CN111737657A - Method for realizing authorization control on JAVA software based on license file - Google Patents
Method for realizing authorization control on JAVA software based on license file Download PDFInfo
- Publication number
- CN111737657A CN111737657A CN202010548138.0A CN202010548138A CN111737657A CN 111737657 A CN111737657 A CN 111737657A CN 202010548138 A CN202010548138 A CN 202010548138A CN 111737657 A CN111737657 A CN 111737657A
- Authority
- CN
- China
- Prior art keywords
- file
- software
- registration
- lcf2
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 95
- 238000013475 authorization Methods 0.000 title claims abstract description 29
- 230000008569 process Effects 0.000 claims abstract description 62
- 101100127689 Schizosaccharomyces pombe (strain 972 / ATCC 24843) lcf2 gene Proteins 0.000 claims abstract description 39
- 238000009434 installation Methods 0.000 claims abstract description 16
- 230000009191 jumping Effects 0.000 claims abstract description 3
- 238000001514 detection method Methods 0.000 claims description 16
- 230000007246 mechanism Effects 0.000 claims description 8
- 238000011010 flushing procedure Methods 0.000 claims description 5
- 238000012986 modification Methods 0.000 claims description 4
- 230000004048 modification Effects 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 4
- 230000002159 abnormal effect Effects 0.000 claims description 3
- 230000002708 enhancing effect Effects 0.000 claims description 2
- 230000006872 improvement Effects 0.000 description 8
- 238000005336 cracking Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000007796 conventional method Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000003111 delayed effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
A method for realizing authorization control on JAVA software based on license files comprises the following steps: step S1: generating a local installation serial number when upper layer user software is started for the first time; step S2: submitting software registration information through a page; step S3: lcf2 register the file and detect if the file is valid; if the step S4 is effectively performed, otherwise, jumping to the step S6; step S4: establishing a pipeline file with user software, pipe1, and sending authorization parameters to the pipeline; step S5: user software reads the authorization control parameter and immediately removes the pipeline file; the user software is controlled to run only in the authorization mode; step S6: the user software main process is forcibly killed by the operating system, and the registration control process is actively quitted until the life cycle of the whole software is finished. The invention has the advantages of simple principle, easy realization, wide application range, better authorization management confidentiality and the like.
Description
Technical Field
The invention mainly relates to the technical field of software authorization management, in particular to a method for realizing authorization control on JAVA software based on license files.
Background
Due to the restriction of JAVA codes, class binary files meeting the specification run on the JVM virtual machine, and complete original codes can be checked through a common disassembling tool; the basic method for controlling the authorized use of the software is to calculate a series of registration numbers through a certain algorithm, send the registration numbers to corresponding software users by software development organizations, and restore the authentication information corresponding to the registration numbers according to the same algorithm for verification in the starting and using processes of the software.
There is still a great risk for the above conventional methods and mechanisms, which specifically include the following:
(1) the class file is obfuscated, and the original method name and variable name are changed into names such as a.b.c; the readability of the disassembled code can be enhanced to a certain extent, but the readability depends on the complexity of logic in the source code, the more complicated code is confused, the more difficult the disassembled source code is to read, the more difficult the source code is to decode, the decoding difficulty is increased, the effect of code encryption is not achieved essentially, and advanced software developers can read the original judgment logic to achieve the purpose of software decoding only with a long time cost.
(2) And carrying out encryption processing on the class file with the original core being repaired once, and then realizing decryption loading processing on the class file through a self-defined JAVA class loader. Since the encrypted class file does not conform to the specification of the class file, the source code cannot be seen by the disassembling tool naturally, and the class file can be saved. The key issue here is the management of the keys used in encryption (see point 3 below), which can be easily broken if the protection is not appropriate.
(3) One common method for managing keys is to place the keys in a certain hidden directory of the software itself or a directory which is hidden by an operating system, and in this way, a process viewing tool of the operating system is very easy to discover and cannot play a role in protection. In addition, an encryption key issued by the software developer server is read through a network mode, and the network uses ssl encryption transmission to protect the key from being intercepted in the network transmission process. The secret key in the mode can be updated regularly to shorten timeliness, so that the cracking difficulty is increased. The software registration code is also generally issued in this manner. The problem here is that the software must be in a networked environment, otherwise the software itself cannot realize the self-decryption normal operation. The cracking personnel can easily realize the cracking of the software under the condition of network breaking.
(4) The core authorization code can be developed by using other languages such as c, c + + and the like (the language is difficult to crack due to the characteristics of the language) and then packaged into dll or so library file for java call, thereby achieving the purpose of software protection. In the method, as long as the calling relation of the software code to the protected code exists, the function return value in normal authorization can be simulated as long as a cracked person positions the function calling point, and the aim of cracking the software is achieved by easily bypassing the calling logic.
In summary, all conventional methods still fail to solve the problem of software authorization management.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: aiming at the technical problems in the prior art, the invention provides the license-based method for realizing the authorization control of the JAVA software based on the license file, which has the advantages of simple principle, easy realization, wide application range and better authorization management confidentiality.
In order to solve the technical problems, the invention adopts the following technical scheme:
a method for realizing authorization control on JAVA software based on license files comprises the following steps:
step S1: generating a local installation serial number when upper layer user software is started for the first time;
step S2: submitting software registration information through a page;
step S3: lcf2 register the file and detect if the file is valid; if the step S4 is effectively performed, otherwise, jumping to the step S6;
step S4: establishing a pipeline file with user software, pipe1, and sending authorization parameters to the pipeline;
step S5: user software reads the authorization control parameter and immediately removes the pipeline file; the user software is controlled to run only in the authorization mode;
step S6: and executing the kil-9 operation of the user software main process, forcibly killing the user software main process by an operating system, and actively quitting the registration control process until the life cycle of the whole software is finished.
As a further improvement of the invention: in step S1, the process of generating the software installation serial number includes: taking a hardware serial number of an operating system level to form a unique software machine installation serial number; and a local timestamp is encrypted and displayed on a first starting interface of the software in a 3DES mode, so that the sequence numbers seen by the users at each time are completely different.
As a further improvement of the invention: in the step S3, the registration file is read lcf2 process is: when software is started for the first time, the contents of a registration file input on a registration page are read by an internal HkFileLister file listener and written into a local lcf2 file and a backup file lcf2. first; timeOut, which attempts to read a local lcf2 registration file for the first time, and attempts to recover from a temporary file if the file fails to be read due to file content damage or tampering. lcf2 and read again, and recovers from a first generated backup file if the file fails. lcf2 and reads again, and if the file fails, the registration file is considered invalid, and the reading process ends; and calling an effectiveness verification method to judge whether the registered file is effective after successful reading, and if the registered file is effectively deleted, storing the read file content in a memory registration variable for the timeOut file, finishing the reading process and starting a timeOut overdue judgment service.
As a further improvement of the invention: the process of writing the registration file (. lcf2) in the step S3 is: the content in the real-time memory registration variable is encrypted by 3DES, then is encoded by a Base64Ex tool and then is written into a temporary file lcf2. tmp; and copying the file into a registration file lcf2 after the file is successfully completed, and calling fd.sync () to execute a forced disk-flushing operation in time to ensure that the file can be really written into a disk physical file and then returned.
As a further improvement of the invention: the method also comprises a service flow for judging timeout expiration:
step S100: lcf2, if the register file or the memory register variable is empty or no, the software is overdue, the control parameter is written into the software overdue control file, timeOut;
step S200: reading the software installation serial number system in the memory registration variable and comparing the software installation serial number system with the serial number system generated by the local computer, and if the software installation serial number system and the serial number system generated by the local computer are not consistent, the software is overdue;
step S300: reading a register overdue mark in a memory register variable;
step S400: reading an installation time stamp in the memory registration variable and a last modification date time stamp of the registration file for comparison, and if the time difference value is above a set time length, considering that the registration file is expired, applying for generation again;
step S500: software use remaining time detection: firstly, if the current timestamp of the local computer is larger than the expiration timestamp set in the memory registration variable, the software is considered to be expired; judging whether the residual timestamp variable is zero or not;
step S600: judging whether the installation time stamp of the software is larger than the current time stamp of the local computer and is longer than a set time length, and considering that the user has illegal operation: the time of the machine is adjusted forward intentionally before installation;
step S700: judging that if the software detection timestamp is greater than the current timestamp of the local computer and is longer than a set time length, considering that the user has illegal operation: intentionally adjusting the local time forward in the software running process;
step S800: if the software is overdue, the software main process automatically exits after the process is started to delay the exit service for a period of time immediately;
step S900: after the detection is finished, updating the detection timestamp in the memory registration variable to be the current time of the local computer; subtracting a certain time from the remaining timestamp; and calling a registration file writing flow to update the registration file.
As a further improvement of the invention: the method also comprises a process of saving the integrity of the file under the abnormal condition, namely, the integrity of the registered file is protected by generating a temporary file of a first backup file, forcibly flushing the disk and registering a JVM shutdown hook in the whole writing process of the file.
As a further improvement of the invention: the method also comprises an integral code protection process, namely confusion is carried out through a proguard tool, License registration file contents are encrypted in a 3DES mode, and the encrypted byte stream is stored into a lcf2 hidden file by coding with Base 64.
As a further improvement of the invention: the whole code protection process comprises the following steps:
step S1000: base64 tool enhancements;
step S2000: enhancing a starting mode; hiding the core process Lm.java into a jar packet driven by spark-jdbc, adding a start agent class outside, loading class contents through class.forName, and starting UpdateLicenseThread expiration detection service;
step S3000: adding invalid complex logic judgment codes;
step S4000: starting a protection mechanism for the registration file expiration detection service, starting a timer to detect whether the service is abnormally stopped once every second, and immediately running again if the service is stopped.
As a further improvement of the invention: the method also comprises a protection management process for the secret key, namely: the encryption and decryption keys are randomly generated by using byte array contents with the length of 32 bits; and fixedly inserting the 9 th to 40 th positions at the beginning and the end of the byte array of the content of the license file into two parts for hidden storage, wherein the odd number bits are used at the beginning part, and the even number bits are used at the end part.
Compared with the prior art, the invention has the advantages that: the method for realizing the authorization control of the JAVA software based on the license file has the advantages of simple principle, easy realization and wide application range, strengthens the management of a communication mode of a software caller, realizes soft calling by utilizing a pipeline (pipe) mechanism and software in a linux operating system (namely the software and a registration control module are two different processes and have no logical calling relation), can prevent data information from being stolen by other illegal processes because the pipeline can ensure that only one process is read and the other process is written at the same time, and can immediately delete the pipeline file after the data is read by the read process, thereby solving the risk that a calling point in a software code is positioned by a cracker.
Drawings
FIG. 1 is a schematic flow diagram of the process of the present invention.
Detailed Description
The invention will be described in further detail below with reference to the drawings and specific examples.
As shown in fig. 1, the method for implementing authorization control on JAVA software based on license file of the present invention includes the steps of:
step S1: generating a local installation serial number when upper layer user software is started for the first time;
step S2: submitting software registration information through a page;
step S3: lcf2 register the file and detect if the file is valid; if valid, go to step S4, otherwise jump to step S6. This step may be accomplished by the registration control module;
step S4: establishing a pipeline file with user software, pipe1, and sending authorization parameters to the pipeline;
step S5: and the user software reads the authorization control parameters and immediately removes the pipeline file. The user software is controlled to run only in the authorization mode;
step S6: and executing the kil-9 operation of the user software main process, forcibly killing the user software main process by an operating system, and actively quitting the process of the registration control module until the life cycle of the whole software is finished.
By adopting the method, the management of the communication mode of the software caller is enhanced, the soft calling is realized by utilizing a pipeline (pipe) mechanism and software in the linux operating system (namely the software and the registration control module are two different processes and have no logical calling relation), because the pipeline can ensure that only one process is read and the other process is written at the same time, the pipeline file can be immediately deleted after the data is read by the read process, the data information can be prevented from being stolen by other illegal processes, and the risk that a calling point in a software code is positioned by a cracker is also solved.
In a specific application example, in step S1, the process of generating the software installation serial number includes: taking a series of hardware serial numbers at the operating system level: the software installation method comprises the following steps that an operating system name osname, a CPU serial number CPU _ no, a main board serial number mainboard _ no, a hard disk serial number disk _ no and a physical memory byte totalmemory are formed, so that a unique software machine installation serial number is formed, and the possibility that software is copied to other computers and uses the same serial number is prevented; finally, a local timestamp is added, and the whole is encrypted and displayed on a first starting interface of the software in a 3DES mode, so that the serial numbers seen by users at each time are completely different, and the guessing difficulty of a serial number generation mechanism is increased.
In a specific application example, in the step S3, the process of reading the registration file (. lcf2) is as follows: when the software is started for the first time, the contents of the registration files input on the registration page are read and written into the local file lcf2 and the backup file (. lcf2.first) by an internal HkFileLister file listener. Writing a software expiration control file (. timeOut), and attempting to read a local. lcf2 registration file to recover from a temporary file (. lcf2.tmp) and read again if the file reading fails due to the file content being damaged or tampered, recovering from a first generated backup file (. lcf2.first) to a. lcf2 file and reading again if the file reading fails, and recovering from a first generated backup file (. lcf2.first) to a. lcf2 file and reading again if the file reading fails, considering the registration file as invalid, and ending the reading process. Calling an effectiveness verification method (isValidLicense ()) to judge whether the registered file is effective or not after successful reading, if the registered file is effectively deleted, storing the read file content in a memory registration variable (licenSerinstallation), finishing the reading process and starting a timeOut overdue judgment service.
In a specific application example, in the step S3, the process of writing the registration file (. lcf2) is as follows: firstly, encrypting the content in a real-time memory registration variable (license Properties) by using 3DES, then coding the content by using a Base64Ex tool, and then writing the content into a temporary file (. lcf2. tmp); and copying the file into a registration file (. lcf2) after success, and calling fd.sync () to execute forced disk-flushing operation in time to ensure that the file can be really written into a disk physical file and then returned every time, so that the damage of the registration file caused by the conditions of unexpected power failure of a system and the like can be prevented in a certain program.
In a specific application example, the invention further comprises a protection management process for the secret key, namely: the encryption and decryption keys are randomly generated by using byte array contents with the length of 32 bits; and fixedly inserting the 9 th-40 th positions at the beginning and the end of the byte array of the content of the license file into two parts for hidden storage, wherein the odd number bits are used at the beginning part, and the even number bits are used at the end part (see the following table).
0-8 bytes |9-40 bytes | file length-9 | file length-1
In a specific application example, the present invention further includes a service flow for judging timeout expiration, that is: the registration file expiration detection service (updatelicense thread) updates the registration file every 5 minutes; the specific expiration detection process is detailed as follows:
step S100: it is detected if the registration file (. lcf2) or the memory registration variable (licenceproperties) is empty or there is no return software expiry (write control parameter: timeOutCode: -1 to software expiry control file (. timeOut)).
Step S200: reading the software installation serial number system in the memory registration variable and comparing the software installation serial number system with the locally generated serial number system, if not consistent, the software expiration code (timeOutCode: -2) is set.
Step S300: reading a registration expiration mark in the memory registration variable, wherein the registration expiration mark is 0-valid; 1-expired (invalid) determination if equal to 1 then software expiration code (timeOutCode: -3).
Step S400: reading an installation timestamp (installtimes constant) in a memory registration variable and a timestamp of a last modification date (fileLastModifTimes) of a registration file for comparison, and if the time difference is more than 1 hour, determining that the registration file is expired, and applying for generation again. Corresponding software expiration code (timeOutCode: -4).
Step S500: software use remaining time detection: firstly, if the current timestamp (nowTimes) of the local computer is larger than an expiration timestamp (outtimes constant) set in a memory registration variable, the software is considered to be expired; then, it is determined whether the remaining timestamp (remainInMs) variable is zero (which can prevent the user from tampering with the local time). Corresponding software expiration code (timeOutCode: -5).
Step S600: judging that if the installation time stamp (installtimes) of the software is larger than the current time stamp (nowTimes) of the software and is more than 1 hour, considering that the user has illegal operation: the local time is intentionally adjusted forward prior to installation. Corresponding software expiration code (timeOutCode: -6).
Step S700: judging that if the software detection time stamp (checktimes) is larger than the current time stamp (nowTimes) of the local computer and is more than 1 hour, considering that the user has illegal operation: the local time is intentionally adjusted forward during the software run. Corresponding software expiration code (timeOutCode: -7).
Step S800: judging if the timeOutCode is not equal to 0, indicating that the software is expired, starting the process delayed logout service (ShutDownThread) immediately, and then automatically logging out (can not be interrupted) the software main process after 20 minutes.
Step S900: after the detection is finished, updating a detection timestamp (checktimes) in a memory registration variable to be the current time of the local computer; remaining timestamps (remainInMs) minus 5 minutes; and calling a registration file writing flow to update the registration file.
In a specific application example, the method further comprises a process of saving the integrity of the file under the abnormal condition, namely, the integrity of the registered file is protected by a series of measures such as generating a temporary file of a first backup file, forcibly refreshing the disk and registering a shutdown hook of the JVM in the whole writing process of the file.
In a specific application example, the invention further comprises an overall code protection process, namely, the confusion is realized through a proguard tool, the content of the License registration file is encrypted in a 3DES mode, the encrypted byte stream is encoded and stored into a lcf2 hidden file by using Base64, and the enhanced protection mechanism comprises:
step S1000: base64 tool enhancements: using the modified code dictionary: the last two digits of the dictionary in the originally disclosed algorithm are ' + ', '/' is modified to ' - ', and supplementary characters are modified from ' ═ to ' _ ' symbols; so that the coded character string content can not be decoded by the common Base64 tool.
Step S2000: startup mode enhancement
Java is hidden in a jar packet driven by spark-jdbc, a start agent class is added outside to load class contents through class.
Step S3000: the method adds a large number of invalid complex logic judgment codes to increase the reading difficulty of the source codes after the anti-assembly.
Step S4000: starting a protection mechanism similar to watchdog for the registration file expiration detection service, and additionally starting a timer to detect whether the service is abnormally stopped once every second. If the system stops, the system runs again immediately.
The above is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above-mentioned embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may be made by those skilled in the art without departing from the principle of the invention.
Claims (9)
1. A method for realizing authorization control on JAVA software based on license files is characterized by comprising the following steps:
step S1: generating a local installation serial number when upper layer user software is started for the first time;
step S2: submitting software registration information through a page;
step S3: lcf2 register the file and detect if the file is valid; if the step S4 is effectively performed, otherwise, jumping to the step S6;
step S4: establishing a pipeline file with user software, pipe1, and sending authorization parameters to the pipeline;
step S5: user software reads the authorization control parameter and immediately removes the pipeline file; the user software is controlled to run only in the authorization mode;
step S6: and executing the kil-9 operation of the user software main process, forcibly killing the user software main process by an operating system, and actively quitting the registration control process until the life cycle of the whole software is finished.
2. The method according to claim 1, wherein in step S1, the process of generating the software installation serial number comprises: taking a hardware serial number of an operating system level to form a unique software machine installation serial number; and a local timestamp is encrypted and displayed on a first starting interface of the software in a 3DES mode, so that the sequence numbers seen by the users at each time are completely different.
3. The method for controlling the authorization of JAVA class software according to the i icense file as claimed in claim 1, wherein in step S3, the registration file is read lcf 2: when software is started for the first time, the contents of a registration file input on a registration page are read by an internal HkFileLister file listener and written into a local lcf2 file and a backup file lcf2. first; timeOut, which attempts to read a local lcf2 registration file for the first time, and attempts to recover from a temporary file if the file fails to be read due to file content damage or tampering. lcf2 and read again, and recovers from a first generated backup file if the file fails. lcf2 and reads again, and if the file fails, the registration file is considered invalid, and the reading process ends; and calling an effectiveness verification method to judge whether the registered file is effective after successful reading, and if the registered file is effectively deleted, storing the read file content in a memory registration variable for the timeOut file, finishing the reading process and starting a timeOut overdue judgment service.
4. The method for realizing license control over JAVA class software based on license file of claim 1, wherein the step S3 writes the registration file, the process of lcf2 is as follows: the content in the real-time memory registration variable is encrypted by 3DES, then is encoded by a Base64Ex tool and then is written into a temporary file lcf2. tmp; and copying the file into a registration file lcf2 after the file is successfully completed, and calling fd.sync () to execute a forced disk-flushing operation in time to ensure that the file can be really written into a disk physical file and then returned.
5. The method for realizing the authorization control of the JAVA type software based on the license file as claimed in any one of claims 1 to 4, further comprising the following service flow for judging the timeout expiration:
step S100: lcf2, if the register file or the memory register variable is empty or no, the software is overdue, the control parameter is written into the software overdue control file, timeOut;
step S200: reading the software installation serial number system in the memory registration variable and comparing the software installation serial number system with the serial number system generated by the local computer, and if the software installation serial number system and the serial number system generated by the local computer are not consistent, the software is overdue;
step S300: reading a register overdue mark in a memory register variable;
step S400: reading an installation time stamp in the memory registration variable and a last modification date time stamp of the registration file for comparison, and if the time difference value is above a set time length, considering that the registration file is expired, applying for generation again;
step S500: software use remaining time detection: firstly, if the current timestamp of the local computer is larger than the expiration timestamp set in the memory registration variable, the software is considered to be expired; judging whether the residual timestamp variable is zero or not;
step S600: judging whether the installation time stamp of the software is larger than the current time stamp of the local computer and is longer than a set time length, and considering that the user has illegal operation: the time of the machine is adjusted forward intentionally before installation;
step S700: judging that if the software detection timestamp is greater than the current timestamp of the local computer and is longer than a set time length, considering that the user has illegal operation: intentionally adjusting the local time forward in the software running process;
step S800: if the software is overdue, the software main process automatically exits after the process is started to delay the exit service for a period of time immediately;
step S900: after the detection is finished, updating the detection timestamp in the memory registration variable to be the current time of the local computer; subtracting a certain time from the remaining timestamp; and calling a registration file writing flow to update the registration file.
6. The method for realizing authorization control over JAVA-type software based on a license file as claimed in any one of claims 1 to 4, further comprising a procedure of saving the integrity of the file under abnormal conditions, namely, the integrity of the registered file is protected by generating a temporary file of a first backup file, forcibly flushing the disk and registering a JVM shutdown hook in the whole writing process of the file.
7. The method for realizing License control on JAVA-type software based on License files as claimed in any one of claims 1-4, further comprising an overall code protection process, i.e. obfuscation is performed by a proguard tool, the License registry file content is encrypted in a 3DES mode, and the encrypted byte stream is stored as a. lcf2 hidden file by encoding with Base 64.
8. The method of claim 7, wherein the overall code protection process comprises:
step S1000: base64 tool enhancements;
step S2000: enhancing a starting mode; hiding the core process Lm.java into a jar packet driven by spark-jdbc, adding a start agent class outside, loading class contents through class.forName, and starting UpdateLicenseThread expiration detection service;
step S3000: adding invalid complex logic judgment codes;
step S4000: starting a protection mechanism for the registration file expiration detection service, starting a timer to detect whether the service is abnormally stopped once every second, and immediately running again if the service is stopped.
9. The method for realizing authorization control over JAVA-type software based on a license file according to any one of claims 1-4, further comprising a protection management process for a secret key, namely: the encryption and decryption keys are randomly generated by using byte array contents with the length of 32 bits; and fixedly inserting the 9 th to 40 th positions at the beginning and the end of the byte array of the content of the license file into two parts for hidden storage, wherein the odd number bits are used at the beginning part, and the even number bits are used at the end part.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010548138.0A CN111737657B (en) | 2020-06-16 | 2020-06-16 | Method for realizing authorization control on JAVA software based on license file |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010548138.0A CN111737657B (en) | 2020-06-16 | 2020-06-16 | Method for realizing authorization control on JAVA software based on license file |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111737657A true CN111737657A (en) | 2020-10-02 |
| CN111737657B CN111737657B (en) | 2024-03-12 |
Family
ID=72649422
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010548138.0A Active CN111737657B (en) | 2020-06-16 | 2020-06-16 | Method for realizing authorization control on JAVA software based on license file |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111737657B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117574333A (en) * | 2024-01-16 | 2024-02-20 | 四川精容数安科技有限公司 | Verification method for License validity period of backup software |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1449523A (en) * | 2000-08-28 | 2003-10-15 | 康坦夹德控股股份有限公司 | Systems and methods for integrity certification and verification of content consumption environments |
| US20060150256A1 (en) * | 2004-12-03 | 2006-07-06 | Whitecell Software Inc. A Delaware Corporation | Secure system for allowing the execution of authorized computer program code |
| CN101277476A (en) * | 2007-03-30 | 2008-10-01 | 富士通株式会社 | Network system, terminal customization method and customization service method |
| CN103491097A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization system based on public key cryptosystem |
| CN103491098A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization method based on public key cryptosystem |
| CN103914635A (en) * | 2012-12-29 | 2014-07-09 | 中国航空工业集团公司第六三一研究所 | Eclipse software product authorization permission management method |
| CN105631312A (en) * | 2015-12-25 | 2016-06-01 | 北京奇虎科技有限公司 | Method and system for processing rogue programs |
| CN109284586A (en) * | 2018-08-27 | 2019-01-29 | 武汉达梦数据库有限公司 | A kind of soft ware authorization license implementation method and device |
| CN109889623A (en) * | 2019-02-26 | 2019-06-14 | 湖南省星岳天璇科技有限公司 | Big two layer stackups Ethernet ARP broadcast removing method and device |
| KR20190141335A (en) * | 2018-06-14 | 2019-12-24 | 서원대학교산학협력단 | Method and apparaus for managing license of software using the USB memory |
| CN110866226A (en) * | 2019-11-15 | 2020-03-06 | 中博信息技术研究院有限公司 | JAVA application software copyright protection method based on encryption technology |
-
2020
- 2020-06-16 CN CN202010548138.0A patent/CN111737657B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1449523A (en) * | 2000-08-28 | 2003-10-15 | 康坦夹德控股股份有限公司 | Systems and methods for integrity certification and verification of content consumption environments |
| US20060150256A1 (en) * | 2004-12-03 | 2006-07-06 | Whitecell Software Inc. A Delaware Corporation | Secure system for allowing the execution of authorized computer program code |
| CN101277476A (en) * | 2007-03-30 | 2008-10-01 | 富士通株式会社 | Network system, terminal customization method and customization service method |
| CN103914635A (en) * | 2012-12-29 | 2014-07-09 | 中国航空工业集团公司第六三一研究所 | Eclipse software product authorization permission management method |
| CN103491097A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization system based on public key cryptosystem |
| CN103491098A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization method based on public key cryptosystem |
| CN105631312A (en) * | 2015-12-25 | 2016-06-01 | 北京奇虎科技有限公司 | Method and system for processing rogue programs |
| KR20190141335A (en) * | 2018-06-14 | 2019-12-24 | 서원대학교산학협력단 | Method and apparaus for managing license of software using the USB memory |
| CN109284586A (en) * | 2018-08-27 | 2019-01-29 | 武汉达梦数据库有限公司 | A kind of soft ware authorization license implementation method and device |
| CN109889623A (en) * | 2019-02-26 | 2019-06-14 | 湖南省星岳天璇科技有限公司 | Big two layer stackups Ethernet ARP broadcast removing method and device |
| CN110866226A (en) * | 2019-11-15 | 2020-03-06 | 中博信息技术研究院有限公司 | JAVA application software copyright protection method based on encryption technology |
Non-Patent Citations (2)
| Title |
|---|
| RUIAN DUAN等: "Identifying Open-Source License Violation and 1-day Security Risk at Large Scale", pages 1 - 17, Retrieved from the Internet <URL:《网页在线公开:https://dl.acm.org/doi/pdf/10.1145/3133956.3134048》> * |
| 胡国良等: "基于实时授权的License控制技术在制造执行系统中的应用", 《制造业自动化》, vol. 35, no. 3, 2 August 2013 (2013-08-02), pages 45 - 48 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117574333A (en) * | 2024-01-16 | 2024-02-20 | 四川精容数安科技有限公司 | Verification method for License validity period of backup software |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111737657B (en) | 2024-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4702957B2 (en) | Tamper resistant virtual machine | |
| US8234638B2 (en) | Creating a relatively unique environment for computing platforms | |
| US7779478B2 (en) | System and method for distributed module authentication | |
| US7203844B1 (en) | Method and system for a recursive security protocol for digital copyright control | |
| EP1942431B1 (en) | Software or other information integrity verification using variable block length and selection | |
| JP3763393B2 (en) | COMMUNICATION SYSTEM, TERMINAL DEVICE, RECORDING MEDIUM RECORDING REPRODUCTION PROGRAM, SERVER DEVICE, AND RECORDING MEDIUM RECORDING SERVER PROGRAM | |
| EP1542112A1 (en) | Open type general-purpose attack-resistant cpu, and application system thereof | |
| US20090144561A1 (en) | Method and System for Software Protection Using Binary Encoding | |
| US20080263366A1 (en) | Self-verifying software to prevent reverse engineering and piracy | |
| US20070074050A1 (en) | System and method for software and data copy protection | |
| CN112231647A (en) | Software authorization verification method | |
| JPH0883046A (en) | Method for protecting volatile file using single hash | |
| MX2007011377A (en) | Secure boot. | |
| JP2015511050A (en) | Method and system for process working set isolation | |
| KR101443405B1 (en) | System and method for securing data | |
| US20020152396A1 (en) | Method for secure restoration of a database stroring non-secure content | |
| CN111737657B (en) | Method for realizing authorization control on JAVA software based on license file | |
| TWI222818B (en) | Software protection method and device | |
| CN108256351B (en) | File processing method and device, storage medium and terminal | |
| Park et al. | Repairing return address stack for buffer overflow protection | |
| KR101604892B1 (en) | Method and devices for fraud prevention of android-based applications | |
| CN110311773B (en) | Method for preventing injection type attack of advanced encryption standard coprocessor | |
| CN117077180B (en) | Lesu encrypted data recovery feasibility assessment and processing device, method, electronic equipment and storage medium | |
| CA2429587A1 (en) | Systems and methods for preventing unauthorized use of digital content | |
| CN117009931A (en) | Watermarking and watermarking application methods, devices, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |