[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN113961912A - Android software package automatic encryption and decryption method, device, device and storage medium - Google Patents

Android software package automatic encryption and decryption method, device, device and storage medium Download PDF

Info

Publication number
CN113961912A
CN113961912A CN202111224368.2A CN202111224368A CN113961912A CN 113961912 A CN113961912 A CN 113961912A CN 202111224368 A CN202111224368 A CN 202111224368A CN 113961912 A CN113961912 A CN 113961912A
Authority
CN
China
Prior art keywords
software package
file
decryption
encryption
android
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111224368.2A
Other languages
Chinese (zh)
Inventor
聂晓阳
叶木森
施建安
庄一波
赵友平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xiamen Yilianzhong Yihui Technology Co ltd
Original Assignee
Xiamen Yilianzhong Yihui Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xiamen Yilianzhong Yihui Technology Co ltd filed Critical Xiamen Yilianzhong Yihui Technology Co ltd
Priority to CN202111224368.2A priority Critical patent/CN113961912A/en
Publication of CN113961912A publication Critical patent/CN113961912A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/174Redundancy elimination performed by the file system
    • G06F16/1744Redundancy elimination performed by the file system using compression, e.g. sparse files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention provides an automatic encryption and decryption method, device, equipment and storage medium for an android software package, wherein the method comprises the following steps: when an instruction for packaging an android software package is detected, starting an encryption and decryption module pre-integrated in android IDE packaging software; the encryption and decryption module comprises a gradle script for automatically encrypting the resource file and the code file, an automatic decryption entry function and an interception function for intercepting a Java layer system API; encrypting the plaintext resource file and the code file in the android software package according to the gradle script, and inserting an automatic decryption entry function and an interception function for intercepting a Java layer system API (application program interface) to obtain a ciphertext resource file and a ciphertext code file; and replacing the plaintext resource file and the plaintext code file with the ciphertext resource file and the ciphertext code file to obtain the encrypted android software package. The invention can improve the security and convenience of the encryption and decryption of the software package installation.

Description

Automatic encryption and decryption method, device, equipment and storage medium for android software package
Technical Field
The invention relates to the technical field of computers, in particular to a task management method, a device, equipment and a storage medium for supporting automatic promotion.
Background
Software apk (Android application package) running in an Android operating system is an extended format based on a ZIP file format, and is also a format file similar to a JAR file structure mode. A complete APK file must contain compiled classes. The device comprises a plurality of classes and dex code files, wherein the naming rules are classes and dex, classes2.dex, classes3.dex and the like; arsc is used to manage the resource ID and the index file of the corresponding resource path; files under the assets directory are not compressed and are packed into APK software without being changed, and loading of resources in the secondary directory is supported; the lib directory stores a dynamic library so file generated by c/c + + compilation; xml is the only list configuration file required by the APK software package, and the detailed information such as software version number, authority statement and the like is recorded in the list configuration file; the Android operating system requires that the APK software package can be normally installed and used after being signed, and the META-INF is a directory for storing the signature information; all layout interface resources, drawable picture resources, xml configuration resources, color colors and other resources of the APK software package are stored in the res directory, and the layout interface resources, drawable picture resources, xml configuration resources, color colors and other resources are all compressed binary files except the res/raw native directory.
Some happy persons can obtain all the files by decompressing the APK software package through the common compression software in the Windows or Mac system. Because the resource files such as pictures, xml layout, html, js and the like are stored in an unencrypted manner, the risk of resource leakage and theft exists. In addition, the business function codes positioned to the core in the smali can be analyzed reversely by combining with the index of the xml resource ID, so that the risk of being cracked and plagiarized is realized.
At present, the android resource file protection method based on Hook can effectively solve the existing risk problem. Compressing a configured resource file to be encrypted into a zip file; encrypting the compressed zip file to obtain and store the encrypted zip file; inserting the decryption code into the DEX file, and recompiling to generate the DEX file; repackaging the encrypted resource files; and operating the APK file, intercepting through a Hook system, automatically decrypting the encrypted resource file, and returning the decrypted resource file to the system for displaying.
The android resource file protection method based on Hook can achieve an effective protection effect on resource files in an APK (android package) software package, but still has the following defects:
firstly, the safety is not enough. The scheme only encrypts most resource files, does not realize encryption protection on class.
Secondly, the flexibility is not enough. The entry of a decryption function of the scheme depends on application, and if the APK software package does not have application, the android Manifest xml is required to be invaded and modified to point to the inserted application code;
thirdly, the practical operability is not strong. In the decryption process of the scheme, hook system APIs are required, namely ApkAssesses on the java level, namely Open and FindEntry, and FindEntry and FileDescriptor on the so level libziparchieve are not convenient for practical operation;
fourthly, the convenience is not enough. The whole encryption and packaging process of the scheme needs manual processing, and relates to APK unpacking, resource compression to obtain a zip file, encryption processing of the zip file, deletion of a plaintext resource file, insertion of a decryption code, and repacking of a signature. The operation steps are complicated, the details are numerous, the manual processing is time-consuming, and errors are easy to occur.
Disclosure of Invention
In view of the above, the present invention provides an automatic encryption and decryption method, apparatus, device and storage medium for an android software package, so as to improve the above problem.
The embodiment of the invention provides an automatic encryption and decryption method for an android software package, which comprises the following steps:
when an instruction for packaging an android software package is detected, starting an encryption and decryption module pre-integrated in android IDE packaging software; the encryption and decryption module comprises a gradle script for automatically encrypting the resource file and the code file, an automatic decryption entry function and an interception function for intercepting a Java layer system API;
encrypting the plaintext resource file and the code file in the android software package according to the gradle script to obtain a ciphertext resource file and a ciphertext code file;
and replacing the plaintext resource file and the plaintext code file with the ciphertext resource file and the ciphertext code file, and inserting an automatic decryption entry function and an interception function for intercepting the Java layer system API to obtain the encrypted android software package.
Preferably, the method further comprises the following steps:
when an instruction for installing the encrypted android software package is detected, decompressing the encrypted android software package to obtain a resource file and a code file of a ciphertext, and decompressing the resource file and the code file of the ciphertext to a sandbox environment of an android system;
intercepting a designated API of a Java layer system through an interception function, decrypting a resource file and a code file of a ciphertext according to an automatic decryption entry function to obtain a resource file and a code file of a plaintext, and storing the resource file and the code file in the sandbox environment;
dynamically loading a code file of a plaintext, and adding/replacing a resource file of the plaintext to a resource searching path;
and displaying the plain text resource file and the plain text code file, wherein the intercepted API of the Java layer system triggers loading of the plain text resource file and the plain text code file in the system sandbox environment, and displaying the plain text in the memory.
Preferably, replacing the resource file and the code file of the plain text with the resource file and the code file of the cipher text comprises:
encrypting and replacing the assets directory resources;
encrypting and replacing res directory resources;
encrypting and replacing lib directory resources;
encrypt and replace the code file.
Preferably, intercepting the designated API of the Java layer system includes:
ResourcesImpl::loadXmlResourceParser,ResourcesImpl::loadDrawableForCookie;
AssetManager::openXmlResourceParser,AssetManager::open;
ApkAssets::loadFromPath;
System::load,System::loadLibrary。
preferably, the auto-decrypt entry function is implemented using provider.
Preferably, the gradle script replaces the plaintext resource file and the plaintext code file with the ciphertext resource file and the ciphertext code file to obtain the encrypted android software package, and simultaneously signs the android software package.
The embodiment of the invention also provides an automatic encryption and decryption device for the android software package, which comprises the following components:
the packaging unit is used for starting an encryption and decryption module which is integrated in the android IDE packaging software in advance when an instruction for packaging the android software package is detected; the encryption and decryption module comprises a gradle script for automatically encrypting the resource file and the code file, an automatic decryption entry function and an interception function for intercepting a Java layer system API;
the encryption unit is used for encrypting the plaintext resource file and the code file in the android software package according to the gradle script to obtain a ciphertext resource file and a ciphertext code file;
and the replacing unit is used for replacing the resource file and the code file of the plaintext by using the resource file and the code file of the ciphertext, inserting an automatic decryption entry function and an interception function for intercepting the API (application program interface) of the Java layer system, and obtaining the encrypted android software package.
The embodiment of the invention also provides an automatic encryption and decryption device for the android software package, which comprises a memory and a processor, wherein a computer program is stored in the memory, and the computer program can be executed by the processor so as to realize the automatic encryption and decryption method for the android software package.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored, where the computer program can be executed by a processor of a device where the computer-readable storage medium is located, so as to implement the above-mentioned automatic android software package encryption and decryption method.
In summary, the present embodiment has the following advantages:
(1) the encryption of the code file and the resource file is supported, and the safety of the android software package is further effectively improved;
(2) the automation of the gradle script is realized in the whole encryption and packaging process, manual unpacking and packaging are not needed to encrypt resources and code files, and a decryption function is not needed to be inserted, so that the packaging time is greatly saved, and the user experience of the operation process is improved;
(3) self-initialization of the decryption function is realized by using the provider, the decryption function does not need to depend on application codes, whether the installation software package has application or not is judged, and execution of the decryption function is not influenced;
(4) the decryption process of the invention needs a Hook system API, only needs a java level API, and does not relate to a so layer, thereby improving the real operability of the decryption process.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
Fig. 1 is a schematic flow chart of an automatic encryption and decryption method for an android software package according to a first embodiment of the present invention.
Fig. 2 is a schematic structural diagram of an automatic encryption and decryption apparatus for an android software package according to a second embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
For better understanding of the technical solutions of the present invention, the following detailed descriptions of the embodiments of the present invention are provided with reference to the accompanying drawings.
It should be understood that the described embodiments are only some embodiments of the invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terminology used in the embodiments of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in the examples of the present invention and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
The invention is described in further detail below with reference to the following detailed description and accompanying drawings:
referring to fig. 1, a first embodiment of the present invention provides an android software package automatic encryption and decryption method, which is executed by an android software package automatic encryption and decryption device (hereinafter, abbreviated as encryption and decryption device), and in particular, executed by one or more processors in the encryption and decryption device, so as to implement the following steps:
s101, when an instruction for packaging an android software package is detected, starting an encryption and decryption module pre-integrated in android IDE packaging software; the encryption and decryption module comprises a gradle script for automatically encrypting the resource file and the code file, an automatic decryption entry function and an interception function for intercepting the API of the Java layer system.
S102, encrypting the plaintext resource file and the code file in the android software package according to the gradle script to obtain the ciphertext resource file and the ciphertext code file.
S103, replacing the plaintext resource file and the plaintext code file with the ciphertext resource file and the ciphertext code file, and inserting an automatic decryption entry function and an interception function for intercepting the Java layer system API to obtain the encrypted android software package.
In this embodiment, it is first necessary to integrate the encryption and decryption module into the android IDE packaging software and start the packaging script. The encryption and decryption module comprises a gradle script for automatically encrypting the resource file and the code file, an automatic decryption entry function and an interception function for intercepting the Java layer system API.
Then, in the process of executing and packaging the gradle script, the encryption of the resources and the codes can be automatically triggered and the original plaintext file can be replaced without independently compressing the encrypted resources and the code file or deleting the original plaintext file.
When packaging, starting a gradle script through associaldebug or associableRelease to realize automatic encryption, wherein the automatic encryption process comprises the following key nodes:
and (4) encrypting and replacing the assets directory resources. Triggering the mergeDebugAssesses or mergeReleaseAssesses in the execution process of the gradle script, extracting all resources of the assets directory, encrypting and replacing the original plaintext file;
② encrypting and replacing res directory resources. Triggering processDebusRecources or processSeResources in the execution process of the gradle script, extracting all resources of a res directory for encryption and replacing an original plaintext file;
and thirdly, encrypting and replacing lib directory resources. In the execution process of the gradle script, stripdebdebuggelumbsymbols or stripdereasedebuggesymbols are triggered, all resources of the lib directory are extracted to be encrypted, and the original plaintext file is replaced;
and fourthly, encrypting and replacing the code file. And triggering the mergeDexDexBeug or mergeDexRelease in the execution process of the gradle script, extracting all classes.
And finally, merging the automatically decrypted entry function into the android software package.
Before the execution of the gradle script is completed, a decryption entry function and an interception function for intercepting the Java layer system API are automatically merged into a final encrypted android software part, and the android software package is signed, namely the generated encrypted android software package can be directly installed and run.
The installation process of the encrypted android package is detailed below:
in particular, the amount of the solvent to be used,
firstly, when an instruction for installing the encrypted android software package is detected, decompressing the encrypted android software package to obtain a resource file and a code file of a ciphertext, and decompressing the resource file and the code file of the ciphertext to a sandbox environment of an android system.
The resource file and the code file of the ciphertext are decompressed to a sandbox environment of the android system, and the safety of resource storage can be further improved.
And then, intercepting a designated API of the Java layer system through an interception function, decrypting the resource file and the code file of the ciphertext according to the automatic decryption entry function to obtain the resource file and the code file of the plaintext, and storing the resource file and the code file in the sandbox environment.
In this embodiment, the interception API uses a Hook technique, which is also called a Hook function, and before the system does not call the function, the Hook function captures the message, and the Hook function obtains control right, and then the Hook function can process (change) the execution behavior of the function.
Specifically, normally, after the resource file and the code file of the ciphertext are obtained, the specified API of the Java layer system needs to process the ciphertext data, but the data at this time is the ciphertext, and the API cannot process the ciphertext, so that the API needs to be intercepted first, and then the resource file and the code file of the ciphertext are decrypted by using the automatic decryption entry function, so as to obtain the resource file and the code file of the plaintext.
The specific API for intercepting the Java layer system comprises the following steps:
ResourcesImpl::loadXmlResourceParser,ResourcesImpl::loadDrawableForCookie;
AssetManager::openXmlResourceParser,AssetManager::open;
ApkAssets::loadFromPath;
System::load,System::loadLibrary。
it can be seen that the API intercepted by the present embodiment does not relate to the API of the So layer, that is, the decryption function of the present embodiment is a Java layer program, does not relate to So, and does not need the support of So.
The automatic decryption entry function is realized by using the provider without depending on application codes.
Then, the plain-text code file is dynamically loaded, and the plain-text resource file is added/replaced to the resource search path.
And finally, displaying the resource files and the code files of the plain text back, wherein the API of the intercepted Java layer system triggers loading of the resource files and the code files of the plain text in the system sandbox environment, and displaying the plain text in the memory.
In this embodiment, after obtaining the resource file and the code file of the plaintext, the intercepted API of the Java layer system may load the resource file and the code file of the plaintext in the system sandbox environment as in a normal loading process, and display the resource file and the code file of the plaintext in the memory, so as to implement normal installation of the android software package.
In summary, the present embodiment has the following advantages:
(1) the encryption of the code file and the resource file is supported, and the safety of the android software package is further effectively improved;
(2) the automation of the gradle script is realized in the whole encryption and packaging process, manual unpacking and packaging are not needed to encrypt resources and code files, and a decryption function is not needed to be inserted, so that the packaging time is greatly saved, and the user experience of the operation process is improved;
(3) self-initialization of the decryption function is realized by using the provider, the decryption function does not need to depend on application codes, whether the installation software package has application or not is judged, and execution of the decryption function is not influenced;
(4) the decryption process of the invention needs a Hook system API, only needs a java level API, and does not relate to a so layer, thereby improving the real operability of the decryption process.
Referring to fig. 2, a second embodiment of the present invention further provides an automatic encryption and decryption apparatus for an android software package, including:
the packaging unit 210 is configured to start an encryption and decryption module pre-integrated in the android IDE packaging software when an instruction for packaging an android software package is detected; the encryption and decryption module comprises a gradle script for automatically encrypting the resource file and the code file, an automatic decryption entry function and an interception function for intercepting a Java layer system API;
the encryption unit 220 is configured to encrypt the resource file and the code file of the plaintext in the android software package according to the gradle script to obtain a resource file and a code file of a ciphertext;
and the replacing unit 230 is configured to replace the resource file and the code file of the plaintext with the resource file and the code file of the ciphertext, and insert an automatic decryption entry function and an interception function for intercepting the Java layer system API to obtain the encrypted android software package.
The third embodiment of the present invention further provides an automatic encryption and decryption device for an android software package, which includes a memory and a processor, wherein a computer program is stored in the memory, and the computer program can be executed by the processor, so as to implement the above automatic encryption and decryption method for the android software package.
The fourth embodiment of the present invention further provides a computer-readable storage medium, which stores a computer program, where the computer program can be executed by a processor of a device where the computer-readable storage medium is located, so as to implement the method for automatically encrypting and decrypting the android software package.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus and method embodiments described above are illustrative only, as the flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, the functional modules in the embodiments of the present invention may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, an electronic device, or a network device) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes. It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (9)

1.一种安卓软件包自动加解密方法,其特征在于,包括:1. an Android software package automatic encryption and decryption method, is characterized in that, comprises: 当检测到对安卓软件包进行打包的指令时,启动预先集成在安卓IDE打包软件中的加解密模块;其中,所述加解密模块包括对资源文件和代码文件自动加密的gradle脚本,自动解密入口函数和用于拦截Java层系统API的拦截函数;When an instruction to package the Android software package is detected, the encryption and decryption module pre-integrated in the Android IDE packaging software is activated; wherein, the encryption and decryption module includes a gradle script that automatically encrypts resource files and code files, and automatically decrypts the entry. functions and interception functions for intercepting Java layer system APIs; 根据所述gradle脚本,对所述安卓软件包中明文的资源文件和代码文件进行加密,获得密文的资源文件和代码文件;According to the gradle script, the plaintext resource file and the code file in the Android software package are encrypted to obtain the ciphertext resource file and the code file; 利用密文的资源文件和代码文件替换明文的资源文件和代码文件,并插入自动解密入口函数和用于拦截Java层系统API的拦截函数,获得加密后的安卓软件包。Use the ciphertext resource file and code file to replace the plaintext resource file and code file, and insert the automatic decryption entry function and the interception function for intercepting the Java layer system API to obtain the encrypted Android software package. 2.根据权利要求1所述的安卓软件包自动加解密方法,其特征在于,还包括:2. Android software package automatic encryption and decryption method according to claim 1, is characterized in that, also comprises: 当检测到对加密后的安卓软件包进行安装的指令时,解压所述加密后的安卓软件包获取密文的资源文件和代码文件,并将密文的资源文件和代码文件解压到安卓系统的沙箱环境;When an instruction to install the encrypted Android software package is detected, decompress the encrypted Android software package to obtain the ciphertext resource file and code file, and decompress the ciphertext resource file and code file into the Android system. sandbox environment; 通过拦截函数拦截Java层系统的指定API,并根据自动解密入口函数对密文的资源文件和代码文件解密后,得到明文的资源文件和代码文件,并存储在所述沙箱环境;The specified API of the Java layer system is intercepted by the interception function, and after the ciphertext resource file and code file are decrypted according to the automatic decryption entry function, the plaintext resource file and code file are obtained, and stored in the sandbox environment; 动态加载明文的代码文件,同时把明文的资源文件添加/替换到资源搜索路径;Dynamically load plaintext code files and add/replace plaintext resource files to the resource search path; 回显明文的资源文件和代码文件,此时被拦截的Java层系统的API会触发加载系统沙箱环境中的明文的资源文件和代码文件,并且在内存中明文显示。The plaintext resource files and code files are returned. At this time, the API of the intercepted Java layer system will trigger the loading of the plaintext resource files and code files in the system sandbox environment, and display them in plaintext in the memory. 3.根据权利要求1所述的安卓软件包自动加解密方法,其特征在于,利用密文的资源文件和代码文件替换明文的资源文件和代码文件包括:3. Android software package automatic encryption and decryption method according to claim 1, is characterized in that, utilizes the resource file and the code file of ciphertext to replace the resource file and the code file of plaintext comprise: 加密并替换assets目录资源;Encrypt and replace assets directory resources; 加密并替换res目录资源;Encrypt and replace res directory resources; 加密并替换lib目录资源;Encrypt and replace lib directory resources; 加密并替换代码文件。Encrypt and replace code files. 4.根据权利要求1所述的安卓软件包自动加解密方法,其特征在于,拦截Java层系统的指定API包括:4. Android software package automatic encryption and decryption method according to claim 1, is characterized in that, the specified API of intercepting Java layer system comprises: ResourcesImpl::loadXmlResourceParser,ResourcesImpl::loadDrawableForCookie;AssetManager::openXmlResourceParser,AssetManager::open;ResourcesImpl::loadXmlResourceParser, ResourcesImpl::loadDrawableForCookie; AssetManager::openXmlResourceParser, AssetManager::open; ApkAssets::loadFromPath;ApkAssets::loadFromPath; System::load,System::loadLibrary。System::load, System::loadLibrary. 5.根据权利要求1所述的安卓软件包自动加解密方法,其特征在于,自动解密入口函数利用provider实现。5. Android software package automatic encryption and decryption method according to claim 1, is characterized in that, automatic decryption entrance function utilizes provider to realize. 6.根据权利要求1所述的安卓软件包自动加解密方法,其特征在于,gradle脚本在利用密文的资源文件和代码文件替换明文的资源文件和代码文件,获得加密后的安卓软件包的同时,对安卓软件包进行签名。6. Android software package automatic encryption and decryption method according to claim 1, is characterized in that, gradle script utilizes the resource file and code file of ciphertext to replace the resource file and the code file of plaintext, obtains the Android software package after encryption. At the same time, sign the Android package. 7.一种安卓软件包自动加解密装置,其特征在于,包括:7. an Android software package automatic encryption and decryption device, is characterized in that, comprises: 打包单元,用于当检测到对安卓软件包进行打包的指令时,启动预先集成在安卓IDE打包软件中的加解密模块;其中,所述加解密模块包括对资源文件和代码文件自动加密的gradle脚本,自动解密入口函数和用于拦截Java层系统API的拦截函数;The packaging unit is used to start the encryption and decryption module pre-integrated in the Android IDE packaging software when the instruction for packaging the Android software package is detected; wherein, the encryption and decryption module includes gradle that automatically encrypts resource files and code files Script, automatic decryption entry function and interception function for intercepting Java layer system API; 加密单元,用于根据所述gradle脚本,对所述安卓软件包中明文的资源文件和代码文件进行加密,获得密文的资源文件和代码文件;An encryption unit, used for encrypting the plaintext resource file and the code file in the Android software package according to the gradle script, to obtain the ciphertext resource file and the code file; 替换单元,用于利用密文的资源文件和代码文件替换明文的资源文件和代码文件,并插入自动解密入口函数和用于拦截Java层系统API的拦截函数,获得加密后的安卓软件包。The replacement unit is used to replace the plaintext resource file and code file with the ciphertext resource file and code file, and insert the automatic decryption entry function and the interception function for intercepting the Java layer system API to obtain the encrypted Android software package. 8.一种安卓软件包自动加解密设备,其特征在于,包括存储器以及处理器,所述存储器内存储有计算机程序,所述计算机程序能够被所述处理器执行,以实现如权利要求1至6任意一项所述的安卓软件包自动加解密方法。8. An Android software package automatic encryption and decryption device, characterized in that it comprises a memory and a processor, wherein a computer program is stored in the memory, and the computer program can be executed by the processor to realize the steps of claim 1 to 6. The Android software package automatic encryption and decryption method described in any one of the items. 9.一种计算机可读存储介质,其特征在于,存储有计算机程序,所述计算机程序能够被所述计算机可读存储介质所在设备的处理器执行,以实现如权利要求1至6任意一项所述的安卓软件包自动加解密方法。9. A computer-readable storage medium, characterized in that, a computer program is stored, and the computer program can be executed by a processor of a device where the computer-readable storage medium is located, so as to realize any one of claims 1 to 6 The Android software package automatic encryption and decryption method.
CN202111224368.2A 2021-10-21 2021-10-21 Android software package automatic encryption and decryption method, device, device and storage medium Pending CN113961912A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111224368.2A CN113961912A (en) 2021-10-21 2021-10-21 Android software package automatic encryption and decryption method, device, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111224368.2A CN113961912A (en) 2021-10-21 2021-10-21 Android software package automatic encryption and decryption method, device, device and storage medium

Publications (1)

Publication Number Publication Date
CN113961912A true CN113961912A (en) 2022-01-21

Family

ID=79465204

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111224368.2A Pending CN113961912A (en) 2021-10-21 2021-10-21 Android software package automatic encryption and decryption method, device, device and storage medium

Country Status (1)

Country Link
CN (1) CN113961912A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115730339A (en) * 2023-01-26 2023-03-03 深圳海云安网络安全技术有限公司 Method and system for protecting plug-in code and preventing leakage based on IDE source code

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103914637A (en) * 2013-01-07 2014-07-09 北京洋浦伟业科技发展有限公司 Android platform executable program encrypting method
KR20180015535A (en) * 2016-08-03 2018-02-13 주식회사 엔에스에이치씨 Obfuscation method of android application using partial encryption of dex file in android application package
CN109871704A (en) * 2019-03-19 2019-06-11 北京智游网安科技有限公司 Android resource file means of defence, equipment and storage medium based on Hook
CN112115430A (en) * 2020-09-03 2020-12-22 深圳创维-Rgb电子有限公司 Apk reinforcement method, electronic equipment and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103914637A (en) * 2013-01-07 2014-07-09 北京洋浦伟业科技发展有限公司 Android platform executable program encrypting method
KR20180015535A (en) * 2016-08-03 2018-02-13 주식회사 엔에스에이치씨 Obfuscation method of android application using partial encryption of dex file in android application package
CN109871704A (en) * 2019-03-19 2019-06-11 北京智游网安科技有限公司 Android resource file means of defence, equipment and storage medium based on Hook
CN112115430A (en) * 2020-09-03 2020-12-22 深圳创维-Rgb电子有限公司 Apk reinforcement method, electronic equipment and storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115730339A (en) * 2023-01-26 2023-03-03 深圳海云安网络安全技术有限公司 Method and system for protecting plug-in code and preventing leakage based on IDE source code

Similar Documents

Publication Publication Date Title
US10142106B2 (en) System and method for securing sensitive data
US6874139B2 (en) Method and system for seamless integration of preprocessing and postprocessing functions with an existing application program
US11100244B2 (en) File packaging and unpackaging methods, apparatuses, and network devices
CN111143869B (en) Application package processing method and device, electronic equipment and storage medium
US10613938B2 (en) Data virtualization using copy data tokens
CN108229112B (en) Protection application program, and running method and device of application program
CN113383330A (en) Creation and execution of secure containers
WO2015058620A1 (en) Method and apparatus for generating installation package corresponding to an application and executing application
US10834289B2 (en) Detection of steganography on the perimeter
WO2015078295A1 (en) Method and apparatus for protecting data of application installation packages
CN106843978B (en) SDK access method and system
US10691659B2 (en) Integrating copy data tokens with source code repositories
CN112417484B (en) Resource file protection method, device, computer equipment and storage medium
WO2016072310A1 (en) Specification device, control method thereof, and program
CN106295255A (en) The reinforcement means of application program and device
CN113568680B (en) Dynamic link library protection method, device, equipment and medium for application program
CN110188555A (en) A kind of hard disk data protection method, system and associated component
CN112069468B (en) Page dynamic watermark method and device
CN107636667B (en) System and method for creating multiple workspaces in a device
KR101734663B1 (en) Method for preventing reverse engineering of android application and apparatus for performing the method
CN113961912A (en) Android software package automatic encryption and decryption method, device, device and storage medium
US20190163885A1 (en) Apparatus and method of providing security and apparatus and method of executing security for common intermediate language
CN116249980A (en) Software access through heterogeneous encryption
KR102471221B1 (en) System and method for converting application
Lemmou et al. An overview on Spora ransomware

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
CB02 Change of applicant information

Address after: 361000 one of 504, No. 18, guanri Road, phase II, software park, Xiamen, Fujian

Applicant after: XIAMEN YILIANZHONG YIHUI TECHNOLOGY CO.,LTD.

Address before: Room 504, No.18, guanri Road, phase II, software park, Xiamen City, Fujian Province, 361000

Applicant before: XIAMEN YILIANZHONG YIHUI TECHNOLOGY CO.,LTD.

CB02 Change of applicant information
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Country or region after: China

Address after: Unit 303-1, No. 16 Guanri Road, Phase II Software Park, Xiamen Torch High tech Zone, Xiamen City, Fujian Province 361000

Applicant after: Xiamen Tengyun Yihui Technology Co.,Ltd.

Address before: 504-1, No. 18 Guanri Road, Software Park Phase II, Xiamen City, Fujian Province

Applicant before: XIAMEN YILIANZHONG YIHUI TECHNOLOGY CO.,LTD.

Country or region before: China