CN111859408A - File encryption and decryption method and device, electronic equipment and readable storage medium - Google Patents
File encryption and decryption method and device, electronic equipment and readable storage medium Download PDFInfo
- Publication number
- CN111859408A CN111859408A CN201911423626.2A CN201911423626A CN111859408A CN 111859408 A CN111859408 A CN 111859408A CN 201911423626 A CN201911423626 A CN 201911423626A CN 111859408 A CN111859408 A CN 111859408A
- Authority
- CN
- China
- Prior art keywords
- data
- file
- encrypted
- information
- identification information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The disclosure provides a file encryption and decryption method and device, an electronic device and a readable storage medium, when an original file is authorized to an application for use, the original file can be encrypted based on identification information of the authorized application, and the obtained encrypted file is closely associated with an identification of the authorized application. When the application calls the encrypted file, the application identifier of the application needs to be used for decrypting the encrypted file, if the application identifier is inconsistent with the application identifier used for generating the encrypted file, decryption failure can be caused, and further the application which is not authorized to use the original file cannot correctly read the original file.
Description
Technical Field
The present disclosure relates to encryption and decryption technologies, and in particular, to a file encryption and decryption method and apparatus, an electronic device, and a readable storage medium.
Background
At present, with the popularization of terminal intelligent application, many enterprises put forward reasoning frameworks applied to terminals, and the reasoning frameworks can load and apply models.
In the prior art, in order to protect the model from being stolen, model protection mechanisms are provided, and the mechanisms can protect the structural information and the weight data of the model from being stolen.
However, due to the existence of the reasoning framework, a cracker can crack the application to acquire the model file therein, and directly load the model file through the reasoning framework, so that the labor success of other users is stolen. Therefore, how to effectively protect the model from being stolen is a technical problem that needs to be solved urgently by those skilled in the art.
Disclosure of Invention
The disclosure provides a file encryption method, a file decryption method, a file encryption device, a file decryption device, an electronic device and a readable storage medium, and aims to solve the problem that a model file is easy to steal and embezzle in the prior art.
A first aspect of the present disclosure is to provide a file encryption method, including:
determining file data information according to an original file, and acquiring identification information of authorized application corresponding to the original file;
determining a key according to the file data information and the identification information, and encrypting the data of the original file by using the key to obtain first encrypted data;
and determining an encrypted file corresponding to the original file according to the file data information, the identification information and the first encrypted data.
A second aspect of the present disclosure is to provide a file decryption method, including:
acquiring first encrypted data, file data information and first identification information of authorized application according to the encrypted file; the first encrypted data is obtained by encrypting data of an original file, and the file data information is signature information of the data of the original file;
acquiring second identification information of an application to be verified, and comparing the first identification information with the second identification information;
and if the comparison is consistent, decrypting the first encrypted data according to the second identification information and the file data information to obtain data of an original file, and determining the original file corresponding to the encrypted file according to the data of the original file.
A third aspect of the present disclosure is to provide a file encryption apparatus, including:
the acquisition module is used for determining file data information according to an original file and acquiring identification information of authorized application corresponding to the original file;
the key generation module is used for determining a key according to the file data information and the identification information;
the encryption module is used for encrypting the data of the original file by using the secret key to obtain first encrypted data;
And the encrypted file generating module is used for determining an encrypted file corresponding to the original file according to the file data information, the identification information and the first encrypted data.
A fourth aspect of the present disclosure is to provide a file decryption apparatus, including:
the acquisition module is used for acquiring first encrypted data, file data information and first identification information of authorized application according to the encrypted file; the first encrypted data is obtained by encrypting data of an original file, and the file data information is signature information of the data of the original file;
the comparison module is used for acquiring second identification information of the application to be verified and comparing the first identification information with the second identification information;
and the decryption module is used for decrypting the first encrypted data according to the second identification information and the file data information to obtain data of an original file if the comparison is consistent, and determining the original file corresponding to the encrypted file according to the data of the original file.
Yet another aspect of the present disclosure is to provide an electronic device including:
a memory;
a processor; and
a computer program;
wherein the computer program is stored in the memory and configured to be executed by the processor to implement the file encryption method of the first aspect or the file decryption method of the second aspect.
It is a further aspect of the present disclosure to provide a computer-readable storage medium having stored thereon a computer program for execution by a processor to implement the file encryption method according to the first aspect or the file decryption method according to the second aspect.
The technical effects of the file encryption and decryption method and device, the electronic equipment and the readable storage medium provided by the disclosure are as follows:
when an original file is authorized to an application for use, the original file can be encrypted based on the identification information of the authorized application, and the obtained encrypted file is closely associated with the identification of the authorized application. When the application calls the encrypted file, the application identifier of the application needs to be used for decrypting the encrypted file, if the application identifier is inconsistent with the application identifier used for generating the encrypted file, decryption failure can be caused, and further the application which is not authorized to use the original file cannot correctly read the original file.
Drawings
FIG. 1 is a flowchart illustrating a file encryption method according to an exemplary embodiment of the present application;
FIG. 2 is a schematic view of a first interactive interface shown in an exemplary embodiment of the present application;
FIG. 3 is a flowchart illustrating a file encryption method according to another exemplary embodiment of the present application;
FIG. 4 is a flowchart illustrating a file decryption method according to an exemplary embodiment of the present application;
FIG. 5 is a flowchart illustrating a file decryption method according to another exemplary embodiment of the present application;
FIG. 6 is a second schematic interactive interface diagram shown in an exemplary embodiment of the present application;
FIG. 7 is a third schematic illustration of an exemplary embodiment of the present application;
fig. 8 is a block diagram illustrating a file encryption apparatus according to an exemplary embodiment of the present invention;
fig. 9 is a block diagram illustrating a file encryption apparatus according to another exemplary embodiment of the present invention;
fig. 10 is a block diagram showing a file decryption apparatus according to an exemplary embodiment of the present invention;
fig. 11 is a block diagram illustrating a file decryption apparatus according to another exemplary embodiment of the present invention;
fig. 12 is a block diagram illustrating an electronic device according to an exemplary embodiment of the present invention.
Detailed Description
At present, model files, such as a facial recognition model and a semantic recognition model, are set in many applications, and based on the model files, the applications can analyze data and obtain required results.
In order to avoid model files from being stolen, the structural information and weight data of the model can be protected from being stolen based on a model protection mechanism. However, some crackers can crack the application and get the entire model file. And the model files can be applied by directly loading the model files through some existing open source reasoning frameworks.
The model file can be completed by research personnel with a lot of time and energy, and can be easily stolen by other users, and the original benefits of the research personnel of the model file can be damaged, so that the model file in the application needs to be protected to avoid being stolen and stolen.
In order to solve the above technical problem, an embodiment of the present application provides a file encryption method, which can encrypt a file based on identification information of an authorized application, so that the file and the authorized application have a binding relationship and cannot be used by an application that does not pass through authorization, thereby achieving a purpose of protecting a model file.
It should be noted that the scheme of the present application may also be applied to other files that need to be protected, and is not limited to model files, and encrypting the model files is only one application scenario. For example, the encrypted file may be a video file, a document file, or the like. For example, if a video file is authorized to be played by a specific application, the video file may be encrypted based on the identifier of the specific application based on the method provided in this embodiment.
Fig. 1 is a flowchart illustrating a file encryption method according to an exemplary embodiment of the present application.
As shown in fig. 1, the file encryption method provided in this embodiment includes:
The method provided by the embodiment can be executed by an electronic device with computing capability, and the electronic device can be a computer, for example. When an original file needs to be authorized to an application, the electronic device can encrypt the original file according to the identifier of the authorized application.
Specifically, the electronic device may be a user terminal, which may directly encrypt the original file based on an operation of a user. The electronic device can also be a server, and the electronic device can encrypt the original file through the interaction between the user terminal and the server.
Fig. 2 is a schematic diagram of a first interactive interface according to an exemplary embodiment of the present application.
When a user completes the file production, the file can be authorized to be used by other applications. For example, the file may be a model file that may be authorized for use by application A, B, C.
As shown in fig. 2, the user can select an original file that needs authorization and an authorized application, and one or more authorized applications can be selected according to actual situations. After the selection is completed, for example, the user may click an encryption key, thereby triggering the electronic device to encrypt the original file according to the authorized application.
In actual application, a corresponding encrypted file may be obtained for an authorized application, for example, an encrypted file a' corresponding to the application a may be obtained by encrypting the original file based on the identifier of the application a. If the encrypted file A' is applied to B, the decryption will fail, and the encrypted file cannot be normally applied.
When the electronic device encrypts the original file, the file data information can be determined according to the original file. For example, the original file may be read to get the byte stream buf 0. The byte stream buf0 may be used as the file data information s0 directly, or the byte stream buf0 may be encrypted to obtain the file data information s 0.
Specifically, the throttle buf0 may be encrypted based on the md5 algorithm to obtain 16-bit file data information s 0.
Further, the electronic device may further obtain identification information of an authorized application corresponding to the original file. The identification information refers to unique identification information of an authorized application.
In one embodiment, the package name of the application and its corresponding signature information may be read and combined as the unique identification information p1 for the authorized application.
In another embodiment, the unique identifier of the application can be read, and the unique identifier is encrypted by using the md5 algorithm to obtain the identification information p1 of the authorized application. The unique identifier may be a package name of the application and signature information corresponding to the package name, or may be content such as a code corresponding to the application.
In actual application, the obtained identification information p1 of the authorized application is unique, so that the original file can be encrypted based on the unique identification information, the obtained encrypted file is associated with the authorized application, and further, other applications can be prevented from using the encrypted file.
When the original file needs to be authorized to a plurality of applications, the identification information of the applications can be respectively obtained, and the original file is encrypted based on each identification information to obtain different encrypted files.
And 102, determining a key according to the file data information and the identification information, and encrypting the data of the original file by using the key to obtain first encrypted data.
Wherein, a key0 can be generated according to the file data information s0 and the identification information p 1.
In one embodiment, the file data information s0 and the identification information p1 may be concatenated to obtain a key 0.
In another embodiment, the file data information s0 and the identification information p1 may be spliced, and the spliced character string may be encrypted by using the md5 algorithm to obtain the key 0.
In another embodiment, a preset character string may be obtained, and a key0 may be generated by combining the file data information s0, the identification information p1, and the character string.
For example, the file data information s0, the identification information p1, and the preset character string may be concatenated to obtain a key 0.
For another example, the file data information s0, the identification information p1, and the preset character string may be spliced, and then the spliced character string may be encrypted by using the md5 algorithm to obtain the key 0.
For another example, the md5 algorithm may be used to encrypt the preset character string to obtain k1, and then the file data information s0 and the identification information p1 and k1 are spliced to obtain key 0. Or the spliced character string is encrypted by md5 to obtain key 0.
In the method provided by this embodiment, a key may be generated according to the application identifier, so that the key used for encrypting the original file data includes information of the authorized application, and the encrypted file obtained after encryption is associated with the authorized application identifier.
Specifically, the data of the original file may be encrypted by using the determined key, so as to obtain the first encrypted data.
Further, the data of the original file may be a byte stream bf0 obtained by reading the original file, that is, the bf0 may be encrypted by using the key0 to obtain the first encrypted data bf 1.
In actual application, the bf0 may be encrypted using key0 based on an AES (Advanced Encryption Standard) algorithm. The encrypted text can be generated according to the key and a section of plaintext by using an AES encryption algorithm, and the corresponding plaintext can be obtained according to the key and a section of ciphertext by using an AES decryption algorithm.
And 103, determining an encrypted file corresponding to the original file according to the file data information, the identification information and the first encrypted data.
The file data information, the identification information of the authorized application and the generated first encrypted data can be spliced, and the spliced data can be directly written into a file to obtain the encrypted file. The bytes in the spliced data can be replaced and mixed, and the processed data is written into a file to obtain an encrypted file.
For another example, the file data information s0, the identification information p1 of the authorized application, and the first encrypted data bf1 may be concatenated to obtain the second encrypted data bf 2.
In one embodiment, bf2 may be written to a file resulting in an encrypted file.
In another embodiment, the bytes in the bf2 may be replaced and obfuscated to obtain third encrypted data bf3, and then the bf3 is written into a file to obtain an encrypted file. Since the identification information of the authorized application is added and the information can be used for decrypting the first encrypted data, in order to avoid directly reading the information, each byte of the p1 in the bf2 and the byte in the first encrypted data can be replaced based on a certain rule, so that the original byte sequence is disturbed. For example, if p1 is a 16-bit byte, each byte of the 16-bit byte can be exchanged with 16 bytes of the first encrypted data, resulting in bf 3.
When key0 is generated in conjunction with s0 when key0 is generated, each byte of s0 in bf2 may be replaced with a byte in the first encrypted data according to a predetermined rule, and the encrypted information in bf2 may be scrambled.
The obtained encrypted file records identification information of authorized application and first encrypted data obtained by encrypting data of the original file. Therefore, when the application calls the file, the encrypted file can be decrypted based on the application identifier of the application, if the application is an authorized application, the encrypted file can be decrypted into an original file, and otherwise, the decryption fails. The specific decryption method is opposite to the encryption method.
For example, an encrypted file a' obtained by encrypting an original file according to the identification information of the authorized application a may be set in the application a. When the application A calls A ', the decryption method corresponding to the method can be used for decrypting the A', and specifically, the encrypted file can be decrypted according to the application identifier of the A, so that the original file is obtained. If application B calls a ', decryption will fail because the identity of application B is not consistent with the application identity that generated a'.
The method provided by the embodiment is used for encrypting the file, and is executed by a device provided with the method provided by the embodiment, and the device is generally realized in a hardware and/or software mode.
The file encryption method provided by the embodiment comprises the following steps: determining file data information according to the original file, and acquiring identification information of authorized application corresponding to the original file; determining a key according to the file data information and the identification information, and encrypting the data of the original file by using the key to obtain first encrypted data; and determining an encrypted file corresponding to the original file according to the file data information, the identification information and the first encrypted data. The method provided by the embodiment can encrypt an original file based on the identification information of the authorized application when the original file is authorized to be used by the application, so that the obtained encrypted file is closely associated with the identification of the authorized application. When the application calls the encrypted file, the application identifier of the application needs to be used for decrypting the encrypted file, and if the application identifier is inconsistent with the application identifier used for generating the encrypted file, decryption failure can be caused, so that the application which is not authorized to use the original file cannot correctly read the original file.
Fig. 3 is a flowchart illustrating a file encryption method according to another exemplary embodiment of the present application.
As shown in fig. 3, the file encryption method provided in this embodiment includes:
When an original file is authorized to an application, the original file can be encrypted through the electronic device. Before encryption, the application identifier and whether the original file is legal or not may be checked.
Wherein a unique identification of the authorized application may be obtained and it is determined whether the unique identification is empty. It is also possible to obtain the length of the original file and determine whether the length is greater than a threshold.
Specifically, only when the unique identifier of the authorized application is not empty and the length of the original file is greater than a threshold value, the original file can be encrypted based on the identifier information of the authorized application.
Thus, when it is determined that the unique identifier is not null and the length of the original file is greater than the threshold, step 302 may be performed.
If the unique identifier is empty, the information of the application identifier error can be fed back to the user; if the original file length is less than the threshold, the user may be prompted that the file is less than the threshold, e.g., the file is less than 1 k.
When encrypting an original file, the electronic device may read original data in the original file, for example, may read a byte stream bf0 of the original file.
In order to ensure that the data of the original file is not directly read, the original file may be subjected to a preliminary encryption process to obtain file data information s 0. For example, the electronic device may encrypt bf0 based on the md5 algorithm, resulting in s0 of 16 bits.
And 303, acquiring the unique identifier of the authorized application corresponding to the original file, and encrypting the unique identifier to obtain identifier information.
The timing of steps 302 and 303 is not limited.
If the unique identifier of the authorized application is read in step 301, the identification information can be directly obtained based on the unique identifier in step 301.
Specifically, the unique identifier of the authorized application may be generated by the application package name and the signature information, for example, the application package name and the signature information may be spliced to obtain the unique identifier. The signature information may be obtained by encrypting the application package name using the md5 algorithm.
Further, the unique identifier may be encrypted to obtain the identification information, for example, the unique identifier may be encrypted by using an md5 algorithm to obtain 16-bit identification information p 1.
And step 304, determining combined data according to the file data information and the identification information, and encrypting the combined data to obtain a secret key.
In actual application, the acquired file data information and the identification information may be combined, and then the combined result is encrypted by using the md5 algorithm, so as to obtain a key0 with 16 bits, and the key includes the identification information of the authorized application.
The file data information and the identification information can be spliced to obtain the combination result.
Optionally, the method provided in this embodiment may further include step 305.
Step 305, acquiring preset character string information.
Specifically, a character string information may be set in advance, and the character string information may be read when the key is generated.
In one case, the character string may be directly determined as the preset character string information, and in another case, the read character string may be subjected to md5 encryption to obtain the preset character string information k 1.
The preset character string may vary with the version of the encryption method, for example, the encryption method may be set in an application program, which is a v1 version, the preset character string is 12345, and when the application program is updated to a v2 version, the preset character may be 54321. The predetermined character string can be written in the program so as to be easily read.
And step 306, determining combined data according to the file data information, the identification information and the preset character string information, and encrypting the combined data to obtain a secret key.
Specifically, the file data information s0, the identification information p1, and the preset character string information k1 may be spliced to obtain a combined data, and the combined data is encrypted to obtain the key 0.
Further, the combined data may be encrypted by using md5 algorithm to obtain a key 0.
In actual application, the electronic device may encrypt data in the original file, and specifically may encrypt the read original file byte stream bf0 to obtain first encrypted data bf 1.
The bf0 may be encrypted by using an Encryption algorithm of AES (Advanced Encryption Standard). The AES encryption algorithm may generate a corresponding ciphertext from a plaintext and a key, thereby implementing the encryption processing on the plaintext. In the method provided by this embodiment, the data of the original file, that is, the bf0, can be processed as a plaintext.
And 308, determining second encrypted data according to the file data information, the identification information and the first encrypted data.
The file data information s0, the identification information p1, and the first encrypted data bf1 may be concatenated to obtain the second encrypted data bf 2. For example, byte arrays of s0, p1, bf1 may be written into the bf2 in sequence, thereby forming second encrypted data bf 2.
The second encrypted data may be directly written into a file to form an encrypted file, but in order to further improve the security performance of the encrypted file, the method provided in this embodiment may further include steps 309 and 310.
The second encrypted data includes data used for generating the key0 and first encrypted data bf1 encrypted by using the key, so that bytes of the two parts of data can be replaced, the data used for generating the key0 is scrambled, the first encrypted data bf1 is also scrambled, cracking of the second encrypted data is avoided, the data used for generating the key0 is obtained, and the situation that cracking of the first encrypted data bf1 can be further caused.
Specifically, in the generation of the second encrypted data, since the second encrypted data can be regarded as the encrypted information for generating the key0 in addition to the first encrypted data, the second encrypted data can be regarded as two parts, one part being the first encrypted data and the other part being the encrypted information.
The byte data in the second encrypted data bf2 other than the first encrypted data bf1, that is, the byte data included in the encryption information, may be replaced with the byte data in the first encrypted data to obtain third encrypted data bf 3. Thereby obfuscating the encryption information into the first encrypted data so as to prevent the encryption information from being easily stolen.
The specific replacement method may include:
s1, reading the m-th bit of the second encrypted data, and reading the n x (m +1) -th bit of the first encrypted data in the second encrypted data;
s2, exchanging the mth byte with the nth (m +1) th byte;
s3, adding 1 to m, and continuing to execute S1 and S2;
wherein the value of m is 0 to the number of bytes in the second encrypted data before the first encrypted data.
When the second encrypted data is generated, the first encrypted data bf1 is placed at the end, and the file data information s0 and the identification information p1 are placed before the first encrypted data bf1, the first m bytes of the second encrypted data can be sequentially read and exchanged with the bytes in the following first encrypted data. The value of m is 0 to the number of bytes preceding the first encrypted data in the second encrypted data, that is, the number of bytes of the encryption information.
Specifically, m may be set to 0, and the mth data bit, i.e., the first byte, in the second encrypted data may be read. And then the nth (m +1) byte in the first encrypted data in the second encrypted data is read. For example, m bytes may be offset in the second encrypted data to the flag F, and the nth (m +1) byte may be read starting from this position. The first m bytes are byte data of the encryption information.
And exchanges the read byte data so as to obfuscate the encryption information into the first encrypted data.
Further, if the second encrypted data bf2 is generated based on the file data information s0, the identification information p1, and the first encrypted data bf1, the m maximum value may be set to 31.
In practical applications, n may be set to 1024.
Wherein, m may be set to m +1, and the steps S1, S2 are continued.
Specifically, when m is 0, m × n is 1024, that is, the 0 th byte of the second encrypted data is read, the 1024 th byte of the first encrypted data is read, and the two bytes are swapped. Thereafter, m is set to 1, the 2 nd byte of the second encrypted data is read, the 1024 × 2 th byte of the first encrypted data therein is read, and byte swapping is performed. And so on until m takes the value of 31.
And step 310, determining an encrypted file corresponding to the original file according to the third encrypted data.
Further, the third encrypted data bf3 may be written to a file, resulting in an encrypted file1 including bf 3.
In actual application, the encrypted file can be set in authorized application, and when the application calls the file, the file can be cracked based on the unique identifier of the application, so that an original file is obtained, and then the original file is applied.
If the encrypted file is set in an unauthorized application, the decryption will fail when the encrypted file is decrypted.
The encrypted file obtained by the method provided by this embodiment can be decrypted by the methods shown in fig. 4 and 5.
Fig. 4 is a flowchart illustrating a file decryption method according to an exemplary embodiment of the present application.
As shown in fig. 4, the file decryption method provided in this embodiment includes:
The first encrypted data is obtained by encrypting data of an original file, and the file data information is signature information of the data of the original file.
Specifically, the method provided by this embodiment may be executed by an electronic device with computing capability, and the electronic device may be, for example, a computer, an intelligent terminal, and the like. The electronic device may be provided with an application, and the application may execute the method provided in this embodiment when calling the set encrypted file.
The encrypted file may be obtained by encrypting the original file by the method shown in fig. 1 or fig. 3.
Further, the data in the encrypted file includes first encrypted data bf1 obtained by encrypting the data of the original file, file data information obtained by signing the data of the original file, and first identification information p1 of authorized application. For example, if the encrypted file is authorized for application a, the first identification information is identification information of application a.
In actual application, if the file data information s0, the first identification information p1 authorized for application, and the generated first encrypted data bf1 are spliced, and the spliced data is written into a file, an encrypted file is obtained. The piece data information s0, the first identification information p1, and the first encrypted data bf1 may be read from the encrypted file directly based on the pre-concatenation rule. For example, if s0, p1 and bf1 are directly spliced to obtain an encrypted file, when decrypting the file, the first m bytes in the encrypted file data can be read as so, then the byte data with a certain length can be read as p0, and the rest byte data can be read as bf 1.
If the file data information s0, the first identification information p1 authorized to be applied, and the generated first encrypted data bf1 are spliced to obtain the second encrypted data bf2, and then the second encrypted data bf2 is replaced and obfuscated to obtain the third encrypted data bf3, the bf3 may be restored to be bf2 based on a replacement and obfuscation rule, and then s0, p1, and bf1 are read from the bf 2.
Optionally, the third encrypted data bf3 may further include other information, and all of the information may be restored based on the rule for generating the bf3, so as to obtain the first encrypted data and the first identification information of the authorized application.
The second identification information of the application to be verified can be obtained, wherein the application to be verified refers to the application provided with the encrypted file. When the application calls the encrypted file, the application needs to decrypt the encrypted file first, so that correct file data is obtained.
Specifically, the electronic device may read the second identification information p0 of the application to be authenticated. The second identification information p0 refers to the unique identification information of the application to be authenticated.
In one embodiment, the package name of the application to be verified and the corresponding signature information thereof can be read, and the combination is used as the unique identification information p0 of the application to be verified.
In another embodiment, the unique identifier of the application to be verified can be read, and the unique identifier is encrypted by using the md5 algorithm to obtain the identification information p0 of the application to be verified. The unique identifier may be a package name of the application to be verified and signature information corresponding to the package name, or may be content such as a code corresponding to the application to be verified.
Further, the encrypted file is generated based on the unique identification p1 of the authorized application, and therefore, needs to be decrypted by the unique identification p0 of the application to be verified.
In actual application, the first identification information p1 and the second identification information p0 may be compared, that is, the authorized application identification information and the to-be-verified application identification are compared, if the comparison is passed, the to-be-verified application may be considered to be a legal application, and the encrypted file may be called, so step 403 may be executed. Otherwise, the user may be prompted for information that the application is not authorized.
And step 403, if the comparison is consistent, decrypting the first encrypted data according to the second identification information to obtain data of the original file, and determining the original file corresponding to the encrypted file according to the data of the original file.
The first encrypted data is obtained by encrypting the original data according to the identification information of the authorized application and the file data information, so that if the first identification information is consistent with the second identification information, the first encrypted data can be decrypted according to the identification information, and then the data of the original file is obtained.
Specifically, if the key is determined according to the file data information and the second identification information, the data of the original file is encrypted by using the key, and the first encrypted data is obtained. In the decryption scheme provided in this embodiment, a key may also be generated according to the acquired file data information and the second identification information, and the first encrypted data is decrypted based on the key to obtain the data of the original file.
Further, for example, when an encrypted file is generated, the file data information s0 and the second identification information p0 are concatenated to obtain the key 0. Then, at the time of decryption, the file data information s0 and the identification information p0 may be concatenated to obtain a key.
For another example, if a preset character string is acquired and a key0 is generated in combination with the file data information s0, the identification information p0, and the character string, then the key may be generated by the same method during decryption.
That is, in the decryption method provided in this embodiment, when the first identification information is identical to the second identification information, a key1 can be generated in the same manner as the encryption method. The specific way of generating the key may be seen in the illustrated method of fig. 1 or fig. 3. Since the first identification information coincides with the second identification information, the generated key1 should coincide with the key0 generated in the encryption method.
After the electronic device generates the key1, the first encrypted data bf1 may be decrypted by using the key1 to obtain the data of the original file.
In the Encryption process, if the data bf0 of the original file is encrypted by using the key0 based on an AES (Advanced Encryption Standard) algorithm to obtain the first encrypted data bf1, in the decryption process, the data bf1 may be decrypted by using the key1 based on the AES algorithm to obtain the data bf0 of the original file. And obtaining a corresponding plaintext according to the key and a section of ciphertext by using an AES decryption algorithm.
The electronic device can also write the decrypted data bf0 of the original file into a file, so as to obtain the original file.
The method provided by the present embodiment is used for decrypting a file, and is executed by a device provided with the method provided by the present embodiment, and the device is generally implemented in a hardware and/or software manner.
The file decryption method provided by the embodiment comprises the following steps: acquiring first encrypted data, file data information and first identification information of authorized application according to the encrypted file; the first encrypted data is obtained by encrypting data of an original file, and the file data information is signature information of the data of the original file; acquiring second identification information of an application to be verified, and comparing the first identification information with the second identification information; if the comparison is consistent, the first encrypted data is decrypted according to the second identification information and the file data information to obtain data of the original file, and the original file corresponding to the encrypted file is determined according to the data of the original file. The method provided by the embodiment can decrypt the encrypted file based on the identification information of the application to be verified, and the encrypted file is obtained by encrypting the original file based on the identification information of the authorized application, so that the obtained encrypted file is closely associated with the identification of the authorized application. When the application calls the encrypted file, the application identifier of the application needs to be used for decrypting the encrypted file, and if the application identifier is inconsistent with the application identifier used for generating the encrypted file, decryption failure can be caused, so that the application which is not authorized to use the original file cannot correctly read the original file.
Fig. 5 is a flowchart illustrating a file decryption method according to another exemplary embodiment of the present application.
Specifically, the method provided by this embodiment may be executed by an electronic device with computing capability, and the electronic device may be, for example, a computer, an intelligent terminal, and the like. The electronic device may be provided with an application, and the application may execute the method provided in this embodiment when calling the set encrypted file.
When the electronic device decrypts an encrypted file, it may first determine whether the size of the encrypted file is greater than a preset threshold. For example, the preset threshold may be 1056 bytes.
If the encrypted file is greater than or equal to the predetermined threshold, step 502 may be performed, otherwise, the user may be prompted for information that the file size is illegal.
Fig. 6 is a schematic diagram of a second interactive interface according to an exemplary embodiment of the present application.
As shown in fig. 6, the method provided in this embodiment may be applied to a mobile terminal, and when an application in the mobile terminal calls an encrypted file, the application may read the size of the encrypted file and determine whether the encrypted file is greater than a preset threshold. When the encrypted file is less than 1056 bytes, an interface such as that shown in FIG. 6 may be displayed to alert the user that the encrypted file size is not legal.
The electronic device may read the third encrypted data in the encrypted file, e.g., may read the byte stream bf3 of the encrypted file.
If the third encrypted data is obtained by performing substitution and obfuscation on the second encrypted data in the encryption process, the third encrypted data may also be subjected to substitution and obfuscation in the decryption process, so as to restore the second encrypted data.
During replacement, the first k encrypted byte data in the third encrypted data may be replaced with the first encrypted data after the encrypted byte data to obtain the second encrypted data.
In the encryption process, the second encrypted data comprises data used for generating the key0 and first encrypted data bf1 formed by encrypting the key, so that bytes of the two parts of data can be replaced, the data used for generating the key0 is disturbed, the first encrypted data bf1 is also disturbed, cracking of the second encrypted data is avoided, the data used for generating the key0 is obtained, and the situation that cracking of the first encrypted data bf1 can be further caused. The same permutation method may be used in restoring the second encrypted data, thereby restoring bf 2. For example, a byte p is exchanged with a byte q in the encryption process, and then the bytes p and q can be exchanged again in the decryption process, so that the second encrypted data bf2 is restored.
The specific substitution method may include:
s1, reading the m-th bit of the third encrypted data, and reading the n x (m +1) -th bit in the first encrypted data after the encrypted byte data in the third encrypted data;
s2, replacing the mth byte with the nth (m +1) th byte;
s3, adding 1 to m, and continuing to execute the steps S1 and S2;
wherein m is 0 to k-1.
If the first encrypted data bf1 in the second encrypted data is at the end, the file data information s0 and the identification information p1 are before the first encrypted data bf1, and when the third encrypted data is generated, the first m-bit byte of the second encrypted data is exchanged with the following byte in the first encrypted data, then in the decryption process, the first m-bit byte of the third encrypted data can be exchanged with the byte in the first encrypted data, so as to restore the second encrypted data.
Specifically, the m-th bit encrypted byte of the third encrypted data may be read, and the n × (m +1) -th bit byte of the first encrypted data after the encrypted byte data in the third encrypted data may be read and exchanged. M may thereafter be updated to m +1 and the above steps continued until m has a value of k-1.
Further, the first k bytes of data in the third encrypted data are obfuscated encrypted bytes of data. For example, when the second encrypted data is generated, if the file data information and the first identification information are spliced before the first encrypted data, k may be set to 32.
In actual application, when an original file is encrypted, the file data information s0, the identification information p1 and the first encrypted data bf1 are spliced to obtain second encrypted data bf 2. The file data information s0, the first identification information p1 of the authorized application, and the first encrypted data bf1 can be thus extracted from the second encrypted data at the time of decryption.
The byte data of the first preset position in the second encrypted data can be read, and the read byte data is determined as file data information. If the file data information is spliced first when the second encrypted data is generated, the first preset position is the first 16-bit byte in the second encrypted data, and the first 16-bit byte of the second encrypted data can be read, so that the file data information s0 is read.
Reading byte data at a second preset position in the second encrypted data, and determining the read byte data as first identification information. If the first identification information p1 authorized to be used is spliced after the file data information s0 when the second encrypted data is generated, the second preset position is the 17 th to 32 th bytes in the second encrypted data, that is, the 17 th to 32 th bytes in the second encrypted data can be read, and further the first identification information p1 is read.
The electronic device may read byte data of the second encrypted data excluding the first k encrypted bytes, and treat the read data as the first encrypted data. When the first encrypted data is concatenated after the file data information s0 and the first identification information p1 when the second encrypted data is generated, byte data other than the first k pieces of self data can be used as the first encrypted data. Here, the size of k is the sum of the byte lengths of the file data information s0, the first identification information p 1.
The manner of comparing the first identification information with the second identification information in step 505 and step 502 is similar, and is not repeated.
If the comparison is consistent, go to step 506, otherwise go to step 508.
If the first identification information is consistent with the second identification, the first encrypted data may be decrypted according to the consistent application identification, specifically, a key may be generated according to the second application identification p0, and then the key is used to decrypt the first encrypted data, so as to obtain the data of the original file.
Specifically, the manner in which the key is generated during decryption is consistent with the manner in which the key is generated during encryption. For example, the combined data may be determined according to the file data information and the second identification information, and the combined data may be encrypted to obtain the key. For example, the file data information and the identification information may be spliced to obtain spliced data, and then the spliced data is encrypted by using the md5 algorithm, so as to obtain a 16-th key 1.
Further, if a preset string information is obtained during the encryption process and a key is generated by combining the preset string information, the same method is also used to generate the key in the decryption method provided in this embodiment. Specifically, the file data information s0, the identification information p1, and the preset character string information k1 may be spliced to obtain a combined data, and the combined data is encrypted to obtain the key 1.
In practical application, if the data of the original file is encrypted based on the AES algorithm when the data of the original file is encrypted, the first encrypted data may be decrypted by using the key based on the AES algorithm when the first encrypted data is decrypted, so as to obtain the data of the original file.
The manner of determining the original file in step 507 is similar to that in step 503, and is not described in detail.
And step 508, if the first identification information is inconsistent with the second identification information, prompting the application of unauthorized information.
If the first identification information is inconsistent with the second identification information by comparison, the application identification used for generating the encrypted file is inconsistent with the application identification to be verified, and unauthorized information of the application can be prompted.
Fig. 7 is a third schematic interactive interface diagram according to an exemplary embodiment of the present application.
As shown in fig. 7, the method provided in this embodiment may be applied to a mobile terminal, and if the first application identifier is inconsistent with the second application identifier, an interface as shown in the figure may be displayed to prompt that the application is not authorized.
Fig. 8 is a block diagram illustrating a file encryption apparatus according to an exemplary embodiment of the present invention.
As shown in fig. 8, the file encryption apparatus provided in this embodiment includes:
an obtaining module 81, configured to determine file data information according to an original file, and obtain identifier information of an authorized application corresponding to the original file;
a key generation module 82, configured to determine a key according to the file data information and the identification information;
the encryption module 83 is configured to encrypt the data of the original file by using the key to obtain first encrypted data;
And an encrypted file generating module 84, configured to determine, according to the file data information, the identification information, and the first encrypted data, an encrypted file corresponding to the original file.
The specific principle, implementation manner, and technical effect of the file encryption apparatus provided in this embodiment are similar to those of the embodiment shown in fig. 1, and are not described herein again.
Fig. 9 is a block diagram illustrating a file encryption apparatus according to another exemplary embodiment of the present invention.
As shown in fig. 9, on the basis of the foregoing embodiment, in the file encryption apparatus provided in this embodiment, optionally, the obtaining module 81 includes a reading unit 811 for:
and reading original data of an original file, and encrypting the original data to obtain the file data information.
Optionally, the obtaining module 81 includes an obtaining unit 812, configured to:
and acquiring a unique identifier of the authorized application corresponding to the original file, and encrypting the unique identifier to obtain the identifier information.
Optionally, the key generation module 82 is specifically configured to:
and determining combined data according to the file data information and the identification information, and encrypting the combined data to obtain the secret key.
Optionally, the obtaining module 81 is further configured to:
acquiring preset character string information;
the key generation module 82 is further configured to:
and determining combined data according to the file data information, the identification information and the preset character string, and encrypting the combined data to obtain the secret key.
Optionally, the encrypted file generating module 84 includes:
an encrypted data determining unit 841, configured to determine second encrypted data according to the file data information, the identification information, and the first encrypted data;
a replacing unit 842, configured to replace a byte in the second encrypted data to obtain third encrypted data;
a generating unit 843, configured to determine, according to the third encrypted data, an encrypted file corresponding to the original file.
Optionally, the permutation unit 842 is specifically configured to:
and replacing byte data in the second encrypted data except the first encrypted data with byte data in the first encrypted data to obtain third encrypted data.
Optionally, the encrypted data determining unit 841 is specifically configured to:
and splicing the file data information, the identification information and the first encrypted data to obtain the second encrypted data.
Optionally, the permutation unit 842 is specifically configured to:
reading an m-th bit encrypted byte of the second encrypted data, and reading an n x (m +1) -th bit byte of the first encrypted data in the second encrypted data;
exchanging the mth byte with the nxx (m +1) th byte;
adding 1 to m, and continuing to execute the steps;
wherein a value of m is 0 to a number of bytes in the second encrypted data before the first encrypted data.
Optionally, the apparatus further includes a determining module 85, configured to:
acquiring a unique identifier of an authorized application corresponding to the original file, and determining whether the unique identifier is empty;
determining whether the length of the original file is greater than a threshold;
if the unique identifier is not empty and the length of the original file is greater than the threshold, the obtaining module 81 executes the step of determining file data information according to the original file and obtaining identifier information of authorized application corresponding to the original file.
The specific principle and implementation of the file encryption apparatus provided in this embodiment are similar to those of the embodiment shown in fig. 3, and are not described here again.
Fig. 10 is a block diagram showing a file decryption apparatus according to an exemplary embodiment of the present invention.
As shown in fig. 10, the file decryption apparatus provided in this embodiment includes:
an obtaining module 1001, configured to obtain first encrypted data, file data information, and first identification information of an authorized application according to an encrypted file; the first encrypted data is obtained by encrypting data of an original file, and the file data information is signature information of the data of the original file;
a comparison module 1002, configured to obtain second identification information of an application to be verified, and compare the first identification information with the second identification information;
the decryption module 1003 is configured to decrypt the first encrypted data according to the second identification information and the file data information if the comparison is consistent, to obtain data of an original file, and determine an original file corresponding to the encrypted file according to the data of the original file.
The specific principle, implementation manner, and technical effect of the file decryption apparatus provided in this embodiment are similar to those of the embodiment shown in fig. 4, and are not described herein again.
Fig. 11 is a block diagram illustrating a file decryption apparatus according to another exemplary embodiment of the present invention.
As shown in fig. 11, on the basis of the foregoing embodiment, in the file decryption device provided in this embodiment, optionally, the obtaining module 1001 includes:
A reading unit 10011, configured to read the encrypted file to obtain third encrypted data;
a replacing unit 10012, configured to replace a byte in the third encrypted data to obtain second encrypted data;
an obtaining unit 10013 is configured to obtain the first encrypted data, the file data information, and the first identifier information of the authorized application according to the second encrypted data.
Optionally, the replacement unit 10012 is specifically configured to:
and replacing the first k encrypted byte data in the third encrypted data with the first encrypted data after the encrypted byte data to obtain the second encrypted data.
Optionally, the replacement unit 10012 is specifically configured to:
reading an m-th bit encrypted byte of the third encrypted data, and reading an n x (m +1) -th bit byte in first encrypted data following the encrypted byte data in the third encrypted data;
permuting the mth byte with the nxx (m +1) th byte;
adding 1 to m, and continuing to execute the steps;
wherein m is 0 to k-1.
Optionally, the obtaining unit 10013 is specifically configured to:
reading byte data at a first preset position in the second encrypted data, and determining the read byte data as the file data information;
Reading byte data at a second preset position in the second encrypted data, and determining the read byte data as the first identification information.
Optionally, the first preset position is a first 16-bit byte, and the second preset position is a 17 th to 32 th bit byte.
Optionally, the obtaining unit 10013 is specifically configured to:
determining byte data of the second encrypted data except the first k encrypted bytes as the first encrypted data.
Optionally, the apparatus further includes a determining module 1004, configured to:
and judging whether the size of the encrypted file is larger than or equal to a preset threshold value, if so, executing the step of acquiring first encrypted data and first identification information of authorized application according to the encrypted file.
The comparing module 1002 is further configured to prompt to apply unauthorized information if the first identification information is inconsistent with the second identification information.
Optionally, the decryption module 1003 includes:
a key generating unit 10031, configured to determine a key according to the file data information and the second identification information;
a decryption unit 10032, configured to decrypt the first encrypted data with the key to obtain data of the original file.
Optionally, the key generation unit 10031 is specifically configured to:
and determining combined data according to the file data information and the second identification information, and encrypting the combined data to obtain the secret key.
Optionally, the key generation unit 10031 is specifically configured to:
acquiring preset character string information;
and determining combined data according to the file data information, the second identification information and the preset character string, and encrypting the combined data to obtain the secret key.
The specific principle, implementation manner, and technical effect of the file decryption apparatus provided in this embodiment are similar to those of the embodiment shown in fig. 5, and are not described herein again.
Fig. 12 is a block diagram illustrating an electronic device according to an exemplary embodiment of the present invention.
As shown in fig. 12, the electronic device provided in this embodiment includes:
a memory 121;
a processor 122; and
a computer program;
wherein the computer program is stored in the memory 121 and configured to be executed by the processor 122 to implement any one of the file encryption methods or the file decryption methods as described above.
The present embodiments also provide a computer-readable storage medium, having stored thereon a computer program,
The computer program is executed by a processor to implement any one of the file encryption methods or the file decryption methods described above.
The present embodiment also provides a computer program including a program code that executes any one of the file encryption methods or the file decryption methods described above when the computer program is run by a computer.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (26)
1. A method for encrypting a file, comprising:
determining file data information according to an original file, and acquiring identification information of authorized application corresponding to the original file;
determining a key according to the file data information and the identification information, and encrypting the data of the original file by using the key to obtain first encrypted data;
and determining an encrypted file corresponding to the original file according to the file data information, the identification information and the first encrypted data.
2. The method of claim 1, wherein determining file data information from the original file comprises:
and reading original data of an original file, and encrypting the original data to obtain the file data information.
3. The method of claim 1, wherein obtaining identification information of an authorized application corresponding to the original file comprises:
and acquiring a unique identifier of the authorized application corresponding to the original file, and encrypting the unique identifier to obtain the identifier information.
4. The method according to claim 1, wherein said determining a key according to the file data information and the identification information comprises:
And determining combined data according to the file data information and the identification information, and encrypting the combined data to obtain the secret key.
5. The method of claim 1, further comprising:
acquiring preset character string information;
the determining a key according to the file data information and the identification information includes:
and determining combined data according to the file data information, the identification information and the preset character string, and encrypting the combined data to obtain the secret key.
6. The method according to claim 1, wherein determining the encrypted file corresponding to the original file according to the file data information, the identification information and the first encrypted data comprises:
determining second encrypted data according to the file data information, the identification information and the first encrypted data;
replacing bytes in the second encrypted data to obtain third encrypted data;
and determining an encrypted file corresponding to the original file according to the third encrypted data.
7. The method of claim 6, wherein permuting bytes in the second encrypted data to obtain third encrypted data comprises:
And replacing byte data in the second encrypted data except the first encrypted data with byte data in the first encrypted data to obtain third encrypted data.
8. The method according to claim 6, wherein determining second encrypted data from the file data information, the identification information, and the first encrypted data comprises:
and splicing the file data information, the identification information and the first encrypted data to obtain the second encrypted data.
9. The method according to claim 7 or 8, wherein the replacing the byte data in the second encrypted data except the first encrypted data with the byte data in the first encrypted data comprises:
reading an m-th bit encrypted byte of the second encrypted data, and reading an n x (m +1) -th bit byte of the first encrypted data in the second encrypted data;
exchanging the mth byte with the nxx (m +1) th byte;
adding 1 to m, and continuing to execute the steps;
wherein a value of m is 0 to a number of bytes in the second encrypted data before the first encrypted data.
10. The method according to any one of claims 1-8, further comprising:
acquiring a unique identifier of an authorized application corresponding to the original file, and determining whether the unique identifier is empty;
determining whether the length of the original file is greater than a threshold;
and if the unique identifier is not empty and the length of the original file is greater than a threshold value, executing the steps of determining file data information according to the original file and acquiring identifier information of authorized application corresponding to the original file.
11. A method for decrypting a file, comprising:
acquiring first encrypted data, file data information and first identification information of authorized application according to the encrypted file; the first encrypted data is obtained by encrypting data of an original file, and the file data information is signature information of the data of the original file;
acquiring second identification information of an application to be verified, and comparing the first identification information with the second identification information;
and if the comparison is consistent, decrypting the first encrypted data according to the second identification information and the file data information to obtain data of an original file, and determining the original file corresponding to the encrypted file according to the data of the original file.
12. The method according to claim 11, wherein the obtaining the first encrypted data, the file data information, and the first identification information of the authorized application according to the encrypted file comprises:
reading the encrypted file to obtain third encrypted data;
replacing bytes in the third encrypted data to obtain second encrypted data;
and acquiring the first encrypted data, file data information and first identification information of authorized application according to the second encrypted data.
13. The method of claim 12, wherein the permuting bytes in the third encrypted data comprises:
and replacing the first k encrypted byte data in the third encrypted data with the first encrypted data after the encrypted byte data to obtain the second encrypted data.
14. The method according to claim 13, wherein the replacing the first k encrypted bytes of data in the third encrypted data with the first encrypted data after the encrypted bytes of data comprises:
reading an m-th bit encrypted byte of the third encrypted data, and reading an n x (m +1) -th bit byte in first encrypted data following the encrypted byte data in the third encrypted data;
Permuting the mth byte with the nxx (m +1) th byte;
adding 1 to m, and continuing to execute the steps;
wherein m is 0 to k-1.
15. The method of claim 12, wherein determining the file data information and the first identification information of the authorized application according to the second encrypted data comprises:
reading byte data at a first preset position in the second encrypted data, and determining the read byte data as the file data information;
reading byte data at a second preset position in the second encrypted data, and determining the read byte data as the first identification information.
16. The method of claim 15, wherein the first predetermined position is the first 16-bit byte, and the second predetermined position is the 17 th to 32 th-bit bytes.
17. The method of claim 13, wherein obtaining the first encrypted data based on the second encrypted data comprises:
determining byte data of the second encrypted data except the first k encrypted bytes as the first encrypted data.
18. The method of any of claim 13, further comprising:
And judging whether the size of the encrypted file is larger than or equal to a preset threshold value, if so, executing the step of acquiring first encrypted data and first identification information of authorized application according to the encrypted file.
19. The method of any of claim 13, further comprising:
and if the first identification information is inconsistent with the second identification information, prompting the application of unauthorized information.
20. The method according to claim 11, wherein the decrypting the first encrypted data according to the second identification information and the file data information to obtain data of an original file comprises:
and determining a key according to the file data information and the second identification information, and decrypting the first encrypted data by using the key to obtain the data of the original file.
21. The method according to claim 20, wherein said determining a key according to the file data information and the identification information comprises:
and determining combined data according to the file data information and the second identification information, and encrypting the combined data to obtain the secret key.
22. The method of claim 20, further comprising:
Acquiring preset character string information;
the determining a key according to the file data information and the second identification information includes:
and determining combined data according to the file data information, the second identification information and the preset character string, and encrypting the combined data to obtain the secret key.
23. A file encryption apparatus, comprising:
the acquisition module is used for determining file data information according to an original file and acquiring identification information of authorized application corresponding to the original file;
the key generation module is used for determining a key according to the file data information and the identification information;
the encryption module is used for encrypting the data of the original file by using the secret key to obtain first encrypted data;
and the encrypted file generating module is used for determining an encrypted file corresponding to the original file according to the file data information, the identification information and the first encrypted data.
24. A file decryption apparatus, comprising:
the acquisition module is used for acquiring first encrypted data, file data information and first identification information of authorized application according to the encrypted file; the first encrypted data is obtained by encrypting data of an original file, and the file data information is signature information of the data of the original file;
The comparison module is used for acquiring second identification information of the application to be verified and comparing the first identification information with the second identification information;
and the decryption module is used for decrypting the first encrypted data according to the second identification information and the file data information to obtain data of an original file if the comparison is consistent, and determining the original file corresponding to the encrypted file according to the data of the original file.
25. An electronic device, comprising:
a memory;
a processor; and
a computer program;
wherein the computer program is stored in the memory and configured to be executed by the processor to implement the method of any of claims 1-10 or 11-22.
26. A computer-readable storage medium, having stored thereon a computer program,
the computer program is executed by a processor to implement the method of any of claims 1-10 or 11-22.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911423626.2A CN111859408A (en) | 2019-12-31 | 2019-12-31 | File encryption and decryption method and device, electronic equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911423626.2A CN111859408A (en) | 2019-12-31 | 2019-12-31 | File encryption and decryption method and device, electronic equipment and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111859408A true CN111859408A (en) | 2020-10-30 |
Family
ID=72970838
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911423626.2A Pending CN111859408A (en) | 2019-12-31 | 2019-12-31 | File encryption and decryption method and device, electronic equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111859408A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113259132A (en) * | 2021-06-30 | 2021-08-13 | 平安普惠企业管理有限公司 | Data transmission encryption and decryption method and device, computer equipment and storage medium |
-
2019
- 2019-12-31 CN CN201911423626.2A patent/CN111859408A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113259132A (en) * | 2021-06-30 | 2021-08-13 | 平安普惠企业管理有限公司 | Data transmission encryption and decryption method and device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10284372B2 (en) | Method and system for secure management of computer applications | |
| CN111475824B (en) | Data access method, device, equipment and storage medium | |
| US11979505B2 (en) | File acquisition method and device based on two-dimensional code and two-dimensional code generating method | |
| CN110278115B (en) | Hot update method and device | |
| CN104657630A (en) | Integrated circuit provisioning using physical unclonable function | |
| JP2004534333A (en) | Integrated protection method and system for distributed data processing in computer networks | |
| CN112469036B (en) | Message encryption and decryption method and device, mobile terminal and storage medium | |
| CN111917535B (en) | Data encryption storage method and device and server | |
| EP3035585B1 (en) | S-box selection in white-box cryptographic implementation | |
| CN102236757A (en) | Software protection method and system applicable to Android system | |
| CN105681039A (en) | Method and device for secret key generation and corresponding decryption | |
| US20180204004A1 (en) | Authentication method and apparatus for reinforced software | |
| EP4195583A1 (en) | Data encryption method and apparatus, data decryption method and apparatus, terminal, and storage medium | |
| CN101950347A (en) | Method and system for encrypting data | |
| KR102244290B1 (en) | Encryption communication apparatus that supports secure communication between a data transmitting apparatus and a data receiving apparatus, and the operating method thereof | |
| KR102644767B1 (en) | Data protection and recovery systems and methods | |
| CN110224834A (en) | Identity identifying method, decryption and ciphering terminal based on dynamic token | |
| KR101625785B1 (en) | Method and device for information security management of mobile terminal, and mobile terminal | |
| CN112035860A (en) | File encryption method, terminal, device, equipment and medium | |
| CN112685786A (en) | Financial data encryption and decryption method, system, equipment and storage medium | |
| CN102135944A (en) | Method for safe data storage in mobile communication equipment | |
| CN111859408A (en) | File encryption and decryption method and device, electronic equipment and readable storage medium | |
| CN112613033A (en) | Method and device for safely calling executable file | |
| CN112199730A (en) | Method and device for processing application data on terminal and electronic equipment | |
| CN109784072B (en) | Security file management method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |