CN110119600A - Program reinforcement means and device based on application program installation kit - Google Patents
Program reinforcement means and device based on application program installation kit Download PDFInfo
- Publication number
- CN110119600A CN110119600A CN201910245557.4A CN201910245557A CN110119600A CN 110119600 A CN110119600 A CN 110119600A CN 201910245557 A CN201910245557 A CN 201910245557A CN 110119600 A CN110119600 A CN 110119600A
- Authority
- CN
- China
- Prior art keywords
- symbol data
- application program
- address information
- binary file
- installation kit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000002787 reinforcement Effects 0.000 title claims abstract description 22
- 238000000034 method Methods 0.000 claims abstract description 65
- 238000012545 processing Methods 0.000 claims description 24
- 238000004891 communication Methods 0.000 claims description 22
- 238000013508 migration Methods 0.000 claims description 14
- 230000005012 migration Effects 0.000 claims description 14
- 230000003014 reinforcing effect Effects 0.000 abstract description 18
- 230000008569 process Effects 0.000 abstract description 14
- 238000012423 maintenance Methods 0.000 abstract description 11
- 230000000694 effects Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 229910002056 binary alloy Inorganic materials 0.000 description 5
- 238000007596 consolidation process Methods 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 239000000284 extract Substances 0.000 description 4
- 238000009434 installation Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000004590 computer program Methods 0.000 description 2
- 230000006837 decompression Effects 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000010009 beating Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of program reinforcement means and device based on application program installation kit.Wherein, method includes: binary file to be extracted from application program installation kit, and determine the symbol data in binary file data section;Obtain symbol data address information corresponding with symbol data;Using predetermined encryption algorithm, symbol data address information is encrypted.This programme realizes the reinforcing to application program by the encryption to symbol data in binary file data section, so that the reverse difficulty of application program be substantially improved, and is not easy to cause the code expansion of application program;Moreover, this programme implementation process simple and flexible, is easy to batch and safeguards that maintenance cost is low.
Description
Technical field
The present invention relates to data encryption technology fields, and in particular to a kind of program reinforcing side based on application program installation kit
Method and device.
Background technique
With the continuous development of science technology and society, the quantity of various application programs is also skyrocketed through.However, program is inverse
To developer or program reverse product often through the decompiling to application program, can realize easily to application program
It cracks, so that emerging one after another for application program piracy and phenomena such as beating again packet.
Currently, existing in the prior art and many being reinforced to application program to prevent inversely cracking to application program
Product and method.However, inventor has found in the implementation of the present invention, aforesaid way in the prior art at least exists
Following defects: usually the Code obfuscations methods such as instruction are spent in addition to the program reinforcement means provided in the prior art in a program,
However, this kind of reinforcement means can usually cause program to expand, system resource is wasted;Also, existing program reinforcement means be
It in compilation process, is completed by the compiler being set in developer's terminal, to cannot achieve the batch of program reinforcement means
Maintenance, maintenance cost are high.
Summary of the invention
In view of the above problems, it proposes on the present invention overcomes the above problem or at least be partially solved in order to provide one kind
State the program reinforcement means and device based on application program installation kit of problem.
According to an aspect of the invention, there is provided a kind of program reinforcement means based on application program installation kit, comprising:
Binary file is extracted from the application program installation kit, and determines the symbol in the binary file data section
Number;
Obtain symbol data address information corresponding with the symbol data;
Using predetermined encryption algorithm, the symbol data address information is encrypted.
According to another aspect of the present invention, a kind of program bracing means based on application program installation kit is provided, comprising:
Determining module suitable for extracting binary file from the application program installation kit, and determines the binary system text
Symbol data in part data segment;
Module is obtained, is suitable for obtaining symbol data address information corresponding with the symbol data;
Encrypting module is suitable for using predetermined encryption algorithm, the symbol data address information is encrypted.
According to another aspect of the invention, provide a kind of calculating equipment, comprising: processor, memory, communication interface and
Communication bus, the processor, the memory and the communication interface complete mutual communication by the communication bus;
For the memory for storing an at least executable instruction, it is above-mentioned that the executable instruction executes the processor
The corresponding operation of program reinforcement means based on application program installation kit.
In accordance with a further aspect of the present invention, provide a kind of computer storage medium, be stored in the storage medium to
A few executable instruction, the executable instruction make processor execute such as the above-mentioned program reinforcing side based on application program installation kit
The corresponding operation of method.
The program reinforcement means and device based on application program installation kit provided according to the present invention is installed from application program
Binary file is extracted in packet, and determines the symbol data in binary file data section;Obtain symbol corresponding with symbol data
Number address information;Using predetermined encryption algorithm, symbol data address information is encrypted.This programme passes through to two
The encryption of symbol data in binary file data section realizes the reinforcing to application program, so that application program be substantially improved
Reverse difficulty, and be not easy to cause application program code expansion;Moreover, this programme implementation process simple and flexible, is easy to criticize
Amount maintenance, maintenance cost are low.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field
Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the present invention
Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows a kind of program reinforcing side based on application program installation kit provided according to an embodiment of the present invention
The flow diagram of method;
Fig. 2 shows a kind of program reinforcings based on application program installation kit provided according to a further embodiment of the invention
The flow diagram of method;
Fig. 3 shows a kind of program based on application program installation kit provided according to an embodiment of the present invention and reinforces dress
The illustrative view of functional configuration set;
Fig. 4 shows a kind of structural schematic diagram of the calculating equipment provided according to an embodiment of the present invention.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
It is fully disclosed to those skilled in the art.
Fig. 1 shows a kind of program reinforcing side based on application program installation kit provided according to an embodiment of the present invention
The flow diagram of method.Wherein, the program reinforcement means based on application program installation kit provided by the present embodiment can be applied
In IOS and/or MachOS system.As shown in Figure 1, this method comprises:
Step S110 extracts binary file from application program installation kit, and determines in binary file data section
Symbol data.
Program reinforcement means provided by this implementation is different from (not formed executable in the compiler stage in the prior art
File) program is reinforced.The application can carry out adding for application program based on the application program installation kit generated
Gu so that the application can be to avoid in the prior art because carrying out program reinforcing bring by the compiler in developer's terminal
It can not safeguard in batches and drawback that maintenance cost is high.
In actual implementation process, the application program installation kit in IOS system is usually IPA
(iPhoneApplication) installation kit needs to carry out IPA installation kit first to extract binary file from IPA installation kit
It decompresses (such as being decompressed by unzip order), and then screening identification is carried out to the file after decompression, to obtain binary system
File.For example, binary file is usually Mach-O format in IOS system, so as to carried out by format information two into
The extraction of file processed.
Further, after extracting binary file in application program installation kit, the application is not to using journey
Code in sequence code segment carries out Code obfuscation processing, but the symbol data being directed in application data section is encrypted
Processing.In actual application program operational process, the attack for symbol data can also threaten entire application program, from
And the application can largely ensure the safety of application program by the encipherment protection to symbol data, be promoted to application
The reverse difficulty of program.
Wherein, the symbol data in the present embodiment is specifically as follows the related symbol information that developer defines, such as developer
Method name, attribute-name, variable name or selector of definition etc..
Step S120 obtains symbol data address information corresponding with symbol data.
Further, be the efficiency of the practice for the consolidation effect and reinforcing for promoting application program, in the application primarily directed to
It encrypts in the symbol data address information of symbol data, rather than modifies to symbol data itself, thus into one
Step simplifies strengthening flow process, ensures the consolidation effect of application program.
Step S130 is encrypted symbol data address information using predetermined encryption algorithm.
After determining the corresponding symbol data address information of symbol data, corresponding encryption method can be used, to symbol
The corresponding symbol data address information of data is encrypted.For example, symmetric encipherment algorithm or positional shift algorithm can be passed through
Etc. being encrypted, the present embodiment to specific Encryption Algorithm without limitation.
Optionally, the present embodiment can to the corresponding symbol data of all symbol datas in binary file data section
Location information is encrypted, to promote the reverse difficulty of application program;Alternatively, for the part in binary file data section
The corresponding symbol data address information of symbol data is encrypted, thus while guaranteeing application program consolidation effect,
It is promoted and reinforces efficiency.
It can be seen that the present embodiment extracts binary file from application program installation kit, and determine binary file number
According to the symbol data in section;Obtain symbol data address information corresponding with symbol data;Using predetermined encryption algorithm, to symbol
Data address information is encrypted.This programme is real by the encryption to symbol data in binary file data section
Now to the reinforcing of application program, so that the reverse difficulty of application program be substantially improved, and it is not easy to cause the code of application program
Expansion;Moreover, this programme implementation process simple and flexible, is easy to batch and safeguards that maintenance cost is low.
Fig. 2 shows a kind of program reinforcings based on application program installation kit provided according to a further embodiment of the invention
The flow diagram of method.As shown in Fig. 2, this method comprises:
Step S210 extracts binary file from application program installation kit, and determines in binary file data section
Symbol data.
Program reinforcement means provided by the present embodiment can be answered based on the application program installation kit generated
With the reinforcing of program, so as to avoid in the prior art because carrying out program reinforcing band by the compiler in developer's terminal
The drawback that can not be safeguarded in batches and maintenance cost is high come.
In the specific implementation process, binary file can be extracted after to application program installation kit decompression.Go forward side by side one
Step ground is by data segment identification (such as " _ _ DATA ") come the position of data segment in Lai Dingwei binary file.In IOS system
In, binary file has generally comprised, file Head Section, loading command area and segment data region.And segment data region can wrap
Contain data segment, code segment and/or chained segment etc..The present embodiment not carries out code in code segment to obscure processing, but
It is encrypted for the symbol data in data segment, so as to reduce code swell increment.
There are many symbol data that the present embodiment is determined from binary file data section includes, so as to from multiple
Dimension in all directions protects symbol data, and then promotes reverse difficulty, improves the consolidation effect of application program.Specifically
Ground, symbol data described in this step mainly includes: symbol data relevant to class, and/or symbol relevant to selector
Number.Here, it will be apparent to a skilled person that symbol data relevant to class described herein not only includes
Symbol data corresponding with class also includes the corresponding symbol data of classification.Optionally, symbol data relevant to class can be
The method name in class, attribute-name, and/or variable name that developer defines etc..
Step S220 obtains index position pointer corresponding with symbol data.
After determining the symbol data in binary file data section, the corresponding symbol data of symbol data can be obtained
Location information, wherein the symbol data address information is specially the index position pointer of symbol data, which is used for
It is directed toward the storage location of symbol data.To which, the application the processing such as does not modify to symbol data itself, but to symbol
The address information of data encrypts, to advantageously reduce code expansion, and is conducive to reinforce the promotion of efficiency.
Index position pointer corresponding with symbol data is adequately obtained, the present embodiment is directed to different types of symbol
Data use corresponding index position pointer acquisition methods:
It is directed to symbol data relevant to class, the class that can obtain at least one class for including in binary file is believed in detail
Cease segment table;The corresponding index position pointer of class symbol is obtained from class details segment table.Specifically, first from binary file
Middle acquisition class and tabulation specifically can obtain class and tabulation, such as root by segment identification relevant to class and classification
Class and classification are obtained according to " _ _ objc_classname ", " _ _ objc_classlist ", " _ _ objc_nlclslist " mark
List;After class to be obtained and tabulation, the general view data of class and classification storage in general view segment table are obtained according to the list;
And according further to the general view data, acquisition stores the detailed data into class details segment table;Finally from the detailed number
According to the corresponding index position pointer of middle acquisition symbol data.
It is directed to symbol data relevant to selector, program can be obtained from the selector segment table in binary file
Index position pointer corresponding to selector when operation, and using the index position pointer as the corresponding index position of symbol data
Pointer.
Index position pointer corresponding with symbol data is encrypted in step S230.
After obtaining index position pointer corresponding with symbol data, corresponding encryption method pair and symbolic number can be used
It is encrypted according to corresponding index position pointer, one of following two encryption method or a variety of specifically can be used
Combination:
In one embodiment, migration processing is carried out to the index position pointer of symbol data.Wherein, the present embodiment pair
Index position pointer carries out the concrete mode of migration processing without limitation, for example, can randomly select pointed by index position pointer
Address in certain one or more carry out corresponding operations etc..Such as, address pointed by former pointer is 0x1000, is carried out inclined
Moving address pointed by processing backpointer is 0x1100.It further, is the normal operation of guarantee procedure, to symbol data
After index position pointer carries out migration processing, storage location pointed by the index position pointer after offset should be readable category
Property;Alternatively, offset after index position pointer pointed by storage location can be revised as attribute-readable, run with guarantee procedure
When can normally initialize, to avoid reinforcing the influence to program operation.
In another embodiment, symmetric encipherment algorithm can be used, the index position pointer of symbol data is added
Close processing.Wherein, the present embodiment to specific symmetric encipherment algorithm without limitation.
Optionally, the present embodiment can in binary file data section it is all with meeting the corresponding symbol data of data
Location information is encrypted, to promote the reverse difficulty of application program;Alternatively, for the part in binary file data section
Symbol data address information is encrypted, to be promoted while guaranteeing application program consolidation effect and reinforce efficiency.
Step S240 is obtained and is stored decryption code key.
Specifically, predetermined encryption algorithm is being used, the corresponding symbol data address information of symbol data is being carried out at encryption
After reason, obtains and store decryption code key corresponding with predetermined encryption algorithm.
When predetermined encryption algorithm is to carry out migration processing to the index position pointer of symbol data, decryption code key is specially
Carry out the offset during migration processing;When using symmetric encipherment algorithm, the index position pointer of symbol data is added
When close processing, decryption code key is specially the decryption code key to match with the symmetric encipherment algorithm.
Wherein, during code key is decrypted in storage, one of following storage mode or a variety of combinations can be used:
In one embodiment, decryption code key can be stored in the meaningless field in binary file, and guarantee to deposit
It is attribute-readable that storage space, which is set in program operation, or can be revised as attribute-readable.Wherein, which can be two
The white space between certain blank or hashed field, such as file header end and code segment starting position in binary file.
To promote the crypticity of decryption code key, and avoid occupying extra stored memory.
In another embodiment, preset decryption code key storage segment table can be created, decryption code key is stored in decryption
Code key stores in segment table.For example, entitled " _ _ DATA, the segment table of _ _ keysymbols " " can be created, and decryption code key is stored in
In the newly-built segment table, consequently facilitating the centralized management of decryption code key.
In yet another embodiment, decryption code key can be stored in application program installation kit in the form of default file.
For example, can be stored in the form of text, picture etc. in IPA installation kit, so that decryption code key is separated with binary file,
Further promote the reverse difficulty of application program.
In another embodiment, the type, occupied of code key can be such as decrypted according to the relevant information of decryption code key
Space size etc. dynamically determines the storage mode of decryption code key.
It is the normal operation of guarantee procedure after the reinforcing for completing application program, decryption journey can be executed when program is run
Sequence, to obtain decryption code key, using decryption secret key pair encryption after the corresponding symbol data address information of symbol data into
Row decryption processing.
Optionally, further to promote consolidation effect, decryption program can be compiled as to dynamic link library, and in binary system text
The loading command of dynamic link library is added in part, and the loading command of dynamic link library is made to be located at the first place of chained command, with guarantor
Demonstrate,proving the order can execute at first.
Optionally, the code segment in binary file can also be modified, to be inserted into decryption program, and is made in binary file
The variation of other segment tables caused by pre-set programs entrance is directed toward decryption program, and adaptation changes because of code segment.
It can be seen that program reinforcement means provided by the present embodiment, it can be based on the application program installation generated
Packet, carries out the reinforcing of application program, so as to avoid in the prior art because carrying out journey by the compiler in developer's terminal
Sequence is reinforced and bring can not be safeguarded in batches and maintenance cost is high drawback;It is corresponding to symbol data also, in reinforcing process
Index position pointer be encrypted, to advantageously reduce code expansion, and be conducive to reinforce the promotion of efficiency, and have
Preferably consolidation effect;In addition, this programme implementation process simple and flexible, is easy to batch and safeguards that maintenance cost is low, is easy to extensive
Applicating adn implementing.
Fig. 3 shows a kind of program based on application program installation kit provided according to an embodiment of the present invention and reinforces dress
The illustrative view of functional configuration set.As shown in figure 3, the device comprises determining that module 31, obtains module 32 and encrypting module 33.
Determining module 31 suitable for extracting binary file from the application program installation kit, and determines the binary system
Symbol data in file data section;
Module 32 is obtained, is suitable for obtaining symbol data address information corresponding with the symbol data;
Encrypting module 33 is suitable for using predetermined encryption algorithm, the symbol data address information is encrypted.
Optionally, the symbol data includes: symbol data relevant to class, and/or symbolic number relevant to selector
According to;
The symbol data address information is the index position pointer of symbol data.
Optionally, it obtains module 32 to be further adapted for: obtaining the class at least one class for including in the binary file
Details segment table;
The corresponding index position pointer of class symbol is obtained from the class details segment table.
Optionally, it obtains module 32 to be further adapted for: from the selector segment table in the binary file, obtaining program
Index position pointer corresponding to selector when operation.
Optionally, encrypting module 33 is further adapted for: carrying out migration processing to the index position pointer of the symbol data.
Optionally, encrypting module 33 is further adapted for: symmetric encipherment algorithm is used, to the index position of the symbol data
Pointer is encrypted.
Optionally, the index position pointer after carrying out migration processing to the index position pointer of symbol data, after offset
Pointed storage location is attribute-readable;
Alternatively, offset after index position pointer pointed by storage location can be revised as attribute-readable.
Optionally, device further include: cipher key storage block (not shown) is suitable for calculating described using predetermined encryption
Method after the symbol data address information is encrypted, is obtained and is stored corresponding with the predetermined encryption algorithm
Decrypt code key.
Optionally, cipher key storage block is further adapted for: the decryption code key is stored in the binary file
Meaningless field;
And/or the preset decryption code key of creation stores segment table, and the decryption code key is stored in the decryption code key and is stored
In segment table;
And/or the decryption code key is stored in the application program installation kit in the form of default file.
Optionally, device further include: deciphering module (not shown) is suitable for executing decryption journey in program operation
Sequence is carried out with obtaining the decryption code key using the symbol data address information after the decryption secret key pair encryption
Decryption processing.
Optionally, the device further include: order adding module (not shown), suitable for the decryption program is compiled as
Dynamic link library, and the loading command of the dynamic link library is added in the binary file, and make the dynamic link
The loading command in library is located at the first place of all-links order.
Optionally, device further include: program is inserted into module (not shown), is suitably modified in the binary file
Code segment, to be inserted into the decryption program, and pre-set programs entrance is made in the binary file to be directed toward the decryption program.
Wherein, the specific implementation process of each module can refer to shown in Fig. 1 and/or Fig. 2 in device provided by the present embodiment
The description of corresponding portion in embodiment of the method, this will not be repeated here for the present embodiment.
It can be seen that the present embodiment extracts binary file from application program installation kit, and determine binary file number
According to the symbol data in section;Obtain symbol data address information corresponding with symbol data;Using predetermined encryption algorithm, to symbol
Data address information is encrypted.This programme is real by the encryption to symbol data in binary file data section
Now to the reinforcing of application program, so that the reverse difficulty of application program be substantially improved, and it is not easy to cause the code of application program
Expansion;Moreover, this programme implementation process simple and flexible, is easy to batch and safeguards that maintenance cost is low.
A kind of nonvolatile computer storage media is provided according to an embodiment of the present invention, and the computer storage is situated between
Matter is stored with an at least executable instruction, the computer executable instructions can be performed in above-mentioned any means embodiment based on answering
With the program reinforcement means of program installation kit.
Fig. 4 shows a kind of structural schematic diagram of the calculating equipment provided according to an embodiment of the present invention, present invention tool
Body embodiment does not limit the specific implementation for calculating equipment.
As shown in figure 4, the calculating equipment may include: processor (processor) 402, communication interface
(Communications Interface) 404, memory (memory) 406 and communication bus 408.
Wherein:
Processor 402, communication interface 404 and memory 406 complete mutual communication by communication bus 408.
Communication interface 404, for being communicated with the network element of other equipment such as client or other servers etc..
Processor 402 can specifically execute the above-mentioned program based on application program installation kit and add for executing program 410
Correlation step in solid method embodiment.
Specifically, program 410 may include program code, which includes computer operation instruction.
Processor 402 may be central processor CPU or specific integrated circuit ASIC (Application
Specific Integrated Circuit), or be arranged to implement the integrated electricity of one or more of the embodiment of the present invention
Road.The one or more processors that equipment includes are calculated, can be same type of processor, such as one or more CPU;It can also
To be different types of processor, such as one or more CPU and one or more ASIC.
Memory 406, for storing program 410.Memory 406 may include high speed RAM memory, it is also possible to further include
Nonvolatile memory (non-volatile memory), for example, at least a magnetic disk storage.
Program 410 specifically can be used for so that processor 402 executes following operation:
Binary file is extracted from the application program installation kit, and determines the symbol in the binary file data section
Number;
Obtain symbol data address information corresponding with the symbol data;
Using predetermined encryption algorithm, the symbol data address information is encrypted.
In a kind of optional embodiment, the symbol data includes: symbol data relevant to class, and/or with choosing
Select the relevant symbol data of device;
The symbol data address information is the index position pointer of symbol data.
In a kind of optional embodiment, program 410 specifically can be used for so that processor 402 executes following operation:
Obtain the class details segment table at least one class for including in the binary file;
The corresponding index position pointer of class symbol is obtained from the class details segment table.
In a kind of optional embodiment, program 410 specifically can be used for so that processor 402 executes following operation:
From the selector segment table in the binary file, index position corresponding to selector when obtaining program operation
Pointer.
In a kind of optional embodiment, program 410 specifically can be used for so that processor 402 executes following operation:
Migration processing is carried out to the index position pointer of the symbol data.
In a kind of optional embodiment, program 410 specifically can be used for so that processor 402 executes following operation:
Using symmetric encipherment algorithm, the index position pointer of the symbol data is encrypted.
In a kind of optional embodiment, after carrying out migration processing to the index position pointer of the symbol data,
Storage location pointed by index position pointer after offset is attribute-readable;
Alternatively, offset after index position pointer pointed by storage location can be revised as attribute-readable.
In a kind of optional embodiment, program 410 specifically can be used for so that processor 402 executes following operation:
Predetermined encryption algorithm is used described, after the symbol data address information is encrypted, is obtained simultaneously
Store decryption code key corresponding with the predetermined encryption algorithm.
In a kind of optional embodiment, program 410 specifically can be used for so that processor 402 executes following operation:
The decryption code key is stored in the meaningless field in the binary file;
And/or the preset decryption code key of creation stores segment table, and the decryption code key is stored in the decryption code key and is stored
In segment table;
And/or the decryption code key is stored in the application program installation kit in the form of default file.
In a kind of optional embodiment, program 410 specifically can be used for so that processor 402 executes following operation:
In program operation, decryption program is executed, to obtain the decryption code key, at the decryption secret key pair encryption
The symbol data address information after reason is decrypted.
In a kind of optional embodiment, program 410 specifically can be used for so that processor 402 executes following operation:
The decryption program is compiled as dynamic link library, and adds the dynamic link library in the binary file
Loading command, and the loading command of the dynamic link library is made to be located at the first place of all-links order.
In a kind of optional embodiment, program 410 specifically can be used for so that processor 402 executes following operation:
The code segment in the binary file is modified, to be inserted into the decryption program, and is made in the binary file
Pre-set programs entrance is directed toward the decryption program.
Algorithm and display are not inherently related to any particular computer, virtual system, or other device provided herein.
Various general-purpose systems can also be used together with teachings based herein.As described above, it constructs required by this kind of system
Structure be obvious.In addition, the present invention is also not directed to any particular programming language.It should be understood that can use various
Programming language realizes summary of the invention described herein, and the description done above to language-specific is to disclose this hair
Bright preferred forms.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention
Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of the various inventive aspects,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention: i.e. required to protect
Shield the present invention claims features more more than feature expressly recited in each claim.More precisely, as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself
All as a separate embodiment of the present invention.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment
Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any
Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed
All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments mean it is of the invention
Within the scope of and form different embodiments.For example, in detail in the claims, embodiment claimed it is one of any
Can in any combination mode come using.
Various component embodiments of the invention can be implemented in hardware, or to run on one or more processors
Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice
Microprocessor or digital signal processor (DSP) realize the journey according to an embodiment of the present invention based on application program installation kit
The some or all functions of some or all components in sequence bracing means.The present invention is also implemented as executing this
In described method some or all device or device programs (for example, computer program and computer program
Product).It is such to realize that program of the invention can store on a computer-readable medium, it either can have one or more
The form of a signal.Such signal can be downloaded from an internet website to obtain, be perhaps provided on the carrier signal or with
Any other form provides.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability
Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch
To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame
Claim.
The invention discloses: a kind of program reinforcement means based on application program installation kit of A1., comprising:
Binary file is extracted from the application program installation kit, and determines the symbol in the binary file data section
Number;
Obtain symbol data address information corresponding with the symbol data;
Using predetermined encryption algorithm, the symbol data address information is encrypted.
A2. method according to a1, wherein the symbol data includes: symbol data relevant to class, and/or with
The relevant symbol data of selector;
The symbol data address information is the index position pointer of symbol data.
A3. the method according to A2, wherein described to obtain symbol data address information corresponding with the symbol data
Further comprise:
Obtain the class details segment table at least one class for including in the binary file;
The corresponding index position pointer of class symbol is obtained from the class details segment table.
A4. the method according to A2, wherein described to obtain symbol data address information corresponding with the symbol data
Further comprise:
From the selector segment table in the binary file, index position corresponding to selector when obtaining program operation
Pointer.
A5. the method according to A2, wherein it is described to use predetermined encryption algorithm, to the symbol data address information
It is encrypted and further comprises:
Migration processing is carried out to the index position pointer of the symbol data.
A6. the method according to A2, wherein it is described to use predetermined encryption algorithm, to the symbol data address information
It is encrypted and further comprises:
Using symmetric encipherment algorithm, the index position pointer of the symbol data is encrypted.
A7. method according to a5, wherein to the index position pointer of the symbol data carry out migration processing it
Afterwards, storage location pointed by the index position pointer after offset is attribute-readable;
Alternatively, offset after index position pointer pointed by storage location can be revised as attribute-readable.
A8. the method according to any one of A1-A7, wherein predetermined encryption algorithm is used described, to the symbol
After data address information is encrypted, the method also includes:
It obtains and stores decryption code key corresponding with the predetermined encryption algorithm.
A9. the method according to A8, wherein it is described acquisition and store it is corresponding with the predetermined encryption method decryption it is secret
Key further comprises:
The decryption code key is stored in the meaningless field in the binary file;
And/or the preset decryption code key of creation stores segment table, and the decryption code key is stored in the decryption code key and is stored
In segment table;
And/or the decryption code key is stored in the application program installation kit in the form of default file.
A10. the method according to A8, wherein the method also includes:
In program operation, decryption program is executed, to obtain the decryption code key, at the decryption secret key pair encryption
The symbol data address information after reason is decrypted.
A11. the method according to A10, wherein the method also includes:
The decryption program is compiled as dynamic link library, and adds the dynamic link library in the binary file
Loading command, and the loading command of the dynamic link library is made to be located at the first place of all-links order.
A12. the method according to A10, wherein the method also includes:
The code segment in the binary file is modified, to be inserted into the decryption program, and is made in the binary file
Pre-set programs entrance is directed toward the decryption program.
The invention also discloses: a kind of program bracing means based on application program installation kit of B13., comprising:
Determining module suitable for extracting binary file from the application program installation kit, and determines the binary system text
Symbol data in part data segment;
Module is obtained, is suitable for obtaining symbol data address information corresponding with the symbol data;
Encrypting module is suitable for using predetermined encryption algorithm, the symbol data address information is encrypted.
B14. device according to b13, wherein the symbol data includes: symbol data relevant to class, and/or
Symbol data relevant to selector;
The symbol data address information is the index position pointer of symbol data.
B15. device according to b14, wherein the acquisition module is further adapted for: obtaining the binary file
In include at least one class class details segment table;
The corresponding index position pointer of class symbol is obtained from the class details segment table.
B16. device according to b14, wherein the acquisition module is further adapted for: from the binary file
Selector segment table in, obtain program operation when selector corresponding to index position pointer.
B17. device according to b14, wherein the encrypting module is further adapted for: to the rope of the symbol data
Draw position indicator pointer and carries out migration processing.
B18. device according to b14, wherein the encrypting module is further adapted for: using symmetric encipherment algorithm, right
The index position pointer of the symbol data is encrypted.
B19. the device according to B17, wherein to the index position pointer of the symbol data carry out migration processing it
Afterwards, storage location pointed by the index position pointer after offset is attribute-readable;
Alternatively, offset after index position pointer pointed by storage location can be revised as attribute-readable.
B20. the device according to any one of B13-B19, wherein described device further include: cipher key storage block is fitted
In it is described use predetermined encryption algorithm, after the symbol data address information is encrypted, obtain and store with
The corresponding decryption code key of the predetermined encryption algorithm.
B21. the device according to B20, wherein the cipher key storage block is further adapted for: by the decryption code key
The meaningless field being stored in the binary file;
And/or the preset decryption code key of creation stores segment table, and the decryption code key is stored in the decryption code key and is stored
In segment table;
And/or the decryption code key is stored in the application program installation kit in the form of default file.
B22. the device according to B20, wherein described device further include:
Deciphering module is suitable for executing decryption program in program operation to obtain the decryption code key and utilizing the solution
The symbol data address information after close secret key pair encryption is decrypted.
B23. the device according to B22, wherein described device further include:
Order adding module, suitable for the decryption program is compiled as dynamic link library, and in the binary file
The loading command of the dynamic link library is added, and the loading command of the dynamic link library is made to be located at the head of all-links order
Position.
B24. the device according to B22, wherein described device further include:
Program is inserted into module, and the code segment being suitably modified in the binary file to be inserted into the decryption program, and makes
Pre-set programs entrance is directed toward the decryption program in the binary file.
The invention also discloses: a kind of calculating equipment of C25., comprising: processor, memory, communication interface and communication are total
Line, the processor, the memory and the communication interface complete mutual communication by the communication bus;
The memory executes the processor such as storing an at least executable instruction, the executable instruction
The corresponding operation of program reinforcement means described in any one of A1-A12 based on application program installation kit.
The invention also discloses a kind of computer storage medium of D26., being stored at least one in the storage medium can be held
Row instruction, the executable instruction make processor execute the journey based on application program installation kit as described in any one of A1-A12
The corresponding operation of sequence reinforcement means.
Claims (10)
1. a kind of program reinforcement means based on application program installation kit characterized by comprising
Binary file is extracted from the application program installation kit, and determines the symbolic number in the binary file data section
According to;
Obtain symbol data address information corresponding with the symbol data;
Using predetermined encryption algorithm, the symbol data address information is encrypted.
2. the method according to claim 1, wherein the symbol data includes: symbol data relevant to class,
And/or symbol data relevant to selector;
The symbol data address information is the index position pointer of symbol data.
3. according to the method described in claim 2, it is characterized in that, described obtain symbol data corresponding with the symbol data
Address information further comprises:
Obtain the class details segment table at least one class for including in the binary file;
The corresponding index position pointer of class symbol is obtained from the class details segment table.
4. according to the method described in claim 2, it is characterized in that, described obtain symbol data corresponding with the symbol data
Address information further comprises:
From the selector segment table in the binary file, index position corresponding to selector refers to when obtaining program operation
Needle.
5. according to the method described in claim 2, it is characterized in that, described use predetermined encryption algorithm, to the symbol data
Address information, which is encrypted, further comprises:
Migration processing is carried out to the index position pointer of the symbol data.
6. according to the method described in claim 2, it is characterized in that, described use predetermined encryption algorithm, to the symbol data
Address information, which is encrypted, further comprises:
Using symmetric encipherment algorithm, the index position pointer of the symbol data is encrypted.
7. according to the method described in claim 5, it is characterized in that, the index position pointer to the symbol data deviates
After processing, storage location pointed by the index position pointer after offset is attribute-readable;
Alternatively, offset after index position pointer pointed by storage location can be revised as attribute-readable.
8. a kind of program bracing means based on application program installation kit characterized by comprising
Determining module suitable for extracting binary file from the application program installation kit, and determines the binary file number
According to the symbol data in section;
Module is obtained, is suitable for obtaining symbol data address information corresponding with the symbol data;
Encrypting module is suitable for using predetermined encryption algorithm, the symbol data address information is encrypted.
9. a kind of calculating equipment, comprising: processor, memory, communication interface and communication bus, the processor, the storage
Device and the communication interface complete mutual communication by the communication bus;
The memory executes the processor as right is wanted for storing an at least executable instruction, the executable instruction
Ask the corresponding operation of program reinforcement means described in any one of 1-7 based on application program installation kit.
10. a kind of computer storage medium, an at least executable instruction, the executable instruction are stored in the storage medium
Execute processor as the program reinforcement means of any of claims 1-7 based on application program installation kit is corresponding
Operation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910245557.4A CN110119600A (en) | 2019-03-28 | 2019-03-28 | Program reinforcement means and device based on application program installation kit |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910245557.4A CN110119600A (en) | 2019-03-28 | 2019-03-28 | Program reinforcement means and device based on application program installation kit |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110119600A true CN110119600A (en) | 2019-08-13 |
Family
ID=67520759
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910245557.4A Pending CN110119600A (en) | 2019-03-28 | 2019-03-28 | Program reinforcement means and device based on application program installation kit |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110119600A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111339503A (en) * | 2020-02-25 | 2020-06-26 | Oppo广东移动通信有限公司 | Control flow obfuscation method and related product |
WO2021151347A1 (en) * | 2020-05-29 | 2021-08-05 | 平安科技(深圳)有限公司 | Ios application-based reinforcement method, apparatus, device, and storage medium |
CN114218593A (en) * | 2021-12-20 | 2022-03-22 | 南京宁铎科技有限公司 | Information security detection method based on office equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130227286A1 (en) * | 2006-04-25 | 2013-08-29 | Andre Jacques Brisson | Dynamic Identity Verification and Authentication, Dynamic Distributed Key Infrastructures, Dynamic Distributed Key Systems and Method for Identity Management, Authentication Servers, Data Security and Preventing Man-in-the-Middle Attacks, Side Channel Attacks, Botnet Attacks, and Credit Card and Financial Transaction Fraud, Mitigating Biometric False Positives and False Negatives, and Controlling Life of Accessible Data in the Cloud |
CN104965712A (en) * | 2015-07-17 | 2015-10-07 | 北京奇虎科技有限公司 | Application reinforcing protection method and apparatus and mobile terminal |
CN106960156A (en) * | 2016-01-08 | 2017-07-18 | 广州市动景计算机科技有限公司 | Data encryption and access method based on application program, device |
CN109062582A (en) * | 2018-07-23 | 2018-12-21 | 北京云测信息技术有限公司 | A kind of encryption method and device of application installation package |
-
2019
- 2019-03-28 CN CN201910245557.4A patent/CN110119600A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130227286A1 (en) * | 2006-04-25 | 2013-08-29 | Andre Jacques Brisson | Dynamic Identity Verification and Authentication, Dynamic Distributed Key Infrastructures, Dynamic Distributed Key Systems and Method for Identity Management, Authentication Servers, Data Security and Preventing Man-in-the-Middle Attacks, Side Channel Attacks, Botnet Attacks, and Credit Card and Financial Transaction Fraud, Mitigating Biometric False Positives and False Negatives, and Controlling Life of Accessible Data in the Cloud |
CN104965712A (en) * | 2015-07-17 | 2015-10-07 | 北京奇虎科技有限公司 | Application reinforcing protection method and apparatus and mobile terminal |
CN106960156A (en) * | 2016-01-08 | 2017-07-18 | 广州市动景计算机科技有限公司 | Data encryption and access method based on application program, device |
CN109062582A (en) * | 2018-07-23 | 2018-12-21 | 北京云测信息技术有限公司 | A kind of encryption method and device of application installation package |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111339503A (en) * | 2020-02-25 | 2020-06-26 | Oppo广东移动通信有限公司 | Control flow obfuscation method and related product |
WO2021151347A1 (en) * | 2020-05-29 | 2021-08-05 | 平安科技(深圳)有限公司 | Ios application-based reinforcement method, apparatus, device, and storage medium |
CN114218593A (en) * | 2021-12-20 | 2022-03-22 | 南京宁铎科技有限公司 | Information security detection method based on office equipment |
CN114218593B (en) * | 2021-12-20 | 2024-01-09 | 南京宁铎科技有限公司 | Information security detection method based on office equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108733988B (en) | Method for protecting executable program on android platform | |
CN108345773B (en) | Code protection method and device based on virtual machine, electronic equipment and storage medium | |
CN104463002B (en) | A kind of method and apparatus of reinforcing APK and APK reinforce client and server | |
JP6078555B2 (en) | Virtual machine device and method using key-driven obfuscation | |
CN100594509C (en) | Software protection method | |
CN110119600A (en) | Program reinforcement means and device based on application program installation kit | |
CN108491235B (en) | DEX protection method combining dynamic loading and function Native | |
JP4892167B2 (en) | Digital data protection configuration | |
US20160239671A1 (en) | Method and device for protecting an application and method and device for executing a protected application thus protected | |
CN107273723B (en) | So file shell adding-based Android platform application software protection method | |
CN105095771B (en) | A kind of guard method of shared file destination and device | |
CN109598107A (en) | A kind of code conversion method and device based on application installation package file | |
CN110119601A (en) | Program reinforcement means and device based on application program installation kit | |
CN106960140A (en) | Virtual machine instructions obscure method and device, virtual machine protection system | |
CN105074712A (en) | Code processing device and program | |
EP3729306B1 (en) | Compiling device and method | |
CN110210211A (en) | A kind of method of data protection and calculate equipment | |
CN109960509A (en) | Using the method, apparatus of reinforcing, calculate equipment and computer storage medium | |
CN108804913B (en) | Application program running method and device | |
CN110147653A (en) | Application security reinforcement means and device | |
CA3150187C (en) | Method and apparatus for protecting web script codes | |
CN108733990B (en) | Block chain-based file protection method and terminal equipment | |
CN113626773B (en) | Code protection method based on intermediate language | |
CN108182358B (en) | File protection method and device, computing equipment and computer storage medium | |
JP6919973B2 (en) | Computer-aided obfuscation of program code |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190813 |