[go: up one dir, main page]

CN107871066B - Code compilation method and device based on Android system - Google Patents

Code compilation method and device based on Android system Download PDF

Info

Publication number
CN107871066B
CN107871066B CN201610858878.8A CN201610858878A CN107871066B CN 107871066 B CN107871066 B CN 107871066B CN 201610858878 A CN201610858878 A CN 201610858878A CN 107871066 B CN107871066 B CN 107871066B
Authority
CN
China
Prior art keywords
key information
key
file
code
dynamic library
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610858878.8A
Other languages
Chinese (zh)
Other versions
CN107871066A (en
Inventor
张志亮
金彪
陈建祥
斯炘
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Transfar Logistics Group Co Ltd
Original Assignee
Transfar Logistics Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Transfar Logistics Group Co Ltd filed Critical Transfar Logistics Group Co Ltd
Priority to CN201610858878.8A priority Critical patent/CN107871066B/en
Publication of CN107871066A publication Critical patent/CN107871066A/en
Application granted granted Critical
Publication of CN107871066B publication Critical patent/CN107871066B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)
  • Storage Device Security (AREA)

Abstract

本申请提供一种基于安卓系统的代码编译方法及装置,所述方法包括:开发客户端响应于用户输入的命令行,对所述命令行进行解析,获取所述命令行中携带的关键信息;为所述关键信息随机生成密钥,并将基于所述密钥加密后的所述关键信息和与所述密钥对应的解密算法写入预设的C++代码文件;对所述C++代码文件进行编译,生成动态库文件,以供所述安卓系统的Java层调用所述动态库文件,获取所述关键信息。使用本申请实施例提供的方法,可以有效地提高程序的安全性。

Figure 201610858878

The present application provides a method and device for compiling code based on an Android system. The method includes: a development client, in response to a command line input by a user, parses the command line, and obtains key information carried in the command line; Randomly generate a key for the key information, and write the key information encrypted based on the key and the decryption algorithm corresponding to the key into a preset C++ code file; Compile, and generate a dynamic library file for the Java layer of the Android system to call the dynamic library file to obtain the key information. By using the method provided by the embodiments of the present application, the security of the program can be effectively improved.

Figure 201610858878

Description

基于安卓系统的代码编译方法及装置Code compilation method and device based on Android system

技术领域technical field

本申请涉及计算通信领域,尤其涉及基于安卓系统的代码编译方法及装置。The present application relates to the field of computing and communication, and in particular, to a method and device for compiling code based on an Android system.

背景技术Background technique

安卓系统是一种基于Linux半开源的操作系统,主要应用于移动设备,如智能手机和平板电脑。在实际应用中,开发人员常使用Java语言对安卓系统下的APP(Application,应用程序)进行开发。Android is a semi-open source operating system based on Linux, mainly used in mobile devices such as smartphones and tablets. In practical applications, developers often use the Java language to develop APPs (Applications) under the Android system.

但是由于Java语言开发出来的程序容易被反编译,所以可以通过反编译Java语言开发出来的程序,获取到程序中携带的关键信息,这就使得程序的安全性大幅降低。However, since the programs developed in the Java language are easy to be decompiled, the key information carried in the programs can be obtained by decompiling the programs developed in the Java language, which greatly reduces the security of the programs.

发明内容SUMMARY OF THE INVENTION

有鉴于此,本申请提供一种基于安卓系统的代码编译方法及装置,用以提高程序的安全性。In view of this, the present application provides a code compiling method and device based on an Android system to improve program security.

具体地,本申请是通过如下技术方案实现的:Specifically, the application is achieved through the following technical solutions:

第一方面,本申请提供一种基于安卓系统的代码编译方法,所述方法应用于开发客户端,所述方法包括:In a first aspect, the present application provides a code compilation method based on an Android system, the method is applied to a development client, and the method includes:

响应于用户输入的命令行,对所述命令行进行解析,获取所述命令行中携带的关键信息;In response to the command line input by the user, the command line is parsed to obtain key information carried in the command line;

为所述关键信息随机生成密钥,并将基于所述密钥加密后的所述关键信息和与所述密钥对应的解密算法写入预设的C++代码文件;Randomly generate a key for the key information, and write the encrypted key information based on the key and a decryption algorithm corresponding to the key into a preset C++ code file;

对所述C++代码文件进行编译,生成动态库文件,以供所述安卓系统的Java层调用所述动态库文件,获取所述关键信息。The C++ code file is compiled to generate a dynamic library file for the Java layer of the Android system to call the dynamic library file to obtain the key information.

第二方面,本申请提供一种基于安卓系统的代码编译装置,所述装置包括:In a second aspect, the present application provides a code compiling device based on an Android system, the device comprising:

获取单元,用于响应于用户输入的命令行,对所述命令行进行解析,获取所述命令行中携带的关键信息;an obtaining unit, configured to parse the command line in response to the command line input by the user, and obtain the key information carried in the command line;

写入单元,用于为所述关键信息随机生成密钥,并将基于所述密钥加密后的所述关键信息和与所述密钥对应的解密算法写入预设的C++代码文件;A writing unit, used for randomly generating a key for the key information, and writing the key information encrypted based on the key and a decryption algorithm corresponding to the key into a preset C++ code file;

编译单元,用于对所述C++代码文件进行编译,生成动态库文件,以供所述安卓系统的Java层调用所述动态库文件,获取所述关键信息。A compiling unit, configured to compile the C++ code file to generate a dynamic library file for the Java layer of the Android system to call the dynamic library file to obtain the key information.

本申请实施例提供一种基于安卓系统的代码编译方法,开发客户端通过响应于用户输入的命令行,对所述命令行进行解析,获取所述命令行中携带的关键信息;为所述关键信息随机生成密钥,并将基于所述密钥加密后的所述关键信息和与所述密钥对应的解密算法写入预设的C++代码文件;对所述C++代码文件进行编译,生成动态库文件,以供所述安卓系统的Java层调用所述动态库文件,获取所述关键信息。An embodiment of the present application provides a code compilation method based on an Android system, where a development client parses the command line in response to a command line input by a user, and obtains key information carried in the command line; Randomly generate a key from the information, and write the key information encrypted based on the key and the decryption algorithm corresponding to the key into a preset C++ code file; Compile the C++ code file to generate a dynamic The library file is used for the Java layer of the Android system to call the dynamic library file to obtain the key information.

一方面,由于关键信息是携带在命令行中的,因此可以实现在针对预设的C++代码进行编译打包时,将关键信息动态的传递至C++层,与现有的采用硬编码的方式,将关键信息写入C++代码中的机制相比,可以有效的提升该C++代码程序的可移植性。On the one hand, since the key information is carried in the command line, it is possible to dynamically transfer the key information to the C++ layer when compiling and packaging the preset C++ code. Compared with the mechanism of writing key information into the C++ code, the portability of the C++ code program can be effectively improved.

另一方面,由于针对关键信息进行加密所使用的密钥以及加密算法,是在针对C++代码文件进行编译打包时才随机生成的,不会因为开发人员疏漏而造成泄露,而且由于关键信息是加密后硬编码在程序中的,即使针对程序进行反编译,也很难获取到该密钥和与密钥对应的解密算法,进而无法对加密后的关键信息进行解密。因此,可以有效地提高程序的安全性。On the other hand, since the key and encryption algorithm used for encryption of key information are randomly generated when the C++ code file is compiled and packaged, it will not be leaked due to the omission of developers, and because the key information is encrypted If it is hard-coded in the program, even if the program is decompiled, it is difficult to obtain the key and the decryption algorithm corresponding to the key, so that the encrypted key information cannot be decrypted. Therefore, the security of the program can be effectively improved.

附图说明Description of drawings

图1是本申请一示例性实施例示出的一种基于安卓系统的代码编译方法的流程图;1 is a flowchart of a method for compiling code based on an Android system according to an exemplary embodiment of the present application;

图2是本申请一示例性实施例示出的一种基于安卓系统的代码编译装置所在设备的硬件结构图;2 is a hardware structure diagram of a device where an Android-based code compiling apparatus is located according to an exemplary embodiment of the present application;

图3是本申请一示例性实施例示出的一种基于安卓系统的代码编译装置的框图。FIG. 3 is a block diagram of an Android system-based code compiling apparatus according to an exemplary embodiment of the present application.

具体实施方式Detailed ways

这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施例中所描述的实施方式并不代表与本申请相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本申请的一些方面相一致的装置和方法的例子。Exemplary embodiments will be described in detail herein, examples of which are illustrated in the accompanying drawings. Where the following description refers to the drawings, the same numerals in different drawings refer to the same or similar elements unless otherwise indicated. The implementations described in the illustrative examples below are not intended to represent all implementations consistent with this application. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present application as recited in the appended claims.

在本申请使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本申请。在本申请和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terminology used in this application is for the purpose of describing particular embodiments only and is not intended to limit the application. As used in this application and the appended claims, the singular forms "a," "the," and "the" are intended to include the plural forms as well, unless the context clearly dictates otherwise. It will also be understood that the term "and/or" as used herein refers to and includes any and all possible combinations of one or more of the associated listed items.

应当理解,尽管在本申请可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本申请范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that although the terms first, second, third, etc. may be used in this application to describe various information, such information should not be limited by these terms. These terms are only used to distinguish the same type of information from each other. For example, the first information may also be referred to as the second information, and similarly, the second information may also be referred to as the first information without departing from the scope of the present application. Depending on the context, the word "if" as used herein can be interpreted as "at the time of" or "when" or "in response to determining."

安卓系统是一种基于Linux半开源的操作系统,主要应用于移动设备,如智能手机和平板电脑。在实际应用中,开发人员常使用Java语言对安卓系统下的APP进行开发。Android is a semi-open source operating system based on Linux, mainly used in mobile devices such as smartphones and tablets. In practical applications, developers often use the Java language to develop APPs under the Android system.

在程序开发的过程中,当开发人员完成代码程序编写后,一般需要将编写好的代码编译,生成库文件和Class文件(也就是包含虚拟机指令的文件),然后再将生成的库文件、Class文件转换后的中间产物dex文件和资源文件,基于一定的规则进行打包,生成APK文件。生成的APK文件就是最后的APP文件。所述编译,是将开发人员编写的高级语言(如Java,C++)转换成设备可以执行的虚拟机指令或者二进制指令。所述生成库文件,主要是为了方便其他程序模块进行调用。In the process of program development, after the developer has finished writing the code program, it is generally necessary to compile the written code to generate library files and class files (that is, files containing virtual machine instructions), and then compile the generated library files, The intermediate product dex file and resource file converted from the Class file are packaged based on certain rules to generate an APK file. The generated APK file is the final APP file. The compilation is to convert the high-level language (eg Java, C++) written by the developer into virtual machine instructions or binary instructions that can be executed by the device. The generated library file is mainly for the convenience of calling other program modules.

但是,Java语言编写的程序在编译后,生成的是虚拟机指令。而该虚拟机指令很容易通过反编译的方式,还原成原有的Java语言的程序。当该Java语言编写程序携带有一些关键信息(如密钥)时,就很容易通过反编译的方式被获取到,因此致使Java语言开发的程序的安全性大幅下降。However, after a program written in the Java language is compiled, virtual machine instructions are generated. The virtual machine instruction can be easily restored to the original Java language program by means of decompilation. When the program written in the Java language carries some key information (such as a key), it can be easily obtained by means of decompilation, thus greatly reducing the security of the program written in the Java language.

而对于C++编写的程序,由于程序在编译后,生成的是二进制指令。在对该二进制指令进行反编译时,可以将其反编译成汇编语言。但是由于汇编语言的可读性较差,而且开发人员很难理解该汇编语言,所以使用C++编写的程序安全性更高一些。For programs written in C++, binary instructions are generated after the program is compiled. When the binary instruction is decompiled, it can be decompiled into assembly language. But because assembly language is less readable and difficult for developers to understand, programs written in C++ are more secure.

此外,由于安卓系统支持C++开发一些功能,所以为了提高在安卓系统下开发APP的程序的安全性,在一些情况下,需要将一些关键信息(比如一些用于签名计算的密钥信息)硬编码在C++程序中,在一定程度上,可以防止关键信息(如密钥)被泄露。In addition, since the Android system supports C++ to develop some functions, in order to improve the security of the APP development program under the Android system, in some cases, some key information (such as some key information for signature calculation) needs to be hard-coded In C++ programs, to a certain extent, critical information (such as keys) can be prevented from being leaked.

然而,将关键信息硬编码在C++程序中,一方面,可能会因为相关人员的疏忽,而将上述关键信息泄露。另一方面,通过硬编码的方式使得包含该C++程序的模块很难被其他程序重用,使得程序的移植性较低。However, hard-coding key information in a C++ program may, on the one hand, leak the above-mentioned key information due to the negligence of relevant personnel. On the other hand, hard-coding makes it difficult for the module containing the C++ program to be reused by other programs, making the program less portable.

本申请实施例提供一种基于安卓系统的代码编译方法,开发客户端通过响应于用户输入的命令行,对所述命令行进行解析,获取所述命令行中携带的关键信息;为所述关键信息随机生成密钥,并将基于所述密钥加密后的所述关键信息和与所述密钥对应的解密算法写入预设的C++代码文件;对所述C++代码文件进行编译,生成动态库文件,以供所述安卓系统的Java层调用所述动态库文件,获取所述关键信息。An embodiment of the present application provides a code compilation method based on an Android system, where a development client parses the command line in response to a command line input by a user, and obtains key information carried in the command line; Randomly generate a key from the information, and write the key information encrypted based on the key and the decryption algorithm corresponding to the key into a preset C++ code file; Compile the C++ code file to generate a dynamic The library file is used for the Java layer of the Android system to call the dynamic library file to obtain the key information.

一方面,由于关键信息是携带在命令行中的,因此可以实现在针对预设的C++代码进行编译打包时,将关键信息动态的传递至C++层,与现有的采用硬编码的方式,将关键信息写入C++代码中的机制相比,可以有效的提升该C++代码程序的可移植性。On the one hand, since the key information is carried in the command line, it is possible to dynamically transfer the key information to the C++ layer when compiling and packaging the preset C++ code. Compared with the mechanism of writing key information into the C++ code, the portability of the C++ code program can be effectively improved.

另一方面,由于针对关键信息进行加密所使用的密钥以及加密算法,是在针对C++代码文件进行编译打包时才随机生成的,不会因为开发人员疏漏而造成泄露,而且由于关键信息是加密后硬编码在程序中的,即使针对程序进行反编译,也很难获取到该密钥和与密钥对应的解密算法,进而无法对加密后的关键信息进行解密。因此,可以有效地提高程序的安全性。On the other hand, since the key and encryption algorithm used for encryption of key information are randomly generated when the C++ code file is compiled and packaged, it will not be leaked due to the omission of developers, and because the key information is encrypted If it is hard-coded in the program, even if the program is decompiled, it is difficult to obtain the key and the decryption algorithm corresponding to the key, so that the encrypted key information cannot be decrypted. Therefore, the security of the program can be effectively improved.

参见图1,图1是图1是本申请一示例性实施例示出的一种基于安卓系统的代码编译方法的流程图,所述方法应用于基于安卓系统的开发客户端,所述方法包括:Referring to FIG. 1, FIG. 1 is a flowchart of an Android system-based code compilation method shown in an exemplary embodiment of the present application. The method is applied to an Android system-based development client, and the method includes:

步骤101:响应于用户输入的命令行,对所述命令行进行解析,获取所述命令行中携带的关键信息;Step 101: In response to a command line input by a user, parse the command line to obtain key information carried in the command line;

上述关键信息,包括需要传递至C++代码文件中的密钥信息;例如,上述关键信息可以用于签名计算的密钥信息。The above-mentioned key information includes the key information that needs to be transmitted to the C++ code file; for example, the above-mentioned key information can be used for the key information for signature calculation.

上述开发客户端,可以是用于安卓开发的客户端软件,通过该客户端软件可以针对已经编辑完成的C++代码文件进行打包以及编译。The above-mentioned development client may be client software for Android development, through which the edited C++ code file can be packaged and compiled.

例如,在实际应用中,上述客户端软件具体可以是代码编译打包的工具软件,该软件工具可以面向开发人员提供交互界面,开发人员可以通过在该交互界面中输入命令行,与该软件工具进行交互,完成针对已编辑完成的C++代码进行编译以及打包等操作。For example, in practical applications, the above-mentioned client software may specifically be tool software for code compilation and packaging. The software tool can provide an interactive interface for developers, and developers can enter command lines in the interactive interface to interact with the software tool. Interact to complete the compilation and packaging of the edited C++ code.

开发客户端在基于安卓的开发过程中,如果需要向C++代码中传递一些密钥信息,通常情况下,常用的做法是开发人员将关键信息在针对C++代码进行编译之前,直接将关键信息以硬编码的方式静态的写入到C++代码的形式。In the process of developing the client based on Android, if it is necessary to pass some key information to the C++ code, usually, the common practice is that the developer directly converts the key information to the hard disk before compiling the C++ code. The way of coding is statically written to the form of C++ code.

通过这种方式,就很容易使得获取到该C++代码的人员获取到该关键信息,致使该关键信息的泄露。而且,通过硬编码的方式,使得包含该C++代码程序的模块很难被其他程序重用。In this way, it is easy for the person who obtains the C++ code to obtain the key information, resulting in the disclosure of the key information. Moreover, by means of hard coding, it is difficult for the module containing the C++ code program to be reused by other programs.

在本例中,可以对命令行的格式进行扩展,使之可以携带关键信息,从而可以在针对已编辑完成的C++代码进行编译时,通过命令行将关键信息动态的传递至到该C++代码中,从而使得在编译打包之前的C++代码可以被其它程序所使用,提升该C++代码的可移植性。In this example, the format of the command line can be extended to carry key information, so that when compiling the edited C++ code, the key information can be dynamically passed to the C++ code through the command line, Therefore, the C++ code before being compiled and packaged can be used by other programs, and the portability of the C++ code is improved.

同时,关键信息可以“掩盖”在命令行下,只有开发客户端可以根据一定的算法解析出该命令行中携带的关键信息,而其他人员即使获取到该命令行,也很难确定命令行中的关键信息。因此,在一定程度提高了该关键信息的安全性。At the same time, key information can be "masked" under the command line. Only the development client can parse out the key information carried in the command line according to a certain algorithm. key information. Therefore, the security of the key information is improved to a certain extent.

在本例中,当开发人员输入命令行对已编辑完成的C++代码文件进行编译时,该命令行中可以携带有开发人员输入的关键信息,当开发客户端接收到该命令行后。可以对该命令行进行解析,获取该命令行中携带的关键信息。In this example, when the developer inputs a command line to compile the edited C++ code file, the command line can carry the key information input by the developer, and the development client receives the command line. The command line can be parsed to obtain key information carried in the command line.

步骤102:为所述关键信息随机生成密钥,并将基于所述密钥加密后的所述关键信息和与所述密钥对应的解密算法写入预设的C++代码文件;Step 102: randomly generate a key for the key information, and write the encrypted key information based on the key and a decryption algorithm corresponding to the key into a preset C++ code file;

为了进一步提升关键信息的安全性,当在编辑阶段将关键信息动态的传递到C++代码文件中后,上述开发客户端还可以为该关键信息随机生成密钥,并可以基于该随机生成的密钥,为该密钥选择对应的加、解密算法。In order to further improve the security of key information, after the key information is dynamically transferred to the C++ code file in the editing stage, the above-mentioned development client can also randomly generate a key for the key information, and can generate a key based on the randomly generated key , select the corresponding encryption and decryption algorithm for the key.

其中,上述加、解密算法,可以是对称加、解密算法,也可以是非对称加解密算法,在本例中不进行特别限定。The above encryption and decryption algorithms may be symmetric encryption and decryption algorithms or asymmetric encryption and decryption algorithms, which are not particularly limited in this example.

当上述开发客户端为该关键信息随机生成密钥,选择了对应的加、解密算法后,该开发客户端可以基于随机生成的密钥以及与之对应的加密算法,对上述关键信息进行加密。当加密完成后,该开发客户端可以将加密后的关键信息,以及用于对该关键信息进行解密的解密算法写入C++代码文件中。When the above-mentioned development client randomly generates a key for the key information and selects the corresponding encryption and decryption algorithms, the development client can encrypt the above-mentioned key information based on the randomly generated key and the corresponding encryption algorithm. After the encryption is completed, the development client can write the encrypted key information and a decryption algorithm for decrypting the key information into a C++ code file.

在这里,值得说明的是,当开发客户端通过解析命令行,获得关键信息后,设备可以为该关键信息随机生成密钥,并选择与该密钥对应的加、解密算法,并使用该密钥和该加密算法对关键信息加密。Here, it is worth noting that when the development client obtains key information by parsing the command line, the device can randomly generate a key for the key information, select the encryption and decryption algorithms corresponding to the key, and use the key key and the encryption algorithm to encrypt key information.

一方面,即使程序可以被反编译,那么获取到的也只是加密后的关键信息。另一方面,由于密钥是设备随机生成的,即使是输入关键信息的用户也很难知道生成的密钥,这使得即使程序被泄露或者被反编译,也很难获取到密钥。因此,可以有效地提高程序的安全性。On the one hand, even if the program can be decompiled, only the encrypted key information is obtained. On the other hand, since the key is randomly generated by the device, it is difficult for even the user who enters the key information to know the generated key, which makes it difficult to obtain the key even if the program is leaked or decompiled. Therefore, the security of the program can be effectively improved.

步骤103:对所述C++代码文件进行编译,生成动态库文件,以供所述安卓系统的Java层调用所述动态库文件,获取所述关键信息。Step 103: Compile the C++ code file to generate a dynamic library file for the Java layer of the Android system to call the dynamic library file to obtain the key information.

在本申请实施例中,当开发客户端将上述加密后的关键信息和解密算法写入上述C++代码文件后,可以对该C++文件进行编译,生成动态库文件。In the embodiment of the present application, after the development client writes the encrypted key information and the decryption algorithm into the C++ code file, the C++ file can be compiled to generate a dynamic library file.

在实现时,当开发客户端将上述加密后的关键信息和解密算法写入上述C++代码文件后,设备可以将该C++代码文件引入MakeFile(编译方式)编译清单,并基于该MakeFile预定义的编译规则,对该C++代码文件进行编译。在编译完成后,设备可以将该编译后的C++代码文件生成动态库文件。During implementation, after the development client writes the above-mentioned encrypted key information and decryption algorithm into the above-mentioned C++ code file, the device can import the C++ code file into the MakeFile (compilation method) compilation list, and compile the file based on the pre-defined MakeFile rules to compile the C++ code file. After the compilation is completed, the device can generate a dynamic library file from the compiled C++ code file.

其中,上述MakeFile是一种用于定义编译规则的文件。由于一个工程中包含有大量的源文件,MakeFile就定义了对这些源文件进行编译的编译规则,比如MakeFile定义了哪些文件需要先进行编译,哪些文件需要后进行编译以及哪些文件需要重新编译等。The above MakeFile is a file for defining compilation rules. Since a project contains a large number of source files, MakeFile defines the compilation rules for compiling these source files. For example, MakeFile defines which files need to be compiled first, which files need to be compiled later, and which files need to be recompiled.

在本实施例中,当生成动态库文件后,该开发客户端可以对该动态库文件等进行打包,生成APK文件,然后安卓系统的Java层可以通过JNI(Java Native Interface,Java本地调用)调用该APK文件(即打包后的库文件),并基于所述动态库文件中的解密算法,对所述加密后的关键信息进行解密然后基于解密后的关键信息完成相应的功能。In this embodiment, after the dynamic library file is generated, the development client can package the dynamic library file, etc., to generate an APK file, and then the Java layer of the Android system can be called through JNI (Java Native Interface, Java Native Call). The APK file (that is, the packaged library file) decrypts the encrypted key information based on the decryption algorithm in the dynamic library file, and then completes corresponding functions based on the decrypted key information.

在实现时,当安卓系统的Java层需要使用上述关键信息实现相应的功能时,比如当Java层需要调用密钥进行签名计算时,安卓系统的Java层可以调用上述打包后的动态库文件(即APK文件)。当Java层调用该动态库文件时,该开发客户端可以基于所述动态库文件中的解密算法,对上述加密后的关键信息进行解密。During implementation, when the Java layer of the Android system needs to use the above key information to implement corresponding functions, for example, when the Java layer needs to call the key for signature calculation, the Java layer of the Android system can call the above packaged dynamic library file (ie APK file). When the Java layer calls the dynamic library file, the development client can decrypt the encrypted key information based on the decryption algorithm in the dynamic library file.

如果上述加、解密算法是对称的加解密算法,则在对关键信息解密时,可以使用与加密算法相同的密钥以及解密算法对所述关键信息进行解密。If the above encryption and decryption algorithms are symmetric encryption and decryption algorithms, when decrypting the key information, the same key and decryption algorithm as the encryption algorithm can be used to decrypt the key information.

如果上述加、解密算法是非对称的加解密算法,对于非对称的加、解密算法来说,加密和解密时所使用的密钥是不同的,在本实施例中,开发客户端在编译过程中可以使用公钥对所述关键信息进行加密。在对该关键信息进行解密时,可以使用与公钥对应的私钥对该关键信息进行解密。If the above encryption and decryption algorithms are asymmetric encryption and decryption algorithms, for asymmetric encryption and decryption algorithms, the keys used for encryption and decryption are different. The key information can be encrypted using the public key. When decrypting the key information, a private key corresponding to the public key can be used to decrypt the key information.

其中,对关键信息进行解密所需的密钥可以携带于上述C++代码文件中,也可以通过密钥管理服务器对上述加密所需密钥和解密所需密钥进行管理,在对关键信息进行解密时,可以向该密钥管理服务器获取解密所需的密钥。The key required for decrypting the key information can be carried in the above-mentioned C++ code file, or the key required for encryption and the key required for decryption can be managed by the key management server, and the key information is decrypted when the key information is decrypted. , the key required for decryption can be obtained from the key management server.

当完成解密后,安卓系统的Java层可以获取该关键信息,并基于该关键信息实现相应的功能。After the decryption is completed, the Java layer of the Android system can obtain the key information, and implement corresponding functions based on the key information.

其中,上述JNI是Java平台的一部分,主要用于使Java编写的代码与其他语言编写的代码进行交互。Among them, the above-mentioned JNI is a part of the Java platform, and is mainly used to make the code written in Java interact with the code written in other languages.

在这里,值得说明的是,当Java层需要调用该包含有该加密后的关键信息的动态库文件时,上述开发客户端才可以对该加密后的关键信息进行解密。而加密后的关键信息在通常状态下,是以加密的形式存在的。这样的设计方式,可以有效地提高该关键信息的安全性。Here, it is worth noting that when the Java layer needs to call the dynamic library file containing the encrypted key information, the above-mentioned development client can decrypt the encrypted key information. The encrypted key information exists in an encrypted form under normal conditions. Such a design method can effectively improve the security of the key information.

本申请实施例提供一种基于安卓系统的代码编译方法,开发客户端通过响应于用户输入的命令行,对所述命令行进行解析,获取所述命令行中携带的关键信息;为所述关键信息随机生成密钥,并将基于所述密钥加密后的所述关键信息和与所述密钥对应的解密算法写入预设的C++代码文件;对所述C++代码文件进行编译,生成动态库文件,以供所述安卓系统的Java层调用所述动态库文件,获取所述关键信息。An embodiment of the present application provides a code compilation method based on an Android system, where a development client parses the command line in response to a command line input by a user, and obtains key information carried in the command line; Randomly generate a key from the information, and write the key information encrypted based on the key and the decryption algorithm corresponding to the key into a preset C++ code file; Compile the C++ code file to generate a dynamic The library file is used for the Java layer of the Android system to call the dynamic library file to obtain the key information.

一方面,由于关键信息是携带在命令行中的,因此可以实现在针对预设的C++代码进行编译打包时,将关键信息动态的传递至C++层,与现有的采用硬编码的方式,将关键信息写入C++代码中的机制相比,可以有效的提升该C++代码程序的可移植性。On the one hand, since the key information is carried in the command line, it is possible to dynamically transfer the key information to the C++ layer when compiling and packaging the preset C++ code. Compared with the mechanism of writing key information into the C++ code, the portability of the C++ code program can be effectively improved.

另一方面,由于针对关键信息进行加密所使用的密钥以及加密算法,是在针对C++代码文件进行编译打包时才随机生成的,不会因为开发人员疏漏而造成泄露,而且由于关键信息是加密后硬编码在程序中的,即使针对程序进行反编译,也很难获取到该密钥和与密钥对应的解密算法,进而无法对加密后的关键信息进行解密。因此,可以有效地提高程序的安全性。On the other hand, since the key and encryption algorithm used for encryption of key information are randomly generated when the C++ code file is compiled and packaged, it will not be leaked due to the omission of developers, and because the key information is encrypted If it is hard-coded in the program, even if the program is decompiled, it is difficult to obtain the key and the decryption algorithm corresponding to the key, so that the encrypted key information cannot be decrypted. Therefore, the security of the program can be effectively improved.

与前述基于安卓系统的代码编译方法的实施例相对应,本申请还提供了基于安卓系统的代码编译装置的实施例。Corresponding to the foregoing embodiments of the code compiling method based on the Android system, the present application also provides an embodiment of the code compiling apparatus based on the Android system.

本申请基于安卓系统的代码编译装置的实施例可以应用在开发客户端上。装置实施例可以通过软件实现,也可以通过硬件或者软硬件结合的方式实现。以软件实现为例,作为一个逻辑意义上的装置,是通过其所在开发客户端的处理器将非易失性存储器中对应的计算机程序指令读取到内存中运行形成的。从硬件层面而言,如图2所示,为本申请基于安卓系统的代码编译装置所在开发客户端的一种硬件结构图,除了图2所示的处理器、内存、网络接口、以及非易失性存储器之外,实施例中装置所在的开发客户端通常根据该基于安卓系统的代码编译的实际功能,还可以包括其他硬件,对此不再赘述。The embodiments of the Android system-based code compiling apparatus of the present application can be applied to a development client. The apparatus embodiment may be implemented by software, or may be implemented by hardware or a combination of software and hardware. Taking software implementation as an example, a device in a logical sense is formed by reading the corresponding computer program instructions in the non-volatile memory into the memory through the processor of the development client where the device is located. From the perspective of hardware, as shown in FIG. 2 , it is a hardware structure diagram of the development client where the code compiling apparatus based on the Android system of the present application is located, except for the processor, memory, network interface, and non-volatile shown in FIG. 2 In addition to the non-volatile memory, the development client where the device is located in the embodiment generally may also include other hardware according to the actual function of the code compiled based on the Android system, which will not be repeated here.

请参考图3,图3是本申请一示例性实施例示出的一种基于安卓系统的代码编译装置的框图。所述装置应用于开发客户端,所述装置包括:获取单元310,写入单元320和编译单元330。Please refer to FIG. 3 , which is a block diagram of an Android-based code compilation apparatus according to an exemplary embodiment of the present application. The apparatus is applied to developing a client, and the apparatus includes: an acquiring unit 310 , a writing unit 320 and a compiling unit 330 .

其中,获取单元310,用于响应于用户输入的命令行,对所述命令行进行解析,获取所述命令行中携带的关键信息;Wherein, the obtaining unit 310 is configured to parse the command line in response to the command line input by the user, and obtain the key information carried in the command line;

写入单元320,用于为所述关键信息随机生成密钥,并将基于所述密钥加密后的所述关键信息和与所述密钥对应的解密算法写入预设的C++代码文件;A writing unit 320 is used to randomly generate a key for the key information, and write the key information encrypted based on the key and a decryption algorithm corresponding to the key into a preset C++ code file;

编译单元330,用于对所述C++代码文件进行编译,生成动态库文件,以供所述安卓系统的Java层调用所述动态库文件,获取所述关键信息。The compiling unit 330 is configured to compile the C++ code file to generate a dynamic library file for the Java layer of the Android system to call the dynamic library file to obtain the key information.

在一个可选的实现方式中:In an alternative implementation:

所述写入单元320,具体用于选择与所述密钥对应的加、解密算法。基于所述加密算法和所述密钥,对所述关键信息进行加密;将加密后的所述关键信息,以及与所述密钥对应的解密算法,写入所述预设的C++代码文件。The writing unit 320 is specifically configured to select an encryption and decryption algorithm corresponding to the key. The key information is encrypted based on the encryption algorithm and the key; the encrypted key information and the decryption algorithm corresponding to the key are written into the preset C++ code file.

在另一个可选的实现方式中:In another alternative implementation:

所述编译单元330,具体用于基于MakeFile编译清单,对所述C++代码文件进行编译,并生成所述动态库文件。The compiling unit 330 is specifically configured to compile the C++ code file based on the MakeFile compilation list, and generate the dynamic library file.

在另一个可选的实现方式中:In another alternative implementation:

所述编译单元330,进一步用于安卓系统的Java层通过JNI调用所述动态库文件;基于所述动态库文件中的解密算法,对所述加密后的关键信息进行解密;所述Java层获取所述解密后的关键信息。The compiling unit 330 is further used for the Java layer of the Android system to call the dynamic library file through JNI; decrypt the encrypted key information based on the decryption algorithm in the dynamic library file; the Java layer obtains the decrypted key information.

上述装置中各个单元的功能和作用的实现过程具体详见上述方法中对应步骤的实现过程,在此不再赘述。For details of the implementation process of the functions and functions of each unit in the above device, please refer to the implementation process of the corresponding steps in the above method, which will not be repeated here.

对于装置实施例而言,由于其基本对应于方法实施例,所以相关之处参见方法实施例的部分说明即可。以上所描述的装置实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本申请方案的目的。本领域普通技术人员在不付出创造性劳动的情况下,即可以理解并实施。For the apparatus embodiments, since they basically correspond to the method embodiments, reference may be made to the partial descriptions of the method embodiments for related parts. The device embodiments described above are only illustrative, wherein the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in One place, or it can be distributed over multiple network elements. Some or all of the modules can be selected according to actual needs to achieve the purpose of the solution of the present application. Those of ordinary skill in the art can understand and implement it without creative effort.

以上所述仅为本申请的较佳实施例而已,并不用以限制本申请,凡在本申请的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本申请保护的范围之内。The above descriptions are only preferred embodiments of the present application, and are not intended to limit the present application. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present application shall be included in the present application. within the scope of protection.

Claims (6)

1. A code compiling method based on an android system is applied to a development client side, and comprises the following steps:
responding to a command line input by a user, analyzing the command line, and acquiring key information carried in the command line;
randomly generating a key for the key information, and writing the key information encrypted based on the key and a decryption algorithm corresponding to the key into a preset C + + code file;
compiling the C + + code file to generate a dynamic library file, so that a Java layer of the android system can call the dynamic library file to obtain the key information; the key information comprises key information needing to be transmitted to a C + + code file;
the Java layer of the android system calls the dynamic library file to acquire the key information, and the method comprises the following steps:
calling the dynamic library file by a Java layer of the android system through Java local calling JNI;
decrypting the encrypted key information based on a decryption algorithm in the dynamic library file;
and the Java layer acquires the decrypted key information.
2. The method according to claim 1, wherein the writing the key information encrypted based on the key and the decryption algorithm corresponding to the key into a pre-defined C + + code file includes:
selecting an encryption algorithm and a decryption algorithm corresponding to the secret key;
encrypting the key information based on the encryption algorithm and the key;
and writing the encrypted key information and a decryption algorithm corresponding to the key into the preset C + + code file.
3. The method of claim 1, wherein compiling the C + + code file to generate a dynamic library file comprises:
compiling the C + + code file based on a MakeFile compilation list, and generating the dynamic library file.
4. An android-based code compiling apparatus, the apparatus comprising:
the acquisition unit is used for responding to a command line input by a user, analyzing the command line and acquiring key information carried in the command line;
a writing unit, configured to randomly generate a key for the key information, and write the key information encrypted based on the key and a decryption algorithm corresponding to the key into a preset C + + code file;
the compiling unit is used for compiling the C + + code file to generate a dynamic library file so that a Java layer of the android system can call the dynamic library file to acquire the key information; the key information comprises key information needing to be transmitted to a C + + code file;
the compiling unit is further configured to:
calling the dynamic library file by a Java layer of the android system through Java local calling JNI;
decrypting the encrypted key information based on a decryption algorithm in the dynamic library file;
and the Java layer acquires the decrypted key information.
5. The apparatus of claim 4, wherein the write unit is specifically configured to:
selecting an encryption algorithm and a decryption algorithm corresponding to the secret key;
encrypting the key information based on the encryption algorithm and the key;
and writing the encrypted key information and a decryption algorithm corresponding to the key into the preset C + + code file.
6. The apparatus according to claim 4, wherein the compiling unit is specifically configured to:
compiling the C + + code file based on a MakeFile compilation list, and generating the dynamic library file.
CN201610858878.8A 2016-09-28 2016-09-28 Code compilation method and device based on Android system Active CN107871066B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610858878.8A CN107871066B (en) 2016-09-28 2016-09-28 Code compilation method and device based on Android system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610858878.8A CN107871066B (en) 2016-09-28 2016-09-28 Code compilation method and device based on Android system

Publications (2)

Publication Number Publication Date
CN107871066A CN107871066A (en) 2018-04-03
CN107871066B true CN107871066B (en) 2020-10-09

Family

ID=61762038

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610858878.8A Active CN107871066B (en) 2016-09-28 2016-09-28 Code compilation method and device based on Android system

Country Status (1)

Country Link
CN (1) CN107871066B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109740315A (en) * 2018-12-28 2019-05-10 深圳前海微众银行股份有限公司 Constant protection method, device, device and storage medium based on Android platform
CN109995526A (en) * 2019-04-10 2019-07-09 睿驰达新能源汽车科技(北京)有限公司 A kind of storage method of key and the call method and device of device, key
CN110275710B (en) * 2019-06-10 2023-07-14 天翼电子商务有限公司 Method and system for checking consistency of Java local interface, storage medium and terminal
CN110362970A (en) * 2019-07-23 2019-10-22 北京智游网安科技有限公司 A kind of method preventing application program decompiling, storage medium and terminal device
CN112434286B (en) * 2020-11-12 2024-10-29 浙江大华技术股份有限公司 Dynamic library calling method and device, electronic device and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103077066A (en) * 2013-02-02 2013-05-01 深圳市中兴移动通信有限公司 Method and system for embedding product key information during compiling
CN104462959A (en) * 2014-12-04 2015-03-25 北京奇虎科技有限公司 Reinforcement protection method, sever and system for android app

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3057019A1 (en) * 2015-02-13 2016-08-17 Thomson Licensing Method and device for protecting an application and method and device for executing a protected application thus protected

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103077066A (en) * 2013-02-02 2013-05-01 深圳市中兴移动通信有限公司 Method and system for embedding product key information during compiling
CN104462959A (en) * 2014-12-04 2015-03-25 北京奇虎科技有限公司 Reinforcement protection method, sever and system for android app

Also Published As

Publication number Publication date
CN107871066A (en) 2018-04-03

Similar Documents

Publication Publication Date Title
EP3518098B1 (en) Cross platform content management and distribution system
US10482262B2 (en) Static analysis based on abstract program representations
US9471288B2 (en) Compile based obfuscation
CN104462959B (en) A reinforcement protection method, server and system for Android applications
CN107871066B (en) Code compilation method and device based on Android system
JP5990654B2 (en) Application code obfuscation device and method
US20160203087A1 (en) Method for providing security for common intermediate language-based program
CN106415491B (en) Application protection method, server and terminal
JP6392446B2 (en) Cloud-based application security service providing method and system
CN109992987B (en) Script file protection method and device based on Nginx and terminal equipment
CN103902858A (en) APK application reinforcing method and system
US9292708B2 (en) Protection of interpreted source code in virtual appliances
CN114547558B (en) Authorization method, authorization control device, equipment and medium
Singh et al. Analysis of malicious behavior of android apps
WO2023029447A1 (en) Model protection method, device, apparatus, system and storage medium
CN109844748A (en) Security services hosted in a virtual security environment
KR102818214B1 (en) Model protection method and device, electronic device, model protection system, storage medium and computer program
CN113836582A (en) Software encryption and decryption method, device, electronic device and storage medium
CN113591040B (en) Encryption method and device, decryption method and device, electronic device and medium
CN112115430A (en) Apk reinforcement method, electronic equipment and storage medium
KR20180028666A (en) Method and apparatus for preventing reverse engineering
JP7655656B2 (en) Software Access Through Heterogeneous Encryption
CN109543433B (en) Software development kit encryption method, device, computer and storage medium
CN115828190A (en) PE file data protection method, device, equipment and medium
CN110427319B (en) Lightweight thermal restoration method and device based on IOS and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant