CN114462068A

CN114462068A - Configuration method and device of installation package, electronic equipment and storage medium

Info

Publication number: CN114462068A
Application number: CN202210232615.1A
Authority: CN
Inventors: 义秀正
Original assignee: Ping An Technology Shenzhen Co Ltd
Current assignee: Ping An Technology Shenzhen Co Ltd
Priority date: 2022-03-09
Filing date: 2022-03-09
Publication date: 2022-05-10

Abstract

The invention belongs to the field of information security, and provides a configuration method, a configuration device, electronic equipment and a storage medium of an installation package, wherein the method comprises the following steps: acquiring a source code file, and compiling the source code file into a byte code file; generating a calling file for calling the byte code file, encrypting the calling file according to a preset calling key, and storing the calling key to an installation execution file; associating the calling file to the installation execution file so that the installation execution file responds to the installation instruction and loads the calling file according to the calling key; and encapsulating the byte code file, the encrypted calling file and the installation execution file into an installation package. According to the technical scheme of the embodiment, the calling key of the calling file is stored in the installation execution file, the calling file is kept in an encrypted state after installation is completed, the bytecode file cannot be obtained on the premise that the calling key is not available, the leakage risk of the bytecode file is effectively reduced, and the security of source codes is effectively improved.

Description

Configuration method and device of installation package, electronic equipment and storage medium

Technical Field

The invention belongs to the technical field of information security, and particularly relates to a configuration method and device of an installation package, electronic equipment and a storage medium.

Background

At present, Java is a common software programming language, and at a traditional server, a software developer provides an installation package to a user, and the user deploys the installation package in a terminal to implement software installation. And the installation package generated based on java development and compilation is composed of byte code files. Because the format of the byte code file is clear and standardized, the source code can be easily obtained only by decompiling the byte code file by using a decompilation tool. In order to improve the security of the source code, the installation package is usually encrypted, but after decryption and installation, the bytecode file of the installation package is no longer protected by a password, or the source code can be obtained by performing decompilation on the installation package, and the security of the source code still cannot be guaranteed.

Disclosure of Invention

The following is a summary of the subject matter described in detail herein. This summary is not intended to limit the scope of the claims.

The embodiment of the invention provides a configuration method and device of an installation package, electronic equipment and a storage medium, which can encrypt a calling file for calling a byte code file, reduce the risk of directly acquiring the byte code file and improve the safety of the byte code file and a source code.

In a first aspect, an embodiment of the present invention provides a configuration method for an installation package, including:

acquiring a source code file, and compiling the source code file into a byte code file;

generating a calling file of the byte code file, wherein the calling file is used for calling the byte code file;

encrypting the calling file according to a preset calling key, and storing the calling key to a preset installation execution file;

associating the calling file to the installation execution file so that the installation execution file responds to an installation instruction and loads the calling file according to the calling key;

and packaging the byte code file, the encrypted calling file and the installation execution file into an installation package.

In some embodiments, after the generating the call file for the bytecode file, the method further includes:

generating a file key according to a preset file encryption algorithm;

encrypting the byte code file according to the file key;

and saving the file key to the calling file.

In some embodiments, the encrypting the calling file according to a preset calling key, and saving the calling key to a preset installation execution file includes:

encrypting the calling file according to the calling key to obtain a first intermediate file, and storing the calling key to the first intermediate file;

encrypting the (N-1) th intermediate file to obtain an Nth intermediate file, and storing the intermediate key subjected to the (N-1) th encryption processing to the Nth intermediate file, wherein N is a positive integer greater than 1;

and integrating all the intermediate files into the installation execution file.

In some embodiments, prior to said integrating all of said intermediate files into said installation execution file, said method further comprises:

determining the Nth intermediate file as a reference file of the (N-1) th intermediate file;

determining the number of the intermediate files;

and saving the file number to the installation execution file.

In some embodiments, after said encapsulating the bytecode file, the encrypted calling file, and the installation execution file into an installation package, the method further includes:

when the installation instruction is obtained, positioning to the Nth intermediate file according to the number of the files;

calling the Nth intermediate file, decrypting according to the intermediate key subjected to the encryption processing of the Nth-1 time and calling the Nth-1 intermediate file;

and when the first intermediate file is decrypted and called, decrypting and loading the calling file according to the calling key so as to enable the calling file to call the byte code file.

In some embodiments, the encrypting the N-1 th intermediate file includes:

generating an (N-1) th intermediate key according to a preset target encryption algorithm;

encrypting the (N-1) th intermediate file according to the (N-1) th intermediate key.

In some embodiments, the encrypting the N-1 th intermediate file includes:

determining an N-1 th target encryption algorithm from a plurality of preset optional encryption algorithms;

generating an (N-1) th intermediate key according to the (N-1) th target encryption algorithm;

In a second aspect, an embodiment of the present invention provides an apparatus for configuring an installation package, including:

the device comprises a compiling unit, a storage unit and a processing unit, wherein the compiling unit is used for acquiring a source code file and compiling the source code file into a byte code file;

the file generating unit is used for generating a calling file of the byte code file, and the calling file is used for calling the byte code file;

the encryption unit is used for encrypting the calling file according to a preset calling key and storing the calling key to a preset installation execution file;

the association unit is used for associating the calling file to the installation execution file so that the installation execution file responds to an installation instruction and loads the calling file according to the calling key;

and the packaging unit is used for packaging the byte code file, the encrypted calling file and the installation execution file into an installation package.

In a third aspect, an embodiment of the present invention provides an electronic device, including: a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the configuration method of the installation package according to the first aspect when executing the computer program.

In a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, which stores a computer program for executing the configuration method of the installation package according to the first aspect.

The embodiment of the invention comprises the following steps: acquiring a source code file, and compiling the source code file into a byte code file; generating a calling file of the byte code file, wherein the calling file is used for calling the byte code file; encrypting the calling file according to a preset calling key, and storing the calling key to a preset installation execution file; associating the calling file to the installation execution file so that the installation execution file responds to an installation instruction and loads the calling file according to the calling key; and packaging the byte code file, the encrypted calling file and the installation execution file into an installation package. According to the technical scheme of the embodiment, the calling key of the calling file is stored in the installation execution file, the installation execution file can be triggered through the installation instruction in the installation process, and the calling file is decrypted and loaded according to the calling key, so that the bytecode file is obtained and the installation is completed; after the installation is finished, the calling file is kept in an encrypted state, the byte code file cannot be obtained on the premise that the key is not called, the risks of obtaining and decompiling the byte code file are effectively reduced, and the safety of source codes is effectively improved.

Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.

Drawings

The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the example serve to explain the principles of the invention and not to limit the invention.

FIG. 1 is a flow chart of a configuration method of an installation package according to an embodiment of the present invention;

FIG. 2 is a flowchart illustrating a configuration method for an installation package according to another embodiment of the present invention;

FIG. 3 is a flow diagram of an encrypted bytecode file provided by another embodiment of the invention;

FIG. 4 is a flow diagram of an encrypted call file provided by another embodiment of the present invention;

FIG. 5 is a flow chart illustrating encrypting a call file according to another embodiment of the present invention;

FIG. 6 is a flow chart of determining a number of files provided by another embodiment of the present invention;

FIG. 7 is a flow diagram of decrypting an installation package as provided by another embodiment of the invention;

FIG. 8 is a flow diagram of encrypting an intermediate file provided by another embodiment of the present invention;

FIG. 9 is a flow diagram of encrypting an intermediate file provided by another embodiment of the present invention;

FIG. 10 is a block diagram of a configuration device for an installation package according to another embodiment of the present invention;

fig. 11 is a device diagram of an electronic apparatus according to another embodiment of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

It should be noted that although functional blocks are partitioned in a schematic diagram of an apparatus and a logical order is shown in a flowchart, in some cases, the steps shown or described may be performed in a different order than the partitioning of blocks in the apparatus or the order in the flowchart. The terms "first," "second," and the like in the description, in the claims, or in the drawings described above, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order.

The invention provides a configuration method and a configuration device of an installation package, electronic equipment and a storage medium, wherein the method comprises the following steps: acquiring a source code file, and compiling the source code file into a byte code file; generating a calling file of the byte code file, wherein the calling file is used for calling the byte code file; encrypting the calling file according to a preset calling key, and storing the calling key to a preset installation execution file; associating the calling file to the installation execution file so that the installation execution file responds to an installation instruction and loads the calling file according to the calling key; and packaging the byte code file, the encrypted calling file and the installation execution file into an installation package. According to the technical scheme of the embodiment, the calling key of the calling file is stored in the installation execution file, the installation execution file can be triggered through the installation instruction in the installation process, and the calling file is decrypted and loaded according to the calling key, so that the bytecode file is obtained and the installation is completed; after the installation is finished, the calling file is kept in an encrypted state, the byte code file cannot be obtained on the premise that the key is not called, the risks of obtaining and decompiling the byte code file are effectively reduced, and the safety of source codes is effectively improved.

The embodiment of the application can compile, acquire and process related data based on an artificial intelligence technology. Among them, Artificial Intelligence (AI) is a theory, method, technique and application device that simulates, extends and expands human Intelligence using a digital computer or a machine controlled by a digital computer, senses the environment, acquires knowledge and uses the knowledge to obtain the best result.

The artificial intelligence infrastructure generally includes technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing technologies, operation/interaction devices, mechatronics, and the like. The artificial intelligence software technology mainly comprises a computer vision technology, a robot technology, a biological recognition technology, a voice processing technology, a natural language processing technology, machine learning/deep learning and the like.

The terminal mentioned in the embodiment of the present invention may be a smart phone, a tablet computer, a notebook computer, a desktop computer, a vehicle-mounted computer, a smart home, a wearable electronic device, a VR (Virtual Reality)/AR (Augmented Reality) device, and the like; the server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, a cloud server providing basic cloud computing services such as cloud service, a cloud database, cloud computing, a cloud function, cloud storage, Network service, cloud communication, middleware service, domain name service, security service, Content Delivery Network (CDN), big data and an artificial intelligence platform, and the like.

The Data Encryption Standard (DES) is a block algorithm using key Encryption.

The Message Digest Algorithm (Message Digest Algorithm MD5) is a hash function widely used in the field of computer security. The MD2, MD3, MD4 algorithms, and the like may also be employed. The MD5 algorithm has the following characteristics: 1) compressibility, the length of the calculated MD5 value is fixed for data of any length; 2) easy to calculate, it is very easy to calculate MD5 value from the raw data; 3) the modification resistance is realized, and even if only 1 byte is modified, the obtained MD5 values are greatly different by performing any modification on the original data; 4) weak collision resistance, the original data and the MD5 value are known, and it is very difficult to find data with the same MD5 value; 5) strong collision resistance, it is very difficult to find two different data, making them have the same MD5 value.

It should be noted that the installation package in the embodiment of the present invention may be stored in a server, where the server may be an independent server, or may be a cloud server that provides basic cloud computing services such as cloud service, a cloud database, cloud computing, a cloud function, cloud storage, Network service, cloud communication, middleware service, domain name service, security service, a Content Delivery Network (CDN), a big data and artificial intelligence platform, and the like.

As shown in fig. 1, fig. 1 is a flowchart of a configuration method of an installation package according to an embodiment of the present invention, where the configuration method of the installation package includes, but is not limited to, the following steps:

step S110, acquiring a source code file, and compiling the source code file into a byte code file;

step S120, generating a calling file of the byte code file, wherein the calling file is used for calling the byte code file;

step S130, carrying out encryption processing on the calling file according to a preset calling key, and storing the calling key to a preset installation execution file;

step S140, associating the calling file to the installation execution file so that the installation execution file responds to the installation instruction and loads the calling file according to the calling key;

and step S150, packaging the byte code file, the encrypted calling file and the installation execution file into an installation package.

It should be noted that the bytecode file is a class file developed based on Java, each class is generally used to implement one function or one function set, in order to implement multiple functions of an application, source codes of multiple classes may be recorded in one source code file, so that multiple bytecode files are obtained by compiling the source code file, of course, a source code of one class may be recorded in one source code file, and multiple bytecode files are obtained by compiling multiple source code files, which is not limited in the present embodiment. It should be noted that the process of compiling the source code file to obtain the bytecode file is a technique well known to those skilled in the art, and this embodiment does not involve any improvement on the process, and is not described herein again.

It should be noted that, based on the above description, the number of the bytecode files may be any, and in order to facilitate calling a plurality of bytecode files, the calling file may record file information of each bytecode file, such as a common class name, or may implement obtaining and calling of the bytecode file with respect to a reference relationship of one bytecode file.

It can be understood that a common installation package mainly encrypts the bytecode file, and the bytecode file needs to be decrypted in the installation process so that the bytecode file can be correctly deployed to the terminal, and the running of the application program requires that the bytecode file can be normally analyzed and run by the terminal, so that the bytecode file cannot be encrypted at the terminal, that is, the bytecode file deployed at the terminal is not protected by a key any more, a technician in the field can directly obtain the bytecode file by accessing a file set and then obtain a corresponding source code by decompiling, and the leakage risk of the source code is high; the calling file is set in the installation package of the embodiment, and in the installation process, the encrypted calling file and the bytecode file are deployed to the terminal at the same time, and the calling of the bytecode file can be limited in a code layer and needs to be executed through the calling file.

It should be noted that the call file of this embodiment is used to call a bytecode file, and belongs to acquiring a specific file from a specific file set, for example, the specific file set may be an installation package, the bytecode file is encapsulated in the installation package, and after the call file is decrypted according to a call key in an installation process, the bytecode file is acquired from the installation package through the call file, so that the bytecode file can be deployed to a terminal to implement installation of an application program. It should be noted that the call operation in this embodiment is not a functional reference deployed among multiple bytecode files of the terminal to implement a specific function, and is not repeated in the following.

It should be noted that the calling key may be a common access password, or may be a key for encrypting the calling file, for example, encrypting the calling file by using a DES algorithm, and the encryption process for a single file is not an improvement made in this embodiment, and is not described herein in detail.

It should be noted that the installation execution file is a common function file of the installation package, and can respond to an installation instruction initiated by the terminal, deploy various files in the installation package to the terminal according to a preset operation flow, since the bytecode file of the present embodiment needs to be acquired by calling the file, and the calling file is encrypted by calling the key, in order to realize automatic decryption in the installation process, the embodiment saves the calling key into the installation execution file, and the call file is associated to the installation execution file, so that the installation execution file can call the pre-associated call file when responding to the installation instruction, decrypting according to a pre-saved calling key before calling so as to obtain all byte code files in the installation package, therefore, the byte code file and the calling file are deployed to the terminal according to the installation flow, and the application program is installed.

It should be noted that the association of the call file to the installation execution file may be implemented by a commonly used function reference manner, for example, a reference path of the call file is recorded in the installation execution file, a response manner of writing the installation instruction by a code is to decrypt and load the call file according to a call key, and then perform a subsequent installation operation according to a bytecode file fed back by the call file, where the above process is merely an exemplary description, and is not a limitation to the steps of this embodiment.

It should be noted that after the bytecode file, the call file, and the installation execution file are obtained, the installation package may be obtained through a common encapsulation operation, where the installation package may be a Jar package common in Java, and a person skilled in the art knows how to encapsulate multiple files into the installation package.

In addition, referring to fig. 3, in an embodiment, before performing step S120 of the embodiment shown in fig. 1, the following steps are further included, but not limited to:

step S310, generating a file key according to a preset file encryption algorithm;

step S320, encrypting the byte code file according to the file key;

step S330, the file key is saved to the calling file.

It should be noted that the file encryption algorithm may be a DES algorithm, or may be other algorithms capable of encrypting the file, and those skilled in the art will be motivated to select an appropriate encryption algorithm according to the actual situation, which is not limited in this embodiment.

It should be noted that, according to the description of the embodiment shown in fig. 1, the number of the bytecode files may be multiple, and in order to reduce the complexity of the installation package, a file key may be generated according to an encryption algorithm, all the bytecode files are encrypted one by one according to the same file key and then encapsulated to obtain an encrypted bytecode file, and the encrypted bytecode file, the encrypted call file, and the installation execution file are encapsulated to form the installation package.

It should be noted that, the bytecode file is encrypted by the file key, so that the double encryption of the installation package is realized, and the security of the file is effectively improved. Meanwhile, in order to acquire the decrypted bytecode file from the calling file, the file key may be hard-coded to the calling file, so that the bytecode file can be decrypted first according to the file key and then the calling operation is performed.

It is noted that after the byte code file is encrypted, in order to better describe the configuration flow of the installation package of the present invention, a specific example is provided below in conjunction with the flow shown in fig. 2: compiling the source code file into a byte code file, encrypting the byte code file according to a file key, and storing the file key into a generated calling file; generating a calling key, encrypting the calling file according to the calling key, and storing the calling key to the installation execution file; and packaging the installation execution file, the encrypted calling file and the encrypted byte code file into an installation package. Through the steps, the bytecode file and the calling file in the installation package can form double encryption, the bytecode file is protected by the file key at first, after decryption and installation, although the bytecode file is not encrypted, the calling file is still in an encrypted state, the calling file needs to be decrypted under the condition of the calling key, the bytecode file is obtained, the safety of the bytecode file after installation is effectively improved, and the risk of source code reverse-encoding is reduced.

In addition, referring to fig. 4, in an embodiment, step S130 of the embodiment shown in fig. 1 further includes, but is not limited to, the following steps:

step S410, encrypting the calling file according to the calling key to obtain a first intermediate file, and storing the calling key to the first intermediate file;

step S420, encrypting the (N-1) th intermediate file to obtain an Nth intermediate file, and storing the intermediate key of the (N-1) th encryption processing to the Nth intermediate file, wherein N is a positive integer greater than 1;

in step S430, all the intermediate files are integrated into the installation execution file.

It should be noted that, after the calling file is encrypted, a common key storage manner is hard coding, that is, the key storage manner is directly recorded in the file in a character string form, in this case, if the installation execution file is attacked, the calling key still has a risk of leakage, in order to improve the security of the calling key, in this embodiment, N-1 times of encryption is performed in a nested encryption manner, and the calling key of the installation execution file is not directly obtained any more, but needs nested decryption.

It should be noted that the intermediate file may be a class file, and after the N-1 th intermediate file is encrypted, the N-1 th intermediate file is obtained by newly creating the class file instead of being covered.

The following process of nested encryption is illustrated in conjunction with the flow chart shown in fig. 5:

firstly, encrypting a calling file according to a calling key, determining the file obtained by encryption as a first intermediate file, and hard-coding the calling key to the first intermediate file; and secondly, acquiring a first intermediate key, encrypting the first intermediate file according to the first intermediate key, determining the file obtained by encryption as a second intermediate file, and so on until the N-1 th intermediate file is encrypted to obtain an Nth intermediate file, wherein the Nth intermediate file is not encrypted.

It should be noted that, after the calling file is encrypted and N-1 times of nested encryption is performed, N intermediate files are obtained and integrated into the installation execution file, where the intermediate files may be class files, and the codes in each class file are integrated into the installation execution file for each function class. Of course, in actual need, the N intermediate files may be integrated into one encrypted file set, the installation execution file refers to the encrypted file set in response to the installation instruction, and the call key stored in the first intermediate file is obtained through nested decryption.

It should be noted that, the specific value of N may be preset, for example, an encryption layer number threshold is set, the encryption calling file is used as the first encryption operation, and the encryption operation is stopped when the number of times of performing the encryption operation reaches the encryption layer number threshold; of course, N may also be a randomly determined value, for example, after obtaining the first intermediate file, multiple nested encryptions are performed randomly, and then a specific value of N is obtained according to the number of encryptions, and a specific determination manner may be selected according to a timing requirement, which is not limited herein.

In addition, referring to fig. 6, in an embodiment, before performing step S430 of the embodiment shown in fig. 4, the following steps are further included, but not limited to:

step S610, determining the Nth intermediate file as a reference file of the (N-1) th intermediate file;

step S620, determining the number of the intermediate files;

in step S630, the number of files is saved to the installation execution file.

It should be noted that, after encrypting the N-1 th intermediate file, the nth intermediate file is obtained, because the intermediate key of the N-1 th intermediate file is stored in the nth intermediate file, in the process of installing the installation package, the installation execution file references the nth intermediate file, the intermediate key of the N-1 th intermediate file needs to be obtained from the nth intermediate file, and references the N-1 th intermediate file until the first intermediate file is obtained by decryption, the invocation key is obtained from the first intermediate file, and the invocation file is decrypted, so in this embodiment, the intermediate key of the previous intermediate file is recorded in each intermediate file and determined as the reference file, thereby implementing nested decryption.

It is worth noting that when the value of N is the preset encryption threshold, the number of files can be directly determined according to the value of N and stored in the installation execution file; when N is the number of encryption times determined at random, the encryption processing of the calling file may be used as the first encryption processing, and the number of encryption processing is counted to determine the specific value of N, which is saved as the number of files to the installation execution file.

It should be noted that, since the decryption process needs to perform nested decryption, and the nth intermediate file is not encrypted, the first file that needs to be referred to for nested decryption belongs to, and in the case that the intermediate file is integrated in the installation execution file, the present embodiment stores the number of files in the installation execution file, that is, the value of N in the above embodiment, after the installation execution file is referred to, locates the nth intermediate file according to the specific value of N, so as to perform the above nested decryption, which can effectively improve the installation efficiency of the installation package.

In addition, referring to fig. 7, in an embodiment, after the step S150 of the embodiment shown in fig. 1 is executed, the following steps are further included, but not limited to:

step S710, when an installation instruction is obtained, positioning to an Nth intermediate file according to the number of files;

step S720, calling the Nth intermediate file, decrypting according to the intermediate key of the encryption processing of the (N-1) th time and calling the (N-1) th intermediate file;

step S730, when the first intermediate file is decrypted and called, decrypting and loading the calling file according to the calling key, so as to call the bytecode file through the calling file.

It should be noted that, in the installation process, a bytecode file needs to be acquired from an installation package and deployed to a terminal, after an installation instruction is acquired, since an nth intermediate file is not encrypted, a decryption operation needs to be executed from the nth intermediate file, based on which, a specific value for determining N may be located according to the number of files recorded in the installation execution file, the nth intermediate file is referred to from a plurality of integrated intermediate files, for example, when N is 3, a third intermediate file is referred to, an intermediate key of the second intermediate file is stored in the third intermediate file, the second intermediate file is referred to, and decryption is performed according to the intermediate key; the second intermediate file stores the intermediate key of the first intermediate file, refers to the first intermediate file and carries out decryption according to the intermediate key; the first intermediate file stores a calling key, refers to the calling file, and decrypts according to the calling key, so as to load the calling file and call the bytecode file.

In addition, referring to fig. 8, in an embodiment, step S420 of the embodiment shown in fig. 4 further includes, but is not limited to, the following steps:

step S810, generating an (N-1) th intermediate key according to a preset target encryption algorithm;

step S820, the N-1 intermediate file is encrypted according to the N-1 intermediate key.

It should be noted that it takes a certain amount of calculation time to perform nested encryption on an intermediate file a plurality of times, and in order to reduce the processing time of intermediate encryption, a target encryption algorithm may be set in advance, for example, an intermediate key may be generated by a DES algorithm, and subsequent encryption processing may be performed.

It should be noted that although the target encryption algorithm for generating the intermediate key each time is the same algorithm, the keys generated by using the encryption algorithm are different, so that the intermediate keys for each intermediate encryption process are different from each other, and the security of data encryption can be ensured.

In addition, referring to fig. 9, in an embodiment, step S420 of the embodiment shown in fig. 4 further includes, but is not limited to, the following steps:

step S910, determining an N-1 th target encryption algorithm from a plurality of preset optional encryption algorithms;

step S920, generating an N-1 intermediate key according to the N-1 target encryption algorithm;

in step S930, the (N-1) th intermediate file is encrypted according to the (N-1) th intermediate key.

It should be noted that, in order to further improve the security of the called file, a plurality of optional encryption algorithms, such as a DES algorithm and an MD5 encryption algorithm, may also be configured in advance, and before encrypting each intermediate file, a target encryption algorithm is randomly selected from the optional encryption algorithms, for example, before encrypting a first intermediate file, an MD5 encryption algorithm is selected as a first target encryption algorithm, and a first intermediate key is generated to encrypt the first intermediate file; before the second intermediate file is encrypted, a DES algorithm is randomly selected from the optional algorithms to serve as a second target encryption algorithm, a second intermediate key is generated, and the second intermediate file is encrypted.

In addition, referring to fig. 10, an embodiment of the present invention provides an apparatus for configuring an installation package, where the apparatus 1000 for configuring an installation package includes:

a compiling unit 1010, configured to obtain a source code file, and compile the source code file into a byte code file;

a file generating unit 1020 configured to generate a call file of the bytecode file, where the call file is used to call the bytecode file;

an encrypting unit 1030, configured to encrypt the call file according to a preset call key, and store the call key to a preset installation execution file;

the associating unit 1040 is configured to associate the call file with the installation execution file, so that the installation execution file responds to the installation instruction, and loads the call file according to the call key;

and the packaging unit 1050 is configured to package the bytecode file, the encrypted call file, and the installation execution file into an installation package.

In addition, referring to fig. 11, an embodiment of the present invention also provides an electronic device 1100, including: memory 1110, processor 1120, and computer programs stored on memory 1110 and executable on processor 1120.

The processor 1120 and the memory 1110 may be connected by a bus or other means.

The non-transitory software programs and instructions required to implement the configuration method of the installation package of the above-described embodiment are stored in the memory 1110, and when executed by the processor 1120, the configuration method of the installation package applied to the device in the above-described embodiment is performed, for example, the method steps S110 to S150 in fig. 1, the method steps S310 to S330 in fig. 3, the method steps S410 to S430 in fig. 4, the method steps S610 to S630 in fig. 6, the method steps S710 to S730 in fig. 7, the method steps S810 to S820 in fig. 8, and the method steps S910 to S930 in fig. 9 described above are performed.

The above-described embodiments of the apparatus are merely illustrative, wherein the units illustrated as separate components may or may not be physically separate, i.e. may be located in one place, or may also be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.

Furthermore, an embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored, and the computer program is executed by a processor or a controller, for example, by a processor in the above-mentioned embodiment of the electronic device, so that the above-mentioned processor executes the configuration method of the installation package in the above-mentioned embodiment, for example, execute the above-mentioned method steps S110 to S150 in fig. 1, method steps S310 to S330 in fig. 3, method steps S410 to S430 in fig. 4, method steps S610 to S630 in fig. 6, method steps S710 to S730 in fig. 7, method steps S810 to S820 in fig. 8, and method steps S910 to S930 in fig. 9. It will be understood by those of ordinary skill in the art that all or some of the steps, means, and methods disclosed above may be implemented as software, firmware, hardware, or suitable combinations thereof. Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software may be distributed on computer readable storage media, which may include computer storage media (or non-transitory storage media) and communication storage media (or transitory storage media). The term computer storage media includes volatile and nonvolatile, removable and non-removable storage media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other storage medium which can be used to store the desired information and which can be accessed by a computer. In addition, communication storage media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery storage media as is well known to those of ordinary skill in the art.

The embodiments are operational with numerous general purpose or special purpose computing device environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet-type devices, multiprocessor devices, microprocessor-based devices, set top boxes, programmable consumer electronics, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above devices or equipment, and the like. The application may be described in the general context of computer programs, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. Each block in the flowchart or block diagrams may represent a module, a segment, or a portion of code, which comprises one or more programs for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based apparatus that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

The units described in the embodiments of the present application may be implemented by software, or may be implemented by hardware, and the described units may also be disposed in a processor. Wherein the names of the elements do not in some way constitute a limitation on the elements themselves.

It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the application. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.

Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present application can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which can be a personal computer, a server, a touch terminal, or a network device, etc.) to execute the method according to the embodiments of the present application.

The terminal of this embodiment may include: radio Frequency (RF) circuit, memory, input unit, display unit, sensor, audio circuit, wireless fidelity (WiFi) module, processor, and power supply. The RF circuit can be used for receiving and transmitting signals in the process of information receiving and transmitting or conversation, and particularly, the downlink information of the base station is received and then is processed by the processor; in addition, the data for designing uplink is transmitted to the base station. Typically, the RF circuit includes, but is not limited to, an antenna, at least one Amplifier, a transceiver, a coupler, a Low Noise Amplifier (LNA), a duplexer, and the like. In addition, the RF circuitry may also communicate with networks and other devices via wireless communications. The wireless communication may use any communication standard or protocol, including but not limited to Global System for Mobile communication (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (LTE), email, Short Message Service (SMS), and the like. The memory may be used to store software programs and modules, and the processor may execute various functional applications of the terminal and data processing by operating the software programs and modules stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the terminal, etc. Further, the memory may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. The input unit may be used to receive input numeric or character information and generate key signal inputs related to settings and function control of the terminal. Specifically, the input unit may include a touch panel and other input devices. The touch panel, also called a touch screen, may collect touch operations thereon or nearby (such as operations on or near the touch panel using any suitable object or accessory, such as a finger, a stylus, etc.) and drive the corresponding connection device according to a preset program. Alternatively, the touch panel may include two parts, a touch detection device and a touch controller. The touch detection device detects a touch direction, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch detection device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor, and can receive and execute commands sent by the processor. In addition, the touch panel may be implemented by various types such as resistive, capacitive, infrared, and surface acoustic wave. The input unit may include other input devices in addition to the touch panel. In particular, other input devices may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control keys, switch keys, etc.), a trackball, a mouse, a joystick, and the like. The display unit may be used to display input information or provided information and various menus of the terminal. The Display unit may include a Display panel, and optionally, the Display panel may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-Emitting Diode (OLED), or the like. Further, the touch panel may cover the display panel, and when the touch panel detects a touch operation thereon or nearby, the touch panel transmits the touch operation to the processor to determine a category of the touch event, and then the processor provides a corresponding visual output on the display panel according to the category of the touch event. The touch panel and the display panel are two separate components to implement the input and output functions of the terminal, but in some embodiments, the touch panel and the display panel may be integrated to implement the input and output functions of the terminal. The terminal may also include at least one sensor, such as a light sensor, a motion sensor, and other sensors. Specifically, the light sensor may include an ambient light sensor that may adjust the brightness of the display panel according to the brightness of ambient light, and a proximity sensor that may turn off the display panel and/or the backlight when the terminal is moved to the ear. As one of the motion sensors, the accelerometer sensor can detect the magnitude of acceleration in each direction (generally, three axes), detect the magnitude and direction of gravity when stationary, and can be used for applications of recognizing the terminal posture (such as horizontal and vertical screen switching, related games, magnetometer posture calibration), vibration recognition related functions (such as pedometer, tapping), and the like; as for other sensors such as a gyroscope, a barometer, a hygrometer, a thermometer, and an infrared sensor, which can be configured in the terminal, detailed description is omitted here. The audio circuit, speaker, microphone may provide an audio interface. The audio circuit can transmit the electric signal converted from the received audio data to the loudspeaker, and the electric signal is converted into a sound signal by the loudspeaker to be output; on the other hand, the microphone converts the collected sound signal into an electric signal, which is received by the audio circuit and converted into audio data, which is then output to the processor for processing, and then transmitted to, for example, another terminal via the RF circuit, or the audio data is output to the memory for further processing.

Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the embodiments disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains.

It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.

While the preferred embodiments of the present invention have been described in detail, it will be understood by those skilled in the art that the foregoing and various other changes, omissions and deviations in the form and detail thereof may be made without departing from the scope of this invention.

Claims

1. A configuration method for an installation package, comprising:

2. The configuration method of the installation package according to claim 1, wherein after the generating the call file of the bytecode file, the method further comprises:

generating a file key according to a preset file encryption algorithm;

encrypting the byte code file according to the file key;

and saving the file key to the calling file.

3. The configuration method of the installation package according to claim 1, wherein the encrypting the calling file according to a preset calling key and saving the calling key to a preset installation execution file comprises:

4. The method of configuring an installation package according to claim 3, wherein prior to said integrating all of said intermediate files into said installation execution file, said method further comprises:

determining the number of the intermediate files;

and saving the file number to the installation execution file.

5. The configuration method of the installation package according to claim 4, wherein after said encapsulating the bytecode file, the encrypted calling file, and the installation execution file into the installation package, the method further comprises:

and when the first intermediate file is decrypted and called, decrypting and loading the calling file according to the calling key so as to call the byte code file through the calling file.

6. The configuration method of the installation package according to claim 3, wherein the encrypting the N-1 th intermediate file comprises:

7. The configuration method of the installation package according to claim 3, wherein the encrypting the N-1 th intermediate file comprises:

8. An installation package configuration device, comprising:

9. An electronic device, comprising: memory, processor and computer program stored on the memory and executable on the processor, characterized in that the processor implements the configuration method of the installation package according to any one of claims 1 to 7 when executing the computer program.

10. A computer-readable storage medium storing a computer program for executing the configuration method of an installation package according to any one of claims 1 to 7.