A kind of method and device of source code encryption and decryption
Technical field
The present invention relates to information security field, and in particular to a kind of method and device of source code encryption and decryption.
Background technology
As the part of software organization's product, source code belongs to the important Knowledge Assets of software organization.Such as program source
The leakage and loss of code, direct economic loss can be brought to software organization;Some sensitive informations can be typically included in source code,
Such as AES, important service logic etc., the leakage and loss of this part of original code can be to the data safeties of product user
Bring great risk;The safety management of source code is also critically important for clearly defining responsibilities.Which developer can operate to source code,
If it can not control very well, it will the quality to source code brings no small influence.
After general source code is encrypted in the prior art, decryption program loading dynamic base carries out source code decryption, but decrypts
Program is not protected, can be tampered, and the source code byte stream after decryption, which can be inserted into, is output to outside specified file, so as to
Meaning obtains the source code of decryption.
The content of the invention
In view of this, it is existing to solve the embodiments of the invention provide the method and device of a kind of encryption of source code and decryption
Protection of source codes in, decryption program is not protected, the problem of causing source code easily arbitrarily to be obtained.
Therefore, the embodiments of the invention provide following technical scheme:
The embodiments of the invention provide a kind of source code encryption method, including:First is obtained using encipheror and random number
Key file;Source code is encrypted using the first key file, to obtain source code ciphertext;Based on decryption program, described
The key file of generating random number second, and the random number is stored in dynamic library file;Using second key file to institute
State first key file to be encrypted, to obtain the 3rd key file;By the source code ciphertext, the decryption program, described
Three key files, dynamic base packing, to obtain program bag.
Alternatively, the random number is generated by the encipheror.
Alternatively, it is described based on decryption program, the key file of the generating random number second, including:Based on the decryption
Program obtains Hash file;The Hash file and the random number are spliced to obtain the second key file.
A kind of source code decryption method, including:Program bag is obtained, described program bag includes source code ciphertext, decryption program, the
Three key files, dynamic base, there is random number in the dynamic base;Based in the decryption program and the dynamic base with
Machine number obtains the second key file;The 3rd key file is decrypted to obtain first using second key file
Key file;The source code ciphertext is decrypted according to the decryption program and the first key file, to be decrypted
Source code afterwards.
Alternatively, the random number based in the decryption program and the dynamic base obtains the second key file,
Including:Hash file is obtained based on the decryption program;The Hash file is spelled with the random number in the dynamic base
Connect to obtain the second key file.
A kind of computer equipment, including:At least one processor;And be connected with least one processor communication
Memory;Wherein, have can be by the computer program of at least one computing device, the computer for the memory storage
Program is by least one computing device, so that the above-mentioned source code encryption method of at least one computing device.
A kind of computer equipment, including:At least one processor;And be connected with least one processor communication
Memory;Wherein, have can be by the computer program of at least one computing device, the computer for the memory storage
Program is by least one computing device, so that the above-mentioned source code decryption method of at least one computing device.
The embodiment of the present invention has the following advantages that:
The embodiments of the invention provide the method and device of a kind of encryption of source code and decryption, encryption method is by using encryption
Program and random number obtain first key file, and source code is encrypted using first key file, obtain source code ciphertext, pass through
Decryption program generation Hash file, Hash file and random number splicing the second key file of generation are read, utilizes second key
First key file is encrypted file, realizes the protection to decryption program and the protection to source code;
Decryption method include obtain program bag, the program bag include source code ciphertext, decryption program, the 3rd key file,
Dynamic base, have random number in dynamic base, Hash file generated by reading decryption program, Hash file with dynamic base with
Machine number splices to obtain the second key file, and the 3rd key file is decrypted to obtain first key using the second key file
File, source code ciphertext is decrypted according to decryption program and first key file, with the source code after being decrypted, avoids understanding
Close program file is tampered, if reading decryption program generation in reading Hash file and ciphering process that decryption program generates
Hash file is consistent, then illustrates that decryption program was not tampered with, so as to protect decryption program, while could be to the 3rd key text
Part is decrypted.
Brief description of the drawings
, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical scheme of the prior art
The required accompanying drawing used is briefly described in embodiment or description of the prior art, it should be apparent that, in describing below
Accompanying drawing is some embodiments of the present invention, for those of ordinary skill in the art, before creative work is not paid
Put, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is a flow chart of source code encryption method according to embodiments of the present invention;
Fig. 2 is another flow chart of source code encryption method according to embodiments of the present invention;
Fig. 3 is a flow chart of source code decryption method according to embodiments of the present invention;
Fig. 4 is another flow chart of source code decryption method according to embodiments of the present invention;
Fig. 5 is the structure chart of source code encryption device according to embodiments of the present invention;
Fig. 6 is the structure chart for the source code decryption device implemented according to the present invention;
Fig. 7 is the hardware architecture diagram of the computer equipment of source code encryption method according to embodiments of the present invention;
Fig. 8 is the hardware architecture diagram of the computer equipment of source code decryption method according to embodiments of the present invention.
Embodiment
Technical scheme is clearly and completely described below in conjunction with accompanying drawing, it is clear that described implementation
Example is part of the embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, ordinary skill
The every other embodiment that personnel are obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.
In the description of the invention, it is necessary to which explanation is that term " first ", " second ", " the 3rd " are only used for describing purpose,
And it is not intended that instruction or hint relative importance.
As long as in addition, technical characteristic involved in invention described below different embodiments non-structure each other
It is be combined with each other into conflict can.
Embodiment 1
A kind of source code encryption method is provided in the present embodiment, and Fig. 1 is source code encryption side according to embodiments of the present invention
One flow chart of method, as shown in figure 1, this method comprises the following steps:
S101:First key file is obtained using encipheror and random number;Specifically, encipheror according to random number and
The key of certain rule generation source code encryption, and first key file SourceKey.key is exported, wherein, random number is by encrypting
Program Generating;
S102:Source code is encrypted using first key file, to obtain source code ciphertext;Utilize first key file
Source code is encrypted SourceKey.key, and exports source code ciphertext;
S103:Based on decryption program, the key file of generating random number second, and random number is stored in dynamic library file;It is logical
The code for reading decryption program is crossed, and special algorithm or function one file of the code building based on decryption program can be combined,
And this document is combined to the second key file of generation with random number, while random number is notified into dynamic base;
S104:First key file is encrypted using the second key file, to obtain the 3rd key file;Using upper
State the second key file first key file SourceKey.key is encrypted, obtain the 3rd key file, with this by first
Key file protects;
S105:Source code ciphertext, decryption program, the 3rd key file, dynamic base are packed, to obtain program bag;Will be above-mentioned
Obtained source code ciphertext, the 3rd key file, dynamic base and decryption program is packed external offer together, and receiving terminal is to obtain source
Code, then must first go through decryption program and dynamic base obtain the second key file, could be close to the 3rd using the second key file
Key file is decrypted, and obtains first key file, and decryption program is decrypted in conjunction with first key file to source code ciphertext.
By above-mentioned steps, first key file is obtained by using encipheror and random number, utilizes first key text
Source code is encrypted part, obtains source code ciphertext, by reading decryption program and random number splicing the second key file of generation, profit
First key file is encrypted with second key file, by obtained source code ciphertext and the 3rd key file, dynamic base
And decryption program packing is externally announced, generation key file is combined with random number by decryption program, is realized to decryption program
Protection and protection to source code, to solve in existing protection of source codes, decryption program is not protected, causes source code easy
The problem of arbitrarily acquisition.
Above-mentioned steps S103 is related to based on decryption program, the key file of generating random number second, in an optional implementation
In mode, the step includes based on decryption program obtaining Hash file, Hash file is spliced with random number to obtain the
Two key files, specifically, Hash file is generated by reading decryption program, Hash file is dynamic password splicing with random number
The second key file is used as together, and by way of reading decruption key and being combined with dynamic password, decryption program is carried out
Protection, prevents decryption program to be tampered.
Fig. 2 is another flow chart of source code encryption method according to embodiments of the present invention, in one alternate embodiment,
As shown in Fig. 2 encipheror generates the key file SourceKey.key of source code encryption using random number according to certain rule,
Key file SourceKey.key carries out symmetric cryptography to source code, obtains source code ciphertext;Read decryption program file generated
Hash, hash file adds random dynamic puzzle, notifies dynamic base developer as key, while dynamic password, is repaiied
Change packing dynamic base, the key carries out symmetric cryptography again to SourceKey.key files, obtains key file Key.key, will
Source code ciphertext, dynamic base, key file, decryption program packing, obtain program bag and externally announce.Wherein, the key solution of dynamic base
Analysis process is:Using the dynamic password of reception as constant, decryption program file generated Hash is read, is then spliced with dynamic password
Together, as decruption key, read key file Key.key and symmetrically decrypted, obtained in SourceKey.key bytes
Hold, return to decryption program.
Embodiment 2
A kind of source code decryption method is provided in the present embodiment, and Fig. 3 is source code decryption side according to embodiments of the present invention
One flow chart of method, as shown in figure 3, this method comprises the following steps:
S301:Program bag is obtained, program bag includes source code ciphertext, decryption program, the 3rd key file, dynamic base, should
There is random number in dynamic base;
S302:Second key file is obtained based on the random number in decryption program and dynamic base;Specifically, decryption is read
Program obtains Hash file, and the random number in the Hash file and dynamic base is spliced to obtain the second key file;
S303:The 3rd key file is decrypted to obtain first key file using the second key file;3rd is close
Key file is encrypted to obtain by the second key file to first key file, therefore in decryption, it is necessary to utilize the
3rd key file is decrypted two key files, obtains first key file;
S304:Source code ciphertext is decrypted according to decryption program and first key file, with the source code after being decrypted;
First key file and source code are decrypted decryption program, obtain source code in plain text.
By above-mentioned steps, acquisition includes source code ciphertext, decryption program, the 3rd key file, the program bag of dynamic base,
There is random number in dynamic base, generates Hash file by reading decryption program, Hash file is spelled with the random number in dynamic base
Connect to obtain the second key file, the 3rd key file be decrypted to obtain first key file using the second key file,
Source code ciphertext is decrypted according to decryption program and first key file, with the source code after being decrypted, avoids decryption journey
Preface part is tampered, if reading the Hash of decryption program generation in reading Hash file and ciphering process that decryption program generates
File is consistent, then illustrates that decryption program was not tampered with, and so as to protect decryption program, while the 3rd key file could be entered
Row decryption.
Fig. 4 is another flow chart of source code decryption method according to embodiments of the present invention, as shown in figure 4, can at one
Select in embodiment, obtain program bag first, load decryption program, call dynamic base to carry out key-parsing, read decryption program
File generated hash file, then it is stitched together with dynamic password as decruption key, using the decruption key to Key.key
Symmetrically decrypted, obtain SourceKey.key byte contents, return to decryption program, decryption program carries out symmetrical to source code
Decryption, obtain source code in plain text.
Embodiment 3
A kind of source code encryption device is additionally provided in the present embodiment, and the device is used to realize above-described embodiment and preferred reality
Mode is applied, had carried out repeating no more for explanation.As used below, term " module " can realize the soft of predetermined function
The combination of part and/or hardware.Although device described by following examples is preferably realized with software, hardware, or
The realization of the combination of software and hardware is also what may and be contemplated.
Originally apply example and a kind of source code encryption device is provided, as shown in figure 5, the device includes first key file acquisition module
51, for obtaining first key file using encipheror and random number, wherein random number is generated by encipheror;Source code
Ciphertext acquisition module 52, for source code to be encrypted using first key file, to obtain source code ciphertext;Second key file
Acquisition module 53, for based on decryption program, the key file of generating random number second, and random number is stored in dynamic library file;
3rd key file acquisition module 54, for first key file to be encrypted using the second key file, to obtain the 3rd
Key file;Program bag acquisition module 55, for source code ciphertext, decryption program, the 3rd key file, dynamic base to be packed, with
Obtain program bag.
In an optional embodiment, the second key file acquisition module 53 includes:Hash file obtaining unit, is used for
Hash file is obtained based on decryption program;Second key text acquiring unit, for by Hash file and random number spliced with
Obtain the second key file.
The further function description of above-mentioned modules is identical with above-mentioned corresponding embodiment, will not be repeated here.
Embodiment 4
A kind of source code decryption device is additionally provided in the present embodiment, and the device is used to realize above-described embodiment and preferred reality
Mode is applied, had carried out repeating no more for explanation.As used below, term " module " can realize the soft of predetermined function
The combination of part and/or hardware.Although device described by following examples is preferably realized with software, hardware, or
The realization of the combination of software and hardware is also what may and be contemplated.
The present embodiment provides a kind of source code decryption device, as shown in fig. 6, the device includes program bag acquisition module 61, uses
In obtaining program bag, the program bag includes source code ciphertext, decryption program, the 3rd key file, dynamic base, had in dynamic base
Random number;Second key file acquisition module 62, it is close for obtaining second based on the random number in decryption program and dynamic base
Key file;First key file acquisition module 63, for the 3rd key file is decrypted using the second key file with
To first key file;Source code acquisition module 64, for being solved according to decryption program and first key file to source code ciphertext
It is close, with the source code after being decrypted.
In an optional embodiment, the second key file acquisition module 62 includes:Hash file obtaining unit, is used for
Hash file is obtained based on decryption program;Second key text acquiring unit, for by the random number in Hash file and dynamic base
Spliced to obtain the second key file.
The further function description of above-mentioned modules is identical with above-mentioned corresponding embodiment, will not be repeated here.
Embodiment 5
Fig. 7 is the hardware architecture diagram of the computer equipment of source code encryption method according to embodiments of the present invention, such as Fig. 7
Shown, the equipment includes one or more processors 710 and memory 720, in Fig. 7 by taking a processor 710 as an example.
Performing the equipment of source code encryption method can also include:Input unit 730 and output device 740.
Processor 710, memory 720, input unit 730 and output device 740 can pass through bus or other modes
Connect, in Fig. 7 exemplified by being connected by bus.
Processor 710 can be central processing unit (Central Processing Unit, CPU).Processor 710 may be used also
Think other general processors, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit
(Application Specific Integrated Circuit, ASIC), field programmable gate array (Field-
Programmable Gate Array, FPGA) either other PLDs, discrete gate or transistor logic,
The chips such as discrete hardware components, or the combination of above-mentioned all kinds of chips.General processor can be microprocessor or the processing
Device can also be any conventional processor etc..
Memory 720 is used as a kind of non-transient computer readable storage medium storing program for executing, available for storing non-transient software program, non-
Transient computer executable program and module, programmed instruction/mould as corresponding to the source code encryption method in the embodiment of the present application
Block.Processor 710 is stored in non-transient software program, instruction and module in memory 720 by operation, so as to perform clothes
The various function application of business device and data processing, that is, realize the source code encryption method in above method embodiment.
Memory 720 can include storing program area and storage data field, wherein, storing program area can store operation system
Application program required for system, at least one function;Storage data field can storage source code encryption device use created number
According to etc..In addition, memory 720 can include high-speed random access memory, non-transient memory can also be included, for example, at least
One disk memory, flush memory device or other non-transient solid-state memories.In certain embodiments, memory 720 can
Choosing includes by network connection to source code to add relative to the remotely located memory of processor 710, these remote memories
Close processing unit.The example of above-mentioned network include but is not limited to internet, intranet, LAN, mobile radio communication and
It is combined.
Input unit 730 can receive the numeral or character information of input, and produce and the processing unit of source code encryption
The key signals input that user is set and function control is relevant.Output device 740 may include the display devices such as display screen.
One or more of modules are stored in the memory 720, when by one or more of processors
During 710 execution, method as shown in Figure 1 to Figure 2 is performed.
The said goods can perform the method that the embodiment of the present invention is provided, and possesses the corresponding functional module of execution method and has
Beneficial effect and not ins and outs of detailed description in the present embodiment, for details, reference can be made to implementation as shown in Figure 1, Figure 2, Figure 5
Associated description in example.
Embodiment 6
Fig. 8 is the hardware architecture diagram of the computer equipment of source code decryption method according to embodiments of the present invention, such as Fig. 8
Shown, the equipment includes one or more processors 810 and memory 820, in Fig. 8 by taking a processor 810 as an example.
Performing the equipment of source code decryption method can also include:Input unit 830 and output device 840.
Processor 810, memory 820, input unit 830 and output device 840 can pass through bus or other modes
Connect, in Fig. 8 exemplified by being connected by bus.
Processor 810 can be central processing unit (Central Processing Unit, CPU).Processor 810 may be used also
Think other general processors, digital signal processor (Digital Signal Processor, DSP), application specific integrated circuit
(Application Specific Integrated Circuit, ASIC), field programmable gate array (Field-
Programmable Gate Array, FPGA) either other PLDs, discrete gate or transistor logic,
The chips such as discrete hardware components, or the combination of above-mentioned all kinds of chips.General processor can be microprocessor or the processing
Device can also be any conventional processor etc..
Memory 820 is used as a kind of non-transient computer readable storage medium storing program for executing, available for storing non-transient software program, non-
Transient computer executable program and module, programmed instruction/mould as corresponding to the source code decryption method in the embodiment of the present application
Block.Processor 810 is stored in non-transient software program, instruction and module in memory 820 by operation, so as to perform clothes
The various function application of business device and data processing, that is, realize the source code decryption method in above method embodiment.
Memory 820 can include storing program area and storage data field, wherein, storing program area can store operation system
Application program required for system, at least one function;Storage data field can store source code decryption device and use created number
According to etc..In addition, memory 820 can include high-speed random access memory, non-transient memory can also be included, for example, at least
One disk memory, flush memory device or other non-transient solid-state memories.In certain embodiments, memory 820 can
Choosing includes that relative to the remotely located memory of processor 810, these remote memories network connection to source code solution can be passed through
Close processing unit.The example of above-mentioned network include but is not limited to internet, intranet, LAN, mobile radio communication and
It is combined.
Input unit 830 can receive the numeral or character information of input, and produce and the processing unit of source code decryption
The key signals input that user is set and function control is relevant.Output device 840 may include the display devices such as display screen.
One or more of modules are stored in the memory 820, when by one or more of processors
During 810 execution, method as shown in Figure 3 to Figure 4 is performed.
The said goods can perform the method that the embodiment of the present invention is provided, and possesses the corresponding functional module of execution method and has
Beneficial effect and not ins and outs of detailed description in the present embodiment, for details, reference can be made to the implementation as shown in Fig. 3, Fig. 4, Fig. 6
Associated description in example.
Embodiment 7
The embodiment of the present invention additionally provides a kind of computer-readable recording medium, and the computer-readable storage medium is stored with meter
Calculation machine executable instruction, the computer executable instructions can perform the source code encryption method in above-mentioned any means embodiment.Its
In, the storage medium can be magnetic disc, CD, read-only memory (Read-Only Memory, ROM), random storage note
Recall body (Random Access Memory, RAM), flash memory (Flash Memory), hard disk (Hard Disk Drive,
Abbreviation:) or solid state hard disc (Solid-State Drive, SSD) etc. HDD;The storage medium can also include mentioned kind
The combination of memory.
Embodiment 8
The embodiment of the present invention additionally provides a kind of computer-readable recording medium, and the computer-readable storage medium is stored with meter
Calculation machine executable instruction, the computer executable instructions can perform the source code decryption method in above-mentioned any means embodiment.Its
In, the storage medium can be magnetic disc, CD, read-only memory (Read-Only Memory, ROM), random storage note
Recall body (Random Access Memory, RAM), flash memory (Flash Memory), hard disk (Hard Disk Drive,
Abbreviation:) or solid state hard disc (Solid-State Drive, SSD) etc. HDD;The storage medium can also include mentioned kind
The combination of memory.
It should be understood by those skilled in the art that, embodiments of the invention can be provided as method, system or computer program
Product.Therefore, the present invention can use the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware
Apply the form of example.Moreover, the present invention can use the computer for wherein including computer usable program code in one or more
The computer program production that usable storage medium is implemented on (including but is not limited to magnetic disk storage, CD-ROM, optical memory etc.)
The form of product.
The present invention is the flow with reference to method according to embodiments of the present invention, equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that can be by every first-class in computer program instructions implementation process figure and/or block diagram
Journey and/or the flow in square frame and flow chart and/or block diagram and/or the combination of square frame.These computer programs can be provided
The processors of all-purpose computer, special-purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce
A raw machine so that produced by the instruction of computer or the computing device of other programmable data processing devices for real
The device for the function of being specified in present one flow of flow chart or one square frame of multiple flows and/or block diagram or multiple square frames.
These computer program instructions, which may be alternatively stored in, can guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works so that the instruction being stored in the computer-readable memory, which produces, to be included referring to
Make the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one square frame of block diagram or
The function of being specified in multiple square frames.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted
Series of operation steps is performed on calculation machine or other programmable devices to produce computer implemented processing, so as in computer or
The instruction performed on other programmable devices is provided for realizing in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in individual square frame or multiple square frames.
Obviously, above-described embodiment is only intended to clearly illustrate example, and is not the restriction to embodiment.It is right
For those of ordinary skill in the art, can also make on the basis of the above description it is other it is various forms of change or
Change.There is no necessity and possibility to exhaust all the enbodiments.And the obvious change thus extended out or
Among changing still in the protection domain of the invention.