CN111274552A - Signature and signature verification method of upgrade package and storage medium - Google Patents
Signature and signature verification method of upgrade package and storage medium Download PDFInfo
- Publication number
- CN111274552A CN111274552A CN202010014875.2A CN202010014875A CN111274552A CN 111274552 A CN111274552 A CN 111274552A CN 202010014875 A CN202010014875 A CN 202010014875A CN 111274552 A CN111274552 A CN 111274552A
- Authority
- CN
- China
- Prior art keywords
- file
- signature
- upgrade package
- abstract
- signature file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000012795 verification Methods 0.000 title claims abstract description 59
- 101100217298 Mus musculus Aspm gene Proteins 0.000 claims description 8
- 238000004806 packaging method and process Methods 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 abstract description 17
- 238000010586 diagram Methods 0.000 description 9
- 230000004048 modification Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 238000011084 recovery Methods 0.000 description 3
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of software upgrading, and particularly discloses a signature and signature verification method of an upgrade package and a storage medium. And the signature verification method verifies the signature of the source upgrade package according to the first signature file, the second signature file and the third signature file in the new upgrade package. The invention solves the problem of signing and verifying the whole upgrade package before upgrading, and the upgrade package of the invention can be used only by applying an interface without decompressing the upgrade package twice or paying attention to functions and codes of the signature release and the signature verification during the process of signature release and signature verification when the Android is upgraded.
Description
Technical Field
The invention relates to the technical field of software upgrading, in particular to a signature and signature verification method and a storage medium of an upgrading package.
Background
In everyday life, signatures are often used as a credential for the identity of an individual. When a document has a person's signature, it is believed that the document has indeed been reviewed by the person. Similarly, in the field of digital security, digital signatures also play a similar role.
First, the digital signature verifies that a piece of digital information actually came from an entity. Because messages encrypted with a private key can only be decrypted with the corresponding public key and vice versa, based on the principle of asymmetric encryption. The signature is generated by the private key of the entity, and the private key is only held by the signing party and can only be decrypted by the public key of the signing party. And when decryption is successful, it is believed that the signer generated the message. Second, the digital signature can ensure that the message has not been tampered with during delivery.
When an OTA upgrading function is performed, the Android upgrading strategy is mostly to perform signature verification on an upgrading packet of an SOC of the Android after recovery is entered, and the defect that the upgrading packet is known to be falsified only after the recovery upgrading mode is entered, and only signature verification work can be performed on the upgrading packet of the SOC, if the upgrading packet is an upgrading packet with an MCU, signature and signature verification are not performed before the MCU is upgraded, which means that the whole upgrading packet is not signed, and the software of the MCU cannot be guaranteed to be falsified. The digital signature mechanism is one of means for guaranteeing the network information security, and can solve the problems of counterfeiting, repudiation, impersonation and tampering.
CMS (CryptoMessage Syntax) is a Security Message Specification (RFC 5652) formulated by the Internet Engineering Task Force (IETF). The specification defines a variety of message formats for digitally signing, hashing, authenticating, and encrypting any message, respectively. The digital signature format specified by the specification may contain the following: a hash value generation algorithm, a digital certificate of a signing party (including a public key of the signing party), basic information of the signing party, message text, signature and the like. Comparing the generation and verification process of the previous digital signature, it can be seen that the format specified by the CMS specification already contains all the necessary information for the digital signature. Meanwhile, for developers, the open source tool can be utilized to conveniently generate the digital signature in the CMS format. Such as the openssl command under Linux and the Java open source class library, bounncycastle, provide generation and verification functions for CMS format digital signatures.
At present, a Signapk tool is adopted for signing in a CMS-based digital signature technology, but when the signature is verified in an Android application layer, the upgrade package needs to be decompressed twice, the processes of signature release and signature verification are complicated, the operation is time-consuming, and no signature verification and signature release tool or SDK, SO library and jar package corresponding to the signature release and signature verification tool exists, SO that a user does not need to pay attention to functions and codes of the release and signature verification, and the signature release and signature verification can be used only by an application interface.
Disclosure of Invention
The invention provides a signature and signature verification method and a storage medium of an upgrade package, and solves the technical problem of how to sign and verify the whole upgrade package before upgrading.
In order to solve the technical problems, the invention provides a signature method of an upgrade package, which comprises the following steps:
s1, generating a summary for each file in a source upgrade package to obtain a first signature file;
s2, generating a summary for the first signature file to obtain a second signature file;
s3, signing the second signature file by using a private key, and packaging a signature result, a public key and a certificate together to generate a third signature file;
and S4, adding the first signature file, the second signature file and the third signature file into the same directory in the source upgrade package to obtain a new upgrade package.
Further, the step S1 is specifically:
traversing all the entries in the upgrade package, extracting the file abstract of the file from the files in the entries by using a message abstract algorithm, coding the file abstract by using a coding algorithm, and writing the file abstract into one block in the first signature file as an attribute value.
Further, the step S2 is specifically:
extracting the file abstract of the file from the block at the head of the first signature file by using the message abstract algorithm, coding the file abstract by using the coding algorithm, and writing the file abstract as an attribute value into a second signature file; extracting the file abstract of the whole first signature file by using the message abstract algorithm, coding the file abstract by using the coding algorithm, and writing the file abstract into the second signature file as an attribute value; and extracting the file abstract of each item of the first signature file by using the message abstract algorithm, coding the file abstract by using the coding algorithm, and writing the file abstract into the second signature file as an attribute value.
Further, the message digest algorithm adopts SHA1 or SHA256 algorithm, and the coding algorithm adopts Base64 algorithm.
Further, the source upgrade package is an upgrade package of an SOC of the Android.
The invention also provides a signature verification method for an upgrade package, wherein the upgrade package is a new upgrade package which is already executed with the signature method, and the method comprises the following steps:
and S5, verifying the source upgrade package according to the first signature file, the second signature file and the third signature file in the new upgrade package.
Further, the step S5 specifically includes the steps of:
s51, checking whether all files contained in the source upgrade package are consistent with the corresponding digest values recorded in the first signature file or not;
s52, checking whether the second signature file is modified or not by using the third signature file;
s53, using the second signature file to check whether the first signature file is modified.
Further, the step S52 specifically includes: and checking whether the digest value corresponding to the second signature file is consistent with the attribute value recorded in the third signature file.
Further, whether the digest value corresponding to the first signature file is consistent with the attribute value recorded in the second signature file is checked.
The present invention also provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the signature method of the upgrade package or the signature verification method of the upgrade package.
The signature method of the upgrade package provided by the invention comprises the steps of generating a summary for each file in a source upgrade package to obtain a first signature file; generating a summary of the first signature file to obtain a second signature file, signing the second signature file by using a private key, and packaging a signature result, a public key and a certificate together to generate a third signature file; and adding the first signature file, the second signature file and the third signature file into the same catalogue in the source upgrade package to obtain a new upgrade package. According to the signature method of the upgrade package, provided by the invention, the source upgrade package is verified and signed according to the first signature file, the second signature file and the third signature file in the new upgrade package. The invention solves the problem of signing and verifying the whole upgrade package before upgrading, and the upgrade package of the invention can be used only by applying an interface without decompressing the upgrade package twice or paying attention to functions and codes of the signature release and the signature verification during the process of signature release and signature verification when the Android is upgraded.
Drawings
FIG. 1 is a flowchart illustrating steps of a method for signing and verifying an upgrade package according to an embodiment of the present invention;
fig. 2 is a display diagram of first to third signature files generated in a signature method of an upgrade package according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a process for generating first to third signature files according to the present invention;
FIG. 4 is a content presentation diagram of a first signature file provided by the present invention;
FIG. 5 is a content presentation diagram of a second signature file provided by the present invention;
FIG. 6 is a flowchart illustrating steps of a method for verifying an upgrade package according to an embodiment of the present invention;
FIG. 7 is a drawing showing the signature verification process of the signature verification method for the upgrade package according to the embodiment of the present invention;
FIG. 8 is an illustrative diagram of the signature verification principle of FIG. 7 provided by an embodiment of the invention;
FIG. 9 is a display diagram further illustrating the principles of FIG. 7 provided by an embodiment of the present invention;
fig. 10 is an SDK display interface diagram after a public key is selected in the signature verification process according to the embodiment of the present invention;
FIG. 11 is a diagram of an SDK display interface for successful verification according to an embodiment of the present invention;
fig. 12 is a diagram of an SDK display interface with verification failure according to an embodiment of the present invention.
Detailed Description
The embodiments of the present invention will be described in detail below with reference to the accompanying drawings, which are given solely for the purpose of illustration and are not to be construed as limitations of the invention, including the drawings which are incorporated herein by reference and for illustration only and are not to be construed as limitations of the invention, since many variations thereof are possible without departing from the spirit and scope of the invention.
Referring to fig. 1, a flowchart of steps of a signature and signature verification method for an upgrade package according to an embodiment of the present invention is provided, and the signature method for an upgrade package according to an embodiment of the present invention includes the steps of:
s1, generating a summary for each file in a source upgrade package to obtain a first signature file;
s2, generating a summary for the first signature file to obtain a second signature file;
s3, signing the second signature file by using a private key, and packaging a signature result, a public key and a certificate together to generate a third signature file;
and S4, adding the first signature file, the second signature file and the third signature file into the same directory in the source upgrade package to obtain a new upgrade package.
The invention provides a signature verification method for an upgrade package, wherein the upgrade package in the name is the new upgrade package which is already executed with the signature method, and the method comprises the following steps:
and S5, verifying the source upgrade package according to the first signature file, the second signature file and the third signature file in the new upgrade package.
In the signature method of this embodiment, the step S1 specifically includes:
traversing all the entries in the upgrade package, extracting the file abstract of the file from the files in the entries by using a message abstract algorithm, coding the file abstract by using a coding algorithm, and writing the file abstract into one block in the first signature file as an attribute value.
The step S2 specifically includes:
extracting the file abstract of the file from the block at the head of the first signature file by using the message abstract algorithm, coding the file abstract by using the coding algorithm, and writing the file abstract as an attribute value into a second signature file; extracting the file abstract of the whole first signature file by using the message abstract algorithm, coding the file abstract by using the coding algorithm, and writing the file abstract into the second signature file as an attribute value; and extracting the file abstract of each item of the first signature file by using the message abstract algorithm, coding the file abstract by using the coding algorithm, and writing the file abstract into the second signature file as an attribute value.
Preferably, the message digest algorithm adopts SHA1 or SHA256 algorithm, and the coding algorithm adopts Base64 algorithm.
Preferably, the source upgrade package is an upgrade package of an SOC of Android.
A specific procedure of the signature method of the present embodiment is illustrated.
First, as the signature process shown in FIG. 2, if the new upgrade package (sign.apk/zip) is decompressed, the META-INF folder and the source upgrade package (sign.apk/zip) are obtained. Among them, there are three files under the META-INF folder: the first signature file ManifeST.MF file, the second signature file CERT.SF file and the third signature file CERT.RSA file are files generated in the signature process.
As shown in fig. 3, the following describes a specific process for each signature file:
s1, generating a summary for each file in a source upgrade package (un.apk/zip) to obtain a first signature file. Mf file is a manual. As shown in fig. 4, the contents stored in the manual est.mf file are actually all entries in the upgrade package, and if the file is a directory, the directory is skipped, and if the file is a file, the Digest of the file is extracted by using the SHA1 (or SHA256) message Digest algorithm, and then the file is encoded by BASE64, and then the file is written into a block in the manual est.mf file as the value of the "SHA 1-Digest" attribute. This block has a "Name" attribute whose value is the path of the file in the upgrade package.
And S2, generating a summary for the first signature file to obtain a second signature file. The second signature file in this embodiment is a cert.sf file. And sequentially performing SHA1 (or SHA256) on each item of the header of the first signature file, the whole MANIFEST.MF file and the MANIFEST.MF, and then encoding by using Base64 to obtain the CERT.SF file. In fig. 5, the results of SHA1 (or SHA256) followed by Base64 encoding of the entire manual est.mf file are indicated by SHA 1-Digest-modify, and the results of SHA1 (or SHA256) followed by Base64 encoding of the individual entries of the manual est.mf are indicated by SHA 1-Digest. Although not shown in fig. 5, the result of encoding the block of the header of the first signature file, manifest.mf, with SHA1 (or SHA256) and then with Base64 is specifically indicated by SHA 1-Digest-maniest-Main-Attributes in this embodiment.
And S3, signing the second signature file by using a private key, and packaging the signature result, the public key and the certificate together to generate a third signature file. The third signature file in this embodiment is a cert. Here, the signature is calculated by using a private key of the generated cert.sf file, and then the signature and the digital certificate containing the public key information are written into the cert.rsa for storage. It should be noted here that the cert.rsa certificate in the Android APK is self-signed, and it is not necessary that this certificate is issued or authenticated by a third party authority, and the user can generate this self-signed certificate at the local machine itself. Android does not currently perform CA authentication on application certificates.
And S4, adding the first signature file (MANIFEST.MF file), the second signature file (CERT.SF file) and the third signature file (CERT.RSA file) into the same directory in the source upgrade package (unsign.apk/zip) to obtain a new upgrade package (sign.apk/zip).
After the signature process is completed, when the new upgrade package (sign.apk/zip) is decompressed and installed, signature verification is required, and the upgrade can be completed only after the signature verification is passed. In the signature verification method of this embodiment, as shown in fig. 6, the step S5 specifically includes the steps of:
s51, checking all files contained in the source upgrade package (un.apk/zip), and whether the corresponding digest values are consistent with the attribute values recorded in the first signature file (manifest.mf file) (checking all files contained in APK, and the corresponding digest values are consistent with the values recorded in manifest.mf file);
s52, using the third signature file (cert.rsa file) to check whether the second signature file (cert.sf file) has been modified;
s53. check if the first signature file (manifest.mf file) was modified using the second signature file (cert.sf file).
Before the step S51, a step S50 is further included: decompressing the new upgrade package (sign.apk/zip) to obtain a source upgrade package (sign.apk/zip) and first to third signature files MANIFEST.MF (MF file for short), CERT.SF (SF file for short) and CERT.RSA (RSA file for short).
In this embodiment, the step S52 specifically includes: and checking whether the digest value corresponding to the second signature file (SF file) is consistent with the attribute value recorded in the third signature file (RSA file). Specifically, the signature file (SF file) is verified using the certificate file (RSA file) for modification.
The step S53 specifically includes: and checking whether the digest value corresponding to the first signature file (MF file) is consistent with the attribute value recorded in the second signature file (SF file). Specifically, the presence or absence of modification of the MF file is checked using the signature file (SF file).
Corresponding to fig. 3, a complete signature verification process is shown in fig. 7. And if each checking step passes, the verification tag passes, and software installation and upgrading can be carried out through the source upgrading package (unsign.
As shown in fig. 8 and 9, in an example of the signature and verification process of the upgrade package provided in this embodiment, the signature is to perform private key encryption on the digest (100110101) extracted from the source upgrade package (APK/ZIP file) to obtain a new upgrade package (APK/ZIP file) after the private key encryption. The verification (signature verification) is essentially that a new upgrade package encrypted by a private key is separated to obtain a source upgrade package and a digest encrypted by the private key, the source upgrade package is firstly subjected to the same extraction algorithm as that in the signature process to obtain the digest, then the encrypted digest is decrypted by a public key to obtain the digest extracted in the signature process, the two digests are compared, if the two digests are the same, signature verification is successful, and if the two digests are different, signature verification fails.
The reason why the signature verification is used is that if any file in the APK or the upgrade package is changed, the changed file summary information is different from the verification information of the first signature file (MF file) during the installation verification of the APK or the upgrade package, so that the verification fails and the program cannot be installed successfully; secondly, if a new abstract value is correspondingly calculated for the changed file, and then the corresponding attribute value in the first signature file (MF file) is changed, the abstract value is different from the abstract value calculated in the second signature file (SF file) without fail; finally, the digest value of the first signature file (MF file) is continuously calculated, and the value in the second signature file (SF file) is changed correspondingly, so that the digital signature value is different from the value recorded in the third signature file (RSA file) or fails; it is also impossible to continue to forge the digital signature because there is no corresponding private key for the digital certificate. The signature and signature verification process can sign and verify the whole upgrade package, and can know whether the upgrade package is tampered before entering a recovery upgrade mode.
In specific implementation, the embodiment of the present invention needs to specially design a signature verification SDK package for a Signapk signature tool, and fig. 10 is a signature verification interface of the signature verification SDK package provided by the embodiment of the present invention, when a user uses the signature verification SDK package of the present invention, the user only needs to open the signature verification interface, import a signed upgrade package path and a signed public key path, and click to start verification, and then a column of a signature verification result shows whether verification is successful. If the upgrade package is not tampered, the verification is successful, as shown in FIG. 11; if the upgrade package is tampered with, verification fails, as shown in FIG. 12. The user only needs to open the signature checking tool, the signature can be verified by leading in the path of the upgrade package and the public key, the upgrade package does not need to be decompressed twice, the functions and codes of signature release and signature checking do not need to be concerned, and the operation is flexible and convenient.
The signature method of the upgrade package provided by the embodiment of the invention obtains a first signature file by generating a summary for each file in a source upgrade package; generating a summary of the first signature file to obtain a second signature file, signing the second signature file by using a private key, and packaging a signature result, a public key and a certificate together to generate a third signature file; and adding the first signature file, the second signature file and the third signature file into the same catalogue in the source upgrade package to obtain a new upgrade package. According to the signature method of the upgrade package, provided by the invention, the source upgrade package is verified and signed according to the first signature file, the second signature file and the third signature file in the new upgrade package. The invention solves the problem of signing and verifying the whole upgrade package before upgrading, and the upgrade package of the invention can be used only by applying an interface without decompressing the upgrade package twice or paying attention to functions and codes of the signature release and the signature verification during the process of signature release and signature verification when the Android is upgraded.
The above embodiments are preferred embodiments of the present invention, but the present invention is not limited to the above embodiments, and any other changes, modifications, substitutions, combinations, and simplifications which do not depart from the spirit and principle of the present invention should be construed as equivalents thereof, and all such changes, modifications, substitutions, combinations, and simplifications are intended to be included in the scope of the present invention.
Claims (10)
1. A signature method of an upgrade package is characterized by comprising the following steps:
s1, generating a summary for each file in a source upgrade package to obtain a first signature file;
s2, generating a summary for the first signature file to obtain a second signature file;
s3, signing the second signature file by using a private key, and packaging a signature result, a public key and a certificate together to generate a third signature file;
and S4, adding the first signature file, the second signature file and the third signature file into the same directory in the source upgrade package to obtain a new upgrade package.
2. The method for signing an upgrade package according to claim 1, wherein the step S1 specifically comprises:
traversing all the entries in the upgrade package, extracting the file abstract of the file from the files in the entries by using a message abstract algorithm, coding the file abstract by using a coding algorithm, and writing the file abstract into one block in the first signature file as an attribute value.
3. The method for signing an upgrade package according to claim 2, wherein: the step S2 specifically includes:
extracting the file abstract of the file from the block at the head of the first signature file by using the message abstract algorithm, coding the file abstract by using the coding algorithm, and writing the file abstract as an attribute value into a second signature file; extracting the file abstract of the whole first signature file by using the message abstract algorithm, coding the file abstract by using the coding algorithm, and writing the file abstract into the second signature file as an attribute value; and extracting the file abstract of each item of the first signature file by using the message abstract algorithm, coding the file abstract by using the coding algorithm, and writing the file abstract into the second signature file as an attribute value.
4. A method for signing an upgrade package according to claim 3, wherein: the message digest algorithm adopts SHA1 or SHA256 algorithm, and the coding algorithm adopts Base64 algorithm.
5. The method for signing an upgrade package according to claim 1, wherein: the source upgrading package is an upgrading package of an SOC of the Android.
6. A signature verification method for an upgrade package, wherein the upgrade package is a new upgrade package which has executed a signature method according to any one of claims 1 to 5, the method comprising the steps of:
and S5, verifying the source upgrade package according to the first signature file, the second signature file and the third signature file in the new upgrade package.
7. The method for verifying the upgrade package as claimed in claim 6, wherein the step S5 specifically includes the steps of:
s51, checking whether all files contained in the source upgrade package are consistent with the corresponding digest values recorded in the first signature file or not;
s52, checking whether the second signature file is modified or not by using the third signature file;
s53, using the second signature file to check whether the first signature file is modified.
8. The method for verifying the upgrade package as claimed in claim 7, wherein the step S52 specifically includes: and checking whether the digest value corresponding to the second signature file is consistent with the attribute value recorded in the third signature file.
9. The method for verifying the upgrade package as claimed in claim 7, wherein the step S53 specifically includes: and checking whether the digest value corresponding to the first signature file is consistent with the attribute value recorded in the second signature file.
10. A computer-readable storage medium characterized by: the computer-readable storage medium has stored thereon a computer program which, when executed by a processor, implements a signature method of an upgrade package according to any one of claims 1 to 5 or a signature verification method of an upgrade package according to claims 6 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010014875.2A CN111274552A (en) | 2020-01-07 | 2020-01-07 | Signature and signature verification method of upgrade package and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010014875.2A CN111274552A (en) | 2020-01-07 | 2020-01-07 | Signature and signature verification method of upgrade package and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111274552A true CN111274552A (en) | 2020-06-12 |
Family
ID=70998800
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010014875.2A Pending CN111274552A (en) | 2020-01-07 | 2020-01-07 | Signature and signature verification method of upgrade package and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111274552A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2024041107A1 (en) * | 2022-08-24 | 2024-02-29 | 中兴通讯股份有限公司 | Digital signature method, signature verification method, electronic device, and storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103530534A (en) * | 2013-09-23 | 2014-01-22 | 北京理工大学 | Android program ROOT authorization method based on signature verification |
| CN104346167A (en) * | 2014-08-25 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Method and device for generating application channel package |
| CN104426658A (en) * | 2013-09-02 | 2015-03-18 | 中国移动通信集团公司 | Method and device for performing identity authentication on application on mobile terminal |
| CN105227545A (en) * | 2015-09-07 | 2016-01-06 | 上海联彤网络通讯技术有限公司 | The system and method that user and developer divide control is realized in intelligent operating platform |
| CN106209379A (en) * | 2016-07-04 | 2016-12-07 | 江苏先安科技有限公司 | A kind of Android APK countersignature verification method |
| CN106355081A (en) * | 2016-09-07 | 2017-01-25 | 深圳市新国都支付技术有限公司 | Android program start verification method and device |
| US20170115981A1 (en) * | 2015-10-21 | 2017-04-27 | Samsung Electronics Co., Ltd. | Apparatus and method for managing application |
| CN107592202A (en) * | 2017-09-20 | 2018-01-16 | 广州阿里巴巴文学信息技术有限公司 | Application signature method, apparatus, system, computing device and storage medium |
-
2020
- 2020-01-07 CN CN202010014875.2A patent/CN111274552A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104426658A (en) * | 2013-09-02 | 2015-03-18 | 中国移动通信集团公司 | Method and device for performing identity authentication on application on mobile terminal |
| CN103530534A (en) * | 2013-09-23 | 2014-01-22 | 北京理工大学 | Android program ROOT authorization method based on signature verification |
| CN104346167A (en) * | 2014-08-25 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Method and device for generating application channel package |
| CN105227545A (en) * | 2015-09-07 | 2016-01-06 | 上海联彤网络通讯技术有限公司 | The system and method that user and developer divide control is realized in intelligent operating platform |
| US20170115981A1 (en) * | 2015-10-21 | 2017-04-27 | Samsung Electronics Co., Ltd. | Apparatus and method for managing application |
| CN106209379A (en) * | 2016-07-04 | 2016-12-07 | 江苏先安科技有限公司 | A kind of Android APK countersignature verification method |
| CN106355081A (en) * | 2016-09-07 | 2017-01-25 | 深圳市新国都支付技术有限公司 | Android program start verification method and device |
| CN107592202A (en) * | 2017-09-20 | 2018-01-16 | 广州阿里巴巴文学信息技术有限公司 | Application signature method, apparatus, system, computing device and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| ANDROID波斯湾: "Android 签名机制 v1、v2、v3", pages 1 - 13, Retrieved from the Internet <URL:https://mp.weixin.qq.com/s?__biz=MzIyNTY1MDc4NQ==&mid=2247483933&idx=1&sn=91db6685ff16e832897fb31215b1c44b&chksm=e87d3313df0aba0566715f863d12ddead211b1b91f49a82cc43331fee63022e85b5e053ba749&mpshare=1&scene=23&srcid=&sharer_sharetime=1564533545643&sharer_shareid=28c8871dc58734c8e65adbc7b16eda64#rd> * |
| JEANBOYDEV: "一篇文章看明白 Android v1 & v2 签名机制", pages 1 - 7, Retrieved from the Internet <URL:https://blog.csdn.net/freekiteyu/article/details/84849651> * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2024041107A1 (en) * | 2022-08-24 | 2024-02-29 | 中兴通讯股份有限公司 | Digital signature method, signature verification method, electronic device, and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107463806B (en) | Signature and signature verification method for Android application program installation package | |
| US11212117B2 (en) | Tamper-resistant software development lifecycle provenance | |
| CN112507328B (en) | File signature method, computing device and storage medium | |
| JP4501349B2 (en) | System module execution device | |
| US9276752B2 (en) | System and method for secure software update | |
| CN104426658B (en) | The method and device of authentication is carried out to the application on mobile terminal | |
| US20070136599A1 (en) | Information processing apparatus and control method thereof | |
| US20080216147A1 (en) | Data Processing Apparatus And Method | |
| US8359469B2 (en) | One way authentication | |
| CN105391717A (en) | APK signature authentication method and APK signature authentication system | |
| CN110362990A (en) | Using the security processing of installation, apparatus and system | |
| CN106789091B (en) | Method and device for realizing Open XML document digital signature and signature verification | |
| CN112560017B (en) | Method for realizing APK unified signature by using three-level certificate authentication | |
| CN108710500A (en) | Resource issuing method, update method and device | |
| CN107980132A (en) | A kind of APK signature authentications method and system | |
| CN111368335A (en) | Electronic signature method of PDF (Portable document Format) file and electronic signature verification method and system | |
| US7849308B2 (en) | Data generating device and control method thereof, data analyzing device and control method thereof, data processing system, program and machine-readable storage medium | |
| CN116582266B (en) | Electronic signature method, electronic signature system, and readable storage medium | |
| TW201510764A (en) | Method and system for generating a digital signature and authenticating the same on a document | |
| CN111274552A (en) | Signature and signature verification method of upgrade package and storage medium | |
| JP2004234641A (en) | Method for authenticating contents file producer, and program thereof | |
| CN113721965B (en) | Upgrading method of charging pile based on safety firmware | |
| CN113922966B (en) | Secure application installation method based on encrypted storage hardware | |
| CN114301597A (en) | Key verification method, device and readable storage medium | |
| WO2020062233A1 (en) | Method and apparatus for processing and deploying application program, and computer-readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200612 |