CN107391973A - A kind of function guard method and device - Google Patents
A kind of function guard method and device Download PDFInfo
- Publication number
- CN107391973A CN107391973A CN201710581056.4A CN201710581056A CN107391973A CN 107391973 A CN107391973 A CN 107391973A CN 201710581056 A CN201710581056 A CN 201710581056A CN 107391973 A CN107391973 A CN 107391973A
- Authority
- CN
- China
- Prior art keywords
- function
- stub
- encryption
- protected
- function body
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 230000006870 function Effects 0.000 claims abstract description 457
- 230000015654 memory Effects 0.000 claims abstract description 40
- 238000010276 construction Methods 0.000 description 10
- 101100476210 Caenorhabditis elegans rnt-1 gene Proteins 0.000 description 5
- 230000000694 effects Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
Abstract
The embodiment of the invention discloses a kind of function guard method and device, this method to include:Obtain the function body of function to be protected in target class file;Encryption information corresponding with the function body is generated using encryption function, and the encryption information is stored in setting memory space;The stub matched with the function body is constructed, wherein, filled with setting placeholder in the function body of the stub;The decryption function matched with the encryption function is constructed, and the function body of function to be protected in the target class file is replaced with into the decryption function.The embodiment of the present invention can greatly reduce the possibility that code is cracked, and reach the purpose of covered code, and function code can be avoided to be occurred by the situation of decompiling, effectively improve the security of function code.
Description
Technical field
The present embodiments relate to field of information security technology, more particularly to a kind of function guard method and device.
Background technology
With flourishing for internet, computer programming language (JAVA) is with the features such as it is portable, multithreading
Improve the intelligence degree of electronic product.But because the abstraction level of JAVA bytecode is higher, therefore easily by decompiling
For source code, the safety issue for causing program code to be cracked.
In the prior art, in order to protect the security of JAVA bytecode, three kinds of solutions often are used:
1st, class file is encrypted, in order to prevent that class (.class) file is literary by the class of key by direct decompiling, developer
Part is encrypted, and is loaded into after being decrypted by customized class load mechanism (ClassLoader) in virtual machine
Perform.But be encrypted because customized class load mechanism is no in itself, cracker easily obtains class file.
2nd, key code is converted into local code, it is that one kind prevents counter compile that program key code is converted into local code
The effective ways translated, but be to sacrifice JAVA cross-platform transplantability as cost, can also aggravate software support and safeguard
Work, add the complexity of system.
3rd, using Code Obfuscation Security Technology, by using obfuscation to JAVA bytecode, code logic is made to produce change, no
Easily it is read.But it is larger to obfuscation dependence, and can be by decompiling.
The content of the invention
The embodiment of the present invention provides a kind of function guard method and device, to solve the easy quilt of function code in the prior art
The problem of decompiling.
In a first aspect, the embodiments of the invention provide a kind of function encryption method, including:
Obtain the function body of function to be protected in target class file;
Encryption information corresponding with the function body is generated using encryption function, and the encryption information is stored in setting
In memory space;
The stub matched with the function body is constructed, wherein, filled with setting in the function body of the stub
Placeholder;
Construct the decryption function that is matched with the encryption function, and by the function of function to be protected in the target class file
Body replaces with the decryption function.
Further, the stub includes at least one of following features:
The function body equal length of the function body of the stub and the function to be protected;
The parameter type of the stub is identical with the parameter type of the function to be protected;
The return Value Types of the stub are identical with the return Value Types of the function to be protected.
Further, corresponding with function body encryption information is generated using encryption function, and by the encryption information
It is stored in setting memory space, including:
Encryption function is called from encryption lock using intermediate module;
The function body of function to be protected is encrypted using the encryption function, generation is corresponding with the function body to be added
Confidential information;
The encryption information is stored in encryption lock;
Wherein, the encryption lock includes the interface to be communicated with the target class file.
Further, the function body of function to be protected in target class file is obtained, including:
Obtain the function to be protected in target class file;
The file format of the target class file is parsed using analytical tool, obtains the initial address of the function to be protected
And termination address;
According to the initial address and the termination address, the function body of the acquisition function to be protected.
Second aspect, the embodiments of the invention provide a kind of function decryption method, including:
When detecting that object function is run, the function body of the object function is obtained in target class file;
If identifying that the function body includes decryption function, in memory space is set, obtain and the function
Encryption information corresponding to body, and the encryption information is decrypted using the decryption function, obtain ciphertext data;
The stub matched with the function body is obtained, wherein, filled with setting in the function body of the stub
Placeholder;
After the function body of the stub is replaced with into the ciphertext data, the stub is run;
After the operation result of the stub is preserved, the function body of the stub is replaced with into described account for again
Position symbol.
The third aspect, the embodiment of the present invention additionally provide a kind of function encrypting device, including:
Function body acquisition module, for obtaining the function body of function to be protected in target class file;
Encrypting module, for generating corresponding with function body encryption information using encryption function, and by the encryption
Information is stored in setting memory space;
Stub constructing module, for constructing the stub matched with the function body, wherein, the stub
Function body in filled with setting placeholder;
Decryption function constructing module, for constructing the decryption function that is matched with the encryption function, and by the target class
The function body of function to be protected replaces with the decryption function in file.
Further, the stub constructing module includes:
First structural unit, the function body length phase for the function body and the function to be protected of the stub
Deng;
Second structural unit, the parameter type phase for the parameter type and the function to be protected of the stub
Together;
3rd structural unit, the return Value Types for returning to Value Types and the function to be protected for the stub
It is identical.
Further, the encrypting module includes:
Call unit, for calling encryption function from encryption lock using intermediate module;
Ciphering unit, for the function body of function to be protected to be encrypted using the encryption function, generation with it is described
Encryption information corresponding to function body;
Memory cell, the encryption information is stored in encryption lock;
Wherein, the encryption lock includes the interface to be communicated with the target class file.
Further, the function body acquisition module includes:
Function acquiring unit, for obtaining the function to be protected in target class file;
Address acquisition unit, for parsing the file format of the target class file using analytical tool, treated described in acquisition
Protect the initial address and termination address of function;
Function body acquiring unit, for according to the initial address and the termination address, obtaining the function to be protected
Function body.
Fourth aspect, the embodiment of the present invention additionally provide a kind of function decryption device, including:
Object function acquisition module, described in when detecting that object function is run, being obtained in target class file
The function body of object function;
Deciphering module, if for identifying that the function body includes decryption function, in memory space is set, obtain
Encryption information corresponding with the function body is taken, and the encryption information is decrypted using the decryption function, obtains solution
Ciphertext data;
Stub acquisition module, for obtaining the stub matched with the function body, wherein, the stub
Function body in filled with setting placeholder;
Module is run, after the function body of the stub is replaced with into the ciphertext data, runs the counterfoil
Function;
Replacement module, for after the operation result of the stub is preserved, again by the function of the stub
Body replaces with the placeholder.
The embodiment of the present invention constructs decryption function and and function by the way that the function body of function to be protected is encrypted
The stub of body matching, decryption luck line function body are the stub of ciphertext data, after preserving operation result, recover to deposit
The placeholder of radical function.The embodiment of the present invention can make function to be protected only be loaded on internal memory during operation,
Deleted after end of run from internal memory, and function to be protected is not present in class file during function operation, is significantly reduced
The possibility that code is cracked, the purpose of covered code is reached, function code can be avoided to be occurred by the situation of decompiling, had
Improve to effect the security of function code.
Brief description of the drawings
Fig. 1 is a kind of flow chart of function encryption method in the embodiment of the present invention one;
Fig. 2 is a kind of flow chart of function encryption method in the embodiment of the present invention two;
Fig. 3 is a kind of flow chart of function decryption method in the embodiment of the present invention three;
Fig. 4 is a kind of structural representation of function encrypting device in the embodiment of the present invention four;
Fig. 5 is a kind of structural representation of function decryption device in the embodiment of the present invention five.
Embodiment
The present invention is described in further detail with reference to the accompanying drawings and examples.It is understood that this place is retouched
The specific embodiment stated is used only for explaining the present invention, rather than limitation of the invention.It also should be noted that in order to just
Part related to the present invention rather than entire infrastructure are illustrate only in description, accompanying drawing.
Embodiment one
Fig. 1 is a kind of flow chart for function encryption method that the embodiment of the present invention one provides, and the present embodiment is applicable to lead to
Encryption is crossed to enter the situation of line function protection, this method can be performed by a kind of function encrypting device, and the device can use
The mode of software and/or hardware is realized, is typically integrated in application system.
The method of the embodiment of the present invention one specifically includes:
S101, the function body for obtaining function to be protected in target class file.
In a kind of possible design, obtaining the function body of function to be protected in target class file can include:
Obtain the function to be protected in target class file;
The file format of the target class file is parsed using analytical tool, obtains the initial address of the function to be protected
And termination address;
According to the initial address and the termination address, the function body of the function to be protected is determined.
In a kind of possible example, it can use compiler that Java source program codes are compiled as at least one class text
Part, virtual machine load class file as needed, after user's selection target class file, according to target class file, in target class text
The title of function to be protected is inputted in the input frame of part to obtain function to be protected, and/or reads the collection of functions of target class file,
Function to be protected is selected in collection of functions.Analytical tool is used for the file format for parsing target class file, and class file is a kind of 8
The binary stream file of byte, class file include magic number, version number and constant pool, obtain function to be protected in class file
Initial address and termination address, according to initial address and the termination address, obtain the function body of function to be protected.
S102, using encryption function corresponding with function body encryption information is generated, and the encryption information is stored
In setting in memory space.
Specifically, encryption function can be called from setting memory space by intermediate module, treated using encryption function
The function body encryption of protection function, encryption information corresponding to and function body is generated, and encryption information is stored in setting storage sky
Between in.Wherein, intermediate module calls encryption function and the process encrypted using encryption function to function body to be performed in internal memory,
Above-mentioned intermediate module can be SDK, and setting memory space can be dismountable hardware, such as can be to add
The information safety devices such as close lock, encrypted card.
The stub that S103, construction match with the function body, wherein, it is filled with the function body of the stub
Set placeholder.
The stub includes at least one of following features:
The function body equal length of the function body of the stub and the function to be protected;
The parameter type of the stub is identical with the parameter type of the function to be protected;
The return Value Types of the stub are identical with the return Value Types of the function to be protected.
Specifically, constructing stub in class file, the function body of the stub and function to be protected matches, i.e.,
Stub is equal with byte number shared by the function body of function to be protected, and stub is identical with function parameter type to be protected,
Stub is identical with function return value type to be protected.The descriptor of method includes all parameter types and return in class file
Value Types, use corresponding character and string representation.Parameter type can be basic data type, and returning to Value Types can be
Object or basic data type, placeholder or the code of the empty effect of filling are set in the function body of stub.
S104, the decryption function that is matched with the encryption function of construction, and by function to be protected in the target class file
Function body replace with the decryption function.
Specifically, the decryption function that construction matches with encryption function, can decrypt encryption information to obtain by decryption function
Ciphertext data is obtained, stub can also be searched by decryption function, the ciphertext data for making to obtain after decryption is stored to counterfoil letter
Number.Decryption function is stored in the memory space into target class file shared by the function body of function to be protected.
The function encryption method that the embodiment of the present invention one provides, can make function to be protected only during operation
Internal memory is loaded on, is deleted after end of run from internal memory, and function to be protected is not present in class file during function operation,
The possibility that code is cracked is significantly reduced, has reached the purpose of covered code, function code can be avoided by decompiling
Situation occur, effectively improve the security of function code.
Embodiment two
Fig. 2 is a kind of flow chart for function encryption method that the embodiment of the present invention two provides, and the embodiment of the present invention two is with reality
Apply and be optimized based on example one, specifically to generating encryption information corresponding with the function body using encryption function, and
The operation that the encryption information is stored in setting memory space is further optimized, as shown in Fig. 2 the embodiment of the present invention two
Specifically include:
S201, the function body for obtaining function to be protected in target class file.
S202, using intermediate module encryption function is called from encryption lock.
S203, using the encryption function function body of function to be protected is encrypted, generation and the function body pair
The encryption information answered.
S204, the encryption information is stored in encryption lock;Wherein, the encryption lock includes and the target class file
The interface to be communicated.
Specifically, setting memory space can be encryption lock, encryption is called from encryption lock using SDK
Function, the function body of function to be protected is encrypted using encryption function, the process of encryption is carried out in internal memory, is generated and is treated
The encryption information that the function body of protection function matches, and encryption information is stored in encryption lock.Encryption lock can be hardware,
It is removably installed in terminal.Encryption lock can be communicated by interface with target class file and internal memory.
The stub that S205, construction match with the function body, wherein, it is filled with the function body of the stub
Set placeholder.
S206, the decryption function that is matched with the encryption function of construction, and by function to be protected in the target class file
Function body replace with the decryption function.
The embodiment of the present invention two provide a kind of function encryption method, by rebuild function internal logic make it is to be protected
Function is stored in encryption lock, is not present in class file, and also only when running the function, the short time is present in internal memory, lifting
The security of function code.
Embodiment three
A kind of flow chart for function decryption method that Fig. 3 provides for the embodiment of the present invention three, the embodiment of the present invention more than three
State and improvement is optimized based on each embodiment, the present embodiment is applicable to be further illustrated to function decryption process
In the situation of function protection, this method can perform by a kind of function encrypting device, and the device can use software and/or hard
The mode of part is realized, is typically integrated in application system.As shown in figure 3, the method for the embodiment of the present invention three specifically includes:
S301, when detecting that object function is run, the function body of the object function is obtained in target class file.
Specifically, when function to be protected in target class file is run as object function, the letter of object function is obtained
Number body.
If S302, identifying that the function body includes decryption function, in memory space is set, obtain with it is described
Encryption information corresponding to function body, and the encryption information is decrypted using the decryption function, obtain ciphertext data.
Specifically, identifying the decryption function in the function body, if identified successfully, obtain and wait to protect in encryption lock
The encryption information that the function body of shield function matches, encryption information, the ciphertext data after being decrypted are decrypted using decryption function.
The stub that S303, acquisition match with the function body, wherein, it is filled with the function body of the stub
Set placeholder.
S304, after the function body of the stub is replaced with into the ciphertext data, run the stub.
Specifically, stub is obtained according to identification informations such as the address/names of stub by decryption function, and
Ciphertext data is copied in the function body of stub, so that after the setting placeholder filled in replacement function body, execution is deposited
Radical function.
S305, after the operation result of the stub is preserved, the function body of the stub is replaced with again
The placeholder.
Specifically, the function body of stub is cleared up, that is, is used after the operation result of preservation stub in internal memory
The ciphertext data stored in placeholder or the code replacement function body of the empty effect of filling, so that the program code of function to be protected
Internal memory is only operationally loaded on, is deleted after operation.
In the present embodiment, for example, the code of function guard method is as follows:
Input MyClass.cls obtains function to be protected in class file, and run functions are extracted from MyClass.cls
Bytecode, obtain the function body of function to be protected, the function body of run functions be encrypted, and raw in class file
Into stub run1, stub is identical with byte shared by function to be protected, or byte number shared by stub be more than treat
Byte number shared by function is protected, the code filled in stub is only used for occupy-place.Construct the decryption letter matched with encryption function
Number, decryption function is copied in the memory space in target class file shared by the function body of function to be protected, i.e.,:Will
The decrypt member functions of this codec class of DecryptCls are copied in run functions.When performing function to be protected, treating
Protect in the function body of function and obtain decryption function, the encryption information in encryption lock can be decrypted using decryption function,
Ciphertext data is generated, ciphertext data is write into stub, i.e.,:The decode_data of acquisition in code (3) is write
To run1 functions, in run1 functions after the code of write-in cleaning run1 functions, run1 functions, fortune are called in run functions
Row stub, after operation, reduction treatment is carried out to stub.
A kind of function decryption method that the embodiment of the present invention three provides, on the basis of function encryption method, from encryption lock
Middle acquisition encryption information is simultaneously decrypted using decryption function, and ciphertext data is copied in stub and performed, is finished
Afterwards discharge stub space, can concealing program code, effectively prevent program code by decompiling.
Example IV
Fig. 4 is a kind of structural representation of function encrypting device in the embodiment of the present invention four, and the device is applied to function
The situation of protection, the device can be realized by the way of software and/or hardware, typically be integrated in application system.Such as Fig. 4 institutes
Show, device includes:Function body acquisition module 401, encrypting module 402, stub constructing module 403 and decryption function construction
Module 404.
Function body acquisition module 401, for obtaining the function body of function to be protected in target class file;
Encrypting module 402, for generating encryption information corresponding with the function body using encryption function, and described it will add
Confidential information is stored in setting memory space;
Stub constructing module 403, for constructing the stub matched with the function body, wherein, the counterfoil
Filled with setting placeholder in the function body of function;
Decryption function constructing module 404, for constructing the decryption function that is matched with the encryption function, and by the target
The function body of function to be protected replaces with the decryption function in class file.
The embodiment of the present invention can be such that function to be protected is not present in class file, only be present in the process of running interior
In depositing, the possibility that code is cracked is significantly reduced, has reached the purpose of covered code, function code can be avoided anti-
The situation of compiling occurs, and effectively improves the security of function code.
On the basis of above-described embodiment, the stub constructing module 403 includes:
First structural unit, the function body length phase for the function body and the function to be protected of the stub
Deng;
Second structural unit, the parameter type phase for the parameter type and the function to be protected of the stub
Together;
3rd structural unit, the return Value Types for returning to Value Types and the function to be protected for the stub
It is identical.
On the basis of above-described embodiment, the encrypting module 402 includes:
Call unit, for calling encryption function from encryption lock using intermediate module;
Ciphering unit, for the function body of function to be protected to be encrypted using the encryption function, generation with it is described
Encryption information corresponding to function body;
Memory cell, the encryption information is stored in encryption lock;
Wherein, the encryption lock includes the interface to be communicated with the target class file.
On the basis of above-described embodiment, the function body acquisition module 401 includes:
Function acquiring unit, for obtaining the function to be protected in target class file;
Address acquisition unit, for parsing the file format of the target class file using analytical tool, treated described in acquisition
Protect the initial address and termination address of function;
Function body acquiring unit, for according to the initial address and the termination address, obtaining the function to be protected
Function body.
In the present embodiment, by the function body acquiring unit of function body acquisition module, obtain to be protected in target class file
Function, after the form for parsing target class file, the starting of function to be protected in class file is obtained in address acquisition unit
Address and termination address, the function body of function to be protected is obtained according to initial address and termination address in function body acquiring unit.
Using the call unit of encrypting module, encryption function is called from encryption lock, guarantor is treated using encryption function in ciphering unit
The function body of shield function is encrypted, and generates encryption information corresponding to and function body, by memory cell by encryption information
It is stored in encryption lock.It is single by the first construction using the stub of stub constructing module construction and function body matching
Member construction stub, makes the byte length of stub equal with the function body byte length of function to be protected, passes through second
Structural unit constructs stub, makes the parameter type of stub identical with the parameter type of function to be protected, passes through the 3rd
Structural unit constructs stub, makes the return Value Types of stub identical with the return Value Types of function to be protected.Solving
Construct the decryption function that is matched with encryption function in close function construction module, and by the function of function to be protected in target class file
Body replaces with decryption function, i.e., in the original storage space for the function body that decryption function is stored in function to be protected.
The embodiment of the present invention makes the function body of the function to be protected in the absence of unencryption in internal memory, by rebuilding function
Internal logic makes function to be protected be stored in encryption lock, is not present in class file, also the short time only when running the function
It is present in internal memory, reduces function code by the possibility of decompiling.
Embodiment five
Fig. 5 is a kind of structural representation of function decryption device in the embodiment of the present invention five, and the device is applied to function
The situation of protection, the device can be realized by the way of software and/or hardware, typically be integrated in application system.Such as Fig. 5 institutes
Show, device includes:Object function acquisition module 501, deciphering module 502, stub acquisition module 503, operation module 504 with
And replacement module 505.
Object function acquisition module 501, for when detecting that object function is run, institute to be obtained in target class file
State the function body of object function;
Deciphering module 502, if for identifying that the function body includes decryption function, in setting memory space
In, encryption information corresponding with the function body is obtained, and the encryption information is decrypted using the decryption function, obtain
Take ciphertext data;
Stub acquisition module 503, for obtaining the stub matched with the function body, wherein, the counterfoil
Filled with setting placeholder in the function body of function;
Module 504 is run, after the function body of the stub is replaced with into the ciphertext data, is deposited described in operation
Radical function;
Replacement module 505, for after the operation result of the stub is preserved, again by the letter of the stub
Number body replaces with the placeholder.
The embodiment of the present invention can make function to be protected only be loaded on internal memory during operation, be tied in operation
Deleted in Shu Houcong internal memories, and function to be protected is not present in class file during function operation, is significantly reduced code and is broken
The possibility of solution, the purpose of covered code is reached, function code can be avoided to be occurred by the situation of decompiling, effectively lifted
The security of function code.
In the present embodiment, when function to be protected is run as object function, object function acquisition module obtains target
The function body of function, i.e., the function body of function to be protected, the decryption function in recognition function body, by deciphering module, use solution
The encryption information stored in close function pair encryption lock is decrypted, and obtains ciphertext data.Obtained by decryption function in stub
The generation of placeholder or the empty effect of filling is filled according to the address acquisition stub of stub in modulus block, in stub
Code.After ciphertext data is copied into stub, stub is run in module is run, stub is preserved in internal memory
Operation result, the ciphertext data stored in stub is replaced with to generation of placeholder or empty effect by replacement module
Code, reduce the content of stub.
The embodiment of the present invention five provides a kind of function decryption device, can protect function code, by constructing counterfoil letter
Number makes function to be protected only operationally be present in internal memory, is released after operation, reduces what function code was cracked
Possibility.
Function encrypting device provided in an embodiment of the present invention can perform the function encrypting side that any embodiment of the present invention provides
Method, possess the corresponding functional module of execution method and beneficial effect.
Function decryption device provided in an embodiment of the present invention can perform the function decryption side that any embodiment of the present invention provides
Method, possess the corresponding functional module of execution method and beneficial effect.
Pay attention to, above are only presently preferred embodiments of the present invention and institute's application technology principle.It will be appreciated by those skilled in the art that
The invention is not restricted to specific embodiment described here, can carry out for a person skilled in the art various obvious changes,
Readjust and substitute without departing from protection scope of the present invention.Therefore, although being carried out by above example to the present invention
It is described in further detail, but the present invention is not limited only to above example, without departing from the inventive concept, also
Other more equivalent embodiments can be included, and the scope of the present invention is determined by scope of the appended claims.
Claims (10)
- A kind of 1. function encryption method, it is characterised in that including:Obtain the function body of function to be protected in target class file;Encryption information corresponding with the function body is generated using encryption function, and the encryption information is stored in setting storage In space;The stub matched with the function body is constructed, wherein, filled with setting occupy-place in the function body of the stub Symbol;The decryption function matched with the encryption function is constructed, and the function body of function to be protected in the target class file is replaced It is changed to the decryption function.
- 2. according to the method for claim 1, it is characterised in that the stub includes at least one of following features:The function body equal length of the function body of the stub and the function to be protected;The parameter type of the stub is identical with the parameter type of the function to be protected;The return Value Types of the stub are identical with the return Value Types of the function to be protected.
- 3. according to the method for claim 1, it is characterised in that add using encryption function generation is corresponding with the function body Confidential information, and the encryption information is stored in setting memory space, including:Encryption function is called from encryption lock using intermediate module;The function body of function to be protected is encrypted using the encryption function, generates encryption letter corresponding with the function body Breath;The encryption information is stored in encryption lock;Wherein, the encryption lock includes the interface to be communicated with the target class file.
- 4. according to the method described in claim any one of 1-3, it is characterised in that obtain function to be protected in target class file Function body, including:Obtain the function to be protected in target class file;The file format of the target class file is parsed using analytical tool, obtains initial address and the end of the function to be protected Only address;According to the initial address and the termination address, the function body of the acquisition function to be protected.
- A kind of 5. function decryption method, it is characterised in that including:When detecting that object function is run, the function body of the object function is obtained in target class file;If identifying that the function body includes decryption function, in memory space is set, obtain and the function body pair The encryption information answered, and the encryption information is decrypted using the decryption function, obtain ciphertext data;The stub matched with the function body is obtained, wherein, filled with setting occupy-place in the function body of the stub Symbol;After the function body of the stub is replaced with into the ciphertext data, the stub is run;After the operation result of the stub is preserved, the function body of the stub is replaced with into the occupy-place again Symbol.
- A kind of 6. function encrypting device, it is characterised in that including:Function body acquisition module, for obtaining the function body of function to be protected in target class file;Encrypting module, for generating corresponding with function body encryption information using encryption function, and by the encryption information It is stored in setting memory space;Stub constructing module, for constructing the stub matched with the function body, wherein, the letter of the stub Filled with setting placeholder in number body;Decryption function constructing module, for constructing the decryption function that is matched with the encryption function, and by the target class file In the function body of function to be protected replace with the decryption function.
- 7. device according to claim 6, it is characterised in that the stub constructing module includes:First structural unit, the function body equal length for the function body and the function to be protected of the stub;Second structural unit, the parameter type for the stub are identical with the parameter type of the function to be protected;3rd structural unit, the return Value Types phase for the return Value Types and the function to be protected of the stub Together.
- 8. device according to claim 6, it is characterised in that the encrypting module includes:Call unit, for calling encryption function from encryption lock using intermediate module;Ciphering unit, for the function body of function to be protected to be encrypted using the encryption function, generation and the function Encryption information corresponding to body;Memory cell, the encryption information is stored in encryption lock;Wherein, the encryption lock includes the interface to be communicated with the target class file.
- 9. according to the device described in claim any one of 6-8, it is characterised in that the function body acquisition module includes:Function acquiring unit, for obtaining the function to be protected in target class file;Address acquisition unit, for parsing the file format of the target class file using analytical tool, obtain described to be protected The initial address and termination address of function;Function body acquiring unit, for according to the initial address and the termination address, the letter of the acquisition function to be protected Number body.
- A kind of 10. function decryption device, it is characterised in that including:Object function acquisition module, for when detecting that object function is run, the target to be obtained in target class file The function body of function;Deciphering module, if for identifying that the function body includes decryption function, in memory space is set, obtain with Encryption information corresponding to the function body, and the encryption information is decrypted using the decryption function, obtain decryption number According to;Stub acquisition module, for obtaining the stub matched with the function body, wherein, the letter of the stub Filled with setting placeholder in number body;Module is run, after the function body of the stub is replaced with into the ciphertext data, runs the stub;Replacement module, for after the operation result of the stub is preserved, again replacing the function body of the stub It is changed to the placeholder.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710581056.4A CN107391973A (en) | 2017-07-17 | 2017-07-17 | A kind of function guard method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710581056.4A CN107391973A (en) | 2017-07-17 | 2017-07-17 | A kind of function guard method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107391973A true CN107391973A (en) | 2017-11-24 |
Family
ID=60340305
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710581056.4A Pending CN107391973A (en) | 2017-07-17 | 2017-07-17 | A kind of function guard method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107391973A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109033763A (en) * | 2018-08-01 | 2018-12-18 | 苏州浪潮智能软件有限公司 | A kind of program encryption method, apparatus, readable medium and storage control |
| CN110147238A (en) * | 2019-05-29 | 2019-08-20 | 中国人民解放军战略支援部队信息工程大学 | A kind of program compiling method, apparatus and system |
| CN111544893A (en) * | 2020-04-30 | 2020-08-18 | 福建天晴在线互动科技有限公司 | Reinforcing method and system for preventing code flow from being forged in game |
| CN112906904A (en) * | 2021-02-03 | 2021-06-04 | 华控清交信息科技(北京)有限公司 | Data processing method and device and data processing device |
| WO2023016481A1 (en) * | 2021-08-13 | 2023-02-16 | 华为技术有限公司 | Data processing method and related apparatus |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20100066292A (en) * | 2008-12-08 | 2010-06-17 | 한국전자통신연구원 | Method for generating and processing hierarchical pes packet for digital satellite broadcasting based on svc video |
| CN102708322A (en) * | 2012-05-12 | 2012-10-03 | 北京深思洛克软件技术股份有限公司 | Method for protecting JAVA application programs in Android system |
| CN103218549A (en) * | 2012-01-19 | 2013-07-24 | 阿里巴巴集团控股有限公司 | Method and device for encrypting and decrypting Java source code |
| CN104298932A (en) * | 2014-10-27 | 2015-01-21 | 中国建设银行股份有限公司 | Method and device for calling SO file |
| CN104321782A (en) * | 2012-03-30 | 2015-01-28 | 爱迪德加拿大公司 | Secured execution of a web application |
| CN104539417A (en) * | 2015-01-12 | 2015-04-22 | 浪潮(北京)电子信息产业有限公司 | Encryption device based on stream ciphers |
| CN105144189A (en) * | 2012-12-07 | 2015-12-09 | 微软技术许可有限责任公司 | Secure cloud database platform |
| CN105743640A (en) * | 2016-01-22 | 2016-07-06 | 广州御银科技股份有限公司 | Key protection module |
-
2017
- 2017-07-17 CN CN201710581056.4A patent/CN107391973A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20100066292A (en) * | 2008-12-08 | 2010-06-17 | 한국전자통신연구원 | Method for generating and processing hierarchical pes packet for digital satellite broadcasting based on svc video |
| CN103218549A (en) * | 2012-01-19 | 2013-07-24 | 阿里巴巴集团控股有限公司 | Method and device for encrypting and decrypting Java source code |
| CN104321782A (en) * | 2012-03-30 | 2015-01-28 | 爱迪德加拿大公司 | Secured execution of a web application |
| CN102708322A (en) * | 2012-05-12 | 2012-10-03 | 北京深思洛克软件技术股份有限公司 | Method for protecting JAVA application programs in Android system |
| CN105144189A (en) * | 2012-12-07 | 2015-12-09 | 微软技术许可有限责任公司 | Secure cloud database platform |
| CN104298932A (en) * | 2014-10-27 | 2015-01-21 | 中国建设银行股份有限公司 | Method and device for calling SO file |
| CN104539417A (en) * | 2015-01-12 | 2015-04-22 | 浪潮(北京)电子信息产业有限公司 | Encryption device based on stream ciphers |
| CN105743640A (en) * | 2016-01-22 | 2016-07-06 | 广州御银科技股份有限公司 | Key protection module |
Non-Patent Citations (1)
| Title |
|---|
| 许伯桐等: "《现代企业知识产权保护》", 31 January 2007 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109033763A (en) * | 2018-08-01 | 2018-12-18 | 苏州浪潮智能软件有限公司 | A kind of program encryption method, apparatus, readable medium and storage control |
| CN110147238A (en) * | 2019-05-29 | 2019-08-20 | 中国人民解放军战略支援部队信息工程大学 | A kind of program compiling method, apparatus and system |
| CN110147238B (en) * | 2019-05-29 | 2022-11-11 | 中国人民解放军战略支援部队信息工程大学 | Program compiling method, device and system |
| CN111544893A (en) * | 2020-04-30 | 2020-08-18 | 福建天晴在线互动科技有限公司 | Reinforcing method and system for preventing code flow from being forged in game |
| CN111544893B (en) * | 2020-04-30 | 2023-09-01 | 福建天晴在线互动科技有限公司 | Reinforcing method and system for preventing code flow forging based on game |
| CN112906904A (en) * | 2021-02-03 | 2021-06-04 | 华控清交信息科技(北京)有限公司 | Data processing method and device and data processing device |
| CN112906904B (en) * | 2021-02-03 | 2024-03-26 | 华控清交信息科技(北京)有限公司 | Data processing method and device for data processing |
| WO2023016481A1 (en) * | 2021-08-13 | 2023-02-16 | 华为技术有限公司 | Data processing method and related apparatus |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107391973A (en) | A kind of function guard method and device | |
| CN102890758B (en) | Method and system for protecting executable file | |
| CN104463002B (en) | A kind of method and apparatus of reinforcing APK and APK reinforce client and server | |
| CN106599628B (en) | A kind of Python byte code files guard method based on module hook | |
| US8589897B2 (en) | System and method for branch extraction obfuscation | |
| US9602289B2 (en) | Steganographic embedding of executable code | |
| CN109918917B (en) | Method, computer device and storage medium for preventing leakage of H5 source code | |
| CN106203006A (en) | Android application reinforcement means based on dex Yu so file Dynamic Execution | |
| US20070256061A1 (en) | System and method for obfuscation of reverse compiled computer code | |
| CN107908933A (en) | A kind of character string encryption method based on intermediate language | |
| CN106650327A (en) | so file dynamic recovery-based Android application reinforcement method | |
| WO2007017856A1 (en) | Method for preventing software reverse engineering, unauthorized modification, and runtime data interception | |
| KR101234591B1 (en) | Method for Anti-Encoding Android by Using Java Native Interface | |
| CN104919750A (en) | Computing device configured with a table network | |
| CN105074712A (en) | Code processing device and program | |
| US10867017B2 (en) | Apparatus and method of providing security and apparatus and method of executing security for common intermediate language | |
| EP1717723A1 (en) | Improved virtual machine or hardware processor for IC-card portable electronic devices | |
| CN108399319A (en) | Source code guard method, application server and computer readable storage medium | |
| US10331896B2 (en) | Method of protecting secret data when used in a cryptographic algorithm | |
| CN112052433A (en) | Virtual protection method, terminal and storage medium for Jar file | |
| US20200074077A1 (en) | Method for Providing a Security-Critical Software Application on a Computer Unit | |
| CN107220528A (en) | The protection of java applet and operation method, device and terminal | |
| CN113626773B (en) | Code protection method based on intermediate language | |
| CN112434266A (en) | Shell code control flow flattening confusion method | |
| CN109992974A (en) | Guard method, equipment and the readable storage medium storing program for executing of Virtual Machine bytecodes file |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171124 |