Background technology
The key factor that will consider when software protection is software publishing, so-called software protection are meant that the software user should could normally use software after authorized.Can guarantee that to software protection software is not by illegal distribution.Because its safe coefficient height, more and more general is applied among the software publishing with the checking method for protecting software that combines of hardware.This method is generally the checking hardware that one of every cover software distribution has unique identifying number, and when using software, requirement must provide normally operating software of this checking hardware simultaneously.That is to say, only have with the corresponding checking hardware of software and just can obtain use authority, so just guaranteed that software can not be by illegal distribution.
In the prior art,, need in the function code of finishing the software kernels function, insert extra protection code, go to carry out coherent detection by the protection code in order to allow software detect corresponding with it checking hardware information in the process of implementation; Simultaneously, function code is made certain modification, make function code in finishing the process of Core Feature, call the protection code.Owing to prevent the problem that software need be paid close attention to by the illegal distribution person that is the software publishing, therefore protect the exploitation and the insertion of code, and the design of supporting checking hardware finished by the software publishing person.This just needs the software publishing, and the person must obtain the source code of software from the software developer before distributed software.
But along with software publishing person and software developer are more and more independent, the software publishing person can't obtain the source code of software usually.Even obtained the source code of software, also need to finish function code and revise, protect work such as code insertion and recompility.This process steps is various, can prolong the cycle of software publishing; And the person has almost same with software developer exploitation condition to require the software publishing, so can increase the cost of software publishing.
Summary of the invention
In view of this, fundamental purpose of the present invention is to provide a kind of method of software protection, and the person that makes the software publishing need not to obtain software source code and can protect the software that will issue.
In order to achieve the above object; the invention provides a kind of method of software protection, be every part of corresponding defence program of kernel program configuration that needs protection, and convert kernel program to form that target platform can't move; start defence program when using kernel program earlier, this method also comprises:
Steps A, defence program judge whether by authority checking, if pass through then execution in step B, otherwise interrupt current treatment scheme;
Step B, defence program read the kernel program that target platform can't move, and convert thereof into the volatile memory that is stored in target platform behind the form that target platform can move, and start kernel program then.
Wherein, describedly convert kernel program to form that target platform can't move and be: kernel program is encrypted;
Describedly convert kernel program to form that target platform can move and be: kernel program is deciphered.
Wherein, described kernel program is encrypted as:
With identical key the kernel program that is about to be stored in the different storage mediums is encrypted.
Wherein, described kernel program is encrypted as:
For the kernel program that is about to be stored in the different storage mediums distributes the key that has nothing in common with each other, every part of kernel program is encrypted with the key of this part kernel program correspondence.
Wherein, described key is relevant with the hardware identification number of described storage medium.
Wherein, described storage medium is: flash card or flash disk.
Wherein, further be every part of corresponding checking hardware of kernel program configuration, described judging whether by authority checking is:
Authority checking flow process according to based on checking hardware has judged whether to provide correct checking hardware, if then think by authority checking, otherwise thinks by authority checking.
Wherein, described checking hardware is the storage medium of storage kernel program and defence program.
Wherein, further comprise after the step B:
Defence program stops the operation of self.
Adopt technical scheme provided by the present invention; be that executable program with software changes into the form that target platform can't move before software publishing; be again the executable program of software to be reverted to the form that target platform can move when software uses by defence program; that is to say, only the executable program of software is handled.This shows that the executable program that the software publishing person only needs to obtain software from the software developer can be protected software, and do not need to obtain the source code of software.The content of being absorbed in separately to be paid close attention to that makes so at first that software publishing person and software developer can walk abreast, promptly the software developer is absorbed in the software kernels function development, and the software publishing person is absorbed in the exploitation of Software Protection Technique; Next has reduced the requirement of the condition of developing for the software publishing person, thereby has reduced the cost of software publishing, has shortened the cycle of software publishing.
Embodiment
Core concept of the present invention is; the software publishing person protects the executable program of software to convert to behind the form that target platform can't move desire and supporting checking hardware is together issued; when need moving the executable program of desire protection software, target platform carries out authority checking by another executable program earlier; then desire is protected the executable program of software to revert to the form that target platform can move if the verification passes, started the executable program of desire protection software then.In the present invention, the executable program of desire protection software is called kernel program, and another executable program is called defence program, and kernel program and defence program are one to one.
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with drawings and the specific embodiments.
Please refer to Fig. 1, Fig. 1 is the treatment scheme of embodiment when software publishing of method for protecting software provided by the invention.
Step 101 is stored on the distribution media after converting kernel program to form that target platform can't move, and the kernel program filename is changed to a temporary file name.
Converting kernel program to form that target platform can't move can have a variety of methods, for example kernel program is encrypted, and perhaps the data of kernel program is done certain transcoding, coding transform.Like this, have only through deciphering or inverse transformation and could move kernel program at target platform.
Especially, if adopt method of encrypting to convert kernel program to form that target platform can't move, can adopt dual mode in the time of encryption: a kind of mode be all to issue what stored on the distribution media of this software all be that kernel program is through the form after the same secret key encryption; Another kind of mode is that what to be stored on the distribution media of every part of this software of distribution is that kernel program is through the form after the different secret key encryptions.
Step 102 is stored in the defence program corresponding with kernel program on the distribution media, and the defence program filename is changed to the kernel program old file name.
Defence program is the executable program that can move on target platform, and its effect is to carry out authority checking after startup, then kernel program is converted to the form that target platform can move if the verification passes, and carries out kernel program.Here,, whether provide correct checking hardware to judge the user if the authority checking technology that is based on checking hardware that adopts so, is describedly carried out authority checking and referred to and detect the check verify hardware information,
Step 103 is issued distribution media and corresponding checking hardware together.
Between distribution media and the supporting checking hardware is to concern one to one, and the distribution media that each part stores software and defence program all has corresponding with it supporting checking hardware.
Especially, if with flash card as the distribution media, so can be with same flash card as supporting checking hardware.Because each flash card all has a unique identification number, defence program can judge whether the software user provides correct checking hardware according to this identification number when using software.
If in step 102, what stored on the distribution media of every part of this software of distribution is kernel program through the form after the different secret key encryptions, and the key that adopts when encrypting so can be relevant with the identification number of supporting checking hardware.
In step 102, if the authority checking technology that is not based on checking hardware that described authority checking is adopted so just can be omitted step 103.
Please refer to Fig. 2, Fig. 2 is the treatment scheme of embodiment when software uses of method for protecting software provided by the invention.
Step 201, running protection program on target platform.
Step 202, defence program check whether supporting checking hardware exists, if exist then execution in step 203, otherwise execution in step 207.
Step 203, defence program read the identification number of supporting checking hardware.
Step 204, defence program are checked the identification number of supporting checking hardware, judge whether this supporting checking hardware is complementary with the distribution media of storing kernel program and defence program, if mate then execution in step 205, otherwise execution in step 207.
Step 205, defence program write in the volatile memory of target platform after converting kernel program to form that target platform can move.
In software publishing, kernel program is stored in the distribution media after being converted into the form that target platform can't move.After the kernel program that defence program can't move target platform from the distribution media read and convert to the form that target platform can move, the kernel program that target platform can be moved write on the volatile memory of target platform.
Why to use the volatile memory of target platform; be because if the protected program of the kernel program that target platform can move has write the nonvolatile memory of target platform; so after running software stops; just can from the nonvolatile memory of target platform, read the kernel program that target platform can move and distributed, thereby can on other target platforms, directly move kernel program.And kernel program is not done relevant authority checking when operation, does not just possess the software protection function yet.And the volatile memory of use target platform; after running software stops; the shared storage space of the kernel program that target platform can move is released; so just can't from volatile memory, read the kernel program that target platform can move; thereby all must start defence program earlier when needing the operation kernel program at every turn; through relevant authority checking, and then guaranteed that software not by illegal distribution, realized software protection.
Especially, if the mode of adopt encrypting before software publishing converts kernel program to form that target platform can't move, so described herein with kernel program convert to form that target platform can move for and kernel program is deciphered.
Step 206, defence program starts kernel program, and stops the operation of defence program self, finishes this flow process.
Step 207, defence program think that soft ware authorization checking do not pass through, and can not use software.
For not by the situation of authority checking, defence program can stop the operation of self; Also can point out user's authority checking not stop the operation of self by the back; Can also point out the user that correct checking hardware is provided.
Above-mentioned steps 202 is exactly the process of authority checking to step 204 in fact.In this specific embodiment, the authority checking technology that is based on checking hardware of employing.In actual applications, can also adopt other authority checking technology, for example based on authority checking technology of sequence number etc.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.