compiling server and computer readable storage medium |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111199039B (en) * | 2018-11-20 | 2023-02-28 | 成都鼎桥通信技术有限公司 | Application security verification method and device and terminal equipment |
| CN109739529A (en) * | 2018-12-04 | 2019-05-10 | 贵阳朗玛信息技术股份有限公司 | A kind of method and device that program is issued automatically |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6782477B2 (en) * | 2002-04-16 | 2004-08-24 | Song Computer Entertainment America Inc. | Method and system for using tamperproof hardware to provide copy protection and online security |
| CN101782801A (en) * | 2009-11-16 | 2010-07-21 | 赵延斌 | Laptop adapter with built-in battery |
| CN101976322A (en) * | 2010-11-11 | 2011-02-16 | 清华大学 | Safety metadata management method based on integrality checking |
| US20120266022A1 (en) * | 2010-10-06 | 2012-10-18 | Siemens Aktiengesellschaft | Method for Verifying an Application Program in a Failsafe Programmable Logic Controller, and Programmable Logic Controller for Performing the Method |
| CN103488952A (en) * | 2013-09-24 | 2014-01-01 | 华为技术有限公司 | File integrity verification method and file processor |
| CN104134021A (en) * | 2013-06-20 | 2014-11-05 | 腾讯科技(深圳)有限公司 | Software tamper-proofing verification method and software tamper-proofing verification device |
| CN104778410A (en) * | 2015-04-16 | 2015-07-15 | 电子科技大学 | Application program integrity verification method |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8254569B2 (en) * | 2007-12-29 | 2012-08-28 | Nec (China) Co., Ltd. | Provable data integrity verifying method, apparatuses and system |
| CN101783801B (en) * | 2010-01-29 | 2013-04-24 | 福建星网锐捷网络有限公司 | Software protection method based on network, client side and server |
| CN104751049B (en) * | 2015-03-09 | 2018-09-04 | 广东欧珀移动通信有限公司 | A kind of application program installation method and mobile terminal |
| CN105306434A (en) * | 2015-09-11 | 2016-02-03 | 北京金山安全软件有限公司 | Program file checking method and device, server and terminal |
-
2015
- 2015-09-11 CN CN201510578850.4A patent/CN105306434A/en active Pending
-
2016
- 2016-08-11 WO PCT/CN2016/094628 patent/WO2017041606A1/en active Application Filing
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6782477B2 (en) * | 2002-04-16 | 2004-08-24 | Song Computer Entertainment America Inc. | Method and system for using tamperproof hardware to provide copy protection and online security |
| CN101782801A (en) * | 2009-11-16 | 2010-07-21 | 赵延斌 | Laptop adapter with built-in battery |
| US20120266022A1 (en) * | 2010-10-06 | 2012-10-18 | Siemens Aktiengesellschaft | Method for Verifying an Application Program in a Failsafe Programmable Logic Controller, and Programmable Logic Controller for Performing the Method |
| CN101976322A (en) * | 2010-11-11 | 2011-02-16 | 清华大学 | Safety metadata management method based on integrality checking |
| CN104134021A (en) * | 2013-06-20 | 2014-11-05 | 腾讯科技(深圳)有限公司 | Software tamper-proofing verification method and software tamper-proofing verification device |
| CN103488952A (en) * | 2013-09-24 | 2014-01-01 | 华为技术有限公司 | File integrity verification method and file processor |
| CN104778410A (en) * | 2015-04-16 | 2015-07-15 | 电子科技大学 | Application program integrity verification method |
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017041606A1 (en) * | 2015-09-11 | 2017-03-16 | 北京金山安全软件有限公司 | Program file check method and apparatus, server, and terminal |
| CN105897781A (en) * | 2016-06-30 | 2016-08-24 | 北京奇虎科技有限公司 | Control method and control device for data transmission between mobile terminal and server |
| CN105897781B (en) * | 2016-06-30 | 2019-05-31 | 北京奇虎科技有限公司 | The control method and device that data are transmitted between mobile terminal and server |
| CN107786504A (en) * | 2016-08-26 | 2018-03-09 | 腾讯科技(深圳)有限公司 | ELF file publishing methods, ELF file verifications method, server and terminal |
| CN107786504B (en) * | 2016-08-26 | 2020-09-04 | 腾讯科技(深圳)有限公司 | ELF file release method, ELF file verification method, server and terminal |
| CN106161465A (en) * | 2016-08-29 | 2016-11-23 | 浪潮(北京)电子信息产业有限公司 | A kind of cloud storage method, cloud storage system and safe cloud storage system |
| CN106648762A (en) * | 2016-11-30 | 2017-05-10 | 武汉斗鱼网络科技有限公司 | Development environment building method and device |
| CN106648762B (en) * | 2016-11-30 | 2020-08-04 | 武汉斗鱼网络科技有限公司 | Method and device for building development environment |
| CN107480068A (en) * | 2017-08-22 | 2017-12-15 | 武汉斗鱼网络科技有限公司 | Code integrity detection method, device, electric terminal and readable storage medium storing program for executing |
| CN109995700A (en) * | 2017-12-29 | 2019-07-09 | 北京易安睿龙科技有限公司 | A kind of safety protecting method of application program, applications client and ACR server |
| CN108846266A (en) * | 2018-07-11 | 2018-11-20 | 中国联合网络通信集团有限公司 | A kind of method, system and the communication terminal of application program operation authorization |
| CN111104669A (en) * | 2018-10-29 | 2020-05-05 | 中兴通讯股份有限公司 | Cracking detection method, device, system, server, terminal and storage medium |
| CN109582907A (en) * | 2018-12-06 | 2019-04-05 | 深圳前海微众银行股份有限公司 | Method of calibration, device, equipment and the readable storage medium storing program for executing of web page resources integrality |
| TWI735841B (en) * | 2019-01-19 | 2021-08-11 | 宏碁股份有限公司 | Computer system and method for verifying archived data |
| CN109939441A (en) * | 2019-03-14 | 2019-06-28 | 深圳市腾讯信息技术有限公司 | Using discs verifying method and system |
| CN109939441B (en) * | 2019-03-14 | 2023-03-14 | 深圳市腾讯信息技术有限公司 | Application multi-disk verification processing method and system |
| CN110750444A (en) * | 2019-09-10 | 2020-02-04 | 中国平安财产保险股份有限公司 | Application program handover method, application program handover device, computer device and storage medium |
| CN113127860A (en) * | 2019-12-30 | 2021-07-16 | Oppo广东移动通信有限公司 | Executable file detection method, device, terminal and storage medium |
| CN113127860B (en) * | 2019-12-30 | 2023-10-20 | Oppo广东移动通信有限公司 | Executable file detection method, device, terminal and storage medium |
| CN112003704A (en) * | 2020-07-31 | 2020-11-27 | 中科扶云(杭州)科技有限公司 | Electronic evidence processing method and device and computer equipment |
| CN112307511A (en) * | 2020-11-06 | 2021-02-02 | 珠海格力电器股份有限公司 | File protection method and system |
| CN113139716A (en) * | 2021-03-31 | 2021-07-20 | 成都飞机工业(集团)有限责任公司 | Remote automatic error-proof checking method for numerical control machining program package |
| CN114398102A (en) * | 2022-01-18 | 2022-04-26 | 杭州米络星科技(集团)有限公司 | Application package generation method and device, compiling server and computer readable storage medium |
| CN114398102B (en) * | 2022-01-18 | 2023-08-08 | 杭州米络星科技(集团)有限公司 | Application package generation method and device, compiling server and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2017041606A1 (en) | 2017-03-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105306434A (en) | Program file checking method and device, server and terminal | |
| CN107888577B (en) | Door lock firmware upgrading method, door lock, server, system and storage medium | |
| CN102830992B (en) | Plug-in loading method and system | |
| CN103095457B (en) | A kind of login of application program, verification method | |
| CN101436141B (en) | Firmware upgrading and encapsulating method and device based on digital signing | |
| CN102314578B (en) | A kind of system and method realizing software protection | |
| CN107911222B (en) | Digital signature generating method, digital signature verifying method, digital signature generating apparatus, digital signature verifying apparatus, and storage medium storing digital signature verifying program | |
| JP4856182B2 (en) | Software application security method and system | |
| CN105389177A (en) | Software version confirmation method, device and system | |
| CN111200589A (en) | Data protection method and system for alliance chain | |
| CN103248495B (en) | A kind of method, server, client and system applying interior paying | |
| CN109634615B (en) | Issuing method, verification method and device of application installation package | |
| CN103679005A (en) | Method to enable development mode of a secure electronic control unit | |
| CN103957080A (en) | Data integrity checking method and system | |
| CN104102499A (en) | Mobile terminal and mobile terminal software upgrading method | |
| CN111970109B (en) | Data transmission method and system | |
| CN105227545A (en) | The system and method that user and developer divide control is realized in intelligent operating platform | |
| CN113127020A (en) | Software upgrading method and device | |
| CN104504347A (en) | Data consistency matching processing method and device | |
| CN105827405A (en) | Remotely-controlled safety lock device and remote control method thereof | |
| CN110365688B (en) | Anti-stealing-link method and device | |
| CN102622251B (en) | The method of navigation software updating and management and server | |
| CN104219626A (en) | Identity authentication method and device | |
| CN115085905A (en) | Transaction data evidence checking method, device, equipment and medium based on block chain | |
| CN107318100B (en) | Method, device and system for binding mobile phone number |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160203 |