Summary of the invention
The object of the invention is to the method for calibration, the Apparatus and system that propose a kind of installation kit, the check logic of installation kit can be prevented by decompiling, improve the reliability of installation kit inspection.
According to an aspect of the present invention, provide a kind of method of calibration of installation kit, wherein, comprise step:
The signature value of an APK is obtained under C language environment; And utilize the label name-value pair of a described APK to be used for asking the required parameter of network data to carry out the first encryption, obtain encrypted word throttling; Described encrypted word throttling is sent to server, for the signature value of pre-configured the 2nd APK of server by utilizing, deciphers described encrypted word throttling; Wherein, described 2nd APK is original APK; Receive return when server does not decrypt described request parameter for identifying the information that a described APK is the APK be tampered.
According to another aspect of the present invention, provide a kind of method of calibration of installation kit, wherein, comprise step:
Receive the encrypted word throttling that client sends; Wherein, described encrypted word throttling is that the label name-value pair of the APK utilizing client to obtain under C language environment obtains for asking the required parameter of network data to be encrypted; Utilize the signature value of the 2nd pre-configured APK, decipher described encrypted word throttling; Wherein, described 2nd APK is original APK; If do not decrypt described request parameter, then return for identifying the information that a described APK is the APK be tampered to client.
According to another aspect of the present invention, provide a kind of method of calibration of installation kit, wherein, comprise step:
Client obtains the signature value of an APK under C language environment; Client utilizes the label name-value pair of a described APK to carry out the first encryption for asking the required parameter of network data, obtains encrypted word throttling; Described encrypted word throttling is sent to server by client; The signature value of the 2nd APK that described server by utilizing is pre-configured, deciphers described encrypted word throttling; Wherein, described 2nd APK is original APK; If do not decrypt described request parameter, then return for identifying the information that a described APK is the APK be tampered to client.
According to another aspect of the present invention, provide a kind of client, wherein, comprising:
First acquiring unit, for obtaining the signature value of an APK under C language environment;
Ciphering unit, being used for for utilizing the label name-value pair of a described APK asking the required parameter of network data to carry out the first encryption, obtaining encrypted word throttling;
First transmitting element, for described encrypted word throttling is sent to server, for the signature value of pre-configured the 2nd APK of server by utilizing, deciphers described encrypted word throttling; Wherein, described 2nd APK is original APK;
First receiving element, for receive return when server does not decrypt described request parameter for identifying the information that a described APK is the APK be tampered.
According to another aspect of the present invention, provide a kind of server, wherein, comprising:
Second receiving element, for receiving the encrypted word throttling that client sends; Wherein, described encrypted word throttling is that the label name-value pair of the APK utilizing client to obtain under C language environment obtains for asking the required parameter of network data to be encrypted;
Decryption unit, for utilizing the signature value of the 2nd pre-configured APK, deciphers described encrypted word throttling; Wherein, described 2nd APK is original APK;
Second transmitting element, if for not decrypting described request parameter, then returns for identifying the information that a described APK is the APK be tampered to client.
According to another aspect of the present invention, provide a kind of check system of installation kit, wherein, comprising: above-mentioned client and above-mentioned server.
Utilize the present invention, client obtains the signature value of APK and utilizes this signature value encrypt the network data request of APK and the byte stream after encryption is sent to server verification in C language environment, due to said process logic compile in C language after produce ' * .so file ', crack ' * .so file ' inner logic by decompiling instrument by being difficult to, breaking techniques difficulty increases greatly than the scheme using Java language to realize; At server side, the signature value of pre-configured original APK is utilized to remove to decipher the byte stream of above-mentioned encryption, if above-mentioned network data request can be gone out by successful decryption, then illustrate that above-mentioned client is installed is original APK, if above-mentioned network data request can not be decrypted, then illustrate that above-mentioned client is installed is the APK be tampered, thus the correlation function of the client being provided with the APK be tampered can be forbidden.Therefore, by above-mentioned process, the check logic of APK can be prevented by decompiling, improve the reliability of installation kit inspection.
To achieve these goals, one or more aspect of the present invention will describe in detail and the feature particularly pointed out in the claims after comprising.Explanation below and accompanying drawing describe some illustrative aspects of the present invention in detail.But what these aspects indicated is only some modes that can use in the various modes of principle of the present invention.In addition, the present invention is intended to comprise all these aspects and their equivalent.
Embodiment
Various aspects of the present disclosure are described below.It is to be understood that instruction herein can with varied form imbody, and in this article disclosed any concrete structure, function or both be only representational.Based on instruction herein, those skilled in the art are it is to be understood that an aspect disclosed herein can realize independent of any other side, and the two or more aspects in these aspects can combine according to various mode.Such as, aspect, implement device or the hands-on approach of any number described in this paper can be used.In addition, other structure, function or except one or more aspect described in this paper or be not the 26S Proteasome Structure and Function of one or more aspect described in this paper can be used, realize this device or put into practice this method.In addition, any aspect described herein can comprise at least one element of claim.
Each embodiment of the present invention is described below with reference to accompanying drawings.
The present invention proposes a kind of method of calibration of installation kit, and its flow process can with reference to figure 1; Concrete, comprise step:
Step S101: the signature value obtaining an APK under C language environment;
Wherein, an APK refers to the APK that user downloads to client; Concrete, when obtaining the signature value of an APK, the signature value sign of an APK can be obtained by getPost function call getSign function;
Step S102: utilize the label name-value pair of an APK to be used for asking the required parameter of network data to carry out the first encryption, obtain encrypted word throttling;
Concrete, the signature value of an APK can be utilized to carry out the first encryption as encryption key to network request parameter by getPost function call encodeData function, obtain encrypted word throttling.Wherein, the cryptographic algorithm that the first encryption adopts is reversible symmetry algorithm, as: DES algorithm, RC5 algorithm, also can adopt M9 cryptographic algorithm.
Then carry out step S103: encrypted word throttling is sent to server, the signature value for pre-configured the 2nd APK of server by utilizing deciphers this encrypted word throttling;
Wherein, the 2nd APK is original APK; Step S101 and step S102 is carried out under C language environment, and encrypted word throttling is sent to server, due to said process logic compile in C language after produce ' * .so file ', crack ' * .so file ' inner logic by decompiling instrument by being difficult to, breaking techniques difficulty increases greatly than the scheme using Java language to realize;
Step S104: receive return when server does not decrypt required parameter for identifying the information that an APK is the APK be tampered.Wherein, return when server decrypts required parameter for identifying the information that an APK is original APK.
Above-mentioned function getPost, getSign, encodeData, implementation procedure is all positioned at AndroidNDK layer, realizes, belong to the primary code of system, can produce ' * .so file ' after compiling, decompiling cannot go out this class file with decompiling instrument by C language.
Utilize the present invention, client obtains the signature value of APK and utilizes this signature value encrypt the network data request of APK and the byte stream after encryption is sent to server verification in C language environment, due to said process logic compile in C language after produce ' * .so file ', crack ' * .so file ' inner logic by decompiling instrument by being difficult to, breaking techniques difficulty increases greatly than the scheme using Java language to realize; At server side, the signature value of pre-configured original APK is utilized to remove to decipher the byte stream of above-mentioned encryption, if above-mentioned network data request can be gone out by successful decryption, the original APK that above-mentioned client is installed then is described, if above-mentioned network data request can not be decrypted, then illustrate that above-mentioned client is installed is the APK be tampered, thus the correlation function of the client being provided with the APK be tampered can be forbidden; Therefore the check logic of APK can be prevented by decompiling, improve the reliability of installation kit inspection.
In order to prevent the check logic of APK by decompiling further, improve the reliability that installation kit detects, for above-described embodiment, in step s 102, when utilizing the label name-value pair of an APK to be used for asking the required parameter of network data to carry out the first encryption, specifically can carry out according to the following steps: 1) carry out the second encryption by the signature value of pre-defined algorithm to an APK, obtain the signature value of the APK after encrypting; Concrete, when carrying out the second encryption, be encrypted according to the signature value of pre-defined algorithm to APK by getPost function call getKey function; Wherein, pre-defined algorithm can be md5 cryptographic algorithm also can be the algorithm that can produce regular length character string; 2) the label name-value pair of the APK after this encryption is utilized to be used for asking the required parameter of network data to carry out the first encryption.
Corresponding, after encrypted word throttling is sent to server by step S103, what server by utilizing was pre-configured deciphers this encrypted word throttling by the signature value of the 2nd APK after the encryption of this pre-defined algorithm.That is to say, make an appointment in client encrypt and the mode of deciphering in the server, this mode only has client and server to know, simultaneously owing to being carry out under the environment of C language, therefore this mode can not be acquired by decompiling, fully can ensure security.
In one aspect of the invention, first can carry out the initial detecting of APK in client, only have by initial detecting, just carry out the installation kit testing process in above-described embodiment after step S102; One of them optional method of initial detecting detects APK signature value; Concrete, initial detecting is carried out after step slol, comprises step:
The signature value of the one APK and the signature value at pre-configured the 2nd APK of client compare by client, if equal, then client carries out this S102 step and testing process afterwards; If unequal, then return for identifying the information that an APK is the APK be tampered.
Another optional method of initial detecting is the CRC (CyclicalRedundancyCheck obtaining the dex type of executable file (in the Android platform) file, CRC) value, compares the crc value of acquisition with pre-configured crc value; Concrete, initial detecting is carried out after step slol, comprises step:
Client obtains the crc value of the dex file of an APK;
The crc value of this dex file compares with pre-configured crc value by client, and wherein, pre-configured crc value is the crc value of the dex file of original APK;
When the crc value of dex file is equal with pre-configured crc value, client carries out above-mentioned S102 step and testing process afterwards.If the crc value of dex file and pre-configured crc value unequal, then return for identifying the information that an APK is the APK be tampered.
Another optional method of initial detecting is the crc value detecting dex file after detecting APK signature value again; Concrete, initial detecting is carried out after step slol, comprises step:
The signature value of the one APK and the signature value at pre-configured the 2nd APK of client compare by client, if equal, then client obtains the crc value of dex file; If unequal, then return for identifying the information that an APK is the APK be tampered;
When the crc value of this dex file is equal with pre-configured crc value, client carries out this S102 step and testing process afterwards; If unequal, then return for identifying the information that an APK is the APK be tampered.
As long as APK is by decompiling, dex file will change, and crc value also can change.Therefore according to the crc value of dex file, tentatively can judge whether an APK is tampered.
As shown in Figure 2, the method is based on client-side for a preferred embodiment flow process.Before carrying out idiographic flow, can obscure by advanced line code: the class name of an APK, bag name are obscured for Window system and linux system two systematic naming method systems forbid strictly the filename that uses, as com1, Com1 etc., wherein, obscure the class name, the bag name that refer to an APK to reorganize and process, obtain the filename that Window system and linux system two systematic naming method systems are forbidded strictly to use; Then following treatment scheme is carried out:
Step S201: client obtains the signature value of an APK under C language environment;
Step S202: client judges that whether the signature value of an APK is equal with the signature value of the 2nd pre-configured APK; Wherein, the 2nd APK is original APK; If judged result is no, then carry out step S203; If the determination result is YES, then step S204 is carried out;
Step S203: client returns for identifying the information that an APK is the APK be tampered;
Step S204: client obtains the crc value of the dex file of an APK;
Step S205: client judges that whether the crc value of dex file is equal with pre-configured crc value; Wherein, pre-configured crc value is the crc value for reference, i.e. the crc value of the dex file of original APK; When the crc value and pre-configured crc value that judge dex file are unequal, carry out step S203; When judging that the crc value of dex file is equal with pre-configured crc value, carry out step S206;
Step S206: client utilizes the label name-value pair of an APK to be used for asking the required parameter of network data to carry out the first encryption, obtains encrypted word throttling; Concrete, client first can also be encrypted the signature value of an APK by pre-defined algorithm; And then be used for asking the required parameter of network data to carry out the first encryption according to the signature value of the APK after encryption.
Step S207: encrypted word throttling is sent to server by client, the signature value for pre-configured the 2nd APK of server by utilizing deciphers this encrypted word throttling; Concrete, when in step S206, when being used for asking the required parameter of network data to carry out the first encryption according to the signature value of an APK after encryption, the signature value of the 2nd APK that what server by utilizing was pre-configured press after pre-defined algorithm encrypts, deciphers this encrypted word throttling.
Step S208: client receive when server decrypts required parameter, by server return for identifying the information that an APK is original APK; And when server does not decrypt required parameter, by server return for identifying the information that an APK is the APK be tampered.
The invention allows for the method for calibration of another kind of installation kit, the method is based on server side, and its flow process with reference to shown in figure 3, can comprise step:
Step S301: the encrypted word throttling that server receives client sends; Wherein, this encrypted word throttling is that the label name-value pair of the APK utilizing client to obtain under C language environment obtains for asking the required parameter of network data to be encrypted;
The signature value enabling decryption of encrypted byte stream of step S302: the 2nd APK that server by utilizing is pre-configured; Wherein, the 2nd APK is original APK;
Step S303: if server decrypts required parameter, then return for identifying the information that an APK is original APK to client; If server does not decrypt required parameter, then return for identifying the information that an APK is the APK be tampered to client.
The invention allows for the method for calibration of another kind of installation kit, its flow process can with reference to shown in figure 4, and the method is mutual based on client and server, and concrete steps comprise:
Step S401: client obtains the signature value of an APK under C language environment;
Step S402: client utilizes the label name-value pair of an APK to carry out the first encryption for asking the required parameter of network data, obtains encrypted word throttling;
Step S403: client sends above-mentioned encrypted word throttling to server;
The signature value enabling decryption of encrypted byte stream of step S404: the 2nd APK that server by utilizing is pre-configured; Wherein, the 2nd APK is original APK; Then step S405 or step S406 is carried out according to decrypted result.
Step S405: if server decrypts this required parameter, then return for identifying the information that an APK is this original APK to client;
Step S406: if server does not decrypt this required parameter, then return for identifying the information that an APK is the APK be tampered to client.
Another aspect of the present invention, also proposed a kind of client 801, and its structural representation can with reference to figure 5, and client 801 comprises:
First acquiring unit 601, for obtaining the signature value of an APK under C language environment;
Ciphering unit 602, being used for for utilizing the label name-value pair of an APK asking the required parameter of network data to carry out the first encryption, obtaining encrypted word throttling;
First transmitting element 603, for this encrypted word throttling is sent to server, for the signature value of pre-configured the 2nd APK of server by utilizing, deciphers this encrypted word throttling; Wherein, the 2nd APK is original APK;
First receiving element 604, for receive return when server does not decrypt this required parameter for identifying the information that an APK is the APK be tampered.And, receive return when server decrypts this required parameter for identifying the information that an APK is this original APK.
The another aspect of above-mentioned client, can also be configured to sign name-value pair APK according to APK and carry out initial detecting, concrete, see Fig. 6; Client also comprises:
First comparing unit 605, for comparing the signature value of the signature value of an APK and the 2nd pre-configured APK;
First notification unit 606, for when the comparative result of this first comparing unit is equal, notifies that this ciphering unit is to for asking the required parameter of network data to carry out the first encryption; When the comparative result of this first comparing unit is unequal, return for identifying the information that an APK is the APK be tampered; Wherein, the 2nd APK is original APK.
The another aspect of above-mentioned client, can also be configured to carry out initial detecting according to crc value to APK.Concrete, see Fig. 7, client also comprises:
Second acquisition unit 607, for obtaining the crc value of the dex file of an APK;
Second comparing unit 608, for comparing the crc value of this dex file and pre-configured crc value;
Second notification unit 609, for when the comparative result of the second comparing unit is equal, notifies that this ciphering unit is to for asking the required parameter of network data to carry out the first encryption; When the comparative result of the second comparing unit is unequal, return for identifying the information that an APK is the APK be tampered; Wherein, pre-configured crc value is the crc value of the dex file of original APK.
Another aspect of the present invention, also proposed a kind of server 802, and its structural representation can with reference to figure 8, and server 802 comprises:
Second receiving element 701, for receiving the encrypted word throttling that client sends; Wherein, this encrypted word throttling is that the label name-value pair of the APK utilizing client to obtain under C language environment obtains for asking the required parameter of network data to be encrypted;
Decryption unit 702, deciphers this encrypted word throttling for utilizing the signature value of the 2nd pre-configured APK; Wherein, the 2nd APK is original APK;
Second transmitting element 703, if for decrypting this required parameter, then returns for identifying the information that an APK is this original APK to client; If do not decrypt this required parameter, then return for identifying the information that an APK is the APK be tampered to client.
Another aspect of the present invention, also proposed a kind of check system of installation kit, and its structural representation can with reference to figure 9, and this system comprises: the client 801 shown in Fig. 5 and the server shown in Fig. 8 802.Also can be the client of Fig. 6 or Fig. 7 and the server of Fig. 8.
Utilize the present invention, client obtains the signature value of APK and utilizes this signature value encrypt the network data request of APK and the byte stream after encryption is sent to server verification in C language environment, due to said process logic compile in C language after produce * .so file, packing party cracks the logic in * .so by decompiling instrument by being difficult to, and breaking techniques difficulty increases greatly than the scheme using Java language to realize; At server side, the signature value of pre-configured original APK is utilized to remove to decipher the byte stream of above-mentioned encryption, if above-mentioned network data request can be gone out by successful decryption, the original APK that above-mentioned client is installed then is described, if above-mentioned network data request can not be decrypted, then illustrate that above-mentioned client is installed is the APK be tampered, thus the correlation function of the client being provided with the APK be tampered can be forbidden; Therefore the check logic of APK can be prevented by decompiling, improve the reliability of installation kit inspection.
In addition, typically, mobile terminal of the present invention can be the various hand-held terminal device with Bluetooth function, such as, have the mobile phone of Bluetooth function, personal digital assistant (PDA).
In addition, the computer program performed by the processor (such as CPU) in mobile terminal can also be implemented as according to method of the present invention, and store in a memory in the mobile terminal.When this computer program is executed by processor, perform the above-mentioned functions limited in method of the present invention.
In addition, a kind of computer program can also be embodied as according to method of the present invention, this computer program comprises computer-readable medium, stores the computer program for performing the above-mentioned functions limited in method of the present invention on the computer-readable medium.
In addition, said method step and system unit also can utilize controller and realize for storing the computer readable storage devices making controller realize the computer program of above-mentioned steps or Elementary Function.
Those skilled in the art will also understand is that, may be implemented as electronic hardware, computer software or both combinations in conjunction with various illustrative logical blocks, module, circuit and the algorithm steps described by disclosure herein.In order to this interchangeability of hardware and software is clearly described, the function with regard to various exemplary components, square, module, circuit and step has carried out general description to it.This function is implemented as software or is implemented as hardware and depends on embody rule and be applied to the design constraint of whole system.Those skilled in the art can realize described function in every way for often kind of embody rule, but this realization determines should not be interpreted as causing departing from the scope of the present invention.
Although disclosed content shows exemplary embodiment of the present invention above, it should be noted that under the prerequisite not deviating from the scope of the present invention that claim limits, can multiple change and amendment be carried out.Need not perform with any particular order according to the function of the claim to a method of inventive embodiments described herein, step and/or action.In addition, although element of the present invention can describe or requirement with individual form, also it is contemplated that multiple, is odd number unless explicitly limited.
Although describe each embodiment according to the present invention above with reference to figure to be described, it will be appreciated by those skilled in the art that each embodiment that the invention described above is proposed, various improvement can also be made on the basis not departing from content of the present invention.Therefore, protection scope of the present invention should be determined by the content of appending claims.