CN108259479A - Business data processing method, client and computer readable storage medium - Google Patents
Business data processing method, client and computer readable storage medium Download PDFInfo
- Publication number
- CN108259479A CN108259479A CN201711498312.XA CN201711498312A CN108259479A CN 108259479 A CN108259479 A CN 108259479A CN 201711498312 A CN201711498312 A CN 201711498312A CN 108259479 A CN108259479 A CN 108259479A
- Authority
- CN
- China
- Prior art keywords
- application program
- ndk
- shared libraries
- data processing
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
An embodiment of the present invention provides a kind of business data processing method, client and computer readable storage medium, the business datum got is passed to NDK shared libraries by method including application program by program language compatibility interface;NDK shared libraries verify the signing certificate of the application program after the business datum is received;NDK shared libraries generate the first signature parameter according to the business datum and the key being stored in the NDK shared libraries and return to the application program after the signing certificate to the application program is proved to be successful;Application program sends business data processing to server by network request interface and asks;The embodiment of the present invention improves the difficulty that key is stolen with communication encryption algorithm by decompiling, enhances the communication security between application program and server;It needs to be authenticated the signing certificate of application program when calling NDK shared libraries simultaneously, prevents NDK shared libraries from being directly invoked by other applications, and prevent application program from being distorted by secondary packing.
Description
Technical field
It can the present invention relates to a kind of software technology field more particularly to business data processing method, client and computer
Read storage medium.
Background technology
Grey black production in the country's is very flourishing at present, increasingly industrial chain.Someone's ad hoc analysis APP (application program) communications association
View, carries out machine simulation, and data are forged.For example brush list, releasing advertisements etc. significantly destroy the ecological malicious act of APP.If
Android APP programs do not do any protection, it is easy to carry out static and dynamic state by third party, directly take interface communication
Key and communication algorithm is cracked, and puppet is produced and seems normal malicious requests.
Invention content
It, can be with the purpose of the present invention is to propose to a kind of business data processing method, device and computer readable storage medium
The difficulty that key is stolen with communication encryption algorithm by decompiling is improved, prevents the business data processing request of malice, enhancing
Communication security between application program and server.
To achieve the above object, on the one hand the embodiment of the present invention provides a kind of business data processing method, including:
Business data processing method, which is characterized in that including:
The business datum got is passed to NDK shared libraries by application program by program language compatibility interface;
NDK shared libraries verify the signing certificate of the application program after the business datum is received;
NDK shared libraries according to the business datum and are deposited after the signing certificate to the application program is proved to be successful
The key in the NDK shared libraries is stored up to generate the first signature parameter and return to the application program;
Application program sends business data processing to server by network request interface and asks;The business data processing
Request carries the business datum and first signature parameter;The business data processing asks to trigger the service
Device verify first signature parameter and the business datum entrained to business data processing request when being proved to be successful into
Row business logic processing is to obtain corresponding service processing result data;
Wherein described application program is configured with the NDK shared libraries in same client.
Preferably, the NDK shared libraries after the business datum is received to the signing certificate of the application program into
Row verification, including:
Method of the NDK shared libraries by calling Android SDK obtains the spy of the signing certificate of the application program
Value indicative is simultaneously compared with the characteristic value of the signing certificate of official;
When the characteristic value of the signing certificate of the application program is consistent with the characteristic value of the signing certificate of official, the NDK
Shared library judgement is proved to be successful the signing certificate of the application program;Otherwise judge the signing certificate for the application program
It verifies unsuccessful.
Preferably, method of the NDK shared libraries by calling Android SDK obtains the signature of the application program
The characteristic value of certificate is simultaneously compared with the characteristic value of the signing certificate of official, specially:
PackgeManager pairs in method call client of the NDK shared libraries by calling Android SDK
As according to information in the packet that the application program is obtained in PackgeManager objects described in the Bao Mingcong of the application program
And the characteristic value of the signing certificate of the application program is obtained in information out of described packet.
Preferably, the main body development language of the application program is JAVA;Described program language compatibility interface connects for JNI
Mouthful.
Preferably, the NDK shared libraries are after the signing certificate to the application program is proved to be successful, according to the business
Data and the key being stored in the NDK shared libraries generate the first signature parameter and return to the application program, including:
The NDK shared libraries are after the signing certificate to the application program is proved to be successful, in the business datum
Parameters sort according to dictionary, and the parameter after sequence is spliced into the first character string;
The key that the NDK shared libraries calling prestores;
First character string and the key are spliced into the second character string by the NDK shared libraries;
The NDK shared libraries calculate the cryptographic Hash of second character string, using the cryptographic Hash being calculated as described the
One signature parameter.
Preferably, the key is stored in after piecemeal and transcoding in the NDK shared libraries in advance;
The key that the NDK shared libraries calling prestores, including:
The key piecemeal that the NDK shared libraries acquisition prestores;
The NDK shared libraries obtain the key according to the key piecemeal.
Preferably, the business data processing request also includes the channel ID of the application program;
The business data processing request is specifically used for the triggering server and is looked into according to the channel ID of the application program
It looks for the key and is signed according to the key and the service parameter according to NDK shared libraries generation described first
The identical method of parameter generates the second signature parameter and compares first signature parameter and second signature parameter, when
Business logic processing is carried out to obtain corresponding service processing result data and feed back according to the business datum when the two is consistent
To the client where the application program, when the two is inconsistent to the client feedback data unexpected message.
Preferably, the method further includes:
The application program receives service processing result data or the data exception message that the server feedback is returned,
And perform subsequent processing according to the service processing result data or the data exception message
Second aspect of the embodiment of the present invention provides a kind of client, including processor, memory and is stored in described deposit
In reservoir and the computer program performed by the processor is configured as, the processor performs real during the computer program
Existing above-mentioned business data processing method.
The third aspect of the embodiment of the present invention provides a kind of computer readable storage medium, the computer readable storage medium
Computer program including storage, wherein, the computer readable storage medium institute is controlled when the computer program is run
Above-mentioned business data processing method is performed in equipment.
Compared with the prior art, the advantageous effect of the embodiment of the present invention is:An embodiment of the present invention provides a kind of business
Data processing method, client and computer readable storage medium, method pass through program language compatibility interface including application program
The business datum got is passed to NDK shared libraries;NDK shared libraries are after the business datum is received to the application program
Signing certificate verified;NDK shared libraries are after the signing certificate to the application program is proved to be successful, according to the business
Data and the key being stored in the NDK shared libraries generate the first signature parameter and return to the application program;Using
Program sends business data processing to server by network request interface and asks;The business data processing request carries
State business datum and first signature parameter;Business data processing request is for triggering described in the server authentication the
At one signature parameter and the business datum progress service logic entrained to business data processing request when being proved to be successful
It manages to obtain corresponding service processing result data.The embodiment of the present invention will be for the key of the first signature parameter of generation and life
Method into the first signature parameter is stored in NDK shared libraries, is generated by the NDK shared libraries according to the key
First signature parameter simultaneously returns to application program, and what is obtained in decompiling due to NDK shared libraries is assembler language so that it is difficult to
By decompiling obtain the key and generate the first signature parameter method, prevent application code by ApkTool,
The direct decompiling of the tools such as Jadx is simultaneously revealed, therefore improves the difficulty that key is stolen with communication encryption algorithm by decompiling, is prevented
There is the business data processing request of malice, enhance the communication security between application program and server;NDK is being called to be total to simultaneously
It needs to be authenticated the signing certificate of application program when enjoying library, prevents NDK shared libraries from being directly invoked by other applications, and
Prevent application program from being distorted by secondary packing.
Description of the drawings
Fig. 1 is a kind of flow diagram of business data processing method provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, those of ordinary skill in the art are obtained every other without creative efforts
Embodiment shall fall within the protection scope of the present invention.
Referring to Fig. 1, it is a kind of flow diagram of business data processing method provided in an embodiment of the present invention.It is described
Method includes:
The business datum got is passed to NDK shared libraries by S1, application program by program language compatibility interface;
S2, NDK shared library verify the signing certificate of the application program after the business datum is received;
S3, NDK shared library after the signing certificate to the application program is proved to be successful, according to the business datum and
The key being stored in the NDK shared libraries generates the first signature parameter and returns to the application program;
S4, application program send business data processing to server by network request interface and ask;The business datum
Processing request carries the business datum and first signature parameter;The business data processing request is described for triggering
First signature parameter described in server authentication and the business number entrained to business data processing request when being proved to be successful
According to carrying out business logic processing to obtain corresponding service processing result data;Wherein described application program is shared with the NDK
Library is configured in same client.
It should be noted that although above-mentioned steps S1~S4 is there are two executive agent, due to the application program with it is described
NDK shared libraries are configured in same client, it is to be understood that the computer program for the different piece by the client
To realize.
NDK:I.e. Native Development Kit, Android program are operated in Dalvik virtual machine, and NDK allows
User uses the primary code language execution part program of similar C/C++ etc.After the compiling of NDK programs, in different CPU architectures
Under, it generates corresponding so files, forms NDK shared libraries, it is dynamic link library under Linux platform that NDK, which shares,.
Dalvik is the virtual machine that Google companies oneself are designed for Android platform.Dalvik virtual machine is
One of core component of Android mobility devices of the manufacturers such as Google cooperative development, it can support to have converted
The operation of JAVA application programs for .dex (i.e. Dalvik Executable) form, each Dalvik are applied as one
Independent Linux processes perform.
In the prior art, the method for generating the key of the first signature parameter and generating the first signature parameter is deposited
Storage is in former application program, it is easy to be obtained by decompiling, safety is relatively low, and the embodiment of the present invention will be used for the first label of generation
Name parameter key and generate the first signature parameter method be stored in NDK shared libraries, by the NDK shared libraries come
It generates the first signature parameter according to the key and returns to application program, obtained due to NDK shared libraries in decompiling
It is assembler language so that it is difficult to obtain the key and the method for generating the first signature parameter by decompiling, prevent from applying
Program code is by the direct decompiling of the tools such as ApkTool, Jadx and reveals, therefore improves key and compiled with communication encryption algorithm by counter
The difficulty stolen is translated, prevents the business data processing request of malice, the communication enhanced between application program and server is pacified
Entirely;It needs to be authenticated the signing certificate of application program when calling NDK shared libraries simultaneously, prevents NDK shared libraries by other
Application program directly invokes, and prevents application program from being distorted by secondary packing.
Wherein, application signature refers to:In equipment either simulator before operation APP programs, it is necessary to for application
Program setting digital signature (keystore).The program not being signed, system cannot be installed.Application signature meaning master
If in order to ensure the legal ID of each application developers, prevent third party from being replaced by using identical packet name to obscure
Program through installation.Signature unique need to be carried out to the APK file of publication, and ensures the consistent of the version signing certificate issued every time
Property, it otherwise can not replace update.
Secondary packing refers to also referred to as be packaged again, refer to application program program code changed after (as add in malice or
Log code), then repacked into secondary.Note:During secondary packing, because interpolater does not have the keystore certificates of genuine quotient, at this time
Application signature information after signature is packaged can change.
In alternative embodiments, the main body development language of the application program is JAVA;Described program language is compatible with
Interface is JNI interfaces.JNI is the abbreviation of JAVA Native Interface, it provide several API realize JAVA and
The communication (mainly C/C++) of other language.Since JAVA1.1, JNI standards become a part for JAVA platforms, it allows
The code that JAVA codes and other language are write interacts.JNI interfaces are used to that the NDK to be called to share in embodiments of the present invention
Library.
In a kind of optional embodiment, the NDK shared libraries described in step S2 are right after the business datum is received
The signing certificate of the application program verified, including:
Method of the NDK shared libraries by calling Android SDK obtains the spy of the signing certificate of the application program
Value indicative is simultaneously compared with the characteristic value of the signing certificate of official;
When the characteristic value of the signing certificate of the application program is consistent with the characteristic value of the signing certificate of official, the NDK
Shared library judgement is proved to be successful the signing certificate of the application program;Otherwise judge the signing certificate for the application program
It verifies unsuccessful.
Smali is the register language of Dalvik, its relationship with JAVA, be equivalent to compilation in C.When we are to APK
After file carries out decompiling, such file will be generated.
More specifically, method of the NDK shared libraries by calling Android SDK, the label of the application program are obtained
The characteristic value of name certificate is simultaneously compared with the characteristic value of the signing certificate of official, specially:
PackgeManager pairs in method call client of the NDK shared libraries by calling Android SDK
As according to information in the packet that the application program is obtained in PackgeManager objects described in the Bao Mingcong of the application program
And the characteristic value of the signing certificate of the application program is obtained in information out of described packet.
Wherein, information is stored in PackgeManager objects in the packet of each application program of client, Mei Geying
The characteristic value of corresponding signing certificate is included with information in the packet of program.
In a kind of optional embodiment, the NDK shared libraries described in step S3 are in the signature card to the application program
After book is proved to be successful, the first signature parameter is generated according to the business datum and the key being stored in the NDK shared libraries
And the application program is returned to, including:
The NDK shared libraries are after the signing certificate to the application program is proved to be successful, in the business datum
Parameters sort according to dictionary, and the parameter after sequence is spliced into the first character string;
The key that the NDK shared libraries calling prestores;
First character string and the key are spliced into the second character string by the NDK shared libraries;
The NDK shared libraries calculate the cryptographic Hash of second character string, using the cryptographic Hash being calculated as described the
One signature parameter.
It should be noted that only it is that the NDK shared libraries generate first according to the business datum and the key herein
The one of which method of signature parameter, other similar generating modes are also optional.
In a kind of optional embodiment, the key is stored in the NDK shared libraries after piecemeal and transcoding in advance
In;
The key that the NDK shared libraries calling prestores, including:
The key piecemeal that the NDK shared libraries acquisition prestores;
The NDK shared libraries obtain the key according to the key piecemeal.
In a kind of optional embodiment, the business data processing request also includes the channel of the application program
ID;
The business data processing request is specifically used for the triggering server and is looked into according to the channel ID of the application program
It looks for the key and is signed according to the key and the service parameter according to NDK shared libraries generation described first
The identical method of parameter generates the second signature parameter and compares first signature parameter and second signature parameter, when
Business logic processing is carried out to obtain corresponding service processing result data and feed back according to the business datum when the two is consistent
To the client where the application program, when the two is inconsistent to the client feedback data unexpected message.
It should be noted that each channel ID has unique key, the key for being stored in NDK shared libraries is the service
Device is distributed previously according to the channel ID of the application program;The server can be according to the channel ID and difference received
The relationship of channel ID and key search the key corresponding to the channel ID received.
Since the method for the first signature parameter and the generation of the second signature parameter is the same, if the two differs, say
The entrained business datum of the bright business data processing request is usurped with the business datum that original application program is got
Change, at this time should feedback data unexpected message report an error.
In a kind of optional embodiment, the method further includes:
The application program receives service processing result data or the data exception message that the server feedback is returned,
And perform subsequent processing according to the service processing result data or the data exception message.
For example, it carries out display processing according to service processing result data and application program is carried out according to data exception message
Sudden strain of a muscle move back processing.
Correspondingly, the embodiment of the present invention additionally provides a kind of client, including processor, memory and is stored in described
In memory and the computer program performed by the processor is configured as, when the processor performs the computer program
Realize the step in above-mentioned business data processing method embodiment, such as step S1~S4 shown in FIG. 1.
Illustratively, the computer program can be divided into one or more module/units, one or more
A module/unit is stored in the memory, and is performed by the processor, to complete the present invention.It is one or more
A module/unit can be the series of computation machine program instruction section that can complete specific function, which is used to describe institute
State implementation procedure of the computer program in the client.
The client can be the computing devices such as desktop PC, notebook, palm PC and cloud server.Institute
Stating client may include, but be not limited only to, processor, memory.
Alleged processor can be central processing unit (Central Processing Unit, CPU), can also be it
His general processor, digital signal processor (Digital Signal Processor, DSP), application-specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor can also be any conventional processor
Deng the processor is the control centre of the client, utilizes various interfaces and each portion of the entire client of connection
Point.
The memory can be used for storing the computer program and/or module, and the processor is by running or performing
The computer program and/or module that are stored in the memory and the data being stored in memory are called, described in realization
The various functions of client.The memory can mainly include storing program area and storage data field, wherein, storing program area can
Application program (such as sound-playing function, image player function etc.) needed for storage program area, at least one function etc.;It deposits
Storage data field can be stored uses created data (such as audio data, phone directory etc.) etc. according to mobile phone.In addition, memory
It can include high-speed random access memory, nonvolatile memory, such as hard disk, memory, plug-in type hard disk can also be included,
Intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash
Card), at least one disk memory, flush memory device or other volatile solid-state parts.
Wherein, if module/unit that the client integrates is realized in the form of SFU software functional unit and as independently
Product sale or in use, can be stored in a computer readable storage medium.
Correspondingly, the embodiment of the present invention also provides a kind of computer readable storage medium, the computer-readable storage medium
Matter includes the computer program of storage, wherein, control the computer readable storage medium when the computer program is run
Place equipment performs the step in above-mentioned business data processing method embodiment, such as step S1~S4 shown in FIG. 1.
Based on such understanding, the present invention realizes all or part of flow in above-described embodiment method, can also pass through
Computer program is completed to instruct relevant hardware, and the computer program can be stored in a computer readable storage medium
In, the computer program is when being executed by processor, it can be achieved that the step of above-mentioned each embodiment of the method.Wherein, the calculating
Machine program includes computer program code, and the computer program code can be source code form, object identification code form, can hold
Style of writing part or certain intermediate forms etc..The computer-readable medium can include:The computer program code can be carried
Any entity or device, recording medium, USB flash disk, mobile hard disk, magnetic disc, CD, computer storage, read-only memory (ROM,
Read-Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunications letter
Number and software distribution medium etc..It should be noted that the content that the computer-readable medium includes can be managed according to the administration of justice
Local legislation and the requirement of patent practice carry out appropriate increase and decrease, such as in certain jurisdictions, according to legislation and patent
Practice, computer-readable medium do not include electric carrier signal and telecommunication signal.
Compared with the prior art, the advantageous effect of the embodiment of the present invention is:An embodiment of the present invention provides a kind of business
Data processing method, client and computer readable storage medium, method pass through program language compatibility interface including application program
The business datum got is passed to NDK shared libraries;NDK shared libraries are after the business datum is received to the application program
Signing certificate verified;NDK shared libraries are after the signing certificate to the application program is proved to be successful, according to the business
Data and the key being stored in the NDK shared libraries generate the first signature parameter and return to the application program;Using
Program sends business data processing to server by network request interface and asks;The business data processing request carries
State business datum and first signature parameter;Business data processing request is for triggering described in the server authentication the
At one signature parameter and the business datum progress service logic entrained to business data processing request when being proved to be successful
It manages to obtain corresponding service processing result data.The embodiment of the present invention will be for the key of the first signature parameter of generation and life
Method into the first signature parameter is stored in NDK shared libraries, is generated by the NDK shared libraries according to the key
First signature parameter simultaneously returns to application program, and what is obtained in decompiling due to NDK shared libraries is assembler language so that it is difficult to
By decompiling obtain the key and generate the first signature parameter method, prevent application code by ApkTool,
The direct decompiling of the tools such as Jadx is simultaneously revealed, therefore improves the difficulty that key is stolen with communication encryption algorithm by decompiling, is prevented
There is the business data processing request of malice, enhance the communication security between application program and server;NDK is being called to be total to simultaneously
It needs to be authenticated the signing certificate of application program when enjoying library, prevents NDK shared libraries from being directly invoked by other applications, and
Prevent application program from being distorted by secondary packing.
One of ordinary skill in the art will appreciate that realizing all or part of flow in above-described embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the program can be stored in a computer read/write memory medium
In, the program is when being executed, it may include such as the flow of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic
Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access
Memory, RAM) etc..
The above is the preferred embodiment of the present invention, it is noted that for those skilled in the art
For, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also considered as
Protection scope of the present invention.
Claims (10)
1. a kind of business data processing method, which is characterized in that including:
The business datum got is passed to NDK shared libraries by application program by program language compatibility interface;
NDK shared libraries verify the signing certificate of the application program after the business datum is received;
NDK shared libraries according to the business datum and are stored in after the signing certificate to the application program is proved to be successful
Key in the NDK shared libraries generates the first signature parameter and returns to the application program;
Application program sends business data processing to server by network request interface and asks;The business data processing request
Carry the business datum and first signature parameter;The business data processing request is tested for triggering the server
It demonstrate,proves first signature parameter and entrained business datum is asked into industry to the business data processing when being proved to be successful
Business logical process is to obtain corresponding service processing result data;
Wherein described application program is configured with the NDK shared libraries in same client.
2. business data processing method as described in claim 1, which is characterized in that the NDK shared libraries receive it is described
The signing certificate of the application program is verified after business datum, including:
Method of the NDK shared libraries by calling Android SDK obtains the characteristic value of the signing certificate of the application program
And it is compared with the characteristic value of the signing certificate of official;
When the characteristic value of the signing certificate of the application program is consistent with the characteristic value of the signing certificate of official, the NDK shares
Library judgement is proved to be successful the signing certificate of the application program;Otherwise judge the signing certificate verification for the application program
It is unsuccessful.
3. business data processing method as claimed in claim 2, which is characterized in that the NDK shared libraries pass through calling
The method of Android SDK, obtain the signing certificate of the application program characteristic value and with the feature of the signing certificate of official
Value is compared, specially:
PackgeManager objects in method call client of the NDK shared libraries by calling Android SDK, root
According to information in the packet that the application program is obtained in PackgeManager objects described in the Bao Mingcong of the application program and from institute
State the characteristic value for the signing certificate for obtaining the application program in packet in information.
4. business data processing method as claimed in claim 3, which is characterized in that the main body development language of the application program
For JAVA;Described program language compatibility interface is JNI interfaces.
5. business data processing method as described in claim 1, which is characterized in that the NDK shared libraries are to the application
After the signing certificate of program is proved to be successful, generated according to the business datum and the key being stored in the NDK shared libraries
First signature parameter simultaneously returns to the application program, including:
The NDK shared libraries are after the signing certificate to the application program is proved to be successful, to each in the business datum
Parameter sorts according to dictionary, and the parameter after sequence is spliced into the first character string;
The key that the NDK shared libraries calling prestores;
First character string and the key are spliced into the second character string by the NDK shared libraries;
The NDK shared libraries calculate the cryptographic Hash of second character string, using the cryptographic Hash being calculated as the described first label
Name parameter.
6. business data processing method as claimed in claim 5, which is characterized in that the key is in advance by after piecemeal and transcoding
It is stored in the NDK shared libraries;
The key that the NDK shared libraries calling prestores, including:
The key piecemeal that the NDK shared libraries acquisition prestores;
The NDK shared libraries obtain the key according to the key piecemeal.
7. business data processing method as claimed in claim 5, which is characterized in that the business data processing request also includes
The channel ID of the application program;
The business data processing request is specifically used for triggering the server according to the channel ID of application program lookups institute
It states key and first signature parameter is generated according to the NDK shared libraries according to the key and the service parameter
Identical method generates the second signature parameter and compares first signature parameter and second signature parameter, works as the two
Business logic processing is carried out to obtain corresponding service processing result data and feed back to institute according to the business datum when consistent
The client where application program is stated, when the two is inconsistent to the client feedback data unexpected message.
8. business data processing method as claimed in claim 7, which is characterized in that the method further includes:
The application program receives service processing result data or the data exception message that the server feedback is returned, and root
Subsequent processing is performed according to the service processing result data or the data exception message.
9. a kind of client, including processor, memory and it is stored in the memory and is configured as by the processing
The computer program that device performs, the processor are realized when performing the computer program such as any one in claim 1 to 8
The business data processing method.
10. a kind of computer readable storage medium, which is characterized in that the computer readable storage medium includes the calculating of storage
Machine program, wherein, equipment where controlling the computer readable storage medium when the computer program is run is performed as weighed
Profit requires the business data processing method described in any one in 1 to 8.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711498312.XA CN108259479B (en) | 2017-12-28 | 2017-12-28 | Business data processing method, client and computer readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711498312.XA CN108259479B (en) | 2017-12-28 | 2017-12-28 | Business data processing method, client and computer readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108259479A true CN108259479A (en) | 2018-07-06 |
CN108259479B CN108259479B (en) | 2021-05-11 |
Family
ID=62725631
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711498312.XA Active CN108259479B (en) | 2017-12-28 | 2017-12-28 | Business data processing method, client and computer readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108259479B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109525454A (en) * | 2018-11-06 | 2019-03-26 | 北京网众共创科技有限公司 | Data processing method and device |
CN110046479A (en) * | 2019-03-21 | 2019-07-23 | 腾讯科技(深圳)有限公司 | A kind of chained library file reverse adjustment method and device based on Android operation system |
CN110162415A (en) * | 2019-05-05 | 2019-08-23 | 腾讯科技(深圳)有限公司 | For handling method, server, device and the storage medium of request of data |
CN111049897A (en) * | 2019-12-10 | 2020-04-21 | 北京百度网讯科技有限公司 | Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package |
CN113609501A (en) * | 2021-08-05 | 2021-11-05 | 广州南洋理工职业学院 | Anti-crawler method and system based on asymmetric secondary encryption |
CN113742668A (en) * | 2021-08-17 | 2021-12-03 | 深圳Tcl新技术有限公司 | Information acquisition method and device, computer equipment and computer readable storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104935568A (en) * | 2015-04-20 | 2015-09-23 | 成都康赛信息技术有限公司 | Interface authentication signature method facing cloud platform |
US20150372821A1 (en) * | 2014-06-20 | 2015-12-24 | Bmc Software, Inc. | Monitoring signed resources transferred over a network |
CN105844150A (en) * | 2016-03-23 | 2016-08-10 | 青岛海信传媒网络技术有限公司 | Application program data protection method and device |
CN106656928A (en) * | 2015-10-30 | 2017-05-10 | 西门子公司 | Authentication method between client side and server under cloud environment and authentication device thereof |
CN106850231A (en) * | 2017-02-22 | 2017-06-13 | 济南浪潮高新科技投资发展有限公司 | A kind of method of protection interface safety, service end and system, a kind of client |
CN107480519A (en) * | 2017-08-04 | 2017-12-15 | 深圳市金立通信设备有限公司 | A kind of method and server for identifying risk application |
-
2017
- 2017-12-28 CN CN201711498312.XA patent/CN108259479B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150372821A1 (en) * | 2014-06-20 | 2015-12-24 | Bmc Software, Inc. | Monitoring signed resources transferred over a network |
CN104935568A (en) * | 2015-04-20 | 2015-09-23 | 成都康赛信息技术有限公司 | Interface authentication signature method facing cloud platform |
CN106656928A (en) * | 2015-10-30 | 2017-05-10 | 西门子公司 | Authentication method between client side and server under cloud environment and authentication device thereof |
CN105844150A (en) * | 2016-03-23 | 2016-08-10 | 青岛海信传媒网络技术有限公司 | Application program data protection method and device |
CN106850231A (en) * | 2017-02-22 | 2017-06-13 | 济南浪潮高新科技投资发展有限公司 | A kind of method of protection interface safety, service end and system, a kind of client |
CN107480519A (en) * | 2017-08-04 | 2017-12-15 | 深圳市金立通信设备有限公司 | A kind of method and server for identifying risk application |
Non-Patent Citations (2)
Title |
---|
TAIPING MO: "Design of secure communications network system based on data encryption and digital signature", 《2011 INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING & SIMULATION》 * |
杨勇义: "基于Android平台的软件保护技术研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109525454A (en) * | 2018-11-06 | 2019-03-26 | 北京网众共创科技有限公司 | Data processing method and device |
CN110046479A (en) * | 2019-03-21 | 2019-07-23 | 腾讯科技(深圳)有限公司 | A kind of chained library file reverse adjustment method and device based on Android operation system |
CN110162415A (en) * | 2019-05-05 | 2019-08-23 | 腾讯科技(深圳)有限公司 | For handling method, server, device and the storage medium of request of data |
CN110162415B (en) * | 2019-05-05 | 2023-09-01 | 腾讯科技(深圳)有限公司 | Method, server, device and storage medium for processing data request |
CN111049897A (en) * | 2019-12-10 | 2020-04-21 | 北京百度网讯科技有限公司 | Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package |
CN113609501A (en) * | 2021-08-05 | 2021-11-05 | 广州南洋理工职业学院 | Anti-crawler method and system based on asymmetric secondary encryption |
CN113609501B (en) * | 2021-08-05 | 2024-07-02 | 广州南洋理工职业学院 | Anti-crawler method and system based on asymmetric secondary encryption |
CN113742668A (en) * | 2021-08-17 | 2021-12-03 | 深圳Tcl新技术有限公司 | Information acquisition method and device, computer equipment and computer readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN108259479B (en) | 2021-05-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108259479A (en) | Business data processing method, client and computer readable storage medium | |
CN104932902B (en) | A kind of method and terminal generating APK file | |
US20170116410A1 (en) | Software protection | |
US10797868B2 (en) | Shared secret establishment | |
CN104680039B (en) | A kind of data guard method and device of application program installation kit | |
CN102760219A (en) | Android platform software protecting system, method and equipment | |
US10740491B2 (en) | Method and device for verifying instructions of diagnostic equipment, and lower computer | |
US20210089646A1 (en) | Software integrity checking systems and methods | |
CN108683712A (en) | Method and device for generating application program verification and verification key and storage medium | |
KR20200094618A (en) | Method for auditing source code using smart contract similarity analysis and apparatus thereof | |
CN104933366A (en) | Mobile terminal application program processing method | |
US9489541B2 (en) | Content protection via online servers and code execution in a secure operating system | |
CN106549957B (en) | terminal application copyright authentication method and system | |
CN112000951A (en) | Access method, device, system, electronic equipment and storage medium | |
WO2023029447A1 (en) | Model protection method, device, apparatus, system and storage medium | |
CN107871066B (en) | Code compiling method and device based on android system | |
CN107679831B (en) | Method and related device for calling ERP function | |
CN105468970B (en) | A kind of Android application programs based on protection net are anti-to usurp method and system | |
CN112291201A (en) | Service request transmission method and device and electronic equipment | |
CN103885784A (en) | Method for establishing Android platform with security module and plugging function | |
US20130166921A1 (en) | Porting digital rights management service to multiple computing platforms | |
CN112115430A (en) | Apk reinforcement method, electronic equipment and storage medium | |
CN112559980A (en) | Applet operation capable of embedding numerous arbitrary APPs | |
Abrath et al. | Code renewability for native software protection | |
CN110581833B (en) | Service security protection method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP02 | Change in the address of a patent holder |
Address after: 510623 room 1101, No.13 Zhujiang East Road, Tianhe District, Guangzhou City, Guangdong Province Patentee after: GUANGZHOU QISHENG INFORMATION TECHNOLOGY Co.,Ltd. Address before: 510000 10th and 11th floors, No.13 Zhujiang East Road, Tianhe District, Guangzhou City, Guangdong Province Patentee before: GUANGZHOU QISHENG INFORMATION TECHNOLOGY Co.,Ltd. |
|
CP02 | Change in the address of a patent holder |