CN106709282A - Resource file decryption method and device - Google Patents
Resource file decryption method and device Download PDFInfo
- Publication number
- CN106709282A CN106709282A CN201610495353.2A CN201610495353A CN106709282A CN 106709282 A CN106709282 A CN 106709282A CN 201610495353 A CN201610495353 A CN 201610495353A CN 106709282 A CN106709282 A CN 106709282A
- Authority
- CN
- China
- Prior art keywords
- file
- resource file
- decryption
- operational order
- decryption component
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 238000009434 installation Methods 0.000 claims abstract description 78
- 230000006870 function Effects 0.000 claims description 101
- 230000003014 reinforcing effect Effects 0.000 claims description 63
- 238000006073 displacement reaction Methods 0.000 claims description 20
- 238000013507 mapping Methods 0.000 claims description 20
- 230000000977 initiatory effect Effects 0.000 claims description 10
- 230000006399 behavior Effects 0.000 claims description 5
- 230000008569 process Effects 0.000 abstract description 11
- 238000003860 storage Methods 0.000 description 11
- 230000006854 communication Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 230000002787 reinforcement Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000001514 detection method Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 230000005484 gravity Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000004888 barrier function Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000005314 correlation function Methods 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012905 input function Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 230000008054 signal transmission Effects 0.000 description 1
- 230000005236 sound signal Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000010897 surface acoustic wave method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/101—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
- G06F21/1015—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to users
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a resource file decryption method and device, and belongs to the technical field of computers. The method comprises the following steps of: loading a decryption component from a strengthened installation file by a target application client, wherein the decryption component is used for decrypting encrypted resource files; in an operation process of the decryption component, presetting an operation function via Hook so as to capture an operation instruction which is used for calling the preset operation function, wherein the preset operation function comprises an operation function which is used for carrying out any operation on each file in the strengthened installation file; and when the target application client initiates the operation instruction, capturing the operation instruction by the decryption component, and decrypting the encrypted resource file corresponding to the operation instruction to ensure that the target application client calls the preset operation function and then operates the decrypted resource file. According to the decryption method provided by the invention, the decryption of the encrypted resource file can be realized while the installation file is protected, so that the normal operation of the target application client is prevented from being influenced.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of resource file decryption method and device.
Background technology
With the development and the extensive use of mobile platform of computer technology, to the usurping of applications client, distort, analyze
Problem increasingly serious etc. phenomenon, how protecting applications client to be paid special attention to as developer.
A kind of reinforcement means is currently suggested, can be by way of encryption, the installation file of reinforcement application client, most
The safety of bigization ground protection applications client.The reinforcement means is specifically included:The source installation file of intended application client is obtained,
Source installation file unpack to obtain file set, resource file is extracted from file set, resource file is encrypted, obtained
Encryption resource file, to encrypt the original resource file during resource file replaces file set, to the file set obtained after replacement
Packed, obtain reinforcing installation file.
Above-mentioned reinforcement means can protect resource file, improve the security of intended application client.But should in target
With in the running of client resource file can be just normally used, it is necessary to be decrypted to encryption resource file.Therefore, need
Propose that a kind of decryption method is decrypted to encryption resource file.
The content of the invention
In order to solve problem of the prior art, a kind of resource file decryption method and device are the embodiment of the invention provides.
The technical scheme is as follows:
First aspect, there is provided a kind of resource file decryption method, methods described includes:
Intended application client loads decryption component from reinforcing installation file, at least includes in the reinforcing installation file
Encryption resource file and the decryption component, the decryption component are used to be decrypted encryption resource file;
In the running of the decryption component, Hook predetermined registration operation functions, to capture for calling the default behaviour
Make the operational order of function, the predetermined registration operation function is included for being appointed to each file in the reinforcing installation file
The handling function of one operation;
When the intended application client initiates the operational order, the decryption component captures the operational order, and
Encryption resource file corresponding to the operational order is decrypted;
Predetermined registration operation function described in the intended application client call, operates to the resource file after decryption.
Second aspect, there is provided a kind of resource file decrypts device, described device includes:Intended application client and decryption
Component, the intended application client includes:Load-on module, instruction initiation module, operation module, the decryption component include:
Hook modules, trapping module, deciphering module;
The load-on module, for loading the decryption group from the reinforcing installation file of the intended application client
Part, in the reinforcing installation file at least include encryption resource file and the decryption component, the decryption component be used for pair plus
Close resource file is decrypted;
The Hook modules, in the running of the decryption component, Hook predetermined registration operation functions, so as to described
Trapping module captures the operational order for calling the predetermined registration operation function, and the predetermined registration operation function includes being used for described
Each file reinforced in installation file carries out the handling function of any operation;
The instruction initiation module, for initiating the operational order;
The trapping module, for capturing the operational order;
The deciphering module, for being decrypted to the corresponding encryption resource file of the operational order;
The operation module, for calling the predetermined registration operation function, operates to the resource file after decryption.
The beneficial effect that technical scheme provided in an embodiment of the present invention is brought is:
Method and device provided in an embodiment of the present invention, provides decryption component, the decryption by installation file is reinforced
Component Hook predetermined registration operations function in the process of running, can when intended application client will call the predetermined registration operation function,
Corresponding operational order is captured by decryption component, and encryption resource file is decrypted, so that intended application client can
Resource file after decryption is operated.The invention provides a kind of decryption method, can protect installation file while,
Realize the decryption to encrypting resource file, it is to avoid the normal operation of influence intended application client.
Brief description of the drawings
Technical scheme in order to illustrate more clearly the embodiments of the present invention, below will be to that will make needed for embodiment description
Accompanying drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for
For those of ordinary skill in the art, on the premise of not paying creative work, other can also be obtained according to these accompanying drawings
Accompanying drawing.
Fig. 1 is a kind of flow chart of resource file decryption method provided in an embodiment of the present invention;
Fig. 2 is a kind of flow chart of resource file decryption method provided in an embodiment of the present invention;
Fig. 3 is a kind of resource file decryption apparatus structure schematic diagram provided in an embodiment of the present invention;
Fig. 4 is a kind of structural representation of terminal provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Site preparation is described, it is clear that described embodiment is a part of embodiment of the invention, rather than whole embodiments.Based on this hair
Embodiment in bright, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made
Example, belongs to the scope of protection of the invention.
Fig. 1 is a kind of flow chart of resource file decryption method provided in an embodiment of the present invention, referring to Fig. 1, the method bag
Include:
101st, intended application client loads decryption component from reinforcing installation file, is at least wrapped in the reinforcing installation file
Encryption resource file and the decryption component are included, the decryption component is used to be decrypted encryption resource file.
102nd, in the running of the decryption component, Hook (hooking) predetermined registration operation function, to capture for calling this
The operational order of predetermined registration operation function, the predetermined registration operation function is included for being carried out to each file in the reinforcing installation file
The handling function of any operation.
103rd, when the intended application client initiates the operational order, the decryption component captures the operational order, and to this
The corresponding encryption resource file of operational order is decrypted.
104th, the intended application client call predetermined registration operation function, operates to the resource file after decryption.
Method provided in an embodiment of the present invention, by providing decryption group in the reinforcing installation file of intended application client
Part, decryption component Hook predetermined registration operations function in the process of running, can will call the default behaviour in intended application client
When making function, corresponding operational order is captured by decryption component, and encryption resource file is decrypted, so that intended application is objective
Family end can operate to the resource file after decryption.The invention provides a kind of decryption method, text can be installed in protection
While part, the decryption to the encryption resource file in installation file is realized, it is to avoid the normal fortune of influence intended application client
OK.
Alternatively, the decryption component captures the operational order, and encryption resource file corresponding to the operational order is carried out
Decryption, including:
The decryption component captures the operational order, and the corresponding encryption resource file of the operational order is loaded onto into the target should
With in the memory headroom of client, and the encryption resource file is decrypted.
Alternatively, the intended application client call predetermined registration operation function, operates to the resource file after decryption,
Including:
The intended application client call predetermined registration operation function, is carried out to the resource file after being decrypted in the memory headroom
Operation.
Alternatively, the predetermined registration operation function includes at least one of read functions, fread functions and mmap functions.
Alternatively, the method also includes:
The decryption component is parsed to the reinforcing installation file, obtains Displacement mapping table, and the Displacement mapping table includes
The offset address of each encryption resource file.
Alternatively, the decryption component captures the operational order, and encryption resource file corresponding to the operational order is carried out
Decryption, including:
The decryption component captures the operational order, determines the corresponding offset address for accessing data of the operational order;
If the Displacement mapping table includes the offset address, it is determined that the access data are encryption resource file;
The corresponding encryption resource file of the offset address is obtained, and the encryption resource file is decrypted.
Alternatively, from reinforcing in installation file before loading decryption component, the method also includes the intended application client:
The reinforcing installation file that the reception server sends, the server is used to install the source of the intended application client
File is unpacked, and obtains file set, and the resource file that this document is concentrated is encrypted, and obtains the encryption resource file, and
The decryption component is added, obtains reinforcing file set, the reinforcing file set is packed, obtain the reinforcing installation file.
Above-mentioned all optional technical schemes, can form alternative embodiment of the invention, herein no longer using any combination
Repeat one by one.
Fig. 2 is a kind of flow chart of resource file decryption method provided in an embodiment of the present invention, referring to Fig. 2, the method bag
Include:
201st, terminal obtains the reinforcing installation file of intended application client, runs the reinforcing installation file.
Wherein, the terminal can be the equipment such as computer, mobile phone, the terminal can configure Android operation system or other
Operating system, the embodiment of the present invention is not limited this.The terminal is used to install the intended application client, and runs the target
Applications client.The intended application client can be any one applications client, and such as social networking application client, file management is answered
Can be the applications client higher to demand for security especially with client etc., such as pay applications client, the present invention
Embodiment is not limited the intended application client.
It refers to the installation file obtained after being reinforced to the source installation file of intended application client to reinforce installation file,
Any terminal can obtain the reinforcing installation file, run the reinforcing installation file, to install the intended application client, and transport
The capable intended application client.
In the embodiment of the present invention, the terminal obtains the reinforcing installation file of intended application client first.
Specifically, the source installation file of the intended application client is obtained by server, to the intended application client
Source installation file is unpacked, and obtains file set, and the resource file that this document is concentrated is encrypted, and obtains encryption resource text
Part, and the decryption component is added, obtain reinforcing file set, the reinforcing file set is packed, the reinforcing installation file is obtained,
The reinforcing installation file that terminal the reception server sends.Or, server is packed to the reinforcing file set and is added numeral
Signature, obtains the reinforcing installation file, the reinforcing installation file that terminal the reception server sends.
Wherein, the server can be the server that service is provided for intended application client, or dedicated for
It is the server that various installation files are reinforced, the embodiment of the present invention is not limited this.The server obtains source installation
During file, the source installation file can be configured by the attendant of the server, it is also possible to by the terminal by source installation file
The server is reached, the embodiment of the present invention is not limited the mode that the server obtains the source installation file.The decryption component
Can be configured by the attendant of the server, the decryption component of different target applications client can be with identical, it is also possible to
Difference, the embodiment of the present invention is not also limited this.
Wherein, encryption resource file and the decryption component are at least included in the reinforcing installation file.Encrypting resource file is
The file that finger is obtained after being encrypted to resource file, and resource file can be including picture file, audio file etc. in target
One or more files needed for applications client running.The decryption component is used to solve encryption resource file
It is close, can be safe SO storehouses (SB), decryption file or decrypted code section, the embodiment of the present invention is not limited this.
In the embodiment of the present invention, decryption component is added by installation file is reinforced, added by decryption component realization pair
The decryption of close resource file, it is ensured that the normal operation of intended application client.
202nd, intended application client loads decryption component from reinforcing installation file.
First decryption component is loaded when intended application client is run from reinforcing installation file.Specifically, the target should
Decryption component can be loaded from reinforcing in installation file, or need to enter resource file at other on startup with client
The moment of row operation loads the decryption component, and the embodiment of the present invention is not limited Loading opportunity.
203rd, in the running of the decryption component, decryption component Hook predetermined registration operation functions.
In the embodiment of the present invention, intended application client is loaded after the decryption component, runs the decryption component, the decryption
Component in the process of running, Hook predetermined registration operation functions, so that the follow-up intended application client initiates operational order, to call
When any encryption resource file of the predetermined registration operation function pair is operated, the decryption component can capture the operational order, from
And the encryption resource file is decrypted.
Wherein, the predetermined registration operation function is included for carrying out any operation to each file in the reinforcing installation file
Handling function, when the intended application client will carry out certain operation to any resource file, can initiate operational order, call phase
The predetermined registration operation function answered realizes the operation to the resource file.
The predetermined registration operation function can include at least one of read functions, fread functions and mmap functions.Read letters
Number is used to read data, mmap letters from a file stream for reading data, fread functions from the equipment or file opened
Number by a file or object map for entering internal memory.Certainly, the predetermined registration operation function can also include other handling functions,
The embodiment of the present invention will not be repeated here.
Further, it is contemplated that if a certain handling function of the intended application client call is not by the decryption component
During Hook, the decryption component can be caused to capture the operational order for calling the handling function, also just cannot be to corresponding resource
File is decrypted, and causes resource file to be unable to normal use, and mistake occurs in the operation of intended application client, and influence target should
With the stability and compatibility of client.Therefore, the predetermined registration operation function can include being used for operate resource file
All handling functions, so as to all of handling functions of decryption component Hook, when intended application client call any operation function
When, can realize the decryption to respective resources file.
204th, the intended application client initiates operational order, and the operational order is used to call the predetermined registration operation function.
In the running of intended application client, when to apply a certain resource file, the intended application client
Operational order can be initiated, the operational order is used to call the predetermined registration operation function, and the resource file is operated.
Wherein, the operational order can be initiated by the intended application client according to the operation of user, or according to operation
The message that system sends is initiated, and the embodiment of the present invention is not limited this.
205th, the decryption component captures the operational order, and encryption resource file corresponding to the operational order is solved
It is close.
After the decryption component hooks predetermined registration operation function, if other functions of the intended application client are to the default behaviour
When making function transmission message, the predetermined registration operation function will not be first run, but first run the decryption of the Hook predetermined registration operation functions
Component, in decryption component running, message that can be first to passing to the predetermined registration operation function is processed to be passed to again
The predetermined registration operation function, it is also possible to directly pass the message to the predetermined registration operation function.
Therefore, the intended application client initiates operational order to call during the predetermined registration operation function, the decryption component meeting
The operational order is captured, now, intended application client encryption resource file corresponding to the operational order is decrypted.
Specifically, when the decryption component captures the operational order, by the operational order it is corresponding encryption resource file from
Disk is loaded onto in the memory headroom of intended application client, and the encryption resource file is decrypted, and now the internal memory is empty
Between middle storage be resource file after decryption, the follow-up intended application client can carry out to the resource file after the decryption
Operation.
Wherein, the decryption component can be decrypted using default decipherment algorithm, and the default decipherment algorithm is literary with to resource
The AES used when part is encrypted matches, and the default decipherment algorithm can be pre-set by technical staff, Huo Zheyou
The server is configured according to default AES, for example the default decipherment algorithm can for stream cipher arithmetic or other
Algorithm, the embodiment of the present invention is not limited this.
In addition, the access data of operational order that the intended application client is initiated both can be encryption resource file,
Can also be except encrypt resource file in addition to alternative document, then for the ease of determine the operational order access data whether be
Encryption resource file, the method can include step 200:
200th, the decryption component is parsed to the reinforcing installation file, obtains Displacement mapping table, in the Displacement mapping table
Offset address including each encryption resource file.Afterwards, the Displacement mapping table can be stored in the target by the decryption component
In the memory headroom of applications client.
The step 200 can be performed after the intended application client loads the decryption component, or be held at other moment
OK, the embodiment of the present invention is not limited this.
Correspondingly, the step 205 can include step 2051:
2051st, the decryption component captures the operational order, determines the corresponding offset address for accessing data of the operational order,
If the Displacement mapping table includes the offset address, it is determined that the access data are encryption resource file, skew ground is obtained
The corresponding encryption resource file in location, and the encryption resource file is decrypted.
Whether the decryption component in the process of running, can be parsed to the reinforcing installation file, analyze each file
It is encryption resource file, and it is determined that after encryption resource file, the offset address of each encryption resource file is obtained, so that basis
The offset address generation Displacement mapping table of each encryption resource file.
So, when decryption component captures operational order, the corresponding skew ground for accessing data of the operational order is determined
Whether location, judges include the offset address in the Displacement mapping table, if the Displacement mapping table includes the offset address, can
Data as encryption resource file are accessed to determine that the operational order is corresponding, then the decryption component can obtain the offset address pair
The encryption resource file answered, and the encryption resource file is decrypted.And if not including the skew in the Displacement mapping table
Address, then can determine that the corresponding data that access of the operational order are not encryption resource files, and the decryption component need not be solved
It is close.
206th, the intended application client call predetermined registration operation function, operates to the resource file after decryption.
After the completion of decryption component decryption, you can pass to by the predetermined registration operation function of Hook the operational order, this is pre-
If handling function brings into operation, so as to be operated to the resource file after decryption.For example, the internal memory of the intended application client
Resource file after the storage decryption of space, during the predetermined registration operation function operation, to the resource after decryption in the memory headroom
File is operated.
The embodiment of the present invention can apply to following scene:On the reinforcing platform that server is provided, there is provided to client's
The reinforcement protection of the installation file of intended application client, is encrypted to the resource file in source installation file, so as to obtain
Reinforce installation file.Whole reinforcing process whole process realizes automatic business processing, with the code logic of intended application client itself and
Operation flow realizes zero coupling.After the reinforcing installation file that terminal downloads server is provided, installed to reinforcing by decryption component
Encryption resource file in file is decrypted, and intended application client can apply the resource file after decryption, it is ensured that mesh
Mark the normal operation of applications client.
Method provided in an embodiment of the present invention, decryption component is provided by installation file is reinforced, and the decryption component exists
Hook predetermined registration operations function in running, can be when intended application client will call the predetermined registration operation function, by decrypting
Component captures corresponding operational order, and encryption resource file is decrypted, so that intended application client can be to decryption
Resource file afterwards is operated.The invention provides a kind of decryption method, core is, to protected intended application client
After the resource file at end is encrypted, in the running of intended application client, Hook technologies are used by decryption component,
Capture to encrypting the operational order of resource file, so as to complete the decryption to encrypting resource file, do not influenceed so as to ensure that
On the premise of the normal operation of intended application client, resource file in the installation file to intended application client is realized
Encipherment protection, effectively resisted attacker to the analysis of resource file, usurp, the behavior such as distort, improve security.Namely
It is that can realize the decryption to encrypting resource file while installation file is protected, it is to avoid influence intended application client
Normal operation.
Further, compared with a certain handling functions of Hook, all of handling functions of Hook can ensure to work as intended application
During client call any operation function, the decryption that can realizes to respective resources file, it is to avoid appearance omission, it is to avoid in mesh
There is mistake in the running for marking applications client, improve stability and compatibility.And, decrypting process user cannot
Perceive, do not interfere with Consumer's Experience, do not interfere with the normal of user and use.
Fig. 3 is the structural representation that a kind of resource file provided in an embodiment of the present invention decrypts device, referring to Fig. 3, the dress
Put including:Intended application client and decryption component, the intended application client include:Load-on module 301, instruction initiation module
302nd, operation module 303, the decryption component includes:Hook modules 304, trapping module 305, deciphering module 306;
Wherein, the load-on module 301 is connected with the Hook modules 304, and the Hook modules 304 connect with the trapping module 305
Connect, the instruction initiation module 302 is connected with the trapping module 305, the trapping module 305 is connected with the deciphering module 306, the solution
Close module 306 is connected with the operation module 303;
The load-on module 301, for loading the decryption component from the reinforcing installation file of the intended application client, should
Reinforcing at least includes encryption resource file and the decryption component in installation file, the decryption component is used to enter encryption resource file
Row decryption;
The Hook modules 304, in the running of the decryption component, Hook predetermined registration operation functions, so that this is caught
Obtain module 305 and capture operational order for calling the predetermined registration operation function, the predetermined registration operation function includes being used for the reinforcing
Each file in installation file carries out the handling function of any operation;
The instruction initiation module 302, for initiating the operational order;
The trapping module 305, for capturing the operational order;
The deciphering module 306, for being decrypted to the corresponding encryption resource file of the operational order;
The operation module 303, for calling the predetermined registration operation function, operates to the resource file after decryption.
Alternatively, the deciphering module 306 should for the corresponding encryption resource file of the operational order to be loaded onto into the target
With in the memory headroom of client, and the encryption resource file is decrypted.
Alternatively, the operation module 303 is used to call the predetermined registration operation function, to the resource after decryption in the memory headroom
File is operated.
Alternatively, the predetermined registration operation function includes at least one of read functions, fread functions and mmap functions.
Alternatively, the device also includes:Parsing module, the parsing module is located at the decryption component;
The parsing module, for being parsed to the reinforcing installation file, obtains Displacement mapping table, in the Displacement mapping table
Offset address including each encryption resource file.
Alternatively, the deciphering module 306 is used to determine the corresponding offset address for accessing data of the operational order;If should
Displacement mapping table includes the offset address, it is determined that the access data are encryption resource file;Obtain offset address correspondence
Encryption resource file, and the encryption resource file is decrypted.
Alternatively, the device also includes:
Receiver module, for the reinforcing installation file that the reception server sends, the server is used for the intended application
The source installation file of client is unpacked, and obtains file set, and the resource file that this document is concentrated is encrypted, and is obtained this and is added
Close resource file, and the decryption component is added, obtain reinforcing file set, the reinforcing file set is packed, obtain the reinforcing
Installation file.
Above-mentioned all optional technical schemes, can form alternative embodiment of the invention, herein no longer using any combination
Repeat one by one.
It should be noted that:The resource file decryption device that above-described embodiment is provided is carried out in the resource file to having encrypted
During decryption, only carried out with the division of above-mentioned each functional module for example, in practical application, can be as needed and by above-mentioned work(
Can distribution completed by different functional module, will intended application client and decryption component internal structure be divided into it is different
Functional module, to complete all or part of function described above.In addition, the resource file decryption dress that above-described embodiment is provided
Put and belong to same design with resource file decryption method embodiment, it implements process and refers to embodiment of the method, here no longer
Repeat.
Fig. 4 is a kind of structural representation of terminal provided in an embodiment of the present invention.Specifically:
Terminal 400 can include RF (Radio Frequency, radio frequency) circuit 110, include one or more meters
The memory 120 of calculation machine readable storage medium storing program for executing, input block 130, display unit 140, sensor 150, voicefrequency circuit 160, biography
Defeated module 170, include the part such as or the processor 180 and power supply 190 of more than one processing core.This area
Technical staff is appreciated that the restriction of the terminal structure shown in Fig. 4 not structure paired terminal, can include than illustrate it is more or
Less part, or some parts are combined, or different part arrangements.Wherein:
RF circuits 110 can be used to receiving and sending messages or communication process in, the reception and transmission of signal, especially, by base station
After downlink information is received, transfer to one or more than one processor 180 is processed;In addition, will be related to up data is activation to
Base station.Generally, RF circuits 110 include but is not limited to antenna, at least one amplifier, tuner, one or more oscillators, use
Family identity module (SIM) card, transceiver, coupler, LNA (Low Noise Amplifier, low-noise amplifier), duplex
Device etc..Additionally, RF circuits 110 can also be communicated by radio communication with network and other-end.The radio communication can make
With any communication standard or agreement, and including but not limited to GSM (Global System of Mobile communication, entirely
Ball mobile communcations system), GPRS (General Packet Radio Service, general packet radio service), CDMA (Code
Division Multiple Access, CDMA), WCDMA (Wideband Code Division Multiple
Access, WCDMA), LTE (Long Term Evolution, Long Term Evolution), Email, SMS (Short
Messaging Service, Short Message Service) etc..
Memory 120 can be used to store software program and module, the terminal institute as shown by above-mentioned exemplary embodiment
Corresponding software program and module, processor 180 store the software program and module in memory 120 by operation, from
And various function application and data processing are performed, such as realize the interaction based on video.Memory 120 can mainly include storage
Program area and storage data field, wherein, the application program that storing program area can be needed for storage program area, at least one function
(such as sound-playing function, image player function etc.) etc.;Storage data field can be stored and use what is created according to terminal 400
Data (such as voice data, phone directory etc.) etc..Additionally, memory 120 can include high-speed random access memory, can be with
Including nonvolatile memory, for example, at least one disk memory, flush memory device or other volatile solid-states
Part.Correspondingly, memory 120 can also include Memory Controller, to provide processor 180 and input block 130 pairs of storages
The access of device 120.
Input block 130 can be used to receive the numeral or character information of input, and generation is set and function with user
The relevant keyboard of control, mouse, action bars, optics or trace ball signal input.Specifically, input block 130 may include to touch
Sensitive surfaces 131 and other input terminals 132.Touch sensitive surface 131, also referred to as touch display screen or Trackpad, can collect use
Family thereon or neighbouring touch operation (such as user is using any suitable objects such as finger, stylus or annex in touch-sensitive table
Operation on face 131 or near Touch sensitive surface 131), and corresponding linked set is driven according to formula set in advance.It is optional
, Touch sensitive surface 131 may include two parts of touch detecting apparatus and touch controller.Wherein, touch detecting apparatus detection is used
The touch orientation at family, and the signal that touch operation brings is detected, transmit a signal to touch controller;Touch controller is from touch
Touch information is received in detection means, and is converted into contact coordinate, then give processor 180, and can receiving processor 180
The order sent simultaneously is performed.Furthermore, it is possible to using polytypes such as resistance-type, condenser type, infrared ray and surface acoustic waves
Realize Touch sensitive surface 131.Except Touch sensitive surface 131, input block 130 can also include other input terminals 132.Specifically,
Other input terminals 132 can include but is not limited to physical keyboard, function key (such as volume control button, switch key etc.),
One or more in trace ball, mouse, action bars etc..
Display unit 140 can be used to showing by user input information or be supplied to the information and terminal 400 of user
Various graphical user interface, these graphical user interface can be made up of figure, text, icon, video and its any combination.
Display unit 140 may include display panel 141, optionally, can use LCD (Liquid Crystal Display, liquid crystal
Show device), the form such as OLED (Organic Light-Emitting Diode, Organic Light Emitting Diode) configure display panel
141.Further, Touch sensitive surface 131 can cover display panel 141, when Touch sensitive surface 131 is detected thereon or neighbouring is touched
After touching operation, processor 180 is sent to determine the type of touch event, with preprocessor 180 according to the type of touch event
Corresponding visual output is provided on display panel 141.Although in fig. 4, Touch sensitive surface 131 and display panel 141 are conducts
Two independent parts come realize input and input function, but in some embodiments it is possible to by Touch sensitive surface 131 with display
Panel 141 is integrated and realization is input into and output function.
Terminal 400 may also include at least one sensor 150, such as optical sensor, motion sensor and other sensings
Device.Specifically, optical sensor may include ambient light sensor and proximity transducer, wherein, ambient light sensor can be according to environment
The light and shade of light adjusts the brightness of display panel 141, and proximity transducer can close display when terminal 400 is moved in one's ear
Panel 141 and/or backlight.As one kind of motion sensor, in the detectable all directions of Gravity accelerometer (generally
Three axles) acceleration size, size and the direction of gravity are can detect that when static, can be used for recognize mobile phone attitude application (ratio
Such as horizontal/vertical screen switching, dependent game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap);Extremely
The other sensors such as gyroscope, barometer, hygrometer, thermometer, the infrared ray sensor that be can also configure in terminal 400, herein
Repeat no more.
Voicefrequency circuit 160, loudspeaker 161, microphone 162 can provide the COBBAIF between user and terminal 400.Audio
Electric signal after the voice data conversion that circuit 160 will can be received, is transferred to loudspeaker 161, and sound is converted to by loudspeaker 161
Sound signal output;On the other hand, the voice signal of collection is converted to electric signal by microphone 162, after being received by voicefrequency circuit 160
Voice data is converted to, then after voice data output processor 180 is processed, through RF circuits 110 being sent to such as another end
End, or voice data is exported to memory 120 so as to further treatment.Voicefrequency circuit 160 is also possible that earphone jack,
To provide the communication of peripheral hardware earphone and terminal 400.
Terminal 400 can help user to send and receive e-mail, browse webpage and access streaming video by transport module 170
Deng it has provided the user broadband internet wirelessly or non-wirelessly and has accessed.Although Fig. 4 shows transport module 170, can be
Understand, it is simultaneously not belonging to must be configured into for terminal 400, can not change the essential scope of invention as needed completely
It is interior and omit.
Processor 180 is the control centre of terminal 400, and each portion of whole mobile phone is linked using various interfaces and circuit
Point, by running or performing software program and/or module of the storage in memory 120, and storage is called in memory 120
Interior data, perform the various functions and processing data of terminal 400, so as to carry out integral monitoring to mobile phone.Optionally, processor
180 may include one or more processing cores;Preferably, processor 180 can integrated application processor and modem processor,
Wherein, application processor mainly processes operating system, user interface and application program etc., and modem processor mainly processes nothing
Line communicates.It is understood that above-mentioned modem processor can not also be integrated into processor 180.
Terminal 400 also includes the power supply 190 (such as battery) powered to all parts, it is preferred that power supply can be by electricity
Management system is logically contiguous with processor 180, so as to realize management charging, electric discharge and power consumption by power-supply management system
The functions such as management.Power supply 190 can also include one or more direct current or AC power, recharging system, power supply event
The random component such as barrier detection circuit, power supply changeover device or inverter, power supply status indicator.
Although not shown, terminal 400 can also will not be repeated here including camera, bluetooth module etc..Specifically in this hair
In bright embodiment, the display unit of terminal is touch-screen display, and terminal also includes memory, and one or one with
On program, one of them or more than one program storage is configured to by one or more than one in memory
Computing device said one or more than one program.
In the embodiment of the present invention, the terminal 400 is used to run intended application client and the decryption of above-described embodiment offer
Component.
One of ordinary skill in the art will appreciate that realizing that all or part of step of above-described embodiment can be by hardware
To complete, it is also possible to instruct the hardware of correlation to complete by program, described program can be stored in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only storage, disk or CD etc..
The foregoing is only presently preferred embodiments of the present invention, be not intended to limit the invention, it is all it is of the invention spirit and
Within principle, any modification, equivalent substitution and improvements made etc. should be included within the scope of the present invention.
Claims (14)
1. a kind of resource file decryption method, it is characterised in that methods described includes:
Intended application client loads decryption component from reinforcing installation file, and encryption is at least included in the reinforcing installation file
Resource file and the decryption component, the decryption component are used to be decrypted encryption resource file;
In the running of the decryption component, Hook predetermined registration operation functions, to capture for calling the predetermined registration operation letter
Several operational orders, the predetermined registration operation function is included for carrying out any behaviour to each file in the reinforcing installation file
The handling function of work;
When the intended application client initiates the operational order, the decryption component captures the operational order, and to institute
The corresponding encryption resource file of operational order is stated to be decrypted;
Predetermined registration operation function described in the intended application client call, operates to the resource file after decryption.
2. method according to claim 1, it is characterised in that the decryption component captures the operational order, and to institute
The corresponding encryption resource file of operational order is stated to be decrypted, including:
The decryption component captures the operational order, and the corresponding encryption resource file of the operational order is loaded onto into the mesh
In the memory headroom of mark applications client, and the encryption resource file is decrypted.
3. method according to claim 2, it is characterised in that predetermined registration operation letter described in the intended application client call
Number, operates to the resource file after decryption, including:
Predetermined registration operation function described in the intended application client call, enters to the resource file after being decrypted in the memory headroom
Row operation.
4. method according to claim 1, it is characterised in that the predetermined registration operation function includes read functions, fread letters
At least one of number and mmap functions.
5. method according to claim 1, it is characterised in that methods described also includes:
The decryption component is parsed to the reinforcing installation file, obtains Displacement mapping table, is wrapped in the Displacement mapping table
Include the offset address of each encryption resource file.
6. method according to claim 5, it is characterised in that the decryption component captures the operational order, and to institute
The corresponding encryption resource file of operational order is stated to be decrypted, including:
The decryption component captures the operational order, determines the corresponding offset address for accessing data of the operational order;
If the Displacement mapping table includes the offset address, it is determined that the access data are encryption resource file;
The corresponding encryption resource file of the offset address is obtained, and the encryption resource file is decrypted.
7. method according to claim 1, it is characterised in that the intended application client from reinforcing in installation file plus
Before carrying decryption component, methods described also includes:
The reinforcing installation file that the reception server sends, the server is used for the source peace to the intended application client
Dress file is unpacked, and obtains file set, and the resource file in the file set is encrypted, and obtains the encryption resource text
Part, and the decryption component is added, obtain reinforcing file set, the reinforcing file set is packed, obtain described reinforcing and pacify
Dress file.
8. a kind of resource file decrypts device, it is characterised in that described device includes:Intended application client and decryption component,
The intended application client includes:Load-on module, instruction initiation module, operation module, the decryption component include:Hook moulds
Block, trapping module, deciphering module;
The load-on module, for loading the decryption component, institute from the reinforcing installation file of the intended application client
State to reinforce and at least include encryption resource file and the decryption component in installation file, the decryption component is used for encryption resource
File is decrypted;
The Hook modules, in the running of the decryption component, Hook predetermined registration operation functions, so as to the capture
Module captures the operational order for calling the predetermined registration operation function, and the predetermined registration operation function includes being used for the reinforcing
Each file in installation file carries out the handling function of any operation;
The instruction initiation module, for initiating the operational order;
The trapping module, for capturing the operational order;
The deciphering module, for being decrypted to the corresponding encryption resource file of the operational order;
The operation module, for calling the predetermined registration operation function, operates to the resource file after decryption.
9. device according to claim 8, it is characterised in that the deciphering module is used for the operational order is corresponding
Encryption resource file is loaded onto in the memory headroom of the intended application client, and the encryption resource file is solved
It is close.
10. device according to claim 9, it is characterised in that the operation module is used to call the predetermined registration operation letter
Number, operates to the resource file after being decrypted in the memory headroom.
11. devices according to claim 8, it is characterised in that the predetermined registration operation function includes read functions, fread
At least one of function and mmap functions.
12. devices according to claim 8, it is characterised in that described device also includes:Parsing module, the parsing mould
Block is located at the decryption component;
The parsing module, for being parsed to the reinforcing installation file, obtains Displacement mapping table, the Displacement mapping table
Include the offset address of each encryption resource file.
13. devices according to claim 12, it is characterised in that the deciphering module is used to determine the operational order pair
The offset address of the access data answered;If the Displacement mapping table includes the offset address, it is determined that the access number
According to be encryption resource file;The corresponding encryption resource file of the offset address is obtained, and the encryption resource file is carried out
Decryption.
14. devices according to claim 8, it is characterised in that described device also includes:
Receiver module, for the reinforcing installation file that the reception server sends, the server is used for should to the target
Unpacked with the source installation file of client, obtained file set, the resource file in the file set is encrypted, obtained
The encryption resource file, and the decryption component is added, obtain reinforcing file set, the reinforcing file set is packed,
Obtain the reinforcing installation file.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610495353.2A CN106709282B (en) | 2016-06-28 | 2016-06-28 | resource file decryption method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610495353.2A CN106709282B (en) | 2016-06-28 | 2016-06-28 | resource file decryption method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106709282A true CN106709282A (en) | 2017-05-24 |
CN106709282B CN106709282B (en) | 2018-10-02 |
Family
ID=58939721
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610495353.2A Active CN106709282B (en) | 2016-06-28 | 2016-06-28 | resource file decryption method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106709282B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107341373A (en) * | 2017-06-30 | 2017-11-10 | 北京深思数盾科技股份有限公司 | A kind of guard method of executable program and device |
CN109492353A (en) * | 2018-10-11 | 2019-03-19 | 北京奇虎科技有限公司 | Using reinforcement means, device, electronic equipment and storage medium |
CN109657488A (en) * | 2019-02-26 | 2019-04-19 | 北京智游网安科技有限公司 | A kind of resource file cipher processing method, intelligent terminal and storage medium |
CN110457920A (en) * | 2019-07-30 | 2019-11-15 | 苏州赛器信息安全科技有限公司 | A kind of data ciphering method and encryption device |
CN112823336A (en) * | 2018-11-21 | 2021-05-18 | 深圳市欢太科技有限公司 | Data processing method, data processing device, electronic equipment and storage medium |
CN114297589A (en) * | 2021-12-28 | 2022-04-08 | 北京深思数盾科技股份有限公司 | Resource protection method and device and resource reading method and device for application program |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101458756A (en) * | 2007-12-13 | 2009-06-17 | 天津市天堰医教科技开发有限公司 | File real time decrypting method |
CN102890758A (en) * | 2012-10-11 | 2013-01-23 | 北京深思洛克软件技术股份有限公司 | Method and system for protecting executable file |
CN105227565A (en) * | 2015-10-13 | 2016-01-06 | 北京娜迦信息科技发展有限公司 | Anti-reversing for Android system cracks the method and apparatus of shared object file |
CN105468987A (en) * | 2014-08-15 | 2016-04-06 | 中兴通讯股份有限公司 | Data processing method and device |
-
2016
- 2016-06-28 CN CN201610495353.2A patent/CN106709282B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101458756A (en) * | 2007-12-13 | 2009-06-17 | 天津市天堰医教科技开发有限公司 | File real time decrypting method |
CN102890758A (en) * | 2012-10-11 | 2013-01-23 | 北京深思洛克软件技术股份有限公司 | Method and system for protecting executable file |
CN105468987A (en) * | 2014-08-15 | 2016-04-06 | 中兴通讯股份有限公司 | Data processing method and device |
CN105227565A (en) * | 2015-10-13 | 2016-01-06 | 北京娜迦信息科技发展有限公司 | Anti-reversing for Android system cracks the method and apparatus of shared object file |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107341373A (en) * | 2017-06-30 | 2017-11-10 | 北京深思数盾科技股份有限公司 | A kind of guard method of executable program and device |
CN109492353A (en) * | 2018-10-11 | 2019-03-19 | 北京奇虎科技有限公司 | Using reinforcement means, device, electronic equipment and storage medium |
CN109492353B (en) * | 2018-10-11 | 2024-04-16 | 北京奇虎科技有限公司 | Application reinforcement method, device, electronic equipment and storage medium |
CN112823336A (en) * | 2018-11-21 | 2021-05-18 | 深圳市欢太科技有限公司 | Data processing method, data processing device, electronic equipment and storage medium |
CN109657488A (en) * | 2019-02-26 | 2019-04-19 | 北京智游网安科技有限公司 | A kind of resource file cipher processing method, intelligent terminal and storage medium |
CN109657488B (en) * | 2019-02-26 | 2021-09-28 | 北京智游网安科技有限公司 | Resource file encryption processing method, intelligent terminal and storage medium |
CN110457920A (en) * | 2019-07-30 | 2019-11-15 | 苏州赛器信息安全科技有限公司 | A kind of data ciphering method and encryption device |
CN114297589A (en) * | 2021-12-28 | 2022-04-08 | 北京深思数盾科技股份有限公司 | Resource protection method and device and resource reading method and device for application program |
Also Published As
Publication number | Publication date |
---|---|
CN106709282B (en) | 2018-10-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11088836B2 (en) | Key updating method, apparatus, and system | |
EP3200487B1 (en) | Message processing method and apparatus | |
CN104125216B (en) | A kind of method, system and terminal for lifting credible performing environment security | |
CN106709282B (en) | resource file decryption method and device | |
CN106598584B (en) | Method, device and system for processing resource file | |
CN105681032B (en) | Method for storing cipher key, key management method and device | |
CN110417543B (en) | Data encryption method, device and storage medium | |
CN108011879A (en) | File encryption, method, apparatus, equipment and the storage medium of decryption | |
CN106709347B (en) | Using the method and device of operation | |
CN107145794B (en) | Data processing method and device and mobile terminal | |
WO2014000652A1 (en) | Browser plug-in installation method, device and terminal | |
CN104580167A (en) | Data transmission method, device and system | |
CN104901805B (en) | A kind of identification authentication methods, devices and systems | |
US10454905B2 (en) | Method and apparatus for encrypting and decrypting picture, and device | |
US20160301530A1 (en) | Sensitive operation verification method, apparatus, and system | |
CN107103211B (en) | SDK send, using publication, using operation method and device | |
CN107590397A (en) | A kind of method and apparatus for showing embedded webpage | |
CN107615294A (en) | A kind of identifying code short message display method and mobile terminal | |
CN104901991A (en) | Methods, devices and system for transferring virtual resource | |
CN105488433B (en) | Terminal key generation method and device | |
CN105279433B (en) | Application program protection method and device | |
US11516654B2 (en) | Method for automatically encrypting short message, storage device and mobile terminal | |
CN105978878B (en) | Webpage verification using data-hiding technology method and device | |
CN107102913B (en) | Data back up method, device and computer equipment | |
WO2014198118A1 (en) | Method and device for protecting privacy information with browser |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |