CN110210256B - Application reinforcement, reinforcement application starting method and device and server - Google Patents
Application reinforcement, reinforcement application starting method and device and server Download PDFInfo
- Publication number
- CN110210256B CN110210256B CN201810892371.3A CN201810892371A CN110210256B CN 110210256 B CN110210256 B CN 110210256B CN 201810892371 A CN201810892371 A CN 201810892371A CN 110210256 B CN110210256 B CN 110210256B
- Authority
- CN
- China
- Prior art keywords
- application
- class
- reinforcement
- entry
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/86—Secure or tamper-resistant housings
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Stored Programmes (AREA)
Abstract
The embodiment of the application provides an application reinforcement method, an application reinforcement device and a server, wherein the application reinforcement method, the application reinforcement device and the server are used for determining application entry classes and non-application entry classes of an application to be reinforced; encrypting the non-application portal class to obtain first information; inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information; based on the first information and the second information, a reinforcement application mode is generated, reinforcement of the application is achieved, and further, when the reinforcement application is started, only an application entry context is required to be initialized, reinforcement shell codes can be executed to decrypt the first information of the reinforcement application to obtain non-application entry classes, and then the reinforcement application is started, so that the problem that after the application is reinforced by the existing application reinforcement technology, the reinforcement application can be started only by executing twice initialization context operations and executing one context switching operation, and the starting efficiency of the reinforcement application is low is solved.
Description
Technical Field
The invention relates to the technical field of application reinforcement, in particular to an application reinforcement method, an application reinforcement starting device and a server.
Background
In order to improve the safety of application, application reinforcement technology is increasingly used. The reinforced application can effectively avoid the problem of application code leakage caused by decompilation.
The application consolidation techniques in the prior art are mainly implemented by encrypting the application and directing the application portal to the consolidated shell portal. Based on this, in the prior art, when a hardened application is started, firstly, a hardened shell entry is entered, a hardened shell context is initialized, and the application is decrypted based on a hardened shell code, then, the application entry is entered, the application entry context is initialized, and the decrypted application is executed on the basis of switching the hardened shell entry context to the application entry context, so as to complete the start of the hardened application.
Although the prior art can implement reinforcement of the application, since the application after reinforcement needs to be started up twice for initializing the context and once for switching the context, the starting efficiency of the application after reinforcement is greatly affected.
Disclosure of Invention
In view of the above, the embodiments of the present invention provide an application reinforcement method, apparatus, and server for reinforcing an application, so as to improve the starting efficiency of the application after reinforcement on the basis of implementing reinforcement on the application.
In order to achieve the above object, the embodiment of the present invention provides the following technical solutions:
an application strengthening method, comprising:
determining application entry classes and non-application entry classes of an application to be consolidated;
encrypting the non-application portal class to obtain first information;
inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information;
and generating a reinforcement application based on the first information and the second information.
An application strengthening apparatus, comprising:
a determining unit, configured to determine an application entry class and a non-application entry class of an application to be consolidated;
the encryption unit is used for encrypting the non-application entry class to obtain first information;
a code insertion unit, configured to insert a hardened shell code for decrypting the first information into an initial execution position of the application entry class, to obtain second information;
and the reinforcement application generating unit is used for generating a reinforcement application based on the first information and the second information.
An application consolidation server comprising a memory for storing a program and a processor for invoking the program, the program for:
determining application entry classes and non-application entry classes of an application to be consolidated;
encrypting the non-application portal class to obtain first information;
inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information;
and generating a reinforcement application based on the first information and the second information.
A method of launching a ruggedized application, comprising:
loading initialization related resources of a reinforcement application to be started;
initializing an application entry context of the hardened application based on the initialization-related resources;
executing the reinforcement shell code at the initial execution position of the application entry class in the second information of the reinforcement application, and decrypting the first information of the reinforcement application to obtain a non-application entry class;
and continuing to execute the application entry class and the non-application entry class, and starting the reinforcement application.
A ruggedized application launch device, comprising:
the loading unit is used for loading the initialization related resources of the reinforcement application to be started;
An initializing unit, configured to initialize an application entry context of the hardened application based on the initialization-related resource;
the execution unit is used for executing the reinforcement shell code at the initial execution position of the application entry class in the second information of the reinforcement application and decrypting the first information of the reinforcement application to obtain a non-application entry class;
and the starting unit is used for continuously executing the application entry class and the non-application entry class and starting the reinforcement application.
A ruggedized application launch server comprising a memory for storing a program and a processor for invoking the program, the program being for:
loading initialization related resources of a reinforcement application to be started;
initializing an application entry context of the hardened application based on the initialization-related resources;
executing the reinforcement shell code at the initial execution position of the application entry class in the second information of the reinforcement application, and decrypting the first information of the reinforcement application to obtain a non-application entry class;
and continuing to execute the application entry class and the non-application entry class, and starting the reinforcement application.
The embodiment of the application provides an application reinforcement method, an application reinforcement device and a server, wherein the application reinforcement method, the application reinforcement device and the server are used for determining application entry classes and non-application entry classes of an application to be reinforced; encrypting the non-application portal class to obtain first information; inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information; based on the first information and the second information, a reinforcement application mode is generated, reinforcement of the application is achieved, and further, when the reinforcement application is started, only an application entry context is required to be initialized, reinforcement shell codes can be executed to decrypt the first information of the reinforcement application to obtain non-application entry classes, and then the reinforcement application is started, so that the problem that after the application is reinforced by the existing application reinforcement technology, the reinforcement application can be started only by executing twice initialization context operations and executing one context switching operation, and the starting efficiency of the reinforcement application is low is solved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic structural diagram of an application strengthening server according to an embodiment of the present application;
FIG. 2 is a flowchart of an application reinforcement method according to an embodiment of the present application;
FIG. 3 is a flowchart of a method for determining application portal classes and non-application portal classes of an application to be consolidated according to an embodiment of the present application;
FIG. 4 is a flowchart of a method for inserting a shell-hardened code for decrypting a first message into an initial execution location of an application portal class to obtain a second message according to an embodiment of the present application;
FIG. 5 is a flowchart of a method for generating a reinforcement application based on first information and second information according to an embodiment of the present application;
FIG. 6 is a flowchart of another method for application reinforcement according to an embodiment of the present application;
Fig. 7 is a schematic structural diagram of an application reinforcement device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of a consolidated application start server according to an embodiment of the present application;
FIG. 9 is a flowchart of a method for launching a reinforcement application according to an embodiment of the present application;
FIG. 10 is a flowchart of a method for decrypting first information of a hardened application to obtain a non-application entry class by the hardened shell code at an initial execution position of the application entry class in second information of the hardened application according to an embodiment of the present application;
FIG. 11 is a schematic structural diagram of a reinforcement application launcher according to an embodiment of the present application;
FIG. 12 is a first display interface provided in an embodiment of the present application;
fig. 13 is a second display interface provided in an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Examples:
optionally, the application reinforcement method provided in the embodiments of the present application is applied to an application reinforcement server, where the function of the application reinforcement server may be implemented by a single server or may be implemented by a server cluster formed by multiple servers, which is not limited herein.
Referring to fig. 1, specifically, a structural schematic diagram of an application reinforcement server provided in an embodiment of the present application includes: a processor 11 and a memory 12.
Wherein the processor 11, the memory 12, the communication interface 13 perform communication with each other via a communication bus 14.
Alternatively, the communication interface 13 may be an interface of a communication module, such as an interface of a GSM module. A processor 11 for executing the program.
The processor 11 may be a central processing unit CPU or a specific integrated circuit ASIC (Application Specific Integrated Circuit) or one or more integrated circuits configured to implement embodiments of the present invention.
A memory 12 for storing a program.
The program may include program code including computer operating instructions. In the embodiment of the present invention, the program may include a program corresponding to the user interface editor.
The memory 12 may comprise high-speed RAM memory or may further comprise non-volatile memory (non-volatile memory), such as at least one disk memory.
Wherein, the procedure can be specifically used for:
determining application entry classes and non-application entry classes of an application to be consolidated;
encrypting the non-application entry class to obtain first information;
inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information;
based on the first information and the second information, a reinforcement application is generated.
Accordingly, for easy understanding, an embodiment of the application provides a flowchart of an application reinforcement method, please refer to fig. 2.
As shown in fig. 2, the method includes:
s201, determining an application entry class and a non-application entry class of an application to be consolidated;
alternatively, the application to be consolidated is in binary format, i.e. the application to be consolidated is made up of files in binary format that can be directly executed by the machine.
In the embodiment of the present application, preferably, the application to be consolidated is an application installation package (such as a WeChat installation package, a QQ installation package, etc.). The application installation package may be obtained through a variety of channels, such as network-based download, copy/cut from other storage devices, etc.
The foregoing is merely a representation form of an application to be reinforced provided in the embodiments of the present application, and the inventor may set specific content and an acquisition manner of the application to be reinforced according to his own needs at will, which is not limited herein.
Optionally, after determining the application to be consolidated, an application entry class and a non-application entry class in the application to be consolidated need to be determined. The number of application entry classes in the application to be reinforced is at least one, and the application entry classes in the application to be reinforced comprise: the method comprises the steps that a first application entry class of an application to be reinforced and each class (each class can be called as a second application entry class) which is required to be called in the execution process of the first application entry class and is positioned in the application to be reinforced, and the first application entry class and all the second application entry classes form an application entry class in the application to be reinforced; accordingly, each class of the application to be consolidated, except for the application portal class, is a non-application portal class.
Optionally, in an Application (such as an Android Application, etc.), each time the Application is started, the system finds a subclass inherited from the system Application class according to the configuration of the Application developer, and the subclass is the first Application entry class. From the point of view of application starting, each start of an application is performed from a first application entry class, that is, the first application entry class is the application module executed earliest in the application start flow.
S202, encrypting a non-application entry class to obtain first information;
optionally, after determining the application entry class and the non-application entry class of the application to be consolidated, encrypting all the non-application entry classes in the application to be consolidated to obtain first information corresponding to all the non-application entry classes.
S203, inserting a reinforcement shell code for decrypting the first information into an initial execution position of an application entry class to obtain second information;
optionally, after determining the application portal class and the non-application portal class of the application to be consolidated, a reinforcement shell code is inserted at an initial execution position of the application portal class to obtain second information corresponding to the application portal class.
S204, generating a reinforcement application based on the first information and the second information.
Optionally, after obtaining the first information corresponding to all non-application portal classes in the application to be consolidated and the second information corresponding to the application portal classes, the consolidated application may be generated based on the first information and the second information.
In order to facilitate understanding of an application reinforcement method provided in the embodiments of the present application, a detailed description will now be made of the "determine application portal class and non-application portal class of an application to be reinforced" procedure in the method.
In the case where the application to be consolidated is an application installation package, the embodiment of the application provides a method flowchart for determining an application entry class and a non-application entry class of the application to be consolidated, and specifically please refer to fig. 3.
As shown in fig. 3, the method includes:
s301, decompressing an application installation package to be reinforced to obtain a manifest file and a dex file in the application installation package;
alternatively, the application installation package may be a compressed package, in which case if the application installation package is to be processed, the application installation package needs to be decompressed first to obtain the file in the decompressed application installation package.
It should be noted that: the technology adopted in the process of decompressing the application installation package to be reinforced is the same as that adopted in the process of packing a file to obtain a compressed file and unpacking the compressed file to obtain the file in the prior art, so the specific implementation manner of step S301 in the embodiment of the present application is referred to the prior art, and will not be described in detail herein.
In this embodiment of the present application, preferably, the application installation package to be consolidated is decompressed, and the file in the obtained application installation package at least includes: a manifest file and a dex file. The class name of the application entry is indicated in the manifest file, and the business logic is indicated in the dex file.
S302, decompiling the dex file to generate a code file;
optionally, decompiling the dex file, generating a code file, the code file being composed of an application entry class and a non-application entry class for indicating business logic.
S303, analyzing the list file, and determining the class name of the application entry indicated by the list file;
optionally, because the manifest file is a machine executable file, if the manifest file is processed, the manifest file needs to be parsed to obtain a readable manifest file, and then the class name of the application entry indicated by the manifest file is determined through the parsed manifest file.
S304, determining a first application entry class of a corresponding application entry in the code file based on the class name;
optionally, after determining the class name of the application portal, the code file generated in step S302 searches for a class having the same class name as the class name determined in step S303, and determines the found class as the first application portal class.
S305, determining each second application entry class corresponding to the first application entry class in the code file by utilizing a subcontracting technology;
optionally, after determining the first application entry class, determining each class in the code file that needs to be called when the first application entry class is executed by using a packetizing technology, and determining each of the determined each class as a second application entry class.
Optionally, in an application (for example, an Android application), a DEX file is stored in the binary code, the application has a main DEX file, and a plurality of auxiliary DEX files (which may be 0) are called a DEX file as a package; the package in the package technology refers to the main DEX in the application, and the package refers to the decomposition of the code contained in the main DEX file into two packages, wherein one package contains a first application entry class and a second application entry class, and the other package contains all the remaining classes.
The process of the sub-packaging technology can be as follows: step 1, analyzing relations among all classes in the main DEX, including reference relations, inheritance relations and the like; step 2, recursively decomposing the class related to the first application entry class into the package a (namely decomposing the second application entry class into the package a) based on the relation chain and the first application entry class obtained in the step 1 and taking the first application entry class as a root; step 3, classifying the rest classes in the main packet as a packet B; step 4, packet a and packet B are the output of the packetization technique, i.e. one packet is decomposed into two packets.
S306, each class except the first application entry class and the second application entry class in the code file is respectively determined to be a non-application entry class.
Optionally, after determining the first application portal class and the second application portal class, each class in the code file except the first application portal class and the second application portal class is determined as a non-application portal class.
In order to facilitate understanding of an application reinforcement method provided in the embodiments of the present application, a detailed description will now be given of a "encrypt non-application entry class, obtain first information" procedure in the method.
Optionally, encrypting the non-application portal class to obtain the first information, including: and recompiling the non-application entry class, and encrypting the recompiled non-application entry class to obtain the first information.
In the embodiment of the present application, preferably, after determining the application entry class and the non-application entry class in the application to be consolidated, recompilation is performed on all the non-application entry classes to obtain a recompilation result; and encrypting the recompilation result, and determining the recompilation result after encryption as first information.
In order to facilitate understanding of an application reinforcement method provided in the embodiments of the present application, a process of "inserting a reinforcement shell code for decrypting first information into an initial execution location of an application portal class, and obtaining second information" in the method will now be described in detail.
Specifically, fig. 4 is a flowchart of a method for inserting a shell-reinforcing code for decrypting first information into an initial execution position of an application entry class to obtain second information according to an embodiment of the present application.
As shown in fig. 4, the method includes:
s401, determining an entry function in a first application entry class;
optionally, the first application entry class corresponding to the application entry indicated by the manifest file includes at least one function, and a function with a function name being a preset function name in the at least one function is an entry function in the first application entry class.
The preset function name is a name used by a function which is specified by a programming language and is used as an entry function. For example, if the programming language specifies a as the name of the entry function, and the preset function name is a, determining the entry function in the first application entry class includes: a function with a function name A in at least one function in the first application entry class is determined as an entry function.
S402, inserting the reinforcement shell code for decrypting the first information into an initial execution position of the entry function;
optionally, inserting the shell-hardened code for decrypting the first information into an initial execution location of the entry function includes: a first line of codes in the entry function is determined, and a hardened shell code is inserted into the entry function, wherein the inserted hardened shell code is located before the determined first line of codes in the entry function.
S403, the second application entry class and the first application entry class inserted with the reinforced shell code are recompiled to obtain second information.
Optionally, the second application entry class and the first application entry class with the inserted hardened shell code are recompiled, and the recompiled second application entry class and the first application entry class with the inserted hardened shell code are determined to be the second information.
Alternatively, all non-application portal classes may be integrated into one file to obtain a first file, where the first file includes all non-application portal classes; and recompilation is performed on the first file, the recompilated first file (e.g., the contents in the recompilated first file) is encrypted, and a third file is obtained, wherein the third file comprises the first information.
Optionally, the first application entry class and each second application entry class inserted with the stiffening shell code may be integrated in another file to obtain a second file, where the second file includes the first application entry class and each second application entry class; and recompiling the second file to obtain a fourth file, wherein the fourth file comprises second information.
In order to facilitate understanding of an application reinforcement method provided in the embodiments of the present application, a detailed description will now be made of a "generate reinforcement application based on the first information and the second information" procedure in the method.
Fig. 5 is a flowchart of a method for generating a reinforcement application based on first information and second information according to an embodiment of the present application.
As shown in fig. 5, the method includes:
s501, generating a target dex file, wherein the target dex file is composed of first information and second information;
optionally, after the first information and the second information are obtained, a target dex file is determined, where the target dex file includes the first information and the second information. That is, the first information and the second information are taken as contents in the target dex file.
S502, generating a reinforcement application based on the target dex file and the manifest file.
Optionally, after generating the target dex file, generating a strengthening application based on the target dex file and a manifest file obtained after decompressing the application installation package to be strengthened; the reinforcement application comprises a target dex file and a manifest file, or the decompressed reinforcement application comprises the target dex file and the manifest file.
Further, in the application reinforcement method provided by the embodiment of the present application, the generated reinforcement application includes, in addition to the target dex file and the manifest file, an OS file, where the OS file is a file automatically generated by the system in the process of application reinforcement of the application installation package to be reinforced.
Fig. 6 is a flowchart of another application reinforcement method according to an embodiment of the present application.
As shown in fig. 6, the method includes:
s601, determining an application entry class and a non-application entry class of an application to be consolidated;
s602, encrypting a non-application entry class to obtain first information;
s603, inserting a reinforcement shell code for decrypting the first information into an initial execution position of an application entry class to obtain second information;
s604, generating a reinforcement application based on the first information and the second information;
the execution of steps S601-S604 provided in the embodiment of the present application is the same as the execution of steps S201-S204, and the specific execution of steps S601-S604 is described in steps S201-S204 and is not limited herein.
S605, generating link information for indicating the reinforcement application;
alternatively, after the consolidated application is generated, link information for indicating the generated consolidated application may be generated, and a consolidated application display request sent by the terminal may be received, so as to control the link information to be displayed in the interface of the terminal.
S606, responding to the triggering operation of the user on the link information displayed in the terminal, and transmitting the reinforcement application to the terminal.
Optionally, after the link information is displayed in the interface of the terminal, the control unit may respond to a triggering operation of the user on the link information displayed in the interface of the terminal, and transmit the reinforcement application indicated by the link information to the terminal, so as to realize downloading of the reinforcement application by the terminal.
Fig. 7 is a schematic structural diagram of an application reinforcement device according to an embodiment of the present application.
As shown in fig. 7, the apparatus includes:
a determining unit 71 for determining an application entry class and a non-application entry class of an application to be consolidated;
an encryption unit 72, configured to encrypt the non-application entry class to obtain first information;
a code inserting unit 73 for inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information;
the reinforcement application generating unit 74 is configured to generate a reinforcement application based on the first information and the second information.
Alternatively, in the case where the application to be consolidated is an application installation package, an embodiment of the present invention provides an alternative structure of the determination unit 71.
Optionally, the determining unit 71 includes:
the first decompression unit is used for decompressing the application installation package to be reinforced to obtain a manifest file and a dex file in the application installation package;
the decompilation unit is used for decompiling the dex file to generate a code file;
the analyzing unit is used for analyzing the list file and determining the class name of the application entry indicated by the list file;
a first determining unit, configured to determine a first application entry class corresponding to an application entry in the code file based on the class name;
A second determining unit, configured to determine each second application entry class corresponding to the first application entry class in the code file by using a packetizing technique;
and a third determining unit, configured to determine each class in the code file except the first application entry class and the second application entry class as a non-application entry class.
Optionally, the encryption unit 72 is specifically configured to: encrypting the non-application entry class, and recompiling the encrypted non-application entry class to obtain first information.
Alternatively, in the case where the application to be consolidated is an application installation package, the embodiment of the present invention provides an optional structure of the code insertion unit 73.
Optionally, the code insertion unit 73 includes:
determining an entry function in a first application entry class;
inserting the shell-hardened code for decrypting the first information into an initial execution position of the entry function;
and recompiling the second application entry class and the first application entry class inserted with the reinforced shell code to obtain second information.
Alternatively, in the case where the application to be consolidated is an application installation package, an embodiment of the present invention provides an alternative structure of the consolidated application generating unit 74.
Optionally, the reinforcement application generating unit 74 includes:
The first generation unit is used for generating a target dex file, wherein the target dex file is composed of first information and second information;
and a second generation unit for generating a reinforcement application based on the target dex file and the manifest file.
Further, the application reinforcement device provided in the embodiment of the present application further includes a third generation unit, where the third generation unit is configured to generate link information for indicating reinforcement applications; and responding to the triggering operation of the user on the link information displayed in the terminal, and transmitting the reinforcement application to the terminal.
The embodiment of the application provides an application reinforcement method, an application reinforcement device and a server, wherein an application entry class and a non-application entry class of an application to be reinforced are determined; encrypting the non-application entry class to obtain first information; inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information; based on the first information and the second information, a reinforcement application mode is generated, reinforcement of the application is achieved, and further, when the reinforcement application is started, only an application entry context is required to be initialized, reinforcement shell codes can be executed to decrypt the first information of the reinforcement application to obtain non-application entry classes, and then the reinforcement application is started, so that the problem that after the application is reinforced by the existing application reinforcement technology, the reinforcement application can be started only by executing twice initialization context operations and executing one context switching operation is solved, and the problem of low starting efficiency of the reinforcement application is caused.
Based on the reinforcement application generated in the embodiment of the application, a reinforcement application starting method is provided.
The method for starting the reinforcement application is applied to the reinforcement application starting server, and the function of the reinforcement application starting server can be realized by a single server or a server cluster formed by a plurality of servers, and is not limited herein.
Referring to fig. 8, specifically, an embodiment of the present application provides a structure diagram of a reinforcement application start server, where the application reinforcement server includes: a processor 81 and a memory 82.
Wherein the processor 81, the memory 82, the communication interface 83 perform communication with each other via a communication bus 84.
Alternatively, the communication interface 83 may be an interface of a communication module, such as an interface of a GSM module. A processor 81 for executing the program.
The processor 81 may be a central processing unit CPU, or a specific integrated circuit ASIC (Application Specific Integrated Circuit), or one or more integrated circuits configured to implement embodiments of the present invention.
A memory 82 for storing programs.
The program may include program code including computer operating instructions. In the embodiment of the present invention, the program may include a program corresponding to the user interface editor.
The memory 82 may comprise high-speed RAM memory or may further comprise non-volatile memory (non-volatile memory), such as at least one disk memory.
Wherein, the procedure can be specifically used for:
loading initialization related resources of a reinforcement application to be started;
initializing an application entry context of the reinforcement application based on the initialization-related resources;
executing the reinforcement shell code at the initial execution position of the application entry class in the second information of the reinforcement application, and decrypting the first information of the reinforcement application to obtain a non-application entry class;
continuing to execute the application entry class and the non-application entry class, and starting the reinforcement application.
Accordingly, for easy understanding, an embodiment of the present application provides a flowchart of a method for launching a reinforcement application, please refer to fig. 9.
As shown in fig. 9, the method includes:
s901, loading initialization related resources of a reinforcement application to be started;
optionally, in the case that the hardened application to be started is an application installation package, the initializing related resource includes an application installation package of the hardened application to be started and a system core library.
S902, initializing an application entry context of the reinforcement application based on the initialization related resources;
optionally, the implementation of initializing the application portal context of the hardened application based on the initialization related resources is referred to in the prior art and is not described in detail herein.
S903, executing the reinforcement shell code at the initial execution position of the application entry class in the second information of the reinforcement application, and decrypting the first information of the reinforcement application to obtain a non-application entry class;
as can be seen from the description of the above embodiment, the reinforcement application to be started includes a target dex file and a manifest file, the target dex file includes first information and second information, the first information is obtained by recompiling a non-application entry class included before the reinforcement application is reinforced, and encrypting the recompiled non-application entry class, and the second information is obtained by inserting a reinforcement shell file into an initial execution position of an application entry class included before the reinforcement application is reinforced, and recompiling an application entry class inserted into the reinforcement shell file.
Optionally, after initializing the application entry context of the hardened application, the hardened shell code at the initial execution position of the application entry class in the second information in the target dex file of the hardened application may be executed, and the first information is decrypted by executing the hardened shell code to obtain a non-application entry class included before the hardened application is hardened.
S904, continuing to execute the application entry class and the non-application entry class, and starting the reinforcement application.
Optionally, after executing the shell-hardened code, the application portal class and the non-application portal class (the non-application portal class obtained by decrypting the first information by the shell-hardened code) are continuously executed to start the hardened application.
Optionally, in the case that the reinforcement shell code is inserted into the initial execution position in the entry function of the first application entry class before the reinforcement application is reinforced, after the execution of the completion step S803, executing each remaining unexecuted function in the first application entry class is continued, after the execution of the first application entry class is completed, executing the second application entry class and the non-application entry class in accordance with the logical order existing between the second application entry class and the non-application entry class, and starting the reinforcement application.
In order to facilitate understanding of a method for launching a hardened application provided in the embodiments of the present application, when the hardened application is an application installation package, a process of "executing a hardened shell code at an initial execution position of an application entry class in second information of the hardened application, decrypting first information of the hardened application, and obtaining a non-application entry class" in the method for launching the hardened application provided in the embodiments of the present application is described in detail.
Fig. 10 is a flowchart of a method for decrypting first information of a hardened application to obtain a non-application entry class by using a hardened shell code at an initial execution position of an application entry class in second information of the hardened application according to an embodiment of the present application.
As shown in fig. 10, the method includes:
s1001, decompressing an application installation package to be started to obtain a manifest file and a target dex file in the application installation package;
s1002, determining a class name of an application entry indicated by a manifest file;
s1003, determining a first application entry class of a corresponding application entry in the target dex file based on the class name;
optionally, the class with the same class name as the class name determined in step S1002 in the target dex file is determined as the first application entry class corresponding to the application entry.
S1004, executing the reinforcement shell code at the initial execution position of the entry function of the first application entry class, and decrypting the first information of the reinforcement application to obtain the non-application entry class.
Through the above description of the method for decrypting the first information of the hardened application to obtain the non-application entry class in detail by the hardened shell code at the initial execution position of the application entry class in the second information for executing the hardened application provided by the embodiment of the present application, the method for starting the hardened application provided by the embodiment of the present application is clearer and more complete, and is convenient for those skilled in the art to understand.
Further, the method for starting the reinforcement application provided in the embodiment of the present application further includes: determining whether a hardened application to be started has been signed; loading initialization related resources of a consolidated application to be started, including: and determining that the consolidated application to be started is signed, and loading initialization related resources of the consolidated application to be started.
In the embodiment of the present application, preferably, if it is determined that the hardened application to be started is not signed, the step of "loading the initialization related resource of the hardened application to be started" is not executed, and the user is prompted to sign.
Fig. 11 is a schematic structural diagram of a reinforcement application starting device according to an embodiment of the present application.
As shown in fig. 11, the apparatus includes:
a loading unit 111, configured to load initialization related resources of a reinforcement application to be started;
an initializing unit 112, configured to initialize an application entry context of the reinforcement application based on the initialization-related resource;
an execution unit 113, configured to execute the hardened shell code at the initial execution position of the application entry class in the second information of the hardened application, and decrypt the first information of the hardened application to obtain a non-application entry class;
the starting unit 114 is configured to continue executing the application entry class and the non-application entry class, and start the hardened application.
Alternatively, where the hardened application is an application installation package, embodiments of the present invention provide an alternative configuration of the execution unit 113.
Optionally, the execution unit 113 includes:
the second decompression unit is used for decompressing the application installation package to be started to obtain a manifest file and a target dex file in the application installation package;
a class name determining unit configured to determine a class name of an application entry indicated by the manifest file;
the first application entry class determining unit is used for determining a first application entry class of a corresponding application entry in the target dex file based on the class name;
and the execution subunit is used for executing the reinforcement shell code at the initial execution position of the entry function of the first application entry class and decrypting the first information of the reinforcement application to obtain the non-application entry class.
The embodiment of the application provides a method, a device and a server for starting a reinforcement application, wherein related resources are initialized by loading the reinforcement application to be started; initializing an application entry context of the reinforcement application based on the initialization-related resources; executing the reinforcement shell code at the initial execution position of the application entry class in the second information of the reinforcement application, and decrypting the first information of the reinforcement application to obtain a non-application entry class; the application portal class and the non-application portal class are continuously executed, and the reinforcement application is started, so that the problem of low reinforcement application starting efficiency caused by the fact that after the application is reinforced by the existing application reinforcement technology, the reinforcement application can be started only by executing the context initializing operation twice and executing the context switching operation once is avoided.
In order to facilitate understanding of an application reinforcement method, an application starting device and a server provided in the embodiments of the present application, a detailed description will be given by way of example.
In this embodiment of the present application, preferably, the application strengthening server may provide an application strengthening service to the user by displaying a first display interface (see fig. 12 for the first display interface) through the control terminal, where in a case where the user selects and submits the application strengthening service through the first display interface (where, as in fig. 12, the application strengthening service is selected in a virtual circle, and in a case where the application strengthening service is selected, the submission is in a dashed circle, and the submission is selected in a case where the application strengthening service is selected, that is, the submission is in a case where the application strengthening service is selected, that is, the request is made for using the application strengthening service), and control displaying a second display interface (see fig. 13 for the second display interface), where the second display interface includes an "upload application" button; in the case where the user triggers the "upload application" button (as in fig. 13, the "upload application" button is circled by a dotted line, which indicates that the user selects the "upload application" button and triggers the "upload application" button), the third display interface is controlled to be displayed, and the third display interface is used for responding to the selection operation of the user on the local application installation package and uploading the application installation package to be consolidated.
Optionally, after receiving the uploaded application installation package to be consolidated, the application consolidation server may control the display of the just uploaded application installation package to be consolidated below the uploaded application B displayed in the second display interface, and display the uploading time of the application installation package to be consolidated. And after receiving the uploaded application installation package to be reinforced, the application reinforcement server can reinforce the application installation package to obtain a reinforced application through the application reinforcement method provided by the embodiment of the application reinforcement method.
Further, after the application reinforcement server obtains the reinforcement application, the application reinforcement server may further generate link information for indicating the reinforcement application, and respond to a triggering operation of the user on the link information displayed in the terminal, and transmit the reinforcement application to the terminal.
Optionally, after the application server obtains the reinforcement application, the controllable terminal displays notification information, where the notification information is used to indicate that reinforcement is completed; the method can respond to the view request of the user for the obtained reinforcement application and control the display of the link information on the terminal; and the terminal is used for transmitting the reinforcement application to the terminal in response to the triggering operation of the user on the link information displayed by the terminal, so that the purpose of downloading the reinforcement application by the user through the terminal is realized.
Optionally, the user needs to re-sign the hardened application after downloading the hardened application, and only the re-signed hardened application can be started. The manner of re-signing the application is referred to in the prior art (such as signature tools and windows in the prior art), and will not be described in detail herein.
Correspondingly, after the terminal obtains the reinforcement application, the terminal can start the reinforcement application; when launching the hardened application, first determining whether the hardened application has been re-signed; if yes, loading initialization related resources of the reinforcement application to be started so as to start the reinforcement application; if not, the control terminal displays prompt information, wherein the prompt information is used for indicating that the reinforcement application is not re-signed.
Optionally, please refer to the description of the method for starting the hardened application provided in the foregoing embodiments of the present application, and details are not repeated herein.
Through the detailed description of the above examples, the application reinforcement method, the application reinforcement application starting method, the application reinforcement device and the server provided by the embodiment of the application are clearer and more complete, and are convenient for those skilled in the art to understand.
To sum up:
the embodiment of the application provides an application reinforcement method, an application reinforcement device and a server, wherein the application reinforcement method, the application reinforcement device and the server are used for determining application entry classes and non-application entry classes of an application to be reinforced; encrypting the non-application entry class to obtain first information; inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information; based on the first information and the second information, a reinforcement application mode is generated, reinforcement of the application is achieved, and further, when the reinforcement application is started, only an application entry context is required to be initialized, reinforcement shell codes can be executed to decrypt the first information of the reinforcement application to obtain non-application entry classes, and then the reinforcement application is started, so that the problem that after the application is reinforced by the existing application reinforcement technology, the reinforcement application can be started only by executing twice initialization context operations and executing one context switching operation is solved, and the problem of low starting efficiency of the reinforcement application is caused.
In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. The software modules may be disposed in Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (11)
1. An application strengthening method, comprising:
decompressing an application installation package to be reinforced to obtain a manifest file and a dex file in the application installation package;
decompiling the dex file to generate a code file;
analyzing the list file, and determining the class name of an application entry indicated by the list file;
determining a first application entry class corresponding to the application entry in the code file based on the class name;
determining each second application entry class corresponding to the first application entry class in the code file by utilizing a sub-packaging technology; the application portal class of the application installation package to be consolidated comprises the first application portal class and the second application portal class;
Respectively determining each class except the first application entry class and the second application entry class in the code file as a non-application entry class;
encrypting the non-application portal class to obtain first information;
inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information;
and generating a reinforcement application based on the first information and the second information.
2. The method of claim 1, wherein encrypting the non-application portal class to obtain the first information comprises:
and recompiling the non-application entry class, and encrypting the recompiled non-application entry class to obtain first information.
3. The method of claim 2, wherein inserting the stub code for decrypting the first information into the initial execution location of the application portal class results in second information, comprising:
determining an entry function in the first application entry class;
inserting a shell-hardened code for decrypting the first information into an initial execution location of the entry function;
And recompiling the second application entry class and the first application entry class inserted with the reinforced shell code to obtain second information.
4. A method according to any of claims 1-3, wherein generating a reinforcement application based on the first information and the second information comprises:
generating a target dex file, wherein the target dex file is composed of the first information and the second information;
and generating a reinforcement application based on the target dex file and the manifest file.
5. The method as recited in claim 4, further comprising:
generating link information for indicating the reinforcement application;
and responding to the triggering operation of the link information displayed in the terminal by the user, and transmitting the reinforcement application to the terminal.
6. An application strengthening apparatus, comprising:
the first decompression unit is used for decompressing the application installation package to be reinforced to obtain a manifest file and a dex file in the application installation package;
the decompilation unit is used for decompiling the dex file to generate a code file;
the analyzing unit is used for analyzing the list file and determining the class name of the application entry indicated by the list file;
A first determining unit, configured to determine a first application entry class corresponding to the application entry in the code file based on the class name;
a second determining unit, configured to determine each second application entry class corresponding to the first application entry class in the code file by using a packetizing technique; the application portal class of the application installation package to be consolidated comprises the first application portal class and the second application portal class;
a third determining unit, configured to determine each class in the code file except the first application entry class and the second application entry class as a non-application entry class;
the encryption unit is used for encrypting the non-application entry class to obtain first information;
a code insertion unit, configured to insert a hardened shell code for decrypting the first information into an initial execution position of the application entry class, to obtain second information;
and the reinforcement application generating unit is used for generating a reinforcement application based on the first information and the second information.
7. An application consolidation server comprising a memory for storing a program and a processor for invoking the program, the program being for:
Decompressing an application installation package to be reinforced to obtain a manifest file and a dex file in the application installation package;
decompiling the dex file to generate a code file;
analyzing the list file, and determining the class name of an application entry indicated by the list file;
determining a first application entry class corresponding to the application entry in the code file based on the class name;
determining each second application entry class corresponding to the first application entry class in the code file by utilizing a sub-packaging technology; the application portal class of the application installation package to be consolidated comprises the first application portal class and the second application portal class;
respectively determining each class except the first application entry class and the second application entry class in the code file as a non-application entry class;
encrypting the non-application portal class to obtain first information;
inserting the reinforcement shell code for decrypting the first information into an initial execution position of the application entry class to obtain second information;
and generating a reinforcement application based on the first information and the second information.
8. A method for launching a hardened application, comprising:
Loading initialization related resources of a reinforcement application to be started, wherein the reinforcement application is an application installation package;
initializing an application entry context of the hardened application based on the initialization-related resources;
decompressing the application installation package to be started to obtain a manifest file and a target dex file in the application installation package;
determining a class name of an application entry indicated by the manifest file;
determining a first application entry class corresponding to the application entry in the target dex file based on the class name;
executing the reinforcement shell code at the initial execution position of the entry function of the first application entry class, and decrypting the first information of the reinforcement application to obtain a non-application entry class;
and continuing to execute an application portal class and the non-application portal class, and starting the reinforcement application, wherein the application portal class comprises the first application portal class.
9. A ruggedized application launch device, comprising:
the loading unit is used for loading initialization related resources of the reinforcement application to be started, and the reinforcement application is an application installation package;
an initializing unit, configured to initialize an application entry context of the hardened application based on the initialization-related resource;
The second decompression unit is used for decompressing the application installation package to be started to obtain a manifest file and a target dex file in the application installation package;
a class name determining unit, configured to determine a class name of an application entry indicated by the manifest file;
a first application entry class determining unit, configured to determine a first application entry class corresponding to the application entry in the target dex file based on the class name;
an execution subunit, configured to execute a hardened shell code at an initial execution position of an entry function of the first application entry class, and decrypt the first information of the hardened application to obtain a non-application entry class;
and the starting unit is used for continuously executing the application portal class and the non-application portal class and starting the reinforcement application, and the application portal class comprises the first application portal class.
10. A ruggedized application launch server comprising a memory for storing a program and a processor for invoking the program, the program being for:
loading initialization related resources of a reinforcement application to be started, wherein the reinforcement application is an application installation package;
initializing an application entry context of the hardened application based on the initialization-related resources;
Decompressing the application installation package to be started to obtain a manifest file and a target dex file in the application installation package;
determining a class name of an application entry indicated by the manifest file;
determining a first application entry class corresponding to the application entry in the target dex file based on the class name;
executing the reinforcement shell code at the initial execution position of the entry function of the first application entry class, and decrypting the first information of the reinforcement application to obtain a non-application entry class;
and continuing to execute the application portal class and the non-application portal class, and starting the reinforcement application, wherein the application portal class comprises the first application portal class.
11. A computer readable storage medium, characterized in that the computer readable storage medium has stored therein a program for implementing the application reinforcement method according to any one of claims 1-5 or the reinforcement application launching method according to claim 8 when executed by a processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810892371.3A CN110210256B (en) | 2018-08-07 | 2018-08-07 | Application reinforcement, reinforcement application starting method and device and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810892371.3A CN110210256B (en) | 2018-08-07 | 2018-08-07 | Application reinforcement, reinforcement application starting method and device and server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110210256A CN110210256A (en) | 2019-09-06 |
| CN110210256B true CN110210256B (en) | 2023-06-06 |
Family
ID=67779804
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810892371.3A Active CN110210256B (en) | 2018-08-07 | 2018-08-07 | Application reinforcement, reinforcement application starting method and device and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110210256B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103065072A (en) * | 2011-10-21 | 2013-04-24 | 北京大学 | Method and device to improve Java software jailbreak difficulty and copyright verification method |
| CN103544434A (en) * | 2013-11-12 | 2014-01-29 | 北京网秦天下科技有限公司 | Method and terminal used for ensuring safe operation of application program |
| CN104866292A (en) * | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | Method and device for extending software function |
| CN106778103A (en) * | 2016-12-30 | 2017-05-31 | 上海掌门科技有限公司 | Reinforcement means, system and decryption method that a kind of Android application program anti-reversing is cracked |
| CN108089873A (en) * | 2017-12-21 | 2018-05-29 | 福建天泉教育科技有限公司 | A kind of method and terminal of application component immediate updating |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10698671B2 (en) * | 2015-03-30 | 2020-06-30 | Arxan Technologies, Inc. | Processing, modification, distribution of custom software installation packages |
| CN108279941B (en) * | 2016-12-31 | 2021-06-15 | 阿里巴巴集团控股有限公司 | Application program compression method and device |
-
2018
- 2018-08-07 CN CN201810892371.3A patent/CN110210256B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103065072A (en) * | 2011-10-21 | 2013-04-24 | 北京大学 | Method and device to improve Java software jailbreak difficulty and copyright verification method |
| CN103544434A (en) * | 2013-11-12 | 2014-01-29 | 北京网秦天下科技有限公司 | Method and terminal used for ensuring safe operation of application program |
| CN104866292A (en) * | 2014-02-25 | 2015-08-26 | 北京娜迦信息科技发展有限公司 | Method and device for extending software function |
| CN106778103A (en) * | 2016-12-30 | 2017-05-31 | 上海掌门科技有限公司 | Reinforcement means, system and decryption method that a kind of Android application program anti-reversing is cracked |
| CN108089873A (en) * | 2017-12-21 | 2018-05-29 | 福建天泉教育科技有限公司 | A kind of method and terminal of application component immediate updating |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110210256A (en) | 2019-09-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2020042778A1 (en) | Firmware upgrade method and device | |
| US9721101B2 (en) | System wide root of trust chaining via signed applications | |
| CN111143869B (en) | Application package processing method and device, electronic equipment and storage medium | |
| CN104680039B (en) | A kind of data guard method and device of application program installation kit | |
| CN106843978B (en) | SDK access method and system | |
| KR101695639B1 (en) | Method and system for providing application security service based on cloud | |
| CN107870793B (en) | Method and device for loading SO file in application program | |
| CN108710500A (en) | Resource issuing method, update method and device | |
| CN106897587A (en) | The method and apparatus of reinforcement application, loading reinforcement application | |
| KR101734663B1 (en) | Method for preventing reverse engineering of android application and apparatus for performing the method | |
| CN111488169A (en) | Method and device for hot updating of application program, storage medium and electronic equipment | |
| CN111538512A (en) | OTA (over the air) firmware upgrading method, device and equipment | |
| CN111176685A (en) | Upgrading method and device | |
| CN112199151B (en) | Application program running method and device | |
| CN109844750B (en) | Filling operation state determination | |
| CN113360857A (en) | Code starting method and system for software | |
| CN110210256B (en) | Application reinforcement, reinforcement application starting method and device and server | |
| CN117201120A (en) | Information encryption method, device, computer equipment and storage medium | |
| CN117313046A (en) | Code reinforcement method, code loading method, device and medium | |
| CN112579138A (en) | Page display method and device, electronic equipment and storage medium | |
| CN112115430A (en) | Apk reinforcement method, electronic equipment and storage medium | |
| CN115509587B (en) | Firmware upgrading method and device, electronic equipment and computer readable storage medium | |
| CN111078224A (en) | Software package file data processing method and device, computer equipment and storage medium | |
| CN107403103B (en) | File decryption method and device | |
| CN106648770B (en) | Generation method, loading method and device of application program installation package |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |