CN106384026A - APK (Android Application Package) generation method and device, APK authentication method and device, and system - Google Patents

APK (Android Application Package) generation method and device, APK authentication method and device, and system Download PDF

Info

Publication number
CN106384026A
CN106384026A CN201610805139.2A CN201610805139A CN106384026A CN 106384026 A CN106384026 A CN 106384026A CN 201610805139 A CN201610805139 A CN 201610805139A CN 106384026 A CN106384026 A CN 106384026A
Authority
CN
China
Prior art keywords
signature
file
authentication
apk
rule
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610805139.2A
Other languages
Chinese (zh)
Inventor
李刚
龙寿伦
张优德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Dlodlo Technologies Co Ltd
Shenzhen Dlodlo New Technology Co Ltd
Original Assignee
Shenzhen Dlodlo Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Dlodlo Technologies Co Ltd filed Critical Shenzhen Dlodlo Technologies Co Ltd
Priority to CN201610805139.2A priority Critical patent/CN106384026A/en
Publication of CN106384026A publication Critical patent/CN106384026A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses an APK (Android Application Package) generation method and device, an APK authentication method and device, and a system, and can effectively avoid a problem that the benefits of a software developer are damaged since cracking is realized through decompilation. The APK generation method comprises the following steps of: according to a preset compiling rule, compiling an application file to obtain an authentication file which can be called; according to a first signature rule, carrying out first signature processing on the authentication file to obtain a first signature file, wherein the first signature rule is an open-source source code; according to a second signature rule, carrying out second signature processing on the authentication file to obtain a second signature file, wherein the second signature rule is a closed-source source code; and packaging the application file, the authentication file, the first signature file and the second signature file to generate an APK.

Description

A kind of generation of APK, authentication method and apparatus and system
Technical field
The present invention relates to the communications field, more particularly, to a kind of generation of APK, authentication method and apparatus and system.
Background technology
With the appearance of intelligent mobile terminal, emerge a collection of mobile terminal system, such as Android (Android) system is A kind of intelligent mobile terminal system being widely used at present, wherein APK (Android application package) application peace Dress file is a kind of standard android application installation procedure.
The programming language that the software of Android platform uses is Java, and will be write by the packing process that compiles of some row Java code ultimately forms APK file.For distinguishing and other software developer, Android has signature mechanism, original signature Mechanism is increased income, and the composition of application file, signature algorithm, signature authentication flow process and authentication document etc. are all to be slapped completely Hold.
Thus lead to much apply by unearned person utilize decompiling instrument by application file decompiling be Java code, Delete the signature file of the inside, replace with the signature file of oneself, the application file obtaining in packing comes for Android system Say to be exactly legal applying, can normally run completely and be accordingly changed into their achievement, this just compromises software developer Interests.
Content of the invention
The invention provides a kind of generation of APK, authentication method and apparatus and system, can effectively prevent by decompiling Crack, thus damaging software developer's benefits program.
A kind of generation method of APK that the present invention provides, including:
According to prefabricated compiling rule, application file is compiled, obtains the authentication document being available for calling;
First signature process is carried out to authentication document according to the first signature rule, obtains the first signature file, the first signature Rule is source code of increasing income;
Second signature process is carried out to authentication document according to the second signature rule, obtains the second signature file;Second signature Rule is for closing code in a steady stream;
Application file, authentication document, the first signature file and the second signature file are packed and generates APK.
Optionally,
According to prefabricated compiling rule, application file is compiled, the authentication document step obtaining being available for calling includes:
Obtain full detail in application file;
The summary generating full detail is as authentication document.
Optionally,
Second signature rule includes:
It is encrypted;
Or
It is combined processing;
Or
Carry out RSA Algorithm process.
Optionally,
Described application file, the first signature file and the second signature file are carried out packing process, obtains APK and include:
Second signature file is arranged in APK and starts beginning.
Present invention also offers a kind of authentication method of APK, including:
APK is parsed, the file that is applied, authentication document, the first signature file and the second signature file;
First authentication processing is carried out to described authentication document according to the first signature rule, obtains corresponding first signature authentication File;
Judge whether described first signature authentication file is consistent with described first signature file,
If consistent, when starting described application file, then according to the second signature rule, described authentication document is carried out with the Two authentication processing, obtain corresponding second signature authentication file;Judge described second authentication signature file and described second certification Whether signature file is consistent, if so, then executes described application file, if it is not, then triggering abnormality processing;
If it is inconsistent, triggering abnormality processing.
Present invention also offers a kind of device of the described generation method of APK of application, including:
Compilation unit, for according to prefabricated compiling rule, being compiled to described application file, obtains being available for calling Authentication document;
First signature processing unit, for the first signature process is carried out to described authentication document according to the first signature rule, Obtain the first signature.
Present invention also offers a kind of generating means of APK, including:
Compilation unit, for according to prefabricated compiling rule, being compiled to application file, obtaining the certification being available for calling File;
First signature processing unit, for carrying out the first signature process according to the first signature rule to authentication document, obtains First signature file, the first signature rule is source code of increasing income;
Second signature processing unit, for carrying out the second signature process according to the second signature rule to authentication document, obtains Second signature file;Described second signature rule is for closing code in a steady stream;
Packaged unit, generates for application file, authentication document, the first signature file and the second signature file are packed APK.
Optionally,
The generating means of this APK further include:
Compilation unit includes:
Obtain subelement, for obtaining full detail in application file and the first signature file;
Generate subelement, for generating the summary of full detail as authentication document.
Optionally,
The generating means of this APK further include:
Preserve subelement, for preserving authentication document;
Arrangement subelement, starts beginning for authentication document is arranged in APK.
Present invention also offers a kind of APK authentication device, including:
Resolution unit, for parsing to described APK, obtains described application file, authentication document, the first signature file With the second signature file;
First authentication processing unit, for the first authentication processing is carried out to described authentication document according to the first signature rule, Obtain corresponding first signature authentication file;
First judging unit, whether consistent with described first signature file for judging described first signature authentication file,
Second authentication processing unit, for then carrying out the second authentication department according to the second signature rule to described authentication document Reason, obtains corresponding second signature authentication file;
Second judging unit, for judging described second authentication signature file and described second authentication signature file whether Cause,
Performance element, for then executing described application file.
Present invention also offers a kind of system of raising APK security, including:
The generating means of APK and the authentication device of APK;
The generating means of APK include:
Compilation unit, for according to prefabricated compiling rule, being compiled to application file, obtaining the certification being available for calling File;
First signature processing unit, for carrying out the first signature process according to the first signature rule to authentication document, obtains First signature file, the first signature rule is source code of increasing income;
Second signature processing unit, for carrying out the second signature process according to the second signature rule to authentication document, obtains Second signature file;Second signature file is to close code in a steady stream;
Packaged unit, generates for application file, authentication document, the first signature file and the second signature file are packed APK;
The authentication device of APK includes:
Resolution unit, for parsing to APK, the file that is applied, authentication document, the first signature file and the second label Name file;
First authentication processing unit, for carrying out the first authentication processing according to the first signature rule to authentication document, obtains Corresponding first signature authentication file;
Second authentication processing unit, for carrying out the second authentication processing according to the second signature rule to authentication document, obtains Corresponding second signature authentication file;
Judging unit, judges whether described first signature authentication file is consistent with described first signature file, if unanimously, When starting described application file, judge whether described second authentication signature file is consistent with described second authentication signature file, If so, then execute described application file, if it is not, then triggering abnormality processing;
Performance element, for then executing described application file.
As can be seen from the above technical solutions, the embodiment of the present invention specifically has advantage:
According to prefabricated compiling rule, application file is compiled, obtains the authentication document being available for calling;According to first Signature rule carries out the first signature process to authentication document, obtains the first signature file, and the first signature rule is source code of increasing income; Second signature process is carried out to authentication document according to the second signature rule, obtains the second signature file;Second signature rule is for closing Code in a steady stream;Application file, authentication document, the first signature file and the second signature file are packed and generates APK.If the second signature File is deleted, then application file cannot call authentication document, leads to application file cannot start such that it is able to effectively prevent from leading to Cross decompiling to crack, thus damaging software developer's benefits program.
Brief description
Fig. 1 is the first embodiment flow chart of the generation method of APK in the embodiment of the present invention;
Fig. 2 is the second embodiment flow chart of the generation method of APK in the embodiment of the present invention;
Fig. 3 is the generating means example structure schematic diagram of APK in the embodiment of the present invention;
Fig. 4 is the authentication method embodiment flow chart of APK in the embodiment of the present invention;
Fig. 5 is the authentication device example structure schematic diagram of APK in the embodiment of the present invention;
Fig. 6 is the system embodiment structural representation improving APK security in the embodiment of the present invention.
Specific embodiment
The invention provides a kind of generation of APK, authentication method and apparatus and system, can effectively prevent by decompiling Crack, thus damaging software developer's benefits program.
Refer to Fig. 1, in the embodiment of the present invention, the generation method first embodiment of APK includes:
101st, according to prefabricated compiling rule, application file is compiled, obtains the authentication document being available for calling;
In the present embodiment, system, according to prefabricated compiling rule, is compiled to application file, obtains being available for calling Authentication document.
It should be noted that application file here can be any a application, can be game, books, video with And music etc., this application can be the program or existing application that software developer oneself writes, and here does not limit Fixed.
102nd, the first signature process is carried out to authentication document according to the first signature rule, obtain the first signature file, first Signature rule is source code of increasing income;
In the present embodiment, system can carry out the first signature process according to the first signature rule to authentication document, obtains First signature file, the first signature rule is source code of increasing income;
It should be noted that the first signature file only comprises developer or the essential information of exploitation enterprise, for area Point different exploitation enterprise or developer are it is believed that only an address information and/or name information.
103rd, the second signature process is carried out to authentication document according to the second signature rule, obtain the second signature file;Second Signature file is to close code in a steady stream;
In the present embodiment, system can carry out the second signature process according to the second signature rule to authentication document, obtains Second signature file;Second signature file is to close code in a steady stream.
It should be noted that the second signature rule is non-increasing income, can be implemented according to RSA or ND5 rule definition Mode will describe in detail in follow-up embodiment, and here does not limit.
It should be noted that " first ", " second " here is for distinguishing similar object, without for describing spy Fixed order or precedence.
104th, application file, authentication document, the first signature file and the second signature file are packed and generate APK.
In the present embodiment, application file, authentication document, the first signature file and the second signature file can be beaten by system Bag generates APK.Specific packing process is essentially identical with the process of existing generation APK, will not be described here.
In the embodiment of the present invention, system according to prefabricated compiling rule, is compiled to application file, is available for first The authentication document calling;Then according to the first signature rule, the first signature process is carried out to authentication document, obtain the first signature literary composition Part, the first signature rule is source code of increasing income;Further according to the second signature rule, the second signature process is carried out to authentication document, obtain Second signature file;Second signature file is to close code in a steady stream;Finally by application file, authentication document, the first signature file and Second signature file packing generates APK.If the second signature file is deleted, application file cannot call authentication document, leads to Application file cannot start such that it is able to effectively prevent from cracking by decompiling, thus damaging software developer's benefits program.
Refer to Fig. 2, in the embodiment of the present invention, the generation method second embodiment of APK includes:
201st, obtain full detail in application file;
In the present embodiment, system obtains full detail in application file.
It should be noted that application file here can be any a application, can be game, books, video with And music etc., this application can be the program or existing application that software developer oneself writes, and here does not limit Fixed.
202nd, generate the summary of full detail as authentication document;
In the present embodiment, system generates the summary of full detail, will make a summary as authentication document.
It should be noted that used here as summary as a kind of authentication document only specific embodiment.Can also lead to Cross the other parts that same method refines in application file as authentication document.Using the side being similar to above-mentioned generation authentication document Method is all within protection domain.
203rd, the first signature process is carried out to authentication document according to the first signature rule, obtain the first signature file, first Signature rule is source code of increasing income;
In the present embodiment, system can carry out the first signature process according to the first signature rule to authentication document, obtains First signature file, the first signature rule is source code of increasing income;
It should be noted that the first signature file only comprises developer or the essential information of exploitation enterprise, for area Point different exploitation enterprise or developer are it is believed that only an address information and/or name information.
204th, the second signature process is carried out to authentication document according to the second signature rule, obtain the second signature file;Second Signature rule is for closing code in a steady stream;
In the present embodiment, system can carry out the second signature process according to the second signature rule to authentication document, obtains Second signature file;Second signature file is to close code in a steady stream.
It should be noted that the second signature rule is non-increasing income, can be implemented according to RSA or ND5 rule definition Mode will describe in detail in follow-up embodiment, and here does not limit.
It should be noted that " first ", " second " here is for distinguishing similar object, without for describing spy Fixed order or precedence.
205th, application file, authentication document, the first signature file and the second signature file are packed and generate APK.
In the present embodiment, application file, authentication document, the first signature file and the second signature file can be beaten by system Bag generates APK.Specific packing process is essentially identical with the process of existing generation APK, will not be described here.
In the embodiment of the present invention, system obtains full detail in application file, and generates the summary of full detail as recognizing Card file;Then according to the first signature rule, the first signature process is carried out to authentication document, obtain the first signature file, the first label Name rule is source code of increasing income;Further according to the second signature rule, the second signature process is carried out to authentication document, obtain the second signature File;Second signature file is to close code in a steady stream;Finally by application file, authentication document, the first signature file and the second signature File packing generates APK.If the second signature file is deleted, application file cannot call authentication document, leads to application file Cannot start such that it is able to effectively prevent from cracking by decompiling, thus damaging software developer's benefits program.
Above the second embodiment of the APK generation method that the present invention provides is illustrated, below the present invention is implemented In example, the generation method 3rd embodiment of APK illustrates:
Compared with above-described embodiment, difference is the generation method 3rd embodiment of APK, and the second signature rule includes:Enter Row encryption or be combined process or carry out RSA Algorithm process.Thus further increasing the security of APK.
Above the generation method embodiment of the APK that the present invention provides is illustrated, refers to Fig. 3, the present invention below A kind of generating means embodiment of the APK providing, including:
Compilation unit 301, for according to prefabricated compiling rule, being compiled to application file, obtains being available for calling Authentication document;
First signature processing unit 302, for carrying out the first signature process according to the first signature rule to authentication document, obtains To the first signature file, the first signature rule is source code of increasing income;
Second signature processing unit 303, for carrying out the second signature process according to the second signature rule to authentication document, obtains To the second signature file;Described second signature file is to close code in a steady stream;
Packaged unit 304, gives birth to for application file, authentication document, the first signature file and the second signature file are packed Become APK.
With an example in practice, the correspondence between said units is illustrated below:
Compilation unit 301, according to prefabricated compiling rule, is compiled to application file first, and obtain being available for calling recognizes Card file;
In the present embodiment, compilation unit 301, according to prefabricated compiling rule, is compiled to application file, obtaining can The authentication document for calling.
It should be noted that application file here can be any a application, can be game, books, video with And music etc., this application can be the program or existing application that software developer oneself writes, and here does not limit Fixed.
Then, the first signature processing unit 302 carries out the first signature process according to the first signature rule to authentication document, obtains To the first signature file, the first signature rule is source code of increasing income;
In the present embodiment, the first signature processing unit 302 can carry out the according to the first signature rule to authentication document One signature is processed, and obtains the first signature file, and the first signature rule is source code of increasing income;
It should be noted that the first signature file only comprises developer or the essential information of exploitation enterprise, for area Point different exploitation enterprise or developer are it is believed that only an address information and/or name information.
Then, the second signature processing unit 303 carries out the second signature process according to the second signature rule to authentication document, obtains To the second signature file;Second signature file is to close code in a steady stream;
In the present embodiment, the second signature processing unit 303 can carry out the according to the second signature rule to authentication document Two signatures are processed, and obtain the second signature file;Second signature file is to close code in a steady stream.
It should be noted that the second signature rule is non-increasing income, can be implemented according to RSA or ND5 rule definition Mode will describe in detail in follow-up embodiment, and here does not limit.
It should be noted that " first ", " second " here is for distinguishing similar object, without for describing spy Fixed order or precedence.
Finally, application file, authentication document, the first signature file and the second signature file are packed and are given birth to by packaged unit 304 Become APK.
In the present embodiment, packaged unit 304 can be by application file, authentication document, the first signature file and the second label Name file packing generates APK.Specific packing process is essentially identical with the process of existing generation APK, will not be described here.
In the embodiment of the present invention, compilation unit 301 according to prefabricated compiling rule, is compiled to application file first, Obtain the authentication document being available for calling;Then the first signature processing unit 302 is carried out to authentication document according to the first signature rule First signature is processed, and obtains the first signature file, and the first signature rule is source code of increasing income;Again by the second signature processing unit 303 carry out the second signature process according to the second signature rule to authentication document, obtain the second signature file;Second signature file is Close code in a steady stream;Application file, authentication document, the first signature file and the second signature file are packed by last packaged unit 304 Generate APK.If the second signature file is deleted, application file cannot call authentication document, leads to application file cannot start, So as to effectively prevent from cracking by decompiling, thus damaging the problem of software developer's interests.
Concrete packing step also preserves authentication document and authentication document is arranged in APK startup beginning.
In the present embodiment, system specifically pack step also preserve authentication document and by authentication document be arranged in APK start Beginning.
After system authentication, just carry out closing source certification, be easy to protect the apk being modified, be specifically the peace when installing apk Tall and erect system can carry out the system authentication of itself, and after installing, if this application program will be run, can carry out closing of application program Source is verified, sees whether changed by others, if changed certification cannot pass through.
A kind of generating means embodiment of APK that the present invention provides further includes:
Compilation unit 301 includes:
Obtain subelement 3011, for obtaining full detail in application file and the first signature file;
Generate subelement 3012, for generating the summary of full detail as authentication document.
Packaged unit 304 includes
Preserve subelement 3041, for preserving authentication document;
Arrangement subelement 3042, starts beginning for authentication document is arranged in APK.
Above the generating means embodiment of APK a kind of in the present invention is illustrated, refers to Fig. 4, the present invention below A kind of authentication method of middle APK includes:
401st, APK is parsed, the file that is applied, authentication document, the first signature file and the second signature file;
In the present embodiment, system APK is parsed, obtain described application file, authentication document, the first signature file and Second signature file.
402nd, the first authentication processing is carried out to described authentication document according to the first signature rule, obtain corresponding first signature Authentication document;
403rd, judge whether described first signature authentication file is consistent with described first signature file, if so, then executes step Rapid 404, if it is not, then triggering abnormality processing.
404th, when starting described application file, then the second certification is carried out to described authentication document according to the second signature rule Process, obtain corresponding second signature authentication file;
405th, judge whether described second authentication signature file is consistent with described second authentication signature file,
If so, then execution step 406;If it is not, then triggering abnormality processing
406th, execute described application file.
Above the authentication method embodiment of APK a kind of in the present invention is illustrated, refers to Fig. 5, the present invention below A kind of authentication device of middle APK includes:
Resolution unit 501, for parsing to described APK, obtains described application file, authentication document, the first signature File and the second signature file;
First authentication processing unit 502, for carrying out the first authentication department according to the first signature rule to described authentication document Reason, obtains corresponding first signature authentication file;
First judging unit 503, for judging described first signature authentication file and described first signature file whether Cause;
Second authentication processing unit 504, for then carrying out the second certification according to the second signature rule to described authentication document Process, obtain corresponding second signature authentication file;
Second judging unit 505, for judging that described second authentication signature file with described second authentication signature file is No consistent;
Performance element 506, for then executing described application file.
Above a kind of authentication device embodiment of APK that the present invention provides is illustrated, refers to Fig. 6 below, this Invention also provides a kind of system of raising APK security, including:
The generating means 601 of APK and the authentication device 602 of APK;
The generating means 601 of APK include:
Compilation unit 6011, for according to prefabricated compiling rule, being compiled to application file, obtains being available for calling Authentication document;
First signature processing unit 6012, for the first signature process is carried out to authentication document according to the first signature rule, Obtain the first signature file, the first signature rule is source code of increasing income;
Second signature processing unit 6013, for the second signature process is carried out to authentication document according to the second signature rule, Obtain the second signature file;Second signature file is to close code in a steady stream;
Packaged unit 6014, gives birth to for application file, authentication document, the first signature file and the second signature file are packed Become APK;
The authentication device 602 of APK includes:
Resolution unit 6021, for parsing to described APK, obtains described application file, authentication document, the first signature File and the second signature file;
First authentication processing unit 6022, for carrying out the first authentication department according to the first signature rule to described authentication document Reason, obtains corresponding first signature authentication file;
First judging unit 6023, for judging described first signature authentication file and described first signature file whether Cause;
Second authentication processing unit 6024, for then carrying out the second certification according to the second signature rule to described authentication document Process, obtain corresponding second signature authentication file;
Second judging unit 6025, for judging that described second authentication signature file with described second authentication signature file is No consistent;
Performance element 6026, for then executing described application file.
Above a kind of generation method of APK provided by the present invention is described in detail, general for this area Technical staff, according to the thought of the embodiment of the present invention, all will change, to sum up in specific embodiments and applications Described, this specification content should not be construed as limitation of the present invention.

Claims (10)

1. a kind of generation method of APK is it is characterised in that include:
According to prefabricated compiling rule, described application file is compiled, obtains the authentication document being available for calling;
First signature process is carried out to described authentication document according to the first signature rule, obtains the first signature file, described first Signature rule is source code of increasing income;
Second signature process is carried out to described authentication document according to the second signature rule, obtains the second signature file;Described second Signature rule is for closing code in a steady stream;
Described application file, authentication document, the first signature file and the second signature file are packed and generates APK.
2. APK according to claim 1 generation method it is characterised in that described according to prefabricated compiling rule, to institute State application file to be compiled, the authentication document step obtaining being available for calling includes:
Obtain full detail in described application file;
The summary generating described full detail is as described authentication document.
3. APK according to claim 1 generation method it is characterised in that
Described second signature rule includes:
It is encrypted;
Or
It is combined processing;
Or
Carry out RSA Algorithm process.
4. the APK according to any one of claim 1-3 generation method it is characterised in that described by described application file, Described first signature file and described second signature file carry out packing process, obtain APK and include:
Preserve and described second signature file is arranged in described APK and start beginning.
5. a kind of authentication method of the generation method of the APK as any one of Claims 1-4 is it is characterised in that wrap Include:
Described APK is parsed, obtains described application file, authentication document, the first signature file and the second signature file;
First authentication processing is carried out to described authentication document according to the first signature rule, obtains corresponding first signature authentication literary composition Part;Judge whether described first signature authentication file is consistent with described first signature file,
If consistent, when starting described application file, then according to the second signature rule, second is carried out to described authentication document and recognize Card is processed, and obtains corresponding second signature authentication file;Judge described second authentication signature file and described second authentication signature Whether file is consistent, if so, then executes described application file, if it is not, then triggering abnormality processing;
If it is inconsistent, triggering abnormality processing.
6. a kind of device applied in the generation method of the APK as any one of Claims 1-4 is it is characterised in that wrap Include:
Compilation unit, for according to prefabricated compiling rule, being compiled to described application file, obtaining the certification being available for calling File;
First signature processing unit, for carrying out the first signature process according to the first signature rule to described authentication document, obtains First signature file, described first signature rule is source code of increasing income;
Second signature processing unit, for carrying out the second signature process according to the second signature rule to described authentication document, obtains Second signature file;Described second signature rule is for closing code in a steady stream;
Packaged unit, generates for described application file, authentication document, the first signature file and the second signature file are packed APK.
7. APK according to claim 6 generating means it is characterised in that
Described compilation unit includes:
Obtain subelement, for obtaining full detail in described application file and described first signature file;
Generate subelement, for generating the summary of described full detail as described authentication document.
8. APK according to claim 6 generating means it is characterised in that
Described device also includes:
Preserve subelement, for preserving described authentication document;
Arrangement subelement, starts beginning for described authentication document is arranged in described APK.
9. a kind of device of APK authentication method as claimed in claim 5 is it is characterised in that include:
Resolution unit, for parsing to described APK, obtains described application file, authentication document, the first signature file and Two signature files;
First authentication processing unit, for carrying out the first authentication processing according to the first signature rule to described authentication document, obtains Corresponding first signature authentication file;
First judging unit, whether consistent with described first signature file for judging described first signature authentication file,
Second authentication processing unit, for then carrying out the second authentication processing according to the second signature rule to described authentication document, obtains To corresponding second signature authentication file;
Second judging unit, whether consistent with described second authentication signature file for judging described second authentication signature file,
Performance element, for then executing described application file.
10. a kind of system of raising APK security includes:
The generating means of APK and the authentication device of APK;
The generating means of described APK include:
Compilation unit, for according to prefabricated compiling rule, being compiled to described application file, obtaining the certification being available for calling File;
First signature processing unit, for carrying out the first signature process according to the first signature rule to described authentication document, obtains First signature file, described first signature rule is source code of increasing income;
Second signature processing unit, for carrying out the second signature process according to the second signature rule to described authentication document, obtains Second signature file;Described second signature file is to close code in a steady stream;
Packaged unit, generates for described application file, authentication document, the first signature file and the second signature file are packed APK;
The authentication device of described APK includes:
Resolution unit, for parsing to described APK, obtains described application file, authentication document, the first signature file and Two signature files;
First authentication processing unit, for carrying out the first authentication processing according to the first signature rule to described authentication document, obtains Corresponding first signature authentication file;
Second authentication processing unit, for carrying out the second authentication processing according to the second signature rule to described authentication document, obtains Corresponding second signature authentication file;
Judging unit, judges whether described first signature authentication file is consistent with described first signature file, if unanimously, is opening When moving described application file, judge whether described second authentication signature file is consistent with described second authentication signature file, if so, Then execute described application file, if it is not, then triggering abnormality processing;
Performance element, for then executing described application file.
CN201610805139.2A 2016-09-06 2016-09-06 APK (Android Application Package) generation method and device, APK authentication method and device, and system Pending CN106384026A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610805139.2A CN106384026A (en) 2016-09-06 2016-09-06 APK (Android Application Package) generation method and device, APK authentication method and device, and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610805139.2A CN106384026A (en) 2016-09-06 2016-09-06 APK (Android Application Package) generation method and device, APK authentication method and device, and system

Publications (1)

Publication Number Publication Date
CN106384026A true CN106384026A (en) 2017-02-08

Family

ID=57939573

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610805139.2A Pending CN106384026A (en) 2016-09-06 2016-09-06 APK (Android Application Package) generation method and device, APK authentication method and device, and system

Country Status (1)

Country Link
CN (1) CN106384026A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111552946A (en) * 2020-04-24 2020-08-18 上海亘岩网络科技有限公司 PDF file digital signature method, system and storage medium
CN111581606A (en) * 2020-04-24 2020-08-25 上海亘岩网络科技有限公司 PDF file digital signature method and system
CN112860306A (en) * 2019-11-28 2021-05-28 京东方科技集团股份有限公司 File generation method and device, file operation method and device, and electronic equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103324506A (en) * 2013-06-24 2013-09-25 上海天奕达电子科技有限公司 Method and mobile phone for controlling installation of Android applications
CN104111840A (en) * 2014-08-06 2014-10-22 浪潮软件股份有限公司 Method for generating APK installation package under non-Android environment
CN104426658A (en) * 2013-09-02 2015-03-18 中国移动通信集团公司 Method and device for performing identity authentication on application on mobile terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103324506A (en) * 2013-06-24 2013-09-25 上海天奕达电子科技有限公司 Method and mobile phone for controlling installation of Android applications
CN104426658A (en) * 2013-09-02 2015-03-18 中国移动通信集团公司 Method and device for performing identity authentication on application on mobile terminal
CN104111840A (en) * 2014-08-06 2014-10-22 浪潮软件股份有限公司 Method for generating APK installation package under non-Android environment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112860306A (en) * 2019-11-28 2021-05-28 京东方科技集团股份有限公司 File generation method and device, file operation method and device, and electronic equipment
CN111552946A (en) * 2020-04-24 2020-08-18 上海亘岩网络科技有限公司 PDF file digital signature method, system and storage medium
CN111581606A (en) * 2020-04-24 2020-08-25 上海亘岩网络科技有限公司 PDF file digital signature method and system

Similar Documents

Publication Publication Date Title
KR101471589B1 (en) Method for Providing Security for Common Intermediate Language Program
US10482221B2 (en) Protecting a computer program against reverse engineering
WO2016078130A1 (en) Dynamic loading method for preventing reverse of apk file
CN104426658B (en) The method and device of authentication is carried out to the application on mobile terminal
CN106203006A (en) Android application reinforcement means based on dex Yu so file Dynamic Execution
US20150095653A1 (en) Method and apparatus of creating application package, method and apparatus of executing application package, and recording medium storing application package
WO2016019790A1 (en) Verification method, client, server and system for installation package
JP2018503157A (en) Method and device for providing application integrity verification
CN108259479B (en) Business data processing method, client and computer readable storage medium
CN101226569A (en) Method and device for checking code module in virtual machine
CN107092816B (en) Android application program reinforcing method
CN106384026A (en) APK (Android Application Package) generation method and device, APK authentication method and device, and system
CN107273742B (en) Authorized installation method, code scanning payment terminal, server and system for android application
CN111191195A (en) Method and device for protecting APK
CN108595950A (en) A kind of safe Enhancement Methods of SGX of combination remote authentication
CN105787352A (en) Method and terminal for provision and loading of executable module
CN112134905B (en) Android system based signature method, device and equipment
Xu et al. Security analysis and protection based on smali injection for android applications
CN110581833B (en) Service security protection method and device
CN105278954A (en) Anti-cracking Android APP and operation mode thereof
CN104751026B (en) Method for protecting software, software application method and the relevant apparatus of Android system
CN107689934B (en) Method, server and client for guaranteeing information security
CN106648770B (en) Generation method, loading method and device of application program installation package
CN106203002B (en) Software product guard method
CN107180170A (en) A kind of Android APP are without shell reinforcement means

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170208

RJ01 Rejection of invention patent application after publication