Search

CN-121980621-A - Integrity verification method, device and equipment applied to open source software source code

CN121980621ACN 121980621 ACN121980621 ACN 121980621ACN-121980621-A

Abstract

The application relates to the technical field of code data management, and discloses an integrity checking method, a device and equipment applied to source codes of open source software, wherein the method comprises the steps of screening target files belonging to a target type from all files of an open source project; the method comprises the steps of creating a blank image, numbering the blank image, counting the data capacity of the target files according to the target types, sorting the target files of the same target type according to the sequence from large to small of the data capacity, sequentially obtaining the number of lines, the number of words and the number of bytes of the sorted target files of the same target type, determining the RGB value of the target files of the same target type by combining with a preset adjusting factor, and sequentially updating the pixel points of the blank image to obtain a path trend standard graph so as to determine file check codes. The method has the effect of improving the safety of the integrity check of the source code of the open source software.

Inventors

  • ZHOU SHIQI

Assignees

  • 中国移动通信集团广东有限公司
  • 中国移动通信集团有限公司

Dates

Publication Date
20260505
Application Date
20251229

Claims (10)

  1. 1. An integrity checking method applied to open source software source code is characterized by comprising the following steps, Acquiring all files of a pre-uploaded open source project; Screening target files belonging to the target type from all files; counting the total number of the target files under each target type and the total number of each target type according to each target type of the target files; creating blank images according to the total number of the target files under each target type and the total number of each target type, and numbering the blank images in rows, wherein the row numbers of the blank images are in one-to-one correspondence with each target type of the target files; counting the data capacity of the target files according to each target type, and sequencing the target files of the same target type according to the sequence from the large data capacity to the small data capacity; sequentially acquiring the number of lines, the number of words and the number of bytes of the ordered target files of the same target type, determining the RGB value of the target files of the same target type by combining with a preset adjusting factor, and sequentially updating the pixel points of the lines of the target type of the target file corresponding to the blank image to obtain a path trend standard graph; determining a file check code of the pre-uploaded open source item based on the path trend standard diagram; and carrying out integrity check by using the file check code.
  2. 2. The method for integrity checking as claimed in claim 1, wherein the step of determining the file check code of the pre-uploaded open source item based on the path trend standard graph comprises, Indexing a target pixel point corresponding to an original pixel point of the target file of the pre-uploaded open source item in the path trend standard graph by adopting a color similarity algorithm; matching a target path in all conversion paths from the coordinates of the original pixel point to the coordinates of the target pixel point; Acquiring all conversion coordinates contained in the target path when the coordinates of the original pixel point are converted into the coordinates of the target pixel point, and determining each movement signal quantity from the original pixel point to the target pixel point; splicing the moving semaphores to obtain moving check codes of the target files of the target types; and determining the file check code of the pre-uploaded open source item according to the mobile check codes of the target files of all target types.
  3. 3. The method for verifying the integrity of open source software source as defined in claim 2, wherein the step of indexing the target pixel points corresponding to the original pixel points of the target file of the pre-uploaded open source item in the path-oriented standard graph by using a color similarity algorithm comprises, Sorting the target files of the pre-uploaded open source items according to the sequence of the file data capacity of each target type from large to small; the pixel points corresponding to the target files of the target types after sequencing in the pre-uploaded open source item are indexed in the path trend standard diagram and serve as the original pixel points; And calculating a pixel point with the minimum first color difference value, the minimum second color difference value and the minimum third color difference value with the original pixel point in the path trend standard diagram by using a color similarity algorithm as the target pixel point, wherein the target pixel point is not overlapped with the original pixel point.
  4. 4. The method of claim 2, wherein the step of matching the target path among all conversion paths from the coordinates of the original pixel point to the coordinates of the target pixel point comprises, Based on the binary system, upward, downward, leftward and rightward movement signals of 00, 01, 10 and 11 are respectively given, and the movement offset of the coordinates of each conversion is set to 1; Selecting any conversion path with the abscissa of 00 of the first coordinate from all conversion paths from the coordinates of the original pixel point to the coordinates of the target pixel point, and acquiring the conversion coordinates of the conversion paths according to a moving sequence; and screening the conversion path with the minimum total number of conversion coordinates as the target path.
  5. 5. The method for integrity checking as in claim 4, further comprising the step of, When no conversion path with the abscissa of the first coordinate being 00 exists, any conversion path with the abscissa of the first coordinate being 01 is selected from all conversion paths from the coordinates of the original pixel point to the coordinates of the target pixel point, and the conversion coordinates of the conversion paths are acquired according to the moving sequence.
  6. 6. The method of claim 4, wherein the step of obtaining all transformed coordinates included in the target path when transforming from the coordinates of the original pixel to the coordinates of the target pixel, determining each movement semaphore from the original pixel to the target pixel comprises, Sequentially comparing the coordinates of the original pixel point with all the converted coordinates of the target pixel point, and taking 11 as the movement signal quantity of the original pixel point and the target pixel point when the abscissa of the original pixel point is added with 1 relative to the abscissa of the target pixel point; subtracting 1 from the abscissa of the original pixel point relative to the abscissa of the target pixel point, and taking 10 as the movement signal quantity of the original pixel point and the target pixel point; When the ordinate of the original pixel point is increased by 1 relative to the ordinate of the target pixel point, taking 00 as the moving signal quantity of the original pixel point and the target pixel point; And when the ordinate of the original pixel point is subtracted by 1 from the ordinate of the target pixel point, taking 01 as the movement signal quantity of the original pixel point and the target pixel point.
  7. 7. The method for integrity checking as claimed in claim 2, wherein the step of determining the file check code of the pre-uploaded open source item according to the mobile check code of the object file of each object type comprises, And splicing the mobile check codes of the target files of all target types to obtain the file check codes of the pre-uploaded open source items.
  8. 8. The method for integrity checking as claimed in any one of claims 1 to 7, wherein the step of integrity checking using the file check code comprises, Cutting the file check codes to obtain the mobile check codes of the target files of all target types; Respectively comparing the mobile check codes of the target files of all target types with a preset file matching comparison table in a consistency manner; When each mobile check code is consistent with a corresponding standard check code in a preset file matching comparison table, judging that the pre-uploaded open source project file passes the integrity check; And when any mobile check code is inconsistent with the corresponding standard check code in the preset file matching comparison table, judging that the pre-uploaded open source project file is incomplete.
  9. 9. An integrity checking device applied to open source software source code is characterized by comprising, The data module is used for acquiring all files of the pre-uploaded open source project; The screening module is used for screening target files belonging to the target type from all files; The statistics module is used for counting the total number of the target files under each target type and the total number of each target type according to each target type of the target files; The blank image module is used for creating blank images according to the total number of the target files under each target type and the total number of each target type, carrying out line numbering on the blank images, and enabling the line numbers of the blank images to correspond to each target type of the target files one by one; The sorting module is used for counting the data capacity of the target files according to each target type, and sorting the target files of the same target type according to the sequence from the large data capacity to the small data capacity; The path trend standard diagram module is used for sequentially acquiring the number of lines, the number of words and the number of bytes of the ordered target files of the same target type, determining the RGB value of the target files of the same target type by combining with a preset adjusting factor, and sequentially updating the pixel points of the blank image corresponding to the lines of the target types of the target files to obtain a path trend standard diagram; the check code module is used for determining a file check code of the pre-uploaded open source project based on the path trend standard diagram; and the integrity detection module is used for carrying out integrity check by utilizing the file check code.
  10. 10. A computer device comprising a memory, a processor and a computer program stored on the memory, the processor executing the computer program to perform the steps of the method of any one of claims 1 to 8.

Description

Integrity verification method, device and equipment applied to open source software source code Technical Field The present application relates to the field of code data management technologies, and in particular, to an integrity verification method, apparatus and device applied to open source software source codes. Background At present, code data management of open source software is that project personnel upload source codes of the open source software to a project code management platform, the project code management platform is used for managing the source codes instead, other people research and re-expand the source codes of the open source software by downloading the source codes through the platform, and in this way, the technology sharing and the technology innovation are achieved, and the platform needs to carry out integrity check on the source codes of the open source software when receiving the source codes. In the prior art, the integrity check is carried out on the received source code of the open source software by adopting a hash algorithm, but the types of the existing hash algorithms are less, and due to the public characteristics of the source code of the open source software, a third party can verify a specific used algorithm through a plurality of existing hash algorithms, and after verifying the specific algorithm, the third party can easily insert codes such as scripts and the like into the source code and simulate a new check code by using the algorithm, so that the integrity check function of the platform on the transmitted source code is completely disabled. Aiming at the related technology, the inventor finds that the existing integrity checking method of the open source software source code has the problems of easy cracking and poor safety. Disclosure of Invention In order to improve the safety of integrity verification of the source code of the source software and increase the cracking difficulty of the integrity verification method of the source code of the source software, the application provides an integrity verification method, device and equipment applied to the source code of the source software. In a first aspect, the present application provides an integrity verification method applied to open source software source codes. The application is realized by the following technical scheme: An integrity checking method applied to open source software source code comprises the following steps, Acquiring all files of a pre-uploaded open source project; Screening target files belonging to the target type from all files; counting the total number of the target files under each target type and the total number of each target type according to each target type of the target files; creating blank images according to the total number of the target files under each target type and the total number of each target type, and numbering the blank images in rows, wherein the row numbers of the blank images are in one-to-one correspondence with each target type of the target files; counting the data capacity of the target files according to each target type, and sequencing the target files of the same target type according to the sequence from the large data capacity to the small data capacity; sequentially acquiring the number of lines, the number of words and the number of bytes of the ordered target files of the same target type, determining the RGB value of the target files of the same target type by combining with a preset adjusting factor, and sequentially updating the pixel points of the lines of the target type of the target file corresponding to the blank image to obtain a path trend standard graph; determining a file check code of the pre-uploaded open source item based on the path trend standard diagram; and carrying out integrity check by using the file check code. The present application may be further configured in a preferred example, wherein the step of determining the file check code of the pre-uploaded open source item based on the path-trend standard graph comprises, Indexing a target pixel point corresponding to an original pixel point of the target file of the pre-uploaded open source item in the path trend standard graph by adopting a color similarity algorithm; matching a target path in all conversion paths from the coordinates of the original pixel point to the coordinates of the target pixel point; Acquiring all conversion coordinates contained in the target path when the coordinates of the original pixel point are converted into the coordinates of the target pixel point, and determining each movement signal quantity from the original pixel point to the target pixel point; splicing the moving semaphores to obtain moving check codes of the target files of the target types; and determining the file check code of the pre-uploaded open source item according to the mobile check codes of the target files of all target types. The present application may be further configur