Technical background
For ease of describing and understanding the present invention, now provide being explained as follows of the noun of being correlated with in the prior art:
OTA:Over The Air, promptly aerial, wireless mode
J2ME:Java 2 Micro Edition promptly are fit to the Java that small hand-held system (comprising portable terminal) uses
MIDP:Mobile Information Device Profile, Mobile Information Device Profile is the technical specification of J2ME, two versions is arranged at present, i.e. MIDP1.0 and MIDP2.0.MIDP2.0 is the upgraded version of MIDP1.0, backward compatible MIDP1.0 standard
JAR:Java Archive, the Java APMB package
KVM: K word assistant warden java virtual machine, the Java Virtual Machine of mini-plants such as mobile phone, at the less fact of this kind equipment internal memory, the internal memory that it needs is a unit with kilobytes (k)
The Java file: the java source code file is extension name usually with .java
The Class file: the java binary executable after the compiling, operate on the java virtual machine, be extension name usually with .class
Bytecode (bytecode): refering in particular to the binary executable code that comprises in the class file, is the combination of java virtual machine instructions
Class (class): be the base unit of functional module in the Java language, comprise several Java Method.In the binary system issue bag after compiling, the corresponding class of each class file
The MIDlet:MIDlet class is the superclass (parent) of the inlet class of all J2ME softwares.Sometimes also use the MIDlet term to refer to a J2ME software
Java Method:Java method, it is the base unit of logical combination in the Java language, be commonly referred to function f unction or process procedure in other programming language (as C and Pascal), in the class file after compiling, bytecode also is that unit makes up and exists with method
Compiling: source file is converted to the process of executable code, refer in particular to conversion hereinafter from the java source code to the class file
Decompiling: binary executable is reduced into the transfer process of source code, refers in particular to conversion hereinafter from the class file to the java source file
Pre-verification (preverify): use the class file after the Java compiler compiles to pass through pre-checking treatment, class file after the processing could correctly be written into operation by KVM, J2ME has alleviated the burden of KVM on the one hand with pre-verification scheme, has still guaranteed the correctness of class file on the one hand.
Obscure (obfuscate): a kind of binary executable is handled; under the prerequisite of reprogramming operation logic not; by debugging and the supplementary in the deletion execute file; revise variable, method name; change means such as pack arrangement; the source code readability that executable file decompiling after feasible the processing obtains descends greatly, thereby reaches the method for protection developer intellectual property.
The J2ME technology is proposed by U.S. sun company, and being intended to provides transplantable java extension mechanism for small hand-held wireless devices such as mobile phones.From then on technology proposes the time passed through several years till now, has obtained cell phone manufacturer, operator, software developer's extensive support.At present, we can say that the mobile phone of supporting J2ME is universal in worldwide.Yet, there is survey data to show, in the Java of China cellphone subscriber, only have an appointment 30% for downloading the J2ME application and playing and pay, most of user uses pirate cell phone software.This is because J2ME software makes that application is easy to crack very much, and is difficult to illegal propagation is control effectively owing to its geneogenous security flaw.The illegal propagation phenomenon of J2ME software is not only to occur in China, is faced with similar situation abroad yet.
Situation at a large amount of bootleggings of J2ME software quilt and use, OMA international organization (OpenMobileAlliance.org) has proposed (the Digital RightsManagement of the DRM on the wireless device, digital copyright management) scheme is used for preventing that J2ME software from illegally being propagated.DRM is content (picture, the tinkle of bells, theme, recreation, application ...) and rights of using separate, people pay to the right to use rather than content itself are paid.Yet the scheme of OMA needs the special support of hardware, that is to say the existing terminal that can't be applicable to the huge radix of possessing on the market.
Fig. 1 is the schematic diagram of a kind of method for protecting software based on the DRM scheme of prior art.This method for protecting software is proposed by more external companies (such as Wi-software).According to the method, by certain technological means, in J2ME software, add some Authority Verification codes automatically.Therefore the user will, have only the user who has passed through the authority detection just can have access to real content earlier through the detection of authority before having access to real content.As shown in Figure 1, carry out the authority detection, have only and passed through the authority detection, just can have access to the software main logic by embed the legitimate verification logic in inlet class (MIDlet).
Yet, be that this method for protecting software based on the DRM scheme of representative still exists weak point with Wi-software.For domestic consumer, it can play some and prevent the illegal purpose of propagating and using, but, for veteran cracker, such as grasped the technical staff who necessarily cracks technology, might crack by the means of " decompiling-erase right detection of code-recompilate-repack " such medelling.For such technical staff, be that this method for protecting software based on the DRM scheme of representative does not just have due anti-deciphering effect with Wi-software.
Fig. 2 is a kind of method for protecting software based on registration code of prior art.This method is by some software developers on stream, the software of developing for preventing is illegally used in the future, in program artificial adding the registration code authentication mechanism, require the user must buy the repertoire that a legal registration code or sequence number could access software.As shown in Figure 2, in the software main logic, add the registration code verifying logic.Like this, when running software, will carry out the registration code verifying logic, the user must use registration code or the sequence number of buying separately, could pass through the registration code verifying logic, and then the repertoire of access software.
Yet because the restriction of cell phone software technology platform, registration code can't be realized binding with mobile phone terminal.That is to say that the user of some malice after can obtaining a legal registration code fully propagates its copy with software.Therefore this scheme can't prevent effectively that equally software from illegally being propagated and use, thereby can not effectively protect software developer's software development achievement.And furtherly, the method that experienced cracker can say according to the front equally navigates to the registration Validation Code, repacks issue with this code deletion or after distorting.
Thus, need provide a kind of better method for protecting software, to prevent that J2ME software from being propagated and use so that modes such as network download are illegal.
Embodiment
Fig. 3 is the block diagram of software cryptography of the present invention and verification method.Software cryptography of the present invention and verification method use java class deformation technology, directly a plurality of classes (Class) file in the binary system issue bag (JAR bag) of cell phone software are carried out encryption.As shown in Figure 3, functional module A-D is the class file in the JAR bag, and all or part of functional module among the functional module A-D is encrypted.In the present invention, this encryption can realize by adding the active coding Validation Code.Yet the present invention is not limited in this mode, also can realize as the encryption that produces at random by adding other password.
Protected JAR bag after the processing remains a legal J2ME program, can normal mounting on the mobile phone terminal.But protected JAR bag the whole active codings that provided by server is provided could normally moves, and its can upgrade active coding from the trend server requests.
According to the present invention, the active coding verifying logic of adding is not that simple concentrating is present in a fixing position, but may reside among the Java Method of a plurality of class files, even spreads all over the Java Method of all class files.Because active coding of the present invention produces logic fully at server end, the cracker can't derive active coding according to encrypted content and produce algorithm.
According to the present invention, the active coding that is added not is effectively permanent.The present invention distributes the date and time restriction for the active coding that is added.For example, active coding is preceding effectively on certain date (as on December 31st, 2006).Perhaps, active coding is effective in several hours~several days time.Certainly, be not what fix for the restriction of date and time, but can in realizing process of the present invention, select according to actual conditions.
According to the present invention, rights of using exist with the form of active coding, and active coding is only effective in certain date or time limited field.For example, the active coding verifying logic of embedding can the using system date as an input of checking computing, active coding must could pass through to verify with the system data coupling.Using with unmatched active coding of date to cause program that unpredictable mistake takes place.For example, protected J2ME program will be upgraded active coding from the trend server requests when moving for the first time every day.Certainly, interval from active coding to server requests that upgrade is not limited to one day, and can be several hours, several days or longer date.
According to the present invention, rights of using can also limit by the regulation access times.For example, can set the access times of a regulation to the active coding verifying logic that embeds, every regular hour (as one day or several hours) excessively, then number of times subtracts 1.When number of times reduced to 0, active coding became invalid, must upgrade active coding and could continue to use software.The present invention is not limited at a certain time interval (as one day or several hours) to the qualification of number of times and is used as the chronomere that number of times successively decreases, and the present invention also can be set at number of times each software startup and then subtract 1.
The present invention can adopt binary data as active coding.Because binary data does not have readability, therefore be difficult to be made a copy of and propagate.In addition, because the present invention is provided with date and/or time restriction to active coding, therefore, under the relatively shorter situation of date or time, make the behavior of propagating active coding lose meaning.
In addition, the present invention also is not limited to only add password (or active coding) in the class file of JAR bag, but the inlet class (MIDlet) that the present invention can wrap JAR, software main logic, each functional module are all as the object of encrypting.As shown in Figure 3, active coding of the present invention can be added among inlet class (MIDlet), software main logic and a plurality of functional module A-D simultaneously.
The check of active coding and new technological process more
The active coding check that the present invention embeds in JAR bag and more new logic can represent with the flow chart of following Fig. 4-Fig. 6.
Fig. 4 is the flow chart of active coding check of the present invention and renewal.The present invention uses the class deformation technology to add active coding check and new logic more in client (just JAR bag).And, provide a corresponding server end program at server end, in order to produce legal active coding and to provide active coding to it according to the request of client.Server can be controlled completely to the generation and the granting of active coding, and then realizes various tariff mode.
As shown in Figure 4, after the J2ME software on the mobile phone is activated, at step S1, the validity of programmed check active coding.If active coding is effective, then directly enter the software main logic.Become invalidly if in step S1, judge active coding, then obtained user's unique identification (ID) at step S2.At step S3, mobile phone sends request to server, to obtain the active coding of renewal.In response to this request, at step S4, server returns the active coding of renewal and the rights of using of renewal judging under the correct situation of user's unique identification.The use claim of this renewal can be the time or date restriction of upgrading, and also can be available number of times restriction.At step S5, mobile phone is preserved user ID, the active coding of renewal and the rights of using of renewal.
Fig. 5 is the active coding check of Fig. 4 and the particular flow sheet of the check active coding validity in the renewal process.As shown in Figure 5, at step S11, at first judge whether to exist active coding.If being active coding, judged result do not exist, active coding invalid ("No") then, and program enters the step S2 of Fig. 4, to obtain new active coding.Exist if in step S11, judge active coding,, judge further whether current active coding rights of using are effective, promptly judge whether before the use date of regulation or within the official hour length or within the available number of times of regulation then at step S12.If judged result be active coding invalid ("No"), then enter the step S2 of Fig. 4, to obtain new active coding to server requests.If it is effective to judge the rights of using of active coding in step S12, promptly, then available number of times is subtracted 1, and enter the software main logic before the use date of regulation or within the official hour length or within the available number of times of regulation.
In the embodiment of Fig. 5, if set rights of using are available number of times, then the available number of times that is judged as active coding greater than 0 situation under, available number of times is subtracted 1, and enters the software main logic.
Fig. 6 is the active coding check of Fig. 4 and the particular flow sheet that obtains user's unique identification (ID) in the renewal process.As shown in Figure 6, at step S21, mobile phone is written into user's unique identification from this locality.This user's unique identification can be the password of phone number or setting, also can be the unique ID that is embedded in the JAR bag in advance by the present invention.If successfully obtain user's unique identification, then enter the step S3 of Fig. 4, with the active coding of further acquisition renewal.If the step S21 at Fig. 6 does not obtain user's unique identification, then input its unique identification (as cell-phone number or password) step S22 request user.At step S23, whether the sign that the mobile phone inspection user is imported is effective.If effectively, then enter the step S3 of Fig. 4, with the active coding of further acquisition renewal.If invalid, then return step S22.
In Fig. 6, whether mobile phone is effective in the sign of step S23 inspection user input.Yet, the present invention is not limited to this, mobile phone can just send to server side without check with the unique identification of user's input, and judge whether to be effectively user's unique identification, and when being judged as effective user's unique identification, return the active coding of renewal and new rights of using to mobile phone by server side.
Top flow process has been described a kind of universal scheme, and for Mobile Network Operator, because they can directly obtain user's unique identification (phone number) according to the network requests of mobile phone, can omit so obtain the process of the unique ID of user, flow process can also be simplified more like this.In this case, server identification cellphone subscriber's unique identification judges whether to be validated user according to unique identification, and is being judged as under the situation of validated user, returns the active coding of renewal and/or the rights of using of renewal to mobile phone.In this case, except the primary network request (for the consideration of secure context, after needing the user to confirm usually, Java Runtime Environment on the mobile phone just allows Java softward interview network, this point is different with the PC online), other process does not need fully with user interactions, more transparent to the user, user's experience is better.
An example of active coding verifying logic
Embedded the active coding verifying logic among a plurality of Java Method of the present invention each class in the JAR bag, cracked difficulty with raising.In one embodiment of the invention, active coding and date on same day coupling.In this case, the code of adding is a simple expression formula checking, and its logic can be with following false code approximate representation:
If (the timing code on<same day〉<computing〉<the method feature sign indicating number 〉)!=<method active coding 〉)
return;
}
Wherein:
A.<same day timing code be this Time of Day numeral through computing, require in these in a few days any two moment, computing obtains<same day timing code equate that and in two moment neither waiting arbitrarily in the date, the timing code of computing acquisition does not then wait;
B.<computing be add, subtract, arithmetic or logical operation such as XOR;
C.<and the method feature sign indicating number〉add a feature numeral relevant with ad hoc approach by the present invention.Server end writes down all feature numerals, and the active coding of generation and its coupling;
D.<and the method active coding〉be the part (one or more elements of array) from the active coding that server end obtains.
In actual applications, software cryptography of the present invention and verification method also adopt following means to reduce the feature of inserting code, write to prevent that the cracker from touching out that computer program is auxiliary to be cracked after certain rules or the pattern:
1. handle at random<same day timing code〉or<the method active coding〉first assignment gives local variable, re-uses local variable and participates in the expression formula checking, and the virtual machine instructions that uses in the Validation Code of Sheng Chenging is different like this;
2. utilize addition, XOR, logic relatively to wait computing to satisfy the characteristic of exchange rate, each position in the change expression formula at random;
3. be not to add a position to inserting in the code set, but the insertion virtual machine instructions of looking for some positions to disperse at random in the front portion of Method;
4. use several diverse ways to obtain system time and computing<same day timing code at random 〉;
5. the static variable of using in the expression formula checking, at random, being distributed in each class of disperseing.
What time combine above, select for use at random, extremely difficult common trait or the pattern of finding out each pass point in the bytecode of the final class file that produces, so coding like this cracks automatically hardly may.Because active coding of the present invention produces logic fully at server end, the cracker also can't derive active coding according to encrypted content and produce algorithm.For the people who attempts to crack, he must find all encrypted locations, and makes amendment one by one on the binary system byte sign indicating number of all encryption methods, as long as the place that has one or two place to omit will cause taking place in the program running unpredictable mistake.Simultaneously, the present invention can also carry out targetedly " anti-decompiling " to the class file and handle, most class files after the processing all can not be by main flow decompiler (jad, jode etc.) decompiling fully makes the simple crack method of " decompiling---modification---recompility " thoroughly lose efficacy.
In this embodiment of the present invention, for example, can the using system date or time as an input of checking computing, active coding must could pass through to verify with the system date and time coupling.Using with the unmatched active coding of date or time to cause program that unpredictable mistake takes place.For example, every preset time (such as one day), protected J2ME program will be upgraded active coding from the trend server requests.
The control of server end
The basic duty of server end is: the update request of response cell phone software, checking request legitimacy generates active coding, and provides active coding according to tariff mode and user's relation of ordering.Server end is more flexible, can expand accordingly according to real needs.
Protected J2ME software can comprise following parameter in the active coding update request that server is initiated:
1. the unique number of software, server end uses this to number to determine the tariff mode of this software;
2. user's unique identification (cell-phone number/password), server end uses this to identify the relation of ordering of discerning validated user and safeguarding this user;
3. initiate request mobile phone local zone time constantly, because may there be certain error in the time of mobile phone with server time, so server uses this time to determine the margin of error.
Whether server end can be selected normally to respond according to above parameter:
1. user's unique identification correct (cell-phone number and password coupling), and user has the relation of effectively ordering to software, then normally provides active coding;
2. user's unique identification mistake (cell-phone number and password do not match) is refused to respond;
3. the user does not effectively order relation to software, and refusal is responded;
4. too much in the same position user one day to the active coding request number of times, think that then this user's unique identification is illegally propagated, can refuse to respond;
5. mobile phone time in the request and server time phase difference too much (such as 1 day) have then been thought user's malicious modification the cell phone system time, can refuse to respond;
Server end comprises following content in the data that protected J2ME software is responded:
1. conditional code, normal or mistake is for this coded representation error code of the situation of makeing mistakes;
2. new active coding;
3. new available number of times uses available number of times can realize the metering tariff mode.
Software cryptography of the present invention and verification method have following technological merit:
1. can be fully realize, do not need the special support of equipment, applicable to most terminals on the market based on the MIDP1.0 technical specification.
2. software cryptography of the present invention and verification method have been continued to use the thought of digital copyright management, that is: the content and the right to use are separated, can propagate arbitrarily through the content of encrypting, but must obtain to use this content after the suitable right to use, comprise the necessary data that content is decrypted in the rights of using object.The present invention has fully taken into account the limitation of existing hardware platform and software engineering, and the various means that crack have all been designed corresponding countermeasure.The present invention is perfect, reliable, healthy and strong DRM solution, peeling off of the rights of using success of content itself and content.Content is encrypted, can propagate in any way, can normal mounting, and could normal operation but must obtain suitable rights of using from server end.And rights of using also can be used multiple mode, be sold by multiple channel.Can realize that with service time and access times be unit, very flexibly the rate control model.
3. by technological means, directly final binary executable (.class file) is encrypted.The developer needn't consider Copyright Protection fully in development process, and can all put into energy in the exploitation of content.
Active coding more new technological process (for example, only taking place once in one day) regularly takes place, very little to the influence of user experience.And the active coding Validation Code that adds is minimum to the performance impact of software.
5. the code of Jia Ruing is simplified very much, and is very little to the influence that software issue inclusion is long-pending, and can control by the quantity that changes pass point,
In sum, software cryptography of the present invention has been carried out the content of software itself effectively to separate with its rights of using with verification method, and copy is free to propagate, and could normally use with corresponding rights of using but must obtain suitable active coding.The generation of active coding and the granting of authority are then fully by server controls, safely and reliably.The characteristic that the invention enables wireless softwares such as J2ME to be easy to propagate no longer becomes software developer's enemy, on the contrary, becomes the strong approach that they open up a market.
Though describe the present invention with reference to specific embodiment above, clearly, under the prerequisite that does not break away from main spirit of the present invention and category, can carry out various modifications and change to these embodiment.So, should be interpreted as specification and accompanying drawing illustrative rather than restrictive.