WO2019080110A1 - Apk signature authentication method and system - Google Patents

Apk signature authentication method and system

Info

Publication number
WO2019080110A1
WO2019080110A1 PCT/CN2017/108082 CN2017108082W WO2019080110A1 WO 2019080110 A1 WO2019080110 A1 WO 2019080110A1 CN 2017108082 W CN2017108082 W CN 2017108082W WO 2019080110 A1 WO2019080110 A1 WO 2019080110A1
Authority
WO
WIPO (PCT)
Prior art keywords
signature
apk
file
block
original
Prior art date
Application number
PCT/CN2017/108082
Other languages
French (fr)
Chinese (zh)
Inventor
陈菲菲
孟陆强
彭波涛
江中杰
Original Assignee
福建联迪商用设备有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 福建联迪商用设备有限公司 filed Critical 福建联迪商用设备有限公司
Priority to PCT/CN2017/108082 priority Critical patent/WO2019080110A1/en
Priority to CN201780001458.0A priority patent/CN107980132A/en
Publication of WO2019080110A1 publication Critical patent/WO2019080110A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Definitions

  • the present invention relates to the field of signature authentication, and in particular, to a method and system for authenticating an APK signature.
  • Android is a Linux-based source operating system issued by Google, and the installer on it is in the APK (Android Package) format.
  • the APK file format is actually a zip compressed file format, which is mainly divided into three parts, namely compressed file content source data, compressed directory source data and directory end identifier structure.
  • an acquirer purchases a smart terminal device of a payment terminal manufacturer, and installs an acquirer's own program on the payment terminal, and the installation program is an APK format.
  • the acquirer maintains the signed APK for the purchaser's payment terminal device and may also need to install the APK into other Androi d devices.
  • the applicant of the present invention has previously filed an invention patent application with the application number 201510780639.0, and discloses an APK signature authentication method and system thereof, and adds signature information to the META-INF directory of the APK source file.
  • program can be run before And rO id7.0 system is normal, but from the beginning And rO id7.0 system Jian, the introduction of a new application signature scheme APK signature scheme v2, APK V2 format that is native signature.
  • the native signature of the APK V2 format will sign the entire APK data, and the APK that was originally signed in the V2 format is not allowed to be inserted into the META-INF directory. Therefore, the above scheme does not apply to systems with A nd rO id 7.0 or higher, and it is necessary to improve them to overcome the above problems.
  • the technical problem to be solved by the present invention is: Providing a method and system for authenticating an APK signature, which is compatible with the native signature mechanism of the V2 format of the terminal operating system, improves the compatibility of the APK signature authentication, and can adapt to different versions of the Android system.
  • a method for authenticating an APK signature comprising the steps of:
  • the terminal acquires the signed APK file, extracts the signature information, and restores the original APK file.
  • An APK signature authentication system including an acquirer and a terminal, the acquirer including a first memory
  • the terminal comprising a second memory, a second processor, and being stored in the second memory and operable a second computer program running on the second processor,
  • the first processor executes the first computer program to implement the following steps:
  • the second processor executes the second computer program to implement the following steps:
  • the beneficial effects of the present invention are: adding a custom ID-value field in the APK signature block, and inserting the signature information signed by the original APK file into the customized ID-value field, without affecting the terminal.
  • original inspection mechanisms to check the operating system the system can be applied and rO above id7.0, good compatibility, wide applicability, and as long as the acquirer generate a signed APK file, it can be downloaded to the payment terminal manufacturers On the device and other Android devices, reduce the maintenance costs of the acquirer.
  • FIG. 1 is a flowchart of a method for authenticating an APK signature according to an embodiment of the present invention
  • FIG. 2 is a schematic structural diagram of a APK signature authentication system according to an embodiment of the present invention.
  • FIG. 3 is a schematic diagram of a data format of signature information according to an embodiment of the present invention.
  • FIG. 4 is a schematic diagram of a file format of an APK file after a native signature V2 and an organization signature according to an embodiment of the present invention
  • the most critical idea of the present invention is: adding a custom ID-value field to the APK signature block, and inserting the signature information signed by the original APK file into the customized ID-value field without affecting The original check mechanism of the terminal operating system.
  • FIG. 1 a method for authenticating an APK signature, including the steps:
  • the terminal acquires the signed APK file, extracts the signature information, and restores the original APK file.
  • the beneficial effects of the present invention are: adding a custom ID-v alue field to the APK signature block, and inserting the signature information signed by the original APK file into the customized ID-value.
  • APK file field will not affect the original inspection mechanism signed terminal operating system, the system can be applied and rO above id7.0, good compatibility, wide applicability, and as long as the acquirer generates a signed, we can lower It is loaded on payment terminal manufacturer equipment and other Android devices to reduce the maintenance cost of the acquirer.
  • step S2 specifically includes:
  • APK signature block format According to the APK signature block format, a custom ID-value field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the APK signature of the original APK file is modified accordingly.
  • the block length and the directory end identification structure of the block generate the signed APK file.
  • a custom ID-valu e field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the original APK is modified accordingly.
  • V2 native format in line with the signed APK file format does not affect the sign of the native Android experience, so for more than id7.0 equipment And rO, can be properly installed.
  • block length and the directory end identifier structure of the APK signature block of the original APK file are modified to include:
  • the block length of the APK signature block is added to the size of the custom ID_value field, and the directory offset position in the directory end identifier structure plus the size of the custom ID_value field.
  • the sign information is extracted in the step S3, and the original APK file is restored to be specifically included.
  • the block length of the APK signature block and the end of directory identifier structure restore the original APK file.
  • the signature information is copied from the APK signature block according to the ID identifier, and is deleted from the APK signature block, and the block length and the directory end identifier structure of the APK signature block of the APK file are modified correspondingly, and restored.
  • the original APK file which can verify the original APK file and guarantee the original AP.
  • the block length and the directory end identifier structure of the APK signature block of the modified APK file specifically include:
  • the block length of the APK signature block is subtracted from the size of the custom ID-value field, and the directory end position in the directory identifier structure is subtracted from the size of the custom ID-value field.
  • step S1 specifically includes:
  • generating signature information including the acquirer signature description information, the acquirer signature data, and the acquirer work public key certificate.
  • the terminal verifying the legality of the signature information and the original APK file in the step S4 specifically includes:
  • the terminal verifies the legality of the work function public key certificate of the acquirer in the signature information by using the acquirer root public key certificate generated by the corresponding manufacturer according to the public key;
  • the object signed by the acquiring institution is the original APK file
  • the acquiring institution public key certificate is uniformly generated by the acquiring institution, and the public key corresponding to the working institution public key certificate of the acquiring institution is distributed to Different vendors
  • different vendors' CA servers use the public key to generate the acquirer root public key certificate according to the respective certificate generation algorithm
  • the terminal uses the acquirer root public key certificate to verify the acquirer work public key in the signature information.
  • the validity of the certificate after the verification is passed, the public key issued by the acquirer is used for each check, to ensure the integrity of the signed APK file in the data transmission process and the legitimacy of the APK, and the acquirer is also targeting the terminal equipment of different manufacturers.
  • Simply maintaining a signed file and a set of signature implementation mechanisms greatly reduces the cost of maintaining the APK signature for the acquirer.
  • the installing, by the terminal, the original APK file in the step S4 includes:
  • the APK signature authentication method of the present invention does not affect the native authentication mechanism of the terminal operating system, and the terminal can successfully perform the native authentication mechanism and install the APK file that is not originally signed, and the compatibility is good. .
  • an APK signature authentication system 7 includes an acquirer 1 and a terminal 4.
  • the acquirer 1 includes a first memory 2, a first processor 3, and is stored in the first memory 2.
  • a first computer program running on the first processor 3, the terminal 4 includes a second memory 5, a second processor 6, and is stored on the second memory 5 and operable on the second processor 6.
  • a second computer program characterized in that
  • the first processor 3 executes the first computer program to implement the following steps:
  • the second processor 6 executes the second computer program to implement the following steps:
  • the beneficial effects of the present invention are: adding a custom ID-v alue field to the APK signature block, and inserting the signature information signed by the original APK file into the customized ID-value.
  • area Will not affect the original inspection mechanism signed terminal operating system, the system can be applied And rO above id7.0, good compatibility, wide applicability, and as long as the acquirer generate a signed APK file, it can be downloaded to pay On the terminal manufacturer equipment and other Android devices, the maintenance cost of the acquirer is reduced.
  • step S2 specifically includes:
  • APK signature block format a custom ID-value field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the APK signature of the original APK file is modified accordingly.
  • the block length and the directory end identification structure of the block generate the signed APK file.
  • a custom ID-valu e field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the original APK is modified accordingly.
  • V2 native format in line with the signed APK file format does not affect the sign of the native Android experience, so for more than id7.0 equipment And rO, can be properly installed.
  • the modifying the block length and the directory end identifier structure of the APK signature block of the original APK file specifically includes:
  • the block length of the APK signature block is added to the size of the custom ID-value field, and the directory offset position in the directory end identifier structure plus the size of the custom ID_value field.
  • the sign information is extracted in the step S3, and the original APK file is restored to be specifically included.
  • the block length of the APK signature block and the end of directory identifier structure restore the original APK file.
  • the signature information is copied from the APK signature block according to the ID identifier, and is extracted from the APK.
  • Delete the signature block modify the block length of the APK signature block of the APK file and the end of the directory identifier structure, and restore the original APK file, which can not only verify the original APK file, but also ensure that the original AP K file can be successfully executed at the terminal. Check the installation.
  • block length and the directory end identifier structure of the APK signature block of the modified APK file specifically include:
  • the block length of the APK signature block is subtracted from the size of the custom ID_value field, and the directory offset position in the directory end identifier structure is subtracted from the size of the custom ID-value field.
  • step S1 specifically includes:
  • verifying the legality of the signature information and the original APK file in the step S4 specifically includes:
  • the installing the original APK file in the step S4 includes:
  • the APK signature authentication system of the present invention does not affect the native authentication mechanism of the terminal operating system, and the terminal can smoothly perform the native authentication mechanism and install the APK file that is not originally signed, and the compatibility is good. .
  • FIG. 1 a method for authenticating an APK signature, including the steps:
  • the acquirer 1 invokes the encryption device to generate a first public private key pair and a second public private key pair, and the acquirer 1 performs a signature operation on the second public key by using the first private key to generate an acquirer work public key.
  • the certificate Acquirer WCRT distributes the first public key corresponding to the acquirer work public key certificate AcquirerWCRT to a CA server of a different vendor;
  • the acquiring institution 1 uses the original APK file and the acquiring institution signature description information as the signed data Sourc eData, and calculates a hash for the signed data SourceData to obtain a first hash value HASH1;
  • the acquiring institution 1 fills the first hash value HASH1 according to the signature filling manner of PKCS#1_V1.5, and obtains the filled data PAD_dat a;
  • the acquirer 1 acquires a second private key corresponding to the acquirer work public key certificate from the secure storage medium, and encrypts and signs the filled data by using the second private key to obtain an acquirer.
  • the acquirer signature description information, the acquirer signature data Signature, the acquirer work public key certificate AcquirerWCRT, and the signature file header are spliced together to generate the signature information of the acquirer, and the data format of the signature information is as shown in FIG.
  • the indication information of the acquiring institution is not fixed, and the signature data of the acquiring institution is described.
  • the length of the signature data of the acquiring institution is 256 bytes, which is the result of signing the original APK file, and the public key certificate of the acquiring institution is uncertain. Long, is the agency work public key certificate used for signature.
  • the signature file is not long, but does not exceed lk. It is used to identify the signature file type and the data offset and length of the signing data of the acquiring institution.
  • Signature data
  • a custom ID-value field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the APK signature of the original APK file is modified accordingly.
  • a block length and a directory end identifier structure of the block are added to a size of the custom ID-value field, and a directory offset position in the directory end identifier structure is added. Customize the size of the ID - value field to generate the signed APK file;
  • FIG. 4 is a diagram showing changes in the format of an APK file after the native signature of the APK file that is not originally signed and the signature of the acquirer;
  • the terminal 4 acquires the signed APK file, extracts the signature information, and restores the original AP K file.
  • the signature information is copied from the ID-value field customized in the APK signature block according to the ID identifier; the customized ID-value field is deleted from the APK signature block, and the APK file is modified accordingly.
  • APK block length and directory end identifier structure specifically, the block length of the APK signature block minus the size of the custom ID-value field, the directory offset position in the directory end identifier structure minus Define the ID—the size of the value field, and restore the original APK file;
  • the ID identifier of the APK native signature is fixed to 0x7109871a, in order to avoid conflict, it may be defined
  • the ID of the signature information is 0x71536966, and may be other values, as long as it does not conflict with the ID identifier of the native signature of the APK;
  • the validity of the verification of the signature information and the original APK file by the terminal 4 specifically includes:
  • the CA servers of different vendors generate the acquirer root public key certificate by using the first public key issued by the acquirer according to the respective certificate generation mechanism, and pre-install the acquirer root public key certificate in the respective vendors.
  • the terminal In the terminal;
  • the terminal 4 verifies the legality of the acquirer work public key certificate AcquirerWCRT in the signature information by using the acquirer root public key certificate;
  • the terminal 4 extracts the second public key using the acquirer work public key certificate AcquirerWCRT.
  • the terminal 4 calculates a hash of the receipt structure signature description information and the original APK file to obtain a second hash value HASH2;
  • the terminal 4 needs to process the natively signed APK file in the process of installing the original APK file.
  • the legality of the verification that is, the original verification process of the terminal 4, specifically includes:
  • an APK signature authentication system 7 includes an acquirer 1 and a terminal 4.
  • the acquirer 1 includes a first memory 2, a first processor 3, and is stored in the first memory 2.
  • a first computer program running on the first processor 3, the terminal 4 includes a second memory 5, a second processor 6, and is stored on the second memory 5 and operable on the second processor 6.
  • a second computer program characterized in that [0127]
  • the first processor 3 executes the first computer program to implement the following steps:
  • the acquirer 1 invokes the encryption device to generate a first public private key pair and a second public private key pair, and the acquirer 1 performs a signature operation on the second public key by using the first private key to generate an acquirer work public key.
  • the WCRT distributes the first public key corresponding to the acquirer work public key certificate AcquirerWCRT to a CA server of a different manufacturer;
  • the acquiring institution 1 uses the original APK file and the acquiring institution signature description information as the signed data Sourc eData, and calculates a hash for the signed data SourceData to obtain a first hash value HASH1;
  • the acquirer 1 fills the first hash value HASH1 according to the signature filling manner of PKCS#1_V1.5, and obtains the padded data PAD_dat a;
  • the acquiring institution 1 acquires a second private key corresponding to the acquiring institution work public key certificate from the secure storage medium, and encrypts and signs the filled data by using the second private key to obtain an acquiring institution.
  • the acquirer signature description information, the acquirer signature data Signature, the acquirer work public key certificate AcquirerWCRT, and the signature file header are spliced together to generate the signature information of the acquirer, and the data format of the signature information is as shown in FIG.
  • the indication information of the acquiring institution is not fixed, and the signature data of the acquiring institution is described.
  • the length of the signature data of the acquiring institution is 256 bytes, which is the result of signing the original APK file, and the public key certificate of the acquiring institution is uncertain. Long, is the agency work public key certificate used for signature.
  • the signature file is not long, but does not exceed lk. It is used to identify the signature file type and the data offset and length of the signing data of the acquiring institution.
  • Signature data ;
  • a custom ID-value field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the APK signature of the original APK file is modified accordingly.
  • a block length and a directory end identifier structure of the block are added to a size of the custom ID-value field, and a directory offset position in the directory end identifier structure is added. Customize the size of the ID - value field to generate the signed APK file;
  • FIG. 4 shows the native signature of the APK file that is not originally signed and the signature of the acquirer. After the change of the format of the APK file;
  • the second processor 6 executes the second computer program to implement the following steps:
  • the signature information is copied from the ID-value field customized in the APK signature block according to the ID identifier; the customized ID-value field is deleted from the APK signature block, and the APK file is modified accordingly.
  • APK block length and directory end identifier structure specifically, the block length of the APK signature block minus the size of the custom ID-value field, the directory offset position in the directory end identifier structure minus Define the ID—the size of the value field, and restore the original APK file;
  • the ID of the native signature of the APK is fixed to 0x7109871a.
  • the ID of the signature information may be defined as 0x71536966, or other values, as long as the ID of the native signature of the APK does not conflict with the identifier of the native signature of the APK. Yes;
  • verifying the legality of the signature information and the original APK file specifically includes:
  • the CA servers of different vendors generate the acquirer root public key certificate by using the first public key issued by the acquirer according to the respective certificate generation mechanism, and pre-install the acquirer root public key certificate in the respective vendors.
  • the terminal In the terminal;
  • the terminal 4 verifies the legality of the acquirer work public key certificate AcquirerWCRT in the signature information by using the acquirer root public key certificate;
  • the terminal 4 extracts the second public key using the acquirer work public key certificate AcquirerWCRT.
  • the terminal 4 calculates a hash of the receipt structure signature description information and the original APK file to obtain a second hash H.
  • the terminal 4 needs to process the natively signed APK file in the process of installing the original APK file.
  • the legality of the terminal is verified, that is, the original verification process of the terminal, which specifically includes:
  • the present invention provides an APK signature authentication method and system, adding a custom ID-value field to an APK signature block, and inserting signature information of the original APK file into the self.
  • ID-value field defined, without affecting the primary mechanism for inspection check terminal operating system, more systems id7.0, good compatibility, wide applicability, and to generate a long acquirer APK signed document can be applied and rO , can download to payment terminal manufacturer equipment and other Android devices, reducing the maintenance cost of the acquirer

Abstract

An APK signature authentication method and system. The method comprises: S1, signing an original APK file to generate signature information; S2, adding a self-defined ID-value field to an APK signature block, inserting the signature information into the self-defined ID-value field, and generating a signed APK file; S3, a terminal acquiring the signed APK file, extracting the signature information, and restoring the original APK file; and S4, the terminal verifying the legitimacy of the signature information and the original APK file, and after verification is passed, the terminal installing the original APK file. The method does not affect an original signature authentication mechanism of an operating system of a terminal, and can be applied to systems with Android 7.0 or higher. The system has good compatibility and wide applicability. An order receiving mechanism can be downloaded to a payment terminal manufacturer device and other Android devices as long as one signed APK file is generated, thereby reducing the maintenance cost of the order receiving mechanism.

Description

一种 APK签名认证方法及系统 技术领域  APK signature authentication method and system
[0001] 本发明涉及签名认证领域, 尤其涉及一种 APK签名认证方法及系统。  [0001] The present invention relates to the field of signature authentication, and in particular, to a method and system for authenticating an APK signature.
背景技术  Background technique
[0002] Android是 Google公司幵发的基于 Linux架构的幵源操作系统, 其上的安装程序 均为 APK (Android Package) 格式。 APK文件格式实际上为 zip压缩文件格式, 其主要分为三个部分, 分别为压缩的文件内容源数据, 压缩的目录源数据和目 录结束标识结构。  [0002] Android is a Linux-based source operating system issued by Google, and the installer on it is in the APK (Android Package) format. The APK file format is actually a zip compressed file format, which is mainly divided into three parts, namely compressed file content source data, compressed directory source data and directory end identifier structure.
[0003] 在金融支付领域, 一般是由收单机构采购支付终端厂商的智能终端设备, 在支 付终端上安装收单机构自己的程序, 安装程序为 APK格式。 收单机构会为所采 购厂商的支付终端设备维护已签名的 APK, 也可能需要将 APK安装到其他 Androi d设备中。  [0003] In the field of financial payment, generally, an acquirer purchases a smart terminal device of a payment terminal manufacturer, and installs an acquirer's own program on the payment terminal, and the installation program is an APK format. The acquirer maintains the signed APK for the purchaser's payment terminal device and may also need to install the APK into other Androi d devices.
[0004] 本发明的申请人在先已经递交过申请号为 201510780639.0的发明专利申请, 公 幵了一种 APK签名认证方法及其系统, 在 APK源文件的 META-INF目录下添加签 名信息, 此方案在 AndrOid7.0系统之前都可以正常运行, 但是从 AndrOid7.0系统 幵始, 引入一项新的应用签名方案 APK Signature Scheme v2, 即 APK V2格式原 生签名。 APK V2格式原生签名会对整个 APK数据进行签名验签, 不允许经过 V2 格式原生签名的 APK再插入文件到 META-INF目录。 因此, 上述方案并不适用 A ndrOid7.0以上的系统, 有必要对其进行改进, 以克服上述问题。 [0004] The applicant of the present invention has previously filed an invention patent application with the application number 201510780639.0, and discloses an APK signature authentication method and system thereof, and adds signature information to the META-INF directory of the APK source file. program can be run before And rO id7.0 system is normal, but from the beginning And rO id7.0 system Jian, the introduction of a new application signature scheme APK signature scheme v2, APK V2 format that is native signature. The native signature of the APK V2 format will sign the entire APK data, and the APK that was originally signed in the V2 format is not allowed to be inserted into the META-INF directory. Therefore, the above scheme does not apply to systems with A nd rO id 7.0 or higher, and it is necessary to improve them to overcome the above problems.
技术问题  technical problem
[0005] 本发明所要解决的技术问题是: 提供一种 APK签名认证方法及系统, 能够兼容 终端操作系统的 V2格式原生签名机制, 提高 APK签名认证的兼容性, 能够适应 不同版本的 Android系统。  [0005] The technical problem to be solved by the present invention is: Providing a method and system for authenticating an APK signature, which is compatible with the native signature mechanism of the V2 format of the terminal operating system, improves the compatibility of the APK signature authentication, and can adapt to different versions of the Android system.
问题的解决方案  Problem solution
技术解决方案  Technical solution
[0006] 为了解决上述技术问题, 本发明采用的一种技术方案为: [0007] 一种 APK签名认证方法, 包括步骤: [0006] In order to solve the above technical problem, a technical solution adopted by the present invention is: [0007] A method for authenticating an APK signature, comprising the steps of:
[0008] Sl、 对原始 APK文件进行签名, 生成签名信息;  [0008] Sl, signing the original APK file to generate signature information;
[0009] S2、 在 APK签名块添加一自定义的 ID-value域, 将所述签名信息插入所述自定 义的 ID- value域, 生成签名后的 APK文件;  [0009] S2, adding a custom ID-value field in the APK signature block, inserting the signature information into the customized ID-value field, and generating a signed APK file;
[0010] S3、 终端获取所述签名后的 APK文件, 提取出所述签名信息, 还原出原始 APK 文件; [0010] S3. The terminal acquires the signed APK file, extracts the signature information, and restores the original APK file.
[0011] S4、 终端验证所述签名信息和所述原始 APK文件的合法性, 验证通过后, 终端 安装所述原始 APK文件。  [0011] S4. The terminal verifies the legality of the signature information and the original APK file. After the verification is passed, the terminal installs the original APK file.
[0012] 为了解决上述技术问题, 本发明采用的另一种技术方案为: [0012] In order to solve the above technical problem, another technical solution adopted by the present invention is:
[0013] 一种 APK签名认证系统, 包括收单机构和终端, 所述收单机构包括第一存储器[0013] An APK signature authentication system, including an acquirer and a terminal, the acquirer including a first memory
、 第一处理器及存储在第一存储器上并可在第一处理器上运行的第一计算机程 序, 所述终端包括第二存储器、 第二处理器及存储在第二存储器上并可在第二 处理器上运行的第二计算机程序, a first processor and a first computer program stored on the first memory and operable on the first processor, the terminal comprising a second memory, a second processor, and being stored in the second memory and operable a second computer program running on the second processor,
[0014] 所述第一处理器执行所述第一计算机程序吋实现以下步骤: [0014] the first processor executes the first computer program to implement the following steps:
[0015] Sl、 对原始 APK文件进行签名, 生成签名信息; [0015] Sl, signing the original APK file to generate signature information;
[0016] S2、 在 APK签名块添加一自定义的 ID-value域, 将所述签名信息插入所述自定 义的 ID- value域, 生成签名后的 APK文件;  [0016] S2, adding a custom ID-value field in the APK signature block, inserting the signature information into the customized ID-value field, and generating a signed APK file;
[0017] 所述第二处理器执行所述第二计算机程序吋实现以下步骤: [0017] the second processor executes the second computer program to implement the following steps:
[0018] S3、 获取所述签名后的 APK文件, 提取出所述签名信息, 还原出原始 APK文件 [0018] S3. Obtain the signed APK file, extract the signature information, and restore the original APK file.
[0019] S4、 验证所述签名信息和所述原始 APK文件的合法性, 验证通过后, 安装所述 原始 APK文件。 [0019] S4. Verify the legality of the signature information and the original APK file, and after the verification is passed, install the original APK file.
发明的有益效果  Advantageous effects of the invention
有益效果  Beneficial effect
[0020] 本发明的有益效果在于: 在 APK签名块添加一自定义的 ID-value域, 将对原始 APK文件进行签名后的签名信息插入所述自定义的 ID-value域, 不会影响终端操 作系统的原生验签机制, 能够适用 AndrOid7.0以上的系统, 兼容性好, 适用性广 , 并且收单机构只要生成一个已签名的 APK文件, 就能够下载到支付终端厂商 设备及其他 Android设备上, 减少收单机构的维护成本。 [0020] The beneficial effects of the present invention are: adding a custom ID-value field in the APK signature block, and inserting the signature information signed by the original APK file into the customized ID-value field, without affecting the terminal. original inspection mechanisms to check the operating system, the system can be applied and rO above id7.0, good compatibility, wide applicability, and as long as the acquirer generate a signed APK file, it can be downloaded to the payment terminal manufacturers On the device and other Android devices, reduce the maintenance costs of the acquirer.
对附图的简要说明  Brief description of the drawing
附图说明  DRAWINGS
[0021] 图 1为本发明实施例的一种 APK签名认证方法的流程图;  1 is a flowchart of a method for authenticating an APK signature according to an embodiment of the present invention;
[0022] 图 2为本发明实施例的一种 APK签名认证系统的结构示意图; 2 is a schematic structural diagram of a APK signature authentication system according to an embodiment of the present invention;
[0023] 图 3为本发明实施例的签名信息的数据格式示意图; 3 is a schematic diagram of a data format of signature information according to an embodiment of the present invention;
[0024] 图 4为本发明实施例的 APK文件在原生签名 V2和机构签名之后的文件格式的示 意图;  4 is a schematic diagram of a file format of an APK file after a native signature V2 and an organization signature according to an embodiment of the present invention;
[0025] 标号说明: [0025] Description of the label:
[0026] 1、 收单机构; 2、 第一存储器; 3、 第一处理器;  [0026] 1, the acquiring institution; 2, the first memory; 3, the first processor;
4、 终端; 5、 第二存储器; 6、 第二处理器; 7、 APK签名认证系统。  4, the terminal; 5, the second memory; 6, the second processor; 7, APK signature authentication system.
具体实施方式 Detailed ways
[0027] 本发明最关键的构思在于: 在 APK签名块添加一自定义的 ID-value域, 将对原 始 APK文件进行签名后的签名信息插入所述自定义的 ID-value域, 不会影响终端 操作系统的原始验签机制。  [0027] The most critical idea of the present invention is: adding a custom ID-value field to the APK signature block, and inserting the signature information signed by the original APK file into the customized ID-value field without affecting The original check mechanism of the terminal operating system.
[0028] 请参照图 1, 一种 APK签名认证方法, 包括步骤:  [0028] Please refer to FIG. 1, a method for authenticating an APK signature, including the steps:
[0029] Sl、 对原始 APK文件进行签名, 生成签名信息;  [0029] Sl, signing the original APK file to generate signature information;
[0030] S2、 在 APK签名块添加一自定义的 ID-value域, 将所述签名信息插入所述自定 义的 ID- value域, 生成签名后的 APK文件;  [0030] S2, adding a custom ID-value field to the APK signature block, inserting the signature information into the customized ID-value field, and generating a signed APK file;
[0031] S3、 终端获取所述签名后的 APK文件, 提取出所述签名信息, 还原出原始 APK 文件; [0031] S3. The terminal acquires the signed APK file, extracts the signature information, and restores the original APK file.
[0032] S4、 终端验证所述签名信息和所述原始 APK文件的合法性, 验证通过后, 终端 安装所述原始 APK文件。  [0032] S4. The terminal verifies the legality of the signature information and the original APK file. After the verification is passed, the terminal installs the original APK file.
[0033] 由上述描述可知, 本发明的有益效果在于: 在 APK签名块添加一自定义的 ID-v alue域, 将对原始 APK文件进行签名后的签名信息插入所述自定义的 ID-value域 , 不会影响终端操作系统的原生验签机制, 能够适用 AndrOid7.0以上的系统, 兼 容性好, 适用性广, 并且收单机构只要生成一个已签名的 APK文件, 就能够下 载到支付终端厂商设备及其他 Android设备上, 减少收单机构的维护成本。 [0033] It can be seen from the above description that the beneficial effects of the present invention are: adding a custom ID-v alue field to the APK signature block, and inserting the signature information signed by the original APK file into the customized ID-value. APK file field, will not affect the original inspection mechanism signed terminal operating system, the system can be applied and rO above id7.0, good compatibility, wide applicability, and as long as the acquirer generates a signed, we can lower It is loaded on payment terminal manufacturer equipment and other Android devices to reduce the maintenance cost of the acquirer.
[0034] 进一步的, 所述步骤 S2具体包括: [0034] Further, the step S2 specifically includes:
[0035] 按照 APK签名块格式, 在 APK签名块添加一自定义的 ID-value域, 将所述签名 信息插入所述自定义的 ID-value域, 并相应修改所述原始 APK文件的 APK签名块 的块长度和目录结束标识结构, 生成签名后的 APK文件。  [0035] According to the APK signature block format, a custom ID-value field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the APK signature of the original APK file is modified accordingly. The block length and the directory end identification structure of the block generate the signed APK file.
[0036] 由上述描述可知, 按照 APK签名块格式, 在 APK签名块添加一自定义的 ID-valu e域, 将所述签名信息插入所述自定义的 ID-value域, 并相应修改原始 APK文件 的 APK签名块的块长度和目录结束标识结构, 生成签名后的 APK文件, 所述已 签名 APK文件与原始 APK文件相比, APK签名块只是增加了一个自定义的 ID-val ue域, 符合 V2格式原生签名的 APK文件格式, 对 Android原生验签并不影响, 所 以对于 AndrOid7.0以上的设备, 也可以正常安装。 [0036] According to the above description, according to the APK signature block format, a custom ID-valu e field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the original APK is modified accordingly. The block length of the APK signature block of the file and the end of directory identifier structure, the generated APK file is generated, and the signed APK file is compared with the original APK file, and the APK signature block only adds a custom ID-val ue field. V2 native format in line with the signed APK file format, does not affect the sign of the native Android experience, so for more than id7.0 equipment And rO, can be properly installed.
[0037] 进一步的, 所述修改所述原始 APK文件的 APK签名块的块长度和目录结束标识 结构具体包括:  [0037] Further, the block length and the directory end identifier structure of the APK signature block of the original APK file are modified to include:
[0038] 所述 APK签名块的块长度加上自定义 ID— value域的大小, 所述目录结束标识结 构中的目录偏移位置加上自定义 ID— value域的大小。  [0038] The block length of the APK signature block is added to the size of the custom ID_value field, and the directory offset position in the directory end identifier structure plus the size of the custom ID_value field.
[0039] 由上述描述可知, 由于并没有对 APK文件格式进行改变, 而只是在 APK签名块 中添加一符合 APK签名块格式的自定义的 ID-value, 在所述自定义的 ID-value添 加签名信息, 所以只是改变了 APK签名块的数据长度, 因此, 只需要适应性地 对 APK签名块的块长度和目录结束标识结构中的目录偏移位置进行修改, 改动 小, 操作方便快捷。 [0039] As can be seen from the above description, since the APK file format is not changed, but a custom ID-value conforming to the APK signature block format is added to the APK signature block, the custom ID-value is added. The signature information, so only the data length of the APK signature block is changed. Therefore, it is only necessary to adaptively modify the block length of the APK signature block and the directory offset position in the directory end identification structure, and the modification is small and the operation is convenient and fast.
[0040] 进一步的, 所述步骤 S3中提取出所述签名信息, 还原出原始 APK文件具体包括  [0040] Further, the sign information is extracted in the step S3, and the original APK file is restored to be specifically included.
[0041] 根据 ID标识从 APK签名块中自定义的 ID-value域拷贝出签名信息; [0041] copying the signature information from the ID-value field customized in the APK signature block according to the ID identifier;
[0042] 将所述自定义的 ID-value域从所述 APK签名块中刪除, 并相应修改 APK文件的 [0042] deleting the customized ID-value field from the APK signature block, and modifying the APK file accordingly
APK签名块的块长度和目录结束标识结构, 还原出原始 APK文件。 The block length of the APK signature block and the end of directory identifier structure restore the original APK file.
[0043] 由上述描述可知, 根据 ID标识从 APK签名块中拷贝出签名信息, 并将其从 APK 签名块中刪除, 相应修改 APK文件的 APK签名块的块长度和目录结束标识结构 , 还原出原始 APK文件, 既能够实现对原始 APK文件的验证, 也保证了原始 AP [0044] 进一步的, 所述修改 APK文件的 APK签名块的块长度和目录结束标识结构具体 包括: [0043] According to the above description, the signature information is copied from the APK signature block according to the ID identifier, and is deleted from the APK signature block, and the block length and the directory end identifier structure of the APK signature block of the APK file are modified correspondingly, and restored. The original APK file, which can verify the original APK file and guarantee the original AP. [0044] Further, the block length and the directory end identifier structure of the APK signature block of the modified APK file specifically include:
[0045] 所述 APK签名块的块长度减去自定义 ID - value域的大小, 所述目录结束标识结 构中的目录偏移位置减去自定义 ID - value域的大小。  [0045] The block length of the APK signature block is subtracted from the size of the custom ID-value field, and the directory end position in the directory identifier structure is subtracted from the size of the custom ID-value field.
[0046] 由上述描述可知, 由于只是改变了 APK签名块的数据大小, 所以在将签名信息 从相应的位置刪除后, 只需要改变 APK签名块的块长度和目录结束标识结构中 的目录偏移位置即可, 方便快捷。 [0046] As can be seen from the above description, since only the data size of the APK signature block is changed, after the signature information is deleted from the corresponding location, only the block length of the APK signature block and the directory offset in the directory end identifier structure need to be changed. The location is convenient and fast.
[0047] 进一步的, 所述步骤 S1具体包括: [0047] Further, the step S1 specifically includes:
[0048] 生成收单机构工作公钥证书, 将与所述收单机构工作公钥证书对应的公钥分发 至不同厂商;  [0048] generating an acquirer work public key certificate, and distributing the public key corresponding to the work mechanism public key certificate of the acquirer to different vendors;
[0049] 将原始 APK文件和收单机构签名描述信息一起作为被签名数据, 对所述被签名 数据计算哈希, 得到第一哈希值;  [0049] using the original APK file and the acquirer signature description information as the signed data, and calculating a hash on the signed data to obtain a first hash value;
[0050] 填充所述第一哈希值, 得到填充后的数据; [0050] filling the first hash value to obtain the padded data;
[0051] 获取与所述收单机构工作公钥证书对应的私钥, 并利用所述私钥对所述填充后 的数据进行签名, 得到收单机构签名数据;  [0051] acquiring a private key corresponding to the work mechanism public key certificate of the acquiring institution, and signing the filled data by using the private key to obtain the acquiring institution signature data;
[0052] 生成包含所述收单机构签名描述信息、 收单机构签名数据和收单机构工作公钥 证书的签名信息。 [0052] generating signature information including the acquirer signature description information, the acquirer signature data, and the acquirer work public key certificate.
[0053] 进一步的, 所述步骤 S4中终端验证所述签名信息和所述原始 APK文件的合法性 具体包括:  [0053] Further, the terminal verifying the legality of the signature information and the original APK file in the step S4 specifically includes:
[0054] 终端使用对应的厂商根据所述公钥生成的收单机构根公钥证书验证所述签名信 息中的收单机构工作公钥证书的合法性;  [0054] the terminal verifies the legality of the work function public key certificate of the acquirer in the signature information by using the acquirer root public key certificate generated by the corresponding manufacturer according to the public key;
[0055] 若验证通过, 则从所述收单机构工作公钥证书提取所述第二公钥, 使用所述第 二公钥解密所述收单机构签名数据, 获得第一哈希值; [0055] if the verification is passed, extracting the second public key from the acquiring institution working public key certificate, and decrypting the acquiring institution signature data by using the second public key to obtain a first hash value;
[0056] 对所述收单结构签名描述信息和原始 APK文件计算哈希, 得到第二哈希值; [0057] 判断所述第二哈希值与所述第一哈希值是否一致, 若一致, 则验证通过。 [0056] calculating a hash of the receipt structure signature description information and the original APK file to obtain a second hash value; [0057] determining whether the second hash value is consistent with the first hash value, If they are consistent, the verification is passed.
[0058] 由上述描述可知, 收单机构签名的对象为原始 APK文件, 通过收单机构统一生 成收单机构工作公钥证书, 将与所述收单机构工作公钥证书对应的公钥分发至 不同厂商, 不同厂商的 CA服务器根据各自的证书生成算法使用公钥生成收单机 构根公钥证书, 终端使用所述收单机构根公钥证书验证所述签名信息中的收单 机构工作公钥证书的合法性, 验证通过后, 利用收单机构统一分发的公钥进行 各自验签, 保证已签名 APK文件在数据传输过程的完整性和 APK合法性, 收单 机构针对不同厂商的终端设备也只需维护一个已签名的文件和一套签名实现机 制, 大大缩减了收单机构针对 APK签名的维护成本。 [0058] It can be seen from the above description that the object signed by the acquiring institution is the original APK file, and the acquiring institution public key certificate is uniformly generated by the acquiring institution, and the public key corresponding to the working institution public key certificate of the acquiring institution is distributed to Different vendors, different vendors' CA servers use the public key to generate the acquirer root public key certificate according to the respective certificate generation algorithm, and the terminal uses the acquirer root public key certificate to verify the acquirer work public key in the signature information. The validity of the certificate, after the verification is passed, the public key issued by the acquirer is used for each check, to ensure the integrity of the signed APK file in the data transmission process and the legitimacy of the APK, and the acquirer is also targeting the terminal equipment of different manufacturers. Simply maintaining a signed file and a set of signature implementation mechanisms greatly reduces the cost of maintaining the APK signature for the acquirer.
[0059] 进一步的, 所述步骤 S4中终端安装所述原始 APK文件包括: [0059] Further, the installing, by the terminal, the original APK file in the step S4 includes:
[0060] 从 APK签名块提取原生签名数据, 还原出未被原生签名的 APK文件; [0060] extracting native signature data from the APK signature block, and restoring the APK file that is not originally signed;
[0061] 验证所述原生签名数据和所述未被原生签名的 APK文件的合法性, 验证通过后[0061] verifying the legality of the native signature data and the APK file that is not originally signed, after verification
, 安装所述未被原生签名的 APK文件。 Install the APK file that is not natively signed.
[0062] 由上述描述可知, 采用本发明的 APK签名认证方法, 不会影响终端操作系统的 原生验签机制, 终端能够顺利进行原生验签机制并安装未被原生签名的 APK文 件, 兼容性好。 [0062] It can be seen from the above description that the APK signature authentication method of the present invention does not affect the native authentication mechanism of the terminal operating system, and the terminal can successfully perform the native authentication mechanism and install the APK file that is not originally signed, and the compatibility is good. .
[0063] 请参照图 2, 一种 APK签名认证系统 7, 包括收单机构 1和终端 4, 所述收单机构 1包括第一存储器 2、 第一处理器 3及存储在第一存储器 2上并可在第一处理器 3上 运行的第一计算机程序, 所述终端 4包括第二存储器 5、 第二处理器 6及存储在第 二存储器 5上并可在第二处理器 6上运行的第二计算机程序, 其特征在于,  Referring to FIG. 2, an APK signature authentication system 7 includes an acquirer 1 and a terminal 4. The acquirer 1 includes a first memory 2, a first processor 3, and is stored in the first memory 2. And a first computer program running on the first processor 3, the terminal 4 includes a second memory 5, a second processor 6, and is stored on the second memory 5 and operable on the second processor 6. a second computer program, characterized in that
[0064] 所述第一处理器 3执行所述第一计算机程序吋实现以下步骤:  [0064] The first processor 3 executes the first computer program to implement the following steps:
[0065] Sl、 对原始 APK文件进行签名, 生成签名信息;  [0065] Sl, signing the original APK file to generate signature information;
[0066] S2、 在 APK签名块添加一自定义的 ID-value域, 将所述签名信息插入所述自定 义的 ID- value域, 生成签名后的 APK文件;  [0066] S2, adding a custom ID-value field in the APK signature block, inserting the signature information into the customized ID-value field, and generating a signed APK file;
[0067] 所述第二处理器 6执行所述第二计算机程序吋实现以下步骤: [0067] The second processor 6 executes the second computer program to implement the following steps:
[0068] S3、 获取所述签名后的 APK文件, 提取出所述签名信息, 还原出原始 APK文件 [0068] S3. Obtain the signed APK file, extract the signature information, and restore the original APK file.
[0069] S4、 验证所述签名信息和所述原始 APK文件的合法性, 验证通过后, 安装所述 原始 APK文件。 [0069] S4. Verify the legality of the signature information and the original APK file, and after the verification is passed, install the original APK file.
[0070] 由上述描述可知, 本发明的有益效果在于: 在 APK签名块添加一自定义的 ID-v alue域, 将对原始 APK文件进行签名后的签名信息插入所述自定义的 ID-value域 , 不会影响终端操作系统的原生验签机制, 能够适用 AndrOid7.0以上的系统, 兼 容性好, 适用性广, 并且收单机构只要生成一个已签名的 APK文件, 就能够下 载到支付终端厂商设备及其他 Android设备上, 减少收单机构的维护成本。 [0070] It can be seen from the above description that the beneficial effects of the present invention are: adding a custom ID-v alue field to the APK signature block, and inserting the signature information signed by the original APK file into the customized ID-value. area Will not affect the original inspection mechanism signed terminal operating system, the system can be applied And rO above id7.0, good compatibility, wide applicability, and as long as the acquirer generate a signed APK file, it can be downloaded to pay On the terminal manufacturer equipment and other Android devices, the maintenance cost of the acquirer is reduced.
[0071] 进一步的, 所述步骤 S2具体包括: [0071] Further, the step S2 specifically includes:
[0072] 按照 APK签名块格式, 在 APK签名块添加一自定义的 ID-value域, 将所述签名 信息插入所述自定义的 ID-value域, 并相应修改所述原始 APK文件的 APK签名块 的块长度和目录结束标识结构, 生成签名后的 APK文件。  [0072] According to the APK signature block format, a custom ID-value field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the APK signature of the original APK file is modified accordingly. The block length and the directory end identification structure of the block generate the signed APK file.
[0073] 由上述描述可知, 按照 APK签名块格式, 在 APK签名块添加一自定义的 ID-valu e域, 将所述签名信息插入所述自定义的 ID-value域, 并相应修改原始 APK文件 的 APK签名块的块长度和目录结束标识结构, 生成签名后的 APK文件, 所述已 签名 APK文件与原始 APK文件相比, APK签名块只是增加了一个自定义的 ID-val ue域, 符合 V2格式原生签名的 APK文件格式, 对 Android原生验签并不影响, 所 以对于 AndrOid7.0以上的设备, 也可以正常安装。 [0073] According to the above description, according to the APK signature block format, a custom ID-valu e field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the original APK is modified accordingly. The block length of the APK signature block of the file and the end of directory identifier structure, the generated APK file is generated, and the signed APK file is compared with the original APK file, and the APK signature block only adds a custom ID-val ue field. V2 native format in line with the signed APK file format, does not affect the sign of the native Android experience, so for more than id7.0 equipment And rO, can be properly installed.
[0074] 进一步的, 所述修改所述原始 APK文件的 APK签名块的块长度和目录结束标识 结构具体包括:  [0074] Further, the modifying the block length and the directory end identifier structure of the APK signature block of the original APK file specifically includes:
[0075] 所述 APK签名块的块长度加上自定义 ID - value域的大小, 所述目录结束标识结 构中的目录偏移位置加上自定义 ID— value域的大小。  [0075] The block length of the APK signature block is added to the size of the custom ID-value field, and the directory offset position in the directory end identifier structure plus the size of the custom ID_value field.
[0076] 由上述描述可知, 由于并没有对 APK文件格式进行改变, 而只是在 APK签名块 中添加一符合 APK签名块格式的自定义的 ID-value, 在所述自定义的 ID-value添 加签名信息, 所以只是改变了 APK签名块的数据长度, 因此, 只需要适应性地 对 APK签名块的块长度和目录结束标识结构中的目录偏移位置进行修改, 改动 小, 操作方便快捷。 [0076] As can be seen from the above description, since the APK file format is not changed, only a custom ID-value conforming to the APK signature block format is added to the APK signature block, and the custom ID-value is added. The signature information, so only the data length of the APK signature block is changed. Therefore, it is only necessary to adaptively modify the block length of the APK signature block and the directory offset position in the directory end identification structure, and the modification is small and the operation is convenient and fast.
[0077] 进一步的, 所述步骤 S3中提取出所述签名信息, 还原出原始 APK文件具体包括  [0077] Further, the sign information is extracted in the step S3, and the original APK file is restored to be specifically included.
[0078] 根据 ID标识从 APK签名块中自定义的 ID-value域拷贝出签名信息; [0078] copying the signature information from the ID-value field customized in the APK signature block according to the ID identifier;
[0079] 将所述自定义的 ID-value域从所述 APK签名块中刪除, 并相应修改 APK文件的 [0079] deleting the customized ID-value field from the APK signature block, and modifying the APK file accordingly
APK签名块的块长度和目录结束标识结构, 还原出原始 APK文件。 The block length of the APK signature block and the end of directory identifier structure restore the original APK file.
[0080] 由上述描述可知, 根据 ID标识从 APK签名块中拷贝出签名信息, 并将其从 APK 签名块中刪除, 相应修改 APK文件的 APK签名块的块长度和目录结束标识结构 , 还原出原始 APK文件, 既能够实现对原始 APK文件的验证, 也保证了原始 AP K文件能够顺利在终端进行验签安装。 [0080] According to the above description, the signature information is copied from the APK signature block according to the ID identifier, and is extracted from the APK. Delete the signature block, modify the block length of the APK signature block of the APK file and the end of the directory identifier structure, and restore the original APK file, which can not only verify the original APK file, but also ensure that the original AP K file can be successfully executed at the terminal. Check the installation.
[0081] 进一步的, 所述修改 APK文件的 APK签名块的块长度和目录结束标识结构具体 包括: [0081] Further, the block length and the directory end identifier structure of the APK signature block of the modified APK file specifically include:
[0082] 所述 APK签名块的块长度减去自定义 ID— value域的大小, 所述目录结束标识结 构中的目录偏移位置减去自定义 ID - value域的大小。  [0082] The block length of the APK signature block is subtracted from the size of the custom ID_value field, and the directory offset position in the directory end identifier structure is subtracted from the size of the custom ID-value field.
[0083] 由上述描述可知, 由于只是改变了 APK签名块的数据大小, 所以在将签名信息 从相应的位置刪除后, 只需要改变 APK签名块的块长度和目录结束标识结构中 的目录偏移位置即可, 方便快捷。 [0083] As can be seen from the above description, since only the data size of the APK signature block is changed, after the signature information is deleted from the corresponding location, only the block length of the APK signature block and the directory offset in the directory end identifier structure need to be changed. The location is convenient and fast.
[0084] 进一步的, 所述步骤 S1具体包括: [0084] Further, the step S1 specifically includes:
[0085] 生成收单机构工作公钥证书, 将与所述收单机构工作公钥证书对应的公钥分发 至不同厂商;  [0085] generating an acquirer work public key certificate, and distributing the public key corresponding to the work mechanism public key certificate of the acquirer to different vendors;
[0086] 将原始 APK文件和收单机构签名描述信息一起作为被签名数据, 对所述被签名 数据计算哈希, 得到第一哈希值;  [0086] using the original APK file and the acquirer signature description information as the signed data, and calculating a hash on the signed data to obtain a first hash value;
[0087] 填充所述第一哈希值, 得到填充后的数据; [0087] filling the first hash value to obtain the padded data;
[0088] 获取与所述收单机构工作公钥证书对应的私钥, 并利用所述私钥对所述填充后 的数据进行签名, 得到收单机构签名数据;  Obtaining a private key corresponding to the work permit public key certificate of the hiring institution, and signing the filled data by using the private key to obtain the acquirer signature data;
[0089] 生成包含所述收单机构签名描述信息、 收单机构签名数据和收单机构工作公钥 证书的签名信息。 [0089] generating signature information including the acquirer signature description information, the acquirer signature data, and the acquirer work public key certificate.
[0090] 进一步的, 所述步骤 S4中验证所述签名信息和所述原始 APK文件的合法性具体 包括:  [0090] Further, verifying the legality of the signature information and the original APK file in the step S4 specifically includes:
[0091] 使用对应的厂商根据所述公钥生成的收单机构根公钥证书验证所述签名信息中 的收单机构工作公钥证书的合法性;  [0091] verifying the legality of the acquiring institution working public key certificate in the signature information by using the acquiring institution root public key certificate generated by the corresponding manufacturer according to the public key;
[0092] 若验证通过, 则从所述收单机构工作公钥证书提取所述第二公钥, 使用所述第 二公钥解密所述收单机构签名数据, 获得第一哈希值; [0092] if the verification is passed, extracting the second public key from the acquiring institution working public key certificate, and decrypting the acquiring institution signature data by using the second public key to obtain a first hash value;
[0093] 对所述收单结构签名描述信息和原始 APK文件计算哈希, 得到第二哈希值; [0094] 判断所述第二哈希值与所述第一哈希值是否一致, 若一致, 则验证通过。 [0095] 由上述描述可知, 收单机构签名的对象为原始 APK文件, 通过收单机构统一生 成收单机构工作公钥证书, 将与所述收单机构工作公钥证书对应的公钥分发至 不同厂商, 不同厂商的 CA服务器根据各自的证书生成算法使用公钥生成收单机 构根公钥证书, 终端使用所述收单机构根公钥证书验证所述签名信息中的收单 机构工作公钥证书的合法性, 验证通过后, 利用收单机构统一分发的公钥进行 各自验签, 保证已签名 APK文件在数据传输过程的完整性和 APK合法性, 收单 机构针对不同厂商的终端设备也只需维护一个已签名的文件和一套签名实现机 制, 大大缩减了收单机构针对 APK签名的维护成本。 [0093] calculating a hash of the receipt structure signature description information and the original APK file to obtain a second hash value; [0094] determining whether the second hash value is consistent with the first hash value, If they are consistent, the verification is passed. [0095] It can be seen from the above description that the object signed by the acquiring institution is the original APK file, and the acquiring institution public key certificate is uniformly generated by the acquiring institution, and the public key corresponding to the working institution public key certificate of the acquiring institution is distributed to Different vendors, different vendors' CA servers use the public key to generate the acquirer root public key certificate according to the respective certificate generation algorithm, and the terminal uses the acquirer root public key certificate to verify the acquirer work public key in the signature information. The validity of the certificate, after the verification is passed, the public key issued by the acquirer is used for each check, to ensure the integrity of the signed APK file in the data transmission process and the legitimacy of the APK, and the acquirer is also targeting the terminal equipment of different manufacturers. Simply maintaining a signed file and a set of signature implementation mechanisms greatly reduces the cost of maintaining the APK signature for the acquirer.
[0096] 进一步的, 所述步骤 S4中安装所述原始 APK文件包括: [0096] Further, the installing the original APK file in the step S4 includes:
[0097] 从 APK签名块提取原生签名数据, 还原出未被原生签名的 APK文件; [0097] extracting native signature data from the APK signature block, and restoring the APK file that is not originally signed;
[0098] 验证所述原生签名数据和所述未被原生签名的 APK文件的合法性, 验证通过后[0098] verifying the legality of the native signature data and the APK file that is not originally signed, after verification
, 安装所述未被原生签名的 APK文件。 Install the APK file that is not natively signed.
[0099] 由上述描述可知, 采用本发明的 APK签名认证系统, 不会影响终端操作系统的 原生验签机制, 终端能够顺利进行原生验签机制并安装未被原生签名的 APK文 件, 兼容性好。 [0099] It can be seen from the above description that the APK signature authentication system of the present invention does not affect the native authentication mechanism of the terminal operating system, and the terminal can smoothly perform the native authentication mechanism and install the APK file that is not originally signed, and the compatibility is good. .
[0100] 实施例一 Embodiment 1
[0101] 请参照图 1, 一种 APK签名认证方法, 包括步骤:  [0101] Please refer to FIG. 1, a method for authenticating an APK signature, including the steps:
[0102] Sl、 对原始 APK文件进行签名, 生成签名信息; [0102] Sl, signing the original APK file, and generating signature information;
[0103] 具体的, 收单机构 1调用加密设备生成第一公私钥对和第二公私钥对, 收单机 构 1使用第一私钥对第二公钥进行签名操作生成收单机构工作公钥证书 Acquirer WCRT, 将与所述收单机构工作公钥证书 AcquirerWCRT对应的第一公钥分发至 不同厂商的 CA服务器;  [0103] Specifically, the acquirer 1 invokes the encryption device to generate a first public private key pair and a second public private key pair, and the acquirer 1 performs a signature operation on the second public key by using the first private key to generate an acquirer work public key. The certificate Acquirer WCRT distributes the first public key corresponding to the acquirer work public key certificate AcquirerWCRT to a CA server of a different vendor;
[0104] 收单机构 1将原始 APK文件和收单机构签名描述信息一起作为被签名数据 Sourc eData, 对所述被签名数据 SourceData计算哈希, 得到第一哈希值 HASH1;  [0104] The acquiring institution 1 uses the original APK file and the acquiring institution signature description information as the signed data Sourc eData, and calculates a hash for the signed data SourceData to obtain a first hash value HASH1;
[0105] 收单机构 1将所述第一哈希值 HASH1按照 PKCS#1_V1.5的签名填充方式进行填 充, 获得填充后的数据 PAD_data; [0105] The acquiring institution 1 fills the first hash value HASH1 according to the signature filling manner of PKCS#1_V1.5, and obtains the filled data PAD_dat a;
[0106] 收单机构 1从安全存储介质中获取与收单机构工作公钥证书对应的第二私钥, 利用所述第二私钥对所述填充后的数据进行加密签名, 得到收单机构签名数据 Si gnature; [0106] The acquirer 1 acquires a second private key corresponding to the acquirer work public key certificate from the secure storage medium, and encrypts and signs the filled data by using the second private key to obtain an acquirer. Signature data Si Gnature;
[0107] 将收单机构签名描述信息、 收单机构签名数据 Signature 收单机构工作公钥证 书 AcquirerWCRT和签名文件头一起拼接生成收单机构的签名信息, 所述签名信 息的数据格式如图 3所示, 其中, 收单机构签名描述信息不定长, 对收单机构签 名数据进行描述, 收单机构签名数据长度为 256字节, 是对原始 APK文件签名的 结果, 收单机构工作公钥证书不定长, 是进行签名使用的机构工作公钥证书, 签名文件头不定长, 但不超过 lk, 用于标识签名文件类型和标识所述收单机构 签名数据的数据偏移和长度, 定位收单机构签名数据;  [0107] The acquirer signature description information, the acquirer signature data Signature, the acquirer work public key certificate AcquirerWCRT, and the signature file header are spliced together to generate the signature information of the acquirer, and the data format of the signature information is as shown in FIG. The indication information of the acquiring institution is not fixed, and the signature data of the acquiring institution is described. The length of the signature data of the acquiring institution is 256 bytes, which is the result of signing the original APK file, and the public key certificate of the acquiring institution is uncertain. Long, is the agency work public key certificate used for signature. The signature file is not long, but does not exceed lk. It is used to identify the signature file type and the data offset and length of the signing data of the acquiring institution. Signature data;
[0108] S2、 在 APK签名块添加一自定义的 ID-value域, 将所述签名信息插入所述自定 义的 ID- value域, 生成签名后的 APK文件;  [0108] S2, adding a custom ID-value field in the APK signature block, inserting the signature information into the customized ID-value field, and generating a signed APK file;
[0109] 按照 APK签名块格式, 在 APK签名块添加一自定义的 ID-value域, 将所述签名 信息插入所述自定义的 ID-value域, 并相应修改所述原始 APK文件的 APK签名块 的块长度和目录结束标识结构, 具体的, 所述 APK签名块的块长度加上所述自 定义 ID - value域的大小, 所述目录结束标识结构中的目录偏移位置加上所述自 定义 ID - value域的大小, 生成签名后的 APK文件;  [0109] According to the APK signature block format, a custom ID-value field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the APK signature of the original APK file is modified accordingly. a block length and a directory end identifier structure of the block. Specifically, a block length of the APK signature block is added to a size of the custom ID-value field, and a directory offset position in the directory end identifier structure is added. Customize the size of the ID - value field to generate the signed APK file;
[0110] 图 4所示的是对未被原生签名的 APK文件依次进行原生签名以及收单机构签名 后的 APK文件的格式的变化图;  [0110] FIG. 4 is a diagram showing changes in the format of an APK file after the native signature of the APK file that is not originally signed and the signature of the acquirer;
[0111] 从图 4可以看到, 收单机构对原生签名 V2后的 APK文件进行签名后并未改变原 生签名 APK文件的结构, 禾 了 APK签名块中的自定义的 ID-value域来插入签名 f π息;  [0111] As can be seen from FIG. 4, after the acquiring institution signs the APK file after the native signature V2, the structure of the native signature APK file is not changed, and the custom ID-value field in the APK signature block is inserted. Signature f π息;
[0112] S3、 终端 4获取所述签名后的 APK文件, 提取出所述签名信息, 还原出原始 AP K文件;  [0112] S3. The terminal 4 acquires the signed APK file, extracts the signature information, and restores the original AP K file.
[0113] 具体的, 根据 ID标识从 APK签名块中自定义的 ID-value域拷贝出签名信息; 将 所述自定义的 ID-value域从所述 APK签名块中刪除, 并相应修改 APK文件的 APK 签名块的块长度和目录结束标识结构, 具体的, 所述 APK签名块的块长度减去 自定义 ID - value域的大小, 所述目录结束标识结构中的目录偏移位置减去自定 义 ID— value域的大小, 还原出原始 APK文件;  [0113] Specifically, the signature information is copied from the ID-value field customized in the APK signature block according to the ID identifier; the customized ID-value field is deleted from the APK signature block, and the APK file is modified accordingly. APK block length and directory end identifier structure, specifically, the block length of the APK signature block minus the size of the custom ID-value field, the directory offset position in the directory end identifier structure minus Define the ID—the size of the value field, and restore the original APK file;
[0114] 其中, APK原生签名的 ID标识固定为 0x7109871a, 为避免与之冲突, 可以定义 所述签名信息的 ID标识为 0x71536966, 也可以是其它值, 只要不与 APK原生签 名的 ID标识冲突就可以; [0114] wherein the ID identifier of the APK native signature is fixed to 0x7109871a, in order to avoid conflict, it may be defined The ID of the signature information is 0x71536966, and may be other values, as long as it does not conflict with the ID identifier of the native signature of the APK;
[0115] S4、 终端验 4证所述签名信息和所述原始 APK文件的合法性, 验证通过后, 终 端安装所述原始 APK文件。 [0115] S4. The terminal verifies the legality of the signature information and the original APK file. After the verification is passed, the terminal installs the original APK file.
[0116] 其中, 终端 4验证所述签名信息和所述原始 APK文件的合法性具体包括: [0116] The validity of the verification of the signature information and the original APK file by the terminal 4 specifically includes:
[0117] 不同厂商的 CA服务器根据各自的证书生成机制使用收单机构下发的第一公钥 生成收单机构根公钥证书, 并将所述收单机构根公钥证书预装在厂商各自的终 端中; [0117] The CA servers of different vendors generate the acquirer root public key certificate by using the first public key issued by the acquirer according to the respective certificate generation mechanism, and pre-install the acquirer root public key certificate in the respective vendors. In the terminal;
[0118] 终端 4使用所述收单机构根公钥证书验证所述签名信息中的收单机构工作公钥 证书 AcquirerWCRT的合法性;  [0118] The terminal 4 verifies the legality of the acquirer work public key certificate AcquirerWCRT in the signature information by using the acquirer root public key certificate;
[0119] 若验证通过, 则终端 4使用收单机构工作公钥证书 AcquirerWCRT提取第二公钥[0119] If the verification is passed, the terminal 4 extracts the second public key using the acquirer work public key certificate AcquirerWCRT.
, 使用所述第二公钥解密所述收单机构签名数据, 获得第一哈希值 HASH1 ; Decrypting the acquiring institution signature data by using the second public key to obtain a first hash value HASH1;
[0120] 终端 4对所述收单结构签名描述信息和原始 APK文件计算哈希, 得到第二哈希 值 HASH2; [0120] The terminal 4 calculates a hash of the receipt structure signature description information and the original APK file to obtain a second hash value HASH2;
[0121] 判断所述第二哈希值与所述第一哈希值是否一致, 若一致, 则证明终端 4所获 取的签名后的 APK文件合法, 未被篡改, 厂商设备对签名后 APK文件的验证通 过, 允许终端安装所述原始 APK文件;  Determining whether the second hash value is consistent with the first hash value. If they are consistent, it is proved that the signed APK file obtained by the terminal 4 is legal and has not been tampered with, and the vendor device has signed the APK file. Passing the verification, allowing the terminal to install the original APK file;
[0122] 由于所述原始 APK文件是经过原生验签后的 APK文件, 因此, 终端 4在安装所 述原始 APK文件的过程中, 终端 4的操作系统也需要对所述原生签名后的 APK文 件的合法性进行验证, 即终端 4的原生验签过程, 具体包括:  [0122] Since the original APK file is an APK file after the original check, the terminal 4 needs to process the natively signed APK file in the process of installing the original APK file. The legality of the verification, that is, the original verification process of the terminal 4, specifically includes:
[0123] 从 APK签名块提取原生签名数据, 还原出未被原生签名的 APK文件;  [0123] extracting native signature data from the APK signature block, and restoring the APK file that is not originally signed;
[0124] 验证所述原生签名数据和所述未被原生签名的 APK文件的合法性, 验证通过后 , 安装所述未被原生签名的 APK文件。  [0124] verifying the legality of the native signature data and the APK file that is not originally signed, and after the verification is passed, installing the APK file that is not originally signed.
[0125] 实施例二  Embodiment 2
[0126] 请参照图 2, 一种 APK签名认证系统 7, 包括收单机构 1和终端 4, 所述收单机构 1包括第一存储器 2、 第一处理器 3及存储在第一存储器 2上并可在第一处理器 3上 运行的第一计算机程序, 所述终端 4包括第二存储器 5、 第二处理器 6及存储在第 二存储器 5上并可在第二处理器 6上运行的第二计算机程序, 其特征在于, [0127] 所述第一处理器 3执行所述第一计算机程序吋实现以下步骤: [0126] Please refer to FIG. 2, an APK signature authentication system 7 includes an acquirer 1 and a terminal 4. The acquirer 1 includes a first memory 2, a first processor 3, and is stored in the first memory 2. And a first computer program running on the first processor 3, the terminal 4 includes a second memory 5, a second processor 6, and is stored on the second memory 5 and operable on the second processor 6. a second computer program, characterized in that [0127] The first processor 3 executes the first computer program to implement the following steps:
[0128] Sl、 对原始 APK文件进行签名, 生成签名信息; [0128] Sl, signing the original APK file, and generating signature information;
[0129] 具体的, 收单机构 1调用加密设备生成第一公私钥对和第二公私钥对, 收单机 构 1使用第一私钥对第二公钥进行签名操作生成收单机构工作公钥证书 Acquirer [0129] Specifically, the acquirer 1 invokes the encryption device to generate a first public private key pair and a second public private key pair, and the acquirer 1 performs a signature operation on the second public key by using the first private key to generate an acquirer work public key. Certificate Acquirer
WCRT, 将与所述收单机构工作公钥证书 AcquirerWCRT对应的第一公钥分发至 不同厂商的 CA服务器; The WCRT distributes the first public key corresponding to the acquirer work public key certificate AcquirerWCRT to a CA server of a different manufacturer;
[0130] 收单机构 1将原始 APK文件和收单机构签名描述信息一起作为被签名数据 Sourc eData, 对所述被签名数据 SourceData计算哈希, 得到第一哈希值 HASH1; [0130] The acquiring institution 1 uses the original APK file and the acquiring institution signature description information as the signed data Sourc eData, and calculates a hash for the signed data SourceData to obtain a first hash value HASH1;
[0131] 收单机构 1将所述第一哈希值 HASH1按照 PKCS#1_V1.5的签名填充方式进行填 充, 获得填充后的数据 PAD_data; [0131] The acquirer 1 fills the first hash value HASH1 according to the signature filling manner of PKCS#1_V1.5, and obtains the padded data PAD_dat a;
[0132] 收单机构 1从安全存储介质中获取与收单机构工作公钥证书对应的第二私钥, 利用所述第二私钥对所述填充后的数据进行加密签名, 得到收单机构签名数据 Si gnature; [0132] The acquiring institution 1 acquires a second private key corresponding to the acquiring institution work public key certificate from the secure storage medium, and encrypts and signs the filled data by using the second private key to obtain an acquiring institution. Signature data Si gnature;
[0133] 将收单机构签名描述信息、 收单机构签名数据 Signature 收单机构工作公钥证 书 AcquirerWCRT和签名文件头一起拼接生成收单机构的签名信息, 所述签名信 息的数据格式如图 3所示, 其中, 收单机构签名描述信息不定长, 对收单机构签 名数据进行描述, 收单机构签名数据长度为 256字节, 是对原始 APK文件签名的 结果, 收单机构工作公钥证书不定长, 是进行签名使用的机构工作公钥证书, 签名文件头不定长, 但不超过 lk, 用于标识签名文件类型和标识所述收单机构 签名数据的数据偏移和长度, 定位收单机构签名数据;  [0133] The acquirer signature description information, the acquirer signature data Signature, the acquirer work public key certificate AcquirerWCRT, and the signature file header are spliced together to generate the signature information of the acquirer, and the data format of the signature information is as shown in FIG. The indication information of the acquiring institution is not fixed, and the signature data of the acquiring institution is described. The length of the signature data of the acquiring institution is 256 bytes, which is the result of signing the original APK file, and the public key certificate of the acquiring institution is uncertain. Long, is the agency work public key certificate used for signature. The signature file is not long, but does not exceed lk. It is used to identify the signature file type and the data offset and length of the signing data of the acquiring institution. Signature data;
[0134] S2、 在 APK签名块添加一自定义的 ID-value域, 将所述签名信息插入所述自定 义的 ID- value域, 生成签名后的 APK文件;  [0134] S2, adding a custom ID-value field to the APK signature block, inserting the signature information into the customized ID-value field, and generating the signed APK file;
[0135] 按照 APK签名块格式, 在 APK签名块添加一自定义的 ID-value域, 将所述签名 信息插入所述自定义的 ID-value域, 并相应修改所述原始 APK文件的 APK签名块 的块长度和目录结束标识结构, 具体的, 所述 APK签名块的块长度加上所述自 定义 ID - value域的大小, 所述目录结束标识结构中的目录偏移位置加上所述自 定义 ID - value域的大小, 生成签名后的 APK文件;  [0135] According to the APK signature block format, a custom ID-value field is added to the APK signature block, the signature information is inserted into the customized ID-value field, and the APK signature of the original APK file is modified accordingly. a block length and a directory end identifier structure of the block. Specifically, a block length of the APK signature block is added to a size of the custom ID-value field, and a directory offset position in the directory end identifier structure is added. Customize the size of the ID - value field to generate the signed APK file;
[0136] 图 4所示的是对未被原生签名的 APK文件依次进行原生签名以及收单机构签名 后的 APK文件的格式的变化图; [0136] FIG. 4 shows the native signature of the APK file that is not originally signed and the signature of the acquirer. After the change of the format of the APK file;
[0137] 从图 4可以看到, 收单机构 1对原生签名 V2后的 APK文件进行签名后并未改变原 生签名 APK文件的结构, 禾 了 APK签名块中的自定义的 ID-value域来插入签名 f π息; [0137] As can be seen from FIG. 4, after the acquirer 1 signs the APK file after the native signature V2, the structure of the native signature APK file is not changed, and the custom ID-value field in the APK signature block is used. Insert the signature f π;
[0138] 所述第二处理器 6执行所述第二计算机程序吋实现以下步骤:  [0138] The second processor 6 executes the second computer program to implement the following steps:
[0139] S3、 获取所述签名后的 APK文件, 提取出所述签名信息, 还原出原始 APK文件  [0139] S3. Obtain the signed APK file, extract the signature information, and restore the original APK file.
[0140] 具体的, 根据 ID标识从 APK签名块中自定义的 ID-value域拷贝出签名信息; 将 所述自定义的 ID-value域从所述 APK签名块中刪除, 并相应修改 APK文件的 APK 签名块的块长度和目录结束标识结构, 具体的, 所述 APK签名块的块长度减去 自定义 ID - value域的大小, 所述目录结束标识结构中的目录偏移位置减去自定 义 ID— value域的大小, 还原出原始 APK文件; [0140] Specifically, the signature information is copied from the ID-value field customized in the APK signature block according to the ID identifier; the customized ID-value field is deleted from the APK signature block, and the APK file is modified accordingly. APK block length and directory end identifier structure, specifically, the block length of the APK signature block minus the size of the custom ID-value field, the directory offset position in the directory end identifier structure minus Define the ID—the size of the value field, and restore the original APK file;
[0141] 其中, APK原生签名的 ID标识固定为 0x7109871a, 为避免与之冲突, 可以定义 所述签名信息的 ID标识为 0x71536966, 也可以是其它值, 只要不与 APK原生签 名的 ID标识冲突就可以;  [0141] wherein the ID of the native signature of the APK is fixed to 0x7109871a. To avoid conflict, the ID of the signature information may be defined as 0x71536966, or other values, as long as the ID of the native signature of the APK does not conflict with the identifier of the native signature of the APK. Yes;
[0142] S4、 验证所述签名信息和所述原始 APK文件的合法性, 验证通过后, 安装所述 原始 APK文件;  [0142] S4. Verify the legality of the signature information and the original APK file, and after the verification is passed, install the original APK file;
[0143] 其中, 验证所述签名信息和所述原始 APK文件的合法性具体包括:  [0143] wherein verifying the legality of the signature information and the original APK file specifically includes:
[0144] 不同厂商的 CA服务器根据各自的证书生成机制使用收单机构下发的第一公钥 生成收单机构根公钥证书, 并将所述收单机构根公钥证书预装在厂商各自的终 端中;  [0144] The CA servers of different vendors generate the acquirer root public key certificate by using the first public key issued by the acquirer according to the respective certificate generation mechanism, and pre-install the acquirer root public key certificate in the respective vendors. In the terminal;
[0145] 终端 4使用所述收单机构根公钥证书验证所述签名信息中的收单机构工作公钥 证书 AcquirerWCRT的合法性;  [0145] the terminal 4 verifies the legality of the acquirer work public key certificate AcquirerWCRT in the signature information by using the acquirer root public key certificate;
[0146] 若验证通过, 则终端 4使用收单机构工作公钥证书 AcquirerWCRT提取第二公钥[0146] If the verification is passed, the terminal 4 extracts the second public key using the acquirer work public key certificate AcquirerWCRT.
, 使用所述第二公钥解密所述收单机构签名数据, 获得第一哈希值 HASH1 ; Decrypting the acquiring institution signature data by using the second public key to obtain a first hash value HASH1;
[0147] 终端 4对所述收单结构签名描述信息和原始 APK文件计算哈希, 得到第二哈希 H[0147] The terminal 4 calculates a hash of the receipt structure signature description information and the original APK file to obtain a second hash H.
ASH2; ASH2;
[0148] 判断所述第二哈希值与所述第一哈希值是否一致, 若一致, 则证明终端 4所获 取的签名后的 APK文件合法, 未被篡改, 厂商设备对签名后 APK文件的验证通 过, 允许终端 4安装所述原始 APK文件; [0148] determining whether the second hash value is consistent with the first hash value, and if yes, proving that the terminal 4 obtains The signed APK file is legal and has not been tampered with. The vendor device passes the verification of the signed APK file, allowing the terminal 4 to install the original APK file.
[0149] 由于所述原始 APK文件是经过原生验签后的 APK文件, 因此, 终端 4在安装所 述原始 APK文件的过程中, 终端 4的操作系统也需要对所述原生签名后的 APK文 件的合法性进行验证, 即终端的原生验签过程, 具体包括:  [0149] Since the original APK file is an APK file after the original check, the terminal 4 needs to process the natively signed APK file in the process of installing the original APK file. The legality of the terminal is verified, that is, the original verification process of the terminal, which specifically includes:
[0150] 从 APK签名块提取原生签名数据, 还原出未被原生签名的 APK文件;  [0150] extracting native signature data from the APK signature block, and restoring the APK file that is not originally signed;
[0151] 验证所述原生签名数据和所述未被原生签名的 APK文件的合法性, 验证通过后 , 安装所述未被原生签名的 APK文件。  [0151] verifying the legality of the native signature data and the APK file that is not originally signed, and after the verification is passed, installing the APK file that is not originally signed.
[0152] 综上所述, 本发明提供的一种 APK签名认证方法及系统, 在 APK签名块添加一 自定义的 ID-value域, 将对原始 APK文件进行签名后的签名信息插入所述自定义 的 ID-value域, 不会影响终端操作系统的原生验签机制, 能够适用 AndrOid7.0以 上的系统, 兼容性好, 适用性广, 并且收单机构只要生成一个已签名的 APK文 件, 就能够下载到支付终端厂商设备及其他 Android设备上, 减少收单机构的维 护成本 [0152] In summary, the present invention provides an APK signature authentication method and system, adding a custom ID-value field to an APK signature block, and inserting signature information of the original APK file into the self. ID-value field defined, without affecting the primary mechanism for inspection check terminal operating system, more systems id7.0, good compatibility, wide applicability, and to generate a long acquirer APK signed document can be applied and rO , can download to payment terminal manufacturer equipment and other Android devices, reducing the maintenance cost of the acquirer

Claims

权利要求书 Claim
[权利要求 1] 一种 APK签名认证方法, 其特征在于, 包括步骤:  [Claim 1] A method for authenticating an APK signature, comprising the steps of:
51、 对原始 APK文件进行签名, 生成签名信息;  51. Sign the original APK file to generate signature information;
52、 在 APK签名块添加一自定义的 ID-value域, 将所述签名信息插入 所述自定义的 ID-value域, 生成签名后的 APK文件; 52. Add a custom ID-value field to the APK signature block, insert the signature information into the customized ID-value field, and generate a signed APK file;
53、 终端获取所述签名后的 APK文件, 提取出所述签名信息, 还原出 原始 APK文件; 53. The terminal acquires the signed APK file, extracts the signature information, and restores the original APK file.
54、 终端验证所述签名信息和所述原始 APK文件的合法性, 验证通过 后, 终端安装所述原始 APK文件。  54. The terminal verifies the legality of the signature information and the original APK file, and after the verification is passed, the terminal installs the original APK file.
[权利要求 2] 根据权利要求 1所述的 APK签名认证方法, 其特征在于,  [Claim 2] The APK signature authentication method according to claim 1, wherein
所述步骤 S2具体包括:  The step S2 specifically includes:
按照 APK签名块格式, 在 APK签名块添加一自定义的 ID-value域, 将 所述签名信息插入所述自定义的 ID-value域, 并相应修改所述原始 AP K文件的 APK签名块的块长度和目录结束标识结构, 生成签名后的 AP K文件。  Adding a custom ID-value field to the APK signature block according to the APK signature block format, inserting the signature information into the customized ID-value field, and modifying the APK signature block of the original AP K file accordingly. The block length and directory end identification structure, the generated AP K file is generated.
[权利要求 3] 根据权利要求 2所述的 APK签名认证方法, 其特征在于,  [Claim 3] The APK signature authentication method according to claim 2, wherein
所述修改所述原始 APK文件的 APK签名块的块长度和目录结束标识结 构具体包括:  The block length and the directory end identifier structure of the APK signature block of the original APK file are modified to include:
所述 APK签名块的块长度加上所述自定义 ID— value域的大小, 所述 目录结束标识结构中的目录偏移位置加上所述自定义 ID - value域的 大小。  The block length of the APK signature block is added to the size of the custom ID_value field, and the directory offset position in the directory end identifier structure is added to the size of the custom ID-value field.
[权利要求 4] 根据权利要求 1所述的 APK签名认证方法, 其特征在于,  [Claim 4] The APK signature authentication method according to claim 1, wherein
所述步骤 S3中提取出所述签名信息, 还原出原始 APK文件具体包括: 根据 ID标识从 APK签名块中自定义的 ID- value域拷贝出签名信息; 将所述自定义的 ID-value域从所述 APK签名块中刪除, 并相应修改 AP K文件的 APK签名块的块长度和目录结束标识结构, 还原出原始 APK 文件。  The step of extracting the signature information in the step S3, the restoring the original APK file specifically includes: copying the signature information from the ID-value field customized in the APK signature block according to the ID identifier; and using the customized ID-value field The block is deleted from the APK signature block, and the block length and the directory end identifier structure of the APK signature block of the AP K file are modified correspondingly, and the original APK file is restored.
[权利要求 5] 根据权利要求 4所述的 APK签名认证方法, 其特征在于, 所述修改 APK文件的 APK签名块的块长度和目录结束标识结构具体包 括: [Attachment 5] The APK signature authentication method according to claim 4, wherein The block length and the directory end identifier structure of the APK signature block of the modified APK file specifically include:
所述 APK签名块的块长度减去所述自定义 ID - value域的大小, 所述 目录结束标识结构中的目录偏移位置减去所述自定义 ID - value域的 大小。  The block length of the APK signature block is subtracted from the size of the custom ID-value field, and the directory end identifier structure is offset from the directory size of the custom ID-value field.
[权利要求 6] 根据权利要求 1所述的 APK签名认证方法, 其特征在于,  [Claim 6] The APK signature authentication method according to claim 1, wherein
所述步骤 S1具体包括:  The step S1 specifically includes:
生成收单机构工作公钥证书, 将与所述收单机构工作公钥证书对应的 公钥分发至不同厂商;  Generating an acquirer work public key certificate, and distributing the public key corresponding to the work order public key certificate of the acquirer to different vendors;
将原始 APK文件和收单机构签名描述信息一起作为被签名数据, 对所 述被签名数据计算哈希, 得到第一哈希值;  Combining the original APK file and the acquirer signature description information as the signed data, and calculating a hash on the signed data to obtain a first hash value;
填充所述第一哈希值, 得到填充后的数据;  Filling the first hash value to obtain the padded data;
获取与所述收单机构工作公钥证书对应的私钥, 并利用所述私钥对所 述填充后的数据进行签名, 得到收单机构签名数据;  Obtaining a private key corresponding to the working institution public key certificate of the acquiring institution, and signing the filled data by using the private key to obtain the acquiring institution signature data;
生成包含所述收单机构签名描述信息、 收单机构签名数据和收单机构 工作公钥证书的签名信息。  Signature information including the acquirer signature description information, the acquirer signature data, and the acquirer work public key certificate is generated.
[权利要求 7] 根据权利要求 6所述的 APK签名认证方法, 其特征在于, [Attachment 7] The APK signature authentication method according to claim 6, wherein
所述步骤 S4中终端验证所述签名信息和所述原始 APK文件的合法性具 体包括:  The legality of the terminal verifying the signature information and the original APK file in the step S4 includes:
终端使用对应的厂商根据所述公钥生成的收单机构根公钥证书验证所 述签名信息中的收单机构工作公钥证书的合法性; 若验证通过, 则从所述收单机构工作公钥证书提取所述第二公钥, 使 用所述第二公钥解密所述收单机构签名数据, 获得第一哈希值; 对所述收单结构签名描述信息和原始 APK文件计算哈希, 得到第二哈 希值;  The terminal verifies the legality of the work function public key certificate of the acquirer in the signature information by using the acquirer root public key certificate generated by the corresponding manufacturer according to the public key; if the verification is passed, the work is performed from the acquirer The key certificate extracts the second public key, decrypts the acquirer signature data by using the second public key, and obtains a first hash value; and calculates a hash for the receipt structure signature description information and the original APK file, Obtaining a second hash value;
判断所述第二哈希值与所述第一哈希值是否一致, 若一致, 则验证通 过。  It is determined whether the second hash value is consistent with the first hash value, and if they are consistent, the verification is passed.
[权利要求 8] 根据权利要求 6所述的 APK签名认证方法, 其特征在于, 所述步骤 S4中终端安装所述原始 APK文件包括: [Attachment 8] The APK signature authentication method according to claim 6, wherein The installing the original APK file by the terminal in the step S4 includes:
从 APK签名块提取原生签名数据, 还原出未被原生签名的 APK文件; 验证所述原生签名数据和所述未被原生签名的 APK文件的合法性, 验 证通过后, 安装所述未被原生签名的 APK文件。  Extracting the native signature data from the APK signature block, restoring the APK file that is not originally signed; verifying the legality of the native signature data and the APK file not originally signed, after the verification is passed, installing the unsigned signature APK file.
[权利要求 9] 9.一种 APK签名认证系统, 包括收单机构和终端, 所述收单机构包括 第一存储器、 第一处理器及存储在第一存储器上并可在第一处理器上 运行的第一计算机程序, 所述终端包括第二存储器、 第二处理器及存 储在第二存储器上并可在第二处理器上运行的第二计算机程序, 其特 征在于, [Claim 9] An APK signature authentication system, comprising an acquirer and a terminal, the acquirer comprising a first memory, a first processor, and being stored on the first memory and on the first processor a first computer program running, the terminal comprising a second memory, a second processor, and a second computer program stored on the second memory and operable on the second processor, wherein
所述第一处理器执行所述第一计算机程序吋实现以下步骤:  The first processor executes the first computer program to implement the following steps:
51、 对原始 APK文件进行签名, 生成签名信息;  51. Sign the original APK file to generate signature information;
52、 在 APK签名块添加一自定义的 ID-value域, 将所述签名信息插入 所述自定义的 ID-value域, 生成签名后的 APK文件; 所述第二处理器执行所述第二计算机程序吋实现以下步骤:  52. Add a custom ID-value field to the APK signature block, insert the signature information into the customized ID-value field, and generate a signed APK file; the second processor executes the second The computer program implements the following steps:
53、 获取所述签名后的 APK文件, 提取出所述签名信息, 还原出原始 APK文件;  53. Obtain the signed APK file, extract the signature information, and restore the original APK file;
54、 验证所述签名信息和所述原始 APK文件的合法性, 验证通过后, 安装所述原始 APK文件。  54. Verify the legality of the signature information and the original APK file, and after the verification is passed, install the original APK file.
[权利要求 10] 根据权利要求 9所述的 APK签名认证系统, 其特征在于,  [Claim 10] The APK signature authentication system according to claim 9, wherein
所述步骤 S2具体包括:  The step S2 specifically includes:
按照 APK签名块格式, 在 APK签名块添加一自定义的 ID-value域, 将 所述签名信息插入所述自定义的 ID-value域, 并相应修改所述原始 AP K文件的 APK签名块的块长度和目录结束标识结构, 生成签名后的 AP K文件。  Adding a custom ID-value field to the APK signature block according to the APK signature block format, inserting the signature information into the customized ID-value field, and modifying the APK signature block of the original AP K file accordingly. The block length and directory end identification structure, the generated AP K file is generated.
[权利要求 11] 根据权利要求 10所述的 APK签名认证系统, 其特征在于,  [Claim 11] The APK signature authentication system according to claim 10, wherein
所述修改所述原始 APK文件的 APK签名块的块长度和目录结束标识结 构具体包括:  The block length and the directory end identifier structure of the APK signature block of the original APK file are modified to include:
所述 APK签名块的块长度加上所述自定义 ID— value域的大小, 所述 目录结束标识结构中的目录偏移位置加上所述自定义 ID - value域的 大小。 a block length of the APK signature block plus a size of the custom ID_value field, The directory offset location in the directory end identification structure plus the size of the custom ID-value field.
根据权利要求 9所述的 APK签名认证系统, 其特征在于, The APK signature authentication system according to claim 9, wherein
所述步骤 S3中提取出所述签名信息, 还原出原始 APK文件具体包括: 根据 ID标识从 APK签名块中自定义的 ID- value域拷贝出签名信息; 将所述自定义的 ID-value域从所述 APK签名块中刪除, 并相应修改 APThe step of extracting the signature information in the step S3, the restoring the original APK file specifically includes: copying the signature information from the ID-value field customized in the APK signature block according to the ID identifier; and using the customized ID-value field Remove from the APK signature block and modify the AP accordingly
K文件的 APK签名块的块长度和目录结束标识结构, 还原出原始 APK 文件。 The block length of the APK signature block of the K file and the end of directory identifier structure restore the original APK file.
根据权利要求 12所述的 APK签名认证系统, 其特征在于, The APK signature authentication system according to claim 12, characterized in that
所述修改 APK文件的 APK签名块的块长度和目录结束标识结构具体包 括: The block length and the directory end identifier structure of the APK signature block of the modified APK file specifically include:
所述 APK签名块的块长度减去所述自定义 ID - value域的大小, 所述 目录结束标识结构中的目录偏移位置减去所述自定义 ID - value域的 大小。 The block length of the APK signature block is subtracted from the size of the custom ID-value field, and the directory end identifier structure is offset from the directory size of the custom ID-value field.
根据权利要求 9所述的 APK签名认证系统, 其特征在于, The APK signature authentication system according to claim 9, wherein
所述步骤 S1具体包括: The step S1 specifically includes:
生成收单机构工作公钥证书, 将与所述收单机构工作公钥证书对应的 公钥分发至不同厂商; Generating an acquirer work public key certificate, and distributing the public key corresponding to the work order public key certificate of the acquirer to different vendors;
将原始 APK文件和收单机构签名描述信息一起作为被签名数据, 对所 述被签名数据计算哈希, 得到第一哈希值; Combining the original APK file and the acquirer signature description information as the signed data, and calculating a hash on the signed data to obtain a first hash value;
填充所述第一哈希值, 得到填充后的数据; Filling the first hash value to obtain the padded data;
获取与所述收单机构工作公钥证书对应的私钥, 并利用所述私钥对所 述填充后的数据进行签名, 得到收单机构签名数据; Obtaining a private key corresponding to the working institution public key certificate of the acquiring institution, and signing the filled data by using the private key to obtain the acquiring institution signature data;
生成包含所述收单机构签名描述信息、 收单机构签名数据和收单机构 工作公钥证书的签名信息。 Signature information including the acquirer signature description information, the acquirer signature data, and the acquirer work public key certificate is generated.
根据权利要求 14所述的 APK签名认证系统, 其特征在于, The APK signature authentication system according to claim 14, wherein
所述步骤 S4中验证所述签名信息和所述原始 APK文件的合法性具体包 括: 使用对应的厂商根据所述公钥生成的收单机构根公钥证书验证所述签 名信息中的收单机构工作公钥证书的合法性; The verification of the legality of the signature information and the original APK file in the step S4 specifically includes: Verifying the legality of the work function public key certificate of the acquirer in the signature information by using the acquirer root public key certificate generated by the corresponding manufacturer according to the public key;
若验证通过, 则从所述收单机构工作公钥证书提取所述第二公钥, 使 用所述第二公钥解密所述收单机构签名数据, 获得第一哈希值; 对所述收单结构签名描述信息和原始 APK文件计算哈希, 得到第二哈 希值;  If the verification is passed, extracting the second public key from the acquiring institution working public key certificate, decrypting the acquiring institution signature data by using the second public key, and obtaining a first hash value; The single structure signature description information and the original APK file calculate a hash to obtain a second hash value;
判断所述第二哈希值与所述第一哈希值是否一致, 若一致, 则验证通 过。  It is determined whether the second hash value is consistent with the first hash value, and if they are consistent, the verification is passed.
[权利要求 16] 根据权利要求 9所述的 APK签名认证系统, 其特征在于,  [Claim 16] The APK signature authentication system according to claim 9, wherein
所述步骤 S4中安装所述原始 APK文件包括:  The installing the original APK file in the step S4 includes:
从 APK签名块提取原生签名数据, 还原出未被原生签名的 APK文件; 验证所述原生签名数据和所述未被原生签名的 APK文件的合法性, 验 证通过后, 安装所述未被原生签名的 APK文件。  Extracting the native signature data from the APK signature block, restoring the APK file that is not originally signed; verifying the legality of the native signature data and the APK file not originally signed, after the verification is passed, installing the unsigned signature APK file.
PCT/CN2017/108082 2017-10-27 2017-10-27 Apk signature authentication method and system WO2019080110A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2017/108082 WO2019080110A1 (en) 2017-10-27 2017-10-27 Apk signature authentication method and system
CN201780001458.0A CN107980132A (en) 2017-10-27 2017-10-27 A kind of APK signature authentications method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/108082 WO2019080110A1 (en) 2017-10-27 2017-10-27 Apk signature authentication method and system

Publications (1)

Publication Number Publication Date
WO2019080110A1 true WO2019080110A1 (en) 2019-05-02

Family

ID=62006087

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/108082 WO2019080110A1 (en) 2017-10-27 2017-10-27 Apk signature authentication method and system

Country Status (2)

Country Link
CN (1) CN107980132A (en)
WO (1) WO2019080110A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108875082B (en) * 2018-07-17 2021-01-01 奇安信科技集团股份有限公司 High-capacity data read-write processing method and device
CN109756340B (en) * 2018-12-03 2022-10-21 深圳市新国都支付技术有限公司 Digital signature verification method, device and storage medium
CN110224485B (en) * 2019-05-17 2021-09-21 中国电力科学研究院有限公司 Intelligent distribution transformer terminal software management system
CN111240735B (en) * 2020-01-17 2023-11-28 北京小米移动软件有限公司 Application packaging method, application packaging device and storage medium
CN111787529B (en) * 2020-07-17 2021-06-29 江苏海全科技有限公司 Signature method and system suitable for Android intelligent POS machine application
CN112306512B (en) * 2020-11-09 2023-12-26 武汉天喻信息产业股份有限公司 Method and system for downloading and installing APK file based on CCID protocol
CN112560017B (en) * 2020-12-21 2022-12-06 福建新大陆支付技术有限公司 Method for realizing APK unified signature by using three-level certificate authentication
CN113407912A (en) * 2021-04-16 2021-09-17 江苏先安科技有限公司 Third party countersignature and verification method based on V2 or V3 signature mechanism

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140150096A1 (en) * 2012-11-26 2014-05-29 Electronics And Telecommunications Research Institute Method for assuring integrity of mobile applications and apparatus using the method
CN104156638A (en) * 2014-06-06 2014-11-19 国家计算机网络与信息安全管理中心 Implementation method of extended signature for Android system software
CN105391717A (en) * 2015-11-13 2016-03-09 福建联迪商用设备有限公司 APK signature authentication method and APK signature authentication system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20140011021A (en) * 2012-06-11 2014-01-28 김정현 Method for preventing unauthorized copying of the android platform-based applications and inserting digital watermarking in order to track the first clone

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140150096A1 (en) * 2012-11-26 2014-05-29 Electronics And Telecommunications Research Institute Method for assuring integrity of mobile applications and apparatus using the method
CN104156638A (en) * 2014-06-06 2014-11-19 国家计算机网络与信息安全管理中心 Implementation method of extended signature for Android system software
CN105391717A (en) * 2015-11-13 2016-03-09 福建联迪商用设备有限公司 APK signature authentication method and APK signature authentication system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"Android next-generation multi-channel package artifact", 14 April 2017 (2017-04-14), pages 17 - 18, XP055593403, Retrieved from the Internet <URL:http://toutiao.manqian.cn/wz_14X3pK9AYvz.html> *
JIAN, SHUAI ET AL., NEW GENERATION OF OPEN SOURCE ANDROID CHANNEL PACKAGE GENERATION TOOL - WALLE, 13 January 2017 (2017-01-13), pages 1 - 8, Retrieved from the Internet <URL:http://tech.meituan.com/android-apk-v2-signature-scheme.html> *

Also Published As

Publication number Publication date
CN107980132A (en) 2018-05-01

Similar Documents

Publication Publication Date Title
WO2019080110A1 (en) Apk signature authentication method and system
WO2017166561A1 (en) Method of downloading android apk and system thereof
JP6263644B2 (en) Method and system for unifying APK signature
WO2017080262A1 (en) Apk signature verification method and system therefor
JP6263643B2 (en) APK signing method and system for multiparty credit inquiry
CN104346167B (en) The method and device of channel bag is applied in generation
CN110597538B (en) Software upgrading method and OTA upgrading system based on OTA upgrading system
JP5178341B2 (en) Secure boot with optional components
CN102830992B (en) Plug-in loading method and system
CN102685727B (en) Method for transmitting and operating application program, system for operating application program, server and terminal
WO2016000493A1 (en) Firmware update method in two-chip solution for secure terminal
CN110784466B (en) Information authentication method, device and equipment
CN106789075B (en) POS digital signature anti-cutting system
CN108595198B (en) Safe firmware updating method
CN112560017B (en) Method for realizing APK unified signature by using three-level certificate authentication
CN111314385B (en) Data access method and device
WO2009157133A1 (en) Information processing device, information processing method, and computer program and integrated circuit for the realization thereof
CN110879713B (en) Android terminal strong encryption plug-in thermal update management method
CN108710500A (en) Resource issuing method, update method and device
CN109756340B (en) Digital signature verification method, device and storage medium
CN107239299A (en) Plug-in unit upgrade method and device
US11139988B2 (en) System and method for multi-certificate pinning
CN112565236B (en) Information authentication method, device, computer equipment and storage medium
JP2009251977A (en) Software installation system
KR100458515B1 (en) System and method that can facilitate secure installation of JAVA application for mobile client through wireless internet

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17929867

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17929867

Country of ref document: EP

Kind code of ref document: A1