CN111737657B - Method for realizing authorization control on JAVA software based on license file - Google Patents
Method for realizing authorization control on JAVA software based on license file Download PDFInfo
- Publication number
- CN111737657B CN111737657B CN202010548138.0A CN202010548138A CN111737657B CN 111737657 B CN111737657 B CN 111737657B CN 202010548138 A CN202010548138 A CN 202010548138A CN 111737657 B CN111737657 B CN 111737657B
- Authority
- CN
- China
- Prior art keywords
- file
- software
- registration
- time
- expiration
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 98
- 238000013475 authorization Methods 0.000 title claims abstract description 27
- 230000008569 process Effects 0.000 claims abstract description 58
- 101100127689 Schizosaccharomyces pombe (strain 972 / ATCC 24843) lcf2 gene Proteins 0.000 claims abstract description 16
- 238000009434 installation Methods 0.000 claims abstract description 16
- 238000001514 detection method Methods 0.000 claims description 17
- 230000007246 mechanism Effects 0.000 claims description 8
- 230000001680 brushing effect Effects 0.000 claims description 6
- 238000012986 modification Methods 0.000 claims description 4
- 230000004048 modification Effects 0.000 claims description 4
- 230000002159 abnormal effect Effects 0.000 claims description 3
- 230000001934 delay Effects 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 230000006872 improvement Effects 0.000 description 8
- 238000005336 cracking Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000007796 conventional method Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 102000004196 processed proteins & peptides Human genes 0.000 description 1
- 108090000765 processed proteins & peptides Proteins 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
A method for realizing authorization control on JAVA software based on license file includes the following steps: step S1: generating a local installation serial number when the upper user software is started for the first time; step S2: submitting software registration information through a page; step S3: lcf2, registering the file and detecting whether the file is valid; if yes, step S4 is effectively performed, otherwise, step S6 is skipped; step S4: establishing a pipeline file with user software, namely, pipe1, and sending authorization parameters into the pipeline; step S5: user software reads the authorization control parameters and immediately removes the pipeline file; the user software is controlled to operate only in the authorized mode; step S6: the user software main process is forcedly killed by the operating system, the registration control process actively exits, and the whole software life cycle is ended. The invention has the advantages of simple principle, easy realization, wide application range, better authorization management confidentiality and the like.
Description
Technical Field
The invention mainly relates to the technical field of software authorization management, in particular to a method for realizing authorization control on JAVA software based on license files.
Background
Due to the limitation of JAVA codes, a class binary file meeting the specification runs on the JVM virtual machine, and the complete original codes can be checked through a common disassembly tool; the basic control method in the aspect of authorizing the software to use is to calculate a series of registration numbers through a certain algorithm, send the registration numbers to corresponding software users by the development organization of the software, and restore the authentication information corresponding to the registration numbers according to the same algorithm to verify the authentication information in the process of starting and using the software.
There is still a great risk to the above conventional methods and mechanisms, including in particular the following:
(1) The class file input by the compiling tool is obfuscated by using obfuscating tools of a plurality of JAVA code layers, such as proguard and the like, and the original method name and variable name are changed into names such as a.b.c; the method has the advantages that the method can play a certain role in enhancing the readability of disassembled codes to a certain extent, but the method also depends on the complexity of logic in source codes, the more complex codes are mixed, the more difficult the disassembled source codes are to read and understand, the more difficult the decoding is only increased, the effect of code encryption is not achieved essentially, and advanced software developers can read out the original judgment logic only at a certain time cost so as to achieve the purpose of software decoding.
(2) And (3) carrying out encryption processing on the class file of which the original core is repaired, and then realizing decryption loading processing on the class file through a custom JAVA class loader. Because the encrypted class file does not accord with the specification of the class file, the source code cannot be seen by a disassembly tool naturally, and the class file can be saved. The core problem here is the management of the keys used in encryption (see description below at point 3), which can also be easily broken if the protection is not proper.
(3) One common way to manage the secret key is to put the secret key into a hidden directory of the software itself or a hidden directory of the operating system, and this way is very easy to find in a process viewing tool of the operating system, and does not play a role in protection. In addition, the encryption key issued by the software developer server is read through a network mode, and the network can protect the key from being intercepted in the network transmission process by using the ssl mode for encryption transmission. The secret key in the mode can be updated regularly, so that timeliness is shortened, and the cracking difficulty is increased. The issuing of the software registration code may also be generally obtained in this manner. The problem here is that the software must be in a networked environment, otherwise the software itself cannot perform the self-decrypting normal operation. The cracking personnel can easily realize the cracking of the software under the condition of network disconnection.
(4) The authorization code for the core can be developed by using other languages such as c, c++, and the like (which are difficult to crack due to the characteristics of the language), and then packaged into a dll or so library file which is provided for java to call so as to achieve the purpose of protecting software. In the method, the calling place of the software code to the protected code can simulate the function return value in normal authorization as long as the function calling place is positioned by a cracked person as long as the function calling relation exists in logic, and the purpose of cracking the software is achieved by easily bypassing the calling logic.
In summary, all conventional methods still fail to solve the problem of software authorization management.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: aiming at the technical problems existing in the prior art, the invention provides a method for realizing authorization control on JAVA software based on license files, which has the advantages of simple principle, easy realization, wide application range and better authorization management confidentiality.
In order to solve the technical problems, the invention adopts the following technical scheme:
a method for realizing authorization control on JAVA software based on license file includes the following steps:
step S1: generating a local installation serial number when the upper user software is started for the first time;
step S2: submitting software registration information through a page;
step S3: lcf2, registering the file and detecting whether the file is valid; if yes, step S4 is effectively performed, otherwise, step S6 is skipped;
step S4: establishing a pipeline file with user software, namely, pipe1, and sending authorization parameters into the pipeline;
step S5: user software reads the authorization control parameters and immediately removes the pipeline file; the user software is controlled to operate only in the authorized mode;
step S6: and executing the kil-9 operation of the user software main process, wherein the user software main process is forcedly killed by the operating system, and the registration control process actively exits until the whole life cycle of the software is ended.
As a further improvement of the invention: in the step S1, the process of generating the software installation serial number is as follows: taking the hardware serial number of the operating system level to form a unique software machine installation serial number; and adding a local time stamp, and displaying the whole time stamp on a first starting interface of the software in a 3DES mode in an encryption mode, so that serial numbers seen by users are completely different each time.
As a further improvement of the invention: in the step S3, the process of reading the registration file lcf is as follows: when the software is started for the first time, the content of a registration file input on a registration page is read by an internal HkFileLister file monitor to be written into a local lcf file and a backup file lcf2.First; the method comprises the steps of writing a software expiration control file, timeOut, attempting to read a local registration file of lcf for the first time, attempting to recover to a file of lcf from a temporary file of lcf2.Tmp and read again if the file fails due to damage or tampering of the file content, recovering to a file of lcf from a backup file of lcf2.First generated for the first time and reading again if the file fails, and considering that the registration file is invalid if the file fails still, and ending the reading process; and after the reading is successful, calling a validity verification method to judge whether the registration file is valid, and if the registration file is effectively deleted, storing the read file content in a memory registration variable, ending the reading process and starting a timeOut expiration judging service.
As a further improvement of the invention: the writing of the registration file (. Lcf 2) in the step S3 is as follows: the method comprises the steps of encrypting the content in a real-time memory registration variable through 3DES, then encoding through a general Base64Ex tool, and then writing the encrypted content into a temporary file; copying the file to the registration file lcf2 after success, and calling fd.sync () to execute forced disk brushing operation in time to ensure that the disk physical file can be really written each time and then returned.
As a further improvement of the invention: the method also comprises the following steps of judging the service flow for expiration of the timeout:
step S100: detecting whether the register file lcf or the memory register variable is empty or whether return software expiration does not exist, and writing control parameters into the software expiration control file timeOut;
step S200: reading a software installation serial number system mid in a memory registration variable and comparing the software installation serial number system mid with a locally generated serial number system mid, and if the software installation serial number system mid is inconsistent with the locally generated serial number system mid, expiring the software;
step S300: reading a registration expiration flag in a memory registration variable;
step S400: reading an installation time stamp in the memory registration variable and comparing with a last modification date time stamp of the registration file, and applying for generation again if the time difference value is more than a set time length;
step S500: software usage remaining time detection: firstly, considering that the software is expired when the current timestamp of the local machine is larger than the expiration timestamp set in the memory registration variable; judging whether the residual time stamp variable is zero or not;
step S600: judging that if the installation time stamp of the software is larger than the current time stamp of the machine and is longer than the set time length, the user is considered to have illegal operation: the time of the machine is intentionally adjusted forwards before installation;
step S700: judging that if the software detection time stamp is larger than the current time stamp of the machine and is longer than the set time length, the user is considered to have illegal operation: the local time is intentionally adjusted forwards in the running process of the software;
step S800: judging that if the software is outdated, the software main process automatically exits after the immediate start process delays exiting service for a period of time;
step S900: updating the detection time stamp in the memory registration variable to be the current time of the machine after the detection is finished; subtracting a certain time from the remaining time stamp; and invokes a registry write process to update the registry.
As a further improvement of the invention: the method also comprises a saving process of file integrity for abnormal conditions, namely, the integrity of the registered file is protected by generating a temporary file for backing up the file for the first time, forcedly brushing a disk and registering a JVM shutdown hook in the whole writing process of the file.
As a further improvement of the invention: the method also comprises an integral code protection flow, namely, the License registration file content is encrypted in a 3DES mode through confusion of a proguard tool, and the encrypted byte stream is encoded by using Base64 and stored into a lcf2 hidden file.
As a further improvement of the invention: the whole code protection flow comprises the following steps:
step S1000: base64 tool enhancement;
step S2000: the starting mode is enhanced; the core process Lm.java is hidden in a jar packet driven by spark-jdbc, a starting agent class is added outside to load class contents through class.forName, and an UpdateLicensThread expiration detection service is started;
step S3000: adding invalid complex logic judgment codes;
step S4000: and starting a protection mechanism for the register file expiration detection service, starting a timer to detect whether the service is abnormally stopped once every second, and immediately running again if the service is stopped.
As a further improvement of the invention: the method also comprises a protection management flow for the secret key, namely: the key for encryption and decryption is randomly generated by using byte array content with the length of 32 bits; and the 9 th to 40 th positions inserted into the beginning and the end of the byte array of the license file content are fixedly stored in a hidden mode in two parts, wherein the beginning part uses odd bits, and the end part uses even bits.
Compared with the prior art, the invention has the advantages that: the method for realizing authorization control on JAVA software based on license file has simple principle, easy realization and wide application range, strengthens the management of communication modes of software invokers, utilizes a pipeline (pipe) mechanism in a linux operating system and software to realize soft call (namely, the software is two different processes with a registration control module and has no logical call relation), and can ensure that only one process can read and the other process can write at the same time, and the pipeline file can be deleted immediately after the data is read by a reading process, thereby preventing data information from being stolen by other illegal processes and solving the risk that call points in software codes are positioned by a breaker.
Drawings
FIG. 1 is a schematic flow chart of the method of the present invention.
Detailed Description
The invention will be described in further detail with reference to the drawings and the specific examples.
As shown in fig. 1, the method for implementing authorization control on JAVA class software based on license file of the present invention includes the following steps:
step S1: generating a local installation serial number when the upper user software is started for the first time;
step S2: submitting software registration information through a page;
step S3: lcf2, registering the file and detecting whether the file is valid; if step S4 is effectively performed, otherwise step S6 is skipped. This step may be accomplished by a registration control module;
step S4: establishing a pipeline file with user software, namely, pipe1, and sending authorization parameters into the pipeline;
step S5: the user software reads the authorization control parameters and immediately removes the pipeline file. The user software is controlled to operate only in the authorized mode;
step S6: executing the kill-9 operation of the user software main process, wherein the user software main process is forcedly killed by the operating system, and the registration control module process actively exits until the whole software life cycle is ended.
By adopting the method, the invention strengthens the management of the communication mode of the software caller, and realizes soft call by utilizing a pipe (pipe) mechanism in the linux operating system and software (namely, the software is two different processes with a registration control module and has no logical call relation), because the pipe can ensure that only one process can read and the other process can write at the same time, the pipe file can be deleted immediately after the data is read by the reading process, the data information can be prevented from being stolen by other illegal processes, and the risk that a call point in the software code is positioned by a cracking person is also solved.
In a specific application example, in the step S1, the process of generating the software installation serial number is as follows: taking a series of hardware string numbers at the operating system level: the method comprises the steps that an operating system name osname, a CPU serial number cpu_no, a main board serial number main_no, a hard disk serial number disk_no and a physical memory byte total memory are formed, so that a unique software machine installation serial number is formed, and the possibility that software is copied to other computers and the same serial number is used is prevented; finally, a local time stamp is added and integrally encrypted and displayed on a first starting interface of the software in a 3DES mode, so that the serial numbers seen by users are completely different each time, and the guessing difficulty of a serial number generation mechanism is increased.
In a specific application example, in the above step S3, the process of reading the registration file (. Lcf 2) is: the first time the software starts, the content of the registration file input through the registration page is read by the internal hkfilelist file listener to the local. lcf2 file and the backup file (.lcf2.first). The software expiration control file (. TimeOut) is written, the first attempt to read the local lcf registration file attempts to recover from the temporary file (. Lcf2.tmp) to the lcf file and read again if the file fails to read due to corruption or tampering of the file contents, and if the file fails to recover from the backup file (. Lcf2.first) generated for the first time to recover to the lcf file and read again, and if the file fails to fail, the registration file is deemed invalid and the reading process ends. And after the reading is successful, a validity verification method (isValidlicense ()) is called to judge whether the registered file is valid, if so, the timeOut file is deleted effectively, the read file content is stored in a memory registration variable (license eProperties), and the reading process is ended and a timeOut expiration judging service is started.
In a specific application example, in the above step S3, the procedure of writing the registration file (. Lcf 2) is: the method comprises the steps of firstly encrypting content in a real-time memory registration variable (license eProperties) through 3DES, then encoding the content by a general Base64Ex tool, and then writing the encrypted content into a temporary file (lcf 2. Tmp); copying the file to the registration file (lcf 2) after success, and calling fd.sync () in time to execute forced disk brushing operation to ensure that the disk physical file can be truly written each time and then returned, thereby preventing the registration file from being damaged due to the conditions of unexpected power failure of the system and the like on a certain program.
In a specific application example, the invention further comprises a protection management flow for the secret key, namely: the key for encryption and decryption is randomly generated by using byte array content with the length of 32 bits; and the 9-40 th positions inserted into the beginning and end of the byte array of the license file content are fixedly stored in a hidden manner in two parts, wherein the beginning part uses odd bits, and the end part uses even bits (see the table below).
0-8 bytes 9-40 bytes 9 file length 1
In a specific application example, the invention further comprises a service flow for judging expiration of timeout, namely: a registration file expiration detection service (updatebicethread) updates the registration file every 5 minutes; the specific expiration detection process is as follows:
step S100: it is detected that if the registration file (. Lcf 2) or the memory registration variable (license peptides) is empty or there is no return software expiration (write control parameter: timeOutCode: -1 to software expiration control file (.timeout)).
Step S200: reading the software installation sequence number system mid in the memory registration variable and comparing the software expiration code (timeOutCode: -2) if not set consistently with the locally generated sequence number system mid.
Step S300: reading a register expiration flag in a memory register variable, wherein the register expiration flag is 0-valid; 1-expired (invalid) determination if equal to 1, the software expiration code (timeOutCode: -3).
Step S400: and (3) reading an installation time stamp (installments constant) in the memory registration variable and comparing with a time stamp of the last modification date (fileLastModifyTimes) of the registration file, and if the time difference is more than 1 hour, considering that the registration file is expired, requesting to reapply for generation. The corresponding software expiration code (timeOutCode: -4).
Step S500: software usage remaining time detection: firstly, considering that the software is expired when the local current time stamp (nonTimes) is larger than the expiration time stamp (outtime constant) set in the memory registration variable; and then judging whether the residual timestamp (remainInMs) variable is zero (the local time can be prevented from being tampered by a user). The corresponding software expiration code (timeOutCode: -5).
Step S600: judging that if the installation time stamp (installments) of the software is larger than the local current time stamp (nonTimes) and more than 1 hour, the user is considered to have illegal operation: the local time is intentionally adjusted forward before installation. The corresponding software expiration code (timeOutCode: -6).
Step S700: judging that if the software detection time stamp (checktimes) is larger than the local current time stamp (nonwtimes) and more than 1 hour, the user is considered to have illegal operation: the local time is deliberately adjusted forward during the software running process. The corresponding software expiration code (timeOutCode: -7).
Step S800: judging that if the timeOutCode is not equal to 0, the software is expired, and the software main process automatically exits (can not be interrupted) after the immediate start process delays the exit service (ShutDown thread) for 20 minutes.
Step S900: after the detection is finished, updating a detection time stamp (checktimes) in the memory registration variable as the current time of the local machine; the remaining timestamp (remainInMs) minus 5 minutes; and invokes a registry write process to update the registry.
In a specific application example, the invention further comprises a file integrity preservation process for abnormal situations, namely, the integrity of the registered file is protected by a series of measures such as generating a temporary file for backing up the file for the first time, forcedly brushing a disk, registering a JVM shutdown hook and the like in the whole writing process of the file.
In a specific application example, the invention further comprises an integral code protection flow, namely, by confusion of a proguard tool, the content of the License registration file is encrypted in a 3DES mode, the encrypted byte stream is encoded and stored into a lcf2 hidden file by using a Base64, and the enhanced protection mechanism comprises:
step S1000: base64 tool enhancement: using a modified coding dictionary: the last two digits of the dictionary in the original disclosure algorithm are ' + ', '/' is modified to ' - ', and the supplementary character is modified from ' = ' to ' _symbol; so that the encoded string content cannot be decoded by the general Base64 tool.
Step S2000: start-up mode enhancement
The core process Lm.java is hidden in the jar packet driven by spark-jdbc, and a starting agent class is added outside to load class contents through class.forName, and an UpdateLicensThread expiration detection service is started.
Step S3000: a large number of invalid complex logic judgment codes are added in the method of the invention, so that the reading difficulty of the disassembled source codes is increased.
Step S4000: a protection mechanism similar to the watchdog is started for the register file expiration detection service, and a timer is started to detect whether the service is abnormally stopped or not once every second. If stopped, the operation is performed again immediately.
The above is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above examples, and all technical solutions belonging to the concept of the present invention belong to the protection scope of the present invention. It should be noted that modifications and adaptations to the invention without departing from the principles thereof are intended to be within the scope of the invention as set forth in the following claims.
Claims (7)
1. A method for realizing authorization control on JAVA software based on license files is characterized by comprising the following steps:
step S1: generating a local installation serial number when the upper user software is started for the first time;
step S2: submitting software registration information through a page;
step S3: lcf2, registering the file and detecting whether the file is valid; if yes, step S4 is effectively performed, otherwise, step S6 is skipped;
step S4: establishing a pipeline file with user software, namely, pipe1, and sending authorization parameters into the pipeline;
step S5: user software reads the authorization control parameters and immediately removes the pipeline file; the user software is controlled to operate only in the authorized mode;
step S6: executing the kill-9 operation of the user software main process, wherein the user software main process is forcedly killed by an operating system, and the registration control process actively exits until the whole software life cycle is ended;
in the step S3, the process of reading the registration file lcf is as follows: when the software is started for the first time, the content of a registration file input on a registration page is read by an internal HkFileLister file monitor to be written into a local lcf file and a backup file lcf2.First; the method comprises the steps of writing a software expiration control file, timeOut, attempting to read a local registration file of lcf for the first time, attempting to recover to a file of lcf from a temporary file of lcf2.Tmp and read again if the file fails due to damage or tampering of the file content, recovering to a file of lcf from a backup file of lcf2.First generated for the first time and reading again if the file fails, and considering that the registration file is invalid if the file fails still, and ending the reading process; after the reading is successful, a validity verification method is called to judge whether the registration file is valid, if so, the timeOut file is deleted effectively, the read file content is stored in a memory registration variable, and the reading process is ended and a timeOut expiration judging service is started;
the writing of the registration file in the step S3, the process lcf is: the method comprises the steps of encrypting the content in a real-time memory registration variable through 3DES, then encoding through a general Base64Ex tool, and then writing the encrypted content into a temporary file; copying the file to the registration file lcf2 after success, and calling fd.sync () to execute forced disk brushing operation in time to ensure that the disk physical file can be really written each time and then returned.
2. The method for implementing authorization control on JAVA software based on license file according to claim 1, wherein in step S1, the process of generating the software installation serial number is as follows: taking the hardware serial number of the operating system level to form a unique software machine installation serial number; and adding a local time stamp, and displaying the whole time stamp on a first starting interface of the software in a 3DES mode in an encryption mode, so that serial numbers seen by users are completely different each time.
3. The method for implementing authorization control on JAVA class software based on license file according to any one of claims 1-2, further comprising judging service flow for expiration of timeout:
step S100: detecting whether the register file lcf or the memory register variable is empty or whether return software expiration does not exist, and writing control parameters into the software expiration control file timeOut;
step S200: reading a software installation serial number system mid in a memory registration variable and comparing the software installation serial number system mid with a locally generated serial number system mid, and if the software installation serial number system mid is inconsistent with the locally generated serial number system mid, expiring the software;
step S300: reading a registration expiration flag in a memory registration variable;
step S400: reading an installation time stamp in the memory registration variable and comparing with a last modification date time stamp of the registration file, and applying for generation again if the time difference value is more than a set time length;
step S500: software usage remaining time detection: firstly, considering that the software is expired when the current timestamp of the local machine is larger than the expiration timestamp set in the memory registration variable; judging whether the residual time stamp variable is zero or not;
step S600: judging that if the installation time stamp of the software is larger than the current time stamp of the machine and is longer than the set time length, the user is considered to have illegal operation: the time of the machine is intentionally adjusted forwards before installation;
step S700: judging that if the software detection time stamp is larger than the current time stamp of the machine and is longer than the set time length, the user is considered to have illegal operation: the local time is intentionally adjusted forwards in the running process of the software;
step S800: judging that if the software is outdated, the software main process automatically exits after the immediate start process delays exiting service for a period of time;
step S900: updating the detection time stamp in the memory registration variable to be the current time of the machine after the detection is finished; subtracting a certain time from the remaining time stamp; and invokes a registry write process to update the registry.
4. The method for implementing authorization control on JAVA software based on license file according to any one of claims 1-2, further comprising a procedure of saving file integrity for abnormal situation, namely, protecting the integrity of registered file by generating temporary file of first backup file, forcing brushing disk and registering JVM shutdown hook during the whole writing process of file.
5. The method for implementing authorization control on JAVA software based on License file according to any one of claims 1-2, further comprising an overall code protection process, namely, by program tool confusion, the content of License registration file is encrypted by 3DES mode, and the encrypted byte stream is encoded and stored as a lcf hidden file by Base 64.
6. The method for implementing authorization control for JAVA class software based on license file according to claim 5, wherein the overall code protection procedure comprises:
step S1000: base64 tool enhancement;
step S2000: the starting mode is enhanced; the core process Lm.java is hidden in a jar packet driven by spark-jdbc, a starting agent class is added outside to load class contents through class.forName, and an UpdateLicensThread expiration detection service is started;
step S3000: adding invalid complex logic judgment codes;
step S4000: and starting a protection mechanism for the register file expiration detection service, starting a timer to detect whether the service is abnormally stopped once every second, and immediately running again if the service is stopped.
7. The method for implementing authorization control on JAVA class software based on license file according to any one of claims 1-2, further comprising a protection management flow for a key, namely: the key for encryption and decryption is randomly generated by using byte array content with the length of 32 bits; and the 9 th to 40 th positions inserted into the beginning and the end of the byte array of the license file content are fixedly stored in a hidden mode in two parts, wherein the beginning part uses odd bits, and the end part uses even bits.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010548138.0A CN111737657B (en) | 2020-06-16 | 2020-06-16 | Method for realizing authorization control on JAVA software based on license file |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010548138.0A CN111737657B (en) | 2020-06-16 | 2020-06-16 | Method for realizing authorization control on JAVA software based on license file |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111737657A CN111737657A (en) | 2020-10-02 |
| CN111737657B true CN111737657B (en) | 2024-03-12 |
Family
ID=72649422
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010548138.0A Active CN111737657B (en) | 2020-06-16 | 2020-06-16 | Method for realizing authorization control on JAVA software based on license file |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111737657B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117574333A (en) * | 2024-01-16 | 2024-02-20 | 四川精容数安科技有限公司 | Verification method for License validity period of backup software |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1449523A (en) * | 2000-08-28 | 2003-10-15 | 康坦夹德控股股份有限公司 | Systems and methods for integrity certification and verification of content consumption environments |
| CN101277476A (en) * | 2007-03-30 | 2008-10-01 | 富士通株式会社 | Network system, terminal customization method and customization service method |
| CN103491097A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization system based on public key cryptosystem |
| CN103491098A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization method based on public key cryptosystem |
| CN103914635A (en) * | 2012-12-29 | 2014-07-09 | 中国航空工业集团公司第六三一研究所 | Eclipse software product authorization permission management method |
| CN105631312A (en) * | 2015-12-25 | 2016-06-01 | 北京奇虎科技有限公司 | Method and system for processing rogue programs |
| CN109284586A (en) * | 2018-08-27 | 2019-01-29 | 武汉达梦数据库有限公司 | A kind of soft ware authorization license implementation method and device |
| CN109889623A (en) * | 2019-02-26 | 2019-06-14 | 湖南省星岳天璇科技有限公司 | Big two layer stackups Ethernet ARP broadcast removing method and device |
| KR20190141335A (en) * | 2018-06-14 | 2019-12-24 | 서원대학교산학협력단 | Method and apparaus for managing license of software using the USB memory |
| CN110866226A (en) * | 2019-11-15 | 2020-03-06 | 中博信息技术研究院有限公司 | JAVA application software copyright protection method based on encryption technology |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006101549A2 (en) * | 2004-12-03 | 2006-09-28 | Whitecell Software, Inc. | Secure system for allowing the execution of authorized computer program code |
-
2020
- 2020-06-16 CN CN202010548138.0A patent/CN111737657B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1449523A (en) * | 2000-08-28 | 2003-10-15 | 康坦夹德控股股份有限公司 | Systems and methods for integrity certification and verification of content consumption environments |
| CN101277476A (en) * | 2007-03-30 | 2008-10-01 | 富士通株式会社 | Network system, terminal customization method and customization service method |
| CN103914635A (en) * | 2012-12-29 | 2014-07-09 | 中国航空工业集团公司第六三一研究所 | Eclipse software product authorization permission management method |
| CN103491097A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization system based on public key cryptosystem |
| CN103491098A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization method based on public key cryptosystem |
| CN105631312A (en) * | 2015-12-25 | 2016-06-01 | 北京奇虎科技有限公司 | Method and system for processing rogue programs |
| KR20190141335A (en) * | 2018-06-14 | 2019-12-24 | 서원대학교산학협력단 | Method and apparaus for managing license of software using the USB memory |
| CN109284586A (en) * | 2018-08-27 | 2019-01-29 | 武汉达梦数据库有限公司 | A kind of soft ware authorization license implementation method and device |
| CN109889623A (en) * | 2019-02-26 | 2019-06-14 | 湖南省星岳天璇科技有限公司 | Big two layer stackups Ethernet ARP broadcast removing method and device |
| CN110866226A (en) * | 2019-11-15 | 2020-03-06 | 中博信息技术研究院有限公司 | JAVA application software copyright protection method based on encryption technology |
Non-Patent Citations (1)
| Title |
|---|
| 基于实时授权的License控制技术在制造执行系统中的应用;胡国良等;《制造业自动化》;20130802;第35卷(第3期);第45-48页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111737657A (en) | 2020-10-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP0654920B1 (en) | Method for the efficient updating of the hash value of a data file | |
| JP4702957B2 (en) | Tamper resistant virtual machine | |
| US7203844B1 (en) | Method and system for a recursive security protocol for digital copyright control | |
| CA2133237C (en) | Software pay-per-use system | |
| EP1942431B1 (en) | Software or other information integrity verification using variable block length and selection | |
| US7721114B2 (en) | Method for using shared library in tamper resistant microprocessor | |
| US8417968B2 (en) | Secure repository with layers of tamper resistance and system and method for providing same | |
| US6889209B1 (en) | Method and apparatus for protecting information and privacy | |
| US7395551B2 (en) | Method and apparatus for managing software use | |
| KR101443405B1 (en) | System and method for securing data | |
| US20020152396A1 (en) | Method for secure restoration of a database stroring non-secure content | |
| CN111737657B (en) | Method for realizing authorization control on JAVA software based on license file | |
| EP2119092A2 (en) | Method and system for a recursive security protocol for digital copyright control | |
| JP2009252142A (en) | Data processing apparatus | |
| KR101604892B1 (en) | Method and devices for fraud prevention of android-based applications | |
| CN110311773B (en) | Method for preventing injection type attack of advanced encryption standard coprocessor | |
| KR20020051612A (en) | Prevention Of Illegal Software Usage Using Install Key Management Server | |
| Valdez | Protecting executable software | |
| CN117009931A (en) | Watermarking and watermarking application methods, devices, equipment and storage medium | |
| CN118250014A (en) | Secure communication method and device | |
| JPH1185498A (en) | Program execution control system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |