CN106709282B - resource file decryption method and device - Google Patents
resource file decryption method and device Download PDFInfo
- Publication number
- CN106709282B CN106709282B CN201610495353.2A CN201610495353A CN106709282B CN 106709282 B CN106709282 B CN 106709282B CN 201610495353 A CN201610495353 A CN 201610495353A CN 106709282 B CN106709282 B CN 106709282B
- Authority
- CN
- China
- Prior art keywords
- file
- resource file
- decryption
- intended application
- application client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 57
- 230000006870 function Effects 0.000 claims abstract description 100
- 238000009434 installation Methods 0.000 claims abstract description 79
- 230000003014 reinforcing effect Effects 0.000 claims abstract description 64
- 230000008569 process Effects 0.000 claims abstract description 23
- 238000006073 displacement reaction Methods 0.000 claims description 18
- 238000013507 mapping Methods 0.000 claims description 18
- 230000000977 initiatory effect Effects 0.000 claims description 9
- 230000006399 behavior Effects 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 5
- 238000010304 firing Methods 0.000 claims 1
- 238000005516 engineering process Methods 0.000 abstract description 5
- 238000012545 processing Methods 0.000 description 9
- 230000006854 communication Effects 0.000 description 5
- 230000002787 reinforcement Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000001514 detection method Methods 0.000 description 3
- 230000005484 gravity Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000005314 correlation function Methods 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012905 input function Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 230000005236 sound signal Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000010897 surface acoustic wave method Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/101—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
- G06F21/1015—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to users
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of resource file decryption method and devices, belong to field of computer technology.This method includes:Intended application client loads decryption component from reinforcing installation file, which is used to that encryption resource file to be decrypted;In the operational process of the decryption component, Hook predetermined registration operation functions, to capture the operational order for calling the predetermined registration operation function, which includes the handling function for carrying out any operation to each file in the reinforcing installation file;When the intended application client initiates operational order, the decryption component captures the operational order, and the corresponding encryption resource file of the operational order is decrypted, so that the intended application client call predetermined registration operation function, operates the resource file after decryption.The present invention provides a kind of decryption methods, can realize the decryption to encrypting resource file while protecting installation file, avoid the normal operation for influencing intended application client.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of resource file decryption method and device.
Background technology
With the development of computer technology and the extensive use of mobile platform, to the usurping of applications client, distorts, analyzes
Phenomena such as getting worse, how applications client to be protected to have become the problem of developer pays special attention to.
It is currently suggested a kind of reinforcement means, it can be by encrypted mode, the installation file of reinforcement application client, most
The safety of bigization ground protection applications client.The reinforcement means specifically includes:The source installation file of intended application client is obtained,
Source installation file is unpacked to obtain file set, resource file is extracted from file set, resource file is encrypted, is obtained
Resource file is encrypted, original resource file in file set is replaced to encrypt resource file, to the file set obtained after replacement
It is packaged, obtains reinforcing installation file.
Above-mentioned reinforcement means can protect resource file, improve the safety of intended application client.But it is answered in target
Resource file can just be normally used in the operational process of client, needing that encryption resource file is decrypted.Therefore, it needs
It is proposed that encryption resource file is decrypted in a kind of decryption method.
Invention content
In order to solve problems in the prior art, an embodiment of the present invention provides a kind of resource file decryption method and devices.
The technical solution is as follows:
In a first aspect, a kind of resource file decryption method is provided, the method includes:
Intended application client loads decryption component from reinforcing installation file, is included at least in the reinforcing installation file
Resource file and the decryption component are encrypted, the decryption component is used to that encryption resource file to be decrypted;
In the operational process of the decryption component, Hook predetermined registration operation functions, to capture for calling the default behaviour
Make the operational order of function, the predetermined registration operation function includes for appointing to each file in the reinforcing installation file
The handling function of one operation;
When the intended application client initiates the operational order, the decryption component captures the operational order, and
Encryption resource file corresponding to the operational order is decrypted;
Predetermined registration operation function described in the intended application client call, operates the resource file after decryption.
Second aspect, provides a kind of resource file decryption device, and described device includes:Intended application client and decryption
Component, the intended application client include:Load-on module, instruction initiation module, operation module, the decryption component include:
Hook modules, trapping module, deciphering module;
The load-on module, for loading the decryption group from the reinforcing installation file of the intended application client
Part, includes at least encryption resource file and the decryption component in the reinforcing installation file, the decryption component for pair plus
Close resource file is decrypted;
The Hook modules are used in the operational process of the decryption component, Hook predetermined registration operation functions, so as to described
Trapping module captures the operational order for calling the predetermined registration operation function, and the predetermined registration operation function includes for described
The each file reinforced in installation file carries out the handling function of any operation;
Described instruction initiation module, for initiating the operational order;
The trapping module, for capturing the operational order;
The deciphering module, for the corresponding encryption resource file of the operational order to be decrypted;
The operation module operates the resource file after decryption for calling the predetermined registration operation function.
The advantageous effect that technical solution provided in an embodiment of the present invention is brought is:
Method and device provided in an embodiment of the present invention, by providing decryption component in reinforcing installation file, the decryption
Component Hook predetermined registration operations function in the process of running, can when intended application client will call the predetermined registration operation function,
Corresponding operational order is captured by decryption component, and encryption resource file is decrypted, so that intended application client can
Resource file after decryption is operated.The present invention provides a kind of decryption method, can while protecting installation file,
It realizes the decryption to encrypting resource file, avoids the normal operation for influencing intended application client.
Description of the drawings
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for
For those of ordinary skill in the art, without creative efforts, other are can also be obtained according to these attached drawings
Attached drawing.
Fig. 1 is a kind of flow chart of resource file decryption method provided in an embodiment of the present invention;
Fig. 2 is a kind of flow chart of resource file decryption method provided in an embodiment of the present invention;
Fig. 3 is a kind of resource file decryption apparatus structure schematic diagram provided in an embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of terminal provided in an embodiment of the present invention.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation describes, it is clear that described embodiments are some of the embodiments of the present invention, instead of all the embodiments.Based on this hair
Embodiment in bright, every other implementation obtained by those of ordinary skill in the art without making creative efforts
Example, shall fall within the protection scope of the present invention.
Fig. 1 is a kind of flow chart of resource file decryption method provided in an embodiment of the present invention, referring to Fig. 1, this method packet
It includes:
101, intended application client loads decryption component from reinforcing installation file, is at least wrapped in the reinforcing installation file
Encryption resource file and the decryption component are included, which is used to that encryption resource file to be decrypted.
102, in the operational process of the decryption component, Hook (hooks) predetermined registration operation function, to capture for calling this
The operational order of predetermined registration operation function, the predetermined registration operation function include for being carried out to each file in the reinforcing installation file
The handling function of any operation.
103, when the intended application client initiates the operational order, which captures the operational order, and to this
The corresponding encryption resource file of operational order is decrypted.
104, intended application client call predetermined registration operation function, operates the resource file after decryption.
Method provided in an embodiment of the present invention, by providing decryption group in the reinforcing installation file of intended application client
Part, decryption component Hook predetermined registration operations function in the process of running can will call the default behaviour in intended application client
When making function, corresponding operational order is captured by decryption component, and encryption resource file is decrypted, so that intended application is objective
Family end can operate the resource file after decryption.The present invention provides a kind of decryption methods, can be in protection installation text
While part, realizes to the decryption of the encryption resource file in installation file, avoid the normal fortune for influencing intended application client
Row.
Optionally, which captures the operational order, and is carried out to the corresponding encryption resource file of the operational order
Decryption, including:
The decryption component captures the operational order, and the corresponding encryption resource file of the operational order, which is loaded onto the target, answers
With in the memory headroom of client, and the encryption resource file is decrypted.
Optionally, intended application client call predetermined registration operation function, operates the resource file after decryption,
Including:
The intended application client call predetermined registration operation function carries out the resource file after being decrypted in the memory headroom
Operation.
Optionally, which includes at least one of read functions, fread functions and mmap functions.
Optionally, this method further includes:
The decryption component parses the reinforcing installation file, obtains Displacement mapping table, which includes
The offset address of each encryption resource file.
Optionally, which captures the operational order, and is carried out to the corresponding encryption resource file of the operational order
Decryption, including:
The decryption component captures the operational order, determines the corresponding offset address for accessing data of the operational order;
If the Displacement mapping table includes the offset address, it is determined that the access data are encryption resource file;
The corresponding encryption resource file of the offset address is obtained, and the encryption resource file is decrypted.
Optionally, from reinforcing in installation file before load decryption component, this method further includes the intended application client:
The reinforcing installation file that server is sent is received, which is used to install the source of the intended application client
File is unpacked, and file set is obtained, and the resource file concentrated to this document is encrypted, and obtains the encryption resource file, and
The decryption component is added, obtains reinforcing file set, which is packaged, the reinforcing installation file is obtained.
The alternative embodiment that any combination forms the present invention may be used, herein no longer in above-mentioned all optional technical solutions
It repeats one by one.
Fig. 2 is a kind of flow chart of resource file decryption method provided in an embodiment of the present invention, referring to Fig. 2, this method packet
It includes:
201, terminal obtains the reinforcing installation file of intended application client, runs the reinforcing installation file.
Wherein, which can be the equipment such as computer, mobile phone, the terminal can configure Android operation system or other
Operating system, it is not limited in the embodiment of the present invention.The terminal runs the target for installing the intended application client
Applications client.The intended application client can be any applications client, as social networking application client, file management are answered
Can be especially to the higher applications client of demand for security, such as payment applications client, the present invention with client etc.
Embodiment does not limit the intended application client.
It refers to the installation file obtained after being reinforced to the source installation file of intended application client to reinforce installation file,
Any terminal can obtain the reinforcing installation file, run the reinforcing installation file, to install the intended application client, and transport
The row intended application client.
In the embodiment of the present invention, which obtains the reinforcing installation file of intended application client first.
Specifically, the source installation file that the intended application client is obtained by server, to the intended application client
Source installation file is unpacked, and file set is obtained, and the resource file concentrated to this document is encrypted, and obtains the encryption resource text
Part, and the decryption component is added, it obtains reinforcing file set, which is packaged, the reinforcing installation file is obtained,
Terminal receives the reinforcing installation file that server is sent.Alternatively, server is packaged the reinforcing file set and adds number
Signature, obtains the reinforcing installation file, and terminal receives the reinforcing installation file that server is sent.
Wherein, which can be the server that service is provided for intended application client, or dedicated for
For the server that various installation files are reinforced, it is not limited in the embodiment of the present invention.The server obtains source installation
When file, can the source installation file be configured by the maintenance personnel of the server, it can also will be on source installation file by the terminal
The server is reached, the mode that the embodiment of the present invention obtains the server source installation file does not limit.The decryption component
It can be configured by the maintenance personnel of the server, the decryption component of different target applications client can be identical, can also
Difference, the embodiment of the present invention also do not limit this.
Wherein, encryption resource file and the decryption component are included at least in the reinforcing installation file.Encrypting resource file is
Refer to obtained file after resource file is encrypted, and resource file may include picture file, audio file etc. in target
One or more files needed for applications client operational process.The decryption component is used to solve encryption resource file
It is close, can be the safe libraries SO (shared library), decryption file or decrypted code section, it is not limited in the embodiment of the present invention.
In the embodiment of the present invention, by adding decryption component in reinforcing installation file, added by decryption component realization pair
The decryption of close resource file ensures the normal operation of intended application client.
202, intended application client loads decryption component from reinforcing installation file.
When intended application client is run first decryption component is loaded from reinforcing installation file.Specifically, which answers
Can load decryption component from reinforcing in installation file on startup with client, or other need to resource file into
The decryption component is loaded at the time of row operation, the embodiment of the present invention does not limit Loading opportunity.
203, in the operational process of the decryption component, decryption component Hook predetermined registration operation functions.
In the embodiment of the present invention, after intended application client loads the decryption component, the decryption component is run, the decryption
Component in the process of running, Hook predetermined registration operation functions, so that the follow-up intended application client initiates operational order, to call
When any encryption resource file of the predetermined registration operation function pair is operated, which can capture the operational order, from
And the encryption resource file is decrypted.
Wherein, which includes for carrying out any operation to each file in the reinforcing installation file
Handling function when the intended application client will carry out certain operation to any resource file, can initiate operational order, call phase
The predetermined registration operation function answered, to realize the operation to the resource file.
The predetermined registration operation function may include at least one of read functions, fread functions and mmap functions.Read letters
Number from open equipment or file for reading data, and fread functions from a file stream for reading data, mmap letters
Number for by a file or object map into memory.Certainly, which can also include other handling functions,
Details are not described herein for the embodiment of the present invention.
Further, it is contemplated that if a certain handling function of the intended application client call is not by the decryption component
When Hook, it can cause the decryption component that can not capture the operational order for calling the handling function, it also just can not be to corresponding resource
File is decrypted, and resource file is caused to be unable to normal use, and mistake occurs in the operation of intended application client, influences target and answers
With the stability and compatibility of client.Therefore, which may include for being operated to resource file
All handling functions, so as to all handling functions of decryption component Hook, when intended application client call any operation function
When, it can realize the decryption to respective resources file.
204, the intended application client initiates operational order, and the operational order is for calling the predetermined registration operation function.
In the operational process of intended application client, when to apply a certain resource file, the intended application client
Operational order can be initiated, which operates the resource file for calling the predetermined registration operation function.
Wherein, which can depending on the user's operation be initiated by the intended application client, or according to operation
The message that system is sent is initiated, and it is not limited in the embodiment of the present invention.
205, the decryption component captures the operational order, and is solved to the corresponding encryption resource file of the operational order
It is close.
After the decryption component hooks predetermined registration operation function, if other functions of the intended application client preset behaviour to this
When making function transmission message, the predetermined registration operation function will not be first run, but first runs the decryption of the Hook predetermined registration operation functions
Component can first handle the message for passing to the predetermined registration operation function in decryption component operational process and be passed to again
The predetermined registration operation function can also directly pass the message to the predetermined registration operation function.
Therefore, which initiates operational order come when calling the predetermined registration operation function, the decryption component meeting
The operational order is captured, at this point, intended application client encryption resource file corresponding to the operational order is decrypted.
Specifically, when which captures the operational order, by the corresponding encryption resource file of the operational order from
Disk is loaded onto in the memory headroom of intended application client, and the encryption resource file is decrypted, and the memory is empty at this time
Between middle storage be resource file after decryption, the follow-up intended application client can carry out the resource file after the decryption
Operation.
Wherein, which may be used default decipherment algorithm and is decrypted, this is preset decipherment algorithm and to resource text
The Encryption Algorithm used when part is encrypted matches, which can be pre-set by technical staff, Huo Zheyou
The server is configured according to preset Encryption Algorithm, for example, the default decipherment algorithm can be stream cipher arithmetic or other
Algorithm, it is not limited in the embodiment of the present invention.
In addition, the access data for the operational order that the intended application client is initiated both can be encryption resource file,
Or alternative document in addition to encrypt resource file, then for the ease of the access data of the determination operational order whether be
Resource file is encrypted, this method may include step 200:
200, the decryption component parses the reinforcing installation file, obtains Displacement mapping table, in the Displacement mapping table
Include the offset address of each encryption resource file.Later, which can be stored in the target by the Displacement mapping table
In the memory headroom of applications client.
The step 200 can execute after the intended application client loads the decryption component, or be held at other moment
Row, it is not limited in the embodiment of the present invention.
Correspondingly, which may include step 2051:
2051, the decryption component captures the operational order, determines the corresponding offset address for accessing data of the operational order,
If the Displacement mapping table includes the offset address, it is determined that the access data are encryption resource file, with obtaining the offset
The corresponding encryption resource file in location, and the encryption resource file is decrypted.
The decryption component in the process of running, can parse the reinforcing installation file, whether analyze each file
To encrypt resource file, and after determining encryption resource file, the offset address of each encryption resource file is obtained, to basis
The offset address of each encryption resource file generates Displacement mapping table.
So, when decryption component captures operational order, with determining the corresponding offset for accessing data of the operational order
Whether location, judging can if the Displacement mapping table includes the offset address including the offset address in the Displacement mapping table
To determine that the corresponding access data of the operational order are encryption resource file, then the decryption component can obtain the offset address pair
The encryption resource file answered, and the encryption resource file is decrypted.And if in the Displacement mapping table not including the offset
Address, then it is encryption resource file that can determine the corresponding access data of the operational order not, and the decryption component is without being solved
It is close.
206, intended application client call predetermined registration operation function, operates the resource file after decryption.
After the completion of decryption component decryption, you can pass to the operational order by the predetermined registration operation function of Hook, this is pre-
If handling function brings into operation, to be operated to the resource file after decryption.For example, the memory of the intended application client
Resource file after the storage decryption of space, during the predetermined registration operation function operation, to the resource after being decrypted in the memory headroom
File is operated.
The embodiment of the present invention can be applied to following scene:On the reinforcing platform that server provides, provide to client's
The resource file in source installation file is encrypted in the reinforcement protection of the installation file of intended application client, to obtain
Reinforce installation file.Entire reinforcing process whole process realizes automatic business processing, with the code logic of intended application client itself and
Operation flow realizes zero coupling.After the reinforcing installation file that terminal downloads server provides, installed by decryption component to reinforcing
Encryption resource file in file is decrypted, and intended application client can apply the resource file after decryption, ensure that mesh
Mark the normal operation of applications client.
Method provided in an embodiment of the present invention, by providing decryption component in reinforcing installation file, which exists
Hook predetermined registration operations function in operational process, can be when intended application client will call the predetermined registration operation function, by decrypting
Component captures corresponding operational order, and encryption resource file is decrypted, so that intended application client can be to decryption
Resource file afterwards is operated.The present invention provides a kind of decryption method, core is, to protected intended application client
After the resource file at end is encrypted, in the operational process of intended application client, Hook technologies are used by decryption component,
The operational order to encrypting resource file is captured, to complete, to encrypting the decryption of resource file, not influenced to ensure that
Under the premise of the normal operation of intended application client, resource file in the installation file to intended application client is realized
Encipherment protection, effectively resisted attacker to the analysis of resource file, the behaviors such as usurp, distort, improve safety.Namely
It is that can realize the decryption to encrypting resource file while protecting installation file, avoid influencing intended application client
Normal operation.
Further, compared with a certain handling functions of Hook, handling functions all Hook can ensure to work as intended application
When client call any operation function, it can realize the decryption to respective resources file, avoid the occurrence of omission, avoid in mesh
It marks in the operational process of applications client and mistake occurs, improve stability and compatibility.Moreover, decrypting process user can not
Perception, does not interfere with user experience, does not interfere with the normal use of user.
Fig. 3 is a kind of structural schematic diagram of resource file decryption device provided in an embodiment of the present invention, referring to Fig. 3, the dress
Set including:Intended application client and decryption component, the intended application client include:Load-on module 301, instruction initiation module
302, operation module 303, the decryption component include:Hook modules 304, trapping module 305, deciphering module 306;
Wherein, which connect with the Hook modules 304, which connects with the trapping module 305
It connects, which connect with the trapping module 305, which connect with the deciphering module 306, the solution
Close module 306 is connect with the operation module 303;
The load-on module 301 should for loading the decryption component from the reinforcing installation file of the intended application client
Reinforce in installation file and include at least the encryption resource file and decryption component, the decryption component be used for encryption resource file into
Row decryption;
The Hook modules 304 are used in the operational process of the decryption component, Hook predetermined registration operation functions, so that this is caught
Operational order of the capture of module 305 for calling the predetermined registration operation function is obtained, which includes for the reinforcing
Each file in installation file carries out the handling function of any operation;
The instruction initiation module 302, for initiating the operational order;
The trapping module 305, for capturing the operational order;
The deciphering module 306, for the corresponding encryption resource file of the operational order to be decrypted;
The operation module 303 operates the resource file after decryption for calling the predetermined registration operation function.
Optionally, which answers for the corresponding encryption resource file of the operational order to be loaded onto the target
With in the memory headroom of client, and the encryption resource file is decrypted.
Optionally, the operation module 303 is for calling the predetermined registration operation function, to the resource after being decrypted in the memory headroom
File is operated.
Optionally, which includes at least one of read functions, fread functions and mmap functions.
Optionally, which further includes:Parsing module, the parsing module are located at the decryption component;
The parsing module obtains Displacement mapping table, in the Displacement mapping table for being parsed to the reinforcing installation file
Include the offset address of each encryption resource file.
Optionally, which is used to determine the corresponding offset address for accessing data of the operational order;If should
Displacement mapping table includes the offset address, it is determined that the access data are encryption resource file;Obtain offset address correspondence
Encryption resource file, and the encryption resource file is decrypted.
Optionally, which further includes:
Receiving module, the reinforcing installation file for receiving server transmission, the server are used for the intended application
The source installation file of client is unpacked, and file set is obtained, and the resource file concentrated to this document is encrypted, and is obtained this and is added
Close resource file, and the decryption component is added, it obtains reinforcing file set, which is packaged, the reinforcing is obtained
Installation file.
The alternative embodiment that any combination forms the present invention may be used, herein no longer in above-mentioned all optional technical solutions
It repeats one by one.
It should be noted that:The resource file decryption device that above-described embodiment provides is carried out to encrypted resource file
It, only the example of the division of the above functional modules, can be as needed and by above-mentioned work(in practical application when decryption
It can distribute and be completed by different function modules, i.e., be divided into the internal structure of intended application client and decryption component different
Function module, to complete all or part of the functions described above.In addition, the resource file decryption dress that above-described embodiment provides
It sets and belongs to same design with resource file decryption method embodiment, specific implementation process refers to embodiment of the method, here no longer
It repeats.
Fig. 4 is a kind of structural schematic diagram of terminal provided in an embodiment of the present invention.Specifically:
Terminal 400 may include RF (Radio Frequency, radio frequency) circuit 110, include one or more meters
The memory 120 of calculation machine readable storage medium storing program for executing, display unit 140, sensor 150, voicefrequency circuit 160, passes input unit 130
Defeated module 170, include there are one or more than one processing core processor 180 and the components such as power supply 190.This field
Technical staff is appreciated that the restriction of the not structure paired terminal of terminal structure shown in Fig. 4, may include than illustrate it is more or
Less component either combines certain components or different components arrangement.Wherein:
RF circuits 110 can be used for receiving and sending messages or communication process in, signal sends and receivees, particularly, by base station
After downlink information receives, one or the processing of more than one processor 180 are transferred to;In addition, the data for being related to uplink are sent to
Base station.In general, RF circuits 110 include but not limited to antenna, at least one amplifier, tuner, one or more oscillators, use
Family identity module (SIM) card, transceiver, coupler, LNA (Low Noise Amplifier, low-noise amplifier), duplex
Device etc..In addition, RF circuits 110 can also be communicated with network and other-end by radio communication.The wireless communication can make
With any communication standard or agreement, and including but not limited to GSM (Global System of Mobile communication, entirely
Ball mobile communcations system), GPRS (General Packet Radio Service, general packet radio service), CDMA (Code
Division Multiple Access, CDMA), WCDMA (Wideband Code Division Multiple
Access, wideband code division multiple access), LTE (Long Term Evolution, long term evolution), Email, SMS (Short
Messaging Service, short message service) etc..
Memory 120 can be used for storing software program and module, the terminal institute as shown by the above exemplary embodiments
Corresponding software program and module, processor 180 are stored in the software program and module of memory 120 by operation, from
And application and data processing are performed various functions, such as realize the interaction based on video.Memory 120 can include mainly storage
Program area and storage data field, wherein storing program area can storage program area, the application program needed at least one function
(such as sound-playing function, image player function etc.) etc.;Storage data field can be stored to be created according to using for terminal 400
Data (such as audio data, phone directory etc.) etc..It, can be in addition, memory 120 may include high-speed random access memory
Including nonvolatile memory, for example, at least a disk memory, flush memory device or other volatile solid-states
Part.Correspondingly, memory 120 can also include Memory Controller, to provide processor 180 and input unit 130 to storage
The access of device 120.
Input unit 130 can be used for receiving the number or character information of input, and generate and user setting and function
Control related keyboard, mouse, operating lever, optics or the input of trace ball signal.Specifically, input unit 130 may include touching
Sensitive surfaces 131 and other input terminals 132.Touch sensitive surface 131, also referred to as touch display screen or Trackpad are collected and are used
Family on it or neighbouring touch operation (such as user using any suitable object or attachment such as finger, stylus in touch-sensitive table
Operation on face 131 or near touch sensitive surface 131), and corresponding linked set is driven according to preset formula.It is optional
, touch sensitive surface 131 may include both touch detecting apparatus and touch controller.Wherein, touch detecting apparatus detection is used
The touch orientation at family, and the signal that touch operation is brought is detected, transmit a signal to touch controller;Touch controller is from touch
Touch information is received in detection device, and is converted into contact coordinate, then gives processor 180, and can receive processor 180
The order sent simultaneously is executed.Furthermore, it is possible to using multiple types such as resistance-type, condenser type, infrared ray and surface acoustic waves
Realize touch sensitive surface 131.In addition to touch sensitive surface 131, input unit 130 can also include other input terminals 132.Specifically,
Other input terminals 132 can include but is not limited to physical keyboard, function key (such as volume control button, switch key etc.),
It is one or more in trace ball, mouse, operating lever etc..
Display unit 140 can be used for showing information input by user or the information and terminal 400 that are supplied to user
Various graphical user interface, these graphical user interface can be made of figure, text, icon, video and its arbitrary combination.
Display unit 140 may include display panel 141, optionally, LCD (Liquid Crystal Display, liquid crystal may be used
Show device), the forms such as OLED (Organic Light-Emitting Diode, Organic Light Emitting Diode) configure display panel
141.Further, touch sensitive surface 131 can cover display panel 141, when touch sensitive surface 131 detects on it or neighbouring touches
After touching operation, processor 180 is sent to determine the type of touch event, is followed by subsequent processing type of the device 180 according to touch event
Corresponding visual output is provided on display panel 141.Although in Fig. 4, touch sensitive surface 131 and display panel 141 are conducts
Two independent components realize input and input function, but in some embodiments it is possible to by touch sensitive surface 131 and display
Panel 141 is integrated and realizes and outputs and inputs function.
Terminal 400 may also include at least one sensor 150, such as optical sensor, motion sensor and other sensings
Device.Specifically, optical sensor may include ambient light sensor and proximity sensor, wherein ambient light sensor can be according to environment
The light and shade of light adjusts the brightness of display panel 141, and proximity sensor can close display when terminal 400 is moved in one's ear
Panel 141 and/or backlight.As a kind of motion sensor, gravity accelerometer can detect in all directions (generally
Three axis) acceleration size, size and the direction of gravity are can detect that when static, can be used to identify mobile phone posture application (ratio
Such as horizontal/vertical screen switching, dependent game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap);Extremely
In other sensors such as gyroscope, barometer, hygrometer, thermometer, the infrared sensors that terminal 400 can also configure, herein
It repeats no more.
Voicefrequency circuit 160, loud speaker 161, microphone 162 can provide the audio interface between user and terminal 400.Audio
The transformed electric signal of the audio data received can be transferred to loud speaker 161 by circuit 160, and sound is converted to by loud speaker 161
Sound signal exports;On the other hand, the voice signal of collection is converted to electric signal by microphone 162, after being received by voicefrequency circuit 160
Audio data is converted to, then by after the processing of audio data output processor 180, through RF circuits 110 to be sent to such as another end
End, or audio data is exported to memory 120 to be further processed.Voicefrequency circuit 160 is also possible that earphone jack,
To provide the communication of peripheral hardware earphone and terminal 400.
Terminal 400 can help user to send and receive e-mail, browse webpage and access streaming video by transmission module 170
Deng, it provided to the user broadband internet wirelessly or non-wirelessly access.It, can be with although Fig. 4 shows transmission module 170
Understand, and is not belonging to must be configured into for terminal 400, it completely can be as needed in the range for the essence for not changing invention
It is interior and omit.
Processor 180 is the control centre of terminal 400, and each portion of whole mobile phone is linked using various interfaces and circuit
Point, by running or execute the software program and/or module that are stored in memory 120, and calls and be stored in memory 120
Interior data execute the various functions and processing data of terminal 400, to carry out integral monitoring to mobile phone.Optionally, processor
180 may include one or more processing cores;Preferably, processor 180 can integrate application processor and modem processor,
Wherein, the main processing operation system of application processor, user interface and application program etc., modem processor mainly handles nothing
Line communicates.It is understood that above-mentioned modem processor can not also be integrated into processor 180.
Terminal 400 further includes the power supply 190 (such as battery) powered to all parts, it is preferred that power supply can pass through electricity
Management system and processor 180 are logically contiguous, to realize management charging, electric discharge and power consumption by power-supply management system
The functions such as management.Power supply 190 can also include one or more direct current or AC power, recharging system, power supply event
Hinder the random components such as detection circuit, power supply changeover device or inverter, power supply status indicator.
Although being not shown, terminal 400 can also include camera, bluetooth module etc., and details are not described herein.Specifically in this hair
In bright embodiment, the display unit of terminal is touch-screen display, terminal further include have memory and one or one with
On program, one of them either more than one program be stored in memory and be configured to by one or more than one
Processor executes said one or more than one program.
In the embodiment of the present invention, which is used to run intended application client and the decryption of above-described embodiment offer
Component.
One of ordinary skill in the art will appreciate that realizing that all or part of step of above-described embodiment can pass through hardware
It completes, relevant hardware can also be instructed to complete by program, the program can be stored in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
The foregoing is merely presently preferred embodiments of the present invention, is not intended to limit the invention, it is all the present invention spirit and
Within principle, any modification, equivalent replacement, improvement and so on should all be included in the protection scope of the present invention.
Claims (10)
1. a kind of resource file decryption method, which is characterized in that the method includes:
Intended application client loads decryption component from reinforcing installation file, and encryption is included at least in the reinforcing installation file
Resource file and the decryption component, the decryption component are used to that encryption resource file to be decrypted;
In the operational process of the decryption component, Hook predetermined registration operation functions, to capture for calling the predetermined registration operation letter
Several operational orders, the predetermined registration operation function include for carrying out any behaviour to each file in the reinforcing installation file
The handling function of work;
The decryption component parses the reinforcing installation file, obtains Displacement mapping table, is wrapped in the Displacement mapping table
Include the offset address of each encryption resource file;
When the intended application client initiates the operational order, the decryption component captures the operational order, determines institute
State the corresponding offset address for accessing data of operational order;
If the Displacement mapping table includes the offset address, it is determined that the access data are encryption resource file, are obtained
The corresponding encryption resource file of the offset address is taken, and the encryption resource file is decrypted;
Predetermined registration operation function described in the intended application client call, operates the resource file after decryption.
2. according to the method described in claim 1, it is characterized in that, described be decrypted the encryption resource file, including:
The encryption resource file is loaded onto in the memory headroom of the intended application client by the decryption component, and to institute
Encryption resource file is stated to be decrypted.
3. according to the method described in claim 2, it is characterized in that, predetermined registration operation letter described in the intended application client call
Number, operates the resource file after decryption, including:
Predetermined registration operation function described in the intended application client call, in the memory headroom decrypt after resource file into
Row operation.
4. according to the method described in claim 1, it is characterized in that, the predetermined registration operation function includes read functions, fread letters
At least one of number and mmap functions.
5. according to the method described in claim 1, it is characterized in that, the intended application client adds from reinforcing installation file
Before carrying decryption component, the method further includes:
The reinforcing installation file that server is sent is received, the server is used to pacify the source of the intended application client
Dress file is unpacked, and obtains file set, the resource file in the file set is encrypted, and obtains the encryption resource text
Part, and the decryption component is added, it obtains reinforcing file set, the reinforcing file set is packaged, obtain the reinforcing peace
Fill file.
6. a kind of resource file decrypts device, which is characterized in that described device includes:Intended application client and decryption component,
The intended application client includes:Load-on module, instruction initiation module, operation module, the decryption component include:Hook moulds
Block, trapping module, deciphering module and parsing module;
The load-on module, for loading the decryption component, institute from the reinforcing installation file of the intended application client
It states to reinforce and includes at least encryption resource file and the decryption component in installation file, the decryption component is used for encrypting resource
File is decrypted;
The Hook modules are used in the operational process of the decryption component, Hook predetermined registration operation functions, so as to the capture
Module captures the operational order for calling the predetermined registration operation function, and the predetermined registration operation function includes for the reinforcing
Each file in installation file carries out the handling function of any operation;
The parsing module obtains Displacement mapping table, the Displacement mapping table for being parsed to the reinforcing installation file
It include the offset address of each encryption resource file;
Described instruction initiation module, for initiating the operational order;
The trapping module, for capturing the operational order;
The deciphering module, for determining the corresponding offset address for accessing data of the operational order;If the offset is reflected
Firing table includes the offset address, it is determined that the access data are encryption resource file;The offset address is obtained to correspond to
Encryption resource file, and the encryption resource file is decrypted;
The operation module operates the resource file after decryption for calling the predetermined registration operation function.
7. device according to claim 6, which is characterized in that the deciphering module is for adding the encryption resource file
It is loaded onto in the memory headroom of the intended application client, and the encryption resource file is decrypted.
8. device according to claim 7, which is characterized in that the operation module is for calling the predetermined registration operation letter
Number operates the resource file after being decrypted in the memory headroom.
9. device according to claim 6, which is characterized in that the predetermined registration operation function includes read functions, fread letters
At least one of number and mmap functions.
10. device according to claim 6, which is characterized in that described device further includes:
Receiving module, the reinforcing installation file for receiving server transmission, the server is for answering the target
It is unpacked with the source installation file of client, obtains file set, the resource file in the file set is encrypted, is obtained
The encryption resource file, and the decryption component is added, it obtains reinforcing file set, the reinforcing file set is packaged,
Obtain the reinforcing installation file.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610495353.2A CN106709282B (en) | 2016-06-28 | 2016-06-28 | resource file decryption method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610495353.2A CN106709282B (en) | 2016-06-28 | 2016-06-28 | resource file decryption method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106709282A CN106709282A (en) | 2017-05-24 |
CN106709282B true CN106709282B (en) | 2018-10-02 |
Family
ID=58939721
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610495353.2A Active CN106709282B (en) | 2016-06-28 | 2016-06-28 | resource file decryption method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106709282B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107341373B (en) * | 2017-06-30 | 2018-12-18 | 北京深思数盾科技股份有限公司 | A kind of guard method of executable program and device |
CN109492353B (en) * | 2018-10-11 | 2024-04-16 | 北京奇虎科技有限公司 | Application reinforcement method, device, electronic equipment and storage medium |
WO2020103057A1 (en) * | 2018-11-21 | 2020-05-28 | 深圳市欢太科技有限公司 | Data processing method, apparatus, electronic device and storage medium |
CN109657488B (en) * | 2019-02-26 | 2021-09-28 | 北京智游网安科技有限公司 | Resource file encryption processing method, intelligent terminal and storage medium |
CN110457920A (en) * | 2019-07-30 | 2019-11-15 | 苏州赛器信息安全科技有限公司 | A kind of data ciphering method and encryption device |
CN114297589A (en) * | 2021-12-28 | 2022-04-08 | 北京深思数盾科技股份有限公司 | Resource protection method and device and resource reading method and device for application program |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101458756A (en) * | 2007-12-13 | 2009-06-17 | 天津市天堰医教科技开发有限公司 | File real time decrypting method |
CN102890758A (en) * | 2012-10-11 | 2013-01-23 | 北京深思洛克软件技术股份有限公司 | Method and system for protecting executable file |
CN105227565A (en) * | 2015-10-13 | 2016-01-06 | 北京娜迦信息科技发展有限公司 | Anti-reversing for Android system cracks the method and apparatus of shared object file |
CN105468987A (en) * | 2014-08-15 | 2016-04-06 | 中兴通讯股份有限公司 | Data processing method and device |
-
2016
- 2016-06-28 CN CN201610495353.2A patent/CN106709282B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101458756A (en) * | 2007-12-13 | 2009-06-17 | 天津市天堰医教科技开发有限公司 | File real time decrypting method |
CN102890758A (en) * | 2012-10-11 | 2013-01-23 | 北京深思洛克软件技术股份有限公司 | Method and system for protecting executable file |
CN105468987A (en) * | 2014-08-15 | 2016-04-06 | 中兴通讯股份有限公司 | Data processing method and device |
CN105227565A (en) * | 2015-10-13 | 2016-01-06 | 北京娜迦信息科技发展有限公司 | Anti-reversing for Android system cracks the method and apparatus of shared object file |
Also Published As
Publication number | Publication date |
---|---|
CN106709282A (en) | 2017-05-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106709282B (en) | resource file decryption method and device | |
US20210336780A1 (en) | Key updating method, apparatus, and system | |
CN106598584B (en) | Method, device and system for processing resource file | |
CN103400076B (en) | Malware detection methods, devices and systems on a kind of mobile terminal | |
EP3200487B1 (en) | Message processing method and apparatus | |
CN110417543B (en) | Data encryption method, device and storage medium | |
CN107133498B (en) | Privacy application management method and device and mobile terminal | |
CN104580167B (en) | A kind of methods, devices and systems transmitting data | |
CN107103211B (en) | SDK send, using publication, using operation method and device | |
CN107038358B (en) | Self-starting processing method and device and mobile terminal | |
US20150121083A1 (en) | Method, device, and terminal for installing browser plug-in | |
CN106709347B (en) | Using the method and device of operation | |
CN107145794B (en) | Data processing method and device and mobile terminal | |
CN104424431B (en) | A kind of method and device resetting virtual machine user modification logging | |
CN108932429A (en) | Analysis method, terminal and the storage medium of application program | |
CN105389259B (en) | A kind of method, apparatus and system for carrying out Application testing | |
US10454905B2 (en) | Method and apparatus for encrypting and decrypting picture, and device | |
CN104965722B (en) | A kind of method and device of display information | |
CN107590397A (en) | A kind of method and apparatus for showing embedded webpage | |
CN108011879A (en) | File encryption, method, apparatus, equipment and the storage medium of decryption | |
CN105279433B (en) | Application program protection method and device | |
CN106708555B (en) | A kind of method and apparatus loading plug-in unit | |
US11516654B2 (en) | Method for automatically encrypting short message, storage device and mobile terminal | |
CN107465646B (en) | A kind of application method for down loading, system and relevant device | |
CN107102913B (en) | Data back up method, device and computer equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |