CN108280341B - Channel number adding and installation package checking method and device - Google Patents
Channel number adding and installation package checking method and device Download PDFInfo
- Publication number
- CN108280341B CN108280341B CN201611260395.4A CN201611260395A CN108280341B CN 108280341 B CN108280341 B CN 108280341B CN 201611260395 A CN201611260395 A CN 201611260395A CN 108280341 B CN108280341 B CN 108280341B
- Authority
- CN
- China
- Prior art keywords
- block
- channel number
- signature
- data
- directory
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
Abstract
The invention discloses a channel number adding and installation package checking method and device, and belongs to the field of installation package processing. The method comprises the following steps: analyzing the APK file to obtain a signature block of the APK file, wherein the signature block comprises signature information and verification information; adding a target channel number to the signature block, wherein the target channel number corresponds to an application issuing party issuing the APK file; calculating the data variation of the signature block before and after adding the target channel number; and updating an offset field contained in the APK file according to the data variation, wherein the offset field is positioned in an end-of-directory identification block, the end-of-directory identification block is used for indicating the position of the directory block in the APK file through the offset field, and the directory block is used for indicating the position of each file data in the data block. The embodiment of the invention solves the problem that the channel number injection mode of the existing v1 version signature APK file cannot be applied to the v2 version signature APK file, and realizes the normal installation of the v2 version signature APK file after the channel number is added.
Description
Technical Field
The embodiment of the invention relates to the field of installation package processing, in particular to a channel number adding method and device and an installation package checking method and device.
Background
After the application developer completes Android application development, the Android application can be released to different application markets in the internet for a user to download and install.
In order to enable an application developer to know the downloading amount of the Android application in different application markets and accordingly to make a corresponding release strategy, the application market needs to add a channel number in an Android Package (APK) file of the Android application, wherein the channel number is used for indicating the application market providing the application download and counting the downloading amount of the application in the application market. In the prior art, for an APK file signed by using an APK Signature Scheme v1 (first edition android installation package Signature Scheme), an application market realizes addition of a channel number by injecting a channel file into the APK file or injecting channel information into zip info (compressed information) of the APK file.
For an APK file signed by using an APK Signature Scheme v2 (second version android installation package Signature Scheme), an APK file structure is shown in fig. 1, where a data block 11 is used to store compressed file data, a Signature block 14 is used to store Signature information and verification information, a directory block 12 is used to indicate a position of each file data in the data block 11, and a directory end identifier block 13 is used to indicate a position of the directory block 12. If the channel number injection mode of the v1 version signature APK file is used for the v2 version signature APK file, when the channel number is added in the mode of injecting the channel file, file data are newly added to the APK file after the channel file is added, and a directory indicating the newly added file data is correspondingly added, so that a data block 11 and a directory block 12 in the APK file are changed; when the channel number is added by injecting the channel information, the directory end flag block 13 in the APK file changes because the injected channel information is located in the directory end flag block 13.
However, when the signature APK file version v2 is installed in the terminal, the data block, the directory block, and the directory end flag block need to be checked according to the checking information of the signature block, and when the data block, the directory block, or the directory end flag block changes, the APK file cannot pass the checking. Obviously, if the channel number injection mode of the v1 version signature APK file is used for the v2 version signature APK file, the v2 version signature APK file cannot be normally installed.
Disclosure of Invention
In order to solve the problem that the existing channel number injection mode of the v1 version signature APK file cannot be applied to the v2 version signature APK file, the embodiment of the invention provides a channel number adding and installation package checking method and device. The technical scheme is as follows:
according to a first aspect of embodiments of the present invention, there is provided a channel number adding method, including:
analyzing the APK file to obtain a signature block of the APK file, wherein the signature block comprises signature information and verification information;
adding a target channel number to the signature block, wherein the target channel number corresponds to an application issuing party issuing the APK file;
calculating the data variation of the signature block before and after adding the target channel number;
and updating an offset field contained in the APK file according to the data variation, wherein the offset field is located in an end-of-directory identification block, the end-of-directory identification block is used for indicating the position of the directory block in the APK file through the offset field, and the directory block is used for indicating the position of each file data in the data block.
According to a second aspect of the embodiments of the present invention, there is provided an installation package checking method, including:
analyzing the APK file to obtain a signature block of the APK file, wherein the signature block comprises signature information, verification information and a channel number;
obtaining an offset field contained in the APK file, wherein the offset field is located in a directory ending identification block, the directory ending identification block is used for indicating the position of the directory block in the APK file through the offset field, and the directory block is used for indicating the position of each file data in the data block;
restoring a directory ending identification block according to the offset value corresponding to the offset field and the data volume of the signature block, wherein the restored directory ending identification block is consistent with the directory ending identification block of the APK file before signature;
and verifying the data block, the directory block and the restored directory ending identification block according to the verification information.
According to a third aspect of the embodiments of the present invention, there is provided a channel number addition apparatus including:
the first analysis module is used for analyzing the APK file to obtain a signature block of the APK file, wherein the signature block comprises signature information and verification information;
the adding module is used for adding a target channel number to the signature block, and the target channel number corresponds to an application issuing party issuing the APK file;
the calculation module is used for calculating the data variation of the signature blocks before and after the addition of the target channel number;
the first updating module is used for updating an offset field contained in the APK file according to the data variation, the offset field is located in a directory ending identification block, the directory ending identification block is used for indicating the position of the directory block in the APK file through the offset field, and the directory block is used for indicating the position of each file data in the data block.
According to a fourth aspect of the embodiments of the present invention, there is provided an installation package checking apparatus, including:
the second analysis module is used for analyzing the APK file to obtain a signature block of the APK file, wherein the signature block comprises signature information, verification information and a channel number;
the acquisition module is used for acquiring an offset field contained in the APK file, wherein the offset field is located in a directory ending identification block, the directory ending identification block is used for indicating the position of the directory block in the APK file through the offset field, and the directory block is used for indicating the position of each file data in the data block;
the restoring module is used for restoring the directory ending identification block according to the offset value corresponding to the offset field and the data volume of the signature block, and the restored directory ending identification block is consistent with the directory ending identification block of the APK file before the v2 version signature;
and the checking module is used for checking the data block, the directory block and the restored directory ending identification block according to the checking information.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
when the channel number is added into the APK file, the channel number is added into a signature block which does not need to be verified, and an offset field contained in a directory ending identification block in the APK file is dynamically updated according to the data variation of the signature block before and after the channel number is added, so that the data block, the directory block and the directory ending identification block of the APK file after the channel number is added can pass verification of verification information in the signature block, the problem that the existing channel number injection mode of a v1 version signature APK file cannot be suitable for a v2 version signature APK file is solved, and normal installation of the v2 version signature APK file after the channel number is added is realized.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a schematic diagram showing the file structure of an APK file before and after v2 edition signature;
FIG. 2 illustrates a schematic diagram of an implementation environment provided by one embodiment of the invention;
fig. 3 is a flowchart illustrating a channel number adding method according to an embodiment of the present invention;
fig. 4A shows a flowchart of a channel number adding method according to another embodiment of the present invention;
FIG. 4B is a schematic diagram of the channel number addition method shown in FIG. 4A;
FIG. 5A is a flowchart illustrating an installation package checking method according to an embodiment of the present invention;
FIG. 5B is a schematic diagram of the installation package verification method shown in FIG. 5A;
FIG. 5C is a flowchart illustrating an installation package checking method according to another embodiment of the present invention;
fig. 6 is a block diagram showing the configuration of a channel number adding apparatus according to an embodiment of the present invention;
fig. 7 is a block diagram illustrating an architecture of an installation package checking apparatus according to an embodiment of the present invention;
FIG. 8 is a block diagram illustrating the architecture of a server provided by an embodiment of the present invention;
fig. 9 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
Reference herein to "a plurality" means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
Referring to fig. 2, a schematic diagram of an implementation environment provided by an embodiment of the invention is shown, wherein the implementation environment includes an application developer terminal 210, an application marketplace server 220 and a user terminal 230.
The application developer terminal 210 is a terminal used by an application developer, and the application developer uses the terminal to launch the developed Android application to at least one application market.
In order to avoid tampering the Android application and marking the identity of the developer, the application developer terminal 210 needs to use the APK file of the Android application for signing before releasing the Android application, so as to write corresponding signature information and verification information into the APK file. The method for signing the APK file comprises the steps of adopting v1 version signature and adopting v2 version signature. In each embodiment of the present invention, an APK file is described by taking a v2 version signature as an example.
The application developer terminal 210 is connected to the application market server 220 through a wired network or a wireless network.
The application market server 220 is a background server corresponding to each large application market, and is used for receiving Android applications released by application developers. The application market server 220 is a server, a server cluster formed by a plurality of servers, or a cloud computing center.
Since the application developer puts the same Android application into different application markets, in order to enable the application developer to know the download amount of the Android application in different application markets, when the application market server 220 receives the APK file sent by the application developer terminal 210, a channel number corresponding to the application market needs to be injected into the APK file. When the user terminal 230 downloads and uses the Android application from the application market, the application developer can know from which application market the user terminal 230 downloads the Android application according to the channel number reported by the user terminal 230. The channel number adding method provided by each embodiment of the present invention is performed by the application marketplace server 220.
The application marketplace server 220 is connected to the user terminal 230 through a wired network or a wireless network.
The user terminal 230 is an electronic device operating with an Android system, and the electronic device is a smart phone, a tablet computer, an MP3 player (Moving Picture Experts Group Audio Layer III, motion video Experts compression standard Audio Layer 3) or an MP4(Moving Picture Experts Group Audio Layer IV, motion video Experts compression standard Audio Layer 4) player.
When the user needs to download the Android application, the user terminal 230 is used to access the application market corresponding to the application market server 220, and the APK file corresponding to the Android application is downloaded from the application market server 220. After obtaining the APK file, the user terminal 230 needs to verify the APK file according to the verification information in the APK file, and analyze and install the APK file when the APK file passes the verification. The installation package verification method provided by each embodiment of the present invention is executed by the user terminal 230.
It should be noted that, since the APK file parsed and installed by the user terminal 230 adopts the signature of version v2, the version of the Android system run by the user terminal 230 is higher than or equal to Android 7.0.
Optionally, the wireless or wired networks described above use standard communication techniques and/or protocols. The Network is typically the Internet, but may be any Network including, but not limited to, a Local Area Network (LAN), a Metropolitan Area Network (MAN), a Wide Area Network (WAN), a mobile, wireline or wireless Network, a private Network, or any combination of virtual private networks. In some embodiments, data exchanged over a network is represented using techniques and/or formats including Hypertext Mark-up Language (HTML), Extensible markup Language (XML), and the like. All or some of the links may also be encrypted using conventional encryption techniques such as Secure Socket Layer (SSL), Transport Layer Security (TLS), Virtual Private Network (VPN), Internet protocol Security (IPsec). In other embodiments, custom and/or dedicated data communication techniques may also be used in place of, or in addition to, the data communication techniques described above.
The APK file is essentially a Zip compressed file, and the file structure of the APK file conforms to the file structure of the Zip compressed file, wherein the APK file structures of the APK file before and after the APK file is signed by v2 are shown in fig. 1.
Before the signature of version v2, the APK file includes a data block 11, a directory block 12, and an end-of-directory identification block 13. The data block 11 is used for storing compressed file data, and each file data corresponds to a compressed file in the APK file; the directory block 12 is used for indicating the position of each file data in the APK file, wherein the directory block 12 locates the file data corresponding to each compressed file according to the recorded entry _ offset (physical offset value); the end-of-directory-flag block 13 is used to indicate the location of the directory block 12 in the APK file and store additional information of the APK file, wherein the end-of-directory-flag block 13 locates the directory block 12 according to the recorded cdfh _ offset (directory offset).
After the v2 version signature, a signature block 14 is added to the APK file, and the signature block 14 includes signature information set by an application developer and verification information for verifying the APK file. Specifically, the verification information includes the respective corresponding message digests of the blocks before v2 version signature. It should be noted that, since the signature block 14 is added to the APK file, the offset value of the directory block 12 changes, and therefore, when performing signature of version v2, the directory offset value in the directory end flag block 13 needs to be updated accordingly.
When verifying the APK file signed by v2 version, the terminal firstly restores the directory offset value in the directory end identifier block 13 by using the data volume of the signature block 14 (restores the directory offset value to the directory offset value before v2 version signature), then verifies the data block 11, the directory block 12 and the restored directory end identifier block 13 according to the verification information contained in the signature block 14, and when all the three pass the verification, determines that the APK file passes the verification.
For the APK file signed by the v2 version, when the application market server adds a channel number in a channel file injection mode, the application market server firstly decompresses the APK file, then injects the channel file into the decompressed APK file, and finally recompresses the APK file after the channel file is injected. Obviously, since the channel file is newly added to the recompressed APK file, both the data block 11 and the directory block 12 of the APK file are changed, and when the APK file is verified by using the verification information in the signature block 14, the data block 11 and the directory block 12 cannot pass the verification.
When the application market server adds the channel number in a manner of injecting channel information into the zip info, the application market server firstly needs to search the end-of-directory identification block 13 in the APK file for the zip info data segment, and analyzes the data structure of the zip info data segment, thereby writing the channel number into the zip info data segment. Obviously, after the channel number is newly added to the zip info data segment, the end-of-directory flag block 13 of the APK file is changed, and when the APK file is verified by using the verification information in the signature block 14, the end-of-directory flag block 13 cannot pass the verification.
Obviously, after the channel number is added to the APK file with the v2 signature in the two ways, the APK file cannot pass verification, and thus the Android application cannot be normally installed.
In the channel number adding method provided by each embodiment of the invention, the application market server adds the channel number to the signature block which does not need to be verified, and correspondingly adjusts the directory offset value in the directory ending identification block, so that the contents of the data block and the directory block are not changed in the APK file after the channel number is added, and the contents of the directory ending identification block are not changed after the directory offset value in the directory ending identification block is restored, so that the data block, the signature block and the directory ending identification block can be verified, and the normal installation of the Android application is further realized. The following description will be made by using exemplary embodiments.
Referring to fig. 3, a flowchart of a channel number adding method according to an embodiment of the present invention is shown, where the channel number adding method is used in the application market server 220 shown in fig. 2 for illustration, and the method includes:
In one possible implementation, the application market server identifies the signature Block of the APK file according to a preset keyword, for example, in the signature APK file v2 version, the newly added signature Block starts with "APK Sig Block 42", and then the preset keyword is "APK Sig Block 42".
The signature block is generated by an application developer after signing the APK file by v2 version, the signature information is used for indicating the application developer, and the verification information is used for verifying the data block, the directory block and the directory ending identification block of the APK file.
Optionally, the verification information includes MD5(Message-Digest Algorithm 5, fifth version information Digest Algorithm) values or SHA1(secure hash Algorithm) values corresponding to the data block before v2 version signature, the directory block, and the directory end identifier block.
Optionally, the application market server further has an APK file identification function, and by the identification function, the application market server can identify the signature type of the received APK file. In a possible implementation manner, the application market server analyzes the APK file, detects whether the APK file contains a signature block identifier, and if the APK file does not contain the signature block identifier, determines that the APK file adopts a v1 version signature; and if the APK file contains the signature block identification, determining that the APK file adopts v2 version signature, and further acquiring a signature block.
Wherein, the channel numbers corresponding to different application publishers (application markets) are different. For example, the channel number corresponding to the application Market a is "mark _ a", and the channel number corresponding to the application Market B is "mark _ B".
Since the target channel number is added to the signature block, the data size of the signature block changes, and the offset value of the directory block also changes. In order to ensure the accuracy of the offset field (for recording the offset value of the directory block) in the end-of-directory identification block, the application market server needs to calculate the data variation of the signature block before and after adding the target channel number, so as to update the offset field of the end-of-directory identification block according to the data variation.
For example, the data size of the signature block is 20 bytes before adding the channel number, and the data size of the signature block is 25 bytes after adding the channel number, so that the data change amount of the signature block is 5 bytes from 25 to 20.
And step 304, updating an offset field contained in the APK file according to the data variation, where the offset field is located in an end-of-directory flag block, the end-of-directory flag block is used to indicate the location of the directory block in the APK file through the offset field, and the directory block is used to indicate the location of each file data in the data block.
Further, the application market server updates the offset field included in the directory end identifier block according to the data variation of the signature block.
For example, before adding the channel number, the data size of the data block is 100 bytes, the data size of the signature block is 20 bytes, and the offset value of the offset field in the directory end identifier block is 100+ 20-120 bytes; when the channel number is added, the data size of the signature block is increased by 5 bytes, and the offset value of the offset field is updated to 1120+ 5-125 bytes.
In a possible implementation manner, the APK file provided by the application developer terminal to the application marketplace server already contains the channel number, in which case, the application marketplace server needs to delete the channel number already contained and add the channel number of itself to the APK file again, which is described below with an exemplary embodiment.
Referring to fig. 4A, a flowchart of a channel number adding method according to another embodiment of the present invention is shown, where the channel number adding method is used in the application market server 220 shown in fig. 2 for illustration, and the method includes:
The implementation of this step is similar to that of step 301, and this embodiment is not described herein again.
In step 402, it is detected whether the signature block includes a historical channel number.
After acquiring the signature block of the APK file, the application market server detects whether the signature block already contains the channel number, and if the signature block does not contain the channel number, the following steps 403 to 405 are executed; if the signature block already contains a channel number, the following steps 406 to 408 are performed.
In one possible embodiment, the channel number is represented by a data pair in a predetermined format, and the data pair in the predetermined format includes a preset identification field and a channel number value, that is, the channel number is represented by a data pair with an ID-value. Accordingly, the application market server detects whether the signature block contains the historical channel number or not by the following steps.
Firstly, whether the signature block contains a preset identification field is detected.
And the application market server traverses the information contained in the signature block and detects whether the signature block contains a preset identification field. For example, the default identification field is 0x79646e 61.
And secondly, if the signature block does not contain the preset identification field, determining that the signature block does not contain the historical channel number.
When the signature block is detected not to contain the preset identification field, the application market server determines that the signature block does not contain the historical channel number, namely the channel number is not added to the APK file.
And thirdly, if the signature block contains a preset identification field, determining that the signature block contains a historical channel number.
When detecting that the signature block contains the preset identification field, the application market server determines that the signature block contains the historical channel number, that is, the channel number has been added to the APK file, and adds the target channel number to the APK file through the following steps 403 to 405.
Optionally, when it is determined that the signature block includes the historical channel number, the application market server compares the historical channel number with its own channel number, and updates the channel number in the APK file through the following steps 406 to 408 when the comparison result indicates that the historical channel number and the channel number are different.
In step 403, when the signature block does not contain the historical channel number, the target channel number is added to the signature block.
When the signature block does not contain the historical channel number, the application market server writes the target channel number into the signature block. The embodiment of the present invention does not limit the specific location where the target channel number is written into the signature block.
Optionally, when the channel number is represented by a data pair including a preset identification field and a channel number value, the application market server writes the data pair corresponding to the target channel number into the signature block, for example, the target channel number written by the application market server is: 0x79646e61-Market _ A.
Illustratively, as shown in FIG. 4B, when the application marketplace server writes the channel number to the end of the signature block.
And after the target channel number is written into the signature block, the application market server further calculates the data variation of the signature block after the channel number is added. Since the APK file does not include the historical channel number, the data change amount of the signature block after the target channel number is added is the data amount of the target channel number.
For example, as shown in fig. 4B, the application marketplace server calculates the added channel number to be 5 bytes.
In step 405, the data amount of the target channel number is determined as the data variation amount.
Further, after the application market server determines the data amount of the target channel number as the data variation amount of the signature block, the offset field in the end-of-directory identification block is updated through the following steps 409 and 410.
In step 406, when the signature block includes the historical channel number, the historical channel number is deleted, and the target channel number is added to the signature block.
When the signature block includes a history channel number and the history channel number is inconsistent with the target channel number to be added, in order to avoid confusion, the application market server firstly deletes the history channel number and then adds the target channel number to the signature block.
Optionally, when the channel number is represented by a data pair including a preset identification field and a channel number value, the application market server detects that the signature block includes the preset identification field, and the channel number value corresponding to the preset identification field is different from the channel number value of the target channel number, deletes the data pair corresponding to the historical channel number, and writes the data pair corresponding to the target channel number into the signature block.
For example, the target channel number to be written is 0x79646e61-mark _ a, and when the historical channel number 0x79646e61-mark _ B is detected to be included in the signature block, the application Market server replaces 0x79646e61-mark _ B with 0x79646e61-mark _ a.
Because the data volumes corresponding to different channel numbers are different, after the historical channel number is replaced by the target channel number, the data volume of the signature block also changes correspondingly, and the data volume change volume of the signature block is the data volume difference value between the historical channel number and the target channel number, namely the data volume difference value is the data volume of the target channel number-the data volume of the historical channel number. Wherein the data amount difference is greater than 0 when the data amount of the target channel number is greater than the data amount of the history channel number, the data amount difference is less than 0 when the data amount of the target channel number is less than the data amount of the history channel number, and the data amount difference is equal to 0 when the data amount of the target channel number is equal to the data amount of the history channel number.
For example, if the data size of the application market server obtained the historical channel number is 6 bytes and the data size of the target channel number is 7 bytes, the data size difference is 1 byte.
In step 408, the data amount difference is determined as the data change amount.
Further, the application market server determines the calculated data amount difference as the data variation of the signature block, and updates the offset field in the end-of-directory identification block through the following steps 409 and 410. It should be noted that, when the data amount difference is 0, the application market server completes the channel number addition and skips the following steps 409 to 412.
In step 409, the original offset value contained in the offset field of the ending id block of the directory is obtained.
Through the above steps 403 to 405 or 406 to 408, the application market server completes the addition or replacement of the channel number, and when the data amount of the signature block changes, the offset value of the directory block in the APK file will also change accordingly.
As shown in fig. 4B, before adding the channel number, the offset value of the directory block in the APK file is 120 bytes (the sum of the data amount of the data block and the signature block); after adding the channel number, the offset value of the directory block in the APK file is changed to 125 bytes.
In order to ensure that the offset field in the directory ending identification block can accurately position the location of the directory block in the APK file according to the offset field in the directory ending identification block when a subsequent user terminal analyzes the APK file, the application market server needs to further update the offset field of the directory ending identification block.
In a possible embodiment, since the front part of the directory block only changes the data amount of the signature block, that is, the amount of change of the directory block offset value is the amount of change of the data of the signature block, the app market server obtains the original offset value included in the offset field, and updates the original offset value of the offset field by determining the amount of change of the data in step 405 or 408.
For example, as shown in fig. 4B, the original offset value contained in the offset field of the block for obtaining the end of directory identifier by the application market server is 120 bytes.
Further, the application market server updates the offset field according to the obtained original offset value and the data variation of the signature block. And the offset value of the updated offset field is the original offset value + the data variation.
For example, as shown in fig. 4B, when the application market server obtains that the original offset value is 120 bytes and the data variance of the signature block is 5 bytes, the application market server updates the offset value of the offset field to 120+ 5-125 bytes.
In step 411, the data amount field of the signature block is updated according to the first original data amount and the data variation of the signature block.
In order to ensure the accuracy of the data volume field in the signature block after adding (or updating) the channel number, the app market server further needs to update the data volume field according to the first original data volume of the signature block and the data variation of the signature block.
In one possible implementation, the application market server adds the first original data size and the data change amount of the signature block, and updates the data size field of the signature block according to the addition result, that is, the data size corresponding to the updated data size field is the first original data size + the data change amount.
For example, as shown in fig. 4B, the application market server updates the data size field of the signature block to 25 bytes according to 20 bytes (first original data size) and 5 bytes (data change amount).
And step 412, adjusting the data volume of the APK file according to the second original data volume and the data variation of the APK file.
Similar to step 411, since the app market server only performs parsing on the APK file, but does not decompress it, the data size of the APK file is not automatically updated after adding the channel number to the APK file. In order to ensure the accuracy of the data amount of the APK file, in one possible embodiment, the app market server needs to add the second original data amount of the APK file and the data variation of the signature block, and adjust the data amount of the APK file according to the addition result, that is, the adjusted data amount of the APK file is the second original data amount + the data variation.
For example, as shown in fig. 4B, the application market server adjusts the data size of the APK file to 170 bytes according to 165 bytes (second original data size) and 5 bytes (data change amount).
In this embodiment, after the application market server adds the channel number to the APK file or updates the channel number in the APK file, the data volume field of the signature block and the data volume of the APK file are automatically updated, so as to ensure the accuracy of each data field in the APK file after the channel number is added (or updated), and avoid subsequent analysis abnormality caused by data field errors.
With the embodiments shown in fig. 3 and 4A described above, the application marketplace server completes the channel number adding (or updating) operation for the APK file. And when the user terminal downloads the APK file from the application market, checking and installing the APK file. The following describes a process of verifying an APK file (after adding a channel number in the above embodiment) by a user terminal according to an exemplary embodiment.
Referring to fig. 5A, a flowchart of an installation package verification method according to an embodiment of the present invention is shown, where the installation package verification method is used in the user terminal 230 shown in fig. 2 for example, and the method includes:
In one possible implementation, the application market server identifies the signature Block of the APK file according to a preset keyword, for example, "APK Sig Block 42".
The signature information and the verification information in the signature block are generated after an application developer signs the APK file by version v2, and the channel number in the signature block is added by the application market server.
In a possible implementation, the user terminal starts scanning from the end of the APK file, obtains the end-of-directory identification block, and obtains the offset field therefrom. The offset field indicates the location of the directory block in the APK file after adding the channel number.
For example, as shown in fig. 5B, the user terminal obtains the offset field of 125 bytes from the end-of-directory identification block of the APK file (after signature by v2 version and channel number addition).
And 503, restoring the directory ending identification block according to the offset value corresponding to the offset field and the data volume of the signature block, wherein the restored directory ending identification block is consistent with the directory ending identification block of the APK file before signature.
Since the offset field in the ending identification block of the directory in the APK file is changed when the APK file is signed by version v2 and added with the channel number (the offset value of the directory block is changed due to the addition of the signature block), before the APK file which is signed by version v2 and added with the channel number is verified, the mobile terminal first needs to restore the offset field of the ending identification block of the directory according to the current offset value of the offset field and the data size of the signature block, so as to detect whether the restored ending identification block of the directory is consistent with the ending identification block of the directory of the APK file before signing by version v 2.
In one possible embodiment, as shown in fig. 5C, this step includes the following steps.
After the signature and the channel number are added, only the offset field in the directory end identification block is changed, and the change of the offset field is related to the data volume of the newly added signature block in the APK file, so that when the directory end identification block is restored, only the offset field in the directory end identification block needs to be restored.
In a possible implementation, the user terminal subtracts the data amount of the signature block from the offset value in the offset field to obtain a restored offset field, which is the offset value indicating the directory block after the signature block is removed.
For example, as shown in fig. 5B, if the current offset value of the offset field in the directory end identifier block obtained by the user terminal is 125 bytes and the data size of the signature block is 25 bytes, the offset value of the restored offset field is calculated to be 125-25-100 bytes.
And after the offset field in the target ending identification area is restored, the user terminal generates a restored directory ending identification block by using the restored offset field.
In a possible implementation manner, the user terminal replaces the current offset field in the end-of-directory identification block with the restored offset field, so as to obtain the restored end-of-directory identification block.
For example, as shown in fig. 5B, only the offset field in the end-of-directory flag block is changed (125 bytes to 100 bytes) in the APK file before the restore compared to the APK file after the restore.
Further, after completing the recovery of the directory end identifier block, the user terminal further verifies the data block, the directory block, and the recovered directory end identifier block respectively by using the verification information in the signature block, and detects whether the contents of the data block, the directory block, and the recovered directory end identifier block are consistent with those before v2 version signature.
When the contents of the three are consistent with those before v2 version signature, the user terminal determines that the APK file is not illegally tampered, so that the APK file is further analyzed and installed; when the contents of the three are inconsistent with the contents before v2 signature, the user terminal determines that the APK file is illegally tampered, and stops analyzing and installing the APK file. The embodiment of the invention does not repeat the process of installing the APK file by the user terminal.
In a possible implementation manner, the verification information in the signature block includes a first information digest of a data block before v2 version signature, a second information digest of a directory block before v2 version signature, and a third information digest of a directory end identification block before v2 version signature, when it is detected whether the contents of the three are consistent with those before v2 version signature, the data block after v2 version signature is verified according to the first information digest, the directory block after v2 version signature is verified according to the second information digest, and the directory end identification block after recovery is verified according to the third information digest. Wherein, the first, second and third message digests are the MD5 value or SHA1 value of the corresponding block.
After the channel number is added to the APK file by the channel number adding method shown in fig. 3 or fig. 4A, the data block is completely the same as the data block of the APK file before v2 version signature, the directory block is completely the same as the directory block of the APK file before v2 version signature, and the restored directory end identifier block is completely the same as the directory end identifier block of the APK file before v2 version signature, so that the APK file can pass verification, thereby ensuring normal installation of the APK file.
The following are embodiments of the apparatus of the present invention, and for details not described in detail in the embodiments of the apparatus, reference may be made to the above-mentioned one-to-one corresponding method embodiments.
Referring to fig. 6, a block diagram of a channel number adding device according to an embodiment of the present invention is shown. The channel number adding device is implemented by hardware or a combination of hardware and software to become all or a part of the application market server 220 in fig. 2. This channel number adds device includes: a first parsing module 610, an adding module 620, a calculating module 630, and a first updating module 640.
A first parsing module 610, configured to implement the functions of step 301 or 401.
An adding module 620, configured to implement the function of step 302;
a calculating module 630, configured to implement the function of step 303;
a first updating module 640, configured to implement the functions of step 304.
Optionally, the apparatus includes:
a detection module, configured to implement the function of step 402;
the adding module 620 is further configured to implement the functions of the foregoing steps 403 or 406.
Optionally, the calculating module 630 includes: a first calculation unit or a second calculation unit;
a first computing unit, configured to implement the functions of steps 404 and 405 described above;
a second computing unit, configured to implement the functions of steps 407 and 408 described above.
Optionally, the channel number is represented by a data pair in a predetermined format, and the data pair in the predetermined format includes a preset identification field and a channel number value;
a detection module comprising:
the detection unit is used for detecting whether the signature block contains the preset identification field or not;
a first determining unit, configured to determine that the signature block does not include the historical channel number when the signature block does not include the preset identification field;
a second determining unit, configured to determine that the signature block includes the historical channel number when the signature block includes the preset identification field.
Optionally, the first updating module 640 includes: an acquisition unit and an update unit;
an obtaining unit, configured to implement the function in step 409;
and an updating unit, configured to implement the function of step 410.
Optionally, the apparatus further includes: a second update module and an adjustment module;
a second updating module, configured to implement the function in step 411;
and an adjusting module, configured to implement the function of step 412.
Referring to fig. 7, a block diagram of an installation package checking apparatus according to an embodiment of the present invention is shown. The installation package verification apparatus is implemented by hardware or a combination of hardware and software as all or a part of the user terminal 230 in fig. 2. This installation package verifying attachment includes: a second parsing module 710, an obtaining module 720, a restoring module 730, and a checking module 740.
A second parsing module 710, configured to implement the function of step 501;
an obtaining module 720, configured to implement the function of step 502 above;
a restoring module 730, configured to implement the function of step 503;
a checking module 740, configured to implement the function of step 504.
Optionally, the restoring module 730 includes: reduction unit and generation unit
A reduction unit, configured to implement the function of step 503A;
a generating unit, configured to implement the function of step 503B.
Referring to fig. 8, a block diagram of a server according to an embodiment of the present invention is shown. The server 800 is implemented as the application marketplace server 220 in fig. 2. Specifically, the method comprises the following steps:
the server 800 includes a Central Processing Unit (CPU)801, a system memory 804 including a Random Access Memory (RAM)802 and a Read Only Memory (ROM)803, and a system bus 805 connecting the system memory 804 and the central processing unit 801. The server 800 also includes a basic input/output system (I/O system) 806, which facilitates transfer of information between devices within the computer, and a mass storage device 807 for storing an operating system 813, application programs 814, and other program modules 815.
The basic input/output system 806 includes a display 808 for displaying information and an input device 809 such as a mouse, keyboard, etc. for user input of information. Wherein the display 808 and the input device 809 are connected to the central processing unit 801 through an input output controller 810 connected to the system bus 805. The basic input/output system 806 may also include an input/output controller 810 for receiving and processing input from a number of other devices, such as a keyboard, mouse, or electronic stylus. Similarly, input-output controller 810 also provides output to a display screen, a printer, or other type of output device.
The mass storage device 807 is connected to the central processing unit 801 through a mass storage controller (not shown) connected to the system bus 805. The mass storage device 807 and its associated computer-readable media provide non-volatile storage for the server 800. That is, the mass storage device 807 may include a computer-readable medium (not shown) such as a hard disk or CD-ROM drive.
Without loss of generality, the computer-readable media may comprise computer storage media and communication media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes RAM, ROM, EPROM, EEPROM, flash memory or other solid state memory technology, CD-ROM, DVD, or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices. Of course, those skilled in the art will appreciate that the computer storage media is not limited to the foregoing. The system memory 804 and mass storage 807 described above may be collectively referred to as memory.
The server 800 may also operate as a remote computer connected to a network via a network, such as the internet, in accordance with various embodiments of the invention. That is, the server 800 may be connected to the network 812 through the network interface unit 811 coupled to the system bus 805, or may be connected to other types of networks or remote computer systems (not shown) using the network interface unit 811.
The memory also includes one or more programs stored in the memory, the one or more programs including instructions for performing the channel number adding method provided by the embodiments of the present invention.
It will be understood by those skilled in the art that all or part of the steps in the channel number adding method of the above embodiments may be implemented by instructing the associated hardware by a program, which may be stored in a computer-readable storage medium, and the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
Referring to fig. 9, a schematic structural diagram of a terminal according to an embodiment of the present invention is shown. The terminal 900 is the user terminal 230 in fig. 2. Specifically, the method comprises the following steps:
terminal 900 can include RF (Radio Frequency) circuitry 910, memory 920 including one or more computer-readable storage media, input unit 930, display unit 940, sensor 950, audio circuitry 960, near field communication module 970, processor 980 including one or more processing cores, and power supply 990, among other components. Those skilled in the art will appreciate that the terminal structure shown in fig. 9 does not constitute a limitation of the terminal, and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components. Wherein:
the RF circuit 910 may be used for receiving and transmitting signals during a message transmission or call, and in particular, for receiving downlink information from a base station and then processing the received downlink information by the one or more processors 980; in addition, data relating to uplink is transmitted to the base station. In general, RF circuit 910 includes, but is not limited to, an antenna, at least one Amplifier, a tuner, one or more oscillators, a Subscriber Identity Module (SIM) card, a transceiver, a coupler, an LNA (Low Noise Amplifier), a duplexer, and the like. In addition, the RF circuit 910 may also communicate with networks and other devices via wireless communication. The wireless communication may use any communication standard or protocol, including but not limited to GSM (Global System for Mobile communications), GPRS (general packet Radio Service), CDMA (Code Division Multiple Access), WCDMA (Wideband Code Division Multiple Access), LTE (Long Term Evolution), e-mail, SMS (short messaging Service), etc.
The memory 920 may be used to store software programs and modules, and the processor 980 performs various functional applications and data processing by operating the software programs and modules stored in the memory 920. The memory 920 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the terminal 900, and the like. Further, the memory 920 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory 920 may also include a memory controller to provide the processor 980 and the input unit 930 with access to the memory 920.
The input unit 930 may be used to receive input numeric or character information and generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control. Specifically, the input unit 930 may include an image input device 931 and other input devices 932. The image input device 931 may be a camera or a photoelectric scanning device. The input unit 930 may include other input devices 932 in addition to the image input device 931. In particular, other input devices 932 may include, but are not limited to, one or more of a physical keyboard, function keys (e.g., volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like.
The display unit 940 may be used to display information input by or provided to the user and various graphical user interfaces of the terminal 600, which may be made up of graphics, text, icons, video, and any combination thereof. The Display unit 940 may include a Display panel 941, and optionally, the Display panel 941 may be configured in the form of an LCD (Liquid Crystal Display), an OLED (Organic Light-Emitting Diode), or the like.
The terminal 900 can also include at least one sensor 950, such as a light sensor, motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor that may adjust the brightness of the display panel 941 according to the brightness of ambient light, and a proximity sensor that may turn off the display panel 941 and/or a backlight when the terminal 900 is moved to the ear. As one of the motion sensors, the gravity acceleration sensor can detect the magnitude of acceleration in each direction (generally, three axes), can detect the magnitude and direction of gravity when the mobile phone is stationary, and can be used for applications of recognizing the posture of the mobile phone (such as horizontal and vertical screen switching, related games, magnetometer posture calibration), vibration recognition related functions (such as pedometer and tapping), and the like; as for other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured in the terminal 900, detailed descriptions thereof are omitted.
The terminal 900 establishes a near field communication connection with an external device through the near field communication module 970 and performs data interaction through the near field communication connection. In this embodiment, the near field communication module 970 specifically includes a bluetooth module and/or a WiFi module.
The processor 980 is a control center of the terminal 900, connects various parts of the entire mobile phone using various interfaces and lines, and performs various functions of the terminal 900 and processes data by operating or executing software programs and/or modules stored in the memory 920 and calling data stored in the memory 920, thereby integrally monitoring the mobile phone. Optionally, processor 980 may include one or more processing cores; preferably, the processor 980 may integrate an application processor, which primarily handles operating systems, user interfaces, applications, etc., and a modem processor, which primarily handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 980.
The terminal 900 also includes a power supply 990 (e.g., a battery) for supplying power to the various components, which may be logically connected to the processor 980 via a power management system, for managing charging, discharging, and power consumption via the power management system. Power supply 990 may also include any component of one or more dc or ac power sources, recharging systems, power failure detection circuits, power converters or inverters, power status indicators, and the like.
Although not shown, the terminal 900 may further include a bluetooth module or the like, which is not described in detail herein.
In this embodiment, the terminal 900 further includes a memory and one or more programs, where the one or more programs are stored in the memory and configured to be executed by one or more processors to implement the installation package checking method.
It will be understood by those skilled in the art that all or part of the steps in the installation package checking method of the above embodiments may be implemented by a program to instruct associated hardware, where the program may be stored in a computer-readable storage medium, where the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (18)
1. A channel number adding method, characterized in that the method comprises:
analyzing an Android Package (APK) file to obtain a signature block of the APK file, wherein the signature block comprises signature information and verification information;
adding a target channel number to the signature block, wherein the target channel number corresponds to an application publisher which publishes the APK file;
calculating the data variation of the signature block before and after the target channel number is added;
updating an offset field contained in the APK file according to the data variation, wherein the offset field is located in a directory ending identification block, the directory ending identification block is used for indicating the position of the directory block in the APK file through the offset field, and the directory block is used for indicating the position of each file data in the data block.
2. The method of claim 1, wherein prior to adding a target channel number to the signature block, further comprising:
detecting whether the signature block contains a historical channel number;
when the historical channel number is not included in the signature block, performing the step of adding a target channel number to the signature block;
and when the signature block comprises the historical channel number, deleting the historical channel number, and executing the step of adding the target channel number to the signature block.
3. The method of claim 2, wherein the calculating the amount of data change of the signature block before and after adding the target channel number comprises:
when the historical channel number is not contained in the signature block, calculating the data volume of the target channel number; determining the data amount of the target channel number as the data variation amount;
or the like, or, alternatively,
when the signature block comprises the historical channel number, calculating a data volume difference value between the historical channel number and the target channel number; determining the data amount difference as the data change amount,
wherein the data volume difference is the data volume of the target channel number-the data volume of the historical channel number.
4. The method of claim 2 or 3, wherein the channel number is represented by a data pair of a predetermined format, the data pair of the predetermined format comprising a preset identification field and a channel number value;
the detecting whether the signature block includes a historical channel number includes:
detecting whether the signature block contains the preset identification field;
if the signature block does not contain the preset identification field, determining that the signature block does not contain the historical channel number;
and if the signature block comprises the preset identification field, determining that the signature block comprises the historical channel number.
5. The method according to any one of claims 1 to 3, wherein the updating the offset field included in the APK file according to the data change amount comprises:
acquiring an original offset value contained in the offset field;
and updating the offset field according to the original offset value and the data variation.
6. The method as claimed in any one of claims 1 to 3, wherein after calculating the data variation of the signature block before and after adding the target channel number, the method further comprises:
updating a data volume field of the signature block according to the first original data volume and the data variation of the signature block;
and adjusting the data volume of the APK file according to the second original data volume of the APK file and the data variation.
7. An installation package checking method, characterized in that the method comprises:
analyzing an Android Package (APK) file to obtain a signature block of the APK file, wherein the signature block comprises signature information, verification information and a channel number;
obtaining an offset field contained in the APK file, wherein the offset field is located in a directory ending identification block, the directory ending identification block is used for indicating the position of a directory block in the APK file through the offset field, and the directory block is used for indicating the position of each file data in a data block;
restoring the directory ending identification block according to the offset value corresponding to the offset field and the data volume of the signature block, wherein the restored directory ending identification block is consistent with the directory ending identification block of the APK file before signature;
and verifying the data block, the directory block and the restored directory ending identification block according to the verification information.
8. The method according to claim 7, wherein the restoring the end-of-directory identification block according to the offset value corresponding to the offset field and the data size of the signature block comprises:
subtracting the data volume by using the offset value to obtain the restored offset field;
and generating the restored directory ending identification block according to the restored offset field.
9. The method according to claim 7 or 8, wherein the verification information comprises a first message digest of the data block before signature, a second message digest of the directory block before signature, and a third message digest of the directory end identification block before signature;
the verifying the data block, the directory block and the restored directory end identifier block according to the verification information includes:
verifying the signed data block according to the first information abstract;
verifying the signed directory block according to the second information abstract;
and checking the restored directory ending identification block according to the third information abstract.
10. A channel number adding device, characterized in that the device comprises:
the android installation package APK file analysis module is used for analyzing an APK file of an android installation package to obtain a signature block of the APK file, wherein the signature block comprises signature information and verification information;
the adding module is used for adding a target channel number to the signature block, and the target channel number corresponds to an application issuing party issuing the APK file;
the calculation module is used for calculating the data variation of the signature block before and after the target channel number is added;
the first updating module is configured to update an offset field included in the APK file according to the data variation, where the offset field is located in an end-of-directory flag block, the end-of-directory flag block is configured to indicate, through the offset field, a location of a directory block in the APK file, and the directory block is configured to indicate a location of each file data in a data block.
11. The apparatus of claim 10, further comprising:
the detection module is used for detecting whether the signature block contains a historical channel number or not;
the adding module is used for adding the target channel number to the signature block when the historical channel number is not contained in the signature block;
the adding module is further configured to delete the history channel number and add the target channel number to the signature block when the signature block includes the history channel number.
12. The apparatus of claim 11, wherein the computing module comprises:
a first calculation unit configured to calculate a data amount of the target channel number when the historical channel number is not included in the signature block; determining the data amount of the target channel number as the data variation amount;
or the like, or, alternatively,
a second calculation unit, configured to calculate a data amount difference between the history channel number and the target channel number when the signature block includes the history channel number; determining the data amount difference as the data change amount,
wherein the data volume difference is the data volume of the target channel number-the data volume of the historical channel number.
13. The apparatus according to claim 11 or 12, wherein the channel number is represented by a data pair of a predetermined format, the data pair of the predetermined format comprising a preset identification field and a channel number value;
the detection module comprises:
the detection unit is used for detecting whether the signature block contains the preset identification field or not;
a first determining unit, configured to determine that the signature block does not include the historical channel number when the signature block does not include the preset identification field;
a second determining unit, configured to determine that the signature block includes the historical channel number when the signature block includes the preset identification field.
14. The apparatus according to any one of claims 10 to 12, wherein the first updating module comprises:
an obtaining unit, configured to obtain an original offset value included in the offset field;
and the updating unit is used for updating the offset field according to the original offset value and the data variation.
15. The apparatus of any one of claims 10 to 12, further comprising:
the second updating module is used for updating the data volume field of the signature block according to the first original data volume and the data variation of the signature block;
and the adjusting module is used for adjusting the data volume of the APK file according to the second original data volume of the APK file and the data variable quantity.
16. An installation package verification apparatus, the apparatus comprising:
the second analysis module is used for analyzing the APK file of the android installation package to obtain a signature block of the APK file, wherein the signature block comprises signature information, verification information and a channel number;
an obtaining module, configured to obtain an offset field included in the APK file, where the offset field is located in a directory end identifier block, the directory end identifier block is configured to indicate, through the offset field, a location of the directory block in the APK file, and the directory block is configured to indicate a location of each file data in the data block;
the restoration module is used for restoring the directory ending identification block according to the offset value corresponding to the offset field and the data volume of the signature block, wherein the restored directory ending identification block is consistent with the directory ending identification block of the APK file before signature;
and the checking module is used for checking the data block, the directory block and the restored directory ending identification block according to the checking information.
17. The apparatus of claim 16, wherein the reduction module comprises:
the restoring unit is used for subtracting the data volume by using the offset value to obtain the restored offset field;
and the generating unit is used for generating the restored directory ending identification block according to the restored offset field.
18. The apparatus according to claim 16 or 17, wherein the verification information comprises a first message digest of the pre-signature data block, a second message digest of the pre-signature directory block, and a third message digest of the pre-signature directory end identifier block;
the verification module comprises:
the first verification unit is used for verifying the signed data block according to the first information abstract;
the second verification unit is used for verifying the signed directory block according to the second information abstract;
and the third checking unit is used for checking the restored directory ending identification block according to the third information abstract.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611260395.4A CN108280341B (en) | 2016-12-30 | 2016-12-30 | Channel number adding and installation package checking method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611260395.4A CN108280341B (en) | 2016-12-30 | 2016-12-30 | Channel number adding and installation package checking method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108280341A CN108280341A (en) | 2018-07-13 |
| CN108280341B true CN108280341B (en) | 2020-06-30 |
Family
ID=62800318
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611260395.4A Active CN108280341B (en) | 2016-12-30 | 2016-12-30 | Channel number adding and installation package checking method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108280341B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110401717A (en) * | 2019-07-26 | 2019-11-01 | 上海优扬新媒信息技术有限公司 | A kind of application program installation kit generation method and device |
| CN112306553A (en) * | 2019-07-29 | 2021-02-02 | 腾讯科技(深圳)有限公司 | Processing method and device for extended information in installation package file and electronic equipment |
| CN112698842A (en) * | 2019-10-22 | 2021-04-23 | 北京国双科技有限公司 | Method and device for acquiring additional information of application program |
| CN111240735B (en) * | 2020-01-17 | 2023-11-28 | 北京小米移动软件有限公司 | Application packaging method, application packaging device and storage medium |
| CN112699394B (en) * | 2021-01-13 | 2022-11-25 | 北卡科技有限公司 | SM9 algorithm-based key application method |
| CN115543409A (en) * | 2022-11-07 | 2022-12-30 | 北京有竹居网络技术有限公司 | Application installation source determining method and device, readable medium and electronic equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103036678A (en) * | 2011-09-29 | 2013-04-10 | 北京新媒传信科技有限公司 | Symbian signature application authentication method and system |
| CN103064666A (en) * | 2012-11-30 | 2013-04-24 | 北京奇虎科技有限公司 | Multi-channel method and system for issuing software |
| CN104346167A (en) * | 2014-08-25 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Method and device for generating application channel package |
| CN104899025A (en) * | 2015-05-18 | 2015-09-09 | 北京奇虎科技有限公司 | Method and device for generating channel package |
| CN105631361A (en) * | 2014-10-28 | 2016-06-01 | 中国移动通信集团终端有限公司 | Application program channel source identification method and device |
| CN106126205A (en) * | 2016-06-14 | 2016-11-16 | 武汉斗鱼网络科技有限公司 | The rapid batch of a kind of Android program installation kit generates method and system |
-
2016
- 2016-12-30 CN CN201611260395.4A patent/CN108280341B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103036678A (en) * | 2011-09-29 | 2013-04-10 | 北京新媒传信科技有限公司 | Symbian signature application authentication method and system |
| CN103064666A (en) * | 2012-11-30 | 2013-04-24 | 北京奇虎科技有限公司 | Multi-channel method and system for issuing software |
| CN104346167A (en) * | 2014-08-25 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Method and device for generating application channel package |
| CN105631361A (en) * | 2014-10-28 | 2016-06-01 | 中国移动通信集团终端有限公司 | Application program channel source identification method and device |
| CN104899025A (en) * | 2015-05-18 | 2015-09-09 | 北京奇虎科技有限公司 | Method and device for generating channel package |
| CN106126205A (en) * | 2016-06-14 | 2016-11-16 | 武汉斗鱼网络科技有限公司 | The rapid batch of a kind of Android program installation kit generates method and system |
Non-Patent Citations (1)
| Title |
|---|
| Android的APK Signature Scheme v2签名及一款基于;子勰的博客;《https://blog.bihe0832.com/android-v2-signature.html》;20161227;1-13页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108280341A (en) | 2018-07-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108280341B (en) | Channel number adding and installation package checking method and device | |
| CN107786504B (en) | ELF file release method, ELF file verification method, server and terminal | |
| CN112865956B (en) | Certificate updating method and device, terminal equipment and server | |
| CN108241500B (en) | Method, device and system for repairing hardware component and storage medium | |
| WO2021114918A1 (en) | Integrity checking method and apparatus, terminal device and verification server | |
| CN108804130B (en) | Program installation package generation method and device | |
| CN107273160A (en) | A kind of method and device of edition upgrading | |
| CN110058850B (en) | Application development method and device and storage medium | |
| CN109726067B (en) | Process monitoring method and client device | |
| WO2019076293A1 (en) | Differential upgrading method, device and system | |
| CN110196795B (en) | Method and related device for detecting running state of mobile terminal application | |
| CN104252364A (en) | Increment updating method, equipment and system | |
| CN110865837B (en) | Method and terminal for system upgrade | |
| CN112262556B (en) | Model file management method and terminal equipment | |
| EP2869604A1 (en) | Method, apparatus and device for processing a mobile terminal resource | |
| CN109144596B (en) | Quick starting method, device, terminal, server and system | |
| CN106708555B (en) | A kind of method and apparatus loading plug-in unit | |
| CN104536782A (en) | Guide content display method, and file generation method and device | |
| CN107844318B (en) | Upgrading method of operating system, mobile terminal and server | |
| CN113034189A (en) | Attribution method, attribution device, computer equipment and storage medium | |
| CN109885317B (en) | Information processing method, server and terminal | |
| CN106445594B (en) | System application installation method and device and terminal equipment | |
| CN110362330B (en) | Application program updating method, device, terminal and storage medium | |
| CN114386066A (en) | Application reinforcement method and device | |
| KR102170520B1 (en) | Apparatas and method for improving a loading time in an electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |