CN117556392A - Code confusion method, device, equipment, storage medium and product - Google Patents
Code confusion method, device, equipment, storage medium and product Download PDFInfo
- Publication number
- CN117556392A CN117556392A CN202210928578.8A CN202210928578A CN117556392A CN 117556392 A CN117556392 A CN 117556392A CN 202210928578 A CN202210928578 A CN 202210928578A CN 117556392 A CN117556392 A CN 117556392A
- Authority
- CN
- China
- Prior art keywords
- code
- information
- environment variable
- file
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 123
- 238000003860 storage Methods 0.000 title claims abstract description 64
- 238000012545 processing Methods 0.000 claims abstract description 60
- 238000006243 chemical reaction Methods 0.000 claims abstract description 43
- 238000004806 packaging method and process Methods 0.000 claims abstract description 16
- 230000006870 function Effects 0.000 claims description 55
- 230000008569 process Effects 0.000 claims description 21
- 238000013507 mapping Methods 0.000 claims description 8
- 238000004590 computer program Methods 0.000 claims description 7
- 230000004048 modification Effects 0.000 claims description 6
- 238000012986 modification Methods 0.000 claims description 6
- 230000001131 transforming effect Effects 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 description 14
- 238000010586 diagram Methods 0.000 description 10
- 238000011161 development Methods 0.000 description 7
- 230000002093 peripheral effect Effects 0.000 description 6
- 238000013478 data encryption standard Methods 0.000 description 5
- 238000001914 filtration Methods 0.000 description 5
- 238000004422 calculation algorithm Methods 0.000 description 4
- 238000013515 script Methods 0.000 description 4
- 238000013473 artificial intelligence Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 3
- 238000000605 extraction Methods 0.000 description 3
- 239000003607 modifier Substances 0.000 description 3
- 230000011514 reflex Effects 0.000 description 3
- 230000003190 augmentative effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000009877 rendering Methods 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 239000000243 solution Substances 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000033228 biological regulation Effects 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000007599 discharging Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 238000002156 mixing Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 230000010287 polarization Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 239000011800 void material Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The application discloses a code confusion method, a code confusion device, code confusion equipment, a code confusion storage medium and a code confusion product, and belongs to the technical field of computers. The method comprises the following steps: acquiring a source code file to be processed; extracting the program source code based on environment variables to generate a temporary file; performing type conversion processing on the environment variable information to obtain converted environment variable information; generating a calling relation storage file based on the converted environment variable information; and carrying out code confusion packaging processing based on the program source code, the converted environment variable information and at least one code calling node to obtain a software development kit after confusion. According to the technical scheme provided by the embodiment of the application, the environment variables in the program source code are subjected to type conversion, the code calling nodes capable of representing the calling environment variables in the program source code can be determined according to the converted environment variable information, code confusion is realized, and further the confused SDK is packed and generated, so that the running error rate of the confused SDK is effectively reduced.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, a storage medium, and a product for code confusion.
Background
A software development kit (Software Development Kit, SDK) is a collection of development tools used by software engineers to create application software for a particular software package, software framework, hardware platform, operating system, etc., and an access party corresponding to the SDK typically confuses the SDK developer with code in order to ensure security of access to the SDK.
In the related art, the SDK confusion modifies member variables, function names or class file names in the source codes into random character strings or wild cards, and generates the confused codes by global replacement in a script mode, and then the confused codes are packaged into the SDK to an access party.
The SDK generated by packaging in the related technology can generate code calling errors in the calling process, and the running error rate is high.
Disclosure of Invention
The embodiment of the application provides a code confusion method, a device, equipment, a storage medium and a product, which can reduce the code calling error quantity generated in the calling process of the confused SDK and reduce the operation error rate of the confused SDK.
According to an aspect of the embodiments of the present application, there is provided a code obfuscation method, including:
acquiring a source code file to be processed, wherein the source code file to be processed comprises a program source code;
Extracting the program source code based on environment variables to generate a temporary file, wherein the temporary file comprises environment variable information in the program source code;
performing type conversion processing on the environment variable information to obtain converted environment variable information;
generating a calling relation storage file based on the converted environment variable information, wherein the calling relation storage file comprises at least one code calling node corresponding to the environment variable information, and each code calling node represents one-time code calling of the environment variable corresponding to the code calling node in the program source code;
and carrying out code confusion packaging processing on the basis of the program source code, the converted environment variable information and the at least one code call node to obtain a confused software development kit.
According to an aspect of embodiments of the present application, there is provided a code obfuscation apparatus, including:
the source code file acquisition module is used for acquiring a source code file to be processed, wherein the source code file to be processed comprises a program source code;
the temporary file generation module is used for extracting the program source codes based on environment variables to generate temporary files, wherein the temporary files comprise environment variable information in the program source codes;
The environment variable conversion module is used for performing type conversion processing on the environment variable information to obtain converted environment variable information;
the calling relation storage module is used for generating a calling relation storage file based on the converted environment variable information, the calling relation storage file comprises at least one code calling node corresponding to the environment variable information, and each code calling node represents one-time code calling of the environment variable corresponding to the code calling node in the program source code;
and the tool kit generating module is used for carrying out code confusion packaging processing based on the program source code, the converted environment variable information and the at least one code calling node to obtain a software development tool kit after confusion.
According to an aspect of embodiments of the present application, there is provided a computer apparatus including a processor and a memory, where at least one instruction, at least one program, a code set, or an instruction set is stored, where the at least one instruction, the at least one program, the code set, or the instruction set is loaded and executed by the processor to implement the above-mentioned code obfuscation method.
According to one aspect of embodiments of the present application, there is provided a computer-readable storage medium having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, the at least one instruction, the at least one program, the set of codes, or the set of instructions being loaded and executed by a processor to implement the code obfuscation method described above.
According to one aspect of embodiments of the present application, there is provided a computer program product comprising computer instructions stored in a computer readable storage medium. A processor of a computer device reads the computer instructions from a computer-readable storage medium, the processor executing the computer instructions, causing the computer device to execute to implement the code obfuscation method described above.
The technical scheme provided by the embodiment of the application can bring the following beneficial effects:
by extracting the environment variables from the program source code, the environment variables in the program source code can be stored in a temporary file, the type conversion processing is carried out on the environment variables, and then the code call nodes corresponding to the program source code are determined according to the converted environment variable information, each code call node can represent one-time code call of the corresponding environment variables in the program source code, code confusion is realized, the program source code, the converted environment variable information and the code call nodes are packaged, the confused SDK can be generated, the code call of the corresponding environment variables is represented by the code call nodes in the confused SDK, the code call error quantity of the confused SDK in the call process is effectively reduced, and the running error rate of the confused SDK is reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of an application execution environment provided by one embodiment of the present application;
FIG. 2 is a flow chart diagram of a method for code obfuscation provided by an embodiment of the present application;
FIG. 3 is a second flowchart of a code obfuscation method provided by an embodiment of the present application;
FIG. 4 is a flowchart III of a code obfuscation method provided by an embodiment of the present application;
FIG. 5 illustrates a technical architecture diagram for generating a obfuscated SDK;
FIG. 6 illustrates a flow diagram for generating a obfuscated SDK;
FIG. 7 is a block diagram of a code obfuscation apparatus provided by an embodiment of the present application;
fig. 8 is a block diagram of a computer device according to an embodiment of the present application.
Detailed Description
The code obfuscation method provided in the embodiments of the present application relates to cloud technology, and is briefly described below to facilitate understanding by those skilled in the art.
Cloud technology (Cloud technology) refers to a hosting technology for integrating hardware, software, network and other series resources in a wide area network or a local area network to realize calculation, storage, processing and sharing of data.
The cloud technology is based on the general names of network technology, information technology, integration technology, management platform technology, application technology and the like applied by the cloud computing business mode, can form a resource pool, and is flexible and convenient as required. Cloud computing technology will become an important support. Background services of technical networking systems require a large amount of computing, storage resources, such as video websites, picture-like websites, and more portals. Along with the high development and application of the internet industry, each article possibly has an own identification mark in the future, the identification mark needs to be transmitted to a background system for logic processing, data with different levels can be processed separately, and various industry data needs strong system rear shield support and can be realized only through cloud computing.
Cloud computing (clouding) is a computing model that distributes computing tasks across a large pool of computers, enabling various application systems to acquire computing power, storage space, and information services as needed. The network that provides the resources is referred to as the "cloud". Resources in the cloud are infinitely expandable in the sense of users, and can be acquired at any time, used as needed, expanded at any time and paid for use as needed.
As a basic capability provider of cloud computing, a cloud computing resource pool (cloud platform for short, generally referred to as IaaS (Infrastructure as a Service, infrastructure as a service) platform) is established, in which multiple types of virtual resources are deployed for external clients to select for use.
According to the logic function division, a PaaS (Platform as a Service ) layer can be deployed on an IaaS (Infrastructure as a Service ) layer, and a SaaS (Software as a Service, software as a service) layer can be deployed above the PaaS layer, or the SaaS can be directly deployed on the IaaS. PaaS is a platform on which software runs, such as a database, web container, etc. SaaS is a wide variety of business software such as web portals, sms mass senders, etc. Generally, saaS and PaaS are upper layers relative to IaaS.
For the purpose of making the objects, technical solutions and advantages of the present application more apparent, the embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
Referring to fig. 1, a schematic diagram of an application running environment provided in one embodiment of the present application is shown. The application execution environment may include: a terminal 10 and a server 20.
The terminal 10 includes, but is not limited to, a cell phone, a computer, an intelligent voice interaction device, an intelligent home appliance, a vehicle-mounted terminal, a game console, an electronic book reader, a multimedia playing device, a wearable device, and the like. A client in which an application program can be installed in the terminal 10.
In the embodiment of the present application, the application may be any application capable of code obfuscation. Typically, the application is a development class application. Of course, code obfuscation may also occur in other types of applications besides development class applications. Alternatively, the SDK generated through code obfuscation may be applied to other applications, for example, a financial application, a news application, a social application, an interactive entertainment application, a browser application, a shopping application, a content sharing application, a Virtual Reality (VR) application, an augmented Reality (Augmented Reality, AR) application, and the like, which are not limited in this embodiment of the present application. In addition, for different applications, the pushed video may be different, and the corresponding functions may be different, which may be configured in advance according to actual requirements, which is not limited in the embodiment of the present application. Optionally, a client of the above application program is running in the terminal 10.
The server 20 is used to provide background services for clients of applications in the terminal 10. For example, the server 20 may be a background server of the application program described above. The server 20 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or may be a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs (Content Delivery Network, content delivery networks), basic cloud computing services such as big data and artificial intelligence platforms, and the like. Alternatively, the server 20 provides background services for applications in a plurality of terminals 10 at the same time.
Alternatively, the terminal 10 and the server 20 may communicate with each other via the network 30. The terminal 10 and the server 20 may be directly or indirectly connected through wired or wireless communication, and the present application is not limited thereto.
Before describing the method embodiments provided in the present application, application scenarios, related terms or nouns that may be involved in the method embodiments of the present application are briefly described, so as to be understood by those skilled in the art of the present application.
First, the description of related application scenes is carried out: for the main engineering of an application, multiple SDKs may be included. The embodiment of the application provides a cloud development platform which can output a plurality of SDKs to an access party developer, including offline package, code scanning, sharing, hot repair and the like. The access side developer maintains a main project, and the development platform provides an SDK. In contrast to code obfuscation of the main project, obfuscation of the SDK does not take over the lifecycle of the program (e.g., acquiring the compilation environment, starting the program, executing the program segments other than the SDK), and thus the obfuscation of the SDK cannot use the scheme of configuring the project obfuscation file and intermediate code obfuscation.
According to the security requirement of the access party, the SDK mixed source code interfaces used by different access parties are different. For example, SDKs used by access party a and access party B to implement the same function, the obfuscated interface names, parameters, variables, and call modes thereof are all different, but the functions are the same. Therefore, when the SDK using problem is generated by different access parties, the problem reproduction is required to be carried out after the different SDKs are restored, so that the reason is searched.
Based on the application scenario, the application provides a code confusion method for realizing code confusion of an output SDK. The following is a description of the terms or nouns.
Code confusion: code of a computer program is converted into a functionally equivalent, but difficult to read and understand form of behavior. Code obfuscation may be used for program source code, or intermediate code compiled from the program. In an exemplary embodiment, there is complexity, and uncertainty, in the external output of the SDK in the intermediate code. The confusion of this scheme is therefore based on source code confusion.
Reflection: for any one class, all the attributes and methods of the class can be known, and for any one object, any one of its methods can be invoked. This calling mechanism is called reflection. The reflected calls generated in this scheme may occur in other code segments of the obfuscated SDK calling program. Such as obfuscated class and method names and other SDKs of the access party, resulting in invocation errors during operation.
HashMap (hash table): is a hash table that stores content that is a key-value pair (key-value) map. In an exemplary embodiment, the HashMap is utilized to store the code call nodes and decryption keys corresponding to the underlying source codes in each confusion process.
Referring to fig. 2, a flowchart of a code obfuscation method according to an embodiment of the present application is shown. The method can be applied to a computer device, wherein the computer device is an electronic device with data computing and processing capabilities, and the execution subject of each step can be the terminal 10 or the server 20 in the application running environment shown in fig. 1. The method may comprise the following steps (201-205).
Step 201, a source code file to be processed is obtained.
Optionally, the source code file to be processed includes program source code. Optionally, the program source code corresponds to a first program language. Optionally, the first program language supports reflex calls, such as Java language, objective-C (OC) language, and Swift language.
Optionally, the source code file to be processed is a file belonging to a target file type in a target file package, and the target file package includes a file required for packaging a software development kit.
In an exemplary embodiment, filtering processing based on the target file type is performed on the files in the target file package, so as to obtain source code files corresponding to the target file type, namely the source code files to be processed. Optionally, the target file type includes a source file type, such as a Java type, an OC type, or a Swift type.
In one possible implementation, the filtering restriction is performed on the files in the target package by a fixed filtering instruction, so as to ensure that the SDK source code files to be confused are input into the SDK interpreter created based on Python. The filtering limitation needs to filter out files that are not source codes in the target file package, such as files of audio and video, plist, json, bundle, and the like. The necessary file type of the corresponding SDK terminal is selected as the target file type, generally the java file corresponding to An Zhuoduan, and the iOS terminal corresponds to oc or swift file. After the source code files to be processed are input into the interpreter, the interpreter can start operations such as reading, replacing, translating, character injection and the like on the source code files.
Optionally, the interpreter is a script program in the SDK for code obfuscation.
Step 202, extracting the program source code based on the environment variable to generate a temporary file.
Optionally, the temporary file includes environment variable information in the program source code. The environment variable information in the program source code can be stored in the created temporary file after being extracted.
The above-mentioned environment variables refer to some parameters used in the program source code to specify the program execution environment. Optionally, the environment variable information includes, but is not limited to, functions, methods, classes, constructs, member attributes, modifiers, etc. in the program source code. Optionally, the function includes a function name, a function parameter; the method comprises a method name and a method parameter; the class includes class name, class member (information such as member name, attribute, etc.), class method (information such as method name, method parameter, etc.); the structure body comprises a structure body name and attribute information of members in the structure body; the member attribute includes attribute information such as a member name, a member type, and the like.
The environment variables are called in the running process of the program, so that relevant program processing is realized, and relevant processing results are generated.
In an exemplary embodiment, as shown in fig. 3, the above-mentioned extracting process based on the environment variable is performed on the program source code, and the temporary file is generated, which may include the following steps (2021 to 2024), and fig. 3 shows a second flowchart of the code obfuscation method provided in one embodiment of the present application.
At step 2021, an initial temporary file is created.
Optionally, before extracting the environment variable, an initial temporary file is newly created to store the environment variable information in the program source code. The file type of the temporary file is not limited in the embodiment of the present application, and may be a file for storing data or a program code file.
Step 2022 reads the function information, method information, and member attribute information in the program source code.
Optionally, the environment variable information includes function information, method information, and member attribute information.
In a possible implementation manner, by running the script in the interpreter, the reading of the program source code in the source code file to be processed can be realized, so that the function information, the method information and the member attribute information in the program source code are retrieved, and the corresponding classification is performed, so that the set of the function, the method, the member attribute and other information in the program source code is obtained.
Step 2023 determines scope information corresponding to each of the function information, method information, and member attribute information in the program source code.
Optionally, the input program source code is subjected to scope analysis processing based on the information, so as to obtain scope information corresponding to the function information, the method information and the member attribute information in the program source code.
Optionally, the scope information characterizes available code ranges of the environment variables corresponding thereto. For example, scope information corresponding to the function information characterizes available code ranges corresponding to various code fields in the function information; the scope information corresponding to the method information characterizes the available code range corresponding to each code field in the method information; the scope information corresponding to the member attribute information characterizes each code field in the member attribute information, such as an available code range corresponding to each member attribute field.
Step 2024, storing the function information, method information, member attribute information and scope information into the initial temporary file to obtain the temporary file.
Optionally, the function information, the method information, the member attribute information and the scope information are stored into an initial temporary file in a zoned manner to obtain the temporary file. The temporary file includes a function information storage area, a method information storage area, a member attribute information storage area, and scope information.
Optionally, each source code file to be processed corresponds to at least one temporary file. Optionally, the number of temporary files is determined according to the corresponding class information in each source code file to be processed, for example, one temporary file is generated for one class in the program source code, but two classes may also correspond to one temporary file, which is not limited in the embodiment of the present application.
In one possible implementation manner, the interpreter starts reading environment variables, analyzes the scope of the input source file, and classifies the key source codes such as functions, methods and structures in a single file. Specifically, the names, parameters, and scopes of functions, methods, and types, modifiers, and names of member attributes may be retrieved using scripts, and then created and saved in a temporary file. Wherein a single source code file generates at least one temporary file.
And 203, performing type conversion processing on the environment variable information to obtain converted environment variable information.
Alternatively, the above type conversion process is a conversion process of a pointer to a variable type. After the temporary file is generated, the stored environment variable information can be read out, such as a function, a method and a member attribute, from the temporary file, and then the environment variable in the temporary file is subjected to type conversion according to the grammar setting corresponding to the source code file to be processed.
In an exemplary embodiment, the program source code corresponds to a first programming language; accordingly, as shown in fig. 3, the type conversion processing is performed on the environment variable information to obtain converted environment variable information, which may include the following step 2031.
And 2301, performing language type conversion processing on the environment variable information to obtain converted environment variable information.
The converted environment variable information corresponds to a second program language, the first program language supports the reflection call, and the second program language does not support the reflection call.
Optionally, the first program language includes, but is not limited to, java language, objective-C (OC) language, and Swift language, which support reflex call.
Optionally, the second program language includes, but is not limited to, a C language, a C++ language, etc., that does not support reflex calls.
The method has the advantages that the program language supporting the reflection call is converted into the bottom layer program language not supporting the reflection call, so that the reflection call in the confusion process is avoided, and the code call error rate is reduced.
Optionally, as shown in fig. 4, the implementation procedure of the step 2031 may include the following steps (2031 a to 2031 c), and fig. 4 shows a flowchart three of a code confusion method provided in an embodiment of the application.
In step 2031a, a variable type conversion process is performed on the environment variable in the environment variable information, so as to obtain a pointer variable.
Optionally, the pointer variable corresponds to a pointer type of the second programming language.
Optionally, according to the type of the environment variable, the variable type is converted into the pointer type by using a bridge type, so as to obtain a pointer variable corresponding to a second program language, for example, a pointer variable of a C/c++ language.
Alternatively, the corresponding function parameters may be similarly converted.
Step 2031b, transforming the parameter names corresponding to the function parameters in the environment variable information to obtain transformed parameter names.
Optionally, in the scope of the function and/or method, the extended prefix and the conversion of the coding method are performed on the names of the related function parameters (such as intermediate variables) to obtain the names of the parameters after conversion.
Step 2031c, obtaining the converted environment variable information based on the pointer variable and the converted parameter name.
After the type conversion and the name conversion, the converted environment variable information can be obtained.
By converting the variable type into a pointer variable and modifying the parameter name, the reflection call in the confusion process can be effectively avoided.
And 204, generating a calling relation storage file based on the converted environment variable information.
Optionally, the call relation storage file includes at least one code call node corresponding to the environment variable information, and each code call node characterizes one code call of the environment variable corresponding to the code call node in the program source code.
Optionally, according to field content corresponding to each environment variable in the environment variable information, generating the at least one code call node in a pre-created XML (Extensible Markup Language ) file, wherein each code call node represents one code call of the environment variable corresponding to the code call node in the program source code.
And after all the code call nodes are generated, the call relation storage file can be obtained. Alternatively, the call relation storage file may be an XML file, and each code call node is an XML node in the XML file.
In an exemplary embodiment, as shown in fig. 3, the generating the call relation storage file based on the converted environment variable information may include the following steps (2041 to 2044).
Step 2041, at least one line of code in the temporary file is acquired.
Optionally, at least one line of code characterizes the converted environment variable information. In the temporary file, the converted environment variable information exists in the form of codes, so that at least one line of codes in the temporary file is acquired, namely the converted environment variable information is acquired.
Step 2042, for each line of code in at least one line of code, performing coding format modification processing on the environment variable names in the code to obtain the environment variable names in the target coding format.
The encoding format may be a character encoding format, e.g., UTF-8 (8-bit, universal Character Set/Unicode Transformation Format) is a variable length character encoding for Unicode.
The environment variable name in the code corresponds to the original coding format, and the environment variable name of the target coding format can be obtained by carrying out coding format modification processing on the environment variable name, so that the security of the code can be enhanced. The target encoding format may be a character encoding format different from the original encoding format, and the selection of the target encoding format is not limited in the embodiments of the present application.
In one possible implementation, the converted code corresponding to the underlying language is formatted based on the interpreter, and a replace function is declared, the function receives the incoming code line by line, modifies the encoding format of the environment variable names such as the method name and the function name, and targets the environment variable name of the encoding format.
Step 2043, based on the environment variable name of the target coding format, generating a code call node corresponding to the environment variable name in the code.
And generating a code call node corresponding to the environment variable name according to the environment variable name of the target coding format. In a specific embodiment, an XML node may be created in an XML file, and the name of the environment variable in the target coding format may be filled into the XML node, so as to obtain the code call node; the code call node may be obtained by encrypting the environment variable name of the target encoding format and then filling the encrypted information into the XML node, for example, by encrypting the environment variable name by a string DES (Data Encryption Standard ) method.
Step 2044, generating a call relation storage file according to the code call nodes corresponding to each line of codes in at least one line of codes.
Optionally, creating a code call node corresponding to each line of code in the at least one line of code in the XML file, so as to generate the call relation storage file.
By determining the code call nodes corresponding to the program source codes and storing the code call nodes in the call relation storage file, the code call relation among the codes in the program source codes can be accurately recorded, and the code call error amount of the SDK after confusion can be reduced.
In one possible implementation, the call relation storage file may further include an empty node, and the device may further randomly generate the empty node; correspondingly, according to the empty node and the code call node corresponding to each line of codes in at least one line of codes, a call relation storage file is generated.
The above-mentioned null nodes are nodes which have no practical meaning and only interfere with decompilation. Optionally, the number of empty nodes is less than 10% of the total nodes, the node names are used as keys in the hash table for storage,
optionally, the null node is inserted into the code call node corresponding to each line of codes, so as to obtain the call relation storage file.
In a specific embodiment, each code call node in the call relation storage file may be encrypted, and a hash table for characterizing the encryption and decryption relations may be constructed. In an exemplary embodiment, as shown in FIG. 3, the above method may further include the following steps (206-212).
Step 206, sequentially reading at least one code call node.
And step 207, under the condition that the read code call node is not an empty node, carrying out encryption processing on the read code call node to obtain the encrypted code call node and decryption information corresponding to the encrypted code call node.
Optionally, encrypting the code call node by a string DES (Data Encryption Standard ) method to obtain an encrypted code call node, and determining decryption information corresponding to the encrypted code call node according to an encryption mode. Optionally, the decryption information includes a decryption key corresponding to the encrypted code call node.
And step 208, determining key value pair information corresponding to the read code call node based on the encrypted code call node and the decryption information.
Optionally, the encrypted code call node is used as key information, the decryption key corresponding to the encrypted code call node is used as value information, and the key value pair information corresponding to the currently read code call node can be determined according to the key information and the value information.
Step 209, obtaining identity mapping relation information when the read code call node is a null node.
Alternatively, identity algorithm formulas such as polarization identities, cauchy inequality and euler identities are downloaded from the server. The identity mapping relation information comprises the identity algorithm formula.
And 210, executing identity processing on the read code call node based on the identity mapping relation information to obtain key information corresponding to the read code call node.
The meaning of the empty node is that complex function operation which does not affect the calculation result is generated in the confusion process, and the difficulty of external cracking and compiling is increased.
Step 211, determining key value pair information corresponding to the read code call node based on the key information.
Optionally, the value information in the key value pair information corresponding to the null node is null. Under the condition that the currently read code call node is a null node, the corresponding value information can be set to be null, so that key value pair information corresponding to the null node is obtained
And 212, generating a hash table based on key value pair information corresponding to each code call node in the at least one code call node.
Under the condition that key value pair information corresponding to one code call node is determined, the key value pair information corresponding to the current code call node is stored in a HashMap (hash table), so that mapping of the HashMap is completed, positioning according to the code call node to a source code can be realized based on the hash table, the positioning difficulty of operation errors is reduced, and the efficiency and accuracy of operation error positioning are improved.
And 205, performing code confusion packaging processing based on the program source code, the converted environment variable information and at least one code call node to obtain a confused software development kit.
Optionally, a toolkit name, an engineering name and catalog information corresponding to the software development toolkit are determined. The target information is used for indicating the position information of each file in the target file package, and comprises the source code file to be processed, a temporary file and a calling relation storage file.
Optionally, cleaning the packaging space, and generating a confusing software development kit according to file contents in the file indicated by the directory information.
In one example, as shown in fig. 5, an exemplary diagram of a technique architecture for generating a obfuscated SDK is shown. And (3) filtering the files to be packaged in the target file package, so as to obtain the source code files of the SDK, inputting the source code files into a parser for confusion packaging (the specific process can refer to the process recorded in the specification), and finally outputting the software tool development package after confusion. The SDK parser is used for carrying out SDK confusion package, so that the confusion codes can be restored with low risk on the premise of ensuring that SDKs given to different access parties are different confusion codes, and the terminal SDKs are not reflected and called.
In an exemplary embodiment, as shown in FIG. 3, the implementation of step 205 described above may include the following steps (2051-2052).
In step 2051, code confusion is performed on the program source code, the converted environment variable information and at least one code call node, so as to obtain a confused binary file.
In one possible implementation, the SDK packaging is performed by Shell, and the name, engineering name, and catalog of the SDK are input. And calling an xcodebuild clean packing space, and finally generating a binary file of the SDK according to the program source code, the converted environment variable information and at least one code calling node arch.
Step 2052, generating a obfuscated software development kit based on the obfuscated binary file.
Optionally, the obfuscated binary file may further include interface information. Specifically, as shown in fig. 4, the following steps (2053 to 2057) may be further included before the step 2052.
Step 2053, obtaining an original interface file corresponding to the obfuscated software development kit.
Optionally, the original interface file includes a preset application program interface, and interface parameter information and interface name information corresponding to the preset application program interface. The preset application program interface is an interface for an application program called by an access party and is used for realizing functions corresponding to the software development kit.
Step 2054, determining a class name of the calling object corresponding to the preset application program interface.
Optionally, the call object corresponding to the preset application program interface may be an object called by the preset application program interface in the program source code. After determining the calling object corresponding to the preset application program interface, determining the class name of the class of the calling object according to the corresponding relation between the object and the class.
Step 2055, generating prefix information corresponding to the interface name information based on the class name.
Optionally, the class name is used as a prefix to be added corresponding to the structure name.
Step 2056, performing conversion processing based on the target program language on the interface parameter information to obtain converted interface parameter information.
Optionally, the converted interface parameter information corresponds to a target program language. Optionally, the target program language is the second program language.
The interface parameters can be packaged by the bottom layer language by converting the interface parameter information based on the target program language.
Step 2057, obfuscating the original interface file based on the interface name information, the prefix information, and the converted interface parameter information, to obtain an obfuscated interface file.
Optionally, the interface name information is a name before encryption, the prefix information and the interface name information are fused to obtain fused interface name information, and the original interface file is updated based on the fused interface name information and the converted interface parameter information to generate the confusing interface file.
Accordingly, as shown in fig. 4, the above-mentioned obfuscated software development kit is generated based on the obfuscated binary file, which includes the following step 2052a.
Step 2052a, importing the obfuscated interface file into the obfuscated binary file to generate an obfuscated software development kit.
Optionally, after the obfuscated software development kit is generated, determining a version number corresponding to the obfuscated software development kit, corresponding the hash table to the version number, and storing the hash table in a pipeline of the package shell so as to facilitate the subsequent call when the problem is located.
The above flow is described below in conjunction with an actual application scenario, please refer to fig. 6, which schematically illustrates a flow chart for generating a confusing SDK. And running the SDK interpreter created by the Python, and generating the confusion SDK based on the SDK interpreter. The execution process of the SDK interpreter is as follows:
Opening and reading environment variables; and reading a single file and analyzing the scope of the single file, wherein the aim is to classify the key source codes such as functions, methods, structures and the like in the single file. The names, parameters and scope of the functions, methods, and types, modifiers and names of member attributes are retrieved using scripts and then created and saved in a temporary file. At least one temporary file (a temporary file is generated) is generated by a single source code file.
Judging whether the SDK source code file is read completely or not, if not, continuing to read the file, and if so, converting codes in the temporary file into a bottom language. Specifically, in the current read environment variables, functions, methods, and member properties are read from the temporary file. The interpreter performs type conversion on the variable of the temporary file according to the grammar setting corresponding to the source code file, for example, in the OC grammar, the variable can be converted into a pointer variable of the C/C++ language in a mode of '__ bridge void' according to the type of the variable. The corresponding function parameters are converted in the same way, and the intermediate variable names are converted by the extended prefix and the coding method in the action domain of the functions and the methods. The conversion step is to convert the language supporting the reflection call into the underlying language, thereby avoiding the reflection call in the confusion process.
Formatting the converted underlying language; a replacement function (replace function) is called which receives the incoming code row by row, wherein the method name and function name are modified in coding format, and xml nodes (code call nodes) are generated and stored by hash tables. During which empty nodes are randomly generated, and the number of the empty nodes is less than 10% of the total nodes. And storing the node name serving as a key in the HashMap.
And then reading the nodes in the hash table, and judging whether the nodes at the read position are empty nodes or not. If yes, downloading an identity algorithm formula, and encrypting the empty node by executing identity processing; if not, the encryption xml node can be realized by a string DES method.
After node encryption, the SDK interface (here, the interface is the source code directly called by the access party) is translated. Class names of the calling objects can be generated in prefixes of the interfaces, parameters of the interfaces are packaged by using a bottom language, and the interface names are names before encryption.
Finally, SDK packaging can be executed in a Shell mode, and SDK package discharging is achieved.
In an exemplary embodiment, as shown in FIG. 3, the above method further includes the following steps (213-215).
And step 213, receiving the operation error information corresponding to the confused software development kit.
When the access party generates a call related problem, the access party sends running error information which can comprise the version number of the SDK and error node information
Step 214, determining an object code call node corresponding to the running error information in the hash table and object decryption information corresponding to the object code call node.
Optionally, the hash table corresponding to the version number may be determined according to the version number, and according to the running error information, an object code call node corresponding to the running error information in the hash table may be determined, where the value information corresponding to the object code call node is the object decryption information, and includes the object decryption key.
And step 215, decrypting the target code call node based on the target decryption information to obtain the source code corresponding to the target code call node.
And decrypting the source codes of the bottom language, such as the codes of the second program language, by utilizing the target decryption information, namely the target decryption key, and generating the original source codes after conversion of the corresponding language so as to facilitate problem debugging.
In summary, according to the technical scheme provided by the embodiment of the application, the environment variables in the program source code are saved in the temporary file through the extraction processing of the environment variables of the program source code, the type conversion processing is performed on the environment variables, and then the code call nodes corresponding to the program source code are determined according to the converted environment variable information, each code call node can represent one-time code call of the corresponding environment variables in the program source code, code confusion is realized, the program source code, the converted environment variable information and the code call nodes are packaged, the confused SDK can be generated, the code call of the corresponding environment variables is represented by the code call nodes in the confused SDK, the code call error quantity generated in the call process of the confused SDK is effectively reduced, and the running error rate of the confused SDK is reduced.
Compared with the related art, the method and the device for the encryption of the XML node have the advantages that the source codes are not mixed in the mode of generating random character strings, time stamps and the like, but the mixed codes are restored on the premise that the mixed safety is ensured by using the hash table to store the encrypted XML node and the decryption key thereof for realizing the mixing. In addition, in the technical scheme provided by the application, the variable conversion of the temporary file can modify the call of the reflection grammar, so that logic errors generated by the reflection call after confusion are avoided.
In addition, in the technical scheme provided by the application, the null nodes can be randomly generated, and the null nodes and the server are utilized to issue an identity algorithm, so that SDK functions of all access parties can be identical but source codes after confusion are different.
The following are device embodiments of the present application, which may be used to perform method embodiments of the present application. For details not disclosed in the device embodiments of the present application, please refer to the method embodiments of the present application.
Referring to fig. 7, a block diagram of a code obfuscation apparatus provided in an embodiment of the present application is shown. The device has the function of realizing the code confusion method, and the function can be realized by hardware or can be realized by executing corresponding software by hardware. The device may be a computer device or may be provided in a computer device. The apparatus 700 may include:
the source code file obtaining module 710 is configured to obtain a source code file to be processed, where the source code file to be processed includes a program source code;
a temporary file generating module 720, configured to perform extraction processing based on an environment variable on the program source code, and generate a temporary file, where the temporary file includes environment variable information in the program source code;
The environment variable conversion module 730 is configured to perform type conversion processing on the environment variable information to obtain converted environment variable information;
the call relation storage module 740 is configured to generate a call relation storage file based on the converted environment variable information, where the call relation storage file includes at least one code call node corresponding to the environment variable information, and each code call node characterizes one code call of the environment variable corresponding to the code call node in the program source code;
and the tool package generating module 750 is configured to perform code confusion packaging processing based on the program source code, the converted environment variable information and the at least one code call node, so as to obtain a software development tool package after confusion.
In an exemplary embodiment, the temporary file generation module 720 includes:
a temporary file creation unit for creating an initial temporary file;
an information reading unit, configured to read function information, method information, and member attribute information in the program source code, where the environment variable information includes the function information, the method information, and the member attribute information;
A scope determining unit, configured to determine scope information corresponding to each of the function information, the method information, and the member attribute information in the program source code;
and the information storage unit is used for storing the function information, the method information, the member attribute information and the scope information into the initial temporary file to obtain the temporary file.
In an exemplary embodiment, the program source code corresponds to a first program language, and the environment variable conversion module 730 is specifically configured to perform language type conversion processing on the environment variable information to obtain the converted environment variable information, where the converted environment variable information corresponds to a second program language, and the first program language supports a reflection call, and the second program language does not support the reflection call.
In an exemplary embodiment, the environment variable conversion module 730 includes:
the variable type conversion unit is used for carrying out variable type conversion processing on the environment variables in the environment variable information to obtain pointer variables, and the pointer variables correspond to the pointer types of the second program language;
the parameter name conversion unit is used for converting the parameter names corresponding to the function parameters in the environment variable information to obtain converted parameter names;
And the conversion information determining unit is used for obtaining the converted environment variable information based on the pointer variable and the converted parameter name.
In an exemplary embodiment, the call relationship storage module 740 includes:
the code acquisition unit is used for acquiring at least one line of codes in the temporary file, wherein the at least one line of codes represents the converted environment variable information;
the coding format modification unit is used for carrying out coding format modification processing on the environment variable names in the codes for each line of codes in the at least one line of codes to obtain environment variable names in a target coding format;
the node generating unit is used for generating a code calling node corresponding to the environment variable name in the code based on the environment variable name in the target coding format;
and the storage file generating unit is used for generating the calling relation storage file according to the code calling nodes corresponding to each line of codes in the at least one line of codes.
In an exemplary embodiment, the node generating unit is further configured to randomly generate a null node;
the storage file generating unit is further configured to generate the call relationship storage file according to the null node and a code call node corresponding to each line of code in the at least one line of codes.
In an exemplary embodiment, the apparatus 700 further comprises:
the node reading module is used for sequentially reading the at least one code calling node;
and the node encryption module is used for carrying out encryption processing on the read code call node under the condition that the read code call node is not an empty node, so as to obtain the encrypted code call node and decryption information corresponding to the encrypted code call node.
And the key value pair information determining module is used for determining the key value pair information corresponding to the read code calling node based on the encrypted code calling node and the decryption information.
In an exemplary embodiment, the apparatus 700 further comprises:
the identity relation acquisition module is used for acquiring identity mapping relation information under the condition that the read code call node is an empty node;
the node identity processing module is used for executing identity processing on the read code calling node based on the identity mapping relation information to obtain key information corresponding to the read code calling node;
the key value pair information determining module is further configured to determine key value pair information corresponding to the read code calling node based on the key information, where value information in the key value pair information corresponding to the null node is null;
And the hash table generation module is used for generating a hash table based on key value pair information corresponding to each code call node in the at least one code call node.
In an exemplary embodiment, the apparatus 700 further comprises:
the error information receiving module is used for receiving operation error information corresponding to the confused software development kit;
the error node determining module is used for determining an object code calling node corresponding to the operation error information in the hash table and object decryption information corresponding to the object code calling node;
and the source code positioning module is used for carrying out decryption processing on the target code calling node based on the target decryption information to obtain a source code corresponding to the target code calling node.
In an exemplary embodiment, the kit generation module 750 includes:
the binary file generating unit is used for carrying out code confusion processing on the program source code, the converted environment variable information and the at least one code calling node to obtain a mixed binary file;
and the tool package packaging unit is used for generating the confused software development tool package based on the confused binary file.
In an exemplary embodiment, the kit generation module 750 further includes:
an interface file obtaining unit, configured to obtain an original interface file corresponding to the obfuscated software development kit, where the original interface file includes a preset application program interface, and interface parameter information and interface name information corresponding to the preset application program interface;
the class name determining unit is used for determining the class name of the calling object corresponding to the preset application program interface;
a name prefix determining unit, configured to generate prefix information corresponding to the interface name information based on the class name;
the interface parameter conversion unit is used for carrying out conversion processing based on a target program language on the interface parameter information to obtain converted interface parameter information, wherein the converted interface parameter information corresponds to the target program language;
the interface file confusion unit is used for carrying out confusion on the original interface file based on the interface name information, the prefix information and the converted interface parameter information to obtain a mixed interface file;
the tool package packaging unit is further configured to import the obfuscated interface file into the obfuscated binary file, and generate the obfuscated software development tool package.
In summary, according to the technical scheme provided by the embodiment of the application, the environment variables in the program source code are saved in the temporary file through the extraction processing of the environment variables of the program source code, the type conversion processing is performed on the environment variables, and then the code call nodes corresponding to the program source code are determined according to the converted environment variable information, each code call node can represent one-time code call of the corresponding environment variables in the program source code, code confusion is realized, the program source code, the converted environment variable information and the code call nodes are packaged, the confused SDK can be generated, the code call of the corresponding environment variables is represented by the code call nodes in the confused SDK, the code call error quantity generated in the call process of the confused SDK is effectively reduced, and the running error rate of the confused SDK is reduced.
It should be noted that, in the apparatus provided in the foregoing embodiment, when implementing the functions thereof, only the division of the foregoing functional modules is used as an example, in practical application, the foregoing functional allocation may be implemented by different functional modules, that is, the internal structure of the device is divided into different functional modules, so as to implement all or part of the functions described above. In addition, the apparatus and the method embodiments provided in the foregoing embodiments belong to the same concept, and specific implementation processes of the apparatus and the method embodiments are detailed in the method embodiments and are not repeated herein.
Referring to fig. 8, a block diagram of a computer device according to an embodiment of the present application is shown. The computer device may be a terminal or a server. The computer device is used for implementing the code obfuscation method provided in the above embodiments. Specifically, the present invention relates to a method for manufacturing a semiconductor device.
In general, the computer device 800 includes: a processor 801 and a memory 802.
Processor 801 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and the like. The processor 801 may be implemented in at least one hardware form of DSP (Digital Signal Processing ), FPGA (Field Programmable Gate Array, field programmable gate array), PLA (Programmable Logic Array ). The processor 801 may also include a main processor, which is a processor for processing data in an awake state, also referred to as a CPU (Central Processing Unit ), and a coprocessor; a coprocessor is a low-power processor for processing data in a standby state. In some embodiments, the processor 801 may integrate a GPU (Graphics Processing Unit, image processor) for rendering and rendering of content required to be displayed by the display screen. In some embodiments, the processor 801 may also include an AI (Artificial Intelligence ) processor for processing computing operations related to machine learning.
Memory 802 may include one or more computer-readable storage media, which may be non-transitory. Memory 802 may also include high-speed random access memory, as well as non-volatile memory, such as one or more magnetic disk storage devices, flash memory storage devices. In some embodiments, a non-transitory computer readable storage medium in memory 802 is used to store at least one instruction, at least one program, set of codes, or set of instructions configured to be executed by one or more processors to implement the above-described code obfuscation method.
In some embodiments, the computer device 800 may optionally further include: a peripheral interface 803, and at least one peripheral. The processor 801, the memory 802, and the peripheral interface 803 may be connected by a bus or signal line. Individual peripheral devices may be connected to the peripheral device interface 803 by buses, signal lines, or a circuit board. Specifically, the peripheral device includes: at least one of radio frequency circuitry 804, a touch display 805, a camera assembly 806, audio circuitry 807, a positioning assembly 808, and a power supply 809.
Those skilled in the art will appreciate that the architecture shown in fig. 8 is not limiting and that more or fewer components than shown may be included or that certain components may be combined or that a different arrangement of components may be employed.
In an exemplary embodiment, a computer readable storage medium is also provided, in which at least one instruction, at least one program, a set of codes, or a set of instructions is stored, which when executed by a processor, implement the above-described code obfuscation method.
Alternatively, the computer-readable storage medium may include: ROM (Read Only Memory), RAM (Random Access Memory ), SSD (Solid State Drives, solid state disk), or optical disk, etc. The random access memory may include ReRAM (Resistance Random Access Memory, resistive random access memory) and DRAM (Dynamic Random Access Memory ), among others.
In an exemplary embodiment, a computer program product or a computer program is also provided, the computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the above-described code obfuscation method.
It should be understood that references herein to "a plurality" are to two or more. "and/or", describes an association relationship of an association object, and indicates that there may be three relationships, for example, a and/or B, and may indicate: a exists alone, A and B exist together, and B exists alone. The character "/" generally indicates that the context-dependent object is an "or" relationship. In addition, the step numbers described herein are merely exemplary of one possible execution sequence among steps, and in some other embodiments, the steps may be executed out of the order of numbers, such as two differently numbered steps being executed simultaneously, or two differently numbered steps being executed in an order opposite to that shown, which is not limited by the embodiments of the present application.
In addition, in the specific embodiments of the present application, related data such as user information is related, when the above embodiments of the present application are applied to specific products or technologies, user permission or consent needs to be obtained, and the collection, use and processing of related data need to comply with related laws and regulations and standards of related countries and regions.
The foregoing description of the exemplary embodiments of the present application is not intended to limit the invention to the particular embodiments disclosed, but on the contrary, the intention is to cover all modifications, equivalents, alternatives, and alternatives falling within the spirit and scope of the invention.
Claims (15)
1. A method of code obfuscation, the method comprising:
acquiring a source code file to be processed, wherein the source code file to be processed comprises a program source code;
extracting the program source code based on environment variables to generate a temporary file, wherein the temporary file comprises environment variable information in the program source code;
performing type conversion processing on the environment variable information to obtain converted environment variable information;
generating a calling relation storage file based on the converted environment variable information, wherein the calling relation storage file comprises at least one code calling node corresponding to the environment variable information, and each code calling node represents one-time code calling of the environment variable corresponding to the code calling node in the program source code;
and carrying out code confusion packaging processing on the basis of the program source code, the converted environment variable information and the at least one code call node to obtain a confused software development kit.
2. The method of claim 1, wherein the performing the extracting process on the program source code based on the environment variable to generate the temporary file includes:
Creating an initial temporary file;
reading function information, method information and member attribute information in the program source code, wherein the environment variable information comprises the function information, the method information and the member attribute information;
determining scope information corresponding to the function information, the method information and the member attribute information in the program source code;
and storing the function information, the method information, the member attribute information and the scope information into the initial temporary file to obtain the temporary file.
3. The method according to claim 1, wherein the program source code corresponds to a first program language, and the performing type conversion processing on the environment variable information to obtain converted environment variable information includes:
and carrying out language type conversion processing on the environment variable information to obtain converted environment variable information, wherein the converted environment variable information corresponds to a second program language, the first program language supports the reflection call, and the second program language does not support the reflection call.
4. A method according to claim 3, wherein said performing a language type conversion process on said environment variable information to obtain said converted environment variable information comprises:
Performing variable type conversion processing on the environment variables in the environment variable information to obtain pointer variables, wherein the pointer variables correspond to pointer types of the second program language;
transforming the parameter names corresponding to the function parameters in the environment variable information to obtain transformed parameter names;
and obtaining the converted environment variable information based on the pointer variable and the converted parameter name.
5. The method of claim 1, wherein generating a call relationship storage file based on the converted environment variable information comprises:
acquiring at least one line of codes in the temporary file, wherein the at least one line of codes represents the converted environment variable information;
for each line of codes in the at least one line of codes, carrying out coding format modification processing on the environment variable names in the codes to obtain environment variable names in a target coding format;
generating a code call node corresponding to the environment variable name in the code based on the environment variable name in the target coding format;
and generating the call relation storage file according to code call nodes corresponding to each line of codes in the at least one line of codes.
6. The method of claim 5, wherein before generating the call relation storage file according to the code call node corresponding to each of the at least one line of codes, further comprises:
randomly generating empty nodes;
the generating the call relation storage file according to the code call node corresponding to each line of codes in the at least one line of codes includes:
and generating the call relation storage file according to the empty node and the code call node corresponding to each line of codes in the at least one line of codes.
7. The method of claim 1, wherein after generating a call relationship storage file based on the converted environment variable information, the method further comprises:
reading the at least one code call node in turn;
and under the condition that the read code call node is not an empty node, carrying out encryption processing on the read code call node to obtain an encrypted code call node and decryption information corresponding to the encrypted code call node.
And determining key value pair information corresponding to the read code call node based on the encrypted code call node and the decryption information.
8. The method of claim 7, wherein after sequentially reading the at least one code call node, the method further comprises:
under the condition that the read code call node is an empty node, obtaining identity mapping relation information;
based on the identity mapping relation information, performing identity processing on the read code call node to obtain key information corresponding to the read code call node;
determining key value pair information corresponding to the read code calling node based on the key information, wherein the value information in the key value pair information corresponding to the empty node is empty;
and generating a hash table based on key value pair information corresponding to each code call node in the at least one code call node.
9. The method of claim 8, wherein the method further comprises:
receiving operation error information corresponding to the confused software development kit;
determining an object code calling node corresponding to the operation error information in the hash table and object decryption information corresponding to the object code calling node;
and decrypting the target code call node based on the target decryption information to obtain the source code corresponding to the target code call node.
10. The method according to any one of claims 1 to 9, wherein the performing code obfuscation and packaging processing based on the program source code, the converted environment variable information, and the at least one code call node, to obtain an obfuscated software development kit includes:
code confusion processing is carried out on the program source code, the converted environment variable information and the at least one code call node, so as to obtain a mixed binary file;
and generating the confusing software development kit based on the confusing binary file.
11. The method of claim 10, wherein prior to generating the obfuscated software development kit based on the obfuscated binary file, the method further comprises:
acquiring an original interface file corresponding to the confused software development kit, wherein the original interface file comprises a preset application program interface, and interface parameter information and interface name information corresponding to the preset application program interface;
determining the class name of the calling object corresponding to the preset application program interface;
generating prefix information corresponding to the interface name information based on the class name;
Performing conversion processing based on a target program language on the interface parameter information to obtain converted interface parameter information, wherein the converted interface parameter information corresponds to the target program language;
the original interface file is mixed based on the interface name information, the prefix information and the converted interface parameter information, and a mixed interface file is obtained;
the generating the obfuscated software development kit based on the obfuscated binary file includes:
and importing the obfuscated interface file into the obfuscated binary file to generate the obfuscated software development kit.
12. A code obfuscation apparatus, the apparatus comprising:
the source code file acquisition module is used for acquiring a source code file to be processed, wherein the source code file to be processed comprises a program source code;
the temporary file generation module is used for extracting the program source codes based on environment variables to generate temporary files, wherein the temporary files comprise environment variable information in the program source codes;
the environment variable conversion module is used for performing type conversion processing on the environment variable information to obtain converted environment variable information;
The calling relation storage module is used for generating a calling relation storage file based on the converted environment variable information, the calling relation storage file comprises at least one code calling node corresponding to the environment variable information, and each code calling node represents one-time code calling of the environment variable corresponding to the code calling node in the program source code;
and the tool kit generating module is used for carrying out code confusion packaging processing based on the program source code, the converted environment variable information and the at least one code calling node to obtain a software development tool kit after confusion.
13. A computer device comprising a processor and a memory having stored therein at least one instruction, at least one program, code set, or instruction set that is loaded and executed by the processor to implement the code obfuscation method of any of claims 1-11.
14. A computer readable storage medium having stored therein at least one instruction, at least one program, code set, or instruction set, the at least one instruction, the at least one program, the code set, or instruction set being loaded and executed by a processor to implement the code obfuscation method of any of claims 1-11.
15. A computer program product, characterized in that it comprises computer instructions stored in a computer-readable storage medium, from which computer instructions a processor of a computer device reads, the processor executing the computer instructions, causing the computer device to execute to implement the code obfuscation method according to any of claims 1 to 11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210928578.8A CN117556392A (en) | 2022-08-03 | 2022-08-03 | Code confusion method, device, equipment, storage medium and product |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210928578.8A CN117556392A (en) | 2022-08-03 | 2022-08-03 | Code confusion method, device, equipment, storage medium and product |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117556392A true CN117556392A (en) | 2024-02-13 |
Family
ID=89815278
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210928578.8A Pending CN117556392A (en) | 2022-08-03 | 2022-08-03 | Code confusion method, device, equipment, storage medium and product |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117556392A (en) |
-
2022
- 2022-08-03 CN CN202210928578.8A patent/CN117556392A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3605324B1 (en) | Application development method and tool, and storage medium thereof | |
| CN110046023B (en) | Data processing method and system based on intelligent contract of block chain | |
| CN106970820B (en) | Code storage method and code storage device | |
| US11106437B2 (en) | Lookup table optimization for programming languages that target synchronous digital circuits | |
| CN109933404B (en) | Encoding and decoding method and system based on block chain intelligent contract | |
| CN109558525B (en) | Test data set generation method, device, equipment and storage medium | |
| CN111399840B (en) | Module development method and device | |
| WO2016058488A1 (en) | Method and device for providing sdk files | |
| CN112256321A (en) | Static library packaging method and device, computer equipment and storage medium | |
| CN111400681A (en) | Data permission processing method, device and equipment | |
| CN115145574A (en) | Code generation method and device, storage medium and server | |
| CN112416303B (en) | Software development kit hot repair method and device and electronic equipment | |
| CN110941443B (en) | Method and device for modifying file name in SDK (software development kit) and electronic equipment | |
| CN113407165A (en) | SDK generation and self-upgrade method, device, readable medium and equipment | |
| CN111880805A (en) | Method, device and equipment for generating package file of software project and storage medium | |
| CN104378393A (en) | Resource sharing method and corresponding device | |
| CN111159278A (en) | Data display method and device, electronic equipment and computer readable storage medium | |
| CN117556392A (en) | Code confusion method, device, equipment, storage medium and product | |
| CN113835748B (en) | Packaging method, system and readable medium for application program based on HTML5 | |
| CN113709171B (en) | Method and device for cross-component state communication | |
| CN115934093A (en) | Applet cross-terminal application method, related device and computer storage medium | |
| CN115203674A (en) | Automatic login method, system, device and storage medium for application program | |
| CN114816361A (en) | Method, device, equipment, medium and program product for generating splicing project | |
| CN114296793A (en) | Anti-obfuscation method and device for obfuscated codes, readable medium and electronic device | |
| CN113127055A (en) | Dynamic link library file generation method, application verification method, device and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |