CN110750763A - Code signing method, device, storage medium and program product - Google Patents
Code signing method, device, storage medium and program product Download PDFInfo
- Publication number
- CN110750763A CN110750763A CN201911003297.6A CN201911003297A CN110750763A CN 110750763 A CN110750763 A CN 110750763A CN 201911003297 A CN201911003297 A CN 201911003297A CN 110750763 A CN110750763 A CN 110750763A
- Authority
- CN
- China
- Prior art keywords
- server
- signature
- code
- computer
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 238000005516 engineering process Methods 0.000 claims description 19
- 238000004590 computer program Methods 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 13
- 238000012545 processing Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 9
- 238000012795 verification Methods 0.000 description 8
- 238000011161 development Methods 0.000 description 6
- 238000004891 communication Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 239000008186 active pharmaceutical agent Substances 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- RYGMFSIKBFXOCR-UHFFFAOYSA-N Copper Chemical compound [Cu] RYGMFSIKBFXOCR-UHFFFAOYSA-N 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000013528 artificial neural network Methods 0.000 description 1
- 229910052802 copper Inorganic materials 0.000 description 1
- 239000010949 copper Substances 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a code signing method, a device, a storage medium and a program product. The method for signing the code comprises the following steps: the method comprises the steps that a warehouse server receives a strategy for accessing a signature server connected with the warehouse server through a network; the repository server receiving code from a computer connected to the repository server via a network; and when a preset condition is met, the warehouse server sends the information of the code to the signature server for signature.
Description
Technical Field
The present disclosure relates to a method and apparatus for signing code, and more particularly, to a method, apparatus, storage medium, and program product for signing ownership of code.
Background
In recent years, with the rapid development of the internet, mobile internet, and communication technology, computer software has become more and more effective in the field of information technology as a new form of technical result. Therefore, people pay more attention to intellectual property protection of computer software. At present, the intellectual property rights of computer software can be protected by laws such as anti-unfair competition law, copyright law, patent law and the like in China. The emphasis of different laws is also different, where copyright laws primarily protect the source code of software.
The means for proving the content, author, completion time and the like of the source code are not convenient enough or incomplete, and are difficult to adapt to the market demand. For example, software copyright registration has a long period, high cost, and a large labor cost investment. In addition, software copyright registration has a number of disadvantages. First, software copyright registration does not require the submission of all codes, but rather just the submission of several pages of code before and after. Thus, the integrity of the code cannot be verified. Second, the software copyright registration fails to verify the true completion time of the code, which is freely filled in by the applicant. Therefore, a method for quickly and flexibly signing the code ownership in the process of the development cycle of the computer software and after the development is urgently needed.
Disclosure of Invention
According to one aspect of the present disclosure, there is provided a method of signing a code, comprising the steps of: the method comprises the steps that a warehouse server receives a strategy for accessing a signature server connected with the warehouse server through a network; the repository server receiving code from a computer connected to the repository server via a network; and when a preset condition is met, the warehouse server sends the information of the code to the signature server for signature.
According to one aspect of the present disclosure, there is provided an apparatus for signing a code, comprising: a configuration module for configuring a policy for accessing a signature server connected to the device via a network; a receiving module for receiving a code from a computer connected to the apparatus through a network; and a sending module, configured to send the information of the code to the signature server for signature when a preset condition is satisfied.
According to one aspect of the present disclosure, a computer storage medium is provided storing computer instructions that, when executed, cause an apparatus to perform the above-described method.
According to an aspect of the present disclosure, there is provided a computer program product stored in a computer storage medium and having computer instructions which, when executed, cause an apparatus to perform the above-described method.
Drawings
Fig. 1 is a schematic diagram of an embodiment of the present disclosure.
Fig. 2 is a block diagram of the internal components of the repository server of the present disclosure.
Fig. 3 is a screenshot of an embodiment of the present disclosure in a GitLab environment.
Detailed Description
Preferred embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While the preferred embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms without being limited to the embodiments described herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
The term "include" and variations thereof as used herein is meant to be inclusive in an open-ended manner, i.e., "including but not limited to". Unless specifically stated otherwise, the term "or" means "and/or". The term "based on" means "based at least in part on". The terms "one example embodiment" and "one embodiment" mean "at least one example embodiment". The term "another embodiment" means "at least one additional embodiment". The terms "first," "second," and the like may refer to different or the same objects, are used for descriptive purposes only, and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. Other explicit and implicit definitions are also possible below.
The order of sequence of method steps set forth herein does not necessarily imply that the method must be performed in the order in which the steps occur. The order of steps should be limited only if one of ordinary skill in the art (e.g., a programmer) would explicitly recognize, upon reading this disclosure, that the steps of a technique should be performed in a particular order. In modern computer systems, method steps may be performed in parallel, or in a different order than presented herein, as desired.
According to computer software protection regulations, software includes computer programs and their associated documents. Computer program refers to a coded instruction sequence that can be executed by a computer to obtain a certain result, or a symbolic instruction sequence or symbolic statement sequence that can be automatically converted into a coded instruction sequence; the document refers to the text data and diagrams used to describe the content, composition, design, functional specification, development situation, test result and usage of the program.
Rather than strictly distinguish between the above-described regulations, the terms software and program may be used interchangeably herein, depending upon the context in which the judgment is made. The code described herein is a string of characters representing information in a discrete form, and may or may not form part of the software. The code may or may not run independently. The code is typically smaller in length and complexity than software or programs.
Repository (repository), also called asset library, versioning library, code library, refers in versioning systems to a data structure on disk storage that contains files, directories and metadata. The repository schema represents the relationship between the various copies of the source code repository, which may be centralized or distributed. In a centralized architecture, a user accesses a master library through a client. In general, the local machine stores a work copy, changes to the work copy are submitted to the master library before being reflected to other users, and the master library is stored on the server. In a distributed architecture, however, the repository may be replicated locally to each user. The repositories are equally spaced, and users typically have a local repository to store version history in addition to their working copy.
Distributed version control allows software developers to participate in a software development project together, but not necessarily work on the same network system, and thus is widely used. A software version control system written in a distributed version control method is called a distributed version control system. Common distributed version control systems include Monoto, Git, SVN, CVS, VSS, and the like.
Git was released in 2005 as a distributed version control software in GPL. Originally designed to better manage Linux kernel development. But later the Git kernel has matured to be used independently as a version control, and many well-known software uses Git for version control. GitLab is a web-based Git warehouse management tool that uses MIT licenses. The present disclosure illustrates operation in a GitLab environment. It should be noted, however, that this example is merely for ease of understanding, and the solution of the present disclosure is obviously applicable not only to GitLab, but also to any centralized or distributed version control system.
Fig. 1 is a block diagram of an embodiment of the present disclosure, the technical solution of which includes developer computers 101, 102, a repository server 201, and a signature server 301. The developer computers 101, 102 and the warehouse server 201 are connected through a wired network or a wireless network; and the repository server 201 and the signature server 301 are connected through a wired network or a wireless network.
The developer computers 101 and 102 are used for inputting various codes by the developer, and may be electronic devices such as general purpose computers, special purpose computers, mobile phones, tablet computers, notebook computers, Ultra Mobile Personal Computers (UMPCs), netbooks, and Personal Digital Assistants (PDAs). The developer computers 101, 102 may include input devices, processing units, storage units, and display devices. The input device is a device for inputting code by a developer and may be a trackball, mouse, keyboard, microphone, scanner, touch screen device, sensing device, or any other device and any combination thereof. The processing unit is a unit that processes data and may be an Application Processor (AP), a modem processor, a Graphics Processor (GPU), an Image Signal Processor (ISP), a controller, a memory, a video codec, a Digital Signal Processor (DSP), a baseband processor, a neural Network Processor (NPU), or any other unit and any combination thereof. The memory unit is a tangible device that stores instructions for use by the processing unit and may be an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, and any combination thereof. More specific examples include: a portable computer diskette, a hard disk, a flash memory, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a U disk, a memory stick, a Secure Digital (SD) card, a micro SD card, a floppy disk, a mechanical coding device, such as a punch card or an in-groove raised structure having instructions stored thereon, and any combination thereof. The display device is a device for displaying an input code, and may be a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display device, a Cathode Ray Tube (CRT) display device, a projector, or any other device or any combination thereof.
The repository server 201 deploys a server side of the GitLab (or a GitLab environment) for exchanging code between the various developer computers 101, 102. Each developer computer 101, 102 also has a client deployed with GitLab that can exchange code with the repository server 201. For example, the developer computers 101 and 102 may upload written code to the cloud (repository server 201 side) by pushing the code to the repository server 201. The developer computers 101, 102 may store the code of the cloud (repository server 201 side) locally by pulling the code back from the repository server 201. The repository server 201 may be located within the same local area network as the developer computers 101, 102, which is the case for developing proprietary software. The repository server 201 may also be located within the same wide area network (e.g., the internet) as the developer computers 101, 102, which is appropriate for developing open source software.
The warehouse server 201 includes several modules, which are explained with reference to fig. 2. The configuration module 2011 is used to receive policies configured by developers to access the signature server. The access policy may be an API interface to the input signing server 301 to enable automatic or manual signing of the code. The receiving module 2012 is used to receive the code input by the developer from the computer of the developer. The sending module 2013 is configured to send information of the code used for signing to the signing server 301 so as to sign the code by the signing server 301. The display module 2014 is used for displaying a result of whether the signature returned by the signature server 301 is successful.
Fig. 2 is a block diagram illustrating the functionality of the warehouse server 201 according to the present disclosure. In this regard, each block in the block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams, and combinations of blocks in the block diagrams, can be implemented by pure software, by special purpose hardware-based systems which perform the specified functions or acts, or by combinations of special purpose hardware and software. For example, in the case of a general-purpose device, the plurality of modules described above may be implemented in the form of software by writing and storing corresponding software into a memory of the general-purpose device. In the case of a non-general purpose device, the plurality of modules described above may be implemented in the form of dedicated hardware.
The description is continued with reference to fig. 1. The signature server 301 signs the code transmitted from the repository server 201 according to a preset condition, and stores the signature result in the signature server 301 or transmits to the repository server 201. The preset condition may be automatic or manual. In the automatic case, it may be automatically sent to the signature server 301 for signature when the code amount (number of lines or number of characters) reaches a certain threshold (e.g., number of lines exceeds 500 lines, or number of characters exceeds 5000); or may be automatically sent to the signature server 301 for signature each time a new version is uploaded. In the case of manual, the check box of the signature is checked manually by the developer, and when the check box is checked, the code is transmitted to the signature server 301 to be signed. The signature server 301 may return information on whether the signature was successful after the signature.
The signature server 301 may perform the signature in various ways, such as a blockchain manner or a time stamp manner or other digital signature manner that may be present or may come in the future. In addition, the signature mode may also be a traditional signature mode performed by a public authority mechanism such as a notarization department or a copyright bureau.
Blockchains can be broadly divided into three types: public, federation, and private chains. A private chain is a fully centralized blockchain into which only the creator of the private chain can write information. Therefore, public or federation chains are mostly used for signing (encryption) and verifying (decryption). In the public chain, all data is publicly visible to anyone, and all transaction information related to a blockchain address can be viewed by the public. Data privacy on the public chain is an issue because some transactions do not want to be visible to all. In the federation chain, the validity of the blockchain blocks and transactions is determined by a predetermined group of verifiers, which form a federation. For example, to make a block in a federation chain valid, more than 50% of the members in the federation are required to sign through before the new block is valid. The information on the federation blockchain may be public or visible only to federation members.
When the block chain is used for signature and signature verification, the private key is used for signature, and the public key is used for signature verification. Generally, the public key is public, while the private key is kept secure. Private key signature and public key signature verification are that the private key is used for signing the original data, and only the corresponding public key can verify that the signature string is matched with the original data. The private key is equivalent to a password in the centralized billing system and is a credential for ownership of the asset.
In addition, the signature can be performed by using the time stamp technology. The time stamp signature process comprises the following steps: the user encrypts a file needing time stamping by using Hash codes to form an abstract value, then sends the abstract value and other information to a time stamping server, and the time stamping server encrypts the file (digitally signs) after adding date and time information of receiving the abstract value and then sends the file to the user. Common services using time stamp technology include a time stamp (registered trademark) or a trusted time stamp (registered trademark).
As described above, in the technical aspect of the present disclosure, when code is transmitted from the developer computer 101, 102 to the repository server 201, the repository server 201 may transmit a signature request to the signature server 301. The code can be signed without changing the existing system, and the signature can be verified in the future. And because the signature and the signature verification adopt digital technologies such as a block chain or a time stamp, the cost of the code signature is low, and the code signature is quick and accurate. In addition, the digital technology such as a block chain or a time stamp is adopted, and the like, all codes are not required to be transmitted, so that the method is safer. One specific implementation of the signature described herein is validation of rights, and one specific implementation of the signature verification is verification of validation rights.
Fig. 3 is a screenshot of an embodiment of the present disclosure in a GitLab environment.
Fig. 3 shows that a software developer (hereinafter, referred to as a developer) sets the webhook interface address identification of the signature server in the webhook function of the GitLab. The webhook interface of the signing server (web address, private token in fig. 3) may be an API provided by a timestamp (registered trademark) or trusted timestamp (registered trademark) or other signing service for third parties (such as developers) to access and obtain signing services. The interface address identifier may be manually input by the developer, or may be selected by the developer from a plurality of interface address identifiers that are preset.
When a developer sets push, tag and other operations on the GitLab according to own needs, the developer can trigger the webhook to request the event policy of the signature server (for example, signing the code when a predetermined condition is met). For example, a developer may trigger a signature request (tag push event in fig. 3) each time code is pushed (from developer computer to repository server), signed by the signature server 301. After configuration at the GitLab end is complete, the developer can program and request a signature for the code.
For example, a developer writes a piece of code on a local computer and pushes the code to a repository server of GitLab. And the GitLab judges whether the codes pushed to the GitLab by the developer each time need to be signed according to the strategy, namely, the authority is confirmed. If the code is judged to need to be signed, the GitLab automatically sends information such as the hash value, version number, developer ID, etc. of the code to be signed to the signature server 301 through the webhook function. The content information sent is only an example, and it should be understood by those skilled in the art that content information other than the example may be sent, or only part of the example content information may be sent.
The signature server that received the signature request signs the code transmitted from the repository server. The signature process may be implemented using the various techniques described above.
After the signature is successful, the signature server can utilize the message notification module to notify a developer that the signature of the code is successful through mails, short messages, WeChat service numbers, nailing service numbers, push services and the like; it is also possible to inform within the GitLab whether the signature was successful by returning a status code or the like. The signature server may also send signature files and the like to the repository server for download by developers or others. For a server with development capability such as CSDN, a signature file can be received and stored; however, for the existing GitLab, it is preferable not to receive the signature file but to simply display whether the signature is successful because the signature file cannot be processed without modifying the system. The signature file is a certificate used for verifying the signed code in the future, for example, information for proving the existence of the whole code at a certain time and the author thereof.
Digital signature technologies such as a block chain technology or a time stamp technology do not need to provide all codes for a server, but can verify all source codes. For example, because the hash value obtained by changing even only one place in the code is completely different, the signature of the entire source code can be verified by the hash value without providing several pieces of code lines before and after the code as in the case of software copyright registration. The security of the code is ensured, and all the codes can be signed and checked.
In addition, due to the adoption of digital technologies such as a block chain technology or a time stamp technology, the processes of signing and signature checking of the codes can be completed quickly, and the method is convenient and quick.
In addition, because the technical scheme of signature and signature verification is embedded in the GitLab server, the functions of almost imperceptible signature and signature verification can be realized without greatly changing the existing equipment and software.
Finally, the developer can manually download and obtain the signature certificate through the link sent by the GitLab server, or automatically obtain the signature certificate through the corresponding push service. The certificate may also be obtained directly from the signing server. The present disclosure is not limited to the specific manner of obtaining the certificate, and any manner that can be easily conceived by those skilled in the art can be adopted.
The way of developing the developer is not limited in this disclosure, and may be any way such as a private cloud, a public cloud, and the like.
The signature server may be a publicly-owned deployment system such as a block chain, a time stamp (registered trademark), or a trusted time stamp (registered trademark), or may be a privately-owned deployment system (for example, a local area network for the inside of a member). Therefore, the present disclosure is not limited to the deployment of the signature server.
The present disclosure may be methods, devices, systems, storage media and program products. The program product may be stored in a readable storage medium having computer instructions for performing various aspects of the present disclosure. Which when executed by a processing unit of a computer or other programmable data processing apparatus, produce an apparatus that implements the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer-readable program instructions may also be stored in a computer-readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer-readable medium storing the instructions comprises an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer-readable program instructions described herein may be downloaded to various computing processing devices from a computer-readable storage medium, or to an external computer or external storage device over a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in the respective computing processing device. The wireless transmission may use a solution for wireless communication such as Wireless Local Area Network (WLAN) of wireless fidelity (Wi-Fi) network, Bluetooth (BT), Global Navigation Satellite System (GNSS), Frequency Modulation (FM), near field wireless communication technology (NFC), infrared technology (IR), and the like.
The computer program instructions for carrying out operations of the present disclosure may be assembler instructions, Instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C + + or the like and conventional procedural programming languages, such as the C language or similar programming languages. The computer-readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, the electronic circuitry that can execute the computer-readable program instructions implements aspects of the present disclosure by utilizing the state information of the computer-readable program instructions to personalize the electronic circuitry, such as a programmable logic circuit, a Field Programmable Gate Array (FPGA), or a Programmable Logic Array (PLA).
Various aspects of the present disclosure are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus, systems, storage media and program products according to embodiments of the disclosure. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions.
In the embodiments described herein, it should be understood that the disclosed apparatus and methods may be implemented in other ways. For example, the above-described device embodiments are merely illustrative, for example, a module or a unit may be divided into only one logical functional division, and an actual implementation may have another division, for example, a plurality of units or components may be combined or integrated into another device, or some features may be omitted, or not executed. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
Units described as separate parts may or may not be physically separate, and parts displayed as units may be one physical unit or a plurality of physical units, may be located in one place, or may be distributed to a plurality of different places. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present application may be essentially or partially contributed to by the prior art, or all or part of the technical solutions may be embodied in the form of a software product, where the software product is stored in a storage medium and includes several instructions to enable a device (which may be a single chip microcomputer, a chip, or the like) or a processor to execute all or part of the steps of the methods of the embodiments of the present application.
Having described embodiments of the present disclosure, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the disclosed embodiments. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen in order to best explain the principles of the embodiments, the practical application, or improvements made to the technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein. Various modifications and alterations to this disclosure will become apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.
Claims (10)
1. A method of signing code, comprising the steps of:
the method comprises the steps that a warehouse server receives a strategy for accessing a signature server connected with the warehouse server through a network;
the repository server receiving code from a computer connected to the repository server via a network; and
and when a preset condition is met, the warehouse server sends the information of the code to the signature server for signature.
2. The method of claim 1,
the signature server is a server for carrying out digital signature by using a block chain technology or a time stamp technology; or a server traditionally signed by a notary or copyright bureau.
3. The method of claim 1,
the preset conditions include: the developer selects manually, generates a new version of code, and the amount of code exceeds a threshold.
4. The method of claim 1, further comprising:
and the warehouse server displays the result of whether the signature server signs successfully or not.
5. An apparatus for signing a code, comprising the steps of:
a configuration module for configuring a policy for accessing a signature server connected to the device via a network;
a receiving module for receiving a code from a computer connected to the apparatus through a network; and
and the sending module is used for sending the information of the code to the signature server for signature when a preset condition is met.
6. The apparatus of claim 5,
the signature server is a server for carrying out digital signature by using a block chain technology or a time stamp technology; or a server traditionally signed by a notary or copyright bureau.
7. The apparatus of claim 5,
the preset conditions include: the developer selects manually, generates a new version of code, and the amount of code exceeds a threshold.
8. The apparatus of claim 5,
the signature server also comprises a display module for displaying the result of whether the signature server successfully signs.
9. A computer storage medium having stored thereon computer instructions that, when executed, cause an apparatus to perform the method of any of claims 1 to 4.
10. A computer program product stored in a computer storage medium and having computer instructions that, when executed, cause an apparatus to perform the method of any of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911003297.6A CN110750763A (en) | 2019-10-22 | 2019-10-22 | Code signing method, device, storage medium and program product |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911003297.6A CN110750763A (en) | 2019-10-22 | 2019-10-22 | Code signing method, device, storage medium and program product |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110750763A true CN110750763A (en) | 2020-02-04 |
Family
ID=69279289
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911003297.6A Pending CN110750763A (en) | 2019-10-22 | 2019-10-22 | Code signing method, device, storage medium and program product |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110750763A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101520832A (en) * | 2008-12-22 | 2009-09-02 | 康佳集团股份有限公司 | System and method for verifying file code signature |
| CN103765379A (en) * | 2011-08-30 | 2014-04-30 | 微软公司 | Cloud-based build service |
| CN106209754A (en) * | 2015-05-08 | 2016-12-07 | 中标软件有限公司 | Method and system to software kit automatic signature in version control system |
| US20170345394A1 (en) * | 2016-05-27 | 2017-11-30 | Adobe Systems Incorporated | Multi-device electronic signature framework |
| CN109981287A (en) * | 2019-03-14 | 2019-07-05 | 亚数信息科技(上海)有限公司 | A kind of code signature method and its storage medium |
-
2019
- 2019-10-22 CN CN201911003297.6A patent/CN110750763A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101520832A (en) * | 2008-12-22 | 2009-09-02 | 康佳集团股份有限公司 | System and method for verifying file code signature |
| CN103765379A (en) * | 2011-08-30 | 2014-04-30 | 微软公司 | Cloud-based build service |
| CN106209754A (en) * | 2015-05-08 | 2016-12-07 | 中标软件有限公司 | Method and system to software kit automatic signature in version control system |
| US20170345394A1 (en) * | 2016-05-27 | 2017-11-30 | Adobe Systems Incorporated | Multi-device electronic signature framework |
| CN109981287A (en) * | 2019-03-14 | 2019-07-05 | 亚数信息科技(上海)有限公司 | A kind of code signature method and its storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 周景学: "《商务网站安全与控制》", 31 August 2001, 中国商业出版社 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110620810B (en) | Non-linked ownership of continuous asset transfer over blockchain | |
| US20220075900A1 (en) | Tracing objects across different parties | |
| CN107615292B (en) | System and method for managing installation of application packages requiring high risk permission access | |
| US9898587B2 (en) | Software protection using an installation product having an entitlement file | |
| TW201837805A (en) | Securing blockchain transaction based on undetermined data | |
| US20210067536A1 (en) | Blockchain cybersecurity audit platform | |
| US20190182053A1 (en) | Technology validation and ownership | |
| WO2020010442A1 (en) | Media attribution systems and methods | |
| KR20100121313A (en) | Method for verification of software package integrity in a mobile terminal | |
| CN113767382A (en) | Method and system for universal sourcing solution for blockchain supply chain applications | |
| CN109784870A (en) | Measure of managing contract, device, computer equipment and computer readable storage medium | |
| US20100223469A1 (en) | Method, System and Computer Program Product for Certifying Software Origination | |
| CN114124502B (en) | Message transmission method, device, equipment and medium | |
| CN106664308A (en) | Device verification prior to registration | |
| CN113158207A (en) | Block chain based report generation method and device, electronic equipment and storage medium | |
| CN116569517A (en) | Blockchain-based systems and methods for publishing operating systems | |
| CN110324343B (en) | Information monitoring and broadcasting method and device, electronic equipment and storage medium | |
| CN114817890A (en) | Electronic signature method and device of document, terminal equipment and storage medium | |
| CN113381992B (en) | License management method based on block chain | |
| CA2986828C (en) | Data recording method, device and system, and computer storage medium | |
| US20140173285A1 (en) | Method for non-repudiation of ad-hoc workflows | |
| CN111783119A (en) | Form data security control method and device, electronic equipment and storage medium | |
| CN110750763A (en) | Code signing method, device, storage medium and program product | |
| CN104871165A (en) | Firmware-implemented software licensing | |
| WO2019233454A1 (en) | Chain code upgrading method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |