CN112637307A - File updating method, system, computer device and storage medium - Google Patents

File updating method, system, computer device and storage medium Download PDF

Info

Publication number
CN112637307A
CN112637307A CN202011489818.6A CN202011489818A CN112637307A CN 112637307 A CN112637307 A CN 112637307A CN 202011489818 A CN202011489818 A CN 202011489818A CN 112637307 A CN112637307 A CN 112637307A
Authority
CN
China
Prior art keywords
file
updated
terminal
update package
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011489818.6A
Other languages
Chinese (zh)
Other versions
CN112637307B (en
Inventor
周伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Consumer Finance Co Ltd
Original Assignee
Ping An Consumer Finance Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Consumer Finance Co Ltd filed Critical Ping An Consumer Finance Co Ltd
Priority to CN202011489818.6A priority Critical patent/CN112637307B/en
Publication of CN112637307A publication Critical patent/CN112637307A/en
Application granted granted Critical
Publication of CN112637307B publication Critical patent/CN112637307B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Stored Programmes (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The present invention relates to the field of information security technologies, and in particular, to a file updating method, system, computer device, and storage medium. The file updating method can be applied to a file updating system, wherein the file updating system comprises a debugging end, a server end and a terminal to be updated; the file updating method comprises the steps that an updating package file of a target application is sent to a server side through a debugging side; after the terminal to be updated starts the target application, the received update package file is sent to the terminal to be updated through the server side; when the terminal to be updated receives an update package file carrying a file identifier, the terminal to be updated requests a server for a first file hash value corresponding to the file identifier, so that the terminal to be updated checks the update package file based on the first file hash value to obtain a checking result; and when the verification result is that the verification is passed, transmitting the update package file into the target application for loading and displaying through the terminal to be updated. The method can effectively solve the security problem of bundle update package files.

Description

File updating method, system, computer device and storage medium
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a file updating method, system, computer device, and storage medium.
Background
Currently, Native app development is usually mixed with real Native development, which refers to a cross-platform mobile application development framework. Generally, if a developer modifies a function or configuration in an APP, an executable file of the APP, i.e., a Bundle package, needs to be updated so that the APP can display the updated content.
In the current Bundle hot update scheme, a new Bundle package is generated by a read Native development end and uploaded to a server, and then an APP dynamically issues the new Bundle package to the APP end in response to an update request through an update request interface, so as to implement hot update. However, the hot update scheme has a great potential safety hazard, for example, in the process of dynamically issuing a new Bundle package to the APP end, the Bundle package is replaced, that is, a network request is maliciously intercepted, so that the APP end downloads an unofficial Bundle hot update package; or, the APP terminal adopts a root tool to replace the updated ReactNative bundle package downloaded locally, which easily causes unpredictable security problems.
Disclosure of Invention
The embodiment of the invention provides a file updating method, a file updating system, computer equipment and a storage medium, and aims to solve the problem that when an existing salesman checks the price inquiry data modified by a warrantee, the prior submitted price inquiry data can only be compared according to memory to locate a modification point, so that the time is consumed, and the underwriting efficiency is low.
A file updating method is applied to a file updating system, wherein the file updating system comprises a debugging end, a server end and a terminal to be updated; the file updating method comprises the following steps:
sending an update package file of the target application to a server side through the debugging side; wherein, the update package file corresponds to a file identifier and a first file hash value;
after the terminal to be updated starts the target application, establishing network connection between the terminal to be updated and the server side so as to send the received update package file to the terminal to be updated through the server side;
when the terminal to be updated receives the update package file carrying the file identifier, requesting a first file hash value corresponding to the file identifier from the server through the terminal to be updated so that the terminal to be updated checks the update package file based on the first file hash value to obtain a checking result;
and when the verification result is that the verification is passed, transmitting the update package file into the target application for loading and displaying through the terminal to be updated so as to complete file updating.
A file update system, comprising:
the updating package file sending module is used for sending the updating package file of the target application to the server side through the debugging side; wherein, the update package file corresponds to a file identifier and a first file hash value;
the update package file issuing module is used for establishing network connection between the terminal to be updated and the server after the terminal to be updated starts the target application, so as to issue the received update package file to the terminal to be updated through the server;
the hash checking module is used for requesting a first file hash value corresponding to the file identifier from the server through the terminal to be updated when the terminal to be updated receives the update package file carrying the file identifier, so that the terminal to be updated checks the update package file based on the first file hash value to obtain a checking result;
and the file updating module is used for transmitting the update package file into the target application for loading and displaying through the terminal to be updated when the verification result is that the verification is passed so as to complete file updating.
A computer device comprising a memory, a processor and a computer program stored in said memory and executable on said processor, said processor implementing the steps of the above file update method when executing said computer program.
A computer storage medium, storing a computer program which, when executed by a processor, implements the steps of the above-described file update method.
In the file updating method, the system, the computer device and the storage medium, when updating a bundle package file (i.e. an APP executable file) of a read Native module in a target application, an updating package file (i.e. an updated bundle package file) carrying a first file hash value of the target application is sent to a server through a debugging end, so that after the target application is started by a terminal to be updated, network connection between the terminal to be updated and the server is established, so that the received updating package file is sent to the terminal to be updated through the server, when the terminal to be updated receives the updating package file carrying a file identifier, the terminal to be updated requests the server for the first file hash value corresponding to the file identifier through the terminal to be updated, so that the terminal to be updated checks the updating package file based on the first file hash value, so that after the updating package file is received by the terminal to be updated, and then the first file hash value is returned in response to the data request of the terminal to be updated, so that the update package file stored in the terminal to be updated is prevented from being tampered or replaced. When the verification result is that the verification is passed, the update package file is transmitted to the target application for loading and displaying through the terminal to be updated so as to complete file updating, so that the terminal to be updated can ensure that the terminal to be updated always downloads the officially provided safe bundle update package when the terminal to be updated starts to load the target application each time, and the problem that the bundle package file downloaded to the local is replaced by the root tool can be effectively solved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.
FIG. 1 is a diagram of an application environment of a file update method according to an embodiment of the present invention;
FIG. 2 is a flowchart of a file update method according to an embodiment of the present invention;
FIG. 3 is a detailed flowchart of step S203 in FIG. 2;
FIG. 4 is a flowchart of a file update method according to an embodiment of the present invention;
FIG. 5 is a detailed flowchart of step S201 in FIG. 2;
FIG. 6 is a detailed flowchart of step S502 in FIG. 5;
FIG. 7 is a detailed flowchart of step S602 in FIG. 6;
FIG. 8 is a flowchart of a file update method according to an embodiment of the present invention;
FIG. 9 is a schematic diagram of a file update system in accordance with an embodiment of the present invention;
FIG. 10 is a schematic diagram of a computer device according to an embodiment of the invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The file updating method can be applied to the application environment shown in fig. 1, and the file updating system comprises a debugging terminal, a server terminal and a terminal to be updated. The server communicates with the terminal to be updated and the debugging end through a network. The debug port may include, but is not limited to, a personal computer and a notebook computer. The terminal to be updated may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices. The server may be implemented as a stand-alone server.
In one embodiment, as shown in fig. 2, a file updating method is provided, which includes the following steps:
s201: sending an update package file of the target application to a server side through a debugging side; the update package file corresponds to a file identifier and a first file hash value.
The method can be applied to a file hot update system, and the system comprises a debugging end, a service end and a terminal to be updated. The debugging end refers to a code editing end corresponding to the ReactNative module, and a developer can generate a corresponding updated bundle package file after debugging codes at the debugging end in a development test mode. The terminal to be updated may include, but is not limited to, a mobile phone or a tablet computer. The server can respectively establish network connection with the terminal to be updated and the debugging terminal, and is used for receiving and sending the update package file (namely the updated bundle package file). The file identification is used to uniquely identify the update package file, such as a version number. The first file hash value is obtained by performing hash calculation on the update package file by the debugging end.
S202: after the terminal to be updated starts the target application, network connection between the terminal to be updated and the server is established, so that the received update package file is issued to the terminal to be updated through the server.
S203: when the terminal to be updated receives the update package file carrying the file identification, the terminal to be updated requests the server for the first file hash value corresponding to the file identification, so that the terminal to be updated checks the update package file based on the first file hash value to obtain a checking result.
Specifically, in order to solve the problem that when the server issues the updated bundle package file, the network is maliciously intercepted, so that the bundle package file is replaced, and the user downloads the bundle hot update package to the unofficial party, in this embodiment, the debugging end uploads the hash value of the first file corresponding to the update package file, and uploads the hash value of the first file corresponding to the file identifier to the server for storage, when the server issues the update package file to the terminal to be updated, the hash value of the first file is not sent to the terminal to be updated, and only the update package file and the corresponding file identifier are sent to the terminal to be updated, so as to ensure reliability and safety of data transmission between the terminal to be updated and the server.
Further, in this embodiment, after the target application is started at the terminal to be updated each time, hash check is required, and the update package file can be transmitted to the target application for loading and displaying when the hash check is passed, so as to effectively ensure the security and reliability of the update package file loaded by the target application.
When the terminal to be updated receives an update package file issued by the server, the second file hash value of the update package file is calculated, the first file hash value of the server is requested to be compared with the second file hash value, so that the integrity of the update package file is verified, if the first file hash value is consistent with the second file hash value, the update package file received by the terminal to be updated at the moment is proved to be consistent with the update package file uploaded by the debugging end and received by the server, and a verification result passing the verification is obtained.
S204: and when the verification result is that the verification is passed, transmitting the update package file into the target application for loading and displaying through the terminal to be updated so as to complete file updating.
It is understood that the hot update scheme implemented by the method is as follows: firstly, a debugging end sends an update package file of a target application to a server end; then, the server side issues the received update package file to the terminal to be updated, the terminal to be updated downloads the update package file according to the bundle download link returned by the server side, and when the terminal to be updated receives the update package file, the terminal to be updated requests the server side for a first file hash value corresponding to the file identifier, so that the terminal to be updated checks the update package file based on the first file hash value to obtain a check result; and when the verification result is that the verification is passed, transmitting the update package file into the target application for loading and displaying through the terminal to be updated, and completing the hot update of the file.
In the embodiment, when a bundle file (i.e. an APP executable file) of a read Native module in a target application is subjected to hot update, an update package file carrying a first file hash value of the target application is sent to a server through a debugging end, so that after the target application is started by a terminal to be updated, a network connection between the terminal to be updated and the server is established, so that the received update package file is sent to the terminal to be updated through the server, when the terminal to be updated receives the update package file carrying a file identifier, the terminal to be updated requests the server for the first file hash value corresponding to the file identifier through the terminal to be updated, so that the terminal to be updated checks the update package file based on the first file hash value, so that the first file hash value is stored in the server, and after the terminal to be updated receives the update package file, the first file hash value is returned in response to a data request of the terminal to be updated, the update package file stored in the terminal to be updated is prevented from being tampered or replaced. When the verification result is that the verification is passed, the update package file is transmitted to the target application for loading and displaying through the terminal to be updated so as to complete file updating, so that the terminal to be updated can ensure that the terminal to be updated always downloads the officially provided safe bundle update package when the terminal to be updated starts to load the target application each time, and the problem that the bundle package file downloaded to the local is replaced by the root tool can be effectively solved.
In an embodiment, as shown in fig. 3, in step 203, that is, verifying the update package file based on the first file hash value, the method specifically includes the following steps:
s301: and performing hash calculation on the update package file through the terminal to be updated to obtain a second file hash value.
S302: and checking whether the first file hash value and the second file hash value are consistent or not through the terminal to be updated, and if so, acquiring a check result passing the check.
And performing hash calculation on the update package file through a hash algorithm to obtain a second file hash value. Specifically, when the terminal to be updated receives an update package file issued by the server, a second file hash value of the update package file is calculated, and the file hash value of the server is requested to be compared with the second file hash value to check the integrity of the update package file, if the first file hash value is consistent with the second file hash value, it is proved that the update package file received by the terminal to be updated at the moment is consistent with the update package file uploaded by the debugging end and received by the server, and a check result that the check is passed is obtained.
Further, when the verification fails, the updating process is terminated or the server is requested to issue the update package file again, or the server is enabled to issue the update package file again by feeding back the update failure information to the server.
In one embodiment, the update package file further corresponds to an encryption key; as shown in fig. 4, in step S204, that is, when the verification result is that the verification is passed, the update package file is transmitted to the target application for loading and displaying through the terminal to be updated, which specifically includes the following steps:
s401: sending an update package file of the target application to a server side through a debugging side; the update package file corresponds to a file identifier, a first file hash value and an encryption key.
S402: after the terminal to be updated starts the target application, network connection between the terminal to be updated and the server is established, so that the received update package file is issued to the terminal to be updated through the server.
S403: when the terminal to be updated receives the update package file carrying the file identification, the terminal to be updated requests the server for the first file hash value corresponding to the file identification, so that the terminal to be updated checks the update package file based on the first file hash value to obtain a checking result.
S404: and when the verification result is that the verification is passed, decrypting the update package file by adopting the encryption key through the terminal to be updated, and acquiring the decrypted update package file.
S405: and transmitting the decrypted update package file into a target application for loading and displaying through the terminal to be updated so as to complete the hot update of the file.
The updating package file specifically corresponds to the file identifier, the encryption key and the first file hash value, and when the debugging end uploads the updating package file, the parameters carried by the updating package file are simultaneously uploaded to the server end for storage.
Specifically, in another specific embodiment, the hot update scheme further generates a bundle file at the debug terminal for encryption, so that when the debug terminal uploads the update package file, the debug terminal uploads an encryption key of the update package file to the server terminal for storage, so as to ensure the security of the bundle file during transmission. When the server side issues the update package file to the terminal to be updated, the encryption key and the first file hash value are not sent to the terminal to be updated, so that the reliability and the safety of data transmission between the terminal to be updated and the server side are ensured.
When the terminal to be updated receives an update package file issued by the server, calculating a second file hash value of the update package file, and requesting the first file hash value of the server to be compared with the second hash value so as to verify the integrity of the update package file, if the first file hash value is consistent with the second file hash value, verifying that the update package file received by the terminal to be updated at the moment is consistent with the update package file uploaded by the debugging end and received by the server, and acquiring a verification result that the verification passes; and when the verification is passed, the terminal to be updated decrypts the update package file by adopting the encryption key, acquires the decrypted update package file, transmits the update package file into the target application for loading and displaying, and completes the hot update of the file.
Specifically, when the bundle file (i.e. APP executable file) of the React Native module in the target application is subjected to hot updating, one-layer encryption and two-layer hash processing are performed when the debugging end and the service end of the React Native module are transmitted, so that the safety of the transmission of the bundle file between the debugging end and the service end and the transmission of the bundle file between the service end and the terminal to be updated are ensured,
it can be understood that, in this embodiment, when the terminal to be updated starts to load the target application each time, the hash check and decryption operation needs to be performed on the encrypted file, so that it is ensured that the terminal to be updated always downloads the secure bundle update package provided by the official, and the problem that the bundle package file downloaded to the local is replaced by the root tool can be effectively solved.
Further, in step S403, specifically, when the terminal to be updated receives the update package file with the file identifier, the update package file is stored in the private storage space corresponding to the target application through the terminal to be updated.
It can be understood that, when receiving the encrypted update package file, the terminal to be updated stores the encrypted update package file to a local location (i.e., an APP private storage space), and even if the terminal is obtained by a third party, the security of the update package file can be ensured.
In an embodiment, as shown in fig. 5, in step S201, that is, sending the update package file of the target application to the server through the debugging end, the method specifically includes the following steps:
s501: and detecting whether the target application needs to be updated or not through the server side, and if so, issuing an update package file corresponding to the target application to the terminal to be updated. Alternatively, the first and second electrodes may be,
s502: and sending a file updating request to the server through the terminal to be updated so as to receive an updating package file returned by the server in response to the file updating request.
In this embodiment, the modes of sending the received update package file to the terminal to be updated through the server include, but are not limited to, two modes, one mode is that a network connection between the terminal to be updated and the server is established, and an update request is actively sent to the server to request for updating the package file; and in another mode, when the network connection between the terminal to be updated and the server is established, whether the bundle file of the target application in the terminal to be updated needs to be updated is detected through the server, for example, whether the bundle file is the latest version file is detected, and when the bundle file needs to be updated, the update package file is actively pushed to the terminal to be updated.
In one embodiment, the file updating request comprises a user ID and a terminal authentication token to be updated; as shown in fig. 6, in step S502, that is, the terminal to be updated sends a file update request to the server to receive an update package file returned by the server in response to the file update request, specifically including the following steps:
s601: and sending a file updating request to the server through the terminal to be updated.
S602: and when the server receives the file updating request, verifying the user ID and the terminal authentication token to be updated through the server to obtain a returned verification result.
S603: and if the verification result is that the verification fails, the file updating request is sent to the server again through the terminal to be updated or the file updating is terminated.
S604: and if the verification result is that the verification is successful, responding the file updating request through the server side so that the terminal to be updated receives the updating package file returned by the server side in response to the file updating request.
The user ID may be used to uniquely identify the user, such as a terminal identifier to be updated or a user account. The terminal authentication Token to be updated is a Token generated by the server after the user starts the target application and successfully logs in, and is used for interactive verification between the terminal to be updated and the server. Specifically, when the server receives a file updating request sent by the mobile terminal to be updated, the server authenticates the user, that is, verifies whether the user has an updating right, and verifies the request parameters carried by the file updating request, that is, the user ID and the terminal authentication token to be updated, with the updatable user ID and the token pre-stored by the server, so as to ensure that the user identity is real and effective and has the updating right. When the verification result is that the verification fails, the file updating request is sent to the server side again through the terminal to be updated or the file updating is stopped; and if the verification result is that the verification is successful, responding the file updating request through the server side so that the terminal to be updated receives the updating package file returned by the server side in response to the file updating request.
In an embodiment, as shown in fig. 7, in step S602, that is, a verification result returned by verifying the user ID and the terminal authentication token to be updated through the server side, the method specifically includes the following steps:
s701: comparing and verifying the user ID with a pre-stored updatable user ID through a server; and comparing the terminal authentication token to be updated with a pre-stored authentication token for verification.
S702: and if the user ID fails to be compared with the pre-stored updatable user ID and/or the terminal authentication token to be updated fails to be compared with the pre-stored authentication token, acquiring a verification result of the verification failure.
Specifically, the request parameters carried by the file updating request, namely the user ID and the terminal authentication token to be updated, are verified, and the user ID and the token which are prestored by the server are verified, so that the identity of the user is guaranteed to be real and effective and has the updating authority. And when the verification of any dimension of the user ID and the terminal authentication token to be updated is failed, returning the verification result of the verification failure.
In an embodiment, as shown in fig. 8, before step S201, the method further includes the following steps:
s801: and generating an updating package file through the debugging end, and generating a file identifier corresponding to the updating package file.
The generating of the file identifier corresponding to the update package file includes, but is not limited to, generating a bundle ID, that is, a file identifier, uniquely identifying the update package file by using UUID, snowflake algorithm, database increment, or the like.
S802: and generating an encryption key of the update package file according to the file identifier through the debugging end, and encrypting the update package file by adopting the encryption key to obtain the update package file.
S803: and performing hash calculation on the update package file through the debugging end to obtain a first file hash value corresponding to the update package file, so as to upload the update package file carrying the file identifier, the first file hash value and the encryption key to the server end.
Specifically, after the debug terminal generates a bundle file, i.e., an update package file, by packaging the developed and modified codes, a file identifier corresponding to the update file is generated, an encryption key of the update package file is generated through the file identifier, the update package file is encrypted by using the encryption key to obtain the update package file, so that the security of data transmission between the debug terminal and the server terminal is ensured, the encryption key is stored in the server terminal, and when the server terminal issues the update package file to the terminal to be updated, the encryption key and the hash value of the first file are not sent to the terminal to be updated, so that the reliability and the security of data transmission between the terminal to be updated and the server terminal are ensured.
And finally, the debugging end uploads the update package file carrying the file identifier, the first file hash value and the encryption key to a service, so that the service end stores the first file hash value and the encryption key and only sends the update package file carrying the file identifier to the terminal to be updated when the update package file is sent down, and the validity of hash verification and the encryption key is ensured.
Further, in step S802, that is, by the debug side, based on the file identifier, an encryption key for updating the package file is generated, which specifically includes the following steps:
s901: adopting a debugging end to obtain the preset key length of the special key;
s902: and generating an encryption key with a preset key length by adopting a debugging end according to the file identifier and the random number.
The preset key length includes, but is not limited to, 128 bits or 256 bits, and can be configured by self-definition according to experience, and is not limited herein.
In this embodiment, the length of the random number is dynamically determined according to the length of the character string of the file identifier, for example, the length of the character string of the file identifier is 64 bits, and the length of the preset key is 128 bits, so that a 64-bit random number can be specified and generated in the random number generation function, and the 64-bit random number and the 64-bit file identifier are combined to obtain a 128-bit encryption key. Specifically, the random number is combined with the file identifier, and may be implemented in a manner including, but not limited to, simple concatenation or interval insertion, and the like, which is not limited herein.
Further, the file identifier may be processed by using md5 message digest algorithm to generate a hash value with a fixed length (preset key length), i.e. an encryption key.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present invention.
In an embodiment, a file updating system is provided, and the file updating system corresponds to the file updating methods in the above embodiments one to one. As shown in fig. 9, the file updating system includes an update package file sending module 10, an update package file issuing module 20, a hash checking module 30, and a file updating module 40. The functional modules are explained in detail as follows:
the update package file sending module 10 is configured to send an update package file of the target application to the server through the debug end; the update package file corresponds to a file identifier and a first file hash value.
And the update package file issuing module 20 is configured to establish a network connection between the terminal to be updated and the server after the terminal to be updated starts the target application, so as to issue the received update package file to the terminal to be updated through the server.
The hash check module 30 is configured to, when the terminal to be updated receives the update package file with the file identifier, request the server for the first file hash value corresponding to the file identifier through the terminal to be updated, so that the terminal to be updated checks the update package file based on the first file hash value, and obtains a check result.
And the file updating module 40 is used for transmitting the update package file into the target application for loading and displaying through the terminal to be updated when the verification result is that the verification is passed, so as to complete file updating.
Specifically, the hash check module includes a hash calculation unit and a hash value comparison unit.
And the hash calculation unit is used for carrying out hash calculation on the update package file through the terminal to be updated to obtain a second file hash value.
And the hash value comparison unit is used for verifying whether the hash value of the first file is consistent with the hash value of the second file through the terminal to be updated, and if so, acquiring a verification result that the verification is passed.
Specifically, the update package file also corresponds to an encryption key; the file updating module comprises a decryption unit and a file updating unit.
And the decryption unit is used for decrypting the update package file by adopting the encryption key through the terminal to be updated when the verification result is that the verification is passed, and acquiring the decrypted update package file.
And the file updating unit is used for transmitting the decrypted updating package file into the target application for loading and displaying through the terminal to be updated so as to complete the hot updating of the file.
Specifically, the update package file sending module includes a first sending unit and a second sending unit.
The first sending unit is used for detecting whether the target application needs to be updated or not through the server side, and if so, sending an update package file corresponding to the target application to the terminal to be updated; alternatively, the first and second electrodes may be,
a second sending unit, configured to send a file update request to the server through the terminal to be updated, so as to receive an update package file returned by the server in response to the file update request
Specifically, the file updating request comprises a user ID and a terminal authentication token to be updated; the second sending unit comprises a request sending subunit, a terminal verification subunit to be updated, a first verification result processing subunit and a second verification result processing subunit.
And the request sending subunit is used for sending the file updating request to the server through the terminal to be updated.
And the terminal to be updated verification subunit is used for verifying the user ID and the terminal authentication token to be updated through the server side when the server side receives the file updating request, and returning a verification result.
And the first verification result processing subunit is used for resending the file updating request to the server side or terminating the file updating through the terminal to be updated if the verification result is that the verification fails.
And the second verification result processing subunit is used for responding the file updating request through the server if the verification result is successful, so that the terminal to be updated receives the updating packet file returned by the server in response to the file updating request.
Specifically, the terminal verification subunit to be updated includes a first verification subunit and a second verification subunit.
The first verification subunit is used for comparing and verifying the user ID with a pre-stored updatable user ID through the server; and comparing the terminal authentication token to be updated with a pre-stored authentication token for verification.
And the second verification subunit is used for acquiring a verification result of the verification failure if the user ID fails to be compared with the pre-stored updatable user ID and/or the terminal authentication token to be updated fails to be compared with the pre-stored authentication token.
Specifically, the file updating system further comprises a file identifier generating module, a file encrypting module and a file uploading module.
And the file identifier generation module is used for generating an update package file through the debugging end and generating a file identifier corresponding to the update package file.
And the file encryption module is used for generating an encryption key of the update package file according to the file identifier through the debugging end, and encrypting the update package file by adopting the encryption key to obtain the update package file.
And the file uploading module is used for performing hash calculation on the update package file through the debugging end to obtain a first file hash value corresponding to the update package file so as to upload the update package file carrying the file identifier, the first file hash value and the encryption key to the server end.
For the specific definition of the file updating system, reference may be made to the above definition of the file updating method, which is not described herein again. The modules in the file update system can be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent of a processor in the terminal to be updated, and can also be stored in a memory in the terminal to be updated in a software form, so that the processor can call and execute the corresponding operations of the modules.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 10. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a computer storage medium and an internal memory. The computer storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the computer storage media. The database of the computer device is used to store data, such as target pages, generated or obtained during the execution of the file update method. The network interface of the computer device is used for communicating with an external computer device through a network connection. The computer program is executed by a processor to implement a file update method.
In one embodiment, a computer device is provided, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and when the processor executes the computer program, the steps of the file updating method in the above embodiments are implemented, for example, steps S201 to S204 shown in fig. 2 or steps shown in fig. 3 to 8. Alternatively, the processor implements the functions of each module/unit in the embodiment of the file update system when executing the computer program, for example, the functions of each module/unit shown in fig. 9, and are not described here again to avoid repetition.
In an embodiment, a computer storage medium is provided, where a computer program is stored on the computer storage medium, and when executed by a processor, the computer program implements the steps of the file updating method in the foregoing embodiments, such as steps S201 to S204 shown in fig. 2 or steps shown in fig. 3 to fig. 8, which are not repeated herein for avoiding repetition. Alternatively, the computer program, when executed by the processor, implements the functions of the modules/units in the embodiment of the file updating system, for example, the functions of the modules/units shown in fig. 9, and are not described herein again to avoid repetition.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware related to instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-mentioned division of the functional units and modules is illustrated, and in practical applications, the above-mentioned function distribution may be performed by different functional units and modules according to needs, that is, the internal structure of the system is divided into different functional units or modules to perform all or part of the above-mentioned functions.
The above examples are only for illustrating the technical solutions of the present invention and not for limiting the same, and although the present invention is described in detail with reference to the foregoing examples, those of ordinary skill in the art should understand that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present invention, and are intended to be included within the scope of the present invention.

Claims (10)

1. A file updating method is characterized in that the method is applied to a file updating system, and the file updating system comprises a debugging end, a server end and a terminal to be updated; the file updating method comprises the following steps:
sending an update package file of a target application to the server side through the debugging side; wherein, the update package file corresponds to a file identifier and a first file hash value;
after the terminal to be updated starts the target application, establishing network connection between the terminal to be updated and the server, and sending the received update package file to the terminal to be updated through the server;
when the terminal to be updated receives the update package file carrying the file identifier, requesting a first file hash value corresponding to the file identifier from the server through the terminal to be updated so that the terminal to be updated checks the update package file based on the first file hash value to obtain a checking result;
and when the verification result is that the verification is passed, transmitting the update package file into the target application for loading and displaying through the terminal to be updated so as to complete file updating.
2. The file updating method according to claim 1, wherein the verifying the update package file based on the first file hash value to obtain a verification result comprises:
performing hash calculation on the update package file through the terminal to be updated to obtain a second file hash value;
and checking whether the first file hash value is consistent with the second file hash value or not through the terminal to be updated, and if so, acquiring a check result passing the check.
3. The file updating method according to claim 1, wherein the update package file further corresponds to an encryption key;
when the verification result is that the verification is passed, transmitting the update package file into the target application through the terminal to be updated to be loaded and displayed so as to complete file updating, wherein the step comprises the following steps;
when the verification result is that the verification is passed, decrypting the update package file by adopting the encryption key through the terminal to be updated to obtain the decrypted update package file;
and transmitting the decrypted update package file into the target application through the terminal to be updated for loading and displaying, so as to complete hot update of the file.
4. The file updating method of claim 1, wherein the sending the update package file of the target application to the server through the debugging side comprises:
detecting whether the target application needs to be updated or not through the server side, and if so, issuing an update package file corresponding to the target application to the terminal to be updated; alternatively, the first and second electrodes may be,
and sending a file updating request to the server through the terminal to be updated so as to receive an updating package file returned by the server in response to the file updating request.
5. The file updating method according to claim 4, wherein the file updating request includes a user ID and a terminal authentication token to be updated;
the sending a file updating request to the server through the terminal to be updated to receive an updating package file returned by the server in response to the file updating request includes:
sending a file updating request to a server through the terminal to be updated;
when the server receives the file updating request, verifying the user ID and the terminal authentication token to be updated through the server to obtain a returned verification result;
if the verification result is verification failure, the file updating request is sent to the server side again through the terminal to be updated or file updating is stopped;
and if the verification result is that the verification is successful, responding the file updating request through a server so that the terminal to be updated receives an updating package file returned by the server in response to the file updating request.
6. The file updating method according to claim 5, wherein the verifying the user ID and the terminal authentication token to be updated by the server side to return a verification result, comprises:
comparing and verifying the user ID with a pre-stored updatable user ID through the server; comparing and verifying the terminal authentication token to be updated with a pre-stored authentication token;
and if the user ID fails to be compared with the pre-stored updatable user ID and/or the terminal authentication token to be updated fails to be compared with the pre-stored authentication token, acquiring a verification result of verification failure.
7. The file updating method according to claim 3, wherein before the sending of the update package file of the target application to the server side through the debugging side, the file updating method further comprises:
generating an updating package file through the debugging end, and generating a file identifier corresponding to the updating package file;
generating an encryption key of the update package file according to the file identification through the debugging end, and encrypting the update package file by adopting the encryption key to obtain the update package file;
and performing hash calculation on the update package file through the debugging end to obtain a first file hash value corresponding to the update package file, so as to upload the update package file carrying the file identifier, the first file hash value and the encryption key to the server end.
8. A file update system, comprising:
the updating package file sending module is used for sending the updating package file of the target application to the server side through the debugging side; wherein, the update package file corresponds to a file identifier and a first file hash value;
the update package file issuing module is used for establishing network connection between the terminal to be updated and the server after the terminal to be updated starts the target application, so as to issue the received update package file to the terminal to be updated through the server;
the hash checking module is used for requesting a first file hash value corresponding to the file identifier from the server through the terminal to be updated when the terminal to be updated receives the update package file carrying the file identifier, so that the terminal to be updated checks the update package file based on the first file hash value to obtain a checking result;
and the file updating module is used for transmitting the update package file into the target application for loading and displaying through the terminal to be updated when the verification result is that the verification is passed so as to complete file updating.
9. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the file updating method according to any one of claims 1 to 7 when executing the computer program.
10. A computer storage medium storing a computer program, wherein the computer program when executed by a processor implements the steps of the file update method according to any one of claims 1 to 7.
CN202011489818.6A 2020-12-16 2020-12-16 File updating method, system, computer equipment and storage medium Active CN112637307B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011489818.6A CN112637307B (en) 2020-12-16 2020-12-16 File updating method, system, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011489818.6A CN112637307B (en) 2020-12-16 2020-12-16 File updating method, system, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112637307A true CN112637307A (en) 2021-04-09
CN112637307B CN112637307B (en) 2023-07-11

Family

ID=75314093

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011489818.6A Active CN112637307B (en) 2020-12-16 2020-12-16 File updating method, system, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112637307B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113407213A (en) * 2021-06-21 2021-09-17 平安银行股份有限公司 Resource package updating method, device, equipment and storage medium
CN113900681A (en) * 2021-08-13 2022-01-07 西安万像电子科技有限公司 Zero-terminal software updating method, electronic device and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017218109A2 (en) * 2016-06-12 2017-12-21 Intel Corporation Technologies for secure software update using bundles and merkle signatures
CN107786504A (en) * 2016-08-26 2018-03-09 腾讯科技(深圳)有限公司 ELF file publishing methods, ELF file verifications method, server and terminal
CN108804321A (en) * 2018-05-25 2018-11-13 武汉华工正源光子技术有限公司 A kind of automatic test software update system and method
CN110221849A (en) * 2019-04-30 2019-09-10 山东省计算中心(国家超级计算济南中心) A kind of software update system and method
CN111143869A (en) * 2019-12-30 2020-05-12 Oppo广东移动通信有限公司 Application package processing method and device, electronic equipment and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017218109A2 (en) * 2016-06-12 2017-12-21 Intel Corporation Technologies for secure software update using bundles and merkle signatures
CN107786504A (en) * 2016-08-26 2018-03-09 腾讯科技(深圳)有限公司 ELF file publishing methods, ELF file verifications method, server and terminal
CN108804321A (en) * 2018-05-25 2018-11-13 武汉华工正源光子技术有限公司 A kind of automatic test software update system and method
CN110221849A (en) * 2019-04-30 2019-09-10 山东省计算中心(国家超级计算济南中心) A kind of software update system and method
CN111143869A (en) * 2019-12-30 2020-05-12 Oppo广东移动通信有限公司 Application package processing method and device, electronic equipment and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113407213A (en) * 2021-06-21 2021-09-17 平安银行股份有限公司 Resource package updating method, device, equipment and storage medium
CN113900681A (en) * 2021-08-13 2022-01-07 西安万像电子科技有限公司 Zero-terminal software updating method, electronic device and storage medium

Also Published As

Publication number Publication date
CN112637307B (en) 2023-07-11

Similar Documents

Publication Publication Date Title
US11258792B2 (en) Method, device, system for authenticating an accessing terminal by server, server and computer readable storage medium
CN108810894B (en) Terminal authorization method, device, computer equipment and storage medium
CN109639661B (en) Server certificate updating method, device, equipment and computer readable storage medium
CN111107073B (en) Application automatic login method and device, computer equipment and storage medium
CN111666564B (en) Application program safe starting method and device, computer equipment and storage medium
CN111475824A (en) Data access method, device, equipment and storage medium
CN111193740B (en) Encryption method, device, decryption method, computer device and storage medium
CN112637307B (en) File updating method, system, computer equipment and storage medium
CN112800393B (en) Authorization authentication method, software development kit generation method, device and electronic equipment
KR20150059347A (en) Mobile terminal, terminal and method for authentication using security cookie
CN113572743A (en) Data encryption and decryption method and device, computer equipment and storage medium
CN113553572A (en) Resource information acquisition method and device, computer equipment and storage medium
CN112995138A (en) Data communication method and device, electronic equipment and readable storage medium
CN105187369A (en) Data access method and data access device
CN109657170B (en) Webpage loading method and device, computer equipment and storage medium
CN113703911A (en) Virtual machine migration method, device, equipment and storage medium
CN113505353A (en) Authentication method, device, equipment and storage medium
CN112446782A (en) Method for downloading initial key, computer equipment and storage medium
CN112417422A (en) Security chip upgrading method and computer readable storage medium
CN111628985A (en) Security access control method, security access control device, computer equipment and storage medium
CN116821918A (en) Online upgrading method, chip device, computer terminal and storage medium
CN111400771A (en) Target partition checking method and device, storage medium and computer equipment
CN111212057B (en) Resource packet transmission method and device, computer equipment and readable storage medium
CN114124440A (en) Secure transmission method, device, computer equipment and storage medium
CN112260997A (en) Data access method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant