CN116257867A - Secret key encryption method and device - Google Patents
Secret key encryption method and device Download PDFInfo
- Publication number
- CN116257867A CN116257867A CN202310103575.5A CN202310103575A CN116257867A CN 116257867 A CN116257867 A CN 116257867A CN 202310103575 A CN202310103575 A CN 202310103575A CN 116257867 A CN116257867 A CN 116257867A
- Authority
- CN
- China
- Prior art keywords
- key
- encrypted
- wasm
- file
- wasm file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/41—Compilation
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a secret key encryption method and a secret key encryption device, wherein the method comprises the following steps: determining a key to be encrypted; writing the key to be encrypted into a compiled code; and packaging the compiled codes to obtain the wasm file. According to the key encryption method and device, the key to be encrypted is written into the compiled code, and the compiled code is packaged to obtain the wasm file, so that the key encryption and the key hiding are realized, and the safety problem caused by key leakage is avoided because the wasm file is difficult to decompil.
Description
Technical Field
The present invention relates to the field of data encryption technologies, and in particular, to a key encryption method and device.
Background
At present, when the web end uses SM2 or SM4 for encryption, the secret key is usually stored in JS, but the secret key is easy to be found by a developer tool, so that the secret key is revealed, and a series of security problems are brought.
Disclosure of Invention
The invention provides a key encryption method and device, which are used for solving the defect that a key is easy to leak in the prior art.
The invention provides a secret key encryption method, which comprises the following steps:
determining a key to be encrypted;
writing the key to be encrypted into a compiling code;
and packaging the compiled codes to obtain the wasm file.
According to the key encryption method provided by the invention, the key to be encrypted is written into a compiled code, and the key encryption method comprises the following steps:
and adopting Go language or C language to code the key to be encrypted to obtain the compiling code.
According to the key encryption method provided by the invention, the packaging of the compiled code to obtain the wasm file comprises the following steps:
based on TinyGo and compression parameters, compressing and packaging the compiled codes to obtain the wasm file; the compression parameters are determined based on a core dependency library, the core dependency library is selected from a plurality of dependency libraries associated with the wasm file, and the association degree of the core dependency library and the wasm file is larger than a preset value.
According to the key encryption method provided by the invention, the wasm file is obtained by calling an interface for JS.
According to the key encryption method provided by the invention, after the JS obtains the wasm file, the wasm file is loaded through a preset loading method so as to obtain the key to be encrypted, and the preset loading method is preset in the JS.
According to the key encryption method provided by the invention, the key to be encrypted is generated by adopting an SM2 algorithm or an SM4 algorithm.
The invention also provides a key encryption device, comprising:
a determining unit configured to determine a key to be encrypted;
the compiling unit is used for compiling the key to be encrypted into a compiling code;
and the packaging unit is used for packaging the compiled codes to obtain the wasm file.
The invention also provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing any one of the key encryption methods described above when executing the program.
The present invention also provides a non-transitory computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a key encryption method as described in any of the above.
The invention also provides a computer program product comprising a computer program which when executed by a processor implements a key encryption method as described in any one of the above.
According to the key encryption method and device, the key to be encrypted is written into the compiled code, and the compiled code is packaged to obtain the wasm file, so that the key encryption and the key hiding are realized, and the safety problem caused by key leakage is avoided because the wasm file is difficult to decompil.
Drawings
In order to more clearly illustrate the invention or the technical solutions of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a key encryption method provided by the invention;
FIG. 2 is a schematic diagram of a key encryption device according to the present invention;
fig. 3 is a schematic structural diagram of an electronic device provided by the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
At present, when the web end uses SM2 or SM4 for encryption, the secret key is usually stored in JS, but the secret key is easy to be found by a developer tool, so that the secret key is revealed, and a series of security problems are brought.
In this regard, the present invention provides a key encryption method. Fig. 1 is a flow chart of a key encryption method provided by the invention, as shown in fig. 1, the method comprises the following steps:
Here, the key to be encrypted is the key that needs to be encrypted, that is, the key that has a risk of disclosure. Alternatively, the key to be encrypted may be a public key encrypted with SM2 or SM 4.
Specifically, the compiled code refers to a code obtained by writing a key to be encrypted in a form of a compiled language. Optionally, the key to be encrypted may be written in Go language or C language, so as to obtain a corresponding compiled code. Among them, the Go language has the following advantages: the code can be directly compiled into machine codes without depending on other libraries; static type languages, but have the feeling of dynamic languages, the writing efficiency is very high; concurrency of language level support; built-in runtimes support garbage collection; the method is simple and easy to learn; a large number of libraries are built in, and particularly, the network library is very powerful; a powerful tool is built in; compiling in a cross-platform manner; embedded C support, existing rich C libraries can be utilized.
And 130, packaging the compiled codes to obtain the wasm file.
Here, wasm, webAssembly, is a new encoding format and can be run in a browser, and wasm may coexist with JavaScript (JS for short). wasm is an efficient, low-level programming language. It allows us to write programs in languages other than JS (e.g., C, c++, rust, or others) and then compile them into wasm, thereby creating a very fast-loading and executing Web application. They are compiled into a browser and run on the CPU at speeds approaching native speeds. These codes are in the form of binary files, which can be used directly as modules in JS. In addition, the wasm has the characteristics of high operation efficiency, safe memory, no undefined behavior, independent platform and the like, and is difficult to decompil.
After the key to be encrypted is written, the compiled code obtained after the writing is packed to obtain a binary wasm file, and the wasm file is difficult to decompil, so that message encryption and key hiding are realized, and the safety problem caused by key leakage is avoided.
According to the key encryption method provided by the embodiment of the invention, the key to be encrypted is written into the compiled code, and the compiled code is packed to obtain the wasm file, so that the key encryption and the key hiding are realized, and the safety problem caused by key leakage is avoided because the wasm file is difficult to decompil.
Based on the above embodiment, writing the key to be encrypted as compiled code includes:
and adopting the Go language or the C language to code the key to be encrypted to obtain a compiled code.
Specifically, go (also called Golang) is a statically strong type, compiled, concurrent programming language developed by Google, and has garbage collection function. The grammar of the Go language is close to the C language but the declarations for the variables are different. The Go language supports garbage collection functions. The parallel model of Go language is based on the Communication Sequence Progression (CSP) of tony hall, with other languages like models including Occam and Limbo, but it also has the characteristics of Pi operations such as channel transmission.
The C language is a procedural oriented computer programming language, as opposed to the C++, C#, java, etc., object oriented programming languages. The design goal of the C language is to provide a programming language that can be compiled, processed low-level memory in a simple manner, produce only a small amount of machine code, and run without any running environment support. The problem of C language description is faster than that of assembly language, the workload is small, the readability is good, the debugging, the modification and the transplanting are easy, and the code quality is equivalent to that of the assembly language.
Compared with the C language, the Go language has garbage recovery, the memory leakage problem cannot be caused, the grammar of the Go language is concise and graceful, the same C++100 lines of codes Go language can be achieved in about 50 lines, and the Go language aims to do C++ can do things. The parallel mechanism of the Go language is not a general thread, and is realized through channels and golutenes, which are lighter than threads, so the Go language is suitable for a high-concurrency server side. The Go language is a system-level language, which is equivalent to the C language, java c# is a relatively high-level language, which is not very efficient, is actually higher at present, and does not need external dependence.
After coding the key to be encrypted by adopting the Go language or the C language to obtain the compiled code, packaging the compiled code to obtain the binary wasm file, and realizing message encryption and key hiding due to the fact that the wasm file is difficult to decompile, so that the safety problem caused by key leakage is avoided.
Therefore, according to the embodiment of the invention, the Go language or the C language is adopted to write the code of the key to be encrypted to obtain the compiled code, so that the compiled code can be packaged into the binary wasm file, and the message encryption and the key hiding are realized because the wasm file is difficult to decompil, and the safety problem caused by key leakage is avoided.
Based on any of the above embodiments, packaging the compiled code to obtain a wasm file, including:
based on TinyGo and compression parameters, compressing and packaging the compiled codes to obtain a wasm file; the compression parameters are determined based on a core dependency library, wherein the core dependency library is selected from a plurality of dependency libraries associated with the wasm file, and the association degree of the core dependency library and the wasm file is larger than a preset value.
Specifically, if the compiled code is not compressed and packaged, the original wasm file will be larger, resulting in slower browser downloading speed. In contrast, the embodiment of the invention compresses and packages the compiled code to obtain the smaller wasm file, so that the browser can download at a higher speed.
In addition, tinyGo is a Go compiler intended for use in micro-controllers, wasm and command line tools, among other small scenarios. It reuses libraries used with the Go language tool and LLVM to provide another way to compile programs written in the Go programming language. TinyGo can be used on web assembly in addition to MCU, and the file generated by TinyGo is very much smaller than that of Go official version. For a simple hello world, tinyGo requires only one hundred KB, while the Go official version requires 2MB, i.e. file compression can be further performed based on TinyGo, so that the generated wasm is smaller, thereby enabling the browser to download the wasm file at a faster speed.
Further, the compression parameters are determined based on a core dependency library, wherein the core dependency library is selected from a plurality of dependency libraries associated with the wasm file, namely, the higher the association degree of the dependency library with the wasm file is, the higher the dependency degree of the wasm file on the dependency library is, the lower the association degree of the dependency library with the wasm file is, and the lower the dependency degree of the wasm file on the dependency library is. If the compression parameters are determined based on all the dependent libraries, the compression parameters are more, and therefore the compressed wasm file is larger. In this regard, in the embodiment of the invention, the dependency library with the association degree with the wasm file being greater than the preset value is used as the core dependency library, and the compression parameters are determined based on the core dependency library, so that the condition that the wasm file obtained by compression is too large due to the fact that the compression parameters are determined based on all the dependency libraries can be avoided, and the core information of the wasm file is stored in the core dependency library, so that the fact that the core information of the wasm file is reserved in the wasm file obtained by compression can be ensured.
Therefore, the embodiment of the invention compresses and packages the compiled codes based on TinyGo and compression parameters, so that the obtained wasm file is smaller, and the browser can download the wasm file at a higher speed.
Based on any of the above embodiments, the wasm file is fetched for JS by calling an interface.
Specifically, the JS can call and acquire the wasm file through the call interface, and the wasm file can only be acquired through the call interface, namely the difficulty in acquiring the wasm file is improved, so that the safety of the wasm file can be ensured, the wasm file is not acquired by an illegal user, the difficulty in acquiring a secret key is further improved, and the safety of the secret key is ensured.
The call interface may be an API interface, which is a predefined function (Application Programming Interface ) that is designed to provide the application and developer the ability to access a set of routines based on certain software or hardware without having to access source code or understand the details of the internal operating mechanism. An API interface is a set of definitions, programs, and protocols through which computer software communicates with each other. One of the main functions of the API is to provide a generic set of functions. The programmer can lighten the programming task by calling the API function to develop the application program. The API is also a middleware for providing data sharing for various platforms.
API interfaces can be divided into four types based on the performance of data sharing between different software applications on a single or distributed platform: remote Procedure Call (RPC): communication between programs is achieved through processes (or tasks) that act on the shared data buffer. Standard Query Language (SQL): is a standard query language for accessing data, and realizes data sharing among application programs through a database. File transfer: file transfer enables data sharing among applications by sending formatted files. And (3) information delivery: refers to small format information between loosely coupled or tightly coupled application programs, and realizes data sharing through direct communication between the programs.
Current standards for APIs include ANSI standard SQL APIs. There are also some criteria that are applied to other types of standards that are still in the preparation. APIs can be applied to all computer platforms and operating systems. These APIs connect data in different formats (e.g., shared data buffers, database structures, file frames). Each data format requires that the correct data communication be achieved with different data commands and parameters, but at the same time different types of errors may be generated. Thus, in addition to having the knowledge required to perform the data sharing task, these types of APIs must address many network parameter issues and possible error conditions, i.e., each application must know whether it has strong performance to support inter-program communications itself. Instead, since such an API handles only one information format, the information delivery API in this case only provides a small subset of commands, network parameters, and error conditions. Because of this, the delivery API approach greatly reduces system complexity, and therefore, when an application needs to share data across multiple platforms, it is a desirable choice to employ an information delivery API type.
Therefore, the JS in the embodiment of the invention acquires the wasm file through the calling interface, so that the difficulty in acquiring the wasm file is improved, the safety of the wasm file can be ensured, the wasm file is not acquired by an illegal user, the difficulty in acquiring the secret key is further improved, and the safety of the secret key is ensured.
Based on any of the above embodiments, after the JS obtains the wasm file, the wasm file is loaded by a preset loading method, so as to obtain the key to be encrypted, where the preset loading method is preset in the JS.
Specifically, after the JS obtains the wasm file through the call interface, the wasm file may be loaded by a preset loading method, so as to obtain the key to be encrypted. Because the preset loading method is preset in the JS, other users cannot acquire the preset loading method, so that even if other users acquire the wasm file, the information in the wasm file cannot be acquired under the condition that the preset loading method is not acquired, namely the key to be encrypted cannot be acquired, and the security of the key to be encrypted can be ensured.
Alternatively, JS may load the wasm file through wasm_exec.js to obtain the key to be encrypted in the wasm file.
Therefore, the JS loads the wasm file through the preset loading method to obtain the key to be encrypted, and other users cannot acquire the key to be encrypted in the wasm file because the preset loading method cannot acquire the key to be encrypted, so that the security of the key to be encrypted in the wasm file can be further ensured.
Based on any of the above embodiments, the key to be encrypted is generated using an SM2 algorithm or an SM4 algorithm.
Here, the SM2 algorithm is an elliptic curve public key cryptographic algorithm, the SM2 algorithm and the RSA algorithm are both public key cryptographic algorithms, and the SM2 algorithm is a more advanced and secure algorithm, and is used to replace the RSA algorithm in a commercial cryptosystem. The SM2 algorithm is asymmetric encryption, based on ECC. Because the algorithm is based on ECC, the signature speed and the key generation speed are faster than RSA. The security strength of the ECC 256 bits (SM 2 is one of the 256 bits of the ECC) is higher than that of RSA2048 bits, but the operation speed is faster than that of RSA.
The related standard of the SM4 algorithm is 'GM/T0002-2012' SM4 block cipher algorithm '(original SMS4 block cipher algorithm'). In a commercial cryptosystem, SM4 is mainly used for data encryption, an algorithm of the SM4 discloses that the packet length and the key length are 128 bits, the encryption algorithm and the key expansion algorithm both adopt a 32-round nonlinear iteration structure, and an S box is fixed 8-bit input and 8-bit output. The SM4 algorithm is a packet data algorithm of a wireless local area network standard, is symmetrically encrypted, and has a key length and a packet length of 128 bits. The algorithm has a packet length of 128 bits and a key length of 128 bits. The encryption algorithm and the key expansion algorithm both adopt a 32-round nonlinear iterative structure. The decryption algorithm is the same as the encryption algorithm except that the round keys are used in reverse order, and the decryption round keys are in reverse order of the encryption round keys.
The key encryption device provided by the invention is described below, and the key encryption device described below and the key encryption method described above can be referred to correspondingly.
Based on any of the above embodiments, as shown in fig. 2, the present invention provides a key encryption device, which includes:
a determining unit 210, configured to determine a key to be encrypted;
a compiling unit 220, configured to compile the key to be encrypted into a compiled code;
and a packing unit 230, configured to package the compiled code to obtain a wasm file.
Here, the key to be encrypted is the key that needs to be encrypted, that is, the key that has a risk of disclosure. Alternatively, the key to be encrypted may be a public key encrypted with SM2 or SM 4.
The compiled code refers to a code obtained by writing a key to be encrypted in a compiling language. Optionally, the key to be encrypted may be written in Go language or C language, so as to obtain a corresponding compiled code. Among them, the Go language has the following advantages: the code can be directly compiled into machine codes without depending on other libraries; static type languages, but have the feeling of dynamic languages, the writing efficiency is very high; concurrency of language level support; built-in runtimes support garbage collection; the method is simple and easy to learn; a large number of libraries are built in, and particularly, the network library is very powerful; a powerful tool is built in; compiling in a cross-platform manner; embedded C support, existing rich C libraries can be utilized.
In addition, wasm, webAssembly, is a new encoding format and can be run in a browser, and wasm can coexist with JavaScript (JS for short). wasm is an efficient, low-level programming language. It allows us to write programs in languages other than JS (e.g., C, c++, rust, or others) and then compile them into wasm, thereby creating a very fast-loading and executing Web application. They are compiled into a browser and run on the CPU at speeds approaching native speeds. These codes are in the form of binary files, which can be used directly as modules in JS. In addition, the wasm has the characteristics of high operation efficiency, safe memory, no undefined behavior, independent platform and the like, and is difficult to decompil.
After the key to be encrypted is written, the compiled code obtained after the writing is packed to obtain a binary wasm file, and the wasm file is difficult to decompil, so that message encryption and key hiding are realized, and the safety problem caused by key leakage is avoided.
According to the key encryption device provided by the embodiment of the invention, the key to be encrypted is written into the compiled code, and the compiled code is packed to obtain the wasm file, so that the key encryption and the key hiding are realized, and the safety problem caused by key leakage is avoided because the wasm file is difficult to decompil.
Based on any of the above embodiments, writing the key to be encrypted as compiled code includes:
and adopting Go language or C language to code the key to be encrypted to obtain the compiling code.
Specifically, compared with the C language, the Go language has garbage recovery, the memory leakage problem cannot be caused, the grammar of the Go language is concise and graceful, the same C++100 lines of codes Go language can be achieved in about 50 lines, and the Go language aims to do the C++ can do things. The parallel mechanism of the Go language is not a general thread, and is realized through channels and golutenes, which are lighter than threads, so the Go language is suitable for a high-concurrency server side. The Go language is a system level language, corresponding to the C language, and java c# is a higher level language.
After coding the key to be encrypted by adopting the Go language or the C language to obtain the compiled code, packaging the compiled code to obtain the binary wasm file, and realizing message encryption and key hiding due to the fact that the wasm file is difficult to decompile, so that the safety problem caused by key leakage is avoided.
Based on any of the foregoing embodiments, the packaging the compiled code to obtain a wasm file includes:
based on TinyGo and compression parameters, compressing and packaging the compiled codes to obtain the wasm file; the compression parameters are determined based on a core dependency library, the core dependency library is selected from a plurality of dependency libraries associated with the wasm file, and the association degree of the core dependency library and the wasm file is larger than a preset value.
Specifically, if the compiled code is not compressed and packaged, the original wasm file will be larger, resulting in slower browser downloading speed. In contrast, the embodiment of the invention compresses and packages the compiled code to obtain the smaller wasm file, so that the browser can download at a higher speed.
Wherein the file generated by TinyGo is much smaller than the official version of Go. For a simple hello world, tinyGo requires only one hundred KB, while the Go official version requires 2MB, i.e. file compression can be further performed based on TinyGo, so that the generated wasm is smaller, thereby enabling the browser to download the wasm file at a faster speed.
Further, the compression parameters are determined based on a core dependency library, wherein the core dependency library is selected from a plurality of dependency libraries associated with the wasm file, namely, the higher the association degree of the dependency library with the wasm file is, the higher the dependency degree of the wasm file on the dependency library is, the lower the association degree of the dependency library with the wasm file is, and the lower the dependency degree of the wasm file on the dependency library is. If the compression parameters are determined based on all the dependent libraries, the compression parameters are more, and therefore the compressed wasm file is larger. In this regard, in the embodiment of the invention, the dependency library with the association degree with the wasm file being greater than the preset value is used as the core dependency library, and the compression parameters are determined based on the core dependency library, so that the condition that the wasm file obtained by compression is too large due to the fact that the compression parameters are determined based on all the dependency libraries can be avoided, and the core information of the wasm file is stored in the core dependency library, so that the fact that the core information of the wasm file is reserved in the wasm file obtained by compression can be ensured.
Therefore, the embodiment of the invention compresses and packages the compiled codes based on TinyGo and compression parameters, so that the obtained wasm file is smaller, and the browser can download the wasm file at a higher speed.
Based on any of the above embodiments, the wasm file is obtained by calling an interface for JS.
Specifically, the JS can call and acquire the wasm file through the call interface, and the wasm file can only be acquired through the call interface, namely the difficulty in acquiring the wasm file is improved, so that the safety of the wasm file can be ensured, the wasm file is not acquired by an illegal user, the difficulty in acquiring a secret key is further improved, and the safety of the secret key is ensured.
Therefore, the JS in the embodiment of the invention acquires the wasm file through the calling interface, so that the difficulty in acquiring the wasm file is improved, the safety of the wasm file can be ensured, the wasm file is not acquired by an illegal user, the difficulty in acquiring the secret key is further improved, and the safety of the secret key is ensured.
Based on any one of the above embodiments, after the JS obtains the wasm file, the wasm file is loaded by a preset loading method to obtain the key to be encrypted, where the preset loading method is preset in the JS.
Specifically, after the JS obtains the wasm file through the call interface, the wasm file may be loaded by a preset loading method, so as to obtain the key to be encrypted. Because the preset loading method is preset in the JS, other users cannot acquire the preset loading method, so that even if other users acquire the wasm file, the information in the wasm file cannot be acquired under the condition that the preset loading method is not acquired, namely the key to be encrypted cannot be acquired, and the security of the key to be encrypted can be ensured.
Alternatively, JS may load the wasm file through wasm_exec.js to obtain the key to be encrypted in the wasm file.
Based on any of the above embodiments, the key to be encrypted is generated using an SM2 algorithm or an SM4 algorithm.
Based on any one of the embodiments, the invention further provides a key encryption system, which comprises an encryption and decryption module and a JS call module. The encryption and decryption module is used for compiling the key to be encrypted by using the GO language, and packaging the compiled key to be encrypted into a wasm file, so that decompilation is difficult, and only an API call interface is provided for JS. The JS call module loads the wasm file through wasm_exec.js, and calls the sm2 or sm4 encryption method in the wasm in JS to realize message encryption and realize key hiding.
Fig. 3 is a schematic structural diagram of an electronic device provided by the present invention, and as shown in fig. 3, the electronic device may include: processor 310, memory 320, communication interface 330 and communication bus 340, wherein processor 310, memory 320, communication interface 330 accomplish communication with each other through communication bus 340. The processor 310 may invoke logic instructions in the memory 320 to perform a key encryption method comprising: determining a key to be encrypted; writing the key to be encrypted into a compiling code; and packaging the compiled codes to obtain the wasm file.
Further, the logic instructions in the memory 320 described above may be implemented in the form of software functional units and may be stored in a computer readable storage medium when sold or used as a stand alone product. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-only memory (ROM), a random access memory (RAM, randomAccessMemory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
In another aspect, the present invention also provides a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the key encryption method provided by the above methods, the method comprising: determining a key to be encrypted; writing the key to be encrypted into a compiling code; and packaging the compiled codes to obtain the wasm file.
In yet another aspect, the present invention also provides a non-transitory computer readable storage medium having stored thereon a computer program which, when executed by a processor, is implemented to perform the above-provided key encryption methods, the method comprising: determining a key to be encrypted; writing the key to be encrypted into a compiling code; and packaging the compiled codes to obtain the wasm file.
The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on this understanding, the foregoing technical solution may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective embodiments or some parts of the embodiments.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims (10)
1. A key encryption method, comprising:
determining a key to be encrypted;
writing the key to be encrypted into a compiling code;
and packaging the compiled codes to obtain the wasm file.
2. The key encryption method according to claim 1, wherein the writing the key to be encrypted as a compiled code includes:
and adopting Go language or C language to code the key to be encrypted to obtain the compiling code.
3. The key encryption method according to claim 1, wherein said packaging the compiled code to obtain a wasm file includes:
based on TinyGo and compression parameters, compressing and packaging the compiled codes to obtain the wasm file; the compression parameters are determined based on a core dependency library, the core dependency library is selected from a plurality of dependency libraries associated with the wasm file, and the association degree of the core dependency library and the wasm file is larger than a preset value.
4. The key encryption method of claim 1, wherein the wasm file is retrieved via a call interface for JS.
5. The key encryption method according to claim 4, wherein after the JS obtains the wasm file, the wasm file is loaded by a preset loading method to obtain the key to be encrypted, and the preset loading method is preset in JS.
6. The key encryption method according to any one of claims 1 to 5, wherein the key to be encrypted is generated using an SM2 algorithm or an SM4 algorithm.
7. A key encryption device, comprising:
a determining unit configured to determine a key to be encrypted;
the compiling unit is used for compiling the key to be encrypted into a compiling code;
and the packaging unit is used for packaging the compiled codes to obtain the wasm file.
8. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the key encryption method of any one of claims 1 to 6 when the program is executed by the processor.
9. A non-transitory computer readable storage medium having stored thereon a computer program, which when executed by a processor implements the key encryption method according to any one of claims 1 to 6.
10. A computer program product comprising a computer program which, when executed by a processor, implements the key encryption method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310103575.5A CN116257867A (en) | 2023-02-10 | 2023-02-10 | Secret key encryption method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310103575.5A CN116257867A (en) | 2023-02-10 | 2023-02-10 | Secret key encryption method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116257867A true CN116257867A (en) | 2023-06-13 |
Family
ID=86687402
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310103575.5A Pending CN116257867A (en) | 2023-02-10 | 2023-02-10 | Secret key encryption method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116257867A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116662941A (en) * | 2023-07-31 | 2023-08-29 | 腾讯科技(深圳)有限公司 | Information encryption method, device, computer equipment and storage medium |
-
2023
- 2023-02-10 CN CN202310103575.5A patent/CN116257867A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116662941A (en) * | 2023-07-31 | 2023-08-29 | 腾讯科技(深圳)有限公司 | Information encryption method, device, computer equipment and storage medium |
| CN116662941B (en) * | 2023-07-31 | 2023-12-26 | 腾讯科技(深圳)有限公司 | Information encryption method, device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101471589B1 (en) | Method for Providing Security for Common Intermediate Language Program | |
| TWI453671B (en) | Method and apparatus for combined execution of native code and target code during program code conversion | |
| EP2962193B1 (en) | Compiler based obfuscation | |
| US8090959B2 (en) | Method and apparatus for protecting .net programs | |
| KR101490047B1 (en) | Apparatus for tamper protection of application code based on self modification and method thereof | |
| US9396313B2 (en) | Apparatus for tamper protection of application code and method thereof | |
| US8555264B2 (en) | System and method for efficient compilation and invocation of function type calls | |
| US10380329B2 (en) | Method and apparatus for preventing application from being deciphered | |
| CN104573416A (en) | Method and device for generating application installation package and executing application | |
| WO2021217980A1 (en) | Java code packing method and system | |
| JPH10301774A (en) | Method for providing software package and provider station and user station for realizing the same method and basic software package | |
| CN105022936A (en) | Class file encryption and decryption method and class file encryption and decryption device | |
| CN110598379B (en) | Method, equipment and storage medium for realizing character string confusion | |
| KR102028091B1 (en) | Apparatus and method for loading up dex file into memory | |
| CN104239757A (en) | Application program reversing-preventing method and device and operation method and terminal | |
| KR101861341B1 (en) | Deobfuscation apparatus of application code and method of deobfuscating application code using the same | |
| CN109598107A (en) | A kind of code conversion method and device based on application installation package file | |
| CN109840400B (en) | Apparatus and method for providing security and apparatus and method for performing security for universal intermediate language | |
| CN112163195A (en) | Novel virtual machine software protection method based on stack hiding | |
| CN116257867A (en) | Secret key encryption method and device | |
| CN107871066B (en) | Code compiling method and device based on android system | |
| CN110309630A (en) | A kind of Java code encryption method and device | |
| CN113626773B (en) | Code protection method based on intermediate language | |
| KR101667774B1 (en) | Apparatus and Method of Providing Security for Script Program | |
| CN112882690A (en) | Application development method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |