CN1704863A - Licensing file generating method, software product protection method and system - Google Patents
Licensing file generating method, software product protection method and system Download PDFInfo
- Publication number
- CN1704863A CN1704863A CN 200410042494 CN200410042494A CN1704863A CN 1704863 A CN1704863 A CN 1704863A CN 200410042494 CN200410042494 CN 200410042494 CN 200410042494 A CN200410042494 A CN 200410042494A CN 1704863 A CN1704863 A CN 1704863A
- Authority
- CN
- China
- Prior art keywords
- digital signature
- license file
- product
- common information
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
This invention discloses a generation method for permit documents including the following steps: generating a permit document die plate, storing shared information and product information for a soft product, applying a shared information private key to generate a shared information digital signature, its cleartext data include at least the above mentioned shared information, applying a product information private key to generate its digital signature and storing the signature of the shared information and the product information in a permit document die plate to form a permit document. This invention also relates to a protection method and a system for software products.
Description
Technical field
The present invention relates to software product protection field, particularly relate to a kind of license file generation method and reach the method and system of protecting software by license file.
Background technology
Along with the development of infotech, software industry also more and more is subject to people's attention, and various system software products and application software product emerge in an endless stream.Usually, the software product developer need drop into huge manpower and materials and carries out software product research and development.But in case software product is succeeded in developing, the bootlegger only need spend a spot of energy just can copy also sale at a low price, greatly hits the development that people are engaged in the enthusiasm of software product exploitation and seriously hinder software industry.
Pirate in order to contain to protect the intellectual property; the range of application of Control Software product; guarantee the possessory legal income of software product; industry has been released the just rights and interests that a series of software product resist technologies are safeguarded the developer, adds several different methods such as shell protection, dongle are encrypted, the protection of protection licence (License) comprising sequence number protection, the protection of password table, CD physical protection, time restriction protection, the protection of warning (NAG) window, key file protection, code.
Wherein, the licence guard method is used widely in the business software product.See also Fig. 1, the licence guard method comprises the step that generates license file and verify by license file.At first, need be according to the feature of controlling object (equipment of software product and operation thereof), utilization is based on the digital signature method of asymmetric cryptosystem, digital signature is bound and implemented to the device identification and the product feature of controlling object, signed data is left in be distributed to authorized user in the license file then; Secondly, in the software product operational process, the equipment of operating software product need obtain digital signature from license file, from software product, obtain device identification to implement checking, enable corresponding resource, business and function according to the regulation of the characteristic item in checking result and the license file then, realize the controlled operation of software product.
The licence guard method of prior art comprises the whole endorsement method of single key, the whole endorsement method of many keys and single key multistage endorsement method.
The whole endorsement method of single key comprises step: at first, obtain common information; Secondly, obtain product information; Once more, adopt single key to implement the overall digital signature according to product information; Generate license file subsequently, only there is a digital signature in whole license file.As shown in table 1.
Table 1
| Common information copyright statement || date created || enable the date } |
| Product information name of product || and device identification || controlling features || characteristic attribute } |
| Digital signature |
When product moves, from license file, obtain digital signature, from software product, obtain device identification with the enforcement checking, and influence the operation of software product according to the checking result.The defective of described method is: at first, single key has been introduced excessive risk, is not suitable for the protection of diversified product form.Because different hardware and software platform application feature difference; security attack at some particular platform more easily takes place; as more universal at the Attack Research of X86-WIN32 platform environment; if adopt single key, then the X86-WIN32 platform environment will become the shortage of whole licence protection security system.The assailant can obtain key information by analyzing particular platform, thereby realizes the successful attack to other platform products easily.Secondly, the expansion of the inconvenient licence control strategy of whole signature.Because signature can not be changed, integral body has only a signature to cause license file in fact to be cured, and is unfavorable for very much the realization of the appending/delete of product authorization message/control strategies such as secondary combination.Therefore the license file the time has only an integral body signature, when needs change authorization message, we at first need to find original licensc e data and change, its digital signature is replaced and could realize, here need to see that producing license file with the first time compares, causing the demand under two kinds of situations is inconsistent, needs the suitable mechanism of definition to realize between the two united and coordinating will causing complicated license management thus.
The whole endorsement method of many keys comprises step: at first, obtain common information; Secondly, obtain product information; Once more, adopt a plurality of different keys to implement the overall digital signature according to product information; Generate license file subsequently.As shown in table 2.
Table 2
| Common information copyright statement || date created || enable the date } |
| Product information A name of product || and device identification || controlling features || characteristic attribute } |
| Product information B name of product || and device identification || controlling features || characteristic attribute } |
| Digital signature A digital signature B |
When product moves, from license file, obtain digital signature, from software product, obtain device identification with the enforcement checking, and influence the operation of software product according to the checking result.The defective of described method is: still exist whole signature to be unfavorable for the problem of control strategy expansion.
Single key multistage endorsement method comprises step: at first, obtain common information; Secondly, obtain first product information; Once more, adopt single key to implement digital signature according to first product information; Secondly, obtain second product information; Once more, adopt single key to implement digital signature according to second product information; Generate license file subsequently, as shown in table 3.
Table 3
| Common information copyright statement || date created || enable the date } |
| Product information A name of product || and device identification || controlling features || characteristic attribute digital signature A } |
| Product information B name of product || and device identification || controlling features || characteristic attribute digital signature B } |
When product moves, from license file, obtain digital signature, from software product, obtain device identification with the enforcement checking, and influence the operation of software product according to the checking result.The defective of described method is: at first, and the pregnable shortcoming that still exists single key to bring.Secondly, though the segmentation signature can be supported control strategy flexibly since between the product information section and the relation between product information section and the license file isolated mutually, be difficult to effectively avoid for legal section copy-attack problem of license file.As, software product may be sold to first user and second user respectively, wherein first user uses first, second user uses second portion, first and second portion are respectively the parts of software product entire system, and second user compares is limited for authorizing of supposing that first user obtains.First user only needs to be distributed to legal section copy of license file relevant with software product in second user's the license file this moment and comes just can use.
Summary of the invention
The technical matters that the present invention solves is to provide a kind of license file generation method and software product guard method and system that strengthens the cipher key attacks difficulty and strengthen the illegal copies difficulty of legitimate signature section.
For this reason, the technical scheme of technical solution problem of the present invention is: a kind of license file generation method is provided, comprises step:
1) generates the license file template;
2) common information of storing software product and product information, described common information comprise copyright statement and file sequence number at least, and described product information comprises name of product, device name, controlling features and characteristic attribute at least;
3) adopt the common information private key to generate the common information digital signature, its clear data comprises aforementioned common information at least;
4) be clear data with aforementioned product information and file sequence number, adopt the product information private key to generate the product information digital signature;
5) deposit common information digital signature and product information digital signature in the license file template, form license file.
Wherein, described step 2) in, the product information of at least two products of storage; In the described step 4), be clear data, adopt corresponding product information private key to generate at least two product information digital signature with file sequence number and product information.
Wherein, the file sequence number of storage comprises concrete sequence number and file type described step 2).
Wherein, described step 3) specifically comprises and reads described file type; Choose clear data according to file type, when file type is first predetermined value, select common information, when file type is second predetermined value, select common information and product information as clear data as clear data; Adopt the common information private key to generate the common information digital signature.
Wherein, described license file comprises common information section and product information section; The common information section comprises aforementioned common information and common information digital signature; The product information section comprises before-mentioned products information and product information digital signature.
The present invention also provides a kind of software product guard method, comprises step:
A) generate license file;
B) send license file, common information digital signature authentication PKI and product information digital signature authentication PKI;
C) start software product, from license file, read common information digital signature and common information, checking common information digital signature; From license file, read product information digital signature and corresponding product information and file sequence number, checking product information digital signature;
D) if common information digital signature and product information digital signature all by checking, show that then license file is legal; Do not pass through if common information digital signature or product information digital signature, then show checking not by checking, carry out authentication failed and handle.
Wherein, if license file is legal, at step D) after also comprise the device identification of the equipment of device identification and software product operation in the comparison license file, if unanimity then inquire about controlling features and characteristic attribute and allows the operation of software product according to Query Result; If it is inconsistent then withdraw from the operation of software product or only allow the limited operation of software product.
Wherein, authentication failed is handled the limited operation that is meant the operation of withdrawing from software product or only allows software product described step D).
The present invention also provides a kind of software product protection system, comprises the demo plant that is used to generate the license file generating apparatus of license file and is used to verify the license file legitimacy; Described license file generating apparatus comprises:
Information memory cell is used in license file template storage common information and product information;
The digital signature generation unit, be used to use the common information private key to generate the common information digital signature of common information digital signature with the clear data that comprises common information at least, using the product information private key is clear data generation product information digital signature with product information and file sequence number;
The digital signature storage unit is used for depositing aforementioned common information digital signature and product information digital signature in the license file template, forms license file;
Described demo plant comprises:
Common information digital signature verification unit is used for obtaining digital signature and aforementioned clear data from license file, uses common information digital signature authentication PKI that the common information digital signature is carried out verification;
Product information digital signature verification unit is used for obtaining digital signature and aforementioned clear data from license file, uses product information digital signature authentication PKI that the product information digital signature is carried out verification.
Wherein, described demo plant also comprises the characteristic query unit, is used in the time limit of searching license file, judging whether to surpass term of life after license file legitimacy acquisition verification is passed through; Also be used to obtain the device identification of the equipment of operating software product, compare with the device identification in the license file.
With respect to prior art, the invention has the beneficial effects as follows: at first, because the present invention deposits common information in license file, and the common information digital signature is adopted and the different cryptoguard system of product information digital signature, the checking of each software product authorization message all needs to comprise the checking to two digital signature like this, can increase the difficulty at cipher key attacks; Secondly, because when generating digital signature, the clear data that is adopted includes the file sequence number, has realized the binding of signed data and file sequence number, can effectively prevent the illegal copies of signed data.
In addition, because different software products has different product information sections and corresponding digital signature, can the flexible expansion Sign Policies; Because different software products adopts different keys to generate digital signature, can increase the difficulty at cipher key attacks equally.
In addition, by the value of license file type in the file sequence number, can realize the local signature scheme of common information section, thereby can support partition strategy more flexibly, as change, deletion and the interpolation of product information section authorization message.
Description of drawings
Fig. 1 is a kind of process flow diagram of software product guard method of prior art;
Fig. 2 is the theory diagram of security system for software of the present invention;
Fig. 3 is the process flow diagram that the present invention generates license file;
Fig. 4 is the synoptic diagram that adopts the license file of the inventive method generation;
Fig. 5 is the flow process that realizes authority checking in the software product guard method of the present invention;
Fig. 6 is the synoptic diagram that adopts another license file of the inventive method generation.
Embodiment
The present invention is in order to realize the protection of software product, generates license file and realizes the checking of license file based on digital signature system.
Seeing also Fig. 2, is the theory diagram of software product protection system of the present invention.Described software product protection system comprises the demo plant that is used to generate the license file generating apparatus of license file and is used to verify the license file legitimacy.Wherein, license file generating apparatus and demo plant adopt generation and the verification that corresponding private key and PKI are finished the license file digital signature respectively.
Described license file generating apparatus comprises information memory cell, digital signature generation unit and digital signature storage unit.
Described information memory cell is used in license file template storage common information and product information.
Wherein, described common information comprises copyright statement and file sequence number at least, copyright statement is used to provide and the relevant authorized party's information of licence issue, the file sequence number is used to identify license file, a file sequence number is corresponding to a license file, and a same license file is corresponding to a file sequence number.
Described product information comprises name of product, device identification, controlling features and characteristic attribute at least, name of product is used to identify the software product type and the version of mandate, device identification is used for determining the facility environment of licence licensed software product operation, and controlling features and characteristic attribute are used to provide the detailed programs of mandate.
Among the present invention, the license file generating apparatus can adopt number of ways to obtain described device identification.For example, when software product is when being applicable to the special software product of embedded device, obtain automatically in the time of can or producing embedded device by change release; When software product is the common software product, can obtain by the approach such as logon information that receive and resolve authorized user.
The license file generating apparatus can adopt number of ways to obtain described controlling features and characteristic attribute equally.For example, can obtain by receiving and resolve the authorized party and the contract of authorized user or the solicited message of authorized user.
Described digital signature generation unit comprises common information digital signature generation unit and product information digital signature generation unit.Described common information digital signature generation unit uses the common information private key, is that clear data generates the common information digital signature with the common information; Described product information digital signature generation unit uses the product information private key, is that clear data generates the product information digital signature with product information and file sequence number.
What need further specify is that in order to increase the difficulty to cipher key attacks, described common information private key is different keys with the product information private key.
In addition, authorize simultaneously in order to realize the fecund product, described license file generating apparatus can be stored the multistage product information in a license file, and adopts different product information private keys to generate corresponding product information digital signature.Because different software products adopts different keys to generate digital signature, can increase the difficulty at cipher key attacks equally.
In another embodiment of the present invention, realize the control of common information digital signature generation unit is signed to finish whole signature and part respectively by the file sequence number.Described file sequence number comprises concrete sequence number and two parameters of file type, and when file type was first predetermined value, described common information digital signature generation unit used the common information private key, is that clear data generates the common information digital signature with the common information; When file type was second predetermined value, described common information digital signature generation unit used the common information private key, was that clear data generates the common information digital signature with common information and product information.
Described digital signature storage unit deposits aforementioned common information digital signature and product information digital signature in the license file template, forms license file.
Described demo plant comprises common information digital signature verification unit and product information digital signature verification unit.Described demo plant is by safe communication approach (pass through Network Transmission as adopting cipher mode, or be recorded in the software product CD) file that gets a license, common information digital signature authentication PKI and product information digital signature authentication PKI.
When software product started on equipment, demo plant was started working.
Described common information digital signature verification unit is obtained digital signature and aforementioned clear data from license file, uses common information digital signature authentication PKI that the common information digital signature is carried out verification.
Described product information digital signature verification unit is obtained digital signature and aforementioned clear data from license file, uses product information digital signature authentication PKI that the product information digital signature is carried out verification.
Common information piece of digital that and if only if signature and the signature verification of product information piece of digital are all passed through, and the license file mandate verification of software product is passed through.
Described demo plant also comprises the characteristic query unit, and after license file legitimacy acquisition verification was passed through, the time limit of license file was searched in the characteristic query unit, judged whether to surpass term of life.The characteristic query unit also obtains the device identification of the equipment of operating software product, compares with the device identification in the license file, if consistent, then according to the controlling features of license file and the operation of characteristic attribute permission software product; If inconsistent, then withdraw from the operation of software product or only allow the limited operation of software product.
Seeing also Fig. 3, is the flow process that the present invention generates license file.
At first, generate the license file template, the common information of storing software product and product information.
Wherein, described common information comprises copyright statement and file sequence number at least; Described product information comprises name of product, device name, controlling features and characteristic attribute at least.
Secondly, adopt the common information private key to generate the common information digital signature, wherein clear data is aforementioned common information.
Adopt the product information private key to generate the product information digital signature, wherein clear data is before-mentioned products information and file sequence number.
Subsequently, deposit common information digital signature and product information digital signature in the license file template, form license file (Fig. 4 reference).And issue described license file and give authorized user.
Described license file comprises common information section and product information section; The common information section comprises aforementioned common information and common information digital signature; The product information section comprises before-mentioned products information and product information digital signature.
Be appreciated that, among the present invention, owing in license file, deposit the common information section in, and the digital signature to the common information section adopts and the different cryptoguard system of product information piece of digital signature, the checking of each software product authorization message all needs to comprise the checking to two digital signature like this, can increase the difficulty at cipher key attacks; Because when generating digital signature, the clear data that is adopted includes the file sequence number, has realized the binding of signed data and file sequence number, can effectively prevent the illegal copies of signed data.
Seeing also Fig. 5, is the flow process that realizes authority checking by described license file.
At first, the equipment of operating software product obtains license file, common information digital signature authentication PKI and product information digital signature authentication PKI by the safe communication approach.
Read common information digital signature and common information from license file, checking common information digital signature if digital signature authentication is passed through, then continues checking product information digital signature; Otherwise carry out authentication failed handle (as, withdraw from the operation of software product or only allow the limited operation of software product).
Read product information digital signature and corresponding product information from license file, checking product information digital signature if digital signature authentication is passed through, shows that then license file is legal; Otherwise carry out authentication failed handle (as, withdraw from the operation of software product or only allow the limited operation of software product).
After the license file authority checking is passed through, search the time limit of license file, judge whether to surpass term of life.Obtain the device identification of the equipment of operating software product, compare with the device identification in the license file, if consistent, then according to the controlling features of license file and the operation of characteristic attribute permission software product; If inconsistent, then withdraw from the operation of software product or only allow the limited operation of software product.
See also Fig. 6, the present invention can realize the combination mandate of a plurality of software products by a license file.Wherein, when generating license file, at first software product, adopt the first product information private key to generate the first product information digital signature, wherein clear data is a file sequence number and corresponding to the product information of first software product; At N item software product, adopt N item product information private key to generate N item product information digital signature, wherein clear data is a file sequence number and corresponding to the product information of N item software product.Be understandable that, because different software products has different product information sections and corresponding digital signature, can the flexible expansion Sign Policies; Because different software products adopts different keys to generate digital signature, can increase the difficulty at cipher key attacks equally.
For the ease of the understanding of the present invention, present invention is described below in conjunction with embodiment.
When generating license file in the present embodiment, at first generate the license file template, storage common information and product information.Wherein said common information ComFeature comprises copyright statement, file sequence number FileIndex at least; Described product information PrdFeatureN comprises name of product, device name, controlling features and characteristic attribute at least.
In order to support delegated strategy more flexibly, the file sequence number FileIndex of common information section comprises IndexNumber and two parameters of IndexType among the present invention; Wherein, IndexNumber is the concrete sequence number of license file; IndexType is the license file type, is used for determining that common information section signature scheme is to adopt whole signature or local signature.
Secondly, generate the digital signature of common information and the digital signature of product information.
In the present embodiment, adopt Sig
Kc(M) as the transforming function transformation function that generates digital signature, wherein, kc is a private key, and M is a clear data to be signed.
Suppose kc0 as the private key that calculates the common information digital signature, when calculating the common information digital signature, at first determine the concrete value of license file type i ndexType.
If IndexType is whole signature type, the raw data that then is used to sign comprises whole license file, i.e. common information piece of digital signature ComSignature=Sig
Kc0(ComFeature||PrdFeaturel||..||PrdFeatureN).
If IndexType is local signature type, the raw data that then is used to sign only comprises common information section content, i.e. common information digital signature ComSignature=Sig
Kc0(ComFeature).
Suppose kcN as the private key that calculates N item product information digital signature, the raw data that is used to sign comprises corresponding product information section content and license file sequence number.Be product information digital signature PrdSignatureN=SigkcN (PrdFeatureN||ComFeature: the file sequence number).Wherein, the value of N is a natural number, that is to say, license file can comprise the mandate to a plurality of products, and the employed key of the digital signature of each product information section is all inequality.
Subsequently, be combined in the common information digital signature ComSignature that obtains and product information digital signature PrdSignatureN in the license file and issue described license file and give authorized user.
The structure of the license file of Xing Chenging can be with reference to Fig. 5 at last.Described license file comprises common information section and product information section.
Described common information section comprises common information ComFeature and common information section signature ComSignature.Wherein, common information ComFeature comprises copyright statement, file sequence number FileIndex at least; Described file sequence number FileIndex comprises IndexNumber and two parameters of IndexType.
Described product information section comprises product information PrdFeatureN and product information piece of digital signature PrdSignatureN.Wherein, described product information comprises name of product, device identification, controlling features and characteristic attribute at least.
Be understandable that, among the present invention,, can realize the local signature scheme of common information section by the value of license file type i ndexType in the file sequence number, thereby can support partition strategy more flexibly, as change, deletion and the interpolation of product information section authorization message.
In the present embodiment, when verifying, adopt Ver by license file
Kp(S, M) as the transforming function transformation function of certifying digital signature, wherein kp is a PKI, and S is a digital signature to be verified, and M is the clear data that digital signature is used; At Ver
Kp(S M) in the conversion, adopts Hash (M) as the compressed transform function, and wherein M is the input data; Adopt T
Kp(S) carry out the function of enciphering transformation as the kp that uses public-key in the asymmetric cryptosystem; If Hash (M) and T
Kp(S) equate, then Ver
Kp(S is true M), and digital signature authentication is passed through, otherwise the digital signature authentication failure.
At first, the equipment of operating software product obtains license file, common information section signature verification PKI kp0, product information section signature verification PKI kpA by the safe communication approach.
During checking common information piece of digital signature, reading common information ComFeature and common information section signature ComSignature from license file, is that PKI calculates Ver with kp0
Kp0(ComSignature, ComFeature).If Ver
Kp0(ComSignature is true ComFeature), and digital signature authentication is passed through, otherwise the digital signature authentication failure.
When verifying N item product information piece of digital signature, reading product information PrdFeatureN, file sequence number and corresponding product information section signature ComSignatureN from license file, is that PKI calculates Ver with kpN
KpN(PrdSignatureN, PrdFeatureN).If Ver
KpN(PrdSignatureN is true PrdFeatureN), and digital signature authentication is passed through, otherwise the digital signature authentication failure.
Common information piece of digital that and if only if signature and the signature verification of product information piece of digital are all passed through, and the mandate verification of N item software product is passed through.
After the license file authority checking is passed through, search the time limit of license file, judge whether to surpass term of life.Obtain the device identification of the equipment of operating software product, compare with the device identification in the license file, if consistent, then according to the controlling features of license file and the operation of characteristic attribute permission software product; If inconsistent, then withdraw from the operation of software product or only allow the limited operation of software product.
Be understandable that the present invention adopts digital signature to realize the checking of licence mandate, can guarantee that authorization message is undeniable, be difficult to forge.Usually, a qualified digital signature scheme satisfies following feature: the take over party can confirm or confirm the signature of transmit leg; The signature information that transmit leg sends is undeniable; The take over party is undeniable to the signature information of receiving; The third party can confirm that the message of receiving-transmitting sides transmits, but can't forge.Conclude is exactly that digital signature scheme has signature verification, undeniable, the characteristics that are difficult to forge.
Digital signature system generally comprises two links: signature and checking.The general asymmetric cryptography that uses is realized digital signature, promptly uses private key and PKI to finish the generation and the verification of digital signature respectively, and algorithm commonly used comprises RSA, ECDSA, Rabin, ElGamel etc.
Among the present invention, can adopt two kinds of methods to realize digital signature: a kind of is signature to Global Information, and all information all need through cryptographic transformation to produce digital signature; A kind of is signature to compressed information, and raw information is carried out cryptographic transformation after compression to produce digital signature, and this digital signature is attached to after the raw information.
Among the present invention, can adopt two class digital signature: a class is deterministic digital signature, and its plaintext and ciphertext are corresponding one by one; One class is randomized digital signature, and its digital signature random variation depends on the stray parameter value in the signature algorithm, and a plaintext has a plurality of legal digital signature.
The above only is a preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (10)
1, a kind of license file generation method is characterized in that, comprises step:
1) generates the license file template;
2) common information of storing software product and product information, described common information comprise copyright statement and file sequence number at least, and described product information comprises name of product, device name, controlling features and characteristic attribute at least;
3) adopt the common information private key to generate the common information digital signature, its clear data comprises aforementioned common information at least;
4) be clear data with aforementioned product information and file sequence number, adopt the product information private key to generate the product information digital signature;
5) deposit common information digital signature and product information digital signature in the license file template, form license file.
2, license file generation method according to claim 1 is characterized in that: described step 2), and the product information of at least two products of storage; In the described step 4), be clear data, adopt corresponding product information private key to generate at least two product information digital signature with file sequence number and product information.
3, license file generation method according to claim 1 is characterized in that: the file sequence number of storage comprises concrete sequence number and file type described step 2).
4, license file generation method according to claim 3 is characterized in that: described step 3) specifically comprises and reads described file type; Choose clear data according to file type, when file type is first predetermined value, select common information, when file type is second predetermined value, select common information and product information as clear data as clear data; Adopt the common information private key to generate the common information digital signature.
5, license file generation method according to claim 1 is characterized in that: described license file comprises common information section and product information section; The common information section comprises aforementioned common information and common information digital signature; The product information section comprises before-mentioned products information and product information digital signature.
6, a kind of software product guard method is characterized in that, comprises step:
A) generate license file;
B) send license file, common information digital signature authentication PKI and product information digital signature authentication PKI;
C) start software product, from license file, read common information digital signature and common information, checking common information digital signature; From license file, read product information digital signature and corresponding product information and file sequence number, checking product information digital signature;
D) if common information digital signature and product information digital signature all by checking, show that then license file is legal; Do not pass through if common information digital signature or product information digital signature, then show checking not by checking, carry out authentication failed and handle.
7, software product guard method according to claim 6, it is characterized in that: if license file is legal, at step D) after also comprise the device identification of the equipment of device identification and software product operation in the comparison license file, if unanimity then inquire about controlling features and characteristic attribute, and allow the operation of software product according to Query Result; If it is inconsistent then withdraw from the operation of software product or only allow the limited operation of software product.
8, software product guard method according to claim 6 is characterized in that: authentication failed is handled the limited operation that is meant the operation of withdrawing from software product or only allows software product described step D).
9, a kind of software product protection system comprises the demo plant that is used to generate the license file generating apparatus of license file and is used to verify the license file legitimacy; It is characterized in that described license file generating apparatus comprises:
Information memory cell is used in license file template storage common information and product information;
The digital signature generation unit, be used to use the common information private key to generate the common information digital signature of common information digital signature with the clear data that comprises common information at least, using the product information private key is clear data generation product information digital signature with product information and file sequence number;
The digital signature storage unit is used for depositing aforementioned common information digital signature and product information digital signature in the license file template, forms license file;
Described demo plant comprises:
Common information digital signature verification unit is used for obtaining digital signature and aforementioned clear data from license file, uses common information digital signature authentication PKI that the common information digital signature is carried out verification;
Product information digital signature verification unit is used for obtaining digital signature and aforementioned clear data from license file, uses product information digital signature authentication PKI that the product information digital signature is carried out verification.
10, software product protection system according to claim 9, it is characterized in that: described demo plant also comprises the characteristic query unit, be used for after license file legitimacy acquisition verification is passed through, in the time limit of searching license file, judging whether to surpass term of life; Also be used to obtain the device identification of the equipment of operating software product, compare with the device identification in the license file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100424946A CN100343775C (en) | 2004-05-25 | 2004-05-25 | Licensing file generating method, software product protection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100424946A CN100343775C (en) | 2004-05-25 | 2004-05-25 | Licensing file generating method, software product protection method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1704863A true CN1704863A (en) | 2005-12-07 |
| CN100343775C CN100343775C (en) | 2007-10-17 |
Family
ID=35577128
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100424946A Expired - Fee Related CN100343775C (en) | 2004-05-25 | 2004-05-25 | Licensing file generating method, software product protection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100343775C (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101351808B (en) * | 2005-12-28 | 2010-04-21 | 富士通株式会社 | Apparatus for executing and managing software as well as method thereof |
| CN102479305A (en) * | 2010-11-29 | 2012-05-30 | 金蝶软件(中国)有限公司 | Software licensing verification method and system |
| CN103268435A (en) * | 2013-04-25 | 2013-08-28 | 福建伊时代信息科技股份有限公司 | Intranet license generation method and system, and intranet license protection method and system |
| CN103780390A (en) * | 2013-11-05 | 2014-05-07 | 汉柏科技有限公司 | Method and device for presenting plaintext information by user |
| CN106529217A (en) * | 2016-10-28 | 2017-03-22 | 华胜信泰信息产业发展有限公司 | Software license generation method and apparatus |
| CN108830072A (en) * | 2018-04-20 | 2018-11-16 | 广州市玄武无线科技股份有限公司 | System function control method, device and computer readable storage medium |
| CN109086576A (en) * | 2018-07-27 | 2018-12-25 | 迈普通信技术股份有限公司 | Licensing dissemination method, License Authentication method, system and electronic equipment |
| CN109359478A (en) * | 2018-12-03 | 2019-02-19 | 北京中科晶上科技股份有限公司 | Authorization method and system based on encrypted permission file |
| CN109614768A (en) * | 2018-12-03 | 2019-04-12 | 北京中科晶上科技股份有限公司 | Implement the method and system of product authorization based on block chain data file |
| CN109918869A (en) * | 2019-02-13 | 2019-06-21 | 北京百分点信息科技有限公司 | A kind of unified license control method based on template |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20000076003A (en) * | 1998-01-07 | 2000-12-26 | 이데이 노부유끼 | Data processing system, data processing device and data processing method |
| US6226618B1 (en) * | 1998-08-13 | 2001-05-01 | International Business Machines Corporation | Electronic content delivery system |
| CN100447773C (en) * | 2000-07-20 | 2008-12-31 | 国际商业机器公司 | Method, system and program for reuse of software license for new computer hardware |
| KR20030096250A (en) * | 2001-06-07 | 2003-12-24 | 콘텐트가드 홀딩즈 인코포레이티드 | Method and apparatus for supporting multiple trust zones in a digital rights management system |
| ATE521928T1 (en) * | 2001-06-12 | 2011-09-15 | Ibm | METHOD FOR INVISIBLY EMBEDDING THE LICENSE IDENTIFICATION OF THE PRODUCING LICENSED SOFTWARE IN A TEXT DOCUMENT |
-
2004
- 2004-05-25 CN CNB2004100424946A patent/CN100343775C/en not_active Expired - Fee Related
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101351808B (en) * | 2005-12-28 | 2010-04-21 | 富士通株式会社 | Apparatus for executing and managing software as well as method thereof |
| CN102479305A (en) * | 2010-11-29 | 2012-05-30 | 金蝶软件(中国)有限公司 | Software licensing verification method and system |
| CN103268435A (en) * | 2013-04-25 | 2013-08-28 | 福建伊时代信息科技股份有限公司 | Intranet license generation method and system, and intranet license protection method and system |
| CN103268435B (en) * | 2013-04-25 | 2016-07-06 | 福建伊时代信息科技股份有限公司 | Intranet license generates method and system, intranet license protection method and system |
| CN103780390A (en) * | 2013-11-05 | 2014-05-07 | 汉柏科技有限公司 | Method and device for presenting plaintext information by user |
| CN106529217A (en) * | 2016-10-28 | 2017-03-22 | 华胜信泰信息产业发展有限公司 | Software license generation method and apparatus |
| CN108830072A (en) * | 2018-04-20 | 2018-11-16 | 广州市玄武无线科技股份有限公司 | System function control method, device and computer readable storage medium |
| CN109086576A (en) * | 2018-07-27 | 2018-12-25 | 迈普通信技术股份有限公司 | Licensing dissemination method, License Authentication method, system and electronic equipment |
| CN109359478A (en) * | 2018-12-03 | 2019-02-19 | 北京中科晶上科技股份有限公司 | Authorization method and system based on encrypted permission file |
| CN109614768A (en) * | 2018-12-03 | 2019-04-12 | 北京中科晶上科技股份有限公司 | Implement the method and system of product authorization based on block chain data file |
| CN109918869A (en) * | 2019-02-13 | 2019-06-21 | 北京百分点信息科技有限公司 | A kind of unified license control method based on template |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100343775C (en) | 2007-10-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100342713C (en) | Method of securing software updates | |
| US8838978B2 (en) | Content access management using extracted watermark information | |
| CN1122213C (en) | Method and apparatus for signing and sealing objects | |
| CN1133935C (en) | Security system for protecting information stored in portable storage media | |
| CN1280737C (en) | Safety authentication method for movable storage device and read and write identification device | |
| CN1910848A (en) | Efficient management of cryptographic key generations | |
| CN1745377A (en) | System and method for authenticating software using hidden intermediate keys | |
| CN1860471A (en) | Digital rights management structure, portable storage device, and contents management method using the portable storage device | |
| CN1315017C (en) | Method for software copyright protection | |
| CN101039186A (en) | Method for auditing safely system log | |
| CN1276363C (en) | Method of actualizing safety data storage and algorithm storage in virtue of semiconductor memory device | |
| CN1736078A (en) | Secure logging of transactions | |
| CN101040275A (en) | Contents encryption method, system and method for providing contents through network using the encryption method | |
| CN1602600A (en) | Content processing apparatus and content protection program | |
| CN1401171A (en) | Generation of a common encryption key | |
| CN1553349A (en) | Safety chip and information safety processor and processing method | |
| CN1826000A (en) | Portable information terminal and data protecting method | |
| CN100343775C (en) | Licensing file generating method, software product protection method and system | |
| CN1874218A (en) | Method, system and equipment for license management | |
| CN1746848A (en) | Long-distance updating method of fixed programm of information safety apparatus | |
| CN101048720A (en) | Proof of execution using random function | |
| CN101038612A (en) | Method for generating licence and method and apparatus for providing contents using the same | |
| CN1747382A (en) | Accidental enciphering and identity identifying method | |
| CN1842759A (en) | Portable storage device and method of managing files in the portable storage device | |
| CN1855086A (en) | System and method for analyzing and abstracting data evidence |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20071017 Termination date: 20170525 |