[go: up one dir, main page]

WO2018165951A1 - Method and device for signature authentication during android apk startup - Google Patents

Method and device for signature authentication during android apk startup Download PDF

Info

Publication number
WO2018165951A1
WO2018165951A1 PCT/CN2017/076974 CN2017076974W WO2018165951A1 WO 2018165951 A1 WO2018165951 A1 WO 2018165951A1 CN 2017076974 W CN2017076974 W CN 2017076974W WO 2018165951 A1 WO2018165951 A1 WO 2018165951A1
Authority
WO
WIPO (PCT)
Prior art keywords
file
signature
apk
android
sgn
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2017/076974
Other languages
French (fr)
Chinese (zh)
Inventor
宋孝亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Trendit Co Ltd
Original Assignee
Shenzhen Trendit Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Trendit Co Ltd filed Critical Shenzhen Trendit Co Ltd
Priority to PCT/CN2017/076974 priority Critical patent/WO2018165951A1/en
Priority to CN201780001547.5A priority patent/CN107690643A/en
Publication of WO2018165951A1 publication Critical patent/WO2018165951A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Definitions

  • the present invention relates to the field of Android APK security authentication, and in particular, to a method and device for launching a signature authentication of an Android APK.
  • the original Android system will check the signature when the APK is installed. The signature is different. If there is no signature or the signature is not passed, it cannot be installed or overwritten.
  • ART uses the OAT format file (OAT format file), installs the installer in the APK application, optimizes the APK installation package to the local machine code through the executable code de oat, that is, the installed file and the original file have very
  • OAT format file OAT format file
  • the original APK is only installed after verifying the signature file in the META-INF directory inside the original APK file, but it will not be verified after startup. Android will no longer verify the APK when the APK is launched, which may result in the possibility of tampering with the successfully installed APK, which is a security risk.
  • the object of the present invention is to provide a method and device for launching an Android APK to initiate signature verification, and to perform signature verification when the APK is launched, to avoid using an APK that has been maliciously tampered with after installation.
  • the method for converting the original APK installation file into a signature SGN file includes,
  • the oatdata and oatexec segments in the OAT format file are calculated by the HASH256+RSA2048 algorithm to obtain a signature SGN file.
  • the method further includes
  • the step of loading and loading the executable code converted by the installed APK into the 0AT signature file includes,
  • the step of determining whether the 0AT signature file is consistent with the signature SGN file includes
  • the present invention also provides an apparatus for launching ⁇ signature authentication of an Android APK, including:
  • a signature file obtaining unit configured to acquire a signature SGN file converted from an original APK installation file And loading the OAT signature file converted from the executable code of the installed APK;
  • the change determining unit is configured to determine whether the OAT signature file is consistent with the signature SGN file, and if so, load the APK, otherwise, prohibiting the launch of the APK.
  • a conversion unit is further included, configured to convert the original APK installation file into an OAT format file.
  • a recovery unit and a packaging unit are further included.
  • the restoring unit is configured to put the signature SGN file into the original APK package file directory META-INF;
  • the packaging unit is configured to repackage the APK file, and install a new APK file into the Android system.
  • the signature file obtaining unit includes a loading module, and the loading module is configured to load the 0AT signature file into a memory of the Android ART virtual machine.
  • the change determination unit includes a file tampering determination module and a numerical value determination module;
  • the file tampering determination module is configured to determine whether the signature SGN file under the META-INF corresponding to the APK has been tampered with, and if the tampering has been performed, the APK fails to be started, otherwise, the Oatdata of the 0AT signature file is calculated.
  • the value judging module is configured to determine whether the HASH256 value of the 0AT signature file is consistent with the HASH256 value stored in the signature SGN file under META-INF, and if the signature is consistent, the signature verification succeeds.
  • the beneficial effects of the present invention compared with the prior art are:
  • the method and device for launching the ⁇ signature authentication of the Android APK of the present invention by acquiring the 0AT signature file and the signature SGN file, starting ⁇ , performing signature verification on the 0AT signature file Therefore, according to whether the 0AT signature file is changed, the behavior of the APK is restricted, and the APK that has been successfully installed is activated, the signature is authenticated, and the APK is not arbitrarily falsified.
  • the APK can be started. And found that the user has been tampered with and the slogan has not been run, reducing the security risks.
  • FIG. 1 is a block diagram of a method for triggering signature authentication of an Android APK according to an embodiment of the present invention
  • FIG. 2 is a block diagram showing a specific process for determining whether an OAT signature file is changed according to an embodiment of the present invention
  • 3 is a structural block diagram of an OAT format file according to an embodiment of the present invention
  • FIG. 4 is a structural block diagram of an apparatus for initiating ⁇ signature authentication of an Android APK according to an embodiment of the present invention
  • FIG. 5 is a structural block diagram of a change judging unit according to an embodiment of the present invention.
  • first”, “second” and the like in the present invention are for the purpose of description only, and are not to be understood as indicating or implying their relative importance or implicitly indicating the number of indicated technical features. .
  • features defining “first” and “second” may include at least one of the features, either explicitly or implicitly.
  • the technical solutions between the various embodiments may be combined with each other, but must be based on the realization of those skilled in the art, and when the combination of the technical solutions is contradictory or impossible to implement, it should be considered that the combination of the technical solutions does not exist. It is also within the scope of protection required by the present invention.
  • the method for launching the signature authentication of the Android APK provided by the embodiment, the method includes:
  • S2 Calculate the oatdata and oatexec segments in the OAT format file by using a HASH256+RSA2048 algorithm to obtain a signature SGN file.
  • S6 Determine whether the OAT signature file is consistent with the signature SGN file. If not, S7 prohibits starting the APK; if yes, S8, loading the APK.
  • the original APK format is mainly converted into the installed 0AT format file by using a homemade computer tool.
  • the signature SGN file is obtained, specifically, the signature SGN of the oatdata and oatexec segments in the OAT format file is calculated by the HASH256+RSA2048 algorithm as the signature SGN file.
  • Google's original signature scheme will sign all the files and put the signature in the META-INF directory.
  • the executable code will be converted into a 0AT signature file, 0AT signature file. It is in 0AT format. Since the 0AT format file is essentially an ELF file, it has the structure of a general ELF file in the outermost layer. For example, it has a standard ELF file header and describes the file contents through Sections.
  • a private ELF file, the 0AT format file contains two special segments, oatdata and oatexec. The former contains the contents of the dex file used to generate the local machine instructions. The latter contains the generated local machine instructions. The relationship between them is passed.
  • three symbols oatdata, oatexec, and oatl astword are exported, and their values are used to define the start and end positions of the oatdata segment and the oatexec segment, where [oatdat a, oatexec-l] describes It is the starting and ending position of the oatdata segment, and [oatexec, oatlastword+3] describes the starting and ending position of oat exec.
  • the local machine command after the APK is installed according to the OAT format file can be used to convert the APK installation file into an OAT format file on the computer using the self-made computer tool, using the private key pair.
  • OAT performs HASH256+RSA2048 signature, obtains the signed SGN file, puts the signed SGN file into the META-INF directory, and then repackages the APK, so that the OAT file signature can be authenticated at startup.
  • step S5 the APK starts, and the step of loading the OAT signature file is specifically loading the OAT signature file into the memory of the Android ART virtual machine.
  • step S6 specifically includes the following steps:
  • S61 Determine whether the signature SGN file under the META-INF corresponding to the APK has been tampered with, and if it has been tampered with, S7, prohibiting the activation of the APK;
  • step S62 calculate the Oatdata of the OAT signature file and the HASH256 value of the oatexec segment, and proceeds to step S63;
  • S63 Determine whether the HASH256 value of the OAT signature file is consistent with the HASH256 value stored in the signature SGN file under the META-INF. If they are consistent, the S8, the signature verification succeeds, the APK is loaded, or, if not, the S7 , prohibit the launch of the APK.
  • the above Android APK launches the method of signature authentication, by acquiring the signature SGN file, the APK of the Android system is started, and the signature SGN file is signature-authenticated, thereby limiting the behavior of the APK according to whether the signature SGN file is changed.
  • To enable the successful installation of the APK verify the signature, and ensure that the APK is not arbitrarily tampered with. Once the APK has been tampered with, the APK can be found after the APK is launched, and the user has been tampered with and cannot be run. , reduce security risks.
  • the device for initiating ⁇ signature authentication of the Android APK provided in this embodiment includes a conversion unit 1, a signature file acquisition unit 2, a loading module 5, and a change determination unit 6.
  • a conversion unit 1 the conversion unit is configured to convert an original APK installation file into a 0AT format file, And calculating the oatdata and oatexec segments in the OAT format file by using the HASH256+RSA2048 algorithm
  • the signature file obtaining unit 2 is configured to acquire a signature SGN file converted from the original APK installation file, and load an OAT signature file converted by the executable code of the installed APK.
  • the signature file obtaining unit 2 includes a loading module 5 for loading the OAT signature file into the memory of the Android ART virtual machine.
  • the change determining unit 6 is configured to determine whether the OAT signature file is consistent with the signature SGN file, and if so, load the APK, otherwise, prohibiting the activation of the APK.
  • the conversion unit 1 described above converts the original APK format into a file of the installed OAT format file by using a homemade computer tool in the conversion file.
  • the signature file obtaining unit 2 obtains the signature SGN file, specifically, the Oatdata and oatexec segments in the OAT format file are calculated by the HASH256+RSA2048 algorithm as the signature SGN file.
  • the executable code will be converted into an OAT signature file, and the OAT signature file is an OAT format file.
  • the 0AT format file is essentially an ELF file, it has the structure of a general ELF file at the outermost layer, for example, it has a standard ELF file header and describes the file content by Section, as a private Android.
  • An ELF file the 0AT format file contains two special sections oatdata and oatexec, the former contains the contents of the dex file used to generate the local machine instructions, and the latter contains the generated local machine instructions, the relationship between them is stored in Oat header description in front of the oatdata section.
  • oatdata, oatexec, and o atlastword are exported, and their values are used to define the start and end positions of the oatdata segment and the oatexec segment, where [oat data, oatexec-l] describes It is the starting and ending position of the oatdata segment, and [oatexec, oatlastword+3] describes the starting and ending position of oatexec.
  • the loading module 5 described above specifically loads the OAT signature file into the memory of the Android ART virtual machine.
  • the device for launching the signature authentication of the Android APK further includes a restoration unit 3 and a packaging unit 4.
  • the restoration unit 3 is configured to put the signature SGN file into the original APK package file directory META-INF.
  • the packaging unit 4 is configured to repackage the APK file and install the new APK file into the Android system.
  • the change judging unit 6 includes a file tampering judging module 61 and a numerical value judging module 62.
  • the file tampering determination module 61 is configured to determine whether the signature SGN file under the META-INF corresponding to the APK has been tampered with, and if the tampering has been performed, the APK fails to be started. Otherwise, the 0 atdata of the OAT signature file is calculated.
  • the HASH256 value of the oatexec segment is calculated.
  • the value judging module 62 is configured to determine whether the HASH256 value of the OAT signature file and the HASH256 value stored in the signature SGN file under the META-INF are consistent. If the signature is consistent, the signature verification succeeds, the APK is loaded, or If it is inconsistent, it is forbidden to start the APK.
  • the device for initiating the signature authentication of the Android APK is configured to acquire the signature SG N file and the OAT signature file by the signature file acquiring unit 2, and the change determination unit 6 performs signature verification on the signature SGN file and the OAT signature file, thereby According to whether the OAT signature file is consistent with the signature SGN file, the behavior of the APK is restricted, and the successfully installed APK is activated, the signature is authenticated, and the A PK is not arbitrarily falsified.
  • the APK is tampered with, the APK is started. You can find out that the user has been tampered with, has been tampering, can't run, and reduces security risks.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

Disclosed are a method and device for signature authentication during Android APK startup, the method comprising: obtaining a signature SGN file converted from an original APK installation file, and loading an OAT signature file of an installed APK; determining whether the OAT signature file is consistent with the signature SGN file; if yes, loading the APK, and if no, prohibiting APK startup. The OAT signature file is authenticated during APK startup, in order to determine whether the APK can be used.

Description

安卓 APK启动时签名认证的方法及其装置 技术领域  Method and device for signing authentication when Android APK starts

[0001] 本发明涉及到安卓 APK安全认证领域, 特别是涉及到一种安卓 APK启动吋签名 认证的方法及其装置。  [0001] The present invention relates to the field of Android APK security authentication, and in particular, to a method and device for launching a signature authentication of an Android APK.

背景技术  Background technique

[0002] 原始的 Android系统会在安装 APK的吋候, 检査签名, 签名不同, 没有签名或 者签名不通过的, 不能进行安装或者覆盖。  [0002] The original Android system will check the signature when the APK is installed. The signature is different. If there is no signature or the signature is not passed, it cannot be installed or overwritten.

[0003] Google公司在 android4.4中新增加了 ART(Android Run Time)来替代之前的 Dalvik[0003] Google added a new ART (Android Run Time) to android4.4 to replace the previous Dalvik

, ART使用的是 OAT格式的文件 (OAT格式文件) , 在 APK应用安装吋安装器 通过可执行代码 de oat优化 APK安装包为本地机器代码, 也就是说安装后的文 件和原始文件有了很大的差别, 我们需要通过某种手段先知道安装后的本地机 器代码文件, 对本地机器代码文件签名后才能在 apk启动吋对本地机器代码文件 进行启动认证。 , ART uses the OAT format file (OAT format file), installs the installer in the APK application, optimizes the APK installation package to the local machine code through the executable code de oat, that is, the installed file and the original file have very The big difference, we need to know the installed local machine code file by some means, after signing the local machine code file, can start the authentication of the local machine code file after starting the apk.

[0004] 原始 APK只在安装吋校验原始 APK文件内部的 META-INF目录下的签名文件, 但是启动吋不会再做校验。 安卓系统在 APK启动的吋候不会再对 APK进行校验 , 这就可能导致已安装成功的 APK有被篡改的可能, 存在安全隐患。  [0004] The original APK is only installed after verifying the signature file in the META-INF directory inside the original APK file, but it will not be verified after startup. Android will no longer verify the APK when the APK is launched, which may result in the possibility of tampering with the successfully installed APK, which is a security risk.

[0005] 因此, 有必要设计一种安卓 APK启动式签名认证的方法, 对已安装成功的 APK 进行启动吋, 对签名进行认证, 确保 APK也不被随意篡改, 一旦 APK被篡改, A PK启动吋就可以及吋发现, 被提示给用户 APK已被篡改, 无法运行, 减少安全 隐患。 [0005] Therefore, it is necessary to design an Android APK startup signature authentication method, start the APK that has been successfully installed, authenticate the signature, and ensure that the APK is not arbitrarily falsified. Once the APK is tampered with, A PK starts. You can find out that the user has been tampered with, has been tampering, can't run, and reduces security risks.

技术问题  technical problem

[0006] 本发明的目的在于提供安卓 APK启动吋签名认证的方法及其装置, 在 APK启动 的吋候也进行签名验证, 避免使用安装后被恶意篡改的 APK。  [0006] The object of the present invention is to provide a method and device for launching an Android APK to initiate signature verification, and to perform signature verification when the APK is launched, to avoid using an APK that has been maliciously tampered with after installation.

问题的解决方案  Problem solution

技术解决方案  Technical solution

[0007] 为实现上述目的, 本发明采用以下技术方案: 一种安卓 APK启动吋签名认证的 方法, 所述方法包括: [0007] In order to achieve the above object, the present invention adopts the following technical solutions: An Android APK launches 吋 signature authentication Method, the method includes:

[0008] 获取由原始的 APK安装文件转换而成的签名 SGN文件, 并加载安装后的 APK的 可执行代码转换而成的 OAT签名文件;  [0008] acquiring a signature SGN file converted from the original APK installation file, and loading the OAT signature file converted by the executable code of the installed APK;

[0009] 判断所述 OAT签名文件是否与签名 SGN文件一致; [0009] determining whether the OAT signature file is consistent with the signature SGN file;

[0010] 若是, 加载 APK, 否则, 禁止启动 APK。 [0010] If yes, the APK is loaded, otherwise, the APK is disabled.

[0011] 进一步地, 所述原始的 APK安装文件转换成签名 SGN文件的方法, 包括,  [0011] Further, the method for converting the original APK installation file into a signature SGN file includes,

[0012] 将原始的 APK安装文件转换成 OAT格式文件; [0012] converting the original APK installation file into an OAT format file;

[0013] 通过 HASH256+RSA2048算法计算所述 OAT格式文件中的 oatdata和 oatexec段, 得到签名 SGN文件。  [0013] The oatdata and oatexec segments in the OAT format file are calculated by the HASH256+RSA2048 algorithm to obtain a signature SGN file.

[0014] 进一步地, 所述通过 HASH256+RSA2048算法计算所述 0AT格式文件中的 oatdat a和 oatexec段, 得到签名 SGN文件步骤之后, 还包括,  [0014] Further, after calculating the oatdat a and oatexec segments in the 0AT format file by using the HASH256+RSA2048 algorithm, after obtaining the signature SGN file step, the method further includes

[0015] 将所述签名 SGN文件放入到原始的 APK打包文件目录 META-INF下; [0015] placing the signature SGN file into the original APK package file directory META-INF;

[0016] 重新打包所述 APK文件, 将新的 APK文件安装到安卓系统中。 [0016] Repacking the APK file and installing the new APK file into the Android system.

[0017] 进一步地, 所述并加载安装后的 APK的可执行代码转换而成的 0AT签名文件的 步骤, 包括, [0017] Further, the step of loading and loading the executable code converted by the installed APK into the 0AT signature file includes,

[0018] 将所述 0AT签名文件加载至 Android ART虚拟机的内存内。  [0018] loading the 0AT signature file into the memory of the Android ART virtual machine.

[0019] 进一步地, 所述判断所述 0AT签名文件是否与签名 SGN文件一致的步骤, 包括  [0019] Further, the step of determining whether the 0AT signature file is consistent with the signature SGN file includes

[0020] 判断 APK对应的 META-INF下的所述签名 SGN文件是否被篡改, [0020] determining whether the signature SGN file under the META-INF corresponding to the APK has been tampered with,

[0021] 若是, 则禁止启动 APK, 否则计算所述 OAT签名文件的 Oatdata和 oatexec段的 H ASH256值; [0021] If yes, the activation of the APK is prohibited, otherwise the H ASH 256 values of the Oatdata and oatexec segments of the OAT signature file are calculated;

[0022] 判断所述 0AT签名文件的 HASH256值和 META-INF下的所述签名 SGN文件中保 存的 HASH256值是否一致,  [0022] determining whether the HASH256 value of the 0AT signature file is consistent with the HASH256 value saved in the signature SGN file under META-INF,

[0023] 若一致, 则签名验证成功, 加载 APK, [0023] If they are consistent, the signature verification is successful, and the APK is loaded.

[0024] 若不一致, 则禁止启动 APK。 [0024] If they are inconsistent, it is forbidden to start the APK.

[0025] [0025]

[0026] 本发明还提出了一种安卓 APK启动吋签名认证的装置, 包括:  [0026] The present invention also provides an apparatus for launching 吋 signature authentication of an Android APK, including:

[0027] 签名文件获取单元, 用于获取由原始的 APK安装文件转换而成的签名 SGN文件 , 并加载安装后的 APK的可执行代码转换而成的 OAT签名文件; [0027] a signature file obtaining unit, configured to acquire a signature SGN file converted from an original APK installation file And loading the OAT signature file converted from the executable code of the installed APK;

[0028] 更改判断单元, 用于判断所述 OAT签名文件是否与签名 SGN文件一致, 若是, 加载 APK, 否则, 禁止启动 APK。 [0028] The change determining unit is configured to determine whether the OAT signature file is consistent with the signature SGN file, and if so, load the APK, otherwise, prohibiting the launch of the APK.

[0029] 进一步地, 还包括转化单元, 用于将原始的 APK安装文件转换成 OAT格式文件[0029] Further, a conversion unit is further included, configured to convert the original APK installation file into an OAT format file.

, 并, 通过 HASH256+RSA2048算法计算所述 OAT格式文件中的 oatdata和 oatexec 段, 得到签名 SGN文件。 And, calculating the oatdata and oatexec segments in the OAT format file by using the HASH256+RSA2048 algorithm to obtain a signature SGN file.

[0030] 进一步地, 还包括复原单元以及打包单元, [0030] Further, a recovery unit and a packaging unit are further included.

[0031] 所述复原单元, 用于将所述签名 SGN文件放入到原始 APK打包文件目录 META- INF下;  [0031] the restoring unit is configured to put the signature SGN file into the original APK package file directory META-INF;

[0032] 所述打包单元, 用于重新打包所述 APK文件, 将新的 APK文件安装到安卓系统 中。  [0032] the packaging unit is configured to repackage the APK file, and install a new APK file into the Android system.

[0033] 进一步地, 所述签名文件获取单元包括有加载模块, 所述加载模块, 用于将所 述 0AT签名文件加载至 Android ART虚拟机的内存内。  [0033] Further, the signature file obtaining unit includes a loading module, and the loading module is configured to load the 0AT signature file into a memory of the Android ART virtual machine.

[0034] 进一步地, 所述更改判断单元包括文件篡改判断模块以及数值判断模块; [0034] Further, the change determination unit includes a file tampering determination module and a numerical value determination module;

[0035] 所述文件篡改判断模块, 用于判断 APK对应的 META-INF下的所述签名 SGN文 件是否被篡改, 若已经被篡改, APK启动失败, 否则, 计算所述 0AT签名文件 的 Oatdata和 oatexec段的 HASH256值; [0035] the file tampering determination module is configured to determine whether the signature SGN file under the META-INF corresponding to the APK has been tampered with, and if the tampering has been performed, the APK fails to be started, otherwise, the Oatdata of the 0AT signature file is calculated. The HASH256 value of the oatexec segment;

[0036] 所述数值判断模块, 用于判断所述 0AT签名文件的 HASH256值和 META-INF下 的所述签名 SGN文件中保存的 HASH256值是否一致, 若一致, 则签名验证成功[0036] The value judging module is configured to determine whether the HASH256 value of the 0AT signature file is consistent with the HASH256 value stored in the signature SGN file under META-INF, and if the signature is consistent, the signature verification succeeds.

, 加载 APK, 或者, 若不一致, 则禁止启动 APK。 , load the APK, or, if not, disable the launch of the APK.

发明的有益效果  Advantageous effects of the invention

有益效果  Beneficial effect

[0037] 本发明与现有技术相比的有益效果是: 本发明的安卓 APK启动吋签名认证的方 法及装置, 通过获取 0AT签名文件和签名 SGN文件, 启动吋, 对 0AT签名文件 进行签名认证, 从而根据 0AT签名文件是否被更改而对 APK的行为进行限制, 实现对已安装成功的 APK进行启动吋, 对签名进行认证, 确保 APK不被随意篡 改, 一旦 APK被篡改, APK启动吋就可以及吋发现, 提示给用户该 APK已被篡 改, 无法运行, 减少安全隐患。 对附图的简要说明 [0037] The beneficial effects of the present invention compared with the prior art are: The method and device for launching the 吋 signature authentication of the Android APK of the present invention, by acquiring the 0AT signature file and the signature SGN file, starting 吋, performing signature verification on the 0AT signature file Therefore, according to whether the 0AT signature file is changed, the behavior of the APK is restricted, and the APK that has been successfully installed is activated, the signature is authenticated, and the APK is not arbitrarily falsified. Once the APK is tampered with, the APK can be started. And found that the user has been tampered with and the slogan has not been run, reducing the security risks. Brief description of the drawing

附图说明  DRAWINGS

[0038] 图 1为本发明一实施例提供的安卓 APK启动吋签名认证的方法的流程框图; [0039] 图 2为本发明一实施例提供的判断 OAT签名文件是否被更改的具体流程框图; [0040] 图 3为本发明一实施例提供的 OAT格式文件的结构框图;  1 is a block diagram of a method for triggering signature authentication of an Android APK according to an embodiment of the present invention; [0039] FIG. 2 is a block diagram showing a specific process for determining whether an OAT signature file is changed according to an embodiment of the present invention; 3 is a structural block diagram of an OAT format file according to an embodiment of the present invention;

[0041] 图 4为本发明一实施例提供的安卓 APK启动吋签名认证的装置的结构框图; [0042] 图 5为本发明一实施例提供的更改判断单元的结构框图。 [0041] FIG. 4 is a structural block diagram of an apparatus for initiating 吋 signature authentication of an Android APK according to an embodiment of the present invention; [0042] FIG. 5 is a structural block diagram of a change judging unit according to an embodiment of the present invention.

[0043] [0043]

[0044] 本发明目的的实现、 功能特点及优点将结合实施例, 参照附图做进一步说明。 The implementation, functional features, and advantages of the present invention will be further described with reference to the accompanying drawings.

实施该发明的最佳实施例  BEST MODE FOR CARRYING OUT THE INVENTION

本发明的最佳实施方式  BEST MODE FOR CARRYING OUT THE INVENTION

[0045] 应当理解, 此处所描述的具体实施例仅仅用以解释本发明, 并不用于限定本发 明。  The specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

[0046] 需要说明, 本发明实施例中所有方向性指示 (诸如上、 下、 左、 右、 前、 后… …) 仅用于解释在某一特定姿态。 各个部件之间的相对位置关系、 运动情况等 , 如果该特定姿态发生改变吋, 则该方向性指示也相应地随之改变。  [0046] It should be noted that all directional indications (such as up, down, left, right, front, back, ...) in the embodiments of the present invention are only used to explain in a certain posture. The relative positional relationship between the various components, the motion situation, and the like, if the specific posture changes, the directional indication also changes accordingly.

[0047] 另外, 在本发明中涉及"第一"、 "第二"等的描述仅用于描述目的, 而不能理解 为指示或暗示其相对重要性或者隐含指明所指示的技术特征的数量。 由此, 限 定有"第一"、 "第二 "的特征可以明示或者隐含地包括至少一个该特征。 另外, 各 个实施例之间的技术方案可以相互结合, 但是必须是以本领域普通技术人员能 够实现为基础, 当技术方案的结合出现相互矛盾或无法实现吋应当认为这种技 术方案的结合不存在, 也不在本发明要求的保护范围之内。  In addition, the descriptions of "first", "second" and the like in the present invention are for the purpose of description only, and are not to be understood as indicating or implying their relative importance or implicitly indicating the number of indicated technical features. . Thus, features defining "first" and "second" may include at least one of the features, either explicitly or implicitly. In addition, the technical solutions between the various embodiments may be combined with each other, but must be based on the realization of those skilled in the art, and when the combination of the technical solutions is contradictory or impossible to implement, it should be considered that the combination of the technical solutions does not exist. It is also within the scope of protection required by the present invention.

[0048] 本技术领域技术人员可以理解, 除非特意声明, 这里使用的单数形式"一"、 " 一个"、 "所述 "和"该"也可包括复数形式。 应该进一步理解的是, 本发明的说明 书中使用的措辞"包括"是指存在所述特征、 整数、 步骤、 操作、 元件和 /或组件 , 但是并不排除存在或添加一个或多个其他特征、 整数、 步骤、 操作、 元件、 组件和 /或它们的组。 这里使用的措辞 "和 /或"包括一个或更多个相关联的列出项 的全部或任一单元和全部组合。 [0049] 本技术领域技术人员可以理解, 除非另外定义, 这里使用的所有术语 (包括技 术术语和科学术语) , 具有与本发明所属领域中的普通技术人员的一般理解相 同的意义。 还应该理解的是, 诸如通用字典中定义的那些术语, 应该被理解为 具有与现有技术的上下文中的意义一致的意义, 并且除非像这里一样被特定定 义, 否则不会用理想化或过于正式的含义来解释。 [0048] The singular forms "a", "an", "the" It will be further understood that the phrase "comprising", used in the <RTI ID=0.0></RTI><RTIgt;</RTI><RTIgt;</RTI><RTIgt;</RTI> is intended to mean the presence of the features, integers, steps, operations, components and/or components, but does not exclude the presence or addition of one or more other features, Integers, steps, operations, components, components, and/or their groups. The phrase "and/or" used herein includes all or any of the elements and all combinations of one or more of the associated listed. [0049] Those skilled in the art will appreciate that all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the invention belongs, unless otherwise defined. It should also be understood that terms such as those defined in a general dictionary should be understood to have meaning consistent with the meaning in the context of the prior art, and will not be idealized or excessive unless specifically defined as here. The formal meaning is explained.

[0050]  [0050]

[0051] 参照图 1至图 3, 是本实施例提供的安卓 APK启动吋签名认证的方法, 该方法包 括:  [0051] Referring to FIG. 1 to FIG. 3, the method for launching the signature authentication of the Android APK provided by the embodiment, the method includes:

[0052] Sl、 将原始的 APK安装文件转换成 OAT格式文件。  [0052] Sl, converting the original APK installation file into an OAT format file.

[0053] S2、 通过 HASH256+RSA2048算法计算所述 OAT格式文件中的 oatdata和 oatexec 段, 得到签名 SGN文件。  [0053] S2: Calculate the oatdata and oatexec segments in the OAT format file by using a HASH256+RSA2048 algorithm to obtain a signature SGN file.

[0054] S3、 将签名 SGN文件放入到原始的 APK打包文件目录 META-INF下。 [0054] S3. Put the signed SGN file into the original APK package file directory META-INF.

[0055] S4、 重新打包 APK文件, 将新的 APK文件安装到安卓系统中。 [0055] S4. Repackage the APK file and install the new APK file into the Android system.

[0056] S5、 APK启动吋, 获取由原始的 APK安装文件转换而成的签名 SGN文件, 并加 载安装后的 APK的可执行代码转换而成的 OAT签名文件。 [0056] S5. After the APK is launched, the signature SGN file converted from the original APK installation file is obtained, and the OAT signature file converted by the executable code of the installed APK is loaded.

[0057] S6、 判断所述 OAT签名文件是否与签名 SGN文件一致, 若不一致, 则 S7、 禁止 启动 APK; 若一致, 则 S8、 加载 APK。 [0057] S6. Determine whether the OAT signature file is consistent with the signature SGN file. If not, S7 prohibits starting the APK; if yes, S8, loading the APK.

[0058] 对于上述的 SI步骤, 主要是使用自制的电脑工具将原始的 APK格式转换成安装 后的 0AT格式文件。 [0058] For the SI step described above, the original APK format is mainly converted into the installed 0AT format file by using a homemade computer tool.

[0059] 对于上述的 S2步骤, 获取签名 SGN文件, 具体是通过 HASH256+RSA2048算法 计算 OAT格式文件中的 oatdata和 oatexec段的签名 SGN, 作为签名 SGN文件。  [0059] For the S2 step, the signature SGN file is obtained, specifically, the signature SGN of the oatdata and oatexec segments in the OAT format file is calculated by the HASH256+RSA2048 algorithm as the signature SGN file.

[0060] 如图 3所示, Google原始的签名方案会将所有文件签名后将签名放在 META-INF 目录下, 安卓 APK安装成功后, 会将可执行代码转换成 0AT签名文件, 0AT签 名文件是 0AT格式的, 由于 0AT格式文件本质上是一个 ELF文件, 因此在最外层 它具有一般 ELF文件的结构, 例如它有标准的 ELF文件头以及通过段 (Section)来 描述文件内容, 作为安卓私有的一种 ELF文件, 0AT格式文件包含有两个特殊的 段 oatdata和 oatexec,前者包含有用来生成本地机器指令的 dex文件内容, 后者包含 有生成的本地机器指令, 它们之间的关系通过存储在 oatdata段前面的 oat头部描 述。 此外, 在 OAT格式文件的 dynamic段, 导出了三个符号 oatdata、 oatexec和 oatl astword, 它们的值就是用来界定 oatdata段和 oatexec段的起止位置的, 其中 [oatdat a,oatexec-l]描述的是 oatdata段的起止位置, 而 [oatexec,oatlastword+3]描述的是 oat exec的起止位置。 [0060] As shown in FIG. 3, Google's original signature scheme will sign all the files and put the signature in the META-INF directory. After the Android APK is successfully installed, the executable code will be converted into a 0AT signature file, 0AT signature file. It is in 0AT format. Since the 0AT format file is essentially an ELF file, it has the structure of a general ELF file in the outermost layer. For example, it has a standard ELF file header and describes the file contents through Sections. A private ELF file, the 0AT format file contains two special segments, oatdata and oatexec. The former contains the contents of the dex file used to generate the local machine instructions. The latter contains the generated local machine instructions. The relationship between them is passed. Oat header stored in front of the oatdata segment Said. In addition, in the dynamic section of the OAT format file, three symbols oatdata, oatexec, and oatl astword are exported, and their values are used to define the start and end positions of the oatdata segment and the oatexec segment, where [oatdat a, oatexec-l] describes It is the starting and ending position of the oatdata segment, and [oatexec, oatlastword+3] describes the starting and ending position of oat exec.

[0061] 因此, 可以根据 OAT格式文件对 APK安装后的本地机器指令, 只用自制电脑工 具在电脑上将 APK安装文件转化成 OAT格式文件, 使用私钥对  [0061] Therefore, the local machine command after the APK is installed according to the OAT format file can be used to convert the APK installation file into an OAT format file on the computer using the self-made computer tool, using the private key pair.

OAT进行 HASH256+RSA2048签名, 得到签名 SGN文件, 将签名 SGN文件也放到 META-INF目录下, 然后再重新打包 APK, 这样就可以在启动的吋候对 OAT文件 签名进行认证。  OAT performs HASH256+RSA2048 signature, obtains the signed SGN file, puts the signed SGN file into the META-INF directory, and then repackages the APK, so that the OAT file signature can be authenticated at startup.

[0062] 对于上述的 S5步骤, APK启动吋, 加载 OAT签名文件的步骤, 具体是将 OAT签 名文件加载至 Android ART虚拟机的内存内。  [0062] For the above step S5, the APK starts, and the step of loading the OAT signature file is specifically loading the OAT signature file into the memory of the Android ART virtual machine.

[0063] 更进一步的, 步骤 S6具体包括以下步骤: [0063] Further, step S6 specifically includes the following steps:

[0064] S61、 判断 APK对应的 META-INF下的签名 SGN文件是否被篡改, 若已经被篡 改, S7、 禁止启动 APK;  [0064] S61. Determine whether the signature SGN file under the META-INF corresponding to the APK has been tampered with, and if it has been tampered with, S7, prohibiting the activation of the APK;

[0065] 或者, 若未被篡改, S62、 计算 OAT签名文件的 Oatdata和 oatexec段的 HASH256 值, 并进入步骤 S63; [0065] Alternatively, if not tampering, S62, calculate the Oatdata of the OAT signature file and the HASH256 value of the oatexec segment, and proceeds to step S63;

[0066] S63、 判断该 OAT签名文件的 HASH256值和 META-INF下的签名 SGN文件中保 存的 HASH256值是否一致, 若一致, 则 S8、 签名验证成功, 加载 APK, 或者, 若不一致, 则 S7、 禁止启动 APK。  [0066] S63. Determine whether the HASH256 value of the OAT signature file is consistent with the HASH256 value stored in the signature SGN file under the META-INF. If they are consistent, the S8, the signature verification succeeds, the APK is loaded, or, if not, the S7 , prohibit the launch of the APK.

[0067] 上述的安卓 APK启动吋签名认证的方法, 通过获取签名 SGN文件, 安卓系统的 APK启动吋, 对签名 SGN文件进行签名认证, 从而根据签名 SGN文件是否被更 改而对 APK的行为进行限制, 实现对已安装成功的 APK进行启动吋, 对签名进 行认证, 确保 APK也不被随意篡改, 一旦 APK被篡改, APK启动吋就可以及吋 发现, 被提示给用户 APK已被篡改, 无法运行, 减少安全隐患。 [0067] The above Android APK launches the method of signature authentication, by acquiring the signature SGN file, the APK of the Android system is started, and the signature SGN file is signature-authenticated, thereby limiting the behavior of the APK according to whether the signature SGN file is changed. To enable the successful installation of the APK, verify the signature, and ensure that the APK is not arbitrarily tampered with. Once the APK has been tampered with, the APK can be found after the APK is launched, and the user has been tampered with and cannot be run. , reduce security risks.

[0068]  [0068]

[0069] 如图 4和图 5所示, 是本实施例提供的安卓 APK启动吋签名认证的装置, 包括转 化单元 1、 签名文件获取单元 2、 加载模块 5以及更改判断单元 6。  As shown in FIG. 4 and FIG. 5, the device for initiating 吋 signature authentication of the Android APK provided in this embodiment includes a conversion unit 1, a signature file acquisition unit 2, a loading module 5, and a change determination unit 6.

[0070] 转化单元 1, 所述转化单元用于将原始的 APK安装文件转换成 0AT格式文件, 并, 通过 HASH256+RSA2048算法计算所述 OAT格式文件中的 oatdata和 oatexec段[0070] a conversion unit 1, the conversion unit is configured to convert an original APK installation file into a 0AT format file, And calculating the oatdata and oatexec segments in the OAT format file by using the HASH256+RSA2048 algorithm

, 得到签名 SGN文件。 , get the signed SGN file.

[0071] 签名文件获取单元 2, 用于获取由原始的 APK安装文件转换而成的签名 SGN文 件, 并加载安装后的 APK的可执行代码转换而成的 OAT签名文件。  [0071] The signature file obtaining unit 2 is configured to acquire a signature SGN file converted from the original APK installation file, and load an OAT signature file converted by the executable code of the installed APK.

[0072] 签名文件获取单元 2包括加载模块 5, 用于将所述 OAT签名文件加载至 Android ART虚拟机的内存内  [0072] The signature file obtaining unit 2 includes a loading module 5 for loading the OAT signature file into the memory of the Android ART virtual machine.

[0073] 更改判断单元 6, 用于判断所述 OAT签名文件是否与签名 SGN文件一致, 若是 , 加载 APK, 否则, 禁止启动 APK。  [0073] The change determining unit 6 is configured to determine whether the OAT signature file is consistent with the signature SGN file, and if so, load the APK, otherwise, prohibiting the activation of the APK.

[0074] 上述的转化单元 1在转化文件吋, 主要是使用自制的电脑工具将原始的 APK格 式转换成安装后的 OAT格式文件的文件。  [0074] The conversion unit 1 described above converts the original APK format into a file of the installed OAT format file by using a homemade computer tool in the conversion file.

[0075] 签名文件获取单元 2获取签名 SGN文件, 具体是通过 HASH256+RSA2048算法计 算 OAT格式文件中的 oatdata和 oatexec段, 作为签名 SGN文件。  [0075] The signature file obtaining unit 2 obtains the signature SGN file, specifically, the Oatdata and oatexec segments in the OAT format file are calculated by the HASH256+RSA2048 algorithm as the signature SGN file.

[0076] 由于 Google原始的签名方案会将所有文件签名后将签名放在 META-INF目录下 , 安卓 APK安装成功后, 会将可执行代码转换成 OAT签名文件, OAT签名文件 是 OAT格式文件的一种, 由于 0AT格式文件本质上是一个 ELF文件, 因此在最外 层它具有一般 ELF文件的结构, 例如它有标准的 ELF文件头以及通过段 (Section) 来描述文件内容, 作为安卓私有的一种 ELF文件, 0AT格式文件包含有两个特殊 的段 oatdata和 oatexec,前者包含有用来生成本地机器指令的 dex文件内容, 后者包 含有生成的本地机器指令, 它们之间的关系通过存储在 oatdata段前面的 oat头部 描述。 此外, 在 0AT格式文件的 dynamic段, 导出了三个符号 oatdata、 oatexec和 o atlastword, 它们的值就是用来界定 oatdata段和 oatexec段的起止位置的, 其中 [oat data,oatexec-l]描述的是 oatdata段的起止位置, 而 [oatexec,oatlastword+3]描述的是 oatexec的起止位置。  [0076] Since Google's original signature scheme will sign all the files and put the signature in the META-INF directory, after the Android APK is successfully installed, the executable code will be converted into an OAT signature file, and the OAT signature file is an OAT format file. One, since the 0AT format file is essentially an ELF file, it has the structure of a general ELF file at the outermost layer, for example, it has a standard ELF file header and describes the file content by Section, as a private Android. An ELF file, the 0AT format file contains two special sections oatdata and oatexec, the former contains the contents of the dex file used to generate the local machine instructions, and the latter contains the generated local machine instructions, the relationship between them is stored in Oat header description in front of the oatdata section. In addition, in the dynamic section of the 0AT format file, three symbols oatdata, oatexec, and o atlastword are exported, and their values are used to define the start and end positions of the oatdata segment and the oatexec segment, where [oat data, oatexec-l] describes It is the starting and ending position of the oatdata segment, and [oatexec, oatlastword+3] describes the starting and ending position of oatexec.

[0077] 因此, 可以根据 0AT格式文件对 APK安装后的本地机器指令 (只用自制电脑工 具在电脑上将 APK安装包转化成 0AT格式文件, 使用私钥对  [0077] Therefore, the local machine command after the APK is installed according to the 0AT format file (only the home computer tool is used to convert the APK installation package into the 0AT format file on the computer, using the private key pair

0AT进行 HASH256+RSA2048签名, 得到签名 SGN文件, 将签名 SGN文件也放到 META-INF目录下, 然后再重新打包 APK, 这样就可以在启动的吋候对 OAT文件 签名进行认证。 [0078] 上述的加载模块 5具体是将 OAT签名文件加载至 Android ART虚拟机的内存内。 0AT performs HASH256+RSA2048 signature, obtains the signature SGN file, puts the signature SGN file into the META-INF directory, and then repackages the APK, so that the OAT file signature can be authenticated at startup. [0078] The loading module 5 described above specifically loads the OAT signature file into the memory of the Android ART virtual machine.

[0079] 另外, 安卓 APK启动吋签名认证的装置还包括复原单元 3以及打包单元 4。 [0079] In addition, the device for launching the signature authentication of the Android APK further includes a restoration unit 3 and a packaging unit 4.

[0080] 复原单元 3, 用于将签名 SGN文件放入到原始的 APK打包文件目录 META-INF 下。 [0080] The restoration unit 3 is configured to put the signature SGN file into the original APK package file directory META-INF.

[0081] 打包单元 4, 用于重新打包 APK文件, 将新的 APK文件安装到安卓系统中。  [0081] The packaging unit 4 is configured to repackage the APK file and install the new APK file into the Android system.

[0082] 更进一步的, 更改判断单元 6包括文件篡改判断模块 61以及数值判断模块 62。 Further, the change judging unit 6 includes a file tampering judging module 61 and a numerical value judging module 62.

[0083] 文件篡改判断模块 61, 用于判断 APK对应的 META-INF下的所述签名 SGN文件 是否被篡改, 若已经被篡改, APK启动失败, 否则, 计算所述 OAT签名文件的 0 atdata和 oatexec段的 HASH256值。 [0083] The file tampering determination module 61 is configured to determine whether the signature SGN file under the META-INF corresponding to the APK has been tampered with, and if the tampering has been performed, the APK fails to be started. Otherwise, the 0 atdata of the OAT signature file is calculated. The HASH256 value of the oatexec segment.

[0084] 数值判断模块 62, 用于判断所述 OAT签名文件的 HASH256值和 META-INF下的 所述签名 SGN文件中保存的 HASH256值是否一致, 若一致, 则签名验证成功, 加载 APK, 或者, 若不一致, 则禁止启动 APK。 [0084] The value judging module 62 is configured to determine whether the HASH256 value of the OAT signature file and the HASH256 value stored in the signature SGN file under the META-INF are consistent. If the signature is consistent, the signature verification succeeds, the APK is loaded, or If it is inconsistent, it is forbidden to start the APK.

[0085] 上述的安卓 APK启动吋签名认证的装置, 通过签名文件获取单元 2获取签名 SG N文件和 OAT签名文件, 启动吋, 更改判断单元 6对签名 SGN文件和 OAT签名文 件进行签名认证, 从而根据 OAT签名文件是否与签名 SGN文件一致而对 APK的 行为进行限制, 实现对已安装成功的 APK进行启动吋, 对签名进行认证, 确保 A PK也不被随意篡改, 一旦 APK被篡改, APK启动吋就可以及吋发现, 被提示给 用户 APK已被篡改, 无法运行, 减少安全隐患。 [0085] The device for initiating the signature authentication of the Android APK is configured to acquire the signature SG N file and the OAT signature file by the signature file acquiring unit 2, and the change determination unit 6 performs signature verification on the signature SGN file and the OAT signature file, thereby According to whether the OAT signature file is consistent with the signature SGN file, the behavior of the APK is restricted, and the successfully installed APK is activated, the signature is authenticated, and the A PK is not arbitrarily falsified. Once the APK is tampered with, the APK is started. You can find out that the user has been tampered with, has been tampering, can't run, and reduces security risks.

[0086]  [0086]

[0087] 以上所述仅为本发明的优选实施例, 并非因此限制本发明的专利范围, 凡是利 用本发明说明书及附图内容所作的等效结构或等效流程变换, 或直接或间接运 用在其他相关的技术领域, 均同理包括在本发明的专利保护范围内。  The above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the invention, and the equivalent structure or equivalent process transformations made by the description of the present invention and the drawings are used directly or indirectly. Other related technical fields are equally included in the scope of patent protection of the present invention.

Claims

权利要求书  Claim 一种安卓 APK启动吋签名认证的方法, 其特征在于, 所述方法包括: 获取由原始的 APK安装文件转换而成的签名 SGN文件, 并加载安装后 的 APK的可执行代码转换而成的 OAT签名文件; A method for launching a signature authentication of an Android APK, the method comprising: acquiring a signature SGN file converted from an original APK installation file, and loading the OAT of the executable code converted by the installed APK Signature file 判断所述 OAT签名文件是否与签名 SGN文件一致; Determining whether the OAT signature file is consistent with the signature SGN file; 若是, 加载 APK, 否则, 禁止启动 APK。 If so, load the APK, otherwise, it is forbidden to launch the APK. 如权利要求 1所述的安卓 APK启动吋签名认证的方法, 其特征在于, 所述原始的 APK安装文件转换成签名 SGN文件的方法, 包括, 将原始的 APK安装文件转换成 OAT格式文件; The method for triggering the signature authentication of the Android APK according to claim 1, wherein the method for converting the original APK installation file into a signature SGN file comprises: converting the original APK installation file into an OAT format file; 通过 HASH256+RSA2048算法计算所述 OAT格式文件中的 oatdata和 oat exec段, 得到签名 SGN文件。 The oatdata and oat exec segments in the OAT format file are calculated by the HASH256+RSA2048 algorithm to obtain a signature SGN file. 如权利要求 2所述的安卓 APK启动吋签名认证的方法, 其特征在于, 所述通过 HASH256+RSA2048算法计算所述 OAT格式文件中的 oatdata 和 oatexec段, 得到签名 SGN文件步骤之后, 还包括, The method for triggering the signature authentication of the Android APK according to claim 2, wherein the calculating the oatdata and oatexec segments in the OAT format file by the HASH256+RSA2048 algorithm to obtain the signature SGN file, further includes 将所述签名 SGN文件放入到原始的 APK打包文件目录 META-INF下; 重新打包所述 APK文件, 将新的 APK文件安装到安卓系统中。 Put the signed SGN file into the original APK package file directory META-INF; repackage the APK file and install the new APK file into the Android system. 如权利要求 1所述的安卓 APK启动吋签名认证的方法, 其特征在于, 所述并加载安装后的 APK的可执行代码转换而成的 0AT签名文件的步 骤, 包括, The method for triggering the signature authentication of the Android APK according to claim 1, wherein the step of loading and loading the executable code converted from the installed APK into the 0AT signature file comprises: 将所述 0AT签名文件加载至 Android ART虚拟机的内存内。 The 0AT signature file is loaded into the memory of the Android ART virtual machine. 如权利要求 2所述的安卓 APK启动吋签名认证的方法, 其特征在于, 所述并加载安装后的 APK的可执行代码转换而成的 0AT签名文件的步 骤, 包括, The method for launching the signature authentication of the Android APK according to claim 2, wherein the step of loading and loading the executable code converted by the installed APK into the 0AT signature file comprises: 将所述 0AT签名文件加载至 Android ART虚拟机的内存内。 The 0AT signature file is loaded into the memory of the Android ART virtual machine. 如权利要求 3所述的安卓 APK启动吋签名认证的方法, 其特征在于, 所述并加载安装后的 APK的可执行代码转换而成的 OAT签名文件的步 骤, 包括, The method for triggering authentication of an Android APK according to claim 3, wherein the step of loading and loading the OAT signature file converted by the executable code of the installed APK comprises: 将所述 OAT签名文件加载至 Android ART虚拟机的内存内。 如权利要求 3所述的安卓 APK启动吋签名认证的方法, 其特征在于, 所述判断所述 OAT签名文件是否与签名 SGN文件一致的步骤, 包括, 判断 APK对应的 META-INF下的所述签名 SGN文件是否被篡改, 若是, 则禁止启动 APK, 否则计算所述 OAT签名文件的 Oatdata和 oate xec段的 HASH256值; The OAT signature file is loaded into the memory of the Android ART virtual machine. The method for determining the signature of an Android APK in accordance with claim 3, wherein the step of determining whether the OAT signature file is consistent with a signature SGN file comprises: determining, according to the META-INF corresponding to the APK Whether the signature SGN file has been tampered with, if yes, prohibiting the activation of the APK, otherwise calculating the HASH256 value of the Oatdata and oate xec segments of the OAT signature file; 判断所述 0AT签名文件的 HASH256值和 META-INF下的所述签名 SGN 文件中保存的 HASH256值是否一致, Determining whether the HASH256 value of the 0AT signature file is consistent with the HASH256 value saved in the signature SGN file under META-INF, 若一致, 则签名验证成功, 加载 APK, If they are consistent, the signature verification is successful, and the APK is loaded. 若不一致, 则禁止启动 APK。 If they are inconsistent 一种安卓 APK启动吋签名认证的装置, 其特征在于, 包括: 签名文件获取单元, 用于获取由原始的 APK安装文件转换而成的签名An Android APK launching signature authentication device, comprising: a signature file obtaining unit, configured to acquire a signature converted from an original APK installation file SGN文件, 并加载安装后的 APK的可执行代码转换而成的 0AT签名文 件; An SGN file, and loading the executable code converted by the installed APK into a 0AT signature file; 更改判断单元, 用于判断所述 0AT签名文件是否与签名 SGN文件一致 , 若是, 加载 APK, 否则, 禁止启动 APK。 The change judging unit is configured to judge whether the 0AT signature file is consistent with the signature SGN file, and if so, load the APK, otherwise, prohibiting the launch of the APK. 如权利要求 8所述的安卓 APK启动吋签名认证的装置, 其特征在于, 还包括转化单元, 用于将原始的 APK安装文件转换成 0AT格式文件, 并, 通过 HASH256+RSA2048算法计算所述 0AT格式文件中的 oatdata 和 oatexec段, 得到签名 SGN文件。 The apparatus for triggering authentication of an Android APK according to claim 8, further comprising a converting unit, configured to convert the original APK installation file into a 0AT format file, and calculate the 0AT by using a HASH256+RSA2048 algorithm. The oatdata and oatexec sections in the format file get the signed SGN file. 如权利要求 9所述的安卓 APK启动吋签名认证的装置, 其特征在于, 还包括复原单元以及打包单元, The device for initiating 吋 signature authentication of an Android APK according to claim 9, further comprising a restoring unit and a packing unit, 所述复原单元, 用于将所述签名 SGN文件放入到原始 APK打包文件目 录 META-INF下; The restoring unit is configured to put the signed SGN file into the original APK package file directory META-INF; 所述打包单元, 用于重新打包所述 APK文件, 将新的 APK文件安装到 安卓系统中。 The packaging unit is configured to repackage the APK file and install the new APK file into the Android system. 如权利要求 8所述的安卓 APK启动吋签名认证的装置, 其特征在于, 所述签名文件获取单元包括有加载模块, 所述加载模块, 用于将所述 0AT签名文件加载至 Android ART虚拟机的内存内。 [权利要求 12] 如权利要求 8所述的安卓 APK启动吋签名认证的装置, 其特征在于, 所述更改判断单元包括文件篡改判断模块以及数值判断模块; 所述文件篡改判断模块, 用于判断 APK对应的 META-INF下的所述签 名 SGN文件是否被篡改, 若已经被篡改, APK启动失败, 否则, 计算 所述 OAT签名文件的 Oatdata和 oatexec段的 HASH256值; The apparatus for initiating the signature authentication of the Android APK according to claim 8, wherein the signature file acquisition unit includes a loading module, and the loading module is configured to load the 0AT signature file into the Android ART virtual machine. Within the memory. [Claim 12] The device for triggering authentication of the Android APK according to claim 8, wherein the change determination unit includes a file tampering determination module and a numerical determination module; and the file tampering determination module is configured to determine Whether the signature SGN file under the META-INF corresponding to the APK has been tampered with, if the tampering has been made, the APK fails to be started, otherwise, the HASH256 value of the Oatdata and oatexec segments of the OAT signature file is calculated; 所述数值判断模块, 用于判断所述 OAT签名文件的 HASH256值和 ME TA-INF下的所述签名 SGN文件中保存的 HASH256值是否一致, 若一 致, 则签名验证成功, 加载 APK, 或者, 若不一致, 则禁止启动 APK  The value judging module is configured to determine whether the HASH256 value of the OAT signature file and the HASH256 value stored in the signature SGN file in the ME TA-INF are consistent. If the signature is consistent, the signature verification succeeds, the APK is loaded, or If not consistent, it is forbidden to start APK
PCT/CN2017/076974 2017-03-16 2017-03-16 Method and device for signature authentication during android apk startup Ceased WO2018165951A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2017/076974 WO2018165951A1 (en) 2017-03-16 2017-03-16 Method and device for signature authentication during android apk startup
CN201780001547.5A CN107690643A (en) 2017-03-16 2017-03-16 The method and its device of signature authentication when Android APK starts

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/076974 WO2018165951A1 (en) 2017-03-16 2017-03-16 Method and device for signature authentication during android apk startup

Publications (1)

Publication Number Publication Date
WO2018165951A1 true WO2018165951A1 (en) 2018-09-20

Family

ID=61154886

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/076974 Ceased WO2018165951A1 (en) 2017-03-16 2017-03-16 Method and device for signature authentication during android apk startup

Country Status (2)

Country Link
CN (1) CN107690643A (en)
WO (1) WO2018165951A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104049973A (en) * 2014-06-25 2014-09-17 北京思特奇信息技术股份有限公司 Safety verification method and device for android application program
CN105069357A (en) * 2015-08-06 2015-11-18 福建天晴数码有限公司 Vulnerability scanning method, cloud server and system
CN106355081A (en) * 2016-09-07 2017-01-25 深圳市新国都支付技术有限公司 Android program start verification method and device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103914654A (en) * 2013-12-25 2014-07-09 武汉安天信息技术有限责任公司 Method and system for detecting malicious code during operation of Android ART
US9558096B2 (en) * 2014-03-21 2017-01-31 Marvell World Trade Ltd. Method and apparatus for supporting performance analysis
CN104156638B (en) * 2014-06-06 2018-04-20 国家计算机网络与信息安全管理中心 A kind of implementation method of extension signature towards Android system software
CN106228041B (en) * 2016-07-21 2018-11-20 北京理工大学 A kind of code protection method for Android precompile

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104049973A (en) * 2014-06-25 2014-09-17 北京思特奇信息技术股份有限公司 Safety verification method and device for android application program
CN105069357A (en) * 2015-08-06 2015-11-18 福建天晴数码有限公司 Vulnerability scanning method, cloud server and system
CN106355081A (en) * 2016-09-07 2017-01-25 深圳市新国都支付技术有限公司 Android program start verification method and device

Also Published As

Publication number Publication date
CN107690643A (en) 2018-02-13

Similar Documents

Publication Publication Date Title
US9792440B1 (en) Secure boot for vehicular systems
JP5571704B2 (en) Integrity verification using peripheral devices
US11886593B2 (en) Verification of a provisioned state of a platform
CN113407911A (en) Validating software residing on a remote computing device
US20150067884A1 (en) Method and system for protecting software
JP6391439B2 (en) Information processing apparatus, server apparatus, information processing system, control method, and computer program
TWI687840B (en) Memory subsystem, secure client device, and authentication method thereof
CN109753788B (en) Integrity checking method and computer readable storage medium during kernel operation
CN112699343A (en) Software integrity protection and verification method and device
CN111832012A (en) ECU and starting method thereof
CN112148314B (en) Mirror image verification method, device and equipment of embedded system and storage medium
JP4983521B2 (en) Software update verification apparatus, method, and program
CN113495729A (en) Software upgrading method and device
CN109977662A (en) Processing method, device, terminal and the storage medium of application program
EP3952244A1 (en) Vehicle control device, vehicle control device start-up method, and recording medium
JP2013041587A (en) System and method for executing command from remote source
CN120353489A (en) Firmware updating method, device and storage medium
WO2018165951A1 (en) Method and device for signature authentication during android apk startup
CN117874784B (en) Vehicle encryption system and method
CN104346568A (en) Method and device for identifying malicious application program and mobile device
CN101009888A (en) Secure booting method for a mobile terminal, computer readable recording medium and mobile terminal
CN114282205B (en) Firmware startup method and device, and computer-readable storage medium
WO2016188231A1 (en) Verification method and apparatus
WO2020233044A1 (en) Plug-in verification method and device, and server and computer-readable storage medium
CN117349849A (en) Chip starting method and chip

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17901242

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 17/01/2020)

122 Ep: pct application non-entry in european phase

Ref document number: 17901242

Country of ref document: EP

Kind code of ref document: A1