WO2020047764A1 - 一种调用api的方法及终端 - Google Patents

一种调用api的方法及终端 Download PDF

Info

Publication number
WO2020047764A1
WO2020047764A1 PCT/CN2018/104102 CN2018104102W WO2020047764A1 WO 2020047764 A1 WO2020047764 A1 WO 2020047764A1 CN 2018104102 W CN2018104102 W CN 2018104102W WO 2020047764 A1 WO2020047764 A1 WO 2020047764A1
Authority
WO
WIPO (PCT)
Prior art keywords
layer application
application
api
downloaded
signature
Prior art date
Application number
PCT/CN2018/104102
Other languages
English (en)
French (fr)
Inventor
万文超
洪逸轩
Original Assignee
福建联迪商用设备有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 福建联迪商用设备有限公司 filed Critical 福建联迪商用设备有限公司
Priority to CN201880001269.8A priority Critical patent/CN109313678B/zh
Priority to PCT/CN2018/104102 priority patent/WO2020047764A1/zh
Publication of WO2020047764A1 publication Critical patent/WO2020047764A1/zh

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services

Definitions

  • the present invention relates to the field of computer technology, and in particular, to a method and a terminal for calling an API.
  • low-level and high-level concepts there are usually low-level and high-level concepts, and low-level APIs are provided for upper-level applications to call.
  • low-level API there may be multiple upper-level applications that can call the low-level API, but in certain cases, due to some security considerations, the low-level API is not open to all upper-level applications.
  • the current low-level API usually performs simple permission control, such as implementing password control by entering a password. If the password is leaked, unauthorized upper-level applications can also obtain the password and call the lower-level API. The permission control effect is very poor. .
  • the technical problem to be solved by the present invention is to provide a method and terminal for calling an API, which can improve the security of the underlying API call.
  • a method for calling an API including the following steps:
  • a terminal that calls an API includes a memory, a processor, and a computer program stored on the memory and executable on the processor.
  • the processor executes the computer program, the following steps are implemented:
  • each upper-layer application has a unique application name and signature information to identify it.
  • the upper-layer application's calling permission to call the lower-level API is limited according to the application name and signature information.
  • the present invention configures the application name and signature information of the upper-layer application and limits the calling authority by the application name and signature information, thereby avoiding the risk of unauthorized upper-layer applications from invoking the lower-level API caused by password leakage, which greatly improves The security of calling the underlying API.
  • FIG. 1 is a flowchart of a method for calling an API according to the present invention
  • FIG. 2 is a schematic structural diagram of a terminal that calls an API according to the present invention
  • Embodiment 3 is a flowchart of a method for calling an API in Embodiment 3 of the present invention
  • each upper-layer application has a unique application name and signature information to identify it.
  • the upper-layer application's call permission to the lower-level API is restricted according to the application name and the signature information.
  • a method for calling an API includes the following steps:
  • each upper-level application has a unique application name and signature information to identify it.
  • the upper-layer application's call-level permission to call the lower-level API is limited according to the application name and signature information, compared to the past.
  • the method of restricting the calling of the input password configures the application name and signature information of the upper-layer application and limits the calling authority by the application name and signature information, thereby avoiding the risk of unauthorized upper-layer applications from invoking the lower-level API caused by password leakage, and greatly improving the calling. Security of the underlying API.
  • S1 includes:
  • the compilation environment is used to compile and generate an upper-layer application to be downloaded to the running carrier, and configure the application name and signature information for the upper-layer application through the compilation environment, so that the upper-layer Application security and reliability of application name and signature information have been improved.
  • S2 is specifically:
  • the authorization list is used to verify the legitimacy of the upper-level application calling the lower-level API, ensuring that the verification result is authentic and reliable.
  • S2 includes:
  • S1 and S2 further include:
  • the signature information includes a key domain of a signature work certificate.
  • S103 is specifically:
  • the upper-level public key solidified by the lower-level API is used to verify the validity of the key domain of the signed work certificate. If it is valid, the upper-layer application is allowed to be downloaded to the running carrier. It is not allowed to download the upper-layer application to a running carrier.
  • the signature information includes a key domain of the signature work certificate and a key domain of the signature data.
  • S103 includes:
  • S103a When downloading the upper-layer application to the running carrier, extract the public key in the key domain of the signature work certificate;
  • S103b Use the public key in the key domain of the signature work certificate to perform a public key operation on the key domain of the signature data to obtain a HASH value H1;
  • S103c Calculate the HASH value H2 of the effective data of the upper-layer application, and compare the consistency between H1 and H2. If they are consistent, the upper-layer application is allowed to be downloaded to the running carrier. If they are not consistent, the upper-layer is not allowed to be downloaded. The application is downloaded to the running carrier.
  • S103a is specifically: when downloading the upper-layer application to the running carrier, use the upper-level public key fixed by the underlying API to verify the validity of the key domain of the signature work certificate, and if it is valid, extract the public key in the key domain of the signature work certificate If it is illegal, the upper-layer application is not allowed to be downloaded to the running carrier and the subsequent steps are terminated.
  • a terminal for calling an API provided by the present invention includes a memory, a processor, and a computer program stored on the memory and executable on the processor.
  • the processor executes the processor.
  • the computer program implements the following steps:
  • each upper-level application has a unique application name and signature information to identify it.
  • the upper-layer application's call-level permission to call the lower-level API is limited according to the application name and signature information, compared to the past.
  • the method of restricting the calling of the input password configures the application name and signature information of the upper-layer application and limits the calling authority by the application name and signature information, thereby avoiding the risk of unauthorized upper-layer applications from invoking the lower-level API caused by password leakage, and greatly improving the calling. Security of the underlying API.
  • S1 includes:
  • the compilation environment is used to compile and generate an upper-layer application to be downloaded to the running carrier, and configure the application name and signature information for the upper-layer application through the compilation environment, so that the upper-layer Application security and reliability of application name and signature information have been improved.
  • S2 is specifically:
  • the authorization list is used to verify the legitimacy of the upper-level application calling the lower-level API, ensuring that the verification result is authentic and reliable.
  • S2 includes:
  • S1 and S2 further include:
  • the signature information includes a key domain of a signature work certificate.
  • S103 is specifically:
  • the upper-level public key solidified by the underlying API is used to verify the legality of the key domain of the signature work certificate. If it is valid, the upper-layer application is allowed to be downloaded to the running carrier. If it is not valid, then It is not allowed to download the upper-layer application to a running carrier.
  • the signature information includes a key domain of the signature work certificate and a key domain of the signature data.
  • S103 includes:
  • S103a When downloading the upper-layer application to the running carrier, extract the public key in the key domain of the signature work certificate;
  • S103b Use the public key in the key domain of the signature work certificate to perform a public key operation on the key domain of the signature data to obtain a HASH value H1;
  • S103c Calculate the HASH value H2 of the effective data of the upper-layer application, and compare the consistency between H1 and H2. If they are consistent, the upper-layer application is allowed to be downloaded to the running carrier. If they are not consistent, the upper-layer is not allowed to be downloaded. The application is downloaded to the running carrier.
  • S103a is specifically: when downloading the upper-layer application to the running carrier, use the upper-level public key fixed by the underlying API to verify the validity of the key domain of the signature work certificate, and if it is valid, extract the public key in the key domain of the signature work certificate If it is illegal, the upper-layer application is not allowed to be downloaded to the running carrier and the subsequent steps are terminated.
  • the first embodiment of the present invention is:
  • a method for calling an API including the following steps:
  • S1 includes:
  • S2 includes:
  • S1 and S2 include:
  • the second embodiment of the present invention is:
  • a method for calling an API based on the first embodiment, has the following features:
  • the signature information includes a key domain of the signature work certificate
  • S103 is specifically: when downloading the upper-layer application to the running carrier, using the upper-level public key solidified by the underlying API to verify the validity of the key domain of the signature work certificate.
  • the upper-layer application is allowed to be downloaded to the running carrier, and if it is illegal, the upper-layer application is not allowed to be downloaded to the running carrier.
  • the format of the key field of the signature work certificate is a standard X509 format.
  • the third embodiment of the present invention is:
  • a method for calling an API based on the first embodiment, has the following features:
  • the signature information includes a key domain of a signature work certificate and a key domain of signature data.
  • S103 includes:
  • S103a When downloading the upper-layer application to the running carrier, extract the public key in the key domain of the signature work certificate;
  • S103b Use the public key in the key domain of the signature work certificate to perform a public key operation on the key domain of the signature data to obtain a HASH value H1;
  • S103c Calculate the HASH value H2 of the effective data of the upper-layer application, and compare the consistency between H1 and H2. If they are consistent, the upper-layer application is allowed to be downloaded to the running carrier. The application is downloaded to the running carrier.
  • S103a is specifically: when downloading the upper-layer application to the running carrier, use the upper-level public key solidified by the underlying API to verify the validity of the key domain of the signature work certificate, and if it is valid, extract the public key in the key domain of the signature work certificate If it is illegal, the upper-layer application is not allowed to be downloaded to the running carrier and the subsequent steps are terminated.
  • the fourth embodiment of the present invention is:
  • a terminal 1 for calling an API includes a memory 2, a processor 3, and a computer program stored on the memory 2 and executable on the processor 3.
  • the processor 2 executes the computer program when it executes the computer program. Example one steps.
  • the fifth embodiment of the present invention is:
  • a terminal 1 for calling an API includes a memory 2, a processor 3, and a computer program stored on the memory 2 and executable on the processor 3.
  • the processor 2 executes the computer program when it executes the computer program. Example two steps.
  • the sixth embodiment of the present invention is:
  • a terminal 1 for calling an API includes a memory 2, a processor 3, and a computer program stored on the memory 2 and executable on the processor 3.
  • the processor 2 executes the computer program when it executes the computer program. Example three steps.
  • each upper-level application has a unique application name and signature information to identify it.
  • the upper-level application calls the lower-level API
  • the upper-level application is based on the application name and signature information.
  • the calling permission of calling the underlying API is limited.
  • the present invention configures the application name and signature information of the upper-layer application and limits the calling permission by the application name and signature information, thereby avoiding unauthorized access caused by password leakage
  • the risk of authorizing the upper-layer application to call the lower-level API greatly improves the security of calling the lower-level API.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)

Abstract

本发明涉及一种调用API的方法及终端,每一个上层应用都有一个唯一的应用名和签名信息来标识,当上层应用调用底层API时,根据应用名和签名信息对上层应用调用底层API的调用权限进行限定,相较于以往输入口令的调用限定方式,本发明通过对上层应用配置应用名和签名信息并通过应用名和签名信息进行调用权限的限定,避免了口令泄露造成的非授权上层应用调用底层API的风险,大幅提升了调用底层API的安全性。

Description

一种调用API的方法及终端 技术领域
本发明涉及计算机技术领域,尤其涉及一种调用API的方法及终端。
背景技术
对于软件分层的设计,通常有底层和上层的概念,底层API供上层应用调用。对于一个底层API而言,可能有多个上层应用都能调用该底层API,但是在特定的情况下,出于某种安全考虑,该底层API不便对所有上层应用开放。针对该场景,目前通常对底层API做简单的权限控制,如通过输入口令的方式实现权限控制,如果口令泄露,非授权的上层应用也可拿到口令,并调用底层API,权限控制效果很差。
技术问题
本发明所要解决的技术问题是:提供一种调用API的方法及终端,能够提升底层API调用的安全性。
技术解决方案
为了解决上述技术问题,本发明采用的技术方案为:
一种调用API的方法,包括以下步骤:
S1、为上层应用配置应用名和签名信息;
S2、根据所述应用名和签名信息对所述上层应用调用底层API的权限进行限定。
为了解决上述技术问题,本发明采用的另一技术方案为:
一种调用API的终端,包括存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现以下步骤:
S1、为上层应用配置应用名和签名信息;
S2、根据所述应用名和签名信息对所述上层应用调用底层API的权限进行限定。
有益效果
本发明的有益效果在于:每一个上层应用都有一个唯一的应用名和签名信息来标识,当上层应用调用底层API时,根据应用名和签名信息对上层应用调用底层API的调用权限进行限定,相较于以往输入口令的调用限定方式,本发明通过对上层应用配置应用名和签名信息并通过应用名和签名信息进行调用权限的限定,避免了口令泄露造成的非授权上层应用调用底层API的风险,大幅提升了调用底层API的安全性。
附图说明
图1所示为本发明的一种调用API的方法的流程图;
图2所示为本发明的一种调用API的终端的结构示意图;
图3所示为本发明的实施例三中一种调用API的方法的流程图;
标号说明:
1、一种调用API的终端;2、存储器;3、处理器。
本发明的实施方式
为详细说明本发明的技术内容、所实现目的及效果,以下结合实施方式并配合附图予以说明。
本发明最关键的构思在于:每一个上层应用都有一个唯一的应用名和签名信息来标识,当上层应用调用底层API时,根据应用名和签名信息对上层应用调用底层API的调用权限进行限定。
请参照图1所示,本发明提供的一种调用API的方法,包括以下步骤:
S1、为上层应用配置应用名和签名信息;
S2、根据所述应用名和签名信息对所述上层应用调用底层API的权限进行限定。
从上述描述可知,每一个上层应用都有一个唯一的应用名和签名信息来标识,当上层应用调用底层API时,根据应用名和签名信息对上层应用调用底层API的调用权限进行限定,相较于以往输入口令的调用限定方式,本发明通过对上层应用配置应用名和签名信息并通过应用名和签名信息进行调用权限的限定,避免了口令泄露造成的非授权上层应用调用底层API的风险,大幅提升了调用底层API的安全性。
进一步的,S1包括:
S101、配制上层应用的编译环境,通过所述编译环境编译生成待下载到运行载体的上层应用并为所述上层应用配置相应的应用名;
S102、通过编译环境对待下载到运行载体的上层应用进行签名,得到签名信息。
从上述描述可知,相较于直接下载已有的上层应用到运行载体,通过所述编译环境编译生成待下载到运行载体的上层应用,并通过编译环境为上层应用配置应用名和签名信息,使得上层应用的安全性以及应用名和签名信息的可靠性都得到提升。
进一步的,S2具体为:
判断底层API的授权列表中是否存在所述上层应用的应用名和签名信息,若是,则允许所述上层应用调用所述底层API,若否,则不允许所述上层应用调用所述底层API。
从上述描述可知,使用授权列表来验证上层应用调用底层API的合法性,确保了验证结果真实可信。
进一步的,S2包括:
S201、设置上层应用的授权列表,所述授权列表包括上层应用的应用名和签名信息中的签名者标识;
S202、当已下载至运行载体的上层应用调用底层API时,对所述上层应用的应用名进行解析并对所述上层应用的签名信息中的签名者标识进行提取;
S203、对所述上层应用的应用名和签名者标识是否存在于所述授权列表中进行判断,若是,则允许所述上层应用调用所述底层API,若否,则不允许所述上层应用调用所述底层API。
进一步的,S1与S2之间还包括:
S103、当下载所述上层应用到运行载体时,对所述上层应用的签名信息进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体。
从上述描述可知,使用数字签名技术确保了上层应用的合法性,只有合法的上层应用才允许下载至运行载体。
进一步的,所述签名信息包括签名工作证书关键域。
进一步的,S103具体为:
当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体。
进一步的,所述签名信息包括签名工作证书关键域和签名数据关键域。
进一步的,S103包括:
S103a、当下载所述上层应用到运行载体时,提取签名工作证书关键域中的公钥;
S103b、使用签名工作证书关键域中的公钥对签名数据关键域进行公钥运算得到HASH值H1;
S103c、计算所述上层应用的有效数据的HASH值H2,对H1和H2的一致性进行比较,若一致,则允许将所述上层应用下载至运行载体,若不一致,则不允许将所述上层应用下载至运行载体。
进一步的,S103a具体为:当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,提取签名工作证书关键域中的公钥,若不合法,则不允许将所述上层应用下载至运行载体并终止后续步骤。
请参照图2所示,本发明提供的一种调用API的终端,包括存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现以下步骤:
S1、为上层应用配置应用名和签名信息;
S2、根据所述应用名和签名信息对所述上层应用调用底层API的权限进行限定。
从上述描述可知,每一个上层应用都有一个唯一的应用名和签名信息来标识,当上层应用调用底层API时,根据应用名和签名信息对上层应用调用底层API的调用权限进行限定,相较于以往输入口令的调用限定方式,本发明通过对上层应用配置应用名和签名信息并通过应用名和签名信息进行调用权限的限定,避免了口令泄露造成的非授权上层应用调用底层API的风险,大幅提升了调用底层API的安全性。
进一步的,S1包括:
S101、配制上层应用的编译环境,通过所述编译环境编译生成待下载到运行载体的上层应用并为所述上层应用配置相应的应用名;
S102、通过编译环境对待下载到运行载体的上层应用进行签名,得到签名信息。
从上述描述可知,相较于直接下载已有的上层应用到运行载体,通过所述编译环境编译生成待下载到运行载体的上层应用,并通过编译环境为上层应用配置应用名和签名信息,使得上层应用的安全性以及应用名和签名信息的可靠性都得到提升。
进一步的,S2具体为:
判断底层API的授权列表中是否存在所述上层应用的应用名和签名信息,若是,则允许所述上层应用调用所述底层API,若否,则不允许所述上层应用调用所述底层API。
从上述描述可知,使用授权列表来验证上层应用调用底层API的合法性,确保了验证结果真实可信。
进一步的,S2包括:
S201、设置上层应用的授权列表,所述授权列表包括上层应用的应用名和签名信息中的签名者标识;
S202、当已下载至运行载体的上层应用调用底层API时,对所述上层应用的应用名进行解析并对所述上层应用的签名信息中的签名者标识进行提取;
S203、对所述上层应用的应用名和签名者标识是否存在于所述授权列表中进行判断,若是,则允许所述上层应用调用所述底层API,若否,则不允许所述上层应用调用所述底层API。
进一步的,S1与S2之间还包括:
S103、当下载所述上层应用到运行载体时,对所述上层应用的签名信息进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体。
从上述描述可知,使用数字签名技术确保了上层应用的合法性,只有合法的上层应用才允许下载至运行载体。
进一步的,所述签名信息包括签名工作证书关键域。
进一步的,S103具体为:
当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体。
进一步的,所述签名信息包括签名工作证书关键域和签名数据关键域。
进一步的,S103包括:
S103a、当下载所述上层应用到运行载体时,提取签名工作证书关键域中的公钥;
S103b、使用签名工作证书关键域中的公钥对签名数据关键域进行公钥运算得到HASH值H1;
S103c、计算所述上层应用的有效数据的HASH值H2,对H1和H2的一致性进行比较,若一致,则允许将所述上层应用下载至运行载体,若不一致,则不允许将所述上层应用下载至运行载体。
进一步的,S103a具体为:当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,提取签名工作证书关键域中的公钥,若不合法,则不允许将所述上层应用下载至运行载体并终止后续步骤。
请参照图1所示,本发明的实施例一为:
一种调用API的方法,包括以下步骤:
S1、为上层应用配置应用名和签名信息;
S2、根据所述应用名和签名信息对所述上层应用调用底层API的权限进行限定。
其中,S1包括:
S101、配制上层应用的编译环境,通过所述编译环境编译生成待下载到运行载体的上层应用并为所述上层应用配置相应的应用名;
S102、通过编译环境对待下载到运行载体的上层应用进行签名,得到签名信息;
S2包括:
S201、设置上层应用的授权列表,所述授权列表包括上层应用的应用名和签名信息中的签名者标识;
S202、当已下载至运行载体的上层应用调用底层API时,对所述上层应用的应用名进行解析并对所述上层应用的签名信息中的签名者标识进行提取;
S203、对所述上层应用的应用名和签名者标识是否存在于所述授权列表中进行判断,若是,则允许所述上层应用调用所述底层API,若否,则不允许所述上层应用调用所述底层API;
S1与S2之间包括:
S103、当下载所述上层应用到运行载体时,对所述上层应用的签名信息进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体;
请参照图1所示,本发明的实施例二为:
一种调用API的方法,在实施例一的基础上还具有以下特征:
所述签名信息包括签名工作证书关键域,并且S103具体为:当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体。
优选的,所述签名工作证书关键域的格式为标准X509格式。
请参照图3所示,本发明的实施例三为:
一种调用API的方法,在实施例一的基础上还具有以下特征:
所述签名信息包括签名工作证书关键域和签名数据关键域,S103包括:
S103a、当下载所述上层应用到运行载体时,提取签名工作证书关键域中的公钥;
S103b、使用签名工作证书关键域中的公钥对签名数据关键域进行公钥运算得到HASH值H1;
S103c、计算所述上层应用的有效数据的HASH值H2,对H1和H2的一致性进行比较,若一致,则允许将所述上层应用下载至运行载体,若不一致,则不允许将所述上层应用下载至运行载体。
优选的,S103a具体为:当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,提取签名工作证书关键域中的公钥,若不合法,则不允许将所述上层应用下载至运行载体并终止后续步骤。
请参照图2所示,本发明的实施例四为:
一种调用API的终端1,包括存储器2、处理器3以及存储在所述存储器2上并可在所述处理器3上运行的计算机程序,所述处理器2执行所述计算机程序时执行实施例一的步骤。
请参照图2所示,本发明的实施例五为:
一种调用API的终端1,包括存储器2、处理器3以及存储在所述存储器2上并可在所述处理器3上运行的计算机程序,所述处理器2执行所述计算机程序时执行实施例二的步骤。
请参照图2所示,本发明的实施例六为:
一种调用API的终端1,包括存储器2、处理器3以及存储在所述存储器2上并可在所述处理器3上运行的计算机程序,所述处理器2执行所述计算机程序时执行实施例三的步骤。
综上所述,本发明提供的一种调用API的方法及终端,每一个上层应用都有一个唯一的应用名和签名信息来标识,当上层应用调用底层API时,根据应用名和签名信息对上层应用调用底层API的调用权限进行限定,相较于以往输入口令的调用限定方式,本发明通过对上层应用配置应用名和签名信息并通过应用名和签名信息进行调用权限的限定,避免了口令泄露造成的非授权上层应用调用底层API的风险,大幅提升了调用底层API的安全性。
以上所述仅为本发明的实施例,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等同变换,或直接或间接运用在相关的技术领域,均同理包括在本发明的专利保护范围内。

Claims (20)

  1. 一种调用API的方法,其特征在于,包括以下步骤:
    S1、为上层应用配置应用名和签名信息;
    S2、根据所述应用名和签名信息对所述上层应用调用底层API的权限进行限定。
  2. 根据权利要求1所述的调用API的方法,其特征在于,S1包括:
    S101、配制上层应用的编译环境,通过所述编译环境编译生成待下载到运行载体的上层应用并为所述上层应用配置相应的应用名;
    S102、通过编译环境对待下载到运行载体的上层应用进行签名,得到签名信息。
  3. 根据权利要求1所述的调用API的方法,其特征在于,S2具体为:
    判断底层API的授权列表中是否存在所述上层应用的应用名和签名信息,若是,则允许所述上层应用调用所述底层API,若否,则不允许所述上层应用调用所述底层API。
  4. 根据权利要求1所述的调用API的方法,其特征在于,S2包括:
    S201、设置上层应用的授权列表,所述授权列表包括上层应用的应用名和签名信息中的签名者标识;
    S202、当已下载至运行载体的上层应用调用底层API时,对所述上层应用的应用名进行解析并对所述上层应用的签名信息中的签名者标识进行提取;
    S203、对所述上层应用的应用名和签名者标识是否存在于所述授权列表中进行判断,若是,则允许所述上层应用调用所述底层API,若否,则不允许所述上层应用调用所述底层API。
  5. 根据权利要求1所述的调用API的方法,其特征在于,S1与S2之间还包括:
    S103、当下载所述上层应用到运行载体时,对所述上层应用的签名信息进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体。
  6. 根据权利要求5所述的调用API的方法,其特征在于,所述签名信息包括签名工作证书关键域。
  7. 根据权利要求6所述的调用API的方法,其特征在于,S103具体为:
    当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体。
  8. 根据权利要求5所述的调用API的方法,其特征在于,所述签名信息包括签名工作证书关键域和签名数据关键域。
  9. 根据权利要求8所述的调用API的方法,其特征在于,S103包括:
    S103a、当下载所述上层应用到运行载体时,提取签名工作证书关键域中的公钥;
    S103b、使用签名工作证书关键域中的公钥对签名数据关键域进行公钥运算得到HASH值H1;
    S103c、计算所述上层应用的有效数据的HASH值H2,对H1和H2的一致性进行比较,若一致,则允许将所述上层应用下载至运行载体,若不一致,则不允许将所述上层应用下载至运行载体。
  10. 根据权利要求9所述的调用API的方法,其特征在于,S103a具体为:当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,提取签名工作证书关键域中的公钥,若不合法,则不允许将所述上层应用下载至运行载体并终止后续步骤。
  11. 一种调用API的终端,包括存储器、处理器以及存储在所述存储器上并可在所述处理器上运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现以下步骤:
    S1、为上层应用配置应用名和签名信息;
    S2、根据所述应用名和签名信息对所述上层应用调用底层API的调用权限进行限定。
  12. 根据权利要求11所述的调用API的终端,其特征在于,S1包括:
    S101、配制上层应用的编译环境,通过所述编译环境编译生成待下载到运行载体的上层应用并为所述上层应用配置相应的应用名;
    S102、通过编译环境对待下载到运行载体的上层应用进行签名,得到签名信息。
  13. 根据权利要求11所述的调用API的终端,其特征在于,S2具体为:
    判断底层API的授权列表中是否存在所述上层应用的应用名和签名信息,若是,则允许所述上层应用调用所述底层API,若否,则不允许所述上层应用调用所述底层API。
  14. 根据权利要求11所述的调用API的终端,其特征在于,S2包括:
    S201、设置上层应用的授权列表,所述授权列表包括上层应用的应用名和签名信息中的签名者标识;
    S202、当已下载至运行载体的上层应用调用底层API时,对所述上层应用的应用名进行解析并对所述上层应用的签名信息中的签名者标识进行提取;
    S203、对所述上层应用的应用名和签名者标识是否存在于所述授权列表中进行判断,若是,则允许所述上层应用调用所述底层API,若否,则不允许所述上层应用调用所述底层API。
  15. 根据权利要求11所述的调用API的终端,其特征在于,S1与S2之间还包括:
    S103、当下载所述上层应用到运行载体时,对所述上层应用的签名信息进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体。
  16. 根据权利要求15所述的调用API的终端,其特征在于,所述签名信息包括签名工作证书关键域。
  17. 根据权利要求16所述的调用API的终端,其特征在于,S103具体为:
    当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,则允许将所述上层应用下载至运行载体,若不合法,则不允许将所述上层应用下载至运行载体。
  18. 根据权利要求15所述的调用API的终端,其特征在于,所述签名信息包括签名工作证书关键域和签名数据关键域。
  19. 根据权利要求18所述的调用API的终端,其特征在于,S103包括:
    S103a、当下载所述上层应用到运行载体时,提取签名工作证书关键域中的公钥;
    S103b、使用签名工作证书关键域中的公钥对签名数据关键域进行公钥运算得到HASH值H1;
    S103c、计算所述上层应用的有效数据的HASH值H2,对H1和H2的一致性进行比较,若一致,则允许将所述上层应用下载至运行载体,若不一致,则不允许将所述上层应用下载至运行载体。
  20. 根据权利要求19所述的调用API的终端,其特征在于,S103a具体为:当下载所述上层应用到运行载体时,使用底层API固化的上级公钥对签名工作证书关键域进行合法性验证,若合法,提取签名工作证书关键域中的公钥,若不合法,则不允许将所述上层应用下载至运行载体并终止后续步骤。
PCT/CN2018/104102 2018-09-05 2018-09-05 一种调用api的方法及终端 WO2020047764A1 (zh)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201880001269.8A CN109313678B (zh) 2018-09-05 2018-09-05 一种调用api的方法及终端
PCT/CN2018/104102 WO2020047764A1 (zh) 2018-09-05 2018-09-05 一种调用api的方法及终端

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/104102 WO2020047764A1 (zh) 2018-09-05 2018-09-05 一种调用api的方法及终端

Publications (1)

Publication Number Publication Date
WO2020047764A1 true WO2020047764A1 (zh) 2020-03-12

Family

ID=65221660

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/104102 WO2020047764A1 (zh) 2018-09-05 2018-09-05 一种调用api的方法及终端

Country Status (2)

Country Link
CN (1) CN109313678B (zh)
WO (1) WO2020047764A1 (zh)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103560883A (zh) * 2013-10-30 2014-02-05 南京邮电大学 一种基于用户权限的安卓应用程序间的安全性鉴定方法
CN107453878A (zh) * 2017-08-11 2017-12-08 四川长虹电器股份有限公司 一种支持rest api防篡改防重放的方法
CN108199834A (zh) * 2018-01-16 2018-06-22 飞天诚信科技股份有限公司 一种智能密钥设备工作的方法及装置

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3818504B2 (ja) * 2002-04-15 2006-09-06 ソニー株式会社 情報処理装置および方法、並びにプログラム
CN100447763C (zh) * 2003-05-29 2008-12-31 联想(北京)有限公司 一种安全芯片及基于该芯片的信息安全处理设备和方法
CN101335746A (zh) * 2007-06-29 2008-12-31 国际商业机器公司 保护软件系统的完整性的安全设备和方法及其系统
CN101458743A (zh) * 2007-12-12 2009-06-17 中国长城计算机深圳股份有限公司 一种保护计算机系统安全的方法
CN102014133B (zh) * 2010-11-26 2013-08-21 清华大学 在云存储环境下一种安全存储系统的实现方法
CN102404347A (zh) * 2011-12-28 2012-04-04 南京邮电大学 一种基于公钥基础设施的移动互联网接入认证方法
CN104717643B (zh) * 2013-12-12 2019-05-21 北京大学 一种移动设备安全通信平台
CN104680061A (zh) * 2015-02-28 2015-06-03 国鼎网络空间安全技术有限公司 一种Android环境下应用程序启动中代码签名验证的方法和系统
CN105260663B (zh) * 2015-09-15 2017-12-01 中国科学院信息工程研究所 一种基于TrustZone技术的安全存储服务系统及方法
CN108319823A (zh) * 2018-02-02 2018-07-24 广东蜂助手网络技术股份有限公司 一种安卓app签名绑定方法及装置

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103560883A (zh) * 2013-10-30 2014-02-05 南京邮电大学 一种基于用户权限的安卓应用程序间的安全性鉴定方法
CN107453878A (zh) * 2017-08-11 2017-12-08 四川长虹电器股份有限公司 一种支持rest api防篡改防重放的方法
CN108199834A (zh) * 2018-01-16 2018-06-22 飞天诚信科技股份有限公司 一种智能密钥设备工作的方法及装置

Also Published As

Publication number Publication date
CN109313678A (zh) 2019-02-05
CN109313678B (zh) 2021-11-09

Similar Documents

Publication Publication Date Title
US11126754B2 (en) Personalized and cryptographically secure access control in operating systems
KR100996784B1 (ko) 공개 키 암호화에 기초한 데이터의 저장 및 검색을 위한, 컴퓨팅 장치에서 구현되는 방법, 시스템 및 복수의 명령어를 저장하는 하나 이상의 컴퓨터 판독가능 매체
JP4808279B2 (ja) ビットストリングの封印解除のためのコンピュータ可読媒体および方法
US7546587B2 (en) Run-time call stack verification
JP3753885B2 (ja) 国際暗号体系のホストシステム要素
US8799647B2 (en) Systems and methods for application identification
US10432609B2 (en) Device-bound certificate authentication
US10797868B2 (en) Shared secret establishment
US20060195689A1 (en) Authenticated and confidential communication between software components executing in un-trusted environments
US20100229242A1 (en) Program execution control system, program execution control method and computer program for program execution control
EP3912064B1 (en) Apparatus and method for dynamic configuration of trusted application access control
US20200042675A1 (en) Hardware based identities for software modules
Mladenov et al. 1 trillion dollar refund: How to spoof pdf signatures
WO2019178763A1 (zh) 一种证书导入方法及终端
WO2019178762A1 (zh) 一种验证终端合法性的方法、服务端及系统
Focardi et al. A formally verified configuration for hardware security modules in the cloud
CN107735790B (zh) 用于在安全区域和不太安全区域之间转换的装置和方法
WO2020252753A1 (zh) 区块链节点设备及其认证方法、装置、存储介质
WO2020047764A1 (zh) 一种调用api的方法及终端
US10367644B2 (en) Methods for managing content, computer program products and secure element
Wang et al. MA-TEECM: Mutual Anonymous Authentication-Based Credential Migration Technology for Mobile Trusted Execution Environments
WO2020088515A1 (zh) Pos用户公钥安全认证方法、装置和终端设备
WO2023169409A1 (zh) 模型调用方法、装置及存储介质
WO2023237197A1 (en) Attested one-time on-device secure api authorization

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18932687

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18932687

Country of ref document: EP

Kind code of ref document: A1