CN108259479A - Business data processing method, client and computer readable storage medium - Google Patents

Business data processing method, client and computer readable storage medium Download PDF

Info

Publication number
CN108259479A
CN108259479A CN201711498312.XA CN201711498312A CN108259479A CN 108259479 A CN108259479 A CN 108259479A CN 201711498312 A CN201711498312 A CN 201711498312A CN 108259479 A CN108259479 A CN 108259479A
Authority
CN
China
Prior art keywords
application program
ndk
shared libraries
data processing
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711498312.XA
Other languages
Chinese (zh)
Other versions
CN108259479B (en
Inventor
陈细帮
国兴旺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GUANGZHOU QISHENG INFORMATION TECHNOLOGY CO LTD
Original Assignee
GUANGZHOU QISHENG INFORMATION TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GUANGZHOU QISHENG INFORMATION TECHNOLOGY CO LTD filed Critical GUANGZHOU QISHENG INFORMATION TECHNOLOGY CO LTD
Priority to CN201711498312.XA priority Critical patent/CN108259479B/en
Publication of CN108259479A publication Critical patent/CN108259479A/en
Application granted granted Critical
Publication of CN108259479B publication Critical patent/CN108259479B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

An embodiment of the present invention provides a kind of business data processing method, client and computer readable storage medium, the business datum got is passed to NDK shared libraries by method including application program by program language compatibility interface;NDK shared libraries verify the signing certificate of the application program after the business datum is received;NDK shared libraries generate the first signature parameter according to the business datum and the key being stored in the NDK shared libraries and return to the application program after the signing certificate to the application program is proved to be successful;Application program sends business data processing to server by network request interface and asks;The embodiment of the present invention improves the difficulty that key is stolen with communication encryption algorithm by decompiling, enhances the communication security between application program and server;It needs to be authenticated the signing certificate of application program when calling NDK shared libraries simultaneously, prevents NDK shared libraries from being directly invoked by other applications, and prevent application program from being distorted by secondary packing.

Description

Business data processing method, client and computer readable storage medium
Technical field
It can the present invention relates to a kind of software technology field more particularly to business data processing method, client and computer Read storage medium.
Background technology
Grey black production in the country's is very flourishing at present, increasingly industrial chain.Someone's ad hoc analysis APP (application program) communications association View, carries out machine simulation, and data are forged.For example brush list, releasing advertisements etc. significantly destroy the ecological malicious act of APP.If Android APP programs do not do any protection, it is easy to carry out static and dynamic state by third party, directly take interface communication Key and communication algorithm is cracked, and puppet is produced and seems normal malicious requests.
Invention content
It, can be with the purpose of the present invention is to propose to a kind of business data processing method, device and computer readable storage medium The difficulty that key is stolen with communication encryption algorithm by decompiling is improved, prevents the business data processing request of malice, enhancing Communication security between application program and server.
To achieve the above object, on the one hand the embodiment of the present invention provides a kind of business data processing method, including:
Business data processing method, which is characterized in that including:
The business datum got is passed to NDK shared libraries by application program by program language compatibility interface;
NDK shared libraries verify the signing certificate of the application program after the business datum is received;
NDK shared libraries according to the business datum and are deposited after the signing certificate to the application program is proved to be successful The key in the NDK shared libraries is stored up to generate the first signature parameter and return to the application program;
Application program sends business data processing to server by network request interface and asks;The business data processing Request carries the business datum and first signature parameter;The business data processing asks to trigger the service Device verify first signature parameter and the business datum entrained to business data processing request when being proved to be successful into Row business logic processing is to obtain corresponding service processing result data;
Wherein described application program is configured with the NDK shared libraries in same client.
Preferably, the NDK shared libraries after the business datum is received to the signing certificate of the application program into Row verification, including:
Method of the NDK shared libraries by calling Android SDK obtains the spy of the signing certificate of the application program Value indicative is simultaneously compared with the characteristic value of the signing certificate of official;
When the characteristic value of the signing certificate of the application program is consistent with the characteristic value of the signing certificate of official, the NDK Shared library judgement is proved to be successful the signing certificate of the application program;Otherwise judge the signing certificate for the application program It verifies unsuccessful.
Preferably, method of the NDK shared libraries by calling Android SDK obtains the signature of the application program The characteristic value of certificate is simultaneously compared with the characteristic value of the signing certificate of official, specially:
PackgeManager pairs in method call client of the NDK shared libraries by calling Android SDK As according to information in the packet that the application program is obtained in PackgeManager objects described in the Bao Mingcong of the application program And the characteristic value of the signing certificate of the application program is obtained in information out of described packet.
Preferably, the main body development language of the application program is JAVA;Described program language compatibility interface connects for JNI Mouthful.
Preferably, the NDK shared libraries are after the signing certificate to the application program is proved to be successful, according to the business Data and the key being stored in the NDK shared libraries generate the first signature parameter and return to the application program, including:
The NDK shared libraries are after the signing certificate to the application program is proved to be successful, in the business datum Parameters sort according to dictionary, and the parameter after sequence is spliced into the first character string;
The key that the NDK shared libraries calling prestores;
First character string and the key are spliced into the second character string by the NDK shared libraries;
The NDK shared libraries calculate the cryptographic Hash of second character string, using the cryptographic Hash being calculated as described the One signature parameter.
Preferably, the key is stored in after piecemeal and transcoding in the NDK shared libraries in advance;
The key that the NDK shared libraries calling prestores, including:
The key piecemeal that the NDK shared libraries acquisition prestores;
The NDK shared libraries obtain the key according to the key piecemeal.
Preferably, the business data processing request also includes the channel ID of the application program;
The business data processing request is specifically used for the triggering server and is looked into according to the channel ID of the application program It looks for the key and is signed according to the key and the service parameter according to NDK shared libraries generation described first The identical method of parameter generates the second signature parameter and compares first signature parameter and second signature parameter, when Business logic processing is carried out to obtain corresponding service processing result data and feed back according to the business datum when the two is consistent To the client where the application program, when the two is inconsistent to the client feedback data unexpected message.
Preferably, the method further includes:
The application program receives service processing result data or the data exception message that the server feedback is returned, And perform subsequent processing according to the service processing result data or the data exception message
Second aspect of the embodiment of the present invention provides a kind of client, including processor, memory and is stored in described deposit In reservoir and the computer program performed by the processor is configured as, the processor performs real during the computer program Existing above-mentioned business data processing method.
The third aspect of the embodiment of the present invention provides a kind of computer readable storage medium, the computer readable storage medium Computer program including storage, wherein, the computer readable storage medium institute is controlled when the computer program is run Above-mentioned business data processing method is performed in equipment.
Compared with the prior art, the advantageous effect of the embodiment of the present invention is:An embodiment of the present invention provides a kind of business Data processing method, client and computer readable storage medium, method pass through program language compatibility interface including application program The business datum got is passed to NDK shared libraries;NDK shared libraries are after the business datum is received to the application program Signing certificate verified;NDK shared libraries are after the signing certificate to the application program is proved to be successful, according to the business Data and the key being stored in the NDK shared libraries generate the first signature parameter and return to the application program;Using Program sends business data processing to server by network request interface and asks;The business data processing request carries State business datum and first signature parameter;Business data processing request is for triggering described in the server authentication the At one signature parameter and the business datum progress service logic entrained to business data processing request when being proved to be successful It manages to obtain corresponding service processing result data.The embodiment of the present invention will be for the key of the first signature parameter of generation and life Method into the first signature parameter is stored in NDK shared libraries, is generated by the NDK shared libraries according to the key First signature parameter simultaneously returns to application program, and what is obtained in decompiling due to NDK shared libraries is assembler language so that it is difficult to By decompiling obtain the key and generate the first signature parameter method, prevent application code by ApkTool, The direct decompiling of the tools such as Jadx is simultaneously revealed, therefore improves the difficulty that key is stolen with communication encryption algorithm by decompiling, is prevented There is the business data processing request of malice, enhance the communication security between application program and server;NDK is being called to be total to simultaneously It needs to be authenticated the signing certificate of application program when enjoying library, prevents NDK shared libraries from being directly invoked by other applications, and Prevent application program from being distorted by secondary packing.
Description of the drawings
Fig. 1 is a kind of flow diagram of business data processing method provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, those of ordinary skill in the art are obtained every other without creative efforts Embodiment shall fall within the protection scope of the present invention.
Referring to Fig. 1, it is a kind of flow diagram of business data processing method provided in an embodiment of the present invention.It is described Method includes:
The business datum got is passed to NDK shared libraries by S1, application program by program language compatibility interface;
S2, NDK shared library verify the signing certificate of the application program after the business datum is received;
S3, NDK shared library after the signing certificate to the application program is proved to be successful, according to the business datum and The key being stored in the NDK shared libraries generates the first signature parameter and returns to the application program;
S4, application program send business data processing to server by network request interface and ask;The business datum Processing request carries the business datum and first signature parameter;The business data processing request is described for triggering First signature parameter described in server authentication and the business number entrained to business data processing request when being proved to be successful According to carrying out business logic processing to obtain corresponding service processing result data;Wherein described application program is shared with the NDK Library is configured in same client.
It should be noted that although above-mentioned steps S1~S4 is there are two executive agent, due to the application program with it is described NDK shared libraries are configured in same client, it is to be understood that the computer program for the different piece by the client To realize.
NDK:I.e. Native Development Kit, Android program are operated in Dalvik virtual machine, and NDK allows User uses the primary code language execution part program of similar C/C++ etc.After the compiling of NDK programs, in different CPU architectures Under, it generates corresponding so files, forms NDK shared libraries, it is dynamic link library under Linux platform that NDK, which shares,.
Dalvik is the virtual machine that Google companies oneself are designed for Android platform.Dalvik virtual machine is One of core component of Android mobility devices of the manufacturers such as Google cooperative development, it can support to have converted The operation of JAVA application programs for .dex (i.e. Dalvik Executable) form, each Dalvik are applied as one Independent Linux processes perform.
In the prior art, the method for generating the key of the first signature parameter and generating the first signature parameter is deposited Storage is in former application program, it is easy to be obtained by decompiling, safety is relatively low, and the embodiment of the present invention will be used for the first label of generation Name parameter key and generate the first signature parameter method be stored in NDK shared libraries, by the NDK shared libraries come It generates the first signature parameter according to the key and returns to application program, obtained due to NDK shared libraries in decompiling It is assembler language so that it is difficult to obtain the key and the method for generating the first signature parameter by decompiling, prevent from applying Program code is by the direct decompiling of the tools such as ApkTool, Jadx and reveals, therefore improves key and compiled with communication encryption algorithm by counter The difficulty stolen is translated, prevents the business data processing request of malice, the communication enhanced between application program and server is pacified Entirely;It needs to be authenticated the signing certificate of application program when calling NDK shared libraries simultaneously, prevents NDK shared libraries by other Application program directly invokes, and prevents application program from being distorted by secondary packing.
Wherein, application signature refers to:In equipment either simulator before operation APP programs, it is necessary to for application Program setting digital signature (keystore).The program not being signed, system cannot be installed.Application signature meaning master If in order to ensure the legal ID of each application developers, prevent third party from being replaced by using identical packet name to obscure Program through installation.Signature unique need to be carried out to the APK file of publication, and ensures the consistent of the version signing certificate issued every time Property, it otherwise can not replace update.
Secondary packing refers to also referred to as be packaged again, refer to application program program code changed after (as add in malice or Log code), then repacked into secondary.Note:During secondary packing, because interpolater does not have the keystore certificates of genuine quotient, at this time Application signature information after signature is packaged can change.
In alternative embodiments, the main body development language of the application program is JAVA;Described program language is compatible with Interface is JNI interfaces.JNI is the abbreviation of JAVA Native Interface, it provide several API realize JAVA and The communication (mainly C/C++) of other language.Since JAVA1.1, JNI standards become a part for JAVA platforms, it allows The code that JAVA codes and other language are write interacts.JNI interfaces are used to that the NDK to be called to share in embodiments of the present invention Library.
In a kind of optional embodiment, the NDK shared libraries described in step S2 are right after the business datum is received The signing certificate of the application program verified, including:
Method of the NDK shared libraries by calling Android SDK obtains the spy of the signing certificate of the application program Value indicative is simultaneously compared with the characteristic value of the signing certificate of official;
When the characteristic value of the signing certificate of the application program is consistent with the characteristic value of the signing certificate of official, the NDK Shared library judgement is proved to be successful the signing certificate of the application program;Otherwise judge the signing certificate for the application program It verifies unsuccessful.
Smali is the register language of Dalvik, its relationship with JAVA, be equivalent to compilation in C.When we are to APK After file carries out decompiling, such file will be generated.
More specifically, method of the NDK shared libraries by calling Android SDK, the label of the application program are obtained The characteristic value of name certificate is simultaneously compared with the characteristic value of the signing certificate of official, specially:
PackgeManager pairs in method call client of the NDK shared libraries by calling Android SDK As according to information in the packet that the application program is obtained in PackgeManager objects described in the Bao Mingcong of the application program And the characteristic value of the signing certificate of the application program is obtained in information out of described packet.
Wherein, information is stored in PackgeManager objects in the packet of each application program of client, Mei Geying The characteristic value of corresponding signing certificate is included with information in the packet of program.
In a kind of optional embodiment, the NDK shared libraries described in step S3 are in the signature card to the application program After book is proved to be successful, the first signature parameter is generated according to the business datum and the key being stored in the NDK shared libraries And the application program is returned to, including:
The NDK shared libraries are after the signing certificate to the application program is proved to be successful, in the business datum Parameters sort according to dictionary, and the parameter after sequence is spliced into the first character string;
The key that the NDK shared libraries calling prestores;
First character string and the key are spliced into the second character string by the NDK shared libraries;
The NDK shared libraries calculate the cryptographic Hash of second character string, using the cryptographic Hash being calculated as described the One signature parameter.
It should be noted that only it is that the NDK shared libraries generate first according to the business datum and the key herein The one of which method of signature parameter, other similar generating modes are also optional.
In a kind of optional embodiment, the key is stored in the NDK shared libraries after piecemeal and transcoding in advance In;
The key that the NDK shared libraries calling prestores, including:
The key piecemeal that the NDK shared libraries acquisition prestores;
The NDK shared libraries obtain the key according to the key piecemeal.
In a kind of optional embodiment, the business data processing request also includes the channel of the application program ID;
The business data processing request is specifically used for the triggering server and is looked into according to the channel ID of the application program It looks for the key and is signed according to the key and the service parameter according to NDK shared libraries generation described first The identical method of parameter generates the second signature parameter and compares first signature parameter and second signature parameter, when Business logic processing is carried out to obtain corresponding service processing result data and feed back according to the business datum when the two is consistent To the client where the application program, when the two is inconsistent to the client feedback data unexpected message.
It should be noted that each channel ID has unique key, the key for being stored in NDK shared libraries is the service Device is distributed previously according to the channel ID of the application program;The server can be according to the channel ID and difference received The relationship of channel ID and key search the key corresponding to the channel ID received.
Since the method for the first signature parameter and the generation of the second signature parameter is the same, if the two differs, say The entrained business datum of the bright business data processing request is usurped with the business datum that original application program is got Change, at this time should feedback data unexpected message report an error.
In a kind of optional embodiment, the method further includes:
The application program receives service processing result data or the data exception message that the server feedback is returned, And perform subsequent processing according to the service processing result data or the data exception message.
For example, it carries out display processing according to service processing result data and application program is carried out according to data exception message Sudden strain of a muscle move back processing.
Correspondingly, the embodiment of the present invention additionally provides a kind of client, including processor, memory and is stored in described In memory and the computer program performed by the processor is configured as, when the processor performs the computer program Realize the step in above-mentioned business data processing method embodiment, such as step S1~S4 shown in FIG. 1.
Illustratively, the computer program can be divided into one or more module/units, one or more A module/unit is stored in the memory, and is performed by the processor, to complete the present invention.It is one or more A module/unit can be the series of computation machine program instruction section that can complete specific function, which is used to describe institute State implementation procedure of the computer program in the client.
The client can be the computing devices such as desktop PC, notebook, palm PC and cloud server.Institute Stating client may include, but be not limited only to, processor, memory.
Alleged processor can be central processing unit (Central Processing Unit, CPU), can also be it His general processor, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field- Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic, Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor Deng the processor is the control centre of the client, utilizes various interfaces and each portion of the entire client of connection Point.
The memory can be used for storing the computer program and/or module, and the processor is by running or performing The computer program and/or module that are stored in the memory and the data being stored in memory are called, described in realization The various functions of client.The memory can mainly include storing program area and storage data field, wherein, storing program area can Application program (such as sound-playing function, image player function etc.) needed for storage program area, at least one function etc.;It deposits Storage data field can be stored uses created data (such as audio data, phone directory etc.) etc. according to mobile phone.In addition, memory It can include high-speed random access memory, nonvolatile memory, such as hard disk, memory, plug-in type hard disk can also be included, Intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card), at least one disk memory, flush memory device or other volatile solid-state parts.
Wherein, if module/unit that the client integrates is realized in the form of SFU software functional unit and as independently Product sale or in use, can be stored in a computer readable storage medium.
Correspondingly, the embodiment of the present invention also provides a kind of computer readable storage medium, the computer-readable storage medium Matter includes the computer program of storage, wherein, control the computer readable storage medium when the computer program is run Place equipment performs the step in above-mentioned business data processing method embodiment, such as step S1~S4 shown in FIG. 1.
Based on such understanding, the present invention realizes all or part of flow in above-described embodiment method, can also pass through Computer program is completed to instruct relevant hardware, and the computer program can be stored in a computer readable storage medium In, the computer program is when being executed by processor, it can be achieved that the step of above-mentioned each embodiment of the method.Wherein, the calculating Machine program includes computer program code, and the computer program code can be source code form, object identification code form, can hold Style of writing part or certain intermediate forms etc..The computer-readable medium can include:The computer program code can be carried Any entity or device, recording medium, USB flash disk, mobile hard disk, magnetic disc, CD, computer storage, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunications letter Number and software distribution medium etc..It should be noted that the content that the computer-readable medium includes can be managed according to the administration of justice Local legislation and the requirement of patent practice carry out appropriate increase and decrease, such as in certain jurisdictions, according to legislation and patent Practice, computer-readable medium do not include electric carrier signal and telecommunication signal.
Compared with the prior art, the advantageous effect of the embodiment of the present invention is:An embodiment of the present invention provides a kind of business Data processing method, client and computer readable storage medium, method pass through program language compatibility interface including application program The business datum got is passed to NDK shared libraries;NDK shared libraries are after the business datum is received to the application program Signing certificate verified;NDK shared libraries are after the signing certificate to the application program is proved to be successful, according to the business Data and the key being stored in the NDK shared libraries generate the first signature parameter and return to the application program;Using Program sends business data processing to server by network request interface and asks;The business data processing request carries State business datum and first signature parameter;Business data processing request is for triggering described in the server authentication the At one signature parameter and the business datum progress service logic entrained to business data processing request when being proved to be successful It manages to obtain corresponding service processing result data.The embodiment of the present invention will be for the key of the first signature parameter of generation and life Method into the first signature parameter is stored in NDK shared libraries, is generated by the NDK shared libraries according to the key First signature parameter simultaneously returns to application program, and what is obtained in decompiling due to NDK shared libraries is assembler language so that it is difficult to By decompiling obtain the key and generate the first signature parameter method, prevent application code by ApkTool, The direct decompiling of the tools such as Jadx is simultaneously revealed, therefore improves the difficulty that key is stolen with communication encryption algorithm by decompiling, is prevented There is the business data processing request of malice, enhance the communication security between application program and server;NDK is being called to be total to simultaneously It needs to be authenticated the signing certificate of application program when enjoying library, prevents NDK shared libraries from being directly invoked by other applications, and Prevent application program from being distorted by secondary packing.
One of ordinary skill in the art will appreciate that realizing all or part of flow in above-described embodiment method, being can be with Relevant hardware is instructed to complete by computer program, the program can be stored in a computer read/write memory medium In, the program is when being executed, it may include such as the flow of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access Memory, RAM) etc..
The above is the preferred embodiment of the present invention, it is noted that for those skilled in the art For, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also considered as Protection scope of the present invention.

Claims (10)

1. a kind of business data processing method, which is characterized in that including:
The business datum got is passed to NDK shared libraries by application program by program language compatibility interface;
NDK shared libraries verify the signing certificate of the application program after the business datum is received;
NDK shared libraries according to the business datum and are stored in after the signing certificate to the application program is proved to be successful Key in the NDK shared libraries generates the first signature parameter and returns to the application program;
Application program sends business data processing to server by network request interface and asks;The business data processing request Carry the business datum and first signature parameter;The business data processing request is tested for triggering the server It demonstrate,proves first signature parameter and entrained business datum is asked into industry to the business data processing when being proved to be successful Business logical process is to obtain corresponding service processing result data;
Wherein described application program is configured with the NDK shared libraries in same client.
2. business data processing method as described in claim 1, which is characterized in that the NDK shared libraries receive it is described The signing certificate of the application program is verified after business datum, including:
Method of the NDK shared libraries by calling Android SDK obtains the characteristic value of the signing certificate of the application program And it is compared with the characteristic value of the signing certificate of official;
When the characteristic value of the signing certificate of the application program is consistent with the characteristic value of the signing certificate of official, the NDK shares Library judgement is proved to be successful the signing certificate of the application program;Otherwise judge the signing certificate verification for the application program It is unsuccessful.
3. business data processing method as claimed in claim 2, which is characterized in that the NDK shared libraries pass through calling The method of Android SDK, obtain the signing certificate of the application program characteristic value and with the feature of the signing certificate of official Value is compared, specially:
PackgeManager objects in method call client of the NDK shared libraries by calling Android SDK, root According to information in the packet that the application program is obtained in PackgeManager objects described in the Bao Mingcong of the application program and from institute State the characteristic value for the signing certificate for obtaining the application program in packet in information.
4. business data processing method as claimed in claim 3, which is characterized in that the main body development language of the application program For JAVA;Described program language compatibility interface is JNI interfaces.
5. business data processing method as described in claim 1, which is characterized in that the NDK shared libraries are to the application After the signing certificate of program is proved to be successful, generated according to the business datum and the key being stored in the NDK shared libraries First signature parameter simultaneously returns to the application program, including:
The NDK shared libraries are after the signing certificate to the application program is proved to be successful, to each in the business datum Parameter sorts according to dictionary, and the parameter after sequence is spliced into the first character string;
The key that the NDK shared libraries calling prestores;
First character string and the key are spliced into the second character string by the NDK shared libraries;
The NDK shared libraries calculate the cryptographic Hash of second character string, using the cryptographic Hash being calculated as the described first label Name parameter.
6. business data processing method as claimed in claim 5, which is characterized in that the key is in advance by after piecemeal and transcoding It is stored in the NDK shared libraries;
The key that the NDK shared libraries calling prestores, including:
The key piecemeal that the NDK shared libraries acquisition prestores;
The NDK shared libraries obtain the key according to the key piecemeal.
7. business data processing method as claimed in claim 5, which is characterized in that the business data processing request also includes The channel ID of the application program;
The business data processing request is specifically used for triggering the server according to the channel ID of application program lookups institute It states key and first signature parameter is generated according to the NDK shared libraries according to the key and the service parameter Identical method generates the second signature parameter and compares first signature parameter and second signature parameter, works as the two Business logic processing is carried out to obtain corresponding service processing result data and feed back to institute according to the business datum when consistent The client where application program is stated, when the two is inconsistent to the client feedback data unexpected message.
8. business data processing method as claimed in claim 7, which is characterized in that the method further includes:
The application program receives service processing result data or the data exception message that the server feedback is returned, and root Subsequent processing is performed according to the service processing result data or the data exception message.
9. a kind of client, including processor, memory and it is stored in the memory and is configured as by the processing The computer program that device performs, the processor are realized when performing the computer program such as any one in claim 1 to 8 The business data processing method.
10. a kind of computer readable storage medium, which is characterized in that the computer readable storage medium includes the calculating of storage Machine program, wherein, equipment where controlling the computer readable storage medium when the computer program is run is performed as weighed Profit requires the business data processing method described in any one in 1 to 8.
CN201711498312.XA 2017-12-28 2017-12-28 Business data processing method, client and computer readable storage medium Active CN108259479B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711498312.XA CN108259479B (en) 2017-12-28 2017-12-28 Business data processing method, client and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711498312.XA CN108259479B (en) 2017-12-28 2017-12-28 Business data processing method, client and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN108259479A true CN108259479A (en) 2018-07-06
CN108259479B CN108259479B (en) 2021-05-11

Family

ID=62725631

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711498312.XA Active CN108259479B (en) 2017-12-28 2017-12-28 Business data processing method, client and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN108259479B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525454A (en) * 2018-11-06 2019-03-26 北京网众共创科技有限公司 Data processing method and device
CN110046479A (en) * 2019-03-21 2019-07-23 腾讯科技(深圳)有限公司 A kind of chained library file reverse adjustment method and device based on Android operation system
CN110162415A (en) * 2019-05-05 2019-08-23 腾讯科技(深圳)有限公司 For handling method, server, device and the storage medium of request of data
CN111049897A (en) * 2019-12-10 2020-04-21 北京百度网讯科技有限公司 Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package
CN113609501A (en) * 2021-08-05 2021-11-05 广州南洋理工职业学院 Anti-crawler method and system based on asymmetric secondary encryption
CN113742668A (en) * 2021-08-17 2021-12-03 深圳Tcl新技术有限公司 Information acquisition method and device, computer equipment and computer readable storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104935568A (en) * 2015-04-20 2015-09-23 成都康赛信息技术有限公司 Interface authentication signature method facing cloud platform
US20150372821A1 (en) * 2014-06-20 2015-12-24 Bmc Software, Inc. Monitoring signed resources transferred over a network
CN105844150A (en) * 2016-03-23 2016-08-10 青岛海信传媒网络技术有限公司 Application program data protection method and device
CN106656928A (en) * 2015-10-30 2017-05-10 西门子公司 Authentication method between client side and server under cloud environment and authentication device thereof
CN106850231A (en) * 2017-02-22 2017-06-13 济南浪潮高新科技投资发展有限公司 A kind of method of protection interface safety, service end and system, a kind of client
CN107480519A (en) * 2017-08-04 2017-12-15 深圳市金立通信设备有限公司 A kind of method and server for identifying risk application

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150372821A1 (en) * 2014-06-20 2015-12-24 Bmc Software, Inc. Monitoring signed resources transferred over a network
CN104935568A (en) * 2015-04-20 2015-09-23 成都康赛信息技术有限公司 Interface authentication signature method facing cloud platform
CN106656928A (en) * 2015-10-30 2017-05-10 西门子公司 Authentication method between client side and server under cloud environment and authentication device thereof
CN105844150A (en) * 2016-03-23 2016-08-10 青岛海信传媒网络技术有限公司 Application program data protection method and device
CN106850231A (en) * 2017-02-22 2017-06-13 济南浪潮高新科技投资发展有限公司 A kind of method of protection interface safety, service end and system, a kind of client
CN107480519A (en) * 2017-08-04 2017-12-15 深圳市金立通信设备有限公司 A kind of method and server for identifying risk application

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
TAIPING MO: "Design of secure communications network system based on data encryption and digital signature", 《2011 INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING & SIMULATION》 *
杨勇义: "基于Android平台的软件保护技术研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525454A (en) * 2018-11-06 2019-03-26 北京网众共创科技有限公司 Data processing method and device
CN110046479A (en) * 2019-03-21 2019-07-23 腾讯科技(深圳)有限公司 A kind of chained library file reverse adjustment method and device based on Android operation system
CN110162415A (en) * 2019-05-05 2019-08-23 腾讯科技(深圳)有限公司 For handling method, server, device and the storage medium of request of data
CN110162415B (en) * 2019-05-05 2023-09-01 腾讯科技(深圳)有限公司 Method, server, device and storage medium for processing data request
CN111049897A (en) * 2019-12-10 2020-04-21 北京百度网讯科技有限公司 Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package
CN113609501A (en) * 2021-08-05 2021-11-05 广州南洋理工职业学院 Anti-crawler method and system based on asymmetric secondary encryption
CN113609501B (en) * 2021-08-05 2024-07-02 广州南洋理工职业学院 Anti-crawler method and system based on asymmetric secondary encryption
CN113742668A (en) * 2021-08-17 2021-12-03 深圳Tcl新技术有限公司 Information acquisition method and device, computer equipment and computer readable storage medium

Also Published As

Publication number Publication date
CN108259479B (en) 2021-05-11

Similar Documents

Publication Publication Date Title
CN108259479A (en) Business data processing method, client and computer readable storage medium
CN104932902B (en) A kind of method and terminal generating APK file
US20170116410A1 (en) Software protection
US10797868B2 (en) Shared secret establishment
CN104680039B (en) A kind of data guard method and device of application program installation kit
CN102760219A (en) Android platform software protecting system, method and equipment
US10740491B2 (en) Method and device for verifying instructions of diagnostic equipment, and lower computer
US20210089646A1 (en) Software integrity checking systems and methods
CN108683712A (en) Method and device for generating application program verification and verification key and storage medium
KR20200094618A (en) Method for auditing source code using smart contract similarity analysis and apparatus thereof
CN104933366A (en) Mobile terminal application program processing method
US9489541B2 (en) Content protection via online servers and code execution in a secure operating system
CN106549957B (en) terminal application copyright authentication method and system
CN112000951A (en) Access method, device, system, electronic equipment and storage medium
WO2023029447A1 (en) Model protection method, device, apparatus, system and storage medium
CN107871066B (en) Code compiling method and device based on android system
CN107679831B (en) Method and related device for calling ERP function
CN105468970B (en) A kind of Android application programs based on protection net are anti-to usurp method and system
CN112291201A (en) Service request transmission method and device and electronic equipment
CN103885784A (en) Method for establishing Android platform with security module and plugging function
US20130166921A1 (en) Porting digital rights management service to multiple computing platforms
CN112115430A (en) Apk reinforcement method, electronic equipment and storage medium
CN112559980A (en) Applet operation capable of embedding numerous arbitrary APPs
Abrath et al. Code renewability for native software protection
CN110581833B (en) Service security protection method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder

Address after: 510623 room 1101, No.13 Zhujiang East Road, Tianhe District, Guangzhou City, Guangdong Province

Patentee after: GUANGZHOU QISHENG INFORMATION TECHNOLOGY Co.,Ltd.

Address before: 510000 10th and 11th floors, No.13 Zhujiang East Road, Tianhe District, Guangzhou City, Guangdong Province

Patentee before: GUANGZHOU QISHENG INFORMATION TECHNOLOGY Co.,Ltd.

CP02 Change in the address of a patent holder