CN106709281B - Patch granting and acquisition methods, device - Google Patents
Patch granting and acquisition methods, device Download PDFInfo
- Publication number
- CN106709281B CN106709281B CN201510413349.2A CN201510413349A CN106709281B CN 106709281 B CN106709281 B CN 106709281B CN 201510413349 A CN201510413349 A CN 201510413349A CN 106709281 B CN106709281 B CN 106709281B
- Authority
- CN
- China
- Prior art keywords
- patch
- data
- code
- information
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000012423 maintenance Methods 0.000 claims abstract description 17
- 230000005540 biological transmission Effects 0.000 claims abstract description 9
- 238000012795 verification Methods 0.000 claims description 25
- 230000008901 benefit Effects 0.000 claims description 6
- 239000000284 extract Substances 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 6
- 238000000605 extraction Methods 0.000 claims description 5
- 238000001514 detection method Methods 0.000 claims description 2
- 238000012360 testing method Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 6
- 238000010586 diagram Methods 0.000 description 6
- 238000009434 installation Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 241001269238 Data Species 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 238000012856 packing Methods 0.000 description 2
- 230000001737 promoting effect Effects 0.000 description 2
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 239000000686 essence Substances 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000246 remedial effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Stored Programmes (AREA)
Abstract
The application provides a kind of patch granting and acquisition methods, device, which includes: the patch acquisition request sent according to client, and corresponding patch data is extracted from patch platform database;The patch data is returned into the client;Wherein, the patch data includes patch code and check information corresponding with the patch code, to be verified according to the check information to the patch code by the client.By the technical solution of the application, it can simplify the management and maintenance process of patch, improve the transmission security of patch.
Description
Technical field
This application involves Internet technical field more particularly to patch granting and acquisition methods, device.
Background technique
Corresponding operation or control function can may be implemented by installing application program on intelligent devices in user.So
And application program often cannot be considered in terms of various aspects in the process of development, may have some mistakes or new function adds
Add, but be not intended to do the application program update (i.e. the application program of covering installation more new version) of entire version, at this time may be used
To be equivalent to " repairing " to scripting utility, i.e. correctable error or realization new function by installation patch.
Summary of the invention
In view of this, the application provides a kind of patch granting and acquisition methods, device, the management and dimension of patch can simplify
Shield process improves the transmission security of patch.
To achieve the above object, it is as follows to provide technical solution by the application:
According to a first aspect of the present application, a kind of patch distribution method is proposed, comprising:
According to the patch acquisition request that client is sent, corresponding patch data is extracted from patch platform database;
The patch data is returned into the client;Wherein, the patch data include patch code and with the benefit
The corresponding check information of fourth code, to be verified according to the check information to the patch code by the client.
According to a second aspect of the present application, a kind of patch acquisition methods are proposed, comprising:
Patch acquisition request is sent to server-side;
The patch data that the server-side returns is received, the patch data includes patch code and check information;
The patch code is verified according to the check information, and executes the benefit through verification
Fourth code.
According to the third aspect of the application, a kind of patch dispensing apparatus is proposed, comprising:
Extraction unit extracts corresponding mend according to the patch acquisition request that client is sent from patch platform database
Fourth data;
The patch data is returned to the client by return unit;Wherein, the patch data include patch code and
Check information corresponding with the patch code, to be carried out according to the check information to the patch code by the client
Verification.
According to the fourth aspect of the application, a kind of patch acquisition device is proposed, comprising:
Transmission unit sends patch acquisition request to server-side;
Receiving unit receives the patch data that the server-side returns, and the patch data includes patch code and verification
Information;
Verification unit verifies the patch code according to the check information, and through verification
Execute the patch code.
By above technical scheme as it can be seen that the application manages patch data by patch platform database, so that exploit person
It is flat to be also convenient for patch without carrying out being packaged as patch file to patch data, parse without client to patch file by member
Platform database is read out and manages to attributes such as system type, the version numbers of patch file.By in patch data simultaneously
Comprising patch code and check information, verify client accordingly, identify patch source substituted, patch code
It the risk status such as is tampered, facilitates the safety for promoting patch installation.
Detailed description of the invention
Fig. 1 is a kind of flow chart of the patch distribution method provided according to one exemplary embodiment of the application;
Fig. 2 is a kind of flow chart of the patch acquisition methods provided according to one exemplary embodiment of the application;
Fig. 3 is a kind of application scenarios schematic diagram provided according to one exemplary embodiment of the application;
Fig. 4 is a kind of schematic diagram of the enclosed structure of the patch data provided according to one exemplary embodiment of the application;
Fig. 5 A-5D is that the interface that a kind of pair of patch data provided according to one exemplary embodiment of the application is safeguarded shows
It is intended to;
Fig. 6 is the flow chart of a kind of patch granting and acquisition methods that are provided according to one exemplary embodiment of the application;
Fig. 7 is a kind of structural representation of the electronic equipment based on server-side provided according to one exemplary embodiment of the application
Figure;
Fig. 8 is a kind of block diagram of the patch dispensing apparatus provided according to one exemplary embodiment of the application;
Fig. 9 is a kind of structural representation of the electronic equipment based on server-side provided according to one exemplary embodiment of the application
Figure;
Figure 10 is a kind of block diagram of the patch acquisition device provided according to one exemplary embodiment of the application.
Specific embodiment
In the related art, after developer needs the data such as patch code being packaged into document form, by patch text
Part is stored in server.Since patch file has been subjected to packing processing, thus server can not read the category of the patch file
Property information is merely able to by from server so that developer needs to access patch file when viewing or editing operation to realize
It is middle to download corresponding patch file to realize.
In addition, not provided in the related technology when user installs from server downloading patch file to patch text
The verification means of part, cause hacker to be easy to the patch file such as distort, and cause serious security risks.
Therefore, the application is by improvement to patch maintenance mode and content authentication, to improve present in the relevant technologies
Above-mentioned technical problem.For the application is further described, the following example is provided:
Fig. 1 is a kind of flow chart of the patch distribution method provided according to one exemplary embodiment of the application, such as Fig. 1 institute
To show, this method is applied to server-side (i.e. server or server end), it may comprise steps of:
Step 102, the patch acquisition request sent according to client, extracts corresponding patch from patch platform database
Data.
In the present embodiment, the system type information and application version information in the patch acquisition request are read;
It extracts from the patch platform database and matches most with the system type information and the application version information
New version patch data.
Step 104, the patch data is returned into the client;Wherein, the patch data include patch code and
Check information corresponding with the patch code, to be carried out according to the check information to the patch code by the client
Verification.
In the present embodiment, check information is that the abstract signed via the private key at the patch platform database is believed
Breath, the summary info are that the patch code is calculated according to default digest algorithm.By calculating patch code
Corresponding summary info, the data length for being used in private key signature is controllable, solve patch code overabundance of data and can not be direct
The problem of signature or signature low efficiency.
With embodiment illustrated in fig. 1 correspondingly, Fig. 2 be according to one exemplary embodiment of the application provide a kind of patch obtain
Take the flow chart of method, as shown in Fig. 2, this method be applied to client (terminal of the application program of the client is installed,
Such as computer, mobile phone, plate equipment), it may comprise steps of:
Step 202, patch acquisition request is sent to server-side.
Step 204, the patch data that the server-side returns is received, the patch data includes patch code and verification letter
Breath.
In the present embodiment, check information can be to pluck via what the private key at the patch platform database was signed
Information is wanted, the summary info is that the patch code is calculated according to default digest algorithm.
Step 206, the patch code is verified according to the check information, and is held through verification
The row patch code.
In the present embodiment, client can calculate the corresponding reality of the patch code according to the default digest algorithm
When summary info;When the check information meets following conditions, determine that the patch code has passed through the check information
Verification: the decoded information and the real-time summary info that is carried out by signature decoding, and is obtained for the check information by local public key
Unanimously.In this embodiment, signature decoding is carried out to check information by local public key, the source of the patch data can be verified
It is whether correct, i.e., unsafe patch number is sent to client by modes such as such as DNS interception, setting agencies with the presence or absence of hacker
According to;Meanwhile by the verifying to summary info, mistake can occur in data transmission procedure to avoid patch code or usurped
Change, has thereby further ensured that the validity and safety of patch data.
In the technical solution of the application, the interaction and cooperation being related between server-side and client, such as Fig. 3 institute
Show, under the application scenarios of an exemplary embodiment, server is equipped with answering as client configured with server-side, in terminal
With program, then server can safeguard patch data, and terminal to server by initiating to request, corresponding to obtain
Patch data is simultaneously installed.
1, patch is safeguarded
After server-side receives the patch code of developer's upload, is read and generated by the attribute to the patch code
After corresponding check information, that is, corresponding patch data is produced, and establish corresponding data structure, in order to safeguard.
Fig. 4 is the data structure that the patch of an exemplary embodiment is safeguarded, which may include three levels: be
System type, application version and patch release.
System type.System type refers to that the OS Type that terminal uses, different types of operating system needs are adopted
With different types of application program, corresponding patch is not also identical.For example system type may include iOS, Android, Win
(i.e. Windows Phone) etc..
Application version.There may be one or more application program version under every kind of system type, application program
Version updating means the whole updating of application program and reinstalls, and user is needed to re-download the installation of entire application program
File simultaneously updates;And if added only for the amendment of minor error or function, it does not often need to carry out version to application program
This update, but repaired by way of patch.It is distinguished between different editions by version number, than as shown in Figure 4
System type be iOS in the case where, there are version number be multiple versions such as " 1.0.0 ", " 1.0.1 " application program.
Patch release.There may be one or more patches, such as system shown in Fig. 4 for the application program of the same version
Under the application program that type is iOS, version number is 1.0.1, including 2 patches: patch 1 and patch 2.
Since server-side safeguards patch data using the form of database, i.e., developer when uploading patch not
It will do it packing processing, so that the attribute information of patch data can be read directly in server-side, and pass through patch number shown in Fig. 4
Sorted out according to structure and is managed.Correspondingly, developer, can be to the patch in database without the form of " downloading "
Data access.For example, developer can initiate web access requests, then server-side to server-side by local browser
After the identity and access authority for demonstrating developer, the patch situation corresponded in the patch platform database is returned
Web data makes local browser that system type administration interface shown in Fig. 5 A can be generated;Then, developer can pass through
The administration interface issues patch maintenance instruction, then server-side, can be to patch platform number according to the patch maintenance instruction received
Patch maintenance is carried out according to library.
In the system type administration interface shown in Fig. 5 A, developer can intuitively check existing every kind of system class
The patch situation of type can also add more system types by " newly-increased ".It is corresponded to it is assumed that developer clicks " iOS "
" entrance " operation, then be transferred to application version administration interface shown in Fig. 5 B.
In the application version administration interface shown in Fig. 5 B, developer can intuitively check is in system type
In the case where iOS, existing patch quantity under existing application version and each version;As " 1.0.1 ", " 1.0.2 ",
" 2.0.1 " etc..Meanwhile developer can also add more application versions by " newly-increased ".It is assumed that developer
Some existing version is had selected, then is transferred to patch management interface shown in Fig. 5 C.
In the patch management interface shown in Fig. 5 C, developer can intuitively be checked in the feelings that system type is iOS
Patch details under condition, under each application version.Such as in the case where version number is the application program of 3.3.0, including number is 1
With 2 two patches, and developer can carry out the management of the forms such as " editor " or " deletion " to existing patch.
It is assumed that developer clicks " editor " operation of patch 2, then it is transferred to patch editing interface shown in Fig. 5 D, it can be with
" patch description ", " patch code " etc. are edited.In addition, also shown in Fig. 5 D patch " Override (cover by pressure
Lid) " option, after developer chooses the option, client will force to obtain the patch from server-side and carry out covering installation,
Regardless of whether local have existed the patch equally numbered, which is used to carry out remedial pressure to the patch provided
Corrigendum.
Since developer can directly pass through such as browser form, access and online to the patch in server-side
The operation such as editor, without the operation such as patch being downloaded, being packaged, the maintenance and management for helping to simplify patch is operated.
2, patch obtains
Fig. 6 is the flow chart of a kind of patch granting and acquisition methods that are provided according to one exemplary embodiment of the application, such as
Shown in Fig. 6, this method be may comprise steps of:
Step 602, server-side obtains patch code.
In the present embodiment, patch code is generated by developer and is stored to server-side;For example, developer can lead to
Cross browser and be transferred to administration interface shown in Fig. 5 A-5D, and to the patch under every kind of system type, each application version into
Row management, the generation including new patch or the editor etc. to existing patch.
Step 604, server-side calculates the corresponding summary info of patch code.
In the present embodiment, since check information and patch code correspond, then for newly-generated patch code or
By edited existing patch code, server-side is required to regenerate corresponding check information.
In the present embodiment, the corresponding abstract letter of patch code can be calculated by such as MD5 scheduling algorithm in server-side
Breath.Such as when patch code is " Hello World ", corresponding MD5 value, that is, summary info is " b10a8db164e075410
5b7a99be72e3fe5”。
Step 606, server-side signs to summary info using private key, obtains check information.
In the present embodiment, private key is preserved at server-side, is mutually matched between the public key at the private key and client.
By private key to the signature of summary info, then when client verifies the signature using public key, that is, may recognize that corresponding
Whether the source of patch data is really server-side, such as to above-mentioned " b10a8db164e0754105b7a99be72e3fe5 "
After summary info is signed, obtaining signature string is " PAzf7S/eT/IUOm7LLqXx ".
In the present embodiment, it since the length of different patch codes is uncertain, then if patch code is too long, may lead
Time length, the low efficiency for causing private key to sign are unfavorable for the patch maintenance of server-side;Meanwhile under some cases, private key is carried out
There is also to the length limitation for being signed content when signature, then the patch code that content is excessive, length is too long is likely to can not be by
Effectively signature.It therefore, can after the summary info in the application by the way that the uncontrollable patch code of length to be converted to regular length
Length to avoid patch code it is too long and can not sign or sign inefficiency the problem of, to facilitate the patch of server-side
Maintenance and client in follow-up phase to the safety check of patch data.
Step 608, server-side is associated storage using patch code and check information as patch data.
Step 610, server-side receives the patch acquisition request of client transmission.
In the present embodiment, client can traverse local with the presence or absence of benefit first when detecting that patch is upgraded demand
Fourth data.If local, there are patch datas, can solve the patch by local patch data and upgrade demand;If local
There is no patch datas, just by initiating patch acquisition request to server-side, to obtain patch data from server-side.
Step 612, server-side reads the system type information and application version information in patch acquisition request.
Step 614, server-side extracts the benefit to match with system type information, application version information from database
Fourth data.
In the present embodiment, according to system type information and application version information, server-side can be chosen accordingly
Latest patch simultaneously returns to client.Such as in the case of shown in Fig. 5 C, if the system type information that client is sent is
IOS, application version information are 3.3.0, then server-side can inquire and return to newest patch 2.
Step 616, server-side returns to the patch data extracted to client.
Step 618, client obtains the patch code and check information in patch data.
Step 620, client executing data check.
In the present embodiment, the data check of client may include two parts:
1, signature check.Public key is stored at client, which matches with the private key at server-side, and client passes through
Public key carries out signature decoding to the check information received, if being successfully decoded to obtain summary info, it is determined that patch data comes
From server-side, otherwise illustrate the source of patch data there may be risk, for example hacker the modes such as may be intercepted by DNS and be distorted
The address of server-side makes client obtain unsafe patch data from false server-side.
It is assumed that check information is " PAzf7S/eT/IUOm7LLqXx ", then if smoothly decoding, can be obtained and pluck accordingly
Want information " b10a8db164e0754105b7a99be72e3fe5 ".
2, data tampering verifies.Client and server-side understand the summary info algorithm of use, such as MD5 algorithm in advance,
Then client calculates the corresponding real-time summary info of patch code by MD5 algorithm.If patch code data are being transmitted across
Situations such as missing has occurred in journey, distorts, the then summary info decoded in real-time summary info and " signature check " are inevitable not
Together, illustrating patch code, there are security risks, should not install;And if patch data has passed through signature check and data tampering
Verification, then illustrate that patch data is safe and reliable, can execute patch code to complete to install.
In other words, if the patch code that client receives remains as " Hello World ", the MD5 value generated must
So it is " b10a8db164e0754105b7a99be72e3fe5 ", it is identical as the summary info decoded in " signature check ", from
And pass through verification.
Step 622, if by data check, otherwise client executing patch code does not execute.
By above technical scheme as it can be seen that the application manages patch data by patch platform database, so that exploit person
It is flat to be also convenient for patch without carrying out being packaged as patch file to patch data, parse without client to patch file by member
Platform database is read out and manages to attributes such as system type, the version numbers of patch file.By in patch data simultaneously
Comprising patch code and check information, verify client accordingly, identify patch source substituted, patch code
It the risk status such as is tampered, facilitates the safety for promoting patch installation.
Fig. 7 shows the schematic configuration diagram of the electronic equipment of the exemplary embodiment according to the application.Referring to FIG. 7,
In hardware view, which includes processor, internal bus, network interface, memory and nonvolatile memory, certainly
It is also possible that hardware required for other business.Processor read from nonvolatile memory corresponding computer program to
It is then run in memory, forms patch dispensing apparatus on logic level.Certainly, other than software realization mode, the application
Other implementations, such as logical device or the mode of software and hardware combining etc. is not precluded, that is to say, that following processing stream
The executing subject of journey is not limited to each logic unit, is also possible to hardware or logical device.
Referring to FIG. 8, the patch dispensing apparatus may include extraction unit and return unit in Software Implementation.
Wherein:
Extraction unit extracts corresponding mend according to the patch acquisition request that client is sent from patch platform database
Fourth data;
The patch data is returned to the client by return unit;Wherein, the patch data include patch code and
Check information corresponding with the patch code, to be carried out according to the check information to the patch code by the client
Verification.
Optionally, the check information is that the abstract signed via the private key at the patch platform database is believed
Breath, the summary info are that the patch code is calculated according to default digest algorithm.
Optionally, the extraction unit is specifically used for:
Read the system type information and application version information in the patch acquisition request;
It is extracted and the system type information and the application version information phase from the patch platform database
Matched latest edition patch data.
Optionally, further includes:
Request reception unit, receives web access requests, and the web access requests pass through local browsing by developer
Device is initiated;
Data return unit returns to the web data of the patch situation corresponded in the patch platform database, so that
The local browser generates the administration interface to the patch platform database according to the web data;
Patch maintenance unit receives the patch maintenance instruction that the developer is sent by the administration interface, to institute
It states patch platform database and carries out patch maintenance.
Fig. 9 shows the schematic configuration diagram of the electronic equipment of the exemplary embodiment according to the application.Referring to FIG. 9,
In hardware view, which includes processor, internal bus, network interface, memory and nonvolatile memory, certainly
It is also possible that hardware required for other business.Processor read from nonvolatile memory corresponding computer program to
It is then run in memory, forms patch acquisition device on logic level.Certainly, other than software realization mode, the application
Other implementations, such as logical device or the mode of software and hardware combining etc. is not precluded, that is to say, that following processing stream
The executing subject of journey is not limited to each logic unit, is also possible to hardware or logical device.
Referring to FIG. 10, in Software Implementation, the patch acquisition device may include transmission unit, receiving unit and
Verification unit.Wherein:
Transmission unit sends patch acquisition request to server-side;
Receiving unit receives the patch data that the server-side returns, and the patch data includes patch code and verification
Information;
Verification unit verifies the patch code according to the check information, and through verification
Execute the patch code.
Optionally, further includes:
Detection unit detects whether that there are patches to upgrade demand;
Traversal Unit, when upgrading demand there are the patch, traversal is local to whether there is patch data;
Processing unit solves the patch by local patch data and upgrades demand when local there are when patch data;When
Local there is no when patch data, Xiang Suoshu server-side sends the patch acquisition request, to obtain patch from the server-side
Data.
Optionally, the check information is that the abstract signed via the private key at the patch platform database is believed
Breath, the summary info are that the patch code is calculated according to default digest algorithm.
Optionally, the verification unit is specifically used for:
The corresponding real-time summary info of the patch code is calculated according to the default digest algorithm;
When the check information meets following conditions, determine that the patch code has passed through the school of the check information
It tests: the decoded information and the real-time summary info one that is carried out by signature decoding, and is obtained for the check information by local public key
It causes.
In a typical configuration, calculating equipment includes one or more processors (CPU), input/output interface, net
Network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/or
The forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable medium
Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including described want
There is also other identical elements in the process, method of element, commodity or equipment.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application
Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.
Claims (18)
1. a kind of patch distribution method characterized by comprising
According to the patch acquisition request that client is sent, corresponding patch data is extracted from patch platform database, wherein base
It is read out in the attribute information of the patch data not being packaged uploaded to developer, so that the patch number not being packaged
According to being maintained in the patch platform database, by reading the system type information in the patch acquisition request and applying journey
Sequence version information will be extracted from the patch platform database and the system type information and the application version
The latest edition patch data that information matches is as the patch data;
The patch data is returned into the client;Wherein, the patch data include patch code and with the patch generation
The corresponding check information of code, to be verified according to the check information to the patch code by the client.
2. the method according to claim 1, wherein the check information is via the patch platform database
The summary info that the private key at place is signed, the summary info are to be counted according to default digest algorithm to the patch code
It obtains.
3. the method according to claim 1, wherein further include:
Web access requests are received, the web access requests are initiated by developer by local browser;
Return correspond to the patch platform database in patch situation web data so that the local browser according to
The web data generates the administration interface to the patch platform database;
Receive the patch maintenance instruction that the developer is sent by the administration interface, to the patch platform database into
The maintenance of row patch.
4. a kind of patch acquisition methods characterized by comprising
Patch acquisition request is sent to server-side;
The patch data that the server-side returns is received, the patch data includes patch code and check information, wherein is based on
Server-side is read out the attribute information for the patch data not being packaged that developer is uploaded, so that the benefit not being packaged
Fourth data maintenance reads the letter of the system type in the patch acquisition request in the patch platform database, by server-side
Breath and application version information, server-side is extracted from the patch platform database with the system type information and
The latest edition patch data that the application version information matches is as the patch data;
The patch code is verified according to the check information, and executes the patch generation through verification
Code.
5. according to the method described in claim 4, it is characterized by further comprising:
Detect whether that there are patches to upgrade demand;
When upgrading demand there are the patch, traversal is local to whether there is patch data;
When local there are when patch data, the patch is solved by local patch data and is upgraded demand;When locally there is no mend
When fourth data, Xiang Suoshu server-side sends the patch acquisition request, to obtain patch data from the server-side.
6. according to the method described in claim 5, it is characterized in that, the check information is via the patch platform database
The summary info that the private key at place is signed, the summary info are to be counted according to default digest algorithm to the patch code
It obtains.
7. according to the method described in claim 6, it is characterized in that, it is described according to the check information to the patch code into
Row verification, comprising:
The corresponding real-time summary info of the patch code is calculated according to the default digest algorithm;
When the check information meets following conditions, determine that the patch code has passed through the verification of the check information: by
Local public key carries out signature decoding to the check information, and obtained decoded information is consistent with the real-time summary info.
8. a kind of patch dispensing apparatus characterized by comprising
Extraction unit extracts corresponding patch number according to the patch acquisition request that client is sent from patch platform database
According to, wherein the attribute information based on the patch data not being packaged uploaded to developer is read out, so that described do not beat
The patch data of packet is maintained in the patch platform database, is believed by the system type read in the patch acquisition request
Breath and application version information will be extracted from the patch platform database and the system type information and described answered
The latest edition patch data for using program version information to match is as the patch data;
The patch data is returned to the client by return unit;Wherein, the patch data include patch code and with institute
The corresponding check information of patch code is stated, to carry out school to the patch code according to the check information by the client
It tests.
9. device according to claim 8, which is characterized in that the check information is via the patch platform database
The summary info that the private key at place is signed, the summary info are to be counted according to default digest algorithm to the patch code
It obtains.
10. device according to claim 8, which is characterized in that further include:
Request reception unit, receives web access requests, and the web access requests are sent out by developer by local browser
It rises;
Data return unit returns to the web data of the patch situation corresponded in the patch platform database, so that described
Local browser generates the administration interface to the patch platform database according to the web data;
Patch maintenance unit receives the patch maintenance instruction that the developer is sent by the administration interface, to the benefit
Fourth platform database carries out patch maintenance.
11. a kind of patch acquisition device characterized by comprising
Transmission unit sends patch acquisition request to server-side;
Receiving unit, receives the patch data that the server-side returns, and the patch data includes patch code and check information,
Wherein, it is read out based on attribute information of the server-side to the patch data not being packaged that developer is uploaded, so that described
The patch data not being packaged is maintained in the patch platform database, is read in the patch acquisition request by server-side
System type information and application version information, it is extracting with the system from the patch platform database by server-side
The latest edition patch data that type information and the application version information match is as the patch data;
Verification unit verifies the patch code according to the check information, and executes through verification
The patch code.
12. device according to claim 11, which is characterized in that further include:
Detection unit detects whether that there are patches to upgrade demand;
Traversal Unit, when upgrading demand there are the patch, traversal is local to whether there is patch data;
Processing unit solves the patch by local patch data and upgrades demand when local there are when patch data;Work as local
There is no when patch data, Xiang Suoshu server-side sends the patch acquisition request, to obtain patch data from the server-side.
13. device according to claim 11, which is characterized in that the check information is via the patch platform data
The summary info that private key at library is signed, the summary info are to be carried out according to default digest algorithm to the patch code
It is calculated.
14. device according to claim 13, which is characterized in that the verification unit is specifically used for:
The corresponding real-time summary info of the patch code is calculated according to the default digest algorithm;
When the check information meets following conditions, determine that the patch code has passed through the verification of the check information: by
Local public key carries out signature decoding to the check information, and obtained decoded information is consistent with the real-time summary info.
15. a kind of electronic equipment characterized by comprising
Processor;
Memory for storage processor executable instruction;
Wherein, the processor is configured to executable instruction is to realize method as claimed in any one of claims 1-3.
16. a kind of computer readable storage medium, is stored thereon with computer instruction, which is characterized in that the instruction is by processor
It is realized when execution such as the step of any one of claim 1-3 the method.
17. a kind of electronic equipment characterized by comprising
Processor;
Memory for storage processor executable instruction;
Wherein, the processor is configured to executable instruction is to realize the method as described in any one of claim 4-7.
18. a kind of computer readable storage medium, is stored thereon with computer instruction, which is characterized in that the instruction is by processor
It is realized when execution such as the step of any one of claim 4-7 the method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510413349.2A CN106709281B (en) | 2015-07-14 | 2015-07-14 | Patch granting and acquisition methods, device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510413349.2A CN106709281B (en) | 2015-07-14 | 2015-07-14 | Patch granting and acquisition methods, device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106709281A CN106709281A (en) | 2017-05-24 |
CN106709281B true CN106709281B (en) | 2019-09-17 |
Family
ID=58899687
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510413349.2A Active CN106709281B (en) | 2015-07-14 | 2015-07-14 | Patch granting and acquisition methods, device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106709281B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107481173A (en) * | 2017-09-05 | 2017-12-15 | 王东红 | A kind of Platform of Experimental Teaching experimental project update method and system |
CN107992319B (en) * | 2017-12-11 | 2021-08-20 | 北京奇虎科技有限公司 | Patch data updating method and device |
CN108039945A (en) * | 2017-12-11 | 2018-05-15 | 北京奇虎科技有限公司 | A kind of endorsement method of service packs, method of calibration and device |
CN110058874B (en) * | 2019-03-14 | 2022-03-15 | 广东九联科技股份有限公司 | Code patch checking system and method |
CN116506176A (en) * | 2023-04-27 | 2023-07-28 | 江苏汤谷智能科技有限公司 | Programmable network communication method and system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1659494A (en) * | 2002-04-12 | 2005-08-24 | 英特尔公司 | Microcode patch authentication |
CN101944032A (en) * | 2009-07-03 | 2011-01-12 | 华为技术有限公司 | Microware updating method, client, server and system |
CN102053844A (en) * | 2009-10-28 | 2011-05-11 | 无锡华润上华半导体有限公司 | Software upgrading method and software upgrading system using same |
CN102571778A (en) * | 2011-12-28 | 2012-07-11 | 奇智软件(北京)有限公司 | Method and device for providing data |
CN103763354A (en) * | 2014-01-06 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for downloading upgrading data |
-
2015
- 2015-07-14 CN CN201510413349.2A patent/CN106709281B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1659494A (en) * | 2002-04-12 | 2005-08-24 | 英特尔公司 | Microcode patch authentication |
CN101944032A (en) * | 2009-07-03 | 2011-01-12 | 华为技术有限公司 | Microware updating method, client, server and system |
CN102053844A (en) * | 2009-10-28 | 2011-05-11 | 无锡华润上华半导体有限公司 | Software upgrading method and software upgrading system using same |
CN102571778A (en) * | 2011-12-28 | 2012-07-11 | 奇智软件(北京)有限公司 | Method and device for providing data |
CN103763354A (en) * | 2014-01-06 | 2014-04-30 | 北京奇虎科技有限公司 | Method and device for downloading upgrading data |
Also Published As
Publication number | Publication date |
---|---|
CN106709281A (en) | 2017-05-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11275839B2 (en) | Code package processing | |
US10754634B1 (en) | Customized application package with context specific token | |
KR101723937B1 (en) | Cloud-assisted method and service for application security verification | |
CN106709281B (en) | Patch granting and acquisition methods, device | |
CN105391717B (en) | A kind of APK signature authentication method and its system | |
CN108683502B (en) | Digital signature verification method, medium and equipment | |
CN105786538B (en) | software upgrading method and device based on android system | |
CN111143869B (en) | Application package processing method and device, electronic equipment and storage medium | |
CN104683409A (en) | Method for sharing applications between terminals and terminal | |
CN106355081A (en) | Android program start verification method and device | |
US20160197950A1 (en) | Detection system and method for statically detecting applications | |
CN112231702B (en) | Application protection method, device, equipment and medium | |
CN109086578A (en) | A kind of method that soft ware authorization uses, equipment and storage medium | |
CN106709324A (en) | Method and equipment used for verifying application safety | |
KR20170089352A (en) | Firmware integrity verification for performing the virtualization system | |
CN106257879A (en) | A kind of method and apparatus downloading application | |
CN108197469B (en) | Method and device for verifying application program, storage medium and electronic equipment | |
CN109522683B (en) | Software tracing method, system, computer equipment and storage medium | |
CN105706060B (en) | The header portion of data packet is downloaded | |
CN111176685A (en) | Upgrading method and device | |
CN113849210A (en) | Firmware upgrading method and device based on TEE | |
CN112416395A (en) | Hot repair updating method and device | |
CN111400771A (en) | Target partition checking method and device, storage medium and computer equipment | |
CN109165512A (en) | A kind of the intention agreement URL leak detection method and device of application program | |
CN114629658A (en) | Application signature method, device, equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240219 Address after: # 01-21, Lai Zan Da Building 1, 51 Belarusian Road, Singapore Patentee after: Alibaba Singapore Holdings Ltd. Country or region after: Singapore Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Patentee before: ALIBABA GROUP HOLDING Ltd. Country or region before: United Kingdom |
|
TR01 | Transfer of patent right |