CN117454332A - Software use verification method, device and storage medium - Google Patents

Software use verification method, device and storage medium Download PDF

Info

Publication number
CN117454332A
CN117454332A CN202311304372.9A CN202311304372A CN117454332A CN 117454332 A CN117454332 A CN 117454332A CN 202311304372 A CN202311304372 A CN 202311304372A CN 117454332 A CN117454332 A CN 117454332A
Authority
CN
China
Prior art keywords
software
authorization file
identification information
target software
authorization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311304372.9A
Other languages
Chinese (zh)
Inventor
谢荣华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Road Tongsheng Software Development Co ltd
Original Assignee
Shenzhen Road Tongsheng Software Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Road Tongsheng Software Development Co ltd filed Critical Shenzhen Road Tongsheng Software Development Co ltd
Priority to CN202311304372.9A priority Critical patent/CN117454332A/en
Publication of CN117454332A publication Critical patent/CN117454332A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the application relates to the technical field of computer software and discloses a software use verification method, equipment and a storage medium, wherein the method comprises the following steps: responding to the verification triggering condition of the target software, and reading an authorization file from a preset system catalog of the electronic equipment, wherein the authorization file comprises first equipment identification information and first software identification information; acquiring second equipment identification information of the electronic equipment and second software identification information in target software; and if the first equipment identification information in the authorization file is matched with the second equipment identification information of the electronic equipment and the first software identification information in the authorization file is matched with the second software identification information of the target software, determining that the use verification of the target software is passed. By the mode, the application embodiment improves the applicability of the software use checking method for preventing the copy use of the software.

Description

Software use verification method, device and storage medium
Technical Field
The embodiment of the application relates to the technical field of computer software, in particular to a software use verification method, device and storage medium.
Background
To prevent software that needs authorization from being copied for use, more and more software developers now verify the software before it is used, and only devices that pass the verification can normally use the software. One common method in the software use check is to perform authorization check by the cloud, that is, by deploying the authorization check of the software on a cloud server, when the client runs the software, the client needs to send an authorization check request to the cloud check server, and the cloud check server queries a corresponding authorization database according to authorization information in the request, determines whether the client has legal authorization, and can normally use the software only by the checked client.
The cloud authorization verification method requires networking verification and has a certain requirement on network instantaneity, so that the cloud authorization verification method requires that a client for installing software has a network communication function and has a requirement on network quality during verification, and the cloud authorization verification method is poor in applicability. Furthermore, cloud verification only verifies whether the device is a binding device of the software to be verified, and cannot meet the verification requirements of different versions of the same software.
Therefore, how to improve the applicability of the software usage checking method for preventing the copy usage of the software is a technical problem to be solved.
Disclosure of Invention
In view of the above, embodiments of the present application provide a software use verification method, apparatus, and storage medium for improving applicability of the software use verification method for preventing copy use of software.
According to an aspect of the embodiments of the present application, there is provided a software use verification method, applied to an electronic device, the software use verification method including: responding to the verification triggering condition of the target software, and reading an authorization file from a preset system catalog of the electronic equipment, wherein the authorization file comprises first equipment identification information and first software identification information; acquiring second equipment identification information of the electronic equipment and second software identification information in target software; and if the first equipment identification information in the authorization file is matched with the second equipment identification information of the electronic equipment and the first software identification information in the authorization file is matched with the second software identification information of the target software, determining that the use verification of the target software is passed.
In an alternative way, in response to meeting a verification trigger condition of the target software, reading the authorization file from a preset system directory of the electronic device, including: responding to the starting operation of target software, and reading an authorization file from a preset system catalog of the electronic equipment; and/or, in response to reaching the preset time, reading the authorization file from a preset system catalog of the electronic device.
In an optional manner, before the authorization file is read from the preset system catalog of the electronic device in response to the verification trigger condition of the target software being met, the software usage verification method further includes: creating a system catalog according to a preset storage path, and setting the operation authority of the system catalog.
In an optional manner, before the authorization file is read from the preset system catalog of the electronic device in response to the verification trigger condition of the target software being met, the software usage verification method further includes: creating a system catalog according to a preset storage path, and setting the operation authority of the system catalog; and responding to the verification triggering condition of the target software, reading an authorization file from a preset system catalog of the electronic equipment, wherein the method comprises the following steps: responding to the verification triggering condition of the target software, and judging whether the target software has the operation authority to the operation catalog; if the target software has the operation authority to the system catalog, reading an authorization file from the preset system catalog of the electronic equipment; if the target software does not possess the operation authority to the system catalog, determining that the use check of the target software fails.
In an optional manner, before the authorization file is read from the preset system catalog of the electronic device in response to the verification trigger condition of the target software being met, the software usage verification method further includes: creating a system catalog according to a preset storage path; determining a first hash value of the storage path; encrypting the first hash value by using a public key of the electronic equipment to obtain a digital signature of the storage path; transmitting the digital signature to the target software; in response to the verification trigger condition of the target software being met, reading an authorization file from a preset system catalog of the electronic equipment, and further comprising: responding to the verification triggering condition meeting the target software; acquiring a digital signature of target software; decrypting the obtained digital signature by using the public key of the electronic equipment to obtain a second hash value; comparing whether the second hash value is consistent with the first hash value, and if so, reading the authorization file from a preset system directory of the electronic equipment; and if the second hash value is inconsistent with the first hash value, determining that the use check of the target software fails.
In an alternative manner, the authorization file corresponds to the electronic device, the authorization file also corresponds to the target software, and the authorization file is generated by the server and stored in a preset system directory of the electronic device corresponding to the authorization file.
In an alternative manner, the authorization files corresponding to the electronic device and the target software are obtained and stored in the following manner: acquiring first equipment identification information of electronic equipment and first software identification information in target software in the electronic equipment; transmitting the first equipment identification information and the first software identification information to a server so that the server generates an authorization file according to the first equipment identification information and the first software identification information; and receiving an authorization file generated by the server and storing the authorization file in a preset system directory in the electronic equipment.
In an alternative manner, before acquiring the first device identification information of the electronic device and the first software identification information in the target software in the electronic device, the software usage verification method further includes: downloading target software from a server and installing the target software; sending an authorization request to a server to enable the server to generate an authorization file; after receiving the authorization file generated by the server and storing the authorization file in a preset system directory in the electronic device, the method further comprises: and receiving the installation success information of the target software from the server.
In an optional manner, after the authorization file is read from the preset system catalog of the electronic device in response to the verification trigger condition of the target software being met, the software usage verification method further includes: if the reading of the authorization file from the system catalog fails, acquiring the backup authorization file corresponding to the electronic equipment from the server and storing the authorization file in the system catalog; and reading the backup authorization file acquired from the server from a preset system catalog of the electronic equipment.
The embodiment of the application also provides a software use verification device, which comprises: a processor and a memory, wherein executable instructions are stored in the memory, and the processor can execute the executable instructions to implement the software usage verification method in any of the above embodiments.
The application also provides a computer readable storage medium, such as a chip, an optical disc, etc., on which an execution program is stored, which when executed implements the software usage verification method according to any one of the embodiments.
According to the embodiment of the application, the authorization file is stored in the preset system catalog of the device using the software, so that authorization verification is performed locally on the device, and the problem that verification cannot be performed timely and effectively due to unstable mobile signals is solved; furthermore, the authorization file is used for carrying out double verification on the equipment and the software, so that the verification requirements of different versions of the same software can be met; the method of the embodiment of the application can be suitable for verification scenes used by various software.
The foregoing description is only an overview of the technical solutions of the embodiments of the present application, and may be implemented according to the content of the specification, so that the technical means of the embodiments of the present application can be more clearly understood, and the following detailed description of the present application will be presented in order to make the foregoing and other objects, features and advantages of the embodiments of the present application more understandable.
Drawings
The drawings are only for purposes of illustrating embodiments and are not to be construed as limiting the application. Also, like reference numerals are used to designate like parts throughout the figures. In the drawings:
FIG. 1 is a schematic diagram of a scenario for authorizing software copy use provided in an embodiment of the present application;
fig. 2 is a flow chart of a software use verification method according to an embodiment of the present application;
fig. 3 is a flow chart of a method for acquiring and storing an authorization file according to an embodiment of the present application;
fig. 4 is a flowchart illustrating a method for acquiring and storing an authorization file according to another embodiment of the present application;
FIG. 5 is a block diagram of a software usage verification device according to an embodiment of the present application;
fig. 6 is a block diagram of a software usage verification device according to an embodiment of the present application.
Detailed Description
Exemplary embodiments of the present application will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present application are shown in the drawings, it should be understood that the present application may be embodied in various forms and should not be limited to the embodiments set forth herein.
To meet the needs of users for personalized, high quality and high performance software, software developers will custom develop the software and set the developed software as pay-for-use software. The user needs to pay corresponding fees before using the payment software to obtain the authorization of the software and then normally use the services provided by the payment software. The act of copying the paid software to other computers or devices without authorization of the software developer not only infringes the intellectual property rights of the software developer, but also may cause various problems in the use process of the user, such as unstable software, incapacity of upgrading, incapacity of obtaining technical support, and the like.
To prevent software that needs authorization from being copied for use, more and more software developers now verify the software before it is used, and only devices that pass the verification can normally use the software. One common method in the software use check is to perform authorization check by the cloud, that is, by deploying the authorization check of the software on a cloud server, when the client runs the software, the client needs to send an authorization check request to the cloud check server, and the cloud check server queries a corresponding authorization database according to authorization information in the request, determines whether the client has legal authorization, and can normally use the software only by the checked client.
The cloud authorization verification method requires networking verification and has a certain requirement on network instantaneity, so that the cloud authorization verification method requires that a client for installing software has a network communication function and has a requirement on network quality during verification, and the cloud authorization verification method is poor in applicability. Especially for software with unstable moving signals of software application scenes during verification, the traditional cloud authorization verification method cannot timely and effectively perform authorization verification on the use of the software, for example, diagnostic software for repairing vehicles, the moving signals of repairing scenes (such as underground garages) of the diagnostic software are unstable, and at the moment, the speed of performing authorization verification by the cloud is low or the authorization verification cannot be completed. Moreover, the existing verification method only verifies whether the device is a binding device of the software to be verified, and cannot meet the verification requirements of different versions of the same software, for example: in order to improve the speed of cloud verification, when in authorization verification, the cloud can search whether the equipment has authorization records from the authorized equipment information according to the equipment information provided by the equipment triggering the authorization verification, if so, the equipment can run software triggering the cloud to perform the authorization verification, and the verification method can rapidly complete the verification after the verification is triggered, but if the authorization records of the equipment are the authorization records of other versions of the software, the equipment can also pass the authorization verification of the version of the software, so that the verification method cannot meet the verification requirements of different versions of the same software.
In summary, the cloud authorization verification method requires that the client side for installing the software has a network communication function and has a requirement on network quality during verification, and cannot meet the verification requirements of different versions of the same software, so that the cloud authorization verification method has poor applicability.
Based on the above, the inventor of the application finds that the authorization verification can be performed locally on the device by storing the authorization file in a preset system catalog of the device using the software, so that the problem that the verification cannot be performed effectively in time due to unstable mobile signals is solved; furthermore, the authorization file is used for carrying out double verification on the equipment and the software, so that the verification requirements of different versions of the same software can be met; the method of the embodiment of the application can be suitable for verification scenes used by various software.
The method and the device are suitable for verifying the use of authorized software.
Fig. 1 is a schematic diagram of a scenario for authorizing software copy use according to an embodiment of the present application. In the scenario of using three common copies of authorization software P1, P2 and P3 shown in fig. 1, the device A1 and the device A2 may be intelligent terminal devices such as a computer, a tablet computer and a mobile phone, the authorization software A1 and the authorization software A2 are different versions of the same authorization software a, the service provided by A1 is higher than A2, that is, A1 is an upgrade version of a, and A2 is a basic version of a. In the three scenarios shown in the figure, the connection between A1 and A2 represents the connection of the copy software of A2 from A1, and may be a physical connection through a transmission data line or a communication connection.
As shown in P1, the device A1 is provided with higher-level authorization software A1, that is, an authorization device with A1 being A1, the device A2 is provided with authorization software A2, that is, an authorization device with A2 being A2, and the device A2 copies the authorization software A1 to the device A2 to operate by connecting with the device A1, where the device A2 is not the authorization device of A1, but is only the authorization device of A2.
In another copy usage scenario P2 of the authorization software, a higher level of the authorization software A1 is installed on the device A1, that is, the authorization device A1 is A1 authorization device, the device A2 is not an authorization device of the authorization software a or the device A2 authorizes the expired device for the authorization software a, the device A2 copies the authorization software A1 to the device A2 to run by connecting with the device A1, and at this time, the device A2 has no authorization of the device A1.
In another copy usage scenario P3 of the authorization software, a basic version of the authorization software A2, that is, an authorization device with A1 being A2, is installed on the device A1, the device A2 is not an authorization device of the authorization software a or the device A2 is a device with an expiration authorized by the authorization software a, and the device A2 is connected with the device A1 to copy the authorization software A2 onto the device A2 for running, where the device A2 has no authorization of the device A2.
It should be noted that fig. 1 only illustrates a copy usage method of the authorized software, and does not limit the copy usage, and the present application is equally applicable to other scenarios of copy usage of the authorized software.
Fig. 2 is a flow chart of a software use verification method according to an embodiment of the present application. The method is performed by an electronic device, which may be a terminal device such as a mobile phone, a computer, and a tablet computer, for example, the device A1 and the device A2 shown in fig. 1. The electronic device is installed with software (hereinafter referred to as target software) that needs to be checked before use, for example, but not limited to, the diagnostic software for repairing a vehicle described above.
The steps executed by the method can be realized by target software on the electronic equipment, can be realized by independent verification software installed on the electronic equipment, and can be realized by a system program of the electronic equipment.
Referring to fig. 2, the method includes the steps of:
s110: and responding to the verification triggering condition of the target software, and reading an authorization file from a preset system catalog of the electronic equipment, wherein the authorization file comprises first equipment identification information and first software identification information.
The electronic equipment is provided with target software which is software that can be normally used only by authorization verification. If the authorization verification fails, the electronic device cannot use the service provided by the target software, or the electronic device cannot use the service provided by the target software only by authorization, and only basic service can be used. When verification of the target software is triggered, the electronic device starts to execute an authorization verification step of the software.
Compared with the method for verifying the authorization of the software on the cloud server, the cloud server can query the corresponding authorization database according to the authorization information in the request and judge whether the electronic equipment has a legal authorization cloud verification method.
After the authorization file is generated, the authorization file is stored in a preset system catalog of the electronic equipment, and the authorization file is directly read from the system catalog when the software is used and checked. The preset system directory may be a private directory set by the target software, that is, a private directory only the target software knows the directory address and only the target software can access, or a public directory set with access authority, that is, a directory only the software on the device has authority to read. When the authorization file is used for verifying the current target software and the electronic equipment, the authorization file needs to be prevented from being cracked and modified as much as possible, and the difficulty of accessing the authorization file is increased by setting a system directory for storing the authorization file.
The authorization file stored in the system catalog corresponds to the equipment and the target software, the authorization file can be generated by the cloud according to the equipment information and the target software information, and the authorization file after the cloud is generated is sent to the electronic equipment corresponding to the authorization file by the cloud and is stored in the preset system catalog by the electronic equipment; the authorization file may also be generated by an algorithm program built in the electronic device system and the generated authorization file is stored in a preset system directory.
The authorization file includes first device identification information and first software identification information. The software identification information is target software information corresponding to the identification file, and the equipment identification information is information for identifying the electronic equipment authorized to use the target software. Preferably, the serial number or number of the target software may be set as the software identification information, and the software identification information may include information such as a software version, a software support language, a software size, and the like, in addition to the unique identification information of the target software. Preferably, the serial number, physical address information, and the like of the device may be set as the device identification information, and for example, when the electronic device is a tablet computer, the tablet computer serial number, a wifi mac (i.e., wifi address), and a bluetooth mac (i.e., bluetooth address) may be set as the device identification information. That is, the device identification information and the software identification information may be one unique identification information, or may further include other information based on the unique identification information.
S120: and acquiring second equipment identification information of the electronic equipment and second software identification information in the target software.
The type of the second device identification information of the electronic device and the type of the second software identification information in the target software are correspondingly set with the type of the first device identification information and the type of the first software identification information in the authorization file, for example, when the first device identification information in the authorization file is a device serial number, the serial number of the electronic device currently running the target software is obtained; and when the first software identification information in the authorization file is the software number and the software version, acquiring the software number and the software version of the target software on the current electronic equipment. The second equipment identification information of the electronic equipment can be obtained by reading the public attribute information of the electronic equipment; the second software identification information in the target software can be obtained by reading the attribute information of the target software.
S130: and if the first equipment identification information in the authorization file is matched with the second equipment identification information of the electronic equipment and the first software identification information in the authorization file is matched with the second software identification information of the target software, determining that the use verification of the target software is passed.
When the device identification information in the authorization file is matched with the device identification information of the current electronic device, and the software identification information in the authorization file is matched with the software identification information of the target software, the electronic device is considered to have the authorization of the target software, namely the authorization check is passed. The device identification information in the authorization file is completely consistent with the device identification information of the current electronic device, and the software identification information in the authorization file is completely consistent with the software identification information of the current target software; the device identification information in the authorization file may also include the device identification information (i.e., partially consistent) of the current electronic device, where the software identification information in the authorization file is completely consistent with the software identification information of the target software; the device identification information in the authorization file is completely consistent with the device identification information of the current electronic device, and the software identification information in the authorization file comprises the software identification information (namely, partial consistency) of the target software; it may also be that the device identification information in the authorization file includes device identification information (i.e., partially identical) of the electronic device, and the software identification information in the authorization file includes software identification information (i.e., partially identical) of the target software. If the verification is passed, the software is normally used; if the verification fails, the target software is set to refuse to use or only to use services that do not require authorization.
When the target software is verified, the device identification information and the software identification information are adopted for double verification, so that the verification requirements of different versions of the same software can be met, and the copy and use of the software can be prevented more widely and effectively. As shown by P1 in fig. 1, the device A1 is a device having authorization of the software A1, the authorization file F1 (A1, A1) of A1 is stored in A1, the device A2 is a device having authorization of A2, and the authorization file F2 (A2, A2) of A2 is stored in A2. After device A2 copies software A1 from device A1, A2 cannot pass the use check of A1. When the verification of A1 is triggered, the authorization file stored in A2 may be the authorization file F2 (A2, A2) of A2, or the authorization file F1 (A1, A1) of A1 stored on A1 that is copied when A1 is copied, and no matter whether the authorization file is F1 (A1, A1) or F2 (A2, A2), the A1 cannot pass the double verification of the device identification information and the software identification information of the authorization file on A2. When the authorization file in the A2 is the authorization file F1 (A1, A1), the equipment A2 is inconsistent with the equipment identification information of the A1 recorded in the authorization file; when the authorization file in the A2 is the authorization file F2 (A2, A2), the software identification information of the A2 recorded in the authorization file is inconsistent with the software identification information of the current software a1, and the A2 cannot pass the use verification of the software a 1.
As shown in P2 in fig. 1, the device A1 is a device with software A1 authorization, the authorization file F1 (A1, A1) of A1 is stored in the device A1, when the device A2 is a device with A1 authorization expiration, the authorization file F3 (A1 ', A2) may be stored, and when the device A2 is an unauthorized device, the authorization file does not exist on the device A2, and similarly, even if the device A2 copies the software A1 from the device A1, the device A2 cannot pass the double check of the authorization file no matter whether the authorization file F1 (A1, A1), the authorization file F3 (A1', A2) or the authorization file is not used, but cannot run normally on the device A2 by checking the device A1, so that the copy of the software is effectively prevented.
In response to satisfaction of the verification trigger condition of the target software, since the target software may be other versions copied from other devices (hereinafter referred to as source devices), the software identification information stored in the authorization file in the electronic device is not matched with the software identification information in the current target software; if the target software is copied, the authorization file corresponding to the target software is also copied from the source device, and at the moment, the device identification information stored in the authorization file in the electronic device is inconsistent with the device identification information of the current electronic device. Therefore, when the target software is verified, the double verification is performed by adopting the equipment identification information and the software identification information, and the method can also be suitable for the use verification of the target software when the target software is copied and the target software and the authorization file are copied together.
The verification triggering condition can be set according to actual use. In an alternative manner, S110 includes:
s110a, in response to the starting operation of the target software, an authorization file is read from a preset system catalog of the electronic equipment.
When the software is started, the software usually starts to run after the loading is completed. Therefore, the verification trigger condition can be set as the starting operation of the target software, namely, when the target software is started, the verification process is embedded into the loading process of the target software, and if the verification is passed, the target software runs normally; if the verification fails, the target software prompts that the authorization fails, the target software stops running and refuses to use, or the target software only provides the service which does not need the authorization verification.
In an alternative manner, S110 includes:
s110b, in response to reaching the preset time, reading the authorization file from a preset system catalog of the electronic equipment.
In the method, the verification triggering condition is set to be that the preset time arrives, namely, a timing verification method is adopted. The software use verification can be performed according to a fixed time period, namely, the software use verification is performed once at fixed intervals, the preset time is a plurality of time points set according to the fixed time period, and the interval duration between the time points is the same; it is also possible to set a fixed time point for verification (the time intervals between the time points are not necessarily the same), for example, the target software is authorized to perform verification in a later month and three months of the device.
It should be noted that the two methods for setting the check trigger conditions may be used simultaneously, that is, two check trigger conditions are set, and the check process is started when any one of the two conditions is satisfied.
In order to avoid cracking and modifying the authorization document as much as possible, in an alternative way, before S110, the software usage verification method further comprises:
s101, creating a system catalog according to a preset storage path, and setting the operation authority of the system catalog.
The system catalog is created according to the preset storage path, so that the catalog only stores the authorized file, and the authorized file is prevented from being influenced by the operation on other files, for example, if other files are also stored in the preset storage path, the operation of deleting the whole system catalog may be executed when other files are deleted, and the authorized file is deleted. Further, the operation authority of the system directory is set, so that the authorized file can be accessed only when the authorized file is used for verification, and access, modification and deletion of the authorized file by other devices and other processes are avoided.
The step S110 further includes the following sub-steps:
s111, judging whether the target software has the operation authority to the system catalog or not in response to the fact that the verification triggering condition of the target software is met. If the target software has the operation authority to the system catalog, S113 is executed; if the target software does not possess the operation authority to the system directory, S115 is executed.
S113, reading the authorization file from a preset system catalog of the electronic equipment.
S115, determining that the use check of the target software fails.
In order to avoid access, modification and deletion of the authorized file by other devices and other processes, when the use verification is executed before the use of the target software, whether the target software has the operation authority to the system directory needs to be judged first, and after the operation authority to the system directory is confirmed to be possessed by the target software, the target software is allowed to read the authorized file from the preset system directory of the electronic device, and the next use verification process is started; if the target software does not have the operation authority to the system catalog, the failure of the use check of the target software can be directly determined, and the operation of the target software on the electronic equipment is limited, so that the purpose of preventing the copy use of the software is realized.
In order to further increase the security of the system catalog, in an alternative way, before S110, the software usage verification method further includes the following sub-steps:
s102, creating a system catalog according to a preset storage path.
S103, determining a first hash value of the storage path.
And (3) carrying out hash calculation on the storage path data (such as "/home/user/file.txt") by using a hash function to obtain a hash value of the storage path.
Preferably, the deposit path may be hashed using a hash function such as MD5, SHA-1, and SHA-256. Wherein MD5 (Message Digest Algorithm 5) is a widely used hash function that takes as input a message of arbitrary length, producing a 128-bit hash value; SHA-1 (Secure Hash Algorithm 1) is an upgrade to MD5 and is also a commonly used hash function that takes as input a message of arbitrary length, producing a 160-bit hash value; SHA-256 (Secure Hash Algorithm 256) is the successor to SHA-1 and is also a commonly used hash function that takes as input messages of arbitrary length, producing a 256-bit hash value.
S104, encrypting the first hash value by using the public key of the electronic equipment to obtain the digital signature of the storage path.
Preferably, the public key of the electronic device is issued by a digital Certificate Authority (CA).
Preferably, the first hash value is encrypted using an asymmetric encryption algorithm, such as the RSA algorithm. The RSA algorithm is an asymmetric encryption algorithm, and is proposed by three mathematicians of Ronand Livister (Ron Rivest), addi Samo (Adi Shamir) and Leonard Adleman (Leonard Adleman) in 1977, and is based on the mathematical problem that the product of two large prime numbers is difficult to decompose, so as to realize public key encryption and digital signature.
S105, the digital signature is sent to the target software.
The digital signature is sent to the target software to give the target software access to the system directory in which the authorization file is stored.
S110 further comprises the sub-steps of:
s112, responding to the verification trigger condition of the target software.
S114, acquiring the digital signature of the target software.
After the verification trigger condition of the target software is satisfied, the digital signature of the target software is verified to confirm that the target software has the right to access the system directory storing the authorized file.
S116, decrypting the obtained digital signature by using the public key of the electronic device to obtain a second hash value.
The digital signature of the authorization software having the right to access the system directory is generated via the encrypted first hash value of the public key of the electronic device, and thus the second hash value can be obtained by decrypting the acquired digital signature using the public key of the electronic device.
S118, comparing whether the second hash value is consistent with the first hash value. If the second hash value is consistent with the first hash value, then S118a is performed; if the second hash value and the first hash value do not match, then S118b is performed.
If the second hash value is consistent with the first hash value, the digital signature of the target software is generated by encrypting the first hash value by the public key of the electronic equipment, namely the target software has the authority to access the system directory storing the authorized file.
S118a, the authorization file is read from a preset system catalog of the electronic equipment.
S118b, determining that the use check of the target software fails.
Similarly, after confirming that the target software has the operation authority to the system catalog, the target software is allowed to read the authorization file from the preset system catalog of the electronic equipment, and the next use checking flow is entered; if the target software does not have the operation authority to the system catalog, the failure of the use check of the target software can be directly determined, and the operation of the target software on the electronic equipment is limited, so that the purpose of preventing the copy use of the software is realized.
The system catalog stored with the authorized files is provided with the permission to ensure that only software authorized by the system catalog can access the authorized files, thereby improving the security of the system catalog, avoiding the influence on the authorized files by the operation of other files, ensuring that only the authorized files can be accessed by the software authorized by the system catalog when being used for verification, and avoiding the access, modification and deletion of the authorized files by other devices and other processes; furthermore, the digital signature is used for authorizing the target software to access the system catalog, so that the security of the system catalog can be effectively improved, and the situation that the authorized file is stolen and maliciously modified due to malicious cracking of the authority of the system catalog is avoided.
If the authorization file is generated by the electronic device, the electronic device may modify itself and illegally generate the authorization file outside the authorization range. The electronic equipment automatically modifies and illegally generates the authorization file outside the authorization range, so that even if double verification of the authorization file exists, other equipment can use the forged authorization file to pass the use verification of the copied software. In an alternative manner, the authorization file corresponds to the electronic device, the authorization file also corresponds to the target software, and the authorization file is generated by the server and stored in a preset system directory of the electronic device corresponding to the authorization file.
When the electronic equipment is authorized to the corresponding software use right, the authorization file is generated by the server, and the server transmits the authorization file to the electronic equipment after generating the authorization file, so that the electronic equipment is prevented from modifying the authorization file by itself and illegally generating the authorization file outside the authorization range, the security of the authorization file is ensured, and the copying and the use of the software are effectively prevented.
Fig. 3 is a flowchart of a method for acquiring and storing an authorization file according to an embodiment of the present application. The method is also performed by the electronic device. Referring to fig. 3, an authorization file corresponding to an electronic device and target software is obtained and stored through the following steps:
S210, acquiring first equipment identification information of the electronic equipment and first software identification information in target software in the electronic equipment.
S220, the first equipment identification information and the first software identification information are sent to the server, so that the server generates an authorization file according to the first equipment identification information and the first software identification information.
After the electronic equipment passes the authorization of the target software, the cloud server generates an authorization file according to the equipment identification information of the electronic equipment and the software identification information of the currently authorized target software. The electronic device passes the authorization of the target software, and the electronic device can subscribe to the service of the target software or purchase the target software. The authorization file generated by the server according to the equipment identification information and the software identification information can be an encrypted file generated by encrypting the equipment identification information and the software identification information by the server, or can be a file obtained by directly splicing the equipment identification information and the software identification information.
S230, receiving the authorization file generated by the server and storing the authorization file in a preset system catalog in the electronic equipment.
If the authorization file is an encrypted file generated by encrypting the equipment identification information and the software identification information by the server, after the authorization file is read, the equipment identification information and the software identification information in the authorization file can be obtained by decrypting the authorization file. Therefore, the server generates the authorization file and performs double verification by using the authorization file after verification triggering, and the electronic equipment can be effectively prevented from modifying and generating the authorization file by self through encrypting the authorization file.
Fig. 4 is a flowchart of a method for acquiring and storing an authorization file according to another embodiment of the present application. Referring to fig. 4, the method includes the steps of:
s310, downloading the target software from the server and installing the target software.
S320, sending an authorization request to the server to enable the server to generate an authorization file.
S330, acquiring first equipment identification information of the electronic equipment and first software identification information in target software in the electronic equipment.
S340, the first equipment identification information and the first software identification information are sent to the server, so that the server generates an authorization file according to the first equipment identification information and the first software identification information.
S350, receiving the authorization file generated by the server and storing the authorization file in a preset system catalog in the electronic equipment.
S360, receiving the installation success information of the target software from the server.
After the electronic device downloads the target software, the electronic device is still in the process of installing the target software, and after the electronic device acquires the authorization file from the server and stores the authorization file in the system catalog, the installation process of the target software is finished, and at this time, the electronic device receives the installation success information of the target software from the server.
It should be understood by those skilled in the art that downloading the target software from the server and installing the target software in S310 includes downloading and installing the target software for the first time and downloading and installing the target software when updating the already installed target software.
Steps 330 to 350 are the same as steps 210 to 230, and therefore, specific implementation manners of steps 330 to 350 can refer to steps 210 to 230, and are not described herein.
The server can backup and generate the authorization file after generating the authorization file, so that the target software can still be successfully checked when the original authorization file is deleted or damaged by mistake. In an alternative manner, after the step S110, the software usage verification method further includes the steps of:
s117, if the reading of the authorization file from the system catalog fails, the backup authorization file corresponding to the electronic equipment is obtained from the server and stored in the system catalog.
S119, reading the backup authorization file acquired from the server from a preset system catalog of the electronic equipment.
When the original authorization file is deleted, damaged or moved by mistake, the reading of the authorization file from the system catalog can fail in the process of checking the software use. The electronic device obtains the backup authorization file from the server and stores the backup authorization file in the path of the original authorization file to replace the original authorization file. And re-reading the backed-up authorization file to make the verification process smoothly proceed.
The electronic equipment sends an authorized file query request with self equipment identification information to the server, the server searches an authorized file corresponding to the electronic equipment from a database of the authorized file according to the equipment identification information in the query request, and the queried authorized file is sent to the electronic equipment so as to enable the verification process to be carried out smoothly.
In a preferred form, the target software is diagnostic software for servicing a vehicle.
Because the diagnostic software is often in a state of unstable moving signals when in use, such as in an underground garage or suburban area, embodiments of the present application are particularly useful for diagnostic software for repairing vehicles.
Based on the above-described concept, according to an aspect of the embodiments of the present application, there is provided a software usage verification device capable of executing the generating method of any one of the embodiments described above. Referring specifically to fig. 5, fig. 5 is a block diagram of a software usage verification device according to an embodiment of the present application. As shown in fig. 5, the apparatus 400 includes a reading module 410, an acquisition module 420, and a determination module 430.
A reading module 410, configured to read an authorization file from a preset system directory of the electronic device in response to a verification trigger condition of the target software being satisfied, where the authorization file includes first device identification information and first software identification information;
An obtaining module 420, configured to obtain second device identification information of the electronic device and second software identification information in the target software;
the determining module 430 is configured to determine that the usage verification of the target software passes if the first device identification information in the authorization file matches the second device identification information of the electronic device and the first software identification information in the authorization file matches the second software identification information of the target software.
The software usage verification device in this embodiment of the present application further includes other modules for executing the steps in the foregoing software usage verification method embodiment, which are not described herein in detail.
The present application further provides a software usage verification device, please refer to fig. 6, the software usage verification device 500 includes: a processor (processor) 502 and a memory (memory) 504.
The processor 502 is configured to execute the program 506, and may specifically perform the relevant steps in the embodiment of the software usage verification method.
In particular, program 506 may include computer-executable instructions.
The processor 502 may be a central processing unit CPU, or an application specific integrated circuit ASIC, or one or more integrated circuits configured to implement embodiments of the present application. The one or more processors included in the software usage verification device may be the same type of processor, such as one or more CPUs; but may also be different types of processors such as one or more CPUs and one or more ASICs.
Memory 504 for storing program 506. The memory 504 may comprise high-speed RAM memory or may further comprise non-volatile memory (non-volatile memory), such as at least one disk memory.
The application further provides a chip which is suitable for the software use checking device, an instruction set is stored in the chip, and when the instruction set is executed, the chip can instruct the software use checking device to realize the operation of the software use checking method according to any embodiment.
In addition, the application further provides a computer readable storage medium, such as a chip, an optical disc, and the like, on which an execution program is stored, where the execution program is executed to implement the software usage verification method according to any one of the embodiments.
The computer readable storage medium according to the embodiments of the present disclosure is not limited to the above-described embodiments, and may be, for example, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the above. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In an embodiment of the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
Those skilled in the art will appreciate that the above-described preferred embodiments can be freely combined and stacked without conflict. In which the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures, for example, two blocks shown in succession may in fact be executed substantially concurrently or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. The numbering of the steps herein is for convenience of illustration and reference only and is not intended to limit the order in which the steps are performed, the particular order of execution being determined by the technology itself, and the skilled artisan can determine various allowable, reasonable orders based on the technology itself.
It should be noted that step numbers (letter or number numbers) are used in this application to refer to certain specific method steps for convenience and brevity only, and are in no way intended to limit the order of the method steps by letter or number. It will be apparent to those skilled in the art that the sequence of steps of the relevant method should be determined by the technique itself, should not be unduly limited by the presence of step numbers, and that one skilled in the art can determine various allowable, reasonable sequences of steps based on the technique itself.
Those skilled in the art will appreciate that the above-described preferred embodiments can be freely combined and stacked without conflict.
It should be understood that the above-described embodiments are exemplary only and not limiting, and that various obvious or equivalent modifications and substitutions to the details described above may be made by those skilled in the art without departing from the underlying principles of the present application, and are intended to be included within the scope of the claims of the present application.

Claims (10)

1. A software use verification method applied to an electronic device, the method comprising:
responding to a verification triggering condition of target software, and reading an authorization file from a preset system catalog of the electronic equipment, wherein the authorization file comprises first equipment identification information and first software identification information;
Acquiring second equipment identification information of the electronic equipment and second software identification information in the target software;
and if the first equipment identification information in the authorization file is matched with the second equipment identification information of the electronic equipment, and the first software identification information in the authorization file is matched with the second software identification information of the target software, determining that the use verification of the target software is passed.
2. The method of claim 1, wherein the reading the authorization file from the preset system directory of the electronic device in response to the verification trigger condition of the target software being satisfied comprises:
responding to the starting operation of the target software, and reading the authorization file from a preset system catalog of the electronic equipment; and/or the number of the groups of groups,
and in response to reaching a preset time, reading the authorization file from a preset system catalog of the electronic equipment.
3. The method of claim 1, wherein prior to the reading of the authorization file from the preset system directory of the electronic device in response to the satisfaction of the verification trigger condition of the target software, the method further comprises: creating the system catalog according to a preset storage path, and setting the operation authority of the system catalog;
The response to the verification trigger condition of the target software being met, the authorization file is read from a preset system catalog of the electronic equipment, and the method comprises the following steps: responding to the verification triggering condition of the target software, and judging whether the target software has the operation authority to the operation catalog; if the target software has the operation authority to the system catalog, reading an authorization file from a preset system catalog of the electronic equipment; and if the target software does not possess the operation authority to the system catalog, determining that the use check of the target software fails.
4. The method of claim 1, wherein prior to the reading of the authorization file from the preset system directory of the electronic device in response to the satisfaction of the verification trigger condition of the target software, the method further comprises: creating the system catalog according to a preset storage path; determining a first hash value of the depositing path; encrypting the first hash value by using the public key of the electronic equipment to obtain a digital signature of the storage path; transmitting the digital signature to the target software;
the response to the verification trigger condition of the target software being met, the authorization file is read from a preset system catalog of the electronic equipment, and the method further comprises the following steps: responding to the verification triggering condition of the target software; acquiring a digital signature of the target software; decrypting the obtained digital signature by using the public key of the electronic equipment to obtain a second hash value; comparing whether the second hash value is consistent with the first hash value or not, and if the second hash value is consistent with the first hash value, reading an authorized file from a preset system directory of the electronic equipment; and if the second hash value is inconsistent with the first hash value, determining that the use check of the target software fails.
5. The method of claim 1, wherein the authorization file corresponds to an electronic device, the authorization file further corresponds to target software, and the authorization file is generated by a server and stored to a preset system directory of the electronic device corresponding to the authorization file.
6. The method of claim 5, wherein the authorization file corresponding to the electronic device and the target software is obtained and stored by:
acquiring first equipment identification information of electronic equipment and first software identification information in target software in the electronic equipment;
transmitting the first equipment identification information and the first software identification information to the server so that the server generates the authorization file according to the first equipment identification information and the first software identification information;
and receiving the authorization file generated by the server and storing the authorization file into a preset system directory in the electronic equipment.
7. The method of claim 6, wherein prior to the acquiring the first device identification information of the electronic device and the first software identification information in the target software in the electronic device, the method further comprises: downloading the target software from the server and installing the target software; sending an authorization request to the server to enable the server to generate the authorization file;
After the receiving the authorization file generated by the server and storing the authorization file in a preset system directory in the electronic device, the method further includes: and receiving the installation success information of the target software from the server.
8. The method of claim 5, wherein after the authorization file is read from a preset system directory of the electronic device in response to the verification trigger condition of the target software being satisfied, the method further comprises:
if the authorization file is failed to be read from the system catalog, acquiring a backup authorization file corresponding to the electronic equipment from the server and storing the authorization file in the system catalog;
and reading the backup authorization file acquired from the server from a preset system catalog of the electronic equipment.
9. A software use verification device, comprising: the device comprises a processor, a memory, a communication interface and a communication bus, wherein the processor, the memory and the communication interface complete communication with each other through the communication bus;
the memory is configured to store executable instructions that cause the processor to perform the operations of the software usage verification method of any one of claims 1-8.
10. A computer readable storage medium, characterized in that the storage medium has stored therein executable instructions which, when run on a software usage verification device, cause the software usage verification device to perform the operations of the software usage verification method according to any one of claims 1-8.
CN202311304372.9A 2023-10-08 2023-10-08 Software use verification method, device and storage medium Pending CN117454332A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311304372.9A CN117454332A (en) 2023-10-08 2023-10-08 Software use verification method, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311304372.9A CN117454332A (en) 2023-10-08 2023-10-08 Software use verification method, device and storage medium

Publications (1)

Publication Number Publication Date
CN117454332A true CN117454332A (en) 2024-01-26

Family

ID=89578978

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311304372.9A Pending CN117454332A (en) 2023-10-08 2023-10-08 Software use verification method, device and storage medium

Country Status (1)

Country Link
CN (1) CN117454332A (en)

Similar Documents

Publication Publication Date Title
CN112417379B (en) Cluster license management method and device, authorization server and storage medium
JP4980064B2 (en) Method for differentially updating data stored in portable terminal from first data version to updated data version, portable terminal and computer program
CN110213276B (en) Authorization verification method under micro-service architecture, server, terminal and medium
KR101000191B1 (en) Secure software updates
CN108710681B (en) File acquisition method, device, equipment and storage medium
US9811037B2 (en) Methods and systems for determining authenticity of a consumable product
US8250630B2 (en) Detecting unauthorized computer access
CN111526159B (en) Method and device for establishing data connection, terminal equipment and storage medium
CN112597485B (en) Information checking method, device and equipment based on block chain and storage medium
CN114398686A (en) Block chain-based file storage method, device, equipment and storage medium
WO2016165215A1 (en) Method and apparatus for loading code signing on applications
CN111966422A (en) Localized plug-in service method and device, electronic equipment and storage medium
CN115514492A (en) BIOS firmware verification method, device, server, storage medium and program product
WO2020063002A1 (en) Data management method and apparatus, and server
CN110324283B (en) Permission method, device and system based on asymmetric encryption
CN110597820A (en) Block chain based information processing method and device, storage medium and equipment
CN112437071A (en) Method, system, device and storage medium for device control
CN111079155A (en) Data processing method and device, electronic equipment and computer storage medium
CN117454332A (en) Software use verification method, device and storage medium
CN112732676B (en) Block chain-based data migration method, device, equipment and storage medium
JP2021508892A (en) Perfection inspection of electronic devices
CN113127930A (en) Charging data processing method, device and computer readable storage medium
CN109471810B (en) Hardware configuration validation method and device
CN109977631B (en) Software authorization method and system based on cluster deployment
CN111611551A (en) Dynamic link library protection method and system based on state cryptographic algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination