CN115081000A - Method, system, device and storage medium for protecting source code of remote object program - Google Patents
Method, system, device and storage medium for protecting source code of remote object program Download PDFInfo
- Publication number
- CN115081000A CN115081000A CN202210687046.XA CN202210687046A CN115081000A CN 115081000 A CN115081000 A CN 115081000A CN 202210687046 A CN202210687046 A CN 202210687046A CN 115081000 A CN115081000 A CN 115081000A
- Authority
- CN
- China
- Prior art keywords
- key
- source code
- program
- ciphertext
- remote target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000005259 measurement Methods 0.000 claims abstract description 18
- 230000006870 function Effects 0.000 claims description 22
- 238000012795 verification Methods 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 8
- 238000004806 packaging method and process Methods 0.000 claims description 7
- 238000010586 diagram Methods 0.000 description 7
- 208000009115 Anorectal Malformations Diseases 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000007789 sealing Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method, a system, equipment and a storage medium for protecting source codes of a remote target program, wherein the method comprises the following steps: creating a first Enclave, verifying the legality of the signature of the bootstrap program by using a public key in the trusted bootstrap program, and placing the verified trusted bootstrap program into the first Enclave for running; generating a first key by using a random number generation function through a trusted boot program, generating a second key of first Enclave by a remote target program source code owner, and generating a remote target program source code package according to the first key and the second key; a remote target program source code user generates a third key of the first Enclave by utilizing the CPU physical information of the remote hardware, the measurement information of the trusted bootstrap program and the configuration information of the first Enclave, and decrypts the remote target program source code program package according to the third key; and creating second Enclaves with the number equal to that of the source codes of the remote target programs, and respectively placing the source codes of the remote target programs into the corresponding second Enclaves by the trusted bootstrap program.
Description
Technical Field
The present invention relates to the field of program processing, and more particularly, to a method, system, device, and storage medium for protecting source code of a remote object program.
Background
For a product, a program source code is a life avatar, and by mastering the writing mode of the program source code, the same program can be copied, or a program bug can be found by reading the source code and any attack can be carried out. Once the source code leaks, the potential hazards are great. Meanwhile, when the program source code is deployed in an unattended place as a product or sold to a customer, an attacker can easily obtain a binary file after the program source code is compiled. The program source code is easily obtained by technical means such as disassembling and the like, and the core service logic is exposed, so that the execution process of the whole program source code is analyzed and further damaged. Therefore, the program source code is an important asset of the owner, and the enhancement of intellectual property protection is very important.
Code obfuscation is the act of transforming the code of a computer program into a functionally equivalent, but difficult to read and understand, form. The code obfuscation may be used for program source code, intermediate code compiled from a program, or obfuscated encryption of compiled binary file code. Through a series of conversion, the readability of the code is deteriorated, and therefore the purpose of protecting the source code of the program is achieved. The scheme is simple and convenient, the compatibility is good, but the code structure is not changed, and the cracking difficulty is small. The program source code is encrypted by algorithms such as AES and DES, and the decryption key is embedded in the source code, but an attacker can easily obtain the original code from the encrypted program source code through the key as long as finding the decryption key.
Disclosure of Invention
In view of this, an object of the embodiments of the present invention is to provide a method, a system, a computer device, and a computer readable storage medium for protecting a remote object program source code, in which the remote object program source code is used in an encrypted state, and no one can view the program source code, so as to protect intellectual property, and when configuration information of a remote hardware system, a trusted boot program, and a first Enclave is changed, a same sealed key as before cannot be generated, and decryption will fail afterwards, so that other people cannot change hardware, nor modify a trusted boot program of a plaintext; the program source code runs in the SGX environment of intel, and anyone cannot acquire the program source code from enclave.
Based on the above object, an aspect of the embodiments of the present invention provides a method for protecting source code of a remote target program, including the following steps: creating a first Enclave, verifying the legality of a boot program signature by using a public key in a trusted boot program, and placing the verified trusted boot program into the first Enclave for running; generating a first key by the trusted boot program by using a random number generation function, generating a second key of a first Enclave by a remote target program source code owner by using CPU physical information of remote hardware, measurement information of the trusted boot program and configuration information of the first Enclave, and generating a remote target program source code package according to the first key and the second key; a remote target program source code user generates a third key of the first Enclave by utilizing CPU physical information of remote hardware, the measurement information of the trusted bootstrap program and the configuration information of the first Enclave, and decrypts the remote target program source code program packet according to the third key; and creating second Enclaves with the number equal to that of the source codes of the remote target programs, and respectively placing the source codes of the remote target programs into the corresponding second Enclaves by the trusted bootstrap program.
In some embodiments, the generating a remote object source code package from the first key and the second key comprises: encrypting the source code of the target program by using a first key to generate a source code ciphertext of the remote target program, encrypting the first key by using a second key to generate a first key ciphertext, and encrypting the public key by using the second key to generate a public key ciphertext; signing the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using a private key to obtain signature information; and packaging the remote target program source code ciphertext, the first key ciphertext, the public key ciphertext and the signature information to generate a remote target program source code program package.
In some embodiments, said decrypting the remote object source code package according to the third key comprises: and decrypting the first key ciphertext and the public key ciphertext by using the third key to obtain a first key and a public key, performing signature verification on the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using the public key, and decrypting the corresponding remote target program source code ciphertext by using the first key respectively to obtain the remote target program source code.
In some embodiments, the trusted boot program placing the source code of the remote target program into the corresponding second enclaves respectively comprises: and the trusted bootstrap program respectively constructs a secure trusted channel with all the second enclaves by using a key negotiation algorithm.
In another aspect of the embodiments of the present invention, a system for protecting a source code of a remote target program is provided, including: the first creating module is configured to create a first Enclave, verify the validity of a boot program signature by using a public key in a trusted boot program, and place the verified trusted boot program into the first Enclave for operation; the encryption module is configured to generate a first key by using a random number generation function through the trusted boot program, generate a second key of a first Enclave by using the CPU physical information of remote hardware, the metric information of the trusted boot program and the configuration information of the first Enclave by using a remote target program source code owner, and generate a remote target program source code package according to the first key and the second key; the decryption module is configured to be used for a remote target program source code user to generate a third key of the first Enclave by utilizing the CPU physical information of remote hardware, the measurement information of the trusted boot program and the configuration information of the first Enclave, and decrypt the remote target program source code program package according to the third key; and the second creating module is configured to create second envelopes with the number equal to that of the source codes of the remote target programs, and the trusted boot program respectively places the source codes of the remote target programs into the corresponding second envelopes.
In some embodiments, the encryption module is configured to: encrypting the source code of the target program by using a first key to generate a source code ciphertext of the remote target program, encrypting the first key by using a second key to generate a first key ciphertext, and encrypting the public key by using the second key to generate a public key ciphertext; signing the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using a private key to obtain signature information; and packaging the remote target program source code ciphertext, the first key ciphertext, the public key ciphertext and the signature information to generate a remote target program source code program package.
In some embodiments, the decryption module is configured to: and decrypting the first key ciphertext and the public key ciphertext by using the third key to obtain a first key and a public key, performing signature verification on the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using the public key, and decrypting the corresponding remote target program source code ciphertext by using the first key respectively to obtain the remote target program source code.
In some embodiments, the second creation module is configured to: and the trusted bootstrap program respectively constructs a secure trusted channel with all the second enclaves by using a key negotiation algorithm.
In another aspect of the embodiments of the present invention, there is also provided a computer device, including: at least one processor; and a memory storing computer instructions executable on the processor, the instructions when executed by the processor implementing the steps of the method as above.
In a further aspect of the embodiments of the present invention, a computer-readable storage medium is also provided, in which a computer program for implementing the above method steps is stored when the computer program is executed by a processor.
The invention has the following beneficial technical effects: when the configuration information of the remote hardware system, the trusted boot program and the first Enclave is changed, the same sealed secret key as the previous one cannot be generated, and the subsequent decryption fails, so that other people cannot change the hardware and cannot modify the trusted boot program of the plaintext; the program source code runs in the SGX environment of intel, and anyone cannot acquire the program source code from enclave.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other embodiments can be obtained by using the drawings without creative efforts.
FIG. 1 is a diagram illustrating an embodiment of a method for protecting source code of a remote target program according to the present invention;
FIG. 2 is a diagram illustrating an embodiment of a system for protecting source code of a remote target program according to the present invention;
FIG. 3 is a schematic hardware diagram of an embodiment of a computer apparatus for protecting source code of a remote object program according to the present invention;
FIG. 4 is a diagram of an embodiment of a computer storage medium for protecting source code of a remote object program provided by the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the following embodiments of the present invention are described in further detail with reference to the accompanying drawings.
It should be noted that all expressions using "first" and "second" in the embodiments of the present invention are used for distinguishing two entities with the same name but different names or different parameters, and it should be noted that "first" and "second" are merely for convenience of description and should not be construed as limitations of the embodiments of the present invention, and they are not described in any more detail in the following embodiments.
In a first aspect of an embodiment of the present invention, an embodiment of a method for protecting source code of a remote target program is provided. Fig. 1 is a schematic diagram illustrating an embodiment of a method for protecting source code of a remote target program according to the present invention. As shown in fig. 1, the embodiment of the present invention includes the following steps:
s1, creating a first Enclave, verifying the legality of the signature of the bootstrap program by using a public key in the trusted bootstrap program, and placing the verified trusted bootstrap program into the first Enclave for operation;
s2, generating a first key by the trusted boot program through a random number generation function, generating a second key of a first Enclave by a remote target program source code owner through CPU physical information of remote hardware, measurement information of the trusted boot program and configuration information of the first Enclave, and generating a remote target program source code package according to the first key and the second key;
s3, a remote target program source code user utilizes the CPU physical information of remote hardware, the measurement information of the trusted bootstrap program and the configuration information of the first Enclave to generate a third key of the first Enclave, and decrypts the remote target program source code package according to the third key; and
and S4, creating second enclaves with the number equal to that of the source codes of the remote target programs, and respectively placing the source codes of the remote target programs into the corresponding second enclaves by the trusted bootstrap program.
The Intel SGX is a new extension of the Intel architecture, and a new group of instruction sets and memory access mechanisms are added on the original architecture. These extensions allow applications to implement a container called enclave that partitions a protected area within the application's address space, providing protection of the code and data within the container from malicious software that has special permissions.
TDX is another secure computing abstraction behind SGX by Intel — Trusted virtual machine (TD). In design, the TDX introduces a single credible Hypervisor/VMM which shares the same physical host with the original cloud platform VMM. The trusted Hypervisor is called TDX module, and is a small security module which is responsible for interactive check between the TD trusted virtual machine and the external untrusted VMM.
SEV is an abbreviation for Secure Encrypted Virtualization. The SEV assumes that there is a potential for doing harm to the cloud vendor's Hypervisor, running the user's confidential virtual machine on the untrusted Hypervisor. In terms of protection capabilities, SEV provides only confidentiality support for memory, and no memory integrity. The second generation SEV products add additional confidentiality protection to the virtual machine register state, called SEV-es (SEV Encrypted state).
The trusted execution environment proposed by the early ARM is specially TrustZone, only based on the integrity protection characteristic of physical isolation, and lacks the support of confidentiality. As ARM evolves to deploy server-side processors, a Confidential computing Architecture-Confidential Computer Architecture (CCA) was first proposed in ARM v 9. ARM CCA is different from a threat model of TrustZone, directly supports memory secret capability on hardware, is specially used for protecting secret data of a user, and cannot access the data in CCA Realm even privilege codes and firmware in TrustZone. CCA Realm also uses security abstraction of confidential virtual machines, and rmm (real Management monitor) is introduced by CCA as security software for managing confidential virtual machines.
The embodiment of the invention comprises at least one remote target program source code, a trusted boot program, an untrusted operating system, an untrusted hardware storage environment, a trusted execution environment for running the trusted boot program and a trusted execution environment for running the target program source code. The above components are all bound with a corresponding remote hardware system, and the hardware system has a trusted execution environment which can be SGX of intel, TDX, SEV of AMD, CCA of ARM and the like.
The trusted boot program has the following functions: the system comprises a random number generation function, a sealed secret key generation function, an encryption function, a decryption function, a signature verification function, a remote certification function, a secret key negotiation function, a data transmission function and a starting and guiding function. The trusted boot program is publicly transparent and can be viewed by anyone. Used for generating a first key and a second key; encrypting a remote object program source code; decrypting remote target program source codes in a trusted execution environment, constructing the trusted execution environment for the remote target program source codes, establishing trusted communication with the trusted execution environment, sending the decrypted remote target program source codes to the trusted execution environment, and starting the remote target program source codes
The hardware trusted execution environment of the remote hardware system provides a trusted execution environment for the remote target program source code and the trusted boot program, specifically, enclave is generated by using the trusted execution environment, and both the remote target program source code and the trusted boot program operate in the enclave. At least one remote target program source code can be operated on the remote hardware system, and the at least one remote target program source code forms a target system platform and executes system functions. A trusted boot program is run on the remote hardware system.
Creating a first Enclave, verifying the legality of the signature of the bootstrap program by using a public key in the trusted bootstrap program, and placing the verified trusted bootstrap program into the first Enclave for running. The remote object source code owner creates a first Enclave in the remote hardware system using intel's SGX. And verifying the legality of the signature of the bootstrap program by using the public key in the trusted bootstrap program, if the verification is passed, continuing, and if not, finishing the execution. And placing the verified trusted bootstrap program into the first Enclave for running.
Generating a first key by the trusted boot program through a random number generation function, generating a second key of the first Enclave by a remote target program source code owner through CPU physical information of remote hardware, measurement information of the trusted boot program and configuration information of the first Enclave, and generating a remote target program source code package according to the first key and the second key. The remote target program source code owner utilizes the CPU physical information of the remote hardware system, the measurement information of the trusted boot program and the configuration information of the first Enclave of the trusted boot program to generate a sealing key of the first Enclave, namely a second key, wherein the second key is always in the first Enclave and cannot be obtained by any person. The trusted boot program generates at least one first key using a random number generation function.
In some embodiments, the generating a remote object source code package from the first key and the second key comprises: encrypting the source code of the target program by using a first key to generate a source code ciphertext of the remote target program, encrypting the first key by using a second key to generate a first key ciphertext, and encrypting the public key by using the second key to generate a public key ciphertext; signing the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using a private key to obtain signature information; and packaging the remote target program source code ciphertext, the first key ciphertext, the public key ciphertext and the signature information to generate a remote target program source code program package.
The trusted boot program will load at least one remote target program source code into the first Enclave. The trusted boot program loads the private key and the public key of the remote target program source code owner into the first Enclave. The trusted boot program encrypts a target program source code using a first key to generate a remote target program source code ciphertext. And encrypting the first key by using the second key to generate a first key ciphertext. And encrypting the public key by using the second secret key to generate a public key cryptograph. The trusted bootstrap program signs the source code ciphertext, the first key ciphertext and the public key ciphertext by using the private key to obtain signature information. And the trusted bootstrap program packages the remote target program source code ciphertext, the first key ciphertext, the public key ciphertext and the signature information to generate a remote target program source code program package, and stores the remote target program source code program package in the untrusted hardware storage environment of the remote hardware system. At the same time, the trusted boot program is also stored in the untrusted hardware storage environment of the remote hardware system.
And a remote target program source code user generates a third key of the first Enclave by utilizing the CPU physical information of remote hardware, the measurement information of the trusted bootstrap program and the configuration information of the first Enclave, and decrypts the remote target program source code program packet according to the third key.
The remote target program source code user utilizes the CPU physical information of the remote hardware system, the measurement information of the trusted boot program and the configuration information of the first Enclave of the trusted boot program to generate a sealed key of the first Enclave, namely a third key, wherein the third key is always in the first Enclave and can not be obtained by any person. The third key is the same as the second key. If the configuration information of the remote hardware system, the trusted boot program and the first Enclave is changed in the process, the same sealing key as before cannot be generated, and the subsequent decryption fails.
In some embodiments, said decrypting the remote object source code package according to the third key comprises: and decrypting the first key ciphertext and the public key ciphertext by using the third key to obtain a first key and a public key, performing signature verification on the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using the public key, and decrypting the corresponding remote target program source code ciphertext by using the first key respectively to obtain the remote target program source code.
At least one remote object source code package is loaded into the first Enclave. And decrypting the first key ciphertext and the public key ciphertext by using the third key to obtain the first key and the public key. And performing signature verification on the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using the public key, if the signature verification is performed in a closed manner, continuing to execute, and if not, ending. And respectively decrypting the corresponding remote target program source code ciphertext by using the first key to obtain the remote target program source code.
And creating second enclaves with the number equal to that of the source codes of the remote target programs, and respectively placing the source codes of the remote target programs into the corresponding second enclaves by the trusted bootstrap program.
In some embodiments, the trusted boot program placing the source code of the remote target program into the corresponding second enclaves respectively comprises: and the trusted bootstrap program respectively constructs a secure trusted channel with all the second enclaves by using a key negotiation algorithm.
The trusted boot program creates a second Enclave equal in number to the remote target program source code. And the trusted bootstrap program respectively constructs a secure trusted channel with all the second enclaves by using a key negotiation algorithm. And the trusted bootstrap program respectively places the source codes of the remote target programs into the corresponding second enclaves. The trusted boot program launches all the remote object source code of the second Enclave. The remote object source code is executed in the corresponding second Enclave. All remote object program source code constitutes the object system platform.
It should be particularly noted that, the steps in the embodiments of the method for protecting source code of a remote target program may be mutually intersected, replaced, added, or deleted, so that these methods for protecting source code of a remote target program, which are reasonably transformed by permutation and combination, should also belong to the scope of the present invention, and should not limit the scope of the present invention to the embodiments.
In view of the above, a second aspect of the embodiments of the present invention provides a system for protecting source code of a remote target program. As shown in fig. 2, the system 200 includes the following modules: the first creating module is configured to create a first Enclave, verify the validity of a boot program signature by using a public key in a trusted boot program, and place the verified trusted boot program into the first Enclave for operation; the encryption module is configured to generate a first key by using a random number generation function through the trusted boot program, generate a second key of the first Enclave by using the CPU physical information of the remote hardware, the measurement information of the trusted boot program and the configuration information of the first Enclave by a remote target program source code owner, and generate a remote target program source code package according to the first key and the second key; the decryption module is configured to be used for a remote target program source code user to generate a third key of the first Enclave by utilizing the CPU physical information of remote hardware, the measurement information of the trusted boot program and the configuration information of the first Enclave, and decrypt the remote target program source code program package according to the third key; and the second creating module is configured to create second envelopes with the number equal to that of the source codes of the remote target programs, and the trusted boot program respectively places the source codes of the remote target programs into the corresponding second envelopes.
In some embodiments, the encryption module is configured to: encrypting the source code of the target program by using a first key to generate a source code ciphertext of the remote target program, encrypting the first key by using a second key to generate a first key ciphertext, and encrypting the public key by using the second key to generate a public key ciphertext; signing the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using a private key to obtain signature information; and packaging the remote target program source code ciphertext, the first key ciphertext, the public key ciphertext and the signature information to generate a remote target program source code program package.
In some embodiments, the decryption module is configured to: and decrypting the first key ciphertext and the public key ciphertext by using the third key to obtain a first key and a public key, performing signature verification on the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using the public key, and decrypting the corresponding remote target program source code ciphertext by using the first key respectively to obtain the remote target program source code.
In some embodiments, the second creation module is configured to: and the trusted bootstrap program respectively constructs a secure trusted channel with all the second enclaves by using a key negotiation algorithm.
In view of the above object, a third aspect of an embodiment of the present invention provides a computer device, including: at least one processor; and a memory storing computer instructions executable on the processor, the instructions being executable by the processor to perform the steps of: s1, creating a first Enclave, verifying the legality of the signature of the bootstrap program by using a public key in the trusted bootstrap program, and placing the verified trusted bootstrap program into the first Enclave for operation; s2, generating a first key by the trusted boot program through a random number generation function, generating a second key of a first Enclave by a remote target program source code owner through CPU physical information of remote hardware, measurement information of the trusted boot program and configuration information of the first Enclave, and generating a remote target program source code package according to the first key and the second key; s3, a remote target program source code user utilizes the CPU physical information of remote hardware, the measurement information of the trusted bootstrap program and the configuration information of the first Enclave to generate a third key of the first Enclave, and decrypts the remote target program source code package according to the third key; and S4, creating second enclaves with the number equal to that of the source codes of the remote target programs, and respectively placing the source codes of the remote target programs into the corresponding second enclaves by the trusted bootstrap program.
In some embodiments, the generating a remote object source code package from the first key and the second key comprises: encrypting the source code of the target program by using a first key to generate a source code ciphertext of the remote target program, encrypting the first key by using a second key to generate a first key ciphertext, and encrypting the public key by using the second key to generate a public key ciphertext; signing the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using a private key to obtain signature information; and packaging the remote target program source code ciphertext, the first key ciphertext, the public key ciphertext and the signature information to generate a remote target program source code program package.
In some embodiments, said decrypting the remote object source code package according to the third key comprises: and decrypting the first key ciphertext and the public key ciphertext by using the third key to obtain a first key and a public key, performing signature verification on the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using the public key, and decrypting the corresponding remote target program source code ciphertext by using the first key respectively to obtain the remote target program source code.
In some embodiments, the trusted boot program placing the source code of the remote target program into the corresponding second enclaves respectively comprises: and the trusted bootstrap program respectively constructs a secure trusted channel with all the second enclaves by using a key negotiation algorithm.
Fig. 3 is a schematic hardware structural diagram of an embodiment of the computer device for protecting source code of a remote object program according to the present invention.
Taking the device shown in fig. 3 as an example, the device includes a processor 301 and a memory 302.
The processor 301 and the memory 302 may be connected by a bus or other means, such as the bus connection in fig. 3.
The memory 302 is a non-volatile computer-readable storage medium and can be used for storing non-volatile software programs, non-volatile computer-executable programs, and modules, such as program instructions/modules corresponding to the method for protecting source code of a remote object program in the embodiment of the present application. The processor 301 executes various functional applications of the server and data processing, i.e., implements a method of protecting source code of a remote object program, by executing nonvolatile software programs, instructions, and modules stored in the memory 302.
The memory 302 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of a method of protecting source code of a remote object program, and the like. Further, the memory 302 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, memory 302 optionally includes memory located remotely from processor 301, which may be connected to a local module via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
One or more computer instructions 303 corresponding to a method of protecting source code of a remote object program are stored in the memory 302 and when executed by the processor 301 perform the method of protecting source code of a remote object program in any of the above-described method embodiments.
Any embodiment of a computer device executing the method for protecting source code of a remote object program can achieve the same or similar effects as any corresponding method embodiment.
The present invention also provides a computer readable storage medium storing a computer program which, when executed by a processor, performs a method of protecting remote object program source code.
Fig. 4 is a schematic diagram of an embodiment of a computer storage medium for protecting source code of a remote object program according to the present invention. Taking the computer storage medium as shown in fig. 4 as an example, the computer readable storage medium 401 stores a computer program 402 which, when executed by a processor, performs the method as described above.
Finally, it should be noted that, as one of ordinary skill in the art can appreciate that all or part of the processes of the methods of the above embodiments can be implemented by a computer program to instruct related hardware, and the program of the method for protecting source code of a remote object program can be stored in a computer readable storage medium, and when executed, the program can include the processes of the embodiments of the methods described above. The storage medium of the program may be a magnetic disk, an optical disk, a Read Only Memory (ROM), a Random Access Memory (RAM), or the like. The embodiments of the computer program may achieve the same or similar effects as any of the above-described method embodiments.
The foregoing is an exemplary embodiment of the present disclosure, but it should be noted that various changes and modifications could be made herein without departing from the scope of the present disclosure as defined by the appended claims. The functions, steps and/or actions of the method claims in accordance with the disclosed embodiments described herein need not be performed in any particular order. Furthermore, although elements of the disclosed embodiments of the invention may be described or claimed in the singular, the plural is contemplated unless limitation to the singular is explicitly stated.
It should be understood that, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items.
The numbers of the embodiments disclosed in the embodiments of the present invention are merely for description, and do not represent the merits of the embodiments.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, and the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, of embodiments of the invention is limited to these examples; within the idea of an embodiment of the invention, also technical features in the above embodiment or in different embodiments may be combined and there are many other variations of the different aspects of the embodiments of the invention as described above, which are not provided in detail for the sake of brevity. Therefore, any omissions, modifications, substitutions, improvements, and the like that may be made without departing from the spirit and principles of the embodiments of the present invention are intended to be included within the scope of the embodiments of the present invention.
Claims (10)
1. A method for protecting source code of a remote object program, comprising the steps of:
creating a first Enclave, verifying the legality of a boot program signature by using a public key in a trusted boot program, and placing the verified trusted boot program into the first Enclave for running;
generating a first key by the trusted boot program by using a random number generation function, generating a second key of a first Enclave by a remote target program source code owner by using CPU physical information of remote hardware, measurement information of the trusted boot program and configuration information of the first Enclave, and generating a remote target program source code package according to the first key and the second key;
a remote target program source code user generates a third key of the first Enclave by utilizing CPU physical information of remote hardware, the measurement information of the trusted bootstrap program and the configuration information of the first Enclave, and decrypts the remote target program source code program packet according to the third key; and
and creating second enclaves with the number equal to that of the source codes of the remote target programs, and respectively placing the source codes of the remote target programs into the corresponding second enclaves by the trusted bootstrap program.
2. The method of claim 1, wherein generating a remote object source code package from the first key and the second key comprises:
encrypting the source code of the target program by using a first key to generate a source code ciphertext of the remote target program, encrypting the first key by using a second key to generate a first key ciphertext, and encrypting the public key by using the second key to generate a public key ciphertext;
signing the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using a private key to obtain signature information; and
and packaging the remote target program source code ciphertext, the first key ciphertext, the public key ciphertext and the signature information to generate a remote target program source code program package.
3. The method of claim 2, wherein decrypting the remote object source code package according to the third key comprises:
and decrypting the first key ciphertext and the public key ciphertext by using the third key to obtain a first key and a public key, performing signature verification on the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using the public key, and decrypting the corresponding remote target program source code ciphertext by using the first key respectively to obtain the remote target program source code.
4. The method of claim 3, wherein the trusted boot program placing the remote object source code into the corresponding second enclaves respectively comprises:
and the trusted bootstrap program respectively constructs a secure trusted channel with all the second enclaves by using a key negotiation algorithm.
5. A system for protecting source code of a remote object program, comprising:
the first creating module is configured to create a first Enclave, verify the validity of a boot program signature by using a public key in a trusted boot program, and place the verified trusted boot program into the first Enclave for operation;
the encryption module is configured to generate a first key by using a random number generation function through the trusted boot program, generate a second key of the first Enclave by using the CPU physical information of the remote hardware, the measurement information of the trusted boot program and the configuration information of the first Enclave by a remote target program source code owner, and generate a remote target program source code package according to the first key and the second key;
the decryption module is configured to be used for a remote target program source code user to generate a third key of the first Enclave by utilizing the CPU physical information of remote hardware, the measurement information of the trusted boot program and the configuration information of the first Enclave, and decrypt the remote target program source code program package according to the third key; and
and the trusted bootstrap program respectively places the source codes of the remote target programs into the corresponding second enclaves.
6. The system of claim 5, wherein the encryption module is configured to:
encrypting the source code of the target program by using a first key to generate a source code ciphertext of the remote target program, encrypting the first key by using a second key to generate a first key ciphertext, and encrypting the public key by using the second key to generate a public key ciphertext;
signing the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using a private key to obtain signature information; and
and packaging the remote target program source code ciphertext, the first key ciphertext, the public key ciphertext and the signature information to generate a remote target program source code program package.
7. The system of claim 6, wherein the decryption module is configured to:
and decrypting the first key ciphertext and the public key ciphertext by using the third key to obtain a first key and a public key, performing signature verification on the remote target program source code ciphertext, the first key ciphertext and the public key ciphertext by using the public key, and decrypting the corresponding remote target program source code ciphertext by using the first key respectively to obtain the remote target program source code.
8. The system of claim 7, wherein the second creation module is configured to:
and the trusted bootstrap program respectively constructs a secure trusted channel with all the second enclaves by using a key negotiation algorithm.
9. A computer device, comprising:
at least one processor; and
a memory storing computer instructions executable on the processor, the instructions when executed by the processor implementing the steps of the method of any one of claims 1 to 4.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210687046.XA CN115081000B (en) | 2022-06-17 | 2022-06-17 | Method, system, device and storage medium for protecting remote target program source code |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210687046.XA CN115081000B (en) | 2022-06-17 | 2022-06-17 | Method, system, device and storage medium for protecting remote target program source code |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115081000A true CN115081000A (en) | 2022-09-20 |
| CN115081000B CN115081000B (en) | 2024-06-25 |
Family
ID=83254166
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210687046.XA Active CN115081000B (en) | 2022-06-17 | 2022-06-17 | Method, system, device and storage medium for protecting remote target program source code |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115081000B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100037068A1 (en) * | 2008-08-08 | 2010-02-11 | Masana Murase | Method to Protect Secrets Against Encrypted Section Attack |
| CN107579962A (en) * | 2017-08-24 | 2018-01-12 | 中积有限公司 | A kind of method and device of source code encryption and decryption |
| CN110011801A (en) * | 2018-11-16 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Remote certification method and device, the electronic equipment of trusted application |
| CN110858246A (en) * | 2018-08-24 | 2020-03-03 | 阿里巴巴集团控股有限公司 | Authentication method and system of security code space, and registration method thereof |
| CN113810382A (en) * | 2021-08-24 | 2021-12-17 | 东北大学秦皇岛分校 | Cipher text loading method for resisting SGX side channel attack |
-
2022
- 2022-06-17 CN CN202210687046.XA patent/CN115081000B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100037068A1 (en) * | 2008-08-08 | 2010-02-11 | Masana Murase | Method to Protect Secrets Against Encrypted Section Attack |
| CN107579962A (en) * | 2017-08-24 | 2018-01-12 | 中积有限公司 | A kind of method and device of source code encryption and decryption |
| CN110858246A (en) * | 2018-08-24 | 2020-03-03 | 阿里巴巴集团控股有限公司 | Authentication method and system of security code space, and registration method thereof |
| CN110011801A (en) * | 2018-11-16 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Remote certification method and device, the electronic equipment of trusted application |
| CN113810382A (en) * | 2021-08-24 | 2021-12-17 | 东北大学秦皇岛分校 | Cipher text loading method for resisting SGX side channel attack |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115081000B (en) | 2024-06-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111181720B (en) | Service processing method and device based on trusted execution environment | |
| US10579793B2 (en) | Managed securitized containers and container communications | |
| EP3574622B1 (en) | Addressing a trusted execution environment | |
| CN103069428B (en) | Secure virtual machine in insincere cloud infrastructure guides | |
| Wang et al. | Enabling security-enhanced attestation with Intel SGX for remote terminal and IoT | |
| US8171306B2 (en) | Universal secure token for obfuscation and tamper resistance | |
| CN107743133A (en) | Mobile terminal and its access control method and system based on trustable security environment | |
| CN109756492B (en) | Cloud platform trusted execution method, device, equipment and medium based on SGX | |
| US10826694B2 (en) | Method for leakage-resilient distributed function evaluation with CPU-enclaves | |
| KR20030082484A (en) | Saving and retrieving data based on public key encryption | |
| KR20030082485A (en) | Saving and retrieving data based on symmetric key encryption | |
| Suciu et al. | Horizontal privilege escalation in trusted applications | |
| Hong et al. | Fasten: An fpga-based secure system for big data processing | |
| US20220284133A1 (en) | Executing entity-specific cryptographic code in a cryptographic coprocessor | |
| Elrabaa et al. | Secure computing enclaves using FPGAs | |
| WO2024139273A1 (en) | Federated learning method and apparatus, readable storage medium, and electronic device | |
| Desai et al. | SECAUCTEE: Securing auction smart contracts using trusted execution environments | |
| Cooijmans et al. | Secure key storage and secure computation in Android | |
| Petrov | Android password managers and vault applications: data storage security issues identification | |
| Plappert et al. | Evaluating the applicability of hardware trust anchors for automotive applications | |
| De Benedictis et al. | A novel architecture to virtualise a hardware-bound trusted platform module | |
| CN110858246B (en) | Authentication method and system of security code space, and registration method thereof | |
| CN109784072B (en) | Security file management method and system | |
| CN115081000B (en) | Method, system, device and storage medium for protecting remote target program source code | |
| Gallery et al. | Secure delivery of conditional access applications to mobile receivers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |