CN106933610B - Application program installation package generation method and device and electronic equipment - Google Patents

Application program installation package generation method and device and electronic equipment Download PDF

Info

Publication number
CN106933610B
CN106933610B CN201511021602.6A CN201511021602A CN106933610B CN 106933610 B CN106933610 B CN 106933610B CN 201511021602 A CN201511021602 A CN 201511021602A CN 106933610 B CN106933610 B CN 106933610B
Authority
CN
China
Prior art keywords
code
generating
installation package
application program
target application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201511021602.6A
Other languages
Chinese (zh)
Other versions
CN106933610A (en
Inventor
秦皓
杨文玉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Kingsoft Internet Security Software Co Ltd
Original Assignee
Beijing Kingsoft Internet Security Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Kingsoft Internet Security Software Co Ltd filed Critical Beijing Kingsoft Internet Security Software Co Ltd
Priority to CN201511021602.6A priority Critical patent/CN106933610B/en
Publication of CN106933610A publication Critical patent/CN106933610A/en
Application granted granted Critical
Publication of CN106933610B publication Critical patent/CN106933610B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Devices For Executing Special Programs (AREA)
  • Stored Programmes (AREA)

Abstract

The embodiment of the invention discloses a method and a device for generating an application program installation package and electronic equipment, wherein the method comprises the following steps: compiling source codes of the target application program into intermediate codes of the underlying virtual machine; compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine; and generating an installation package of the target application program by utilizing the machine code. By applying the embodiment of the invention, even if an attacker obtains the machine code of the target application program, the attacker is difficult to obtain the source code of the application program from the machine code, so that the safety of the application program is improved.

Description

Application program installation package generation method and device and electronic equipment
Technical Field
The invention relates to the technical field of mobile terminals, in particular to a method and a device for generating an application program installation package and electronic equipment.
Background
Currently, applications in the android operating system are usually written in JAVA, which is an object-oriented programming language introduced by Sun Microsystems, which can write cross-platform applications. The JAVA language belongs to a high-level language and is easy to understand and master.
At present, protection for an application program in an android operating system is generally to protect a JAVA-based source code, and the main protection schemes mainly include: code obfuscation, self-check, DEX file deformation or hiding, SO file protection, etc., but the protection of the application program by the above methods is not good, and the security of the application program is not high, for example: for an attacker, as long as the attacker obtains a DEX file of an application program, the DEX file can be used for back-compiling the JAVA language code, and then the back-compiled JAVA language code is analyzed, so that a source code of the JAVA language and the like can be obtained.
Disclosure of Invention
The embodiment of the invention aims to provide an application program installation package generation method, an application program installation package generation device and electronic equipment so as to improve the safety of an application program.
In order to achieve the above object, an embodiment of the present invention discloses a method for generating an application installation package, including:
compiling source codes of the target application program into intermediate codes of the underlying virtual machine;
compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine;
and generating an installation package of the target application program by utilizing the machine code.
Optionally, the language of the source code includes:
JAVA language.
Optionally, the compiling the source code of the target application program into the intermediate code of the underlying virtual machine includes:
compiling source code of the target application into a DEX file;
analyzing the DEX file to obtain a method contained in the DEX file;
generating a JAVA local interface method according to the obtained method;
constructing an instruction tree according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, wherein each node in the instruction tree is used for storing instructions executed in sequence;
traversing the instruction tree, and analyzing the instructions stored in each node in the instruction tree to obtain the instructions of each node in the instruction tree;
and generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
Optionally, the generating a JAVA local interface method according to the obtained method includes:
and generating the JAVA local interface method according to the obtained method and the naming rule of the method name of the JAVA local interface method.
Optionally, before the generating, by using the machine code, an installation package of the target application, the method further includes:
adding a runtime library program code segment;
the generating an installation package of the target application program by using the machine code comprises:
and generating an installation package of the target application program by utilizing the runtime library program code segment and the machine code.
Optionally, the generating, by using the machine code, an installation package of the target application includes:
performing obfuscation processing on the machine code according to a preset strategy to obtain the machine code after obfuscation processing;
and generating an installation package of the target application program by using the machine code after the obfuscation processing.
Optionally, before generating the installation package of the target application by using the machine code after the obfuscation process, the method further includes:
adding a runtime library program code segment;
the generating the installation package of the target application program by using the machine code after the obfuscation processing comprises the following steps:
and generating an installation package of the target application program by using the runtime library program code segment and the machine code after the obfuscation processing.
In order to achieve the above object, an embodiment of the present invention discloses an application installation package generating device, including: an intermediate code generation module, a machine code generation module, and an installation package generation module, wherein,
the intermediate code generation module is used for compiling the source code of the target application program into the intermediate code of the bottom layer virtual machine;
the machine code generation module is used for compiling the intermediate code into a machine code by utilizing an interpreter of the bottom layer virtual machine;
and the installation package generating module is used for generating the installation package of the target application program by utilizing the machine code.
Optionally, the language of the source code includes:
JAVA language.
Optionally, the intermediate code generating module is specifically configured to:
compiling source code of the target application into a DEX file;
analyzing the DEX file to obtain a method contained in the DEX file;
generating a JAVA local interface method according to the obtained method;
constructing an instruction tree according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, wherein each node in the instruction tree is used for storing instructions executed in sequence;
traversing the instruction tree, and analyzing the instructions stored in each node in the instruction tree to obtain the instructions of each node in the instruction tree;
and generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
Optionally, the generating a JAVA local interface method according to the obtained method includes:
and generating the JAVA local interface method according to the obtained method and the naming rule of the method name of the JAVA local interface method.
Optionally, the apparatus further comprises: a first adding module, wherein,
the first adding module is used for adding a runtime library program code segment;
the installation package generation module is specifically configured to:
and generating an installation package of the target application program by utilizing the runtime library program code segment and the machine code.
Optionally, the installation package generating module includes: an obfuscation sub-module and an installation package generation sub-module, wherein,
the obfuscation submodule is used for obfuscating the machine code according to a preset strategy to obtain the obfuscated machine code;
and the installation package generation submodule is used for generating the installation package of the target application program by using the machine code after the obfuscation processing.
Optionally, the apparatus further comprises: a second adding module for adding the first and second addition modules,
the second adding module is used for adding a runtime library program code segment;
the installation package generation submodule is specifically configured to:
and generating an installation package of the target application program by using the runtime library program code segment and the machine code after the obfuscation processing.
To achieve the above object, an embodiment of the present invention provides an electronic device, including: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor runs a program corresponding to the executable program code by reading the executable program code stored in the memory for performing the steps of:
compiling source codes of the target application program into intermediate codes of the underlying virtual machine;
compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine;
and generating an installation package of the target application program by utilizing the machine code.
In order to achieve the above object, an embodiment of the present invention provides a storage medium, where the storage medium is used to store an application program, and the application program is used to execute, at runtime, an application program installation package generation method according to the embodiment of the present invention.
In order to achieve the above object, an embodiment of the present invention provides an application program, where the application program is configured to execute the method for generating an application installation package according to the embodiment of the present invention when running.
As can be seen from the foregoing technical solutions, embodiments of the present invention provide a method, an apparatus, and an electronic device for generating an application installation package, where the method includes: compiling source codes of the target application program into intermediate codes of the underlying virtual machine; compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine; and generating an installation package of the target application program by utilizing the machine code.
By applying the technical scheme provided by the embodiment of the invention, even if an attacker obtains the machine code of the target application program, the attacker is difficult to obtain the source code of the application program from the machine code, so that the safety of the application program is improved.
Of course, it is not necessary for any product or method of practicing the invention to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a first flowchart illustrating a method for generating an application installation package according to an embodiment of the present invention;
fig. 2 is a second flowchart illustrating a method for generating an application installation package according to an embodiment of the present invention;
fig. 3 is a third flowchart illustrating a method for generating an application installation package according to an embodiment of the present invention;
fig. 4 is a fourth flowchart illustrating a method for generating an application installation package according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a first apparatus for generating an application installation package according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a second apparatus for generating an application installation package according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a third apparatus for generating an application installation package according to an embodiment of the present invention;
fig. 8 is a schematic diagram illustrating a fourth structure of an application installation package generating apparatus according to an embodiment of the present invention;
fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to solve the problem of the prior art, embodiments of the present invention provide an application installation package generation method, an application installation package generation device, and an electronic device. First, a detailed description is given below of an application installation package generation method according to an embodiment of the present invention.
Fig. 1 is a first flowchart of a method for generating an application installation package according to an embodiment of the present invention, where the method includes:
s101: compiling source codes of the target application program into intermediate codes of the underlying virtual machine;
specifically, in practical applications, the language of the source code may be JAVA, where JAVA is an object-oriented programming language that is introduced by Sun Microsystems and can write cross-platform applications, the underlying Virtual machine is LLVM (low Level Virtual machine), and LLVM is an open-source compiler system framework that provides a set of neutral intermediate codes and compilation infrastructure and a set of new compilation strategies around these infrastructure, and can optimize the programming language in an efficient manner during compilation, linking, execution environment execution, and after installation.
Specifically, a source code of a target application program is compiled into an intermediate code of a bottom layer virtual machine, and the source code of the target application program can be compiled into a DEX file; analyzing the DEX file to obtain a method contained in the DEX file; generating a JAVA local interface method according to the obtained method; constructing an instruction tree according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, wherein each node in the instruction tree is used for storing instructions executed in sequence; traversing the instruction tree, and analyzing the instructions stored in each node in the instruction tree to obtain the instructions of each node in the instruction tree; and generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
The DEX is a full name of Dalvik VM (Virtual Machine) executables, namely a Dalvik Virtual Machine execution program, and the DEX file is an executable file on an android operating platform. Compiling the source code of the target application program into a DEX file is the prior art, and the embodiment of the present invention is not described herein again.
When the source code of the target application program is compiled into a DEX file, the DEX file can be analyzed, and the header of the DEX file mainly comprises a checksum and offset address and length information of other structures; the index area method _ ids in the DEX file contains all method indexes, and all methods contained in the DEX file can be obtained according to the method indexes.
Specifically, in practical application, the JAVA local interface method is generated according to the obtained method, and may: and generating the JAVA local Interface method according to the obtained method and the naming rule of the method name of the JAVA local Interface (JNI, JAVA Native Interface) method. The naming rule of the method name of the JNI method is as follows:
(1) prefix: java _; (2) fully qualified name of class: delimited by underlining (_); (3) the name of the method; (4) the JNI function specifies the first argument: JNIEnv; (5) the JNI function specifies a second argument: a jobject; (6) actual Java parameters: jstring, jnt, etc. (7) return parameters for the value: jstring, jnt, etc.
For example, assume that the names of the methods contained in the DEX file are: com. cm. test. method1, the name of the generated JNI method is: JAVA _ com _ cm _ Test _ method1, wherein the generated JNI method is: JAVA _ com _ cm _ Test _ method1(JNIEnv, j object).
When the instruction tree is constructed according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, each node (BasicBlock) in the instruction tree is used for storing the instructions executed in sequence. Upon encountering a jump instruction, the instruction tree branches, creating a node. Specifically, there are three main types of jump instructions.
The first method comprises the following steps: directly jumping to the address corresponding to the address offset, wherein the operand is unique at the moment, and the address offset is directly stored, namely the jump is directly made to the address corresponding to the address offset;
and the second method comprises the following steps: comparing and jumping, wherein the number of the operands is three, the first two operands store comparison values, the last operand stores address offset, and whether jumping to an address corresponding to the address offset is determined according to the comparing and jumping instruction, for example: when the first operand and the second operand are equal, jumping to an address corresponding to the address offset;
and the third is that: and skipping to zero comparison, wherein the two operands are provided, the first operand stores a comparison value, the last operand stores an address offset, and when the first operand is zero, skipping to an address corresponding to the address offset.
When the instruction tree is built, a jump instruction occurs,
if the object code does not exist. Then a BasicBlock is newly built and the target code is stored.
If the target code exists, the jump address is the starting address of certain BasicBlock. It points directly to the BasicBlock that holds the target code.
If the target code exists, but the jump address points to a certain BasicBlock middle position code, the original BasicBlock needs to be subjected to code segmentation at the jump target address.
After the instruction tree is constructed, traversing the instruction tree, analyzing the instructions stored in each node in the instruction tree, and obtaining the instructions of each node in the instruction tree. And generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
Wherein, the middle code rule of the LLVM is: annotations begin with semicolon (;) and continue to the end of the line; the global identifier starts with the @ character, all function names and global variables must start with @; the local identifier starts in percentile (%). A typical regular expression for an identifier is [% @ ] [ a-zA-Z $. _________________________________ a-zA-Z $. _____ 0-9. Each function ends with a return statement. There are two forms of return statements: ret < type > < value > or ret void.
Illustratively, taking the generation of LLVM intermediate code corresponding to the printed hello world as an example, the generated LLVM intermediate code corresponding to the printed hello world is as follows:
Figure BDA0000895899540000081
s102: compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine;
illustratively, a 4096 element array is generated.
The LLVM intermediate code is:
% 9 ═ alloca i 32; allocating memory
store i 324096, i 32% 9; assign 4096 to allocated memory
% 10 ═ load i32 ×% 9; reading values from allocated memory
% 11 ═ tail call% JavaObject @ elknnewarray (i32 @% env, i32-2147483643, i 32% 10); the elkNewArray is called to create an array, i 32% env is a fixed parameter, i32-2147483643 is an internally defined number to represent the array type. i 32% 10 the previously fetched array length (4096).
Compiling the intermediate code into a machine code by using an LLVM interpreter, wherein the machine code comprises the following components:
Figure BDA0000895899540000091
s103: and generating an installation package of the target application program by utilizing the machine code.
The generation of the installation package by using the machine code is the prior art, and the embodiment of the present invention is not described herein again.
It should be noted that, the above-mentioned steps of generating LLVM intermediate code corresponding to the hello world and compiling LLVM intermediate code corresponding to generating an array having 4096 elements into machine code are only a specific example of the present invention, and are not intended to limit the present invention.
By applying the embodiment of the invention shown in fig. 1, even if an attacker obtains the machine code of the target application program, the attacker is difficult to obtain the source code of the application program from the machine code, and the safety of the application program is improved.
Fig. 2 is a second flowchart illustrating a method for generating an application installation package according to an embodiment of the present invention, where based on the embodiment illustrated in fig. 1, in the embodiment illustrated in fig. 2, before S103, S104 is added: adding a runtime library program code segment;
wherein S103 may be S103A: and generating an installation package of the target application program by utilizing the runtime library program code segment and the machine code.
The runtime library program code segment is a program code segment for being compatible with the ROMs of different manufacturers and various android system-based models when the target application program runs.
The runtime library is a special computer library used by a compiler to implement built-in functions of a programming language to provide runtime support for the language program, and can support basic input/output or memory management. The runtime library serves as a connection for the code and the local implementation. The runtime library program code segment comprises a series of invoke functions with the same method name but different return values, wherein the invoke functions are specifically realized as follows: invoke (Object obj, Object.. args), the first parameter is the name of the method, and the second parameter is the parameter that invokes the method. In the process of executing the target application program, all local methods with the same method name are obtained firstly, then the local method corresponding to the local system is obtained according to the return value, and the local method corresponding to the local system is executed, so that the target application program can be well compatible with the current ROM of each manufacturer and various models based on the android system.
By applying the embodiment shown in fig. 2 of the present invention, even if an attacker obtains the machine code of the target application program, it is difficult to obtain the source code of the application program from the machine code, and the security of the application program is improved. And the target application program can be well compatible with the current ROM of each manufacturer and various models based on the android system.
Fig. 3 is a third flowchart illustrating a method for generating an application installation package according to an embodiment of the present invention, where in the embodiment of the present invention shown in fig. 3, based on the embodiment shown in fig. 1, S103 may include:
S103B: performing obfuscation processing on the machine code according to a preset strategy to obtain the machine code after obfuscation processing;
S103C: and generating an installation package of the target application program by using the machine code after the obfuscation processing.
In general, obfuscating code refers to obfuscating a class name, a method name, a parameter name, a variable name, etc. of the code into a meaningless custom format (e.g., a random string). The execution logic of the code is not changed by carrying out the obfuscation processing on the code, and the execution result is not influenced.
The obfuscating of the code to obtain the obfuscated code, and the generating of the installation package by using the machine code are prior art, and are not described in detail herein in the embodiments of the present invention.
By applying the embodiment shown in fig. 3 of the present invention, even if an attacker obtains the machine code of the target application program, it is difficult to obtain the source code of the application program from the machine code, and the security of the application program is improved. And the codes are subjected to obfuscation processing, so that the difficulty of an attacker in cracking the application program is increased, and the safety of the application program is further improved.
Fig. 4 is a fourth flowchart illustrating a method for generating an application installation package according to an embodiment of the present invention, where based on the embodiment illustrated in fig. 3, in the embodiment illustrated in fig. 4 of the present invention, before S103C, S105 is added: adding a runtime library program code segment;
wherein S103C may be S103C': and generating an installation package of the target application program by using the runtime library program code segment and the machine code after the obfuscation processing.
The runtime library program code segment is a program code segment for being compatible with the ROMs of different manufacturers and various android system-based models when the target application program runs.
The runtime library is a special computer library used by a compiler to implement built-in functions of a programming language to provide runtime support for the language program, and can support basic input/output or memory management. The runtime library serves as a connection for the code and the local implementation. The runtime library program code segment comprises a series of invoke functions with the same method name but different return values, wherein the invoke functions are specifically realized as follows: invoke (Object obj, Object.. args), the first parameter is the name of the method, and the second parameter is the parameter that invokes the method. In the process of executing the target application program, all local methods with the same method name are obtained firstly, then the local method corresponding to the local system is obtained according to the return value, and the local method corresponding to the local system is executed, so that the target application program can be well compatible with the current ROM of each manufacturer and various models based on the android system.
By applying the embodiment shown in fig. 4 of the present invention, even if an attacker obtains the machine code of the target application program, it is difficult to obtain the source code of the application program from the machine code, and the security of the application program is improved. And the codes are subjected to obfuscation processing, so that the difficulty of an attacker in cracking the application program is increased, and the safety of the application program is further improved. And the target application program can be well compatible with the current ROM of each manufacturer and various models based on the android system.
Corresponding to the above method embodiment, the embodiment of the present invention further provides an application installation package generating device.
Fig. 5 is a schematic structural diagram of a first apparatus for generating an application installation package according to an embodiment of the present invention, where the first structural diagram may include: an intermediate code generation module 201, a machine code generation module 202, and an installation package generation module 203, wherein,
an intermediate code generation module 201, configured to compile a source code of a target application into an intermediate code of an underlying virtual machine;
in practical applications, the language of the source code may be JAVA.
In practical applications, the intermediate code generation module 201 according to the embodiment of the present invention may be specifically configured to:
compiling source code of the target application into a DEX file;
analyzing the DEX file to obtain a method contained in the DEX file;
generating a JAVA local interface method according to the obtained method;
the JAVA native interface method may be generated according to the obtained method, and specifically, according to the obtained method, according to a naming rule of a method name of the JAVA native interface method, the JAVA native interface method may be generated.
Constructing an instruction tree according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, wherein each node in the instruction tree is used for storing instructions executed in sequence;
traversing the instruction tree, and analyzing the instructions stored in each node in the instruction tree to obtain the instructions of each node in the instruction tree;
and generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
A machine code generation module 202, configured to compile the intermediate code compiled by the intermediate code generation module 201 into a machine code by using the interpreter of the underlying virtual machine;
the installation package generating module 203 is configured to generate an installation package of the target application by using the machine code compiled by the machine code generating module 202.
By applying the embodiment shown in fig. 5 of the present invention, even if an attacker obtains the machine code of the target application program, it is difficult to obtain the source code of the application program from the machine code, and the security of the application program is improved.
Fig. 6 is a schematic structural diagram of a second structure of an apparatus for generating an application installation package according to an embodiment of the present invention, in which, in the embodiment of the present invention shown in fig. 6, a first adding module 204 is added on the basis of the embodiment shown in fig. 5, wherein,
a first adding module 204, configured to add runtime library program code segments;
the runtime library program code segment is a program code segment which is compatible with ROMs of different manufacturers and models based on the android system when the target application program runs. The runtime library is a special computer library used by a compiler to implement built-in functions of a programming language to provide runtime support for the language program, and can support basic input/output or memory management. The runtime library serves as a connection for the code and the local implementation. The runtime library program code segment comprises a series of invoke functions with the same method name but different return values, wherein the invoke functions are specifically realized as follows: invoke (Object obj, Object.. args), the first parameter is the name of the method, and the second parameter is the parameter that invokes the method. In the process of executing the target application program, all local methods with the same method name are obtained firstly, and then the local method to be executed is obtained according to the return value, so that the target application program can be well compatible with the current ROM of each manufacturer and various models based on the android system.
The installation package generating module 203 of the embodiment of the present invention may be specifically configured to:
and generating an installation package of the target application program by utilizing the runtime library program code segment and the machine code.
By applying the embodiment shown in fig. 6 of the present invention, even if an attacker obtains the machine code of the target application program, it is difficult to obtain the source code of the application program from the machine code, and the security of the application program is improved. And the target application program can be well compatible with the current ROM of each manufacturer and various models based on the android system.
Fig. 7 is a schematic structural diagram of a third apparatus for generating an application installation package according to an embodiment of the present invention; in the embodiment shown in fig. 7 of the present invention, on the basis of the embodiment shown in fig. 5, the installation package generating module 203 may include: an obfuscation sub-module and an installation package generation sub-module, wherein,
the obfuscation submodule is used for obfuscating the machine code according to a preset strategy to obtain the obfuscated machine code;
and the installation package generation submodule is used for generating the installation package of the target application program by using the machine code after the obfuscation processing.
By applying the embodiment of the invention shown in fig. 7, even if an attacker obtains the machine code of the target application program, the attacker is difficult to obtain the source code of the application program from the machine code, and the safety of the application program is improved. And the codes are subjected to obfuscation processing, so that the difficulty of an attacker in cracking the application program is increased, and the safety of the application program is further improved.
Fig. 8 is a schematic diagram illustrating a fourth structure of an application installation package generating apparatus according to an embodiment of the present invention; the embodiment of the invention shown in fig. 8 is based on the embodiment shown in fig. 7, and adds a second adding module 205,
the second adding module 205 is configured to add a runtime library program code segment;
the installation package generation submodule shown in the embodiment of the present invention may be specifically configured to:
and generating an installation package of the target application program by using the runtime library program code segment and the machine code after the obfuscation processing.
By applying the embodiment of the invention shown in fig. 8, even if an attacker obtains the machine code of the target application program, the attacker is difficult to obtain the source code of the application program from the machine code, and the safety of the application program is improved. And the codes are subjected to obfuscation processing, so that the difficulty of an attacker in cracking the application program is increased, and the safety of the application program is further improved. And the target application program can be well compatible with the current ROM of each manufacturer and various models based on the android system.
Fig. 9 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, where the electronic device may include: the device comprises a shell 301, a processor 302, a memory 303, a circuit board 304 and a power circuit 305, wherein the circuit board 304 is arranged inside a space enclosed by the shell 301, and the processor 302 and the memory 303 are arranged on the circuit board 304; a power supply circuit 305 for supplying power to each circuit or device of the electronic apparatus; memory 303 is used to store executable program code; the processor 302 runs a program corresponding to the executable program code by reading the executable program code stored in the memory 303 for performing the steps of:
compiling source codes of the target application program into intermediate codes of the underlying virtual machine;
compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine;
and generating an installation package of the target application program by utilizing the machine code.
The electronic device exists in a variety of forms, including but not limited to:
(1) a mobile communication device: such devices are characterized by mobile communications capabilities and are primarily targeted at providing voice, data communications. Such electronic devices include: smart phones (e.g., iphones), multimedia phones, functional phones, and low-end phones, among others.
(2) Ultra mobile personal computer device: the equipment belongs to the category of personal computers, has calculation and processing functions and generally has the characteristic of mobile internet access. Such electronic devices include: PDA, MID, and UMPC devices, etc., such as ipads.
(3) A portable entertainment device: such devices can display and play multimedia content. This type of device comprises: audio, video players (e.g., ipods), handheld game consoles, electronic books, and smart toys and portable car navigation devices.
(4) A server: the device for providing the computing service comprises a processor, a hard disk, a memory, a system bus and the like, and the server is similar to a general computer architecture, but has higher requirements on processing capacity, stability, reliability, safety, expandability, manageability and the like because of the need of providing high-reliability service.
(5) Other mobile electronic devices with data interaction functions.
By applying the embodiment of the invention shown in fig. 9, even if an attacker obtains the machine code of the target application program, the attacker is difficult to obtain the source code of the application program from the machine code, and the safety of the application program is improved.
In addition, the embodiment of the present invention further provides a storage medium, configured to store an application program, where the application program is configured to execute the method for generating the application program installation package provided in the embodiment of the present invention; the method for generating the application installation package provided by the embodiment of the invention can comprise the following steps:
compiling source codes of the target application program into intermediate codes of the underlying virtual machine;
compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine;
and generating an installation package of the target application program by utilizing the machine code.
Wherein the language of the source code comprises:
JAVA language.
Compiling source code of a target application program into intermediate code of an underlying virtual machine, wherein the compiling of the source code of the target application program into the intermediate code of the underlying virtual machine comprises the following steps:
compiling source code of the target application into a DEX file;
analyzing the DEX file to obtain a method contained in the DEX file;
generating a JAVA local interface method according to the obtained method;
constructing an instruction tree according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, wherein each node in the instruction tree is used for storing instructions executed in sequence;
traversing the instruction tree, and analyzing the instructions stored in each node in the instruction tree to obtain the instructions of each node in the instruction tree;
and generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
Wherein, the generating of the JAVA native interface method according to the obtained method comprises:
and generating the JAVA local interface method according to the obtained method and the naming rule of the method name of the JAVA local interface method.
Wherein, prior to said generating, with the machine code, an installation package for the target application, the method further comprises:
adding a runtime library program code segment;
the generating an installation package of the target application program by using the machine code comprises:
and generating an installation package of the target application program by utilizing the runtime library program code segment and the machine code.
Wherein the generating an installation package of the target application program by using the machine code comprises:
performing obfuscation processing on the machine code according to a preset strategy to obtain the machine code after obfuscation processing;
and generating an installation package of the target application program by using the machine code after the obfuscation processing.
Wherein, before the generating the installation package of the target application program by using the machine code after the obfuscation process, the method further comprises:
adding a runtime library program code segment;
the generating the installation package of the target application program by using the machine code after the obfuscation processing comprises the following steps:
and generating an installation package of the target application program by using the runtime library program code segment and the machine code after the obfuscation processing.
In addition, the embodiment of the present invention further provides an application program, which is used for executing the method for generating the application program installation package provided by the embodiment of the present invention; the method for generating the application installation package provided by the embodiment of the invention can comprise the following steps:
compiling source codes of the target application program into intermediate codes of the underlying virtual machine;
compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine;
and generating an installation package of the target application program by utilizing the machine code.
Wherein the language of the source code comprises:
JAVA language.
Compiling source code of a target application program into intermediate code of an underlying virtual machine, wherein the compiling of the source code of the target application program into the intermediate code of the underlying virtual machine comprises the following steps:
compiling source code of the target application into a DEX file;
analyzing the DEX file to obtain a method contained in the DEX file;
generating a JAVA local interface method according to the obtained method;
constructing an instruction tree according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, wherein each node in the instruction tree is used for storing instructions executed in sequence;
traversing the instruction tree, and analyzing the instructions stored in each node in the instruction tree to obtain the instructions of each node in the instruction tree;
and generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
Wherein, the generating of the JAVA native interface method according to the obtained method comprises:
and generating the JAVA local interface method according to the obtained method and the naming rule of the method name of the JAVA local interface method.
Wherein, prior to said generating, with the machine code, an installation package for the target application, the method further comprises:
adding a runtime library program code segment;
the generating an installation package of the target application program by using the machine code comprises:
and generating an installation package of the target application program by utilizing the runtime library program code segment and the machine code.
Wherein the generating an installation package of the target application program by using the machine code comprises:
performing obfuscation processing on the machine code according to a preset strategy to obtain the machine code after obfuscation processing;
and generating an installation package of the target application program by using the machine code after the obfuscation processing.
Wherein, before the generating the installation package of the target application program by using the machine code after the obfuscation process, the method further comprises:
adding a runtime library program code segment;
the generating the installation package of the target application program by using the machine code after the obfuscation processing comprises the following steps:
and generating an installation package of the target application program by using the runtime library program code segment and the machine code after the obfuscation processing.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the apparatus embodiment, since it is substantially similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
Those skilled in the art will appreciate that all or part of the steps in the above method embodiments may be implemented by a program to instruct relevant hardware to perform the steps, and the program may be stored in a computer-readable storage medium, which is referred to herein as a storage medium, such as: ROM/RAM, magnetic disk, optical disk, etc.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (11)

1. An application installation package generation method, comprising:
compiling source codes of the target application program into intermediate codes of the underlying virtual machine;
compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine;
generating an installation package of the target application program by using the machine code;
the language of the source code includes:
the JAVA language;
the compiling the source code of the target application program into the intermediate code of the bottom layer virtual machine comprises the following steps:
compiling source code of the target application into a DEX file;
analyzing the DEX file to obtain a method contained in the DEX file;
generating a JAVA local interface method according to the obtained method;
constructing an instruction tree according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, wherein each node in the instruction tree is used for storing instructions executed in sequence;
traversing the instruction tree, and analyzing the instructions stored in each node in the instruction tree to obtain the instructions of each node in the instruction tree;
and generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
2. The method according to claim 1, wherein said generating, according to the obtained method, a JAVA native interface method comprises:
and generating the JAVA local interface method according to the obtained method and the naming rule of the method name of the JAVA local interface method.
3. The method of any of claims 1-2, wherein prior to said generating, with the machine code, an installation package for the target application, the method further comprises:
adding a runtime library program code segment;
the generating an installation package of the target application program by using the machine code comprises:
and generating an installation package of the target application program by utilizing the runtime library program code segment and the machine code.
4. The method of any of claims 1-2, wherein generating, using the machine code, the installation package for the target application comprises:
performing obfuscation processing on the machine code according to a preset strategy to obtain the machine code after obfuscation processing;
and generating an installation package of the target application program by using the machine code after the obfuscation processing.
5. The method of claim 4, wherein prior to the generating the installation package of the target application using the machine code after obfuscation, the method further comprises:
adding a runtime library program code segment;
the generating the installation package of the target application program by using the machine code after the obfuscation processing comprises the following steps:
and generating an installation package of the target application program by using the runtime library program code segment and the machine code after the obfuscation processing.
6. An application installation package generation apparatus, comprising: an intermediate code generation module, a machine code generation module, and an installation package generation module, wherein,
the intermediate code generation module is used for compiling the source code of the target application program into the intermediate code of the bottom layer virtual machine;
the machine code generation module is used for compiling the intermediate code into a machine code by utilizing an interpreter of the bottom layer virtual machine;
the installation package generating module is used for generating an installation package of the target application program by using the machine code;
the language of the source code includes:
the JAVA language;
the intermediate code generation module is specifically configured to:
compiling source code of the target application into a DEX file;
analyzing the DEX file to obtain a method contained in the DEX file;
generating a JAVA local interface method according to the obtained method;
constructing an instruction tree according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, wherein each node in the instruction tree is used for storing instructions executed in sequence;
traversing the instruction tree, and analyzing the instructions stored in each node in the instruction tree to obtain the instructions of each node in the instruction tree;
and generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
7. The apparatus of claim 6, wherein said generating a JAVA local interface method according to the obtained method comprises:
and generating the JAVA local interface method according to the obtained method and the naming rule of the method name of the JAVA local interface method.
8. The apparatus of any one of claims 6 to 7, further comprising: a first adding module, wherein,
the first adding module is used for adding a runtime library program code segment;
the installation package generation module is specifically configured to:
and generating an installation package of the target application program by utilizing the runtime library program code segment and the machine code.
9. The apparatus of any of claims 6 to 7, wherein the installation package generation module comprises: an obfuscation sub-module and an installation package generation sub-module, wherein,
the obfuscation submodule is used for obfuscating the machine code according to a preset strategy to obtain the obfuscated machine code;
and the installation package generation submodule is used for generating the installation package of the target application program by using the machine code after the obfuscation processing.
10. The apparatus of claim 9, further comprising: a second adding module for adding the first and second addition modules,
the second adding module is used for adding a runtime library program code segment;
the installation package generation submodule is specifically configured to:
and generating an installation package of the target application program by using the runtime library program code segment and the machine code after the obfuscation processing.
11. An electronic device, characterized in that the electronic device comprises: the device comprises a shell, a processor, a memory, a circuit board and a power circuit, wherein the circuit board is arranged in a space enclosed by the shell, and the processor and the memory are arranged on the circuit board; a power supply circuit for supplying power to each circuit or device of the electronic apparatus; the memory is used for storing executable program codes; the processor runs a program corresponding to the executable program code by reading the executable program code stored in the memory for performing the steps of:
compiling source codes of the target application program into intermediate codes of the underlying virtual machine;
compiling the intermediate code into a machine code by using an interpreter of the bottom layer virtual machine;
generating an installation package of the target application program by using the machine code;
the language of the source code includes:
the JAVA language;
the compiling the source code of the target application program into the intermediate code of the bottom layer virtual machine comprises the following steps:
compiling source code of the target application into a DEX file;
analyzing the DEX file to obtain a method contained in the DEX file;
generating a JAVA local interface method according to the obtained method;
constructing an instruction tree according to the bottom layer virtual machine compiler rule and the generated JAVA local interface method, wherein each node in the instruction tree is used for storing instructions executed in sequence;
traversing the instruction tree, and analyzing the instructions stored in each node in the instruction tree to obtain the instructions of each node in the instruction tree;
and generating the intermediate code of the bottom layer virtual machine according to the obtained instruction of each node in the instruction tree and the intermediate code rule of the bottom layer virtual machine.
CN201511021602.6A 2015-12-30 2015-12-30 Application program installation package generation method and device and electronic equipment Active CN106933610B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201511021602.6A CN106933610B (en) 2015-12-30 2015-12-30 Application program installation package generation method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201511021602.6A CN106933610B (en) 2015-12-30 2015-12-30 Application program installation package generation method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN106933610A CN106933610A (en) 2017-07-07
CN106933610B true CN106933610B (en) 2021-07-30

Family

ID=59442378

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201511021602.6A Active CN106933610B (en) 2015-12-30 2015-12-30 Application program installation package generation method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN106933610B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109871284A (en) * 2017-12-05 2019-06-11 北京元比特科技有限责任公司 The virtualization technology and method that a kind of application program is executed across Language Runtime
CN107967415B (en) * 2017-12-11 2021-09-17 北京奇虎科技有限公司 Resource confusion protection method, system and terminal device
CN110134378B (en) * 2018-02-08 2022-02-22 腾讯科技(深圳)有限公司 Application program creating method and device, computer equipment and storage medium
CN110196718B (en) * 2018-05-10 2023-07-25 腾讯科技(深圳)有限公司 Script confusion method
CN111492345A (en) * 2018-10-15 2020-08-04 华为技术有限公司 Method for optimizing and running android application program and related device
CN111125644B (en) * 2018-11-01 2022-05-27 百度在线网络技术(北京)有限公司 Information hiding method and device for application product
CN109976793B (en) * 2019-03-15 2022-05-10 北京字节跳动网络技术有限公司 Application program running method, device, equipment and medium
WO2020211074A1 (en) * 2019-04-19 2020-10-22 云图有限公司 Multi-party secure computing data processing method, apparatus and system
CN110333867B (en) * 2019-04-19 2023-09-01 矩阵元技术(深圳)有限公司 Multiparty secure computing data processing method, device and system
CN110348206B (en) * 2019-07-11 2021-09-17 网易(杭州)网络有限公司 Protection method, medium, device and computing equipment applied to android installation package (APK)
CN112527316A (en) * 2020-12-29 2021-03-19 Oppo广东移动通信有限公司 Code compiling method and device, electronic equipment and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104463002A (en) * 2014-12-24 2015-03-25 北京奇虎科技有限公司 APK reinforcing method and device and APK reinforcing client and server

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100474253C (en) * 2007-11-22 2009-04-01 北京飞天诚信科技有限公司 .Net program protection method and device
CN102043932B (en) * 2010-12-31 2012-07-18 中国航空工业集团公司第六三一研究所 Method for preventing Java program from being decompiled
US8887152B1 (en) * 2011-11-04 2014-11-11 Trend Micro, Inc. Android application virtual environment
CN102831342B (en) * 2012-07-28 2016-01-06 北京深思数盾科技有限公司 A kind of method improving application program protection intensity in Android system
CN104376262B (en) * 2014-12-08 2018-01-09 中国科学院深圳先进技术研究院 A kind of Android malware detection method based on Dalvik instructions and authority combination

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104463002A (en) * 2014-12-24 2015-03-25 北京奇虎科技有限公司 APK reinforcing method and device and APK reinforcing client and server

Also Published As

Publication number Publication date
CN106933610A (en) 2017-07-07

Similar Documents

Publication Publication Date Title
CN106933610B (en) Application program installation package generation method and device and electronic equipment
CN105100191B (en) The method, apparatus and system of Java application installations are realized in a kind of cloud compiling
US9690604B2 (en) Language-based model for asynchronous operations
US10209968B2 (en) Application compiling
US8739119B2 (en) Method for inserting code into .net programs and apparatus therefor
US8615750B1 (en) Optimizing application compiling
Hellman Android programming: Pushing the limits
CN110245467B (en) Android application program protection method based on Dex2C and LLVM
Donovan et al. PNaCl: Portable native client executables
KR102156371B1 (en) Method for providing embedded software development tools for supporting embedded software development environment based on native building and apparatus thereof
WO2015014143A1 (en) Method and apparatus for cross-platform application conversion
CN111324396A (en) Block chain intelligent contract execution method, device and equipment
CN104090765A (en) Method and device for switching from mobile game to webgame
US10809988B2 (en) Processor emulation using multiple translations
WO2023155940A1 (en) Mini program compiling method and apparatus, mini program running method and apparatus, and storage medium
CN103927193A (en) Loading method and server side virtual machine used in migration running of Java application program functions
CN114327477A (en) Intelligent contract execution method and device, electronic device and storage medium
CN111796829A (en) Applet updating method and device, electronic equipment and computer readable storage medium
CN110333872B (en) Application processing method, device, equipment and medium
CN105511935A (en) Resource index value acquiring method and device
US20130159980A1 (en) Process for generating dynamic type
Hook Write portable code: an introduction to developing software for multiple platforms
US20140046984A1 (en) Compact type layouts
CN112306539B (en) Development method, system, terminal and medium for SCM application layer
CN115878510A (en) Page table modifying method, page table verifying method, page table modifying device, page table verifying device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant