Search

CN-116244671-B - Authentication method, authentication device, electronic equipment and storage medium

CN116244671BCN 116244671 BCN116244671 BCN 116244671BCN-116244671-B

Abstract

The present disclosure relates to an authentication method, an apparatus, an electronic device, and a storage medium, and relates to the field of computer technology, where the method sends an authentication data acquisition request of an application to be authenticated to a server by responding to an authentication triggering operation; the method comprises the steps of receiving ciphertext authentication data and a data signature returned by a server in response to an authentication data acquisition request, authenticating an application to be authenticated according to the ciphertext authentication data and the data signature based on a preset authentication file, wherein the authentication file is an executable file which is compiled according to a target language package and accords with a system adapted by a client. In this way, the executable file obtained by compiling is adopted for authentication, and the possibility of being tampered can be reduced to a certain extent because the executable file is high in cracking difficulty, and the client terminal authenticates based on ciphertext authentication data and data signature, so that the difficulty of tampering authentication data can be further increased, and the security of authentication operation can be further enhanced.

Inventors

  • WANG HAOBO
  • CHEN XIAOQIANG
  • GUO MIAOYOU

Assignees

  • 北京达佳互联信息技术有限公司

Dates

Publication Date
20260512
Application Date
20220905

Claims (9)

  1. 1. An authentication method, applied to a client, the method comprising: Responding to the authentication triggering operation, and sending an authentication data acquisition request of the application to be authenticated to a server; receiving ciphertext authentication data and a data signature returned by the server in response to the authentication data acquisition request; based on a preset authentication file, authenticating the application to be authenticated according to the ciphertext authentication data and the data signature; The authentication file is an executable file obtained by compiling a file conforming to LLVM IR language according to an interpreter corresponding to a system adapted by the client, and the file conforming to LLVM IR language is obtained by compiling a target language package written in RUST language through a rustc compiler; The authentication file stores a disguised key, and the disguised key is obtained by confusing the plaintext key.
  2. 2. The method according to claim 1, wherein authenticating the application to be authenticated based on the ciphertext authentication data and the data signature based on a preset authentication file comprises: acquiring the secret key held by the client based on the authentication file; decrypting the ciphertext authentication data based on the key to obtain plaintext authentication data; generating a reference data signature based on the plaintext authentication data; And authenticating the application to be authenticated based on the plaintext authentication data under the condition that the reference data signature is matched with the data signature.
  3. 3. The method of claim 2, wherein the obtaining the key held by the client based on the authentication file comprises: Invoking the key of plaintext from a specified library defined in the authentication file based on a specified library invocation function; or obtaining the disguised key from the authentication file, and restoring the disguised key to obtain the plaintext key.
  4. 4. A method according to any of claims 1-3, wherein the target language package is written based on a specific language that supports compilation into an intermediate language that supports an interpreter that adapts to different systems, the method further comprising: Compiling the target language package into a file conforming to the intermediate language; And compiling the file conforming to the intermediate language according to an interpreter corresponding to the system adapted by the client to obtain the authentication file.
  5. 5. A method according to any one of claims 1-3, wherein the authentication file is pre-packaged as a target interface, and wherein the method further comprises, prior to authenticating the application to be authenticated based on the cryptograph authentication data and the data signature based on the pre-set authentication file: And calling the target interface to trigger the execution of the operation of authenticating the application to be authenticated according to the ciphertext authentication data and the data signature based on the preset authentication file.
  6. 6. An authentication apparatus for use with a client, the apparatus comprising: The sending module is configured to respond to the authentication triggering operation and send an authentication data acquisition request of the application to be authenticated to the server; the receiving module is configured to receive ciphertext authentication data and a data signature returned by the server in response to the authentication data acquisition request; The authentication module is configured to perform authentication on the application to be authenticated according to the ciphertext authentication data and the data signature based on a preset authentication file; The authentication file is an executable file obtained by compiling a file conforming to LLVM IR language according to an interpreter corresponding to a system adapted by the client, and the file conforming to LLVM IR language is obtained by compiling a target language package written in RUST language through a rustc compiler; The authentication file stores a disguised key, and the disguised key is obtained by confusing the plaintext key.
  7. 7. An electronic device, comprising: A processor; a memory for storing the processor-executable instructions; wherein the processor is configured to execute the instructions to implement the method of any one of claims 1 to 5.
  8. 8. A storage medium, characterized in that instructions in the storage medium, when executed by a processor of an electronic device, cause the electronic device to perform the method of any of claims 1 to 5.
  9. 9. A computing device program product comprising readable program instructions that, when executed by a processor of an electronic device, cause the electronic device to perform the method of any of claims 1-5.

Description

Authentication method, authentication device, electronic equipment and storage medium Technical Field The disclosure relates to the field of computer technology, and in particular, to an authentication method, an authentication device, an electronic device and a storage medium. Background Currently, with the continuous development of network technology, more and more applications are in clients. In order to ensure secure running of an application, it is often necessary to authenticate the application when the application is used. Authentication may refer to, among other things, authenticating an application. Since the authentication result affects whether the user can normally use the application, how to ensure the security of the authentication operation is a technical problem to be solved. Disclosure of Invention The present disclosure provides an authentication method, an apparatus, an electronic device, and a storage medium, so as to at least solve the above-mentioned problem of how to ensure the security of an authentication operation. The technical scheme of the present disclosure is as follows: according to a first aspect of embodiments of the present disclosure, there is provided an authentication method, applied to a client, including: Responding to the authentication triggering operation, and sending an authentication data acquisition request of the application to be authenticated to a server; receiving ciphertext authentication data and a data signature returned by the server in response to the authentication data acquisition request; And authenticating the application to be authenticated according to the ciphertext authentication data and the data signature based on a preset authentication file, wherein the authentication file is an executable file which is compiled according to a target language package and accords with a system adapted to the client. Optionally, the authenticating the application to be authenticated based on the preset authentication file according to the ciphertext authentication data and the data signature includes: acquiring a secret key held by the client based on the authentication file; decrypting the ciphertext authentication data based on the key to obtain plaintext authentication data; generating a reference data signature based on the plaintext authentication data; And authenticating the application to be authenticated based on the plaintext authentication data under the condition that the reference data signature is matched with the data signature. Optionally, the acquiring the key held by the client based on the authentication file includes: Invoking the key of plaintext from a specified library defined in the authentication file based on a specified library invocation function; Or obtaining the disguised key from the authentication file, and restoring the disguised key to obtain the plaintext key. Optionally, the disguised key is obtained by obfuscating the plaintext key, and the disguised key is stored in the authentication file. Optionally, the target language package is written based on a specified language supporting compilation into an intermediate language supporting an interpreter that adapts to different systems, the method further comprising: Compiling the target language package into a file conforming to the intermediate language; And compiling the file conforming to the intermediate language according to an interpreter corresponding to the system adapted by the client to obtain the authentication file. Optionally, the method further comprises: the authentication file is pre-packaged as a target interface, and the authentication of the application to be authenticated based on the preset authentication file according to the ciphertext authentication data and the data signature comprises the following steps: and calling the target interface to authenticate the application to be authenticated according to the ciphertext authentication data and the data signature based on the preset authentication file. According to a second aspect of embodiments of the present disclosure, there is provided an authentication apparatus, applied to a client, including: The sending module is configured to respond to the authentication triggering operation and send an authentication data acquisition request of the application to be authenticated to the server; the receiving module is configured to receive ciphertext authentication data and a data signature returned by the server in response to the authentication data acquisition request; and the authentication module is configured to execute authentication on the application to be authenticated according to the ciphertext authentication data and the data signature based on a preset authentication file, wherein the authentication file is an executable file which is compiled according to a target language package and accords with a system adapted to the client. Optionally, the authentication module includes: An acquisition sub-mod