CN103106355A - Implementation method and system of software version protection - Google Patents
Implementation method and system of software version protection Download PDFInfo
- Publication number
- CN103106355A CN103106355A CN2011103610000A CN201110361000A CN103106355A CN 103106355 A CN103106355 A CN 103106355A CN 2011103610000 A CN2011103610000 A CN 2011103610000A CN 201110361000 A CN201110361000 A CN 201110361000A CN 103106355 A CN103106355 A CN 103106355A
- Authority
- CN
- China
- Prior art keywords
- version
- file
- internal memory
- copy
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses an implementation method and a system of software version protection. The method comprises the steps: encrypting a manufactured version file; when a version is started, loading the version file into an internal memory, obtaining a secret key of the version file, and deciphering the version file; coping a file system in the version file to a high address of the internal memory, and starting a core by utilizing a core file in the version file; building a memory technology device (MTD) sub-area based on the internal memory, mounting the MTD sub-area, and carrying out one-board starting. According to the method, when the version is manufactured, the whole version is encrypted through the secret key, when the version is started, the version is deciphered, so that security of the software version is high, and therefore the possibilities that a product is copied and others attack the product by analyzing useful information in the version are avoided.
Description
Technical field
The present invention relates to the Embedded Application technical field, relate in particular to a kind of software version protection implementation method and system.
Background technology
Human society has been entered into 21 century.The development of science and technology is constantly expanded the mankind's scope of activities, the progress and development of computer network has advanced information society and era of knowledge-driven economy with human society, and created the cyberspace of a super time and super space, wherein, the development of computer software industry affects the social economy of a country to a great extent, and promptly be penetrated into people's life, produce huge impulsive force.
But it is a new platform that the internet offers our having more than, it return people provide one totally different in the place of chasing interests and the means of traditional market economy, and just because of this new place and means, when promoting economic growth and social progress, also broken the Equilibrium of Interests that original legal system is set up.
In order to protect the intellecture property of product; a lot of methods are figured out by each company; traditional cipher mode all encryptions for file system usually for the Embedded Application occasion; adopt file system self-encryption mode to be encrypted; this ways and means is easy to crack; and can affect the efficient of system's operation, be unfavorable for the protection of product.
Summary of the invention
The invention provides a kind of software version protection implementation method and system, easily crack and affect the problem of running efficiency of system in order to solve software version protected mode in prior art.
In order to solve the problems of the technologies described above, the technical solution used in the present invention is as follows:
On the one hand, the invention provides a kind of software version protection implementation method, comprising:
The version file of making is encrypted;
When version starts, described version file is loaded in internal memory, and obtains the key of described version file, decipher described version file;
Copy the file system in described version file to the internal memory high address, and utilize the kernel file in described version file to start kernel;
Establishment is based on MTD (Memory Technology Device, the memory techniques equipment) subregion of internal memory, the described MTD subregion of carry, single board starting.
Further, in the method for the invention, describedly also comprise after version file is encrypted: with the burning of version key in hardware encryption chip;
The described mode of obtaining the key of described version file comprises: read described hardware encryption chip, obtain the version file key in described hardware encryption chip.
Further, in the method for the invention, describedly copy file system to the internal memory high address and specifically comprise: the size of obtaining described file system, be described file system storage allocation address based on the size of described file system at the high address place of described internal memory end, carry out the file system copy.
Further, in the method for the invention, described establishment is mapped to the MTD partition address that creates the memory address of the described system file of copy during based on the MTD subregion of internal memory.
Further, in the method for the invention, also comprise after described version file deciphering: correctness and legitimacy to the version file after deciphering are carried out verification, when verification is passed through, carry out the system file copy function.
On the other hand, the present invention also provides a kind of software version protection to realize comprising system: version encryption device and version decryption device;
Described version encryption device is used for the version file of making is encrypted;
Described version decryption device comprises:
The version load-on module is used for described version file being loaded in internal memory, and obtaining the key of described version file when version starts, and deciphers described version file;
The file copy module, the file system of the version file after being used for deciphering copies the internal memory high address to;
Kernel starts module, is used for utilizing the version file kernel file after deciphering to start kernel;
Division module is used for creating the MTD subregion based on internal memory, the described MTD subregion of carry, single board starting after kernel starts.
Further, in system of the present invention:
Described version encryption device also comprises: the key burning module, be used for after version file is encrypted, with the burning of version key in hardware encryption chip;
Described version load-on module also is used for reading described hardware encryption chip, obtains the version file key in described hardware encryption chip.
Further, in system of the present invention, described file copy module specifically comprises:
The acquisition of information submodule is for the size of obtaining described file system;
The address assignment submodule, being used for based on the size of described file system is described file system storage allocation address at the high address place of described internal memory end;
The file copy submodule is used for carrying out the file system copy based on the memory address that distributes.
Further, in system of the present invention, described division module specifically is used for, and when the MTD subregion that creates based on internal memory, the MTD partition address that creates is mapped to the memory address of the described system file of copy.
Further, in system of the present invention, described version decryption device also comprises:
Correction verification module is used for after described version file deciphering, correctness and the legitimacy of the version file after deciphering being carried out verification, when verification is passed through, triggers described file copy module.
Compared with prior art, beneficial effect of the present invention is as follows:
Method and system of the present invention, by key, whole version is encrypted when making version, when version starts, version is decrypted, make software version have very high confidentiality, thereby avoided product to be plagiarized, and others is by analyzing the possibility that in version, useful information is attacked product.
Description of drawings
Fig. 1 is the process flow diagram of a kind of software version protection implementation method provided by the invention;
Fig. 2 is the structural representation that a kind of software version protection provided by the invention realizes system.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Based on the embodiment in the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that obtains under the creative work prerequisite.
The embodiment of the present invention provides a kind of software version protection implementation method; be mainly used in the Embedded Application environment; the method is encrypted whole version by key when making version; then when using BOOTLOADER to start version; by BOOT LOADER, version is decrypted; in order to guarantee that software version is not illegally cracked, realize the purpose of protection enterprise product intellecture property.
As shown in Figure 1, the software version protection implementation method that the embodiment of the present invention provides specifically comprises:
Step S101, the version file of making is encrypted;
In this step, version file comprises: BOOT to RAM, kernel, file system;
In this step, after version file is encrypted, preferably, with the burning of version key in hardware encryption chip.
Need to prove, the described ciphering process of this step is completed by version making side usually, and follow-up decrypting process is the application to the encryption version file.
Step S102, when version starts, described version file is loaded in internal memory, and obtains the key of described version file, decipher described version file;
Step S103, copy the file system in described version file to the internal memory high address, and utilize the kernel file in described version file to start kernel;
In this step, copy file system to the internal memory high address, specifically comprise: obtaining the size of described file system, is described file system storage allocation address based on the size of described file system at the high address place of described internal memory end, carries out the file system copy;
In this step, utilize the kernel file in described version file to start kernel, specifically comprise: the kernel file in the version file after deciphering is carried out decompress(ion), and jumps to the kernel file porch execution after decompress(ion).
After step S104, kernel start, create the MTD subregion based on internal memory, the described MTD subregion of carry, single board starting.
In this step, when creating the MTD subregion based on internal memory, the MTD partition address that creates is mapped to the memory address of the described system file of copy.
For clearer statement the present invention, the below provides preferred embodiment of the present invention, and in conjunction with the description to embodiment, further provides ins and outs of the present invention.
The application scenarios of the described method of the embodiment of the present invention is mainly concerned with and embeds in applied environment, in the Embedded Application environment, usually BOOT is divided into two phase scenario, the embodiment of the present invention can be decrypted version in the BOOT phase one, key in needing to read hardware encryption circuit before deciphering beginning, thus guarantee the safety of version file.
The below encrypts and version is deciphered two aspects and set forth from version respectively:
One, the scheme of the described encryption to the embedded software version of the embodiment of the present invention is as follows:
1) compile out BOOT RAM stage B OOT, kernel, file system.
2) make software by version BOOT, kernel, file system are made into whole version file.
3) by key, whole version is encrypted, generates the final version file;
Preferably, after version file is encrypted, with the key burning of version in hardware encryption chip; Wherein, the key of hardware encryption chip is disposable burning, and is not reproducible.
Two, the scheme that starts deciphering for version is as follows:
1) the version startup enters the BOOT phase one, and whole version file (BOOT to RAM, kernel, file system) is loaded in internal memory from FLASH.
2) read version key in hardware encryption chip by BOOT phase one driver.
3) key by the version that reads is decrypted whole version file.
4) guarantee that by version file being carried out verification file is correct, and the version legitimacy is carried out verification, avoid others maliciously to distort the possibility of version.
5) at high address place, the end of memory headroom, be the file system storage allocation address in version file, and file system is copied in described memory address;
This step is mainly used in the back establishment based on MTD (memory technology device, the memory techniques equipment) subregion of internal memory;
In this step, the memory address size of distribution is determined according to the size of file system.
6) the kernel version file in the version file after deciphering is carried out decompress(ion), then jump to decompress(ion) kernel file porch and carry out.
7) after kernel starts, create the MTD subregion based on internal memory, partition address is mapped to the BOOT stage with the memory address of file system copy.
8) the described MTD subregion of carry, after the carry success, veneer enters normal operating conditions.
Can find out by above-mentioned specific embodiments, method of the present invention can fully guarantee the safety of software version, can avoid others to plagiarize the possibility of product, even can avoid others to crack the possibility of rear malicious attack product.
As shown in Figure 2, the embodiment of the present invention also provides a kind of software version protection to realize comprising system: version encryption device 210 and version decryption device 220;
Preferably, this version encryption device 210, after version file is encrypted, with the burning of version key in hardware encryption chip.
Version load-on module 221 is used for version file being loaded in internal memory, and obtaining the key of version file, the decrypted version file when version starts;
Preferably, this version load-on module 221 reads described hardware encryption chip, obtains the version file key in described hardware encryption chip.
This document copy module 222 specifically comprises:
Acquisition of information submodule 2221 is for the size of obtaining described file system;
Address assignment submodule 2222, being used for based on the size of described file system is described file system storage allocation address at the high address place of described internal memory end;
Kernel starts module 223, is used for utilizing the version file kernel file after deciphering to start kernel;
Particularly, this division module 224 when the MTD subregion that creates based on internal memory, is mapped to the MTD partition address that creates the memory address of the described system file of copy.
Further, version decryption device 220 also comprises:
Obviously, those skilled in the art can carry out various changes and modification and not break away from the spirit and scope of the present invention the present invention.Like this, if within of the present invention these are revised and modification belongs to the scope of claim of the present invention and equivalent technologies thereof, the present invention also is intended to comprise these changes and modification interior.
Claims (10)
1. a software version protection implementation method, is characterized in that, comprising:
The version file of making is encrypted;
When version starts, described version file is loaded in internal memory, and obtains the key of described version file, decipher described version file;
Copy the file system in described version file to the internal memory high address, and utilize the kernel file in described version file to start kernel;
Establishment is based on the memory techniques equipment MTD subregion of internal memory, the described MTD subregion of carry, single board starting.
2. the method for claim 1, is characterized in that,
Describedly also comprise after version file is encrypted: with the burning of version key in hardware encryption chip;
The described mode of obtaining the key of described version file comprises: read described hardware encryption chip, obtain the version file key in described hardware encryption chip.
3. the method for claim 1, it is characterized in that, describedly copy file system to the internal memory high address and specifically comprise: the size of obtaining described file system, be described file system storage allocation address based on the size of described file system at the high address place of described internal memory end, carry out the file system copy.
4. the method for claim 1, is characterized in that, described establishment is mapped to the MTD partition address that creates the memory address of the described system file of copy during based on the MTD subregion of internal memory.
5. as claimed in claim 1 or 2 or 3 or 4 method, is characterized in that, also comprise after described version file deciphering: correctness and legitimacy to the version file after deciphering are carried out verification, when verification by the time, carry out the system file copy function.
6. a software version protection realizes it is characterized in that system, comprising: version encryption device and version decryption device;
Described version encryption device is used for the version file of making is encrypted;
Described version decryption device comprises:
The version load-on module is used for described version file being loaded in internal memory, and obtaining the key of described version file when version starts, and deciphers described version file;
The file copy module, the file system of the version file after being used for deciphering copies the internal memory high address to;
Kernel starts module, is used for utilizing the version file kernel file after deciphering to start kernel;
Division module is used for creating the MTD subregion based on internal memory, the described MTD subregion of carry, single board starting after kernel starts.
7. system as claimed in claim 6, is characterized in that,
Described version encryption device also comprises: the key burning module, be used for after version file is encrypted, with the burning of version key in hardware encryption chip;
Described version load-on module also is used for reading described hardware encryption chip, obtains the version file key in described hardware encryption chip.
8. system as claimed in claim 6, is characterized in that, described file copy module specifically comprises:
The acquisition of information submodule is for the size of obtaining described file system;
The address assignment submodule, being used for based on the size of described file system is described file system storage allocation address at the high address place of described internal memory end;
The file copy submodule is used for carrying out the file system copy based on the memory address that distributes.
9. system as claimed in claim 6, is characterized in that, described division module specifically is used for, and when the MTD subregion that creates based on internal memory, the MTD partition address that creates is mapped to the memory address of the described system file of copy.
10. as claim 6 or 7 or 8 or 9 described systems, it is characterized in that, described version decryption device also comprises:
Correction verification module is used for after described version file deciphering, correctness and the legitimacy of the version file after deciphering being carried out verification, when verification is passed through, triggers described file copy module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011103610000A CN103106355A (en) | 2011-11-15 | 2011-11-15 | Implementation method and system of software version protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011103610000A CN103106355A (en) | 2011-11-15 | 2011-11-15 | Implementation method and system of software version protection |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103106355A true CN103106355A (en) | 2013-05-15 |
Family
ID=48314209
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011103610000A Pending CN103106355A (en) | 2011-11-15 | 2011-11-15 | Implementation method and system of software version protection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103106355A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107688463A (en) * | 2017-09-21 | 2018-02-13 | 杭州全维技术股份有限公司 | A kind of method of embedded device version file packing |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101770386A (en) * | 2010-03-08 | 2010-07-07 | 北京飞天诚信科技有限公司 | Safe startup method for Linux embedded system |
| CN102141923A (en) * | 2010-09-28 | 2011-08-03 | 华为终端有限公司 | Memory file system loading method and device |
-
2011
- 2011-11-15 CN CN2011103610000A patent/CN103106355A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101770386A (en) * | 2010-03-08 | 2010-07-07 | 北京飞天诚信科技有限公司 | Safe startup method for Linux embedded system |
| CN102141923A (en) * | 2010-09-28 | 2011-08-03 | 华为终端有限公司 | Memory file system loading method and device |
Non-Patent Citations (1)
| Title |
|---|
| 袁苑 等: "《基于ARM平台的嵌入式软件保护方案》", 《电子技术应用》, no. 9, 30 September 2009 (2009-09-30), pages 149 - 152 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107688463A (en) * | 2017-09-21 | 2018-02-13 | 杭州全维技术股份有限公司 | A kind of method of embedded device version file packing |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP5537742B2 (en) | Method and apparatus including architecture for protecting multi-user sensitive code and data | |
| CN102087605B (en) | Android-based platform application installation control method and system | |
| CN103069428B (en) | Secure virtual machine in insincere cloud infrastructure guides | |
| KR100792287B1 (en) | Method for security and the security apparatus thereof | |
| KR101284676B1 (en) | Cryptography-based copy protection system and method for android apps | |
| WO2021164166A1 (en) | Service data protection method, apparatus and device, and readable storage medium | |
| CN1662869A (en) | Sleep protection | |
| CN101872404B (en) | Method for protecting Java software program | |
| CN102118512A (en) | Method and system for preventing application program of mobile phone from being cracked | |
| CN104268444A (en) | Cloud OS Java source code protection method | |
| CN104579689A (en) | Soft secret key system and implementation method | |
| CN1960363A (en) | Method and equipment for implementing remote updating information security devices through network | |
| KR20110093468A (en) | User terminal device, server and control method thereof | |
| CN101957903A (en) | Method and device for protecting class files | |
| CN103701829A (en) | Method of off-line analyzing DPAPI (Data Protection Application Programming Interface) enciphered data | |
| CN105184118A (en) | Code fragmentization based Android application program packing protection method and apparatus | |
| CN113346998A (en) | Key updating and file sharing method, device, equipment and computer storage medium | |
| CN104246784A (en) | Method, device, and system for protecting and securely delivering media content | |
| CN104506504A (en) | Security mechanism and security device for confidential information of card-free terminal | |
| JP5575950B2 (en) | Wireless terminal device and system protection method | |
| KR20080046515A (en) | Encoding and decoding method of contents file | |
| CN102855419A (en) | Copyright protection method for data files of intelligent terminals | |
| CN103106355A (en) | Implementation method and system of software version protection | |
| KR101711024B1 (en) | Method for accessing temper-proof device and apparatus enabling of the method | |
| CN105426702A (en) | Android operating system based application program encrypting method and device, and Android operating system based application program decrypting method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130515 |