CN114297589A - Resource protection method and device and resource reading method and device for application program - Google Patents
Resource protection method and device and resource reading method and device for application program Download PDFInfo
- Publication number
- CN114297589A CN114297589A CN202111624254.7A CN202111624254A CN114297589A CN 114297589 A CN114297589 A CN 114297589A CN 202111624254 A CN202111624254 A CN 202111624254A CN 114297589 A CN114297589 A CN 114297589A
- Authority
- CN
- China
- Prior art keywords
- file
- resource file
- application program
- resource
- code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The present disclosure provides a resource protection method and apparatus, and a resource reading method and apparatus for an application program, wherein the resource protection method includes: encrypting the resource file of the application program to obtain a resource file ciphertext; generating a dynamic link library of the application program, wherein the dynamic link library comprises a hook program, a decryption code and a decryption key; the hook program is used for monitoring a preset reading function and instructing to execute a decryption code, and the reading function can be used for reading a resource file; the decryption code and the decryption key are used for decrypting the resource file ciphertext; generating a first publishing file, wherein the first publishing file comprises a first code file of an application program, a resource file ciphertext and a dynamic link library; the first code file comprises calling codes for calling the dynamic link library at a program entrance of the application program; the first publishing file is used for publishing the application program. The method and the device have the advantages that the resource file of the application program cannot be stolen or decompiled, and the safety of the resource file of the application program is greatly improved.
Description
Technical Field
The present disclosure relates to the field of information security technologies, and in particular, to a resource protection method and apparatus, and a resource reading method and apparatus for an application.
Background
In the prior art, an effective protection mode for the resources of the application program is encryption. The start of Google Play at 8 months 2021 requires that newly released applications must use the AAB format. The AAB file is an extension of the Java JAR package format and is also an extension of the ZIP file format. And the Google shop generates different numbers (more than one) of data packets for the AAB format file according to the configuration parameters of different devices and codes, resources and the like of the application program, and repacks the data packets into the APK format file. However, since a plurality of data packets are generated from the installation file of the application program, the code and the resource cannot be directly protected by using the APK protection method.
Therefore, a method for protecting resources in files in AAB format is needed.
Disclosure of Invention
In view of this, an object of the present disclosure is to provide a method and an apparatus for protecting resources of an application program, and a method and an apparatus for reading resources, which are used to improve security of resource files of the application program.
In a first aspect, an embodiment of the present disclosure provides a resource protection method for an application program, where the method includes:
encrypting the resource file of the application program to obtain a resource file ciphertext;
generating a dynamic link library of an application program, wherein the dynamic link library comprises a hook program, a decryption code and a decryption key; the hook program is used for monitoring a preset reading function and instructing to execute the decryption code, and the reading function can be used for reading the resource file; the decryption code and the decryption key are used for decrypting the resource file ciphertext;
generating a first publishing file, wherein the first publishing file comprises a first code file of the application program, the resource file ciphertext and the dynamic link library; wherein the first code file includes calling code for calling the dynamic link library at a program entry of the application program; the first publishing file is used for publishing the application program.
In a possible implementation, the generating the first release file includes:
acquiring a second release file, wherein the second release file comprises a second code file;
modifying codes in the second code file to obtain a first code file so that the first code file comprises the calling codes;
and generating the first publishing file based on the first code file, the dynamic link library and the resource file ciphertext.
In a possible implementation, before generating the dynamic link library of the application, the method further includes:
randomly generating a corresponding encryption key for the resource file of the application program;
and encrypting the resource file of the application program by the encryption key to obtain the resource file ciphertext, wherein the encryption key corresponds to the decryption key.
In one possible implementation, the resource protection method further includes:
calculating first identification information of the resource file based on the resource file ciphertext, wherein the first identification information represents that the resource file is an encrypted file;
the dynamic link library further comprises: identification information of the resource file.
In one possible implementation, the resource protection method further includes:
modifying the sequence of the decryption codes according to a preset rule and/or setting the decryption codes to be unreadable to obtain processed decryption codes;
and the code included in the dynamic link library is the processed decryption code.
In a second aspect, an embodiment of the present disclosure further provides a resource reading method for an application program, where the application program is published through a first publishing file, and the first publishing file includes a first code file, a resource file ciphertext, and a dynamic link library of the application program;
the method comprises the following steps:
calling a dynamic link library based on a calling code at a program entrance of an application program when a first code file of the application program is operated;
executing a hook program in the dynamic link library to monitor a preset reading function;
under the condition that the target resource file is monitored to be read by the preset reading function, the target resource file is decrypted based on a decryption code and a decryption key in the dynamic link library to obtain a resource file of the application program; the target resource file is one or more resource files contained in the resource file ciphertext;
and returning the resource file to the reading function so as to read the target resource file.
In one possible embodiment, the method further comprises:
under the condition that the resource file is read by utilizing the preset reading function, determining the read resource file as a target resource file based on first identification information in the dynamic link library; wherein the first identification information indicates that the resource file is an encrypted file.
In a possible implementation manner, the determining that the read resource file is a target resource file based on the first identification information in the dynamic link library includes:
calculating second identification information of the resource file;
and under the condition that the second identification information is matched with the first identification information, determining the resource file as a target resource file.
In a third aspect, an embodiment of the present disclosure further provides a device for protecting resources of an application program, where the device includes:
the encryption module is configured to encrypt the resource file of the application program to obtain a resource file ciphertext;
the system comprises a first generation module, a second generation module and a third generation module, wherein the first generation module is configured to generate a dynamic link library of an application program, and the dynamic link library comprises a hook program, a decryption code and a decryption key; the hook program is used for monitoring a preset reading function and instructing to execute the decryption code, and the reading function can be used for reading the resource file; the decryption code and the decryption key are used for decrypting the resource file ciphertext;
a second generation module configured to generate a first release file, the first release file including a first code file of the application program, the resource file ciphertext, and the dynamic link library; wherein the first code file includes calling code for calling the dynamic link library at a program entry of the application program; the first publishing file is used for publishing the application program.
In a fourth aspect, an embodiment of the present disclosure further provides an apparatus for reading a resource of an application, where the apparatus includes:
a calling module configured to call a dynamic link library based on a calling code at a program entry of an application program when a first code file of the application program is run;
the execution module is configured to execute the hook program in the dynamic link library so as to monitor a preset reading function;
the decryption module is configured to decrypt the target resource file based on a decryption code and a decryption key in the dynamic link library to obtain the resource file of the application program under the condition that the target resource file is monitored to be read by using the preset reading function; the target resource file is one or more resource files contained in the resource file ciphertext;
and the return module is configured to return the resource file to the reading function so as to read the target resource file.
In a fifth aspect, an embodiment of the present disclosure further provides an electronic device, including:
a memory configured to store computer instructions;
a processor configured to execute the computer instructions to implement the method of any one of the first and second aspects set forth above.
In a sixth aspect, the disclosed embodiments also provide a computer-readable storage medium, which stores a computer program, where the computer program, when executed by a processor, causes the processor to execute the method of any one of the first and second aspects.
According to the method and the device for protecting the resource file of the application program, the dynamic link library and the calling code of the application program are set, and the dynamic link library and the calling code are packaged in the first release file, so that the first code file and the resource file ciphertext of the application program can be protected, the first code file and the resource file ciphertext can not be maliciously read, the resource file of the application program can not be stolen or decompiled, and the safety of the resource file of the application program is greatly improved.
In order to make the aforementioned objects, features and advantages of the present disclosure more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the present disclosure or the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present disclosure, and other drawings can be obtained by those skilled in the art without inventive exercise.
FIG. 1 illustrates a flow chart of a resource protection method for an application provided by the present disclosure;
FIG. 2 is a flow chart illustrating a resource reading method for an application provided by the present disclosure;
FIG. 3 is a schematic structural diagram illustrating an apparatus for protecting resources of an application according to the present disclosure;
fig. 4 shows a schematic structural diagram of a resource reading apparatus of an application provided by the present disclosure;
fig. 5 shows a schematic structural diagram of an electronic device provided by the present disclosure.
Detailed Description
In order to make the objects, technical solutions and advantages of the present disclosure more apparent, the technical solutions of the present disclosure will be described clearly and completely below with reference to the accompanying drawings of the present disclosure. It is to be understood that the described embodiments are only a few embodiments of the present disclosure, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the described embodiments of the disclosure without any inventive step, are within the scope of protection of the disclosure.
Unless otherwise defined, technical or scientific terms used herein shall have the ordinary meaning as understood by one of ordinary skill in the art to which this disclosure belongs. The use of "first," "second," and similar terms in this disclosure is not intended to indicate any order, quantity, or importance, but rather is used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that the element or item listed before the word covers the element or item listed after the word and its equivalents, but does not exclude other elements or items. The terms "connected" or "coupled" and the like are not restricted to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", and the like are used merely to indicate relative positional relationships, and when the absolute position of the object being described is changed, the relative positional relationships may also be changed accordingly.
To maintain the following description of the present disclosure clear and concise, detailed descriptions of known functions and known components are omitted from the present disclosure.
First, terms related to embodiments of the present disclosure are explained:
APK: the APK is Android Package based on an Android system, namely the Android installation Package file is an extension of Java JAR Package format and is also an extension of ZIP file format. APK suffix of APK file, APK file mainly contains: code, resources, signature files, etc.
AAB: android App Bundle is a release format that contains all compiled code and resources of an application, which will deliver APK generation and signatures to Google Play.
Hook: hook, also called Hook function/Hook program, captures the message before the system does not call the function, and the Hook function gets control right first, and then the Hook function can process (change) the execution behavior of the function.
An exemplary application scenario of the embodiments of the present disclosure is as follows: and the application program developer submits the packaged AAB file to an application store such as a Google store, and the application store repacks the AAB file into an APK (android package) format file for a user to download. When a user needs to download an application program installation package, the application store can extract appropriate content from the AAB according to different device configuration conditions, and repackage the appropriate content into a plurality of files in the APK format, so that the user can install the APK files to run the application program.
A first aspect of the present disclosure provides a resource protection method for an application, and fig. 1 shows a flowchart of the resource protection method for the application, where specific steps include S101-S103.
S101, encrypting the resource file of the application program to obtain a resource file ciphertext.
In a specific implementation, after the resource file of the application program is acquired, the resource file of the application program is encrypted. Optionally, after the resource file of the application program is obtained, an encryption key is randomly generated, and as one embodiment, the encryption key is sixteen bytes; and then, encrypting the resource file of the application program by using the encryption key to obtain a resource file ciphertext, as one example, encrypting the resource file of the application program by using the encryption key in a preset encryption mode to obtain the resource file ciphertext. Optionally, the encryption mode may be symmetric encryption, that is, the encryption key corresponds to the decryption key, and the encryption mode enables the size of the resource file before encryption to be the same as the size of the resource file ciphertext obtained after encryption, so that space resources are prevented from being wasted by increasing the size of the resource file.
The resource file of the application program may be issued by a developer, or may be obtained by periodically requesting according to a requirement, and the like.
S102, generating a dynamic link library of the application program, wherein the dynamic link library comprises a hook program, a decryption code and a decryption key; the hook program is used for monitoring a preset reading function and instructing to execute a decryption code, and the reading function can be used for reading a resource file; the decryption code and the decryption key are used to decrypt the resource file ciphertext.
Optionally, a dynamic link library corresponding thereto is generated for the application. In a specific implementation, the dynamic link library includes a Hook program, i.e., a Hook function, and the Hook program is used to monitor a preset read function and instruct to execute a decryption code, where the preset read function is self-defined, such as an Asset:: createfrom fd function, an Asset:: createfrom compressive file function, and an Asset:: createfrom file, in an Asset class of an Android system. The reading function can be used for reading the resource file, and then installation and operation of the application program are completed.
In a specific implementation, the dynamic link library further comprises a decryption code and a decryption key; the decryption code and the decryption key are used for decrypting the resource file ciphertext, the decryption code is preset and stored, and when the resource file ciphertext is decrypted, the decryption code is executed to complete decryption through the decryption key.
In practical application, the code included in the dynamic link library is a processed decryption code, and optionally, the order of the decryption code is modified according to a preset rule and/or the decryption code is set to be unreadable, so that the processed decryption code is obtained. And modifying the sequence of the decryption codes comprises disturbing the sequence of the decryption codes according to a preset rule, so that the decryption codes are prevented from being leaked. Moreover, processing code in a dynamically linked library may also include processing code in other potentially confusing ways. The decryption code is set to be unreadable, and can be virtualized exemplarily, so that the purpose of protecting the decryption code is achieved.
As an example, the dynamic link library further includes identification information of the resource file, and optionally, after obtaining the resource file ciphertext, calculates first identification information of the resource file based on the resource file ciphertext, where the first identification information indicates that the resource file is an encrypted file.
S103, generating a first publishing file, wherein the first publishing file comprises a first code file of the application program, a resource file ciphertext and a dynamic link library; the first code file comprises calling codes for calling the dynamic link library at a program entrance of the application program; the first publishing file is used for publishing the application program.
Optionally, after the resource file ciphertext and the dynamic link library are obtained, a first publishing file is generated based on the resource file ciphertext and the dynamic link library, where the first publishing file is used to publish the application program, that is, the application program can be installed or run based on the first publishing file.
The first release file comprises a resource file ciphertext and a dynamic link library of the application program, and also comprises a first code file of the application program, wherein the first code file comprises a calling code for calling the dynamic link library at a program entry of the application program.
Further, when the first release file is generated, a second release file is required to be acquired, wherein the second release file comprises a second code file; wherein the second code file is a smali code of classes. After the second code file is acquired, modifying codes in the second code file to obtain a first code file, so that the first code file comprises calling codes. And then, generating a first publishing file based on the first code file, the dynamic link library and the resource file ciphertext.
According to the method and the device for protecting the resource file of the application program, the dynamic link library and the calling code of the application program are set and packaged in the first release file, so that the first code file and the resource file ciphertext of the application program are protected, the first code file and the resource file ciphertext cannot be maliciously read, the resource file of the application program cannot be stolen or decompiled, and the safety of the resource file of the application program is greatly improved.
A second aspect of the present disclosure provides a resource reading method for an application, and fig. 2 shows a flowchart of a resource protection method for the application, where specific steps include S201-S204.
S201, when the first code file of the application program is operated, based on a calling code at a program entrance of the application program, calling a dynamic link library.
In the embodiment of the disclosure, the application program is published through a first publishing file, and the first publishing file comprises a first code file, a resource file ciphertext and a dynamic link library of the application program.
And under the condition that a user triggers an installation instruction or an operation instruction of the application program, operating the first code file of the application program. Wherein the dynamic link library is invoked based on an invocation code at a program entry of the application program while running the first code file of the application program. The calling code is modified in advance and is added to a first code file in a first publishing file so as to realize the calling of the dynamic link library.
S202, executing a hook program in the dynamic link library to monitor a preset reading function.
After the dynamic link library is called by the calling code, a hook program in the dynamic link library is executed to monitor a preset reading function, namely, to determine whether the reading function is a modified self-defined function.
S203, under the condition that the target resource file is monitored to be read by using a preset reading function, the target resource file is decrypted based on a decryption code and a decryption key in the dynamic link library to obtain a resource file of the application program; the target resource file is one or more resource files contained in the resource file ciphertext.
And under the condition that the resource file is read by using a preset reading function, determining the read resource file as a target resource file based on the first identification information in the dynamic link library. Optionally, second identification information of the resource file may be calculated according to a preset algorithm, then it is determined whether the second identification information matches the first identification information, and the resource file is determined to be the target resource file under the condition that the second identification information matches the first identification information; of course, it may also be directly determined whether the first identification information is preset identification information, and if so, the resource file is determined to be the target resource file. Wherein the first identification information indicates that the resource file is an encrypted file.
When the resource file read by using the preset reading function is monitored to be the target resource file, the target resource file is decrypted based on the decryption code and the decryption key in the dynamic link library to obtain the resource file of the application program, and then the application program is installed and operated based on the obtained resource file; the target resource file is one or more resource files contained in the resource file ciphertext.
S204, returning the resource file to the reading function to read the target resource file.
After the resource file of the application program is obtained, the resource file is returned to the reading function, so that the target resource file is read through the reading function, namely, the installation and the operation of the target program are executed.
According to the method and the device for issuing the resource files, the first issuing file comprises the first code file of the application program, the resource file ciphertext and the dynamic link library, so that the safety of the resource file when being read can be ensured, namely the first code file and the resource file ciphertext cannot be maliciously read, the resource file of the application program cannot be stolen or decompiled, and the safety of the resource file of the target program during installation and operation is ensured.
Based on the same inventive concept, the third aspect of the present disclosure further provides a resource protection device for an application program corresponding to the resource protection method for the application program, and since the principle of the resource protection device for an application program in the present disclosure for solving the problem is similar to the resource protection method for an application program described above in the present disclosure, the implementation of the resource protection device for an application program may refer to the implementation of the method, and repeated details are not repeated.
Fig. 3 shows a schematic diagram of a resource protection apparatus for an application provided in an embodiment of the present disclosure, which specifically includes:
the encryption module 301 is configured to encrypt the resource file of the application program to obtain a resource file ciphertext;
a first generation module 302 configured to generate a dynamic link library of an application program, wherein the dynamic link library includes a hook program, a decryption code and a decryption key; the hook program is used for monitoring a preset reading function and instructing to execute the decryption code, and the reading function can be used for reading the resource file; the decryption code and the decryption key are used for decrypting the resource file ciphertext;
a second generating module 303, configured to generate a first publishing file, where the first publishing file includes a first code file of the application program, the resource file ciphertext, and the dynamic link library; wherein the first code file includes calling code for calling the dynamic link library at a program entry of the application program; the first publishing file is used for publishing the application program.
In another embodiment, the second generating module 303 is specifically configured to:
acquiring a second release file, wherein the second release file comprises a second code file;
modifying codes in the second code file to obtain a first code file so that the first code file comprises the calling codes;
and generating the first publishing file based on the first code file, the dynamic link library and the resource file ciphertext.
In yet another embodiment, the resource protection apparatus further comprises a third generating module 304 configured to:
randomly generating a corresponding encryption key for the resource file of the application program;
and encrypting the resource file of the application program by the encryption key to obtain the resource file ciphertext, wherein the encryption key corresponds to the decryption key.
In yet another embodiment, the resource protection apparatus further comprises a calculation module 305 configured to:
calculating first identification information of the resource file based on the resource file ciphertext, wherein the first identification information represents that the resource file is an encrypted file;
the dynamic link library further comprises: identification information of the resource file.
In yet another embodiment, the resource protection apparatus further comprises a modification module 306 configured to:
modifying the sequence of the decryption codes according to a preset rule and/or setting the decryption codes to be unreadable to obtain processed decryption codes;
and the code included in the dynamic link library is the processed decryption code.
According to the method and the device for protecting the resource file of the application program, the dynamic link library and the calling code of the application program are set, and the dynamic link library and the calling code are packaged in the first release file, so that the first code file and the resource file ciphertext of the application program can be protected, the first code file and the resource file ciphertext can not be maliciously read, the resource file of the application program can not be stolen or decompiled, and the safety of the resource file of the application program is greatly improved.
Based on the same inventive concept, the fourth aspect of the present disclosure further provides a resource reading apparatus for an application program corresponding to the resource reading method for the application program, and because the principle of the resource reading apparatus for an application program in the present disclosure for solving the problem is similar to the resource reading method for the application program in the present disclosure, the implementation of the resource reading apparatus for an application program may refer to the implementation of the method, and repeated details are not repeated.
Fig. 4 shows a schematic diagram of a resource reading apparatus of an application program according to an embodiment of the present disclosure, which specifically includes:
a calling module 401 configured to call a dynamic link library based on a calling code at a program entry of an application program when the first code file of the application program is run;
an execution module 402 configured to execute a hook program in the dynamic link library to monitor a preset read function;
a decryption module 403, configured to decrypt the target resource file based on a decryption code and a decryption key in the dynamic link library to obtain a resource file of the application program, when it is monitored that the target resource file is read by using the preset read function; the target resource file is one or more resource files contained in the resource file ciphertext;
a returning module 404 configured to return the resource file to the reading function to read the target resource file.
In yet another embodiment, the resource reading apparatus further comprises a determining module 405 configured to:
under the condition that the resource file is read by utilizing the preset reading function, determining the read resource file as a target resource file based on first identification information in the dynamic link library; wherein the first identification information indicates that the resource file is an encrypted file.
In another embodiment, the determining module 405 is specifically configured to:
calculating second identification information of the resource file;
and under the condition that the second identification information is matched with the first identification information, determining the resource file as a target resource file.
According to the method and the device for issuing the resource files, the first issuing file comprises the first code file of the application program, the resource file ciphertext and the dynamic link library, so that the safety of the resource file when being read can be ensured, namely the first code file and the resource file ciphertext cannot be maliciously read, the resource file of the application program cannot be stolen or decompiled, and the safety of the resource file of the target program during installation and operation is ensured.
The structural schematic diagram of the electronic device may be as shown in fig. 5, and the electronic device at least includes a memory 501 and a processor 502, where the memory 501 stores computer instructions, and the processor 502 implements the method provided in any embodiment of the present disclosure when executing the computer instructions on the memory 501. Illustratively, the steps of the electronic device computer instructions are as follows S11-S13:
s11, encrypting the resource file of the application program to obtain a resource file ciphertext;
s12, generating a dynamic link library of the application program, wherein the dynamic link library comprises a hook program, a decryption code and a decryption key; the hook program is used for monitoring a preset reading function and instructing to execute the decryption code, and the reading function can be used for reading the resource file; the decryption code and the decryption key are used for decrypting the resource file ciphertext;
s13, generating a first publishing file, wherein the first publishing file comprises a first code file of the application program, the resource file ciphertext and the dynamic link library; wherein the first code file includes calling code for calling the dynamic link library at a program entry of the application program; the first publishing file is used for publishing the application program.
The processor, when executing the first release file stored on the memory, further executes the following computer program: acquiring a second release file, wherein the second release file comprises a second code file; modifying codes in the second code file to obtain a first code file so that the first code file comprises the calling codes; and generating the first publishing file based on the first code file, the dynamic link library and the resource file ciphertext.
The processor also executes the following computer program prior to executing the dynamically linked library stored on the memory that generates the application program: randomly generating a corresponding encryption key for the resource file of the application program; and encrypting the resource file of the application program by the encryption key to obtain the resource file ciphertext, wherein the encryption key corresponds to the decryption key.
The processor, when executing the resource protection method stored on the memory, also executes the following computer program: calculating first identification information of the resource file based on the resource file ciphertext, wherein the first identification information represents that the resource file is an encrypted file; the dynamic link library further comprises: identification information of the resource file.
The processor, when executing the resource protection method stored on the memory, also executes the following computer program: modifying the sequence of the decryption codes according to a preset rule and/or setting the decryption codes to be unreadable to obtain processed decryption codes; and the code included in the dynamic link library is the processed decryption code.
The steps of the electronic device computer instructions further include S21-S24:
s21, when the first code file of the application program is operated, based on the calling code at the program entrance of the application program, calling the dynamic link library;
s22, executing the hook program in the dynamic link library to monitor a preset reading function;
s23, when the situation that the target resource file is read by the preset reading function is monitored, the target resource file is decrypted based on the decryption code and the decryption key in the dynamic link library to obtain the resource file of the application program; the target resource file is one or more resource files contained in the resource file ciphertext;
and S24, returning the resource file to the reading function to read the target resource file.
The processor, when executing the resource reading method stored on the memory, further executes the following computer program: under the condition that the resource file is read by utilizing the preset reading function, determining the read resource file as a target resource file based on first identification information in the dynamic link library; wherein the first identification information indicates that the resource file is an encrypted file.
The configuration file further comprises function information, and the processor executes the following computer program when determining that the read resource file is a target resource file based on the first identification information in the dynamic link library, which is stored in the execution memory: calculating second identification information of the resource file; and under the condition that the second identification information is matched with the first identification information, determining the resource file as a target resource file.
According to the method and the device for protecting the resource file of the application program, the dynamic link library and the calling code of the application program are set, and the dynamic link library and the calling code are packaged in the first release file, so that the first code file and the resource file ciphertext of the application program can be protected, the first code file and the resource file ciphertext can not be maliciously read, the resource file of the application program can not be embezzled or decompiled, the safety of the resource file of the application program is greatly improved, and the safety of the resource file of the target program during installation and operation is ensured.
The storage medium is a computer-readable medium, and stores a computer program, and when the computer program is executed by a processor, the method provided by any embodiment of the disclosure is implemented, including the following steps S31 to S33:
s31, encrypting the resource file of the application program to obtain a resource file ciphertext;
s32, generating a dynamic link library of the application program, wherein the dynamic link library comprises a hook program, a decryption code and a decryption key; the hook program is used for monitoring a preset reading function and instructing to execute the decryption code, and the reading function can be used for reading the resource file; the decryption code and the decryption key are used for decrypting the resource file ciphertext;
s33, generating a first publishing file, wherein the first publishing file comprises a first code file of the application program, the resource file ciphertext and the dynamic link library; wherein the first code file includes calling code for calling the dynamic link library at a program entry of the application program; the first publishing file is used for publishing the application program.
When the computer program is executed by the processor to generate the first distribution file, the processor further executes the following steps: acquiring a second release file, wherein the second release file comprises a second code file; modifying codes in the second code file to obtain a first code file so that the first code file comprises the calling codes; and generating the first publishing file based on the first code file, the dynamic link library and the resource file ciphertext.
Before the computer program is executed by the processor to generate the dynamic link library of the application program, the following steps are also executed by the processor: randomly generating a corresponding encryption key for the resource file of the application program; and encrypting the resource file of the application program by the encryption key to obtain the resource file ciphertext, wherein the encryption key corresponds to the decryption key.
When the computer program is executed by the processor to execute the resource protection method, the processor also executes the following steps: calculating first identification information of the resource file based on the resource file ciphertext, wherein the first identification information represents that the resource file is an encrypted file; the dynamic link library further comprises: identification information of the resource file.
When the computer program is executed by the processor to execute the resource protection method, the processor also executes the following steps: modifying the sequence of the decryption codes according to a preset rule and/or setting the decryption codes to be unreadable to obtain processed decryption codes; and the code included in the dynamic link library is the processed decryption code.
The computer program, when executed by a processor, implements the method provided by any of the embodiments of the present disclosure, including the following steps S41 to S44:
s41, when the first code file of the application program is operated, based on the calling code at the program entrance of the application program, calling the dynamic link library;
s42, executing the hook program in the dynamic link library to monitor a preset reading function;
s43, when the situation that the target resource file is read by the preset reading function is monitored, the target resource file is decrypted based on the decryption code and the decryption key in the dynamic link library to obtain the resource file of the application program; the target resource file is one or more resource files contained in the resource file ciphertext;
and S44, returning the resource file to the reading function to read the target resource file.
When the computer program is executed by the processor to perform the resource reading method, the processor further executes the following steps: under the condition that the resource file is read by utilizing the preset reading function, determining the read resource file as a target resource file based on first identification information in the dynamic link library; wherein the first identification information indicates that the resource file is an encrypted file.
When the computer program is executed by the processor and the read resource file is determined to be the target resource file based on the first identification information in the dynamic link library, the computer program is further executed by the processor to perform the following steps: calculating second identification information of the resource file; and under the condition that the second identification information is matched with the first identification information, determining the resource file as a target resource file.
According to the method and the device for protecting the resource file of the application program, the dynamic link library and the calling code of the application program are set, and the dynamic link library and the calling code are packaged in the first release file, so that the first code file and the resource file ciphertext of the application program can be protected, the first code file and the resource file ciphertext can not be maliciously read, the resource file of the application program can not be embezzled or decompiled, the safety of the resource file of the application program is greatly improved, and the safety of the resource file of the target program during installation and operation is ensured.
Optionally, in this embodiment, the storage medium may include, but is not limited to: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes. Optionally, in this embodiment, the processor executes the method steps described in the above embodiments according to the program code stored in the storage medium. Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments and optional implementation manners, and this embodiment is not described herein again. It will be apparent to those skilled in the art that the modules or steps of the present disclosure described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. As such, the present disclosure is not limited to any specific combination of hardware and software.
Moreover, although exemplary embodiments have been described herein, the scope thereof includes any and all embodiments based on the disclosure with equivalent elements, modifications, omissions, combinations (e.g., of various embodiments across), adaptations or alterations. The elements in the claims are to be interpreted broadly based on the language employed in the claims and not limited to examples described in the specification or during the prosecution of the disclosure, which examples are to be construed as non-exclusive. It is intended, therefore, that the specification and examples be considered as exemplary only, with a true scope and spirit being indicated by the following claims and their full scope of equivalents.
The above description is intended to be illustrative and not restrictive. For example, the above-described examples (or one or more versions thereof) may be used in combination with each other. For example, other embodiments may be used by those of ordinary skill in the art upon reading the above description. In addition, in the foregoing detailed description, various features may be grouped together to streamline the disclosure. This should not be interpreted as an intention that a disclosed feature not claimed is essential to any claim. Rather, the subject matter of the present disclosure may lie in less than all features of a particular disclosed embodiment. Thus, the following claims are hereby incorporated into the detailed description as examples or embodiments, with each claim standing on its own as a separate embodiment, and it is contemplated that these embodiments may be combined with each other in various combinations or permutations. The scope of the disclosure should be determined with reference to the appended claims, along with the full scope of equivalents to which such claims are entitled.
While the present disclosure has been described in detail with reference to the embodiments, the present disclosure is not limited to the specific embodiments, and those skilled in the art can make various modifications and alterations based on the concept of the present disclosure, and the modifications and alterations should fall within the scope of the present disclosure as claimed.
Claims (12)
1. A resource protection method for an application program is characterized by comprising the following steps:
encrypting the resource file of the application program to obtain a resource file ciphertext;
generating a dynamic link library of an application program, wherein the dynamic link library comprises a hook program, a decryption code and a decryption key; the hook program is used for monitoring a preset reading function and instructing to execute the decryption code, and the reading function can be used for reading the resource file; the decryption code and the decryption key are used for decrypting the resource file ciphertext;
generating a first publishing file, wherein the first publishing file comprises a first code file of the application program, the resource file ciphertext and the dynamic link library; wherein the first code file includes calling code for calling the dynamic link library at a program entry of the application program; the first publishing file is used for publishing the application program.
2. The method of claim 1, wherein the generating the first release file comprises:
acquiring a second release file, wherein the second release file comprises a second code file;
modifying codes in the second code file to obtain a first code file so that the first code file comprises the calling codes;
and generating the first publishing file based on the first code file, the dynamic link library and the resource file ciphertext.
3. The resource protection method according to any one of claims 1 to 2, further comprising, before generating the dynamically linked library of the application program:
randomly generating a corresponding encryption key for the resource file of the application program;
and encrypting the resource file of the application program by the encryption key to obtain the resource file ciphertext, wherein the encryption key corresponds to the decryption key.
4. The resource protection method according to any one of claims 1 to 3, further comprising:
calculating first identification information of the resource file based on the resource file ciphertext, wherein the first identification information represents that the resource file is an encrypted file;
the dynamic link library further comprises: identification information of the resource file.
5. The resource protection method according to any one of claims 1 to 4, further comprising:
modifying the sequence of the decryption codes according to a preset rule and/or setting the decryption codes to be unreadable to obtain processed decryption codes;
and the code included in the dynamic link library is the processed decryption code.
6. The resource reading method of the application program is characterized in that the application program is issued through a first issuing file, and the first issuing file comprises a first code file, a resource file ciphertext and a dynamic link library of the application program;
the method comprises the following steps:
calling a dynamic link library based on a calling code at a program entrance of an application program when a first code file of the application program is operated;
executing a hook program in the dynamic link library to monitor a preset reading function;
under the condition that the target resource file is monitored to be read by the preset reading function, the target resource file is decrypted based on a decryption code and a decryption key in the dynamic link library to obtain a resource file of the application program; the target resource file is one or more resource files contained in the resource file ciphertext;
and returning the resource file to the reading function so as to read the target resource file.
7. The resource reading method according to claim 6, further comprising:
under the condition that the resource file is read by utilizing the preset reading function, determining the read resource file as a target resource file based on first identification information in the dynamic link library; wherein the first identification information indicates that the resource file is an encrypted file.
8. The method according to claim 7, wherein the determining that the read resource file is a target resource file based on the first identification information in the dynamic link library comprises:
calculating second identification information of the resource file;
and under the condition that the second identification information is matched with the first identification information, determining the resource file as a target resource file.
9. An apparatus for resource protection of an application, comprising:
the encryption module is configured to encrypt the resource file of the application program to obtain a resource file ciphertext;
the system comprises a first generation module, a second generation module and a third generation module, wherein the first generation module is configured to generate a dynamic link library of an application program, and the dynamic link library comprises a hook program, a decryption code and a decryption key; the hook program is used for monitoring a preset reading function and instructing to execute the decryption code, and the reading function can be used for reading the resource file; the decryption code and the decryption key are used for decrypting the resource file ciphertext;
a second generation module configured to generate a first release file, the first release file including a first code file of the application program, the resource file ciphertext, and the dynamic link library; wherein the first code file includes calling code for calling the dynamic link library at a program entry of the application program; the first publishing file is used for publishing the application program.
10. An apparatus for reading resources of an application, comprising:
a calling module configured to call a dynamic link library based on a calling code at a program entry of an application program when a first code file of the application program is run;
the execution module is configured to execute the hook program in the dynamic link library so as to monitor a preset reading function;
the decryption module is configured to decrypt the target resource file based on a decryption code and a decryption key in the dynamic link library to obtain the resource file of the application program under the condition that the target resource file is monitored to be read by using the preset reading function; the target resource file is one or more resource files contained in the resource file ciphertext;
and the return module is configured to return the resource file to the reading function so as to read the target resource file.
11. An electronic device, comprising:
a memory configured to store computer instructions;
a processor configured to execute the computer instructions to implement the method of any one of claims 1 to 5 or 6 to 8.
12. A computer-readable storage medium, storing a computer program, which, when executed by a processor, causes the processor to carry out the method of any one of claims 1 to 5 or 6 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111624254.7A CN114297589A (en) | 2021-12-28 | 2021-12-28 | Resource protection method and device and resource reading method and device for application program |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111624254.7A CN114297589A (en) | 2021-12-28 | 2021-12-28 | Resource protection method and device and resource reading method and device for application program |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114297589A true CN114297589A (en) | 2022-04-08 |
Family
ID=80971256
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111624254.7A Pending CN114297589A (en) | 2021-12-28 | 2021-12-28 | Resource protection method and device and resource reading method and device for application program |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114297589A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106293852A (en) * | 2016-08-19 | 2017-01-04 | 北京奇虎科技有限公司 | A kind of method and apparatus of the resource file reinforcing installation kit |
| CN106295255A (en) * | 2015-05-27 | 2017-01-04 | 腾讯科技(深圳)有限公司 | The reinforcement means of application program and device |
| CN106709282A (en) * | 2016-06-28 | 2017-05-24 | 腾讯科技(深圳)有限公司 | Resource file decryption method and device |
| CN106708571A (en) * | 2016-12-13 | 2017-05-24 | 北京奇虎科技有限公司 | Resource file loading method and device and source file reinforcing method and device |
| CN109871704A (en) * | 2019-03-19 | 2019-06-11 | 北京智游网安科技有限公司 | Android resource file means of defence, equipment and storage medium based on Hook |
| CN112417484A (en) * | 2020-11-26 | 2021-02-26 | 江苏通付盾信息安全技术有限公司 | Resource file protection method and device, computer equipment and storage medium |
-
2021
- 2021-12-28 CN CN202111624254.7A patent/CN114297589A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106295255A (en) * | 2015-05-27 | 2017-01-04 | 腾讯科技(深圳)有限公司 | The reinforcement means of application program and device |
| CN106709282A (en) * | 2016-06-28 | 2017-05-24 | 腾讯科技(深圳)有限公司 | Resource file decryption method and device |
| CN106293852A (en) * | 2016-08-19 | 2017-01-04 | 北京奇虎科技有限公司 | A kind of method and apparatus of the resource file reinforcing installation kit |
| CN106708571A (en) * | 2016-12-13 | 2017-05-24 | 北京奇虎科技有限公司 | Resource file loading method and device and source file reinforcing method and device |
| CN109871704A (en) * | 2019-03-19 | 2019-06-11 | 北京智游网安科技有限公司 | Android resource file means of defence, equipment and storage medium based on Hook |
| CN112417484A (en) * | 2020-11-26 | 2021-02-26 | 江苏通付盾信息安全技术有限公司 | Resource file protection method and device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108664773B (en) | Method and device for protecting Java source code | |
| EP3387813B1 (en) | Mobile device having trusted execution environment | |
| KR101328012B1 (en) | Apparatus for tamper protection of application code and method thereof | |
| US9443064B2 (en) | Protecting method and system of java source code | |
| JP5996810B2 (en) | Self-rewriting platform application code obfuscation device and method | |
| CN109784007B (en) | Byte code encryption method, byte code decryption method and terminal | |
| US20150095653A1 (en) | Method and apparatus of creating application package, method and apparatus of executing application package, and recording medium storing application package | |
| CN108363580A (en) | Application program installation method, device, computer equipment and storage medium | |
| CN111656345B (en) | Software module enabling encryption in container files | |
| CN107430650B (en) | Securing computer programs against reverse engineering | |
| CN113010856A (en) | Dynamic asymmetric encryption and decryption JavaScript code obfuscation method and system | |
| CN108134673A (en) | A kind of method and device for generating whitepack library file | |
| CN111159658B (en) | Byte code processing method, system, device, computer equipment and storage medium | |
| CN107423583B (en) | A kind of software protecting device remapping method and device | |
| CN112966227A (en) | Code encryption and decryption method and device and storage medium | |
| US11106828B2 (en) | Method and apparatus for providing a cryptographic security function for the operation of a device | |
| CN112966229A (en) | Method and device for safely operating SDK | |
| CN111078224A (en) | Software package file data processing method and device, computer equipment and storage medium | |
| CN114297589A (en) | Resource protection method and device and resource reading method and device for application program | |
| US20190199694A1 (en) | Individual encryption of control commands | |
| US11061998B2 (en) | Apparatus and method for providing security and apparatus and method for executing security to protect code of shared object | |
| US20230058046A1 (en) | Apparatus and Method for Protecting Shared Objects | |
| CN115994370B (en) | Software encryption processing method, device, equipment and medium | |
| CN114896621B (en) | Application service acquisition method, encryption method, device and computer equipment | |
| US11977760B1 (en) | Secure data and instruction loading |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |