CN111488557B

CN111488557B - Encryption and decryption method and device, electronic equipment and readable storage medium

Info

Publication number: CN111488557B
Application number: CN201910080727.8A
Authority: CN
Inventors: 石松泉
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Communications Ltd Research Institute
Priority date: 2019-01-28
Filing date: 2019-01-28
Publication date: 2024-01-12
Anticipated expiration: 2039-01-28
Also published as: CN111488557A

Abstract

The invention discloses an encryption and decryption method, an encryption and decryption device, electronic equipment and a readable storage medium, wherein the encryption and decryption method comprises the following steps: acquiring a first SO library function to be encrypted from an SO library file; encrypting the first SO library function by adopting an encryption algorithm corresponding to the first SO library function; and replacing the first SO library function with the encrypted first SO library function in the SO library file. According to the method, the SO library function to be encrypted is encrypted by adopting the encryption algorithm corresponding to the SO library function to be encrypted, SO that the SO library is prevented from being secondarily packaged and reversely analyzed by a disassembling tool to a certain extent, and the safety of the Android device is improved.

Description

Encryption and decryption method and device, electronic equipment and readable storage medium

Technical Field

The present invention relates to the field of software security technologies, and in particular, to an encryption and decryption method, an encryption and decryption device, an electronic device, and a readable storage medium.

Background

The SO library under the Android system mainly stores a core algorithm, an encryption and decryption method, a protocol and the like, but the SO library is not encrypted in the prior art, SO the SO library is easy to be secondarily packaged and is easy to be reversely analyzed by a disassembly tool such as IDA and the like, and the security of the Android device, namely the electronic device provided with the Android system is reduced.

Disclosure of Invention

The invention provides an encryption and decryption method and device, electronic equipment and a readable storage medium, which are used for solving the problem of low security of Android equipment in the prior art.

The invention provides an encryption method, which is applied to electronic equipment, and comprises the following steps:

acquiring a first SO library function to be encrypted from an SO library file;

encrypting the first SO library function by adopting an encryption algorithm corresponding to the first SO library function;

and replacing the first SO library function with the encrypted first SO library function in the SO library file.

Further, the obtaining the first SO library function to be encrypted in the SO library file includes:

determining a first node list for recording node list information in the SO library file;

determining a first node table in which the first SO library function is located in the first node table;

searching first identification information, a first initial storage position and a first occupied storage space size of the first SO library function in the first section table;

and acquiring a first SO library function of the first identification information stored in the storage space corresponding to the first initial storage position and the first occupied storage space.

Further, after replacing the first SO library function with the encrypted first SO library function in the SO library file, the method further includes:

determining the size of the storage space occupied by the encrypted first SO library function;

and updating the first occupied storage space size stored in the first section table into the occupied storage space size of the encrypted first SO library function.

The invention provides a function using method based on the encryption method, which is applied to electronic equipment and comprises the following steps:

acquiring a second SO library function to be decrypted from the SO library file;

decrypting the second SO library function by adopting a decryption algorithm corresponding to the encryption algorithm of the second SO library function;

and replacing the second SO library function with the decrypted second SO library function in the SO library file.

Further, the obtaining the second SO library function to be decrypted in the SO library file includes:

determining a second section header table for recording section table information in the SO library file;

determining a second section table in which the second SO library function is located in the second section header table;

searching second identification information, a second initial storage position and a second occupied storage space size of the second SO library function in the second section table;

And acquiring a second SO library function of the second identification information stored in the storage space corresponding to the second initial storage position and the second occupied storage space.

Further, after replacing the second SO library function with the decrypted second SO library function in the SO library file, the method further includes:

determining the size of the storage space occupied by the decrypted second SO library function;

and updating the second occupied storage space size stored in the second section table into the occupied space size of the decrypted second SO library function.

and if each second SO library function in the SO library file is determined to be replaced by the corresponding decrypted second SO library function, dynamically loading the SO library and initializing the SO library.

Further, before dynamically loading and initializing the SO library, the method further comprises:

judging whether the read-write permission of the second section table comprises writable permission or not;

if yes, carrying out the subsequent steps;

if not, modifying the read-write permission of the second section table into writable permission, and carrying out subsequent steps.

The invention provides an encryption device, which is applied to electronic equipment, and comprises:

the acquisition module is used for acquiring a first SO library function to be encrypted from the SO library file;

the encryption module is used for encrypting the first SO library function by adopting an encryption algorithm corresponding to the first SO library function;

and the replacing module is used for replacing the first SO library function with the encrypted first SO library function in the SO library file.

The invention provides an electronic device, which comprises a memory and a processor;

the processor is configured to read the program in the memory, and perform the following procedures: acquiring a first SO library function to be encrypted from an SO library file; encrypting the first SO library function by adopting an encryption algorithm corresponding to the first SO library function; and replacing the first SO library function with the encrypted first SO library function in the SO library file.

Further, the processor is specifically configured to determine, in the SO library file, a first node table for recording node table information; determining a first node table in which the first SO library function is located in the first node table; searching first identification information, a first initial storage position and a first occupied storage space size of the first SO library function in the first section table; acquiring a first SO library function of the first identification information stored in a storage space corresponding to the first initial storage position and the first occupied storage space;

The processor is further configured to determine a size of a storage space occupied by the encrypted first SO library function after replacing the first SO library function with the encrypted first SO library function in the SO library file; and updating the first occupied storage space size stored in the first section table into the occupied storage space size of the encrypted first SO library function.

The invention provides a function using device, which is applied to electronic equipment, and comprises:

the acquisition module is used for acquiring a second SO library function to be decrypted from the SO library file;

the decryption module is used for decrypting the second SO library function by adopting a decryption algorithm corresponding to the encryption algorithm of the second SO library function;

and the replacing module is used for replacing the second SO library function with the decrypted second SO library function in the SO library file.

the processor is configured to read the program in the memory, and perform the following procedures: acquiring a second SO library function to be decrypted from the SO library file; decrypting the second SO library function by adopting a decryption algorithm corresponding to the encryption algorithm of the second SO library function; and replacing the second SO library function with the decrypted second SO library function in the SO library file.

Further, the processor is specifically configured to determine a second section header table for recording section table information in the SO library file; determining a second section table in which the second SO library function is located in the second section header table; searching second identification information, a second initial storage position and a second occupied storage space size of the second SO library function in the second section table; acquiring a second SO library function of the second identification information stored in a storage space corresponding to the second initial storage position and the second occupied storage space;

the processor is further configured to determine a size of a storage space occupied by the decrypted second SO library function after replacing the second SO library function with the decrypted second SO library function in the SO library file; and updating the second occupied storage space size stored in the second section table into the occupied space size of the decrypted second SO library function.

Further, the processor is further configured to dynamically load an SO library and initialize the SO library if it is determined that each second SO library function in the SO library file is replaced with a corresponding decrypted second SO library function after replacing the second SO library function with the decrypted second SO library function in the SO library file.

Further, the processor is further configured to determine whether the read-write permission of the second section table includes a writable permission; if yes, dynamically loading an SO library and initializing; if not, modifying the read-write permission of the second section table into writable permission, dynamically loading the SO library and initializing.

The invention provides an electronic device, comprising: the device comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus;

the memory has stored therein a computer program which, when executed by the processor, causes the processor to perform the steps of any one of the encryption methods described above.

The present invention provides a computer readable storage medium storing a computer program executable by an electronic device, which when run on the electronic device causes the electronic device to perform the steps of any one of the encryption methods described above.

The memory has stored therein a computer program which, when executed by the processor, causes the processor to perform the steps of the function call method of any of the above.

The present invention provides a computer readable storage medium storing a computer program executable by an electronic device, which when run on the electronic device causes the electronic device to perform the steps of any one of the function calling methods described above.

The invention provides an encryption and decryption method, an encryption and decryption device, electronic equipment and a readable storage medium, wherein the encryption and decryption method comprises the following steps: acquiring a first SO library function to be encrypted from an SO library file; encrypting the first SO library function by adopting an encryption algorithm corresponding to the first SO library function; and replacing the first SO library function with the encrypted first SO library function in the SO library file. According to the method, the SO library function to be encrypted is encrypted by adopting the encryption algorithm corresponding to the SO library function to be encrypted, SO that the SO library is prevented from being secondarily packaged and reversely analyzed by a disassembling tool to a certain extent, and the safety of the Android device is improved.

Drawings

In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic diagram of an encryption process according to embodiment 1 of the present invention;

FIG. 2 is a schematic diagram of an ELF Header according to embodiment 2 of the present invention;

FIG. 3 is a schematic view of a node head table according to embodiment 2 of the present invention;

FIG. 4 is a schematic diagram of a function usage process according to embodiment 4 of the present invention;

fig. 5 is a schematic structural diagram of an electronic device according to embodiment 10 of the present invention;

fig. 6 is a schematic structural diagram of an electronic device according to embodiment 10 of the present invention;

fig. 7 is a schematic structural diagram of an electronic device according to embodiment 12 of the present invention;

fig. 8 is a schematic structural diagram of an electronic device according to embodiment 13 of the present invention;

fig. 9 is a schematic diagram of an encryption device according to an embodiment of the present invention;

fig. 10 is a schematic diagram of a function using device according to an embodiment of the present invention.

Detailed Description

In order to improve the security of Android equipment, the embodiment of the invention provides an encryption and decryption method and device, electronic equipment and a readable storage medium.

The electronic device includes a hardware layer, an operating system layer running on top of the hardware layer, and an application layer running on top of the operating system.

The hardware layer includes hardware such as a central processing unit (CPU, central Processing Unit), a memory management unit (MMU, memory Management Unit), and a memory.

The operating system can be any one or more computer operating systems for realizing encryption and decryption through processes (processes), and in the scheme, the operating system mainly refers to an Android operating system, an operating system derived on the basis of the Android operating system and the like.

In addition, in the embodiment of the present invention, the electronic device may be a handheld device such as a smart phone, a tablet pc, or an electronic device such as a desktop computer, a portable computer, etc., which is not particularly limited in the embodiment of the present invention, so long as encryption and decryption can be implemented by running a program recorded with codes of the encryption and decryption method in the embodiment of the present invention.

The execution body of encryption and decryption in the embodiment of the invention can be an electronic device or a functional module in the electronic device, which can call a program and execute the program.

For the purpose of promoting an understanding of the principles and advantages of the invention, reference will now be made in detail to the drawings, in which embodiments illustrated in the drawings are intended to illustrate, but not limit the invention to the specific embodiments illustrated. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

Example 1:

fig. 1 is a schematic diagram of an encryption process according to an embodiment of the present invention, where the encryption process includes the following steps:

s101: and acquiring a first SO library function to be encrypted from the SO library file.

The encryption method provided by the embodiment of the invention is applied to electronic equipment, and the electronic equipment is provided with an Android system. In addition, third party software or algorithms for performing the encryption process may be installed in the electronic device.

The electronic equipment stores an SO library file, and the SO library file stores SO library functions which can comprise functions such as a core algorithm, an encryption and decryption method, a protocol and the like.

The electronic device may determine the first SO library function to be encrypted, specifically, it may be preset which SO library functions need to be encrypted, that is, it may be that an operator will select, in third party software or algorithm, an SO library function to be encrypted, and when selecting an SO library function, it may be that the SO library function is selected according to a position or serial number of the SO library function, or it may be that the SO library function is selected according to a name of the SO library function.

The first SO library function to be encrypted may be one or more.

After the electronic device determines the first SO library function to be encrypted, the first SO library function to be encrypted can be obtained from the SO library file.

When the electronic device obtains the first SO library function to be encrypted in the SO library file, the electronic device can directly search in the SO library file, or can search the information of the first SO library function in a section table storing the information of the SO library function in the SO library file, and then locate the first SO library function.

S102: and encrypting the first SO library function by adopting an encryption algorithm corresponding to the first SO library function.

The electronic device may obtain an encryption algorithm corresponding to the first SO library function to be encrypted, and the specific electronic device may store the encryption algorithm corresponding to the first SO library function to be encrypted, which may be an encryption algorithm corresponding to the first SO library function to be encrypted stored in other devices, where the electronic device obtains the encryption algorithm corresponding to the first SO library function to be encrypted in other devices, and SO on.

Specifically, the encryption algorithm corresponding to each SO library function stored in the SO library file may be an encryption algorithm corresponding to a specific one or several SO library functions stored in the SO library file, and if the encryption algorithm corresponding to each SO library function is the same or different, the encryption algorithm corresponding to each SO library function may be the same or different, which is not limited herein.

After the electronic device determines the encryption algorithm corresponding to the first SO library function, the encryption algorithm corresponding to the first SO library function is adopted to encrypt the first SO library function, if only one first SO library function to be encrypted exists, the encryption algorithm corresponding to the first SO library function is adopted to encrypt the first SO library function, and if a plurality of first SO library functions to be encrypted exist, the encryption algorithm corresponding to each first SO library function is adopted to encrypt each first SO library function.

The encryption algorithm may be implemented by using the prior art, and details are not described in the embodiment of the present invention.

S103: and replacing the first SO library function with the encrypted first SO library function in the SO library file.

And the electronic equipment encrypts the first SO library function by adopting an encryption algorithm corresponding to the first SO library function to obtain the encrypted first SO library function.

In order to prevent the first SO library function from being secondarily packed and reversely analyzed by the disassembly tool, the electronic equipment replaces the first SO library function in the SO library file by adopting the encrypted first SO library function, and the encrypted first SO library function is stored in the replaced SO library.

In the embodiment of the invention, the SO library function to be encrypted is encrypted by adopting the encryption algorithm corresponding to the SO library function to be encrypted, SO that the SO library is prevented from being secondarily packaged and reversely analyzed by a disassembling tool to a certain extent, and the safety of the Android equipment is improved.

Example 2:

based on the foregoing embodiment, in the embodiment of the present invention, the obtaining, in the SO library file, the first SO library function to be encrypted includes:

In order to improve the searching speed of the first SO library function to be encrypted, the first SO library function can be searched through the information of the first SO library function stored in the section table in the embodiment of the invention.

The so library file is an ELF file, which is developed from the COFF format, and is a segment-based data structure. The overall format of the ELF executable is shown in the following table. For an executable file, the file start is ELF Header field information; followed by a program header table Program Header Table; the content information of each section follows; followed by a section header table (Section header table) with fields in the section header table to record the actual length of each section. The position of the Header table may be indicated by a value in the ELF Header field.

For an executable file, the file start is ELF Header field information; followed by a program header table Program Header Table; the content information of each Section, namely Section 1, section 2, section 3 … …; followed by a section header table (Section header table) with fields in the section header table to record the actual length of each section. The position of the Header table may be indicated by a value in the ELF Header field.

The schematic structure of the ELFHeader in the above format is shown in fig. 2, where the field used for indicating the information of the Section header table section header table is e_shoff, and the e_shoff field indicates the position information of the Section header table section header table, specifically may be the start position relative to the file header, and other fields are believed to be clear to those skilled in the art, SO that details will not be repeated in the embodiment of the present invention.

I.e. located to Section Header table (section Header table) by the elf32_ehdr.e_shoff field of the ELF Header.

The electronic device may locate a position of the first node table based on the structure, thereby determining the first node table that records node table information.

The first node table stores information of a node table, and the node table stores information of a first SO library function. Specifically, the structure of Section header table (node header table) adopted by the information of the node table stored in the first node header table may be shown in fig. 3, where the information used to indicate the node table is sh_name, sh_offset, and sh_size, the sh_name field indicates the name of the node table, the sh_offset field indicates the start position of the node table, and the sh_size field indicates the size of the node table, and it is believed that other fields are clear to those skilled in the art, and therefore, will not be described in detail in the embodiments of the present invention.

I.e. by the joint header table elf32_shdr. Sh_offset to the start position of the specified joint (.dynamic joint). The dynamic section holds the basic information required for the dynamic linker, and the starting position of the dynamic section is found in the dynamic section. The fields in the section are all Dyn structure types, namely elf32_dyn structure, and the structure is shown in the following table structure, and the structure identifies each section table section information related to the dynamic connection of the SO library, namely a type identifier d_tag indicating the name of the phase joint, namely an offset position d_un, which can be an offset relative to a base address, SO as to determine the position of the section table, wherein other fields of the elf32_dyn structure are believed to be clear to a person skilled in the art, and therefore are not repeated in the embodiment of the invention.

According to the structure, the electronic device can determine a first node table in which the first SO library function is located in the first node table.

The information of the first SO library function stored in the section table includes first identification information, a first initial storage location and a first occupied storage space size of the first SO library function, the first identification information may include a sequence number and/or a name of the first SO library function, and the like, and the structure adopted by the information of the SO library function stored in the section table may be shown in the following table structure, where the structure identifies related information of the SO library import/export function, that is, the name, the initial storage location st_value and the occupied space size st_size of the SO library function, and the st_name, st_value and st_size fields of the elf32_sym structure find the storage space of the function to be encrypted, SO as to determine the data of the first SO library function, and other fields of the elf32_sym structure are believed to be clear to those skilled in the art, SO that details will not be described in the embodiments of the present invention.

The electronic equipment searches a first initial storage position and a first occupied storage space size of a first SO library function in a first section table, determines a storage space corresponding to the first initial storage position and the first occupied storage space size, and acquires data in the determined storage space, SO that the first SO library function of first identification information stored in the storage space is acquired.

In addition, because the encryption is carried out on the SO library function instead of the whole SO library file or the section table in the SO library in the embodiment of the invention, the original SO library or byte information is not changed, the concealment is better, the static reverse analysis can be more effectively resisted, and the security of the SO library file is further improved.

In the embodiment of the invention, the first SO library function is searched through the information of the first SO library function stored in the section table, SO that the searching speed of the first SO library function to be encrypted is improved.

Example 3:

based on the foregoing embodiments, in the embodiments of the present invention, after replacing the first SO library function with the encrypted first SO library function in the SO library file, the method further includes:

The size of the storage space occupied by the SO library function before encryption and after encryption may change, and in order to ensure the decryption accuracy in the subsequent decryption process, in the embodiment of the present invention, the size of the storage space occupied by the first SO library function after encryption is adopted to update the size of the storage space occupied by the first SO library function.

The process of determining the size of the storage space occupied by the encrypted first SO library function by the electronic device belongs to the prior art, and is not described in detail in the embodiment of the present invention.

Therefore, the size of the storage space occupied by the SO library function before and after encryption may change, SO that the first occupied storage space of the first SO library function stored in the first section table is updated to the size of the storage space occupied by the encrypted first SO library function, and the encrypted SO library function to be decrypted can be accurately found in the subsequent decryption process.

The data is stored continuously in the memory, SO that if the size of the storage space occupied by the encrypted SO library function is increased, the initial storage position of each SO library function may be changed, SO that excessive processing resources are occupied to update the initial storage position of the SO library function in the node table, and therefore, when the encryption algorithm corresponding to the SO library function is selected, the encryption algorithm which does not increase the size of the storage space occupied by the encrypted SO library function, that is, the encryption algorithm which does not change or decrease the size of the storage space occupied by the encrypted SO library function is selected, and it is believed that it is clear to those skilled in the art that the encryption algorithm which does not change or decrease the size of the storage space occupied by the encrypted SO library function is selected.

It should be noted that, the size of the storage space occupied only represents the size of the storage space occupied by the data of the SO library function, and when the size of the storage space occupied by the encrypted SO library function does not become large, the size of the storage space actually reserved for the SO library function can be unchanged, SO that the initial storage position of the SO library function in the section table can be prevented from being updated by occupying excessive processing resources.

In the embodiment of the invention, the occupied storage space of the first SO library function is updated by adopting the occupied storage space of the encrypted first SO library function, SO that the decryption accuracy of the subsequent decryption process is ensured.

Example 4:

on the basis of the foregoing embodiments, the embodiment of the present invention provides a function using method, and fig. 4 is a schematic diagram of a function using process provided by the embodiment of the present invention, where the process includes the following steps:

s401: and acquiring a second SO library function to be decrypted from the SO library file.

The encryption method provided by the embodiment of the invention is applied to the electronic equipment, the electronic equipment is the electronic equipment provided with the Android system, decryption codes can be added on the basis of the original SO source codes when the function using method is carried out on the electronic equipment, the electronic equipment is compiled into a new SO library, the encrypted functions are firstly decrypted in a memory when software runs, and then the function codes of the original SO library are executed, but the electronic equipment can be realized without third-party software or algorithms.

The decryption process is dynamically performed by the program itself in the memory. The location of the SO library is first located. Searching/proc/pid/maps files, wherein/proc/pid/maps list the address of a process virtual address space, traversing each row of the file, searching the file name of the so library, and reading an address character string when the file name of the so library is found, wherein the address is the address of the so library in the process virtual address space.

And storing the encrypted SO library function, namely the SO library function to be decrypted, in an SO library file stored in the electronic equipment.

The electronic device may determine the second SO library functions to be decrypted, specifically, it may be preset which SO library functions need to be decrypted, that is, it may be preset that each SO library function that has been encrypted is defaulted as the second SO library function to be decrypted.

The second SO library function to be decrypted may be one or more.

After the electronic device determines the second SO library function to be decrypted, the second SO library function to be decrypted may be obtained from the SO library file.

When the electronic device obtains the second SO library function to be decrypted from the SO library file, the electronic device may directly search in the SO library file, or may search the information of the second SO library function in a section table storing the information of the SO library function in the SO library file, and then locate the second SO library function.

S402: and decrypting the second SO library function by adopting a decryption algorithm corresponding to the encryption algorithm of the second SO library function.

The electronic device may obtain a decryption algorithm corresponding to the second SO library function to be decrypted, where the decryption algorithm corresponding to the second SO library function is a decryption algorithm corresponding to an encryption algorithm used when the second SO library function is encrypted, specifically, the electronic device may store the decryption algorithm corresponding to the second SO library function to be decrypted in the electronic device, may store the decryption algorithm corresponding to the second SO library function to be decrypted in other devices, and the electronic device obtains the decryption algorithm corresponding to the second SO library function to be decrypted in other devices.

The decryption algorithm corresponding to the second SO library function to be decrypted stored in the electronic equipment or other equipment corresponds to the encryption algorithm in encryption, if the decryption algorithm corresponding to each SO library function in the SO library file is stored, the decryption algorithm corresponding to the encryption algorithm of each SO library function is stored, and if the decryption algorithm corresponding to one or more SO library functions is stored, the decryption algorithm corresponding to the encryption algorithm of the one or more SO library functions is stored. If the plurality of SO libraries correspond to encryption algorithms, the plurality of SO libraries also correspond to decryption algorithms, and since the encryption algorithms corresponding to each SO library function may be the same or different, the decryption algorithms corresponding to each SO library function to be decrypted may be the same or different, and the method is not limited herein.

After the electronic device determines the decryption algorithm corresponding to the second SO library function, the decryption algorithm corresponding to the second SO library function is adopted to decrypt the second SO library function, if only one second SO library function to be decrypted exists, the decryption algorithm corresponding to the second SO library function is adopted to decrypt the one second SO library function, and if a plurality of second SO library functions to be decrypted exist, the decryption algorithm corresponding to each second SO library function is adopted to decrypt each second SO library function.

The decryption process of the function by adopting the decryption algorithm can be realized by adopting the prior art, and is not described in detail in the embodiment of the invention.

S403: and replacing the second SO library function with the decrypted second SO library function in the SO library file.

And the electronic equipment decrypts the second SO library function by adopting a decryption algorithm corresponding to the second SO library function, and then obtains the decrypted second SO library function.

In order to realize the use of the SO library functions in the SO library file on the basis of ensuring the SO library file, the electronic equipment adopts the decrypted second SO library function to replace the second SO library function in the SO library file, and the decrypted second SO library function is stored in the replaced SO library.

According to the embodiment of the invention, the SO library function to be decrypted is decrypted by adopting a decryption algorithm corresponding to the SO library function to be decrypted, and the use of the SO library function in the SO library file can be realized on the basis of ensuring the safety of the Android device.

Example 5:

based on the foregoing embodiments, in the embodiment of the present invention, the obtaining, in the SO library file, the second SO library function to be decrypted includes:

In order to improve the searching speed of the second SO library function to be decrypted, the second SO library function can be searched through the information of the second SO library function in the section table in the embodiment of the invention.

The process of obtaining the second SO library function to be decrypted in the SO library file is similar to the process of obtaining the first SO library function to be encrypted in the SO library file in the above embodiment, and will not be described in detail in the embodiment of the present invention.

In the embodiment of the invention, the second SO library function is searched through the information of the second SO library function stored in the section table, SO that the searching speed of the second SO library function to be encrypted is improved.

Example 6:

based on the foregoing embodiments, in the embodiments of the present invention, after replacing the second SO library function with the decrypted second SO library function in the SO library file, the method further includes:

The size of the storage space occupied by the SO library function before and after decryption may change, and in order to ensure the accuracy of the use of the subsequent function, in the embodiment of the invention, the size of the storage space occupied by the second SO library function after decryption is adopted to update the size of the storage space occupied by the second SO library function.

The process of determining the size of the storage space occupied by the decrypted second SO library function by the electronic device belongs to the prior art, and is not described in detail in the embodiment of the present invention.

Therefore, the storage space occupied by the SO library functions before and after decryption may change, SO that the second occupied storage space of the second SO library functions stored in the second section table is updated to the storage space occupied by the encrypted second SO library functions, and the SO library functions which have been decrypted can be accurately found in the use process of the subsequent functions.

The decryption algorithm corresponding to the second SO library function to be decrypted is correspondingly related to the decryption algorithm, SO that the storage space occupied by the encrypted SO library function is ensured not to exceed the storage space occupied by the original SO library function before encryption, and the storage space occupied by the original SO library function with the storage space occupied by the decrypted SO library function is ensured not to exceed the storage space occupied by the original SO library function.

Corresponding to the above embodiment, the size of the storage space occupied only represents the size of the storage space occupied by the data of the SO library function, and the size of the storage space actually reserved for the original SO library function can be unchanged, SO that excessive processing resources can be prevented from being occupied to update the initial storage position of the SO library function in the section table.

In the embodiment of the invention, the size of the storage space occupied by the second SO library function is updated by adopting the size of the storage space occupied by the second SO library function after decryption, SO that the accuracy of the using process of the subsequent function is ensured.

Example 7:

Firstly, dynamically decrypting the encrypted SO library function, and then executing the function code of the original SO library to accurately realize the function call.

Because the electronic device replaces the second SO library function with the decrypted second SO library function in the SO library file, the electronic device can determine whether each second SO library function to be decrypted in the SO library file is replaced with the decrypted second SO library function.

The electronic device may determine whether each second SO library function to be decrypted in the SO library file is replaced with the second SO library function to be decrypted, if SO, determine that the function call may be accurately implemented, and if not, may not be accurately invoked when performing the function call.

When the function is called, the SO library function needs to be dynamically loaded and initialized, and the process of dynamically loading and initializing the SO library function can be realized by executing the JNI_OnLoad () function.

In order to realize that the decryption process of the SO library function is earlier than the function call process, in general, when the SO library is linked and loaded, the JNI_OnLoad () function is firstly executed, but the restoring code is required to finish the decryption and restoring of the SO library earlier than the JNI_OnLoad () function, and a proper method is that the restoring operation is put in an init section, when the SO is loaded, the linker firstly traverses and executes the function registered in the init section, and then calls the JNI_OnLoad (), SO that the decryption and restoring of the SO library function are firstly completed, and then the function is called.

Because the encrypted SO library function is dynamically decrypted in the embodiment of the invention, the function code of the original SO library is executed, thereby realizing accurate function call.

Example 8:

based on the foregoing embodiments, in the embodiments of the present invention, before dynamically loading and initializing the SO library, the method further includes:

if yes, carrying out the subsequent steps;

Because different sections have different read-write rights, if the section to be decrypted only has read-only rights, the section to be decrypted also needs to be modified into writable rights to call the function.

The electronic device judges whether the read-write permission of the second section table comprises writable permission, if SO, the function is initialized and then invoked after the SO library function is initialized, and if not, the read-write permission of the second section table is required to be modified into writable permission, and then the function is initialized and then invoked after the SO library function is initialized.

The process of the electronic device for judging whether the read-write permission of the files such as the section list comprises the writable permission or not and the process of modifying the read-write permission of the files such as the section list belong to the prior art, and are not repeated in the embodiment of the invention.

Example 9:

on the basis of the above embodiments, the embodiment of the present invention further provides an electronic device, as shown in fig. 5, including: a processor 501 and a memory 502;

the processor 501 is configured to execute the program in the read memory 502, and perform the following procedures: acquiring a first SO library function to be encrypted from an SO library file; encrypting the first SO library function by adopting an encryption algorithm corresponding to the first SO library function; and replacing the first SO library function with the encrypted first SO library function in the SO library file.

Based on the same inventive concept, the embodiment of the invention also provides an electronic device, and since the principle of solving the problem of the electronic device is similar to that of the encryption method, the implementation of the electronic device can refer to the implementation of the method, and the repetition is omitted.

In fig. 5, a bus architecture may comprise any number of interconnected buses and bridges, with one or more processors, represented in particular by processor 501, and various circuits of memory, represented by memory 502, linked together. The bus architecture may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are well known in the art and, therefore, will not be described further herein. The transceiver 503 may be a number of elements, i.e. comprising a transmitter and a receiver, providing a means for communicating with various other apparatus over a transmission medium. The processor 501 is responsible for managing the bus architecture and general processing, and the memory 502 may store data used by the processor 501 in performing operations.

Alternatively, the processor 501 may be a CPU (Central processing Unit), ASIC (Application Specific Integrated Circuit ), FPGA (Field-Programmable Gate Array, field programmable Gate array), or CPLD (Complex Programmable Logic Device ).

The processor 501 is specifically configured to determine, in the SO library file, a first node table for recording node table information; determining a first node table in which the first SO library function is located in the first node table; searching first identification information, a first initial storage position and a first occupied storage space size of the first SO library function in the first section table; and acquiring a first SO library function of the first identification information stored in the storage space corresponding to the first initial storage position and the first occupied storage space.

The processor 501 is further configured to determine a size of a storage space occupied by the encrypted first SO library function after replacing the first SO library function with the encrypted first SO library function in the SO library file; and updating the first occupied storage space size stored in the first section table into the occupied storage space size of the encrypted first SO library function.

Example 10:

on the basis of the above embodiments, the embodiment of the present invention further provides an electronic device, as shown in fig. 6, including: processor 601, communication interface 602, memory 603 and communication bus 604, wherein processor 601, communication interface 602, memory 603 complete the communication each other through communication bus 604;

the memory 603 has stored therein a computer program which, when executed by the processor 601, causes the processor 601 to perform an embodiment of any one of the encryption methods described above.

The communication bus mentioned above for the electronic devices may be a peripheral component interconnect standard (Peripheral Component Interconnect, PCI) bus or an extended industry standard architecture (Extended Industry Standard Architecture, EISA) bus, etc. The communication bus may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.

The communication interface 602 is used for communication between the electronic device and other devices described above.

The Memory may include random access Memory (Random Access Memory, RAM) or may include Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.

The processor may be a general-purpose processor, including a central processing unit, a network processor (Network Processor, NP), etc.; but also digital instruction processors (Digital Signal Processing, DSP), application specific integrated circuits, field programmable gate arrays or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.

Example 11:

on the basis of the above embodiments, the embodiments of the present invention further provide a computer-readable storage medium, in which a computer program executable by an electronic device is stored, which when executed on the electronic device, causes the electronic device to implement the embodiments of any one of the encryption methods described above.

The computer readable storage medium may be any available medium or data storage device that can be accessed by a processor in an electronic device, including but not limited to magnetic memories such as floppy disks, hard disks, magnetic tapes, magneto-optical disks (MO), etc., optical memories such as CD, DVD, BD, HVD, etc., and semiconductor memories such as ROM, EPROM, EEPROM, nonvolatile memories (NAND FLASH), solid State Disks (SSD), etc.

Example 12:

on the basis of the above embodiments, the embodiment of the present invention further provides an electronic device, as shown in fig. 7, including: a processor 701 and a memory 702;

the processor 701 is configured to execute a program in the read memory 702, and perform the following procedures: acquiring a second SO library function to be decrypted from the SO library file; decrypting the second SO library function by adopting a decryption algorithm corresponding to the encryption algorithm of the second SO library function; and replacing the second SO library function with the decrypted second SO library function in the SO library file.

Based on the same inventive concept, the embodiment of the invention also provides an electronic device, and because the principle of solving the problem of the electronic device is similar to that of using the function, the implementation of the electronic device can refer to the implementation of the method, and the repetition is omitted.

In fig. 7, a bus architecture may be comprised of any number of interconnected buses and bridges, and in particular, one or more processors represented by the processor 701 and various circuits of the memory represented by the memory 702. The bus architecture may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are well known in the art and, therefore, will not be described further herein. The transceiver 703 may be a number of elements, i.e. comprising a transmitter and a receiver, providing a means for communicating with various other apparatus over a transmission medium. The processor 701 is responsible for managing the bus architecture and general processing, and the memory 702 may store data used by the processor 701 in performing operations.

Alternatively, the processor 701 may be a CPU (Central processing Unit), ASIC (Application Specific Integrated Circuit ), FPGA (Field-Programmable Gate Array, field programmable Gate array), or CPLD (Complex Programmable Logic Device ).

The processor 701 is specifically configured to determine a second section header table for recording section table information in the SO library file; determining a second section table in which the second SO library function is located in the second section header table; searching second identification information, a second initial storage position and a second occupied storage space size of the second SO library function in the second section table; and acquiring a second SO library function of the second identification information stored in the storage space corresponding to the second initial storage position and the second occupied storage space.

The processor 701 is further configured to determine a size of a storage space occupied by the decrypted second SO library function after replacing the second SO library function with the decrypted second SO library function in the SO library file; and updating the second occupied storage space size stored in the second section table into the occupied space size of the decrypted second SO library function.

The processor 701 is further configured to dynamically load an SO library and initialize the SO library if it is determined that each second SO library function in the SO library file is replaced with a corresponding decrypted second SO library function after replacing the second SO library function with the decrypted second SO library function in the SO library file.

The processor 701 is further configured to determine whether the read-write permission of the second section table includes writable permission; if yes, dynamically loading an SO library and initializing; if not, modifying the read-write permission of the second section table into writable permission, dynamically loading the SO library and initializing.

In the embodiment of the invention, the SO library function to be decrypted is decrypted by adopting the decryption algorithm corresponding to the SO library function to be decrypted, and the use of the SO library function in the SO library file can be realized on the basis of ensuring the safety of the Android device.

Example 13:

on the basis of the above embodiments, the embodiment of the present invention further provides an electronic device, as shown in fig. 8, including: a processor 801, a communication interface 802, a memory 803, and a communication bus 804, wherein the processor 801, the communication interface 802, and the memory 803 complete communication with each other through the communication bus 804;

The memory 803 stores a computer program that, when executed by the processor 801, causes the processor 801 to perform an embodiment of any one of the function usage methods described above.

The communication interface 802 is used for communication between the electronic device and other devices described above.

Example 14:

on the basis of the above embodiments, the embodiments of the present invention further provide a computer-readable storage medium, in which a computer program executable by an electronic device is stored, which when executed on the electronic device, causes the electronic device to implement an embodiment of a method for using any of the functions described above.

Fig. 9 is a schematic diagram of an encryption device according to an embodiment of the present invention, which is applied to an electronic device, and the device includes:

the acquisition module 901 is configured to acquire a first SO library function to be encrypted in an SO library file;

an encryption module 902, configured to encrypt the first SO library function by using an encryption algorithm corresponding to the first SO library function;

and the replacing module 903 is configured to replace the first SO library function with an encrypted first SO library function in the SO library file.

The acquisition module is specifically configured to determine, in the SO library file, a first node table for recording node table information; determining a first node table in which the first SO library function is located in the first node table; searching first identification information, a first initial storage position and a first occupied storage space size of the first SO library function in the first section table; and acquiring a first SO library function of the first identification information stored in the storage space corresponding to the first initial storage position and the first occupied storage space.

The apparatus further comprises:

the updating module is used for determining the size of the occupied storage space of the encrypted first SO library function after replacing the first SO library function with the encrypted first SO library function in the SO library file; and updating the first occupied storage space size stored in the first section table into the occupied storage space size of the encrypted first SO library function.

Fig. 10 is a schematic diagram of a function using apparatus according to an embodiment of the present invention, where the function using apparatus is applied to an electronic device, and the apparatus includes:

an obtaining module 1001, configured to obtain a second SO library function to be decrypted in the SO library file;

a decryption module 1002, configured to decrypt the second SO library function by using a decryption algorithm corresponding to the encryption algorithm of the second SO library function;

and a replacing module 1003, configured to replace the second SO library function with a decrypted second SO library function in the SO library file.

The acquisition module is specifically configured to determine a second section header table for recording section table information in the SO library file; determining a second section table in which the second SO library function is located in the second section header table; searching second identification information, a second initial storage position and a second occupied storage space size of the second SO library function in the second section table; and acquiring a second SO library function of the second identification information stored in the storage space corresponding to the second initial storage position and the second occupied storage space.

The apparatus further comprises:

the updating module is used for determining the size of the occupied storage space of the decrypted second SO library function after replacing the second SO library function with the decrypted second SO library function in the SO library file; and updating the second occupied storage space size stored in the second section table into the occupied space size of the decrypted second SO library function.

The apparatus further comprises:

and the calling module is used for dynamically loading the SO library and initializing the SO library if each second SO library function in the SO library file is determined to be replaced by the corresponding decrypted second SO library function after the second SO library function is replaced by the decrypted second SO library function in the SO library file.

The calling module is further configured to determine whether the read-write permission of the second section table includes writable permission; if yes, dynamically loading an SO library and initializing; if not, modifying the read-write permission of the second section table into writable permission, dynamically loading the SO library and initializing.

And decrypting the SO library function to be decrypted by adopting a decryption algorithm corresponding to the SO library function to be decrypted, SO that the SO library function in the SO library file can be used on the basis of ensuring the safety of the Android device.

For system/device embodiments, the description is relatively simple as it is substantially similar to method embodiments, with reference to the description of method embodiments in part.

It should be noted that in this document relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.

It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.

The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.

These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.

While preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the application.

It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims

1. An encryption method, applied to an electronic device, comprising:

acquiring a first SO library function to be encrypted from an SO library file;

replacing the first SO library function with an encrypted first SO library function in the SO library file;

and updating the occupied storage space size stored in the first node table into the occupied storage space size of the encrypted first SO library function, wherein the first node table is a first node table where the first SO library function is located, which is determined in a first node table for recording node table information.

2. The method of claim 1, wherein the obtaining the first SO library function to be encrypted in the SO library file comprises:

3. A function usage method based on the encryption method of claim 1 or 2, characterized in that it is applied to an electronic device, the method comprising:

replacing the second SO library function with a decrypted second SO library function in the SO library file;

and updating the occupied storage space size stored in a second section table into the occupied space size of the decrypted second SO library function, wherein the second section table is a second section table in which the second SO library function is located, which is determined in a second section head table for recording section table information.

4. A method as claimed in claim 3, wherein said obtaining a second SO library function to be decrypted in an SO library file comprises:

5. The method of claim 3 or 4, wherein after replacing the second SO library function with a decrypted second SO library function in the SO library file, the method further comprises:

6. A method as claimed in claim 3, wherein prior to dynamically loading and initializing the SO library, the method further comprises:

If yes, carrying out the subsequent steps;

7. An encryption apparatus, characterized by being applied to an electronic device, comprising:

the replacing module is used for replacing the first SO library function with an encrypted first SO library function in the SO library file;

the updating module is used for determining the size of the occupied storage space of the encrypted first SO library function; updating the occupied storage space size stored in the first node table into the occupied storage space size of the encrypted first SO library function, wherein the first node table is a first node table where the first SO library function is located, which is determined in a first node table for recording node table information.

8. An electronic device comprising a memory and a processor;

the processor is configured to read the program in the memory, and perform the following procedures: acquiring a first SO library function to be encrypted from an SO library file; encrypting the first SO library function by adopting an encryption algorithm corresponding to the first SO library function; replacing the first SO library function with an encrypted first SO library function in the SO library file; determining the size of the storage space occupied by the encrypted first SO library function; and updating the occupied storage space size stored in the first node table into the occupied storage space size of the encrypted first SO library function, wherein the first node table is a first node table where the first SO library function is located, which is determined in a first node table for recording node table information.

9. The electronic device of claim 8, wherein the processor is configured to determine, in the SO library file, a first node table for recording node table information; determining a first node table in which the first SO library function is located in the first node table; searching first identification information, a first initial storage position and a first occupied storage space size of the first SO library function in the first section table; and acquiring a first SO library function of the first identification information stored in the storage space corresponding to the first initial storage position and the first occupied storage space.

10. A function using apparatus, characterized by being applied to an electronic device, comprising:

the replacing module is used for replacing the second SO library function with the decrypted second SO library function in the SO library file;

the updating module is used for determining the size of the occupied storage space of the decrypted second SO library function; and updating the occupied storage space size stored in the second section table into the occupied space size of the decrypted second SO library function, wherein the second section table is a second section table in which the second SO library function is located, which is determined in a second section head table for recording section table information.

11. An electronic device comprising a memory and a processor;

the processor is configured to read the program in the memory, and perform the following procedures: acquiring a second SO library function to be decrypted from the SO library file; decrypting the second SO library function by adopting a decryption algorithm corresponding to the encryption algorithm of the second SO library function; replacing the second SO library function with a decrypted second SO library function in the SO library file; determining the size of the storage space occupied by the decrypted second SO library function; and updating the occupied storage space size stored in a second section table into the occupied space size of the decrypted second SO library function, wherein the second section table is a second section table in which the second SO library function is located, which is determined in a second section head table for recording section table information.

12. The electronic device of claim 11, wherein the processor is specifically configured to determine a second section header table in the SO library file for recording section table information; determining a second section table in which the second SO library function is located in the second section header table; searching second identification information, a second initial storage position and a second occupied storage space size of the second SO library function in the second section table; and acquiring a second SO library function of the second identification information stored in the storage space corresponding to the second initial storage position and the second occupied storage space.

13. The electronic device of claim 11, wherein the processor is further configured to dynamically load and initialize an SO library if it is determined that each second SO library function in the SO library file is replaced with a corresponding decrypted second SO library function after replacing the second SO library function with the decrypted second SO library function in the SO library file.

14. The electronic device of claim 13, wherein the processor is further configured to determine whether the read-write permission of the second section table includes writable permissions; if yes, dynamically loading an SO library and initializing; if not, modifying the read-write permission of the second section table into writable permission, dynamically loading the SO library and initializing.

15. An electronic device, comprising: the device comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus;

the memory has stored therein a computer program which, when executed by the processor, causes the processor to perform the steps of the method of any of claims 1-2.

16. A computer readable storage medium, characterized in that it stores a computer program executable by an electronic device, which when run on the electronic device causes the electronic device to perform the steps of the method according to any one of claims 1-2.

17. An electronic device, comprising: the device comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus;

the memory has stored therein a computer program which, when executed by the processor, causes the processor to perform the steps of the method of any of claims 3 to 6.

18. A computer readable storage medium, characterized in that it stores a computer program executable by an electronic device, which when run on the electronic device causes the electronic device to perform the steps of the method according to any one of claims 3-6.