JP2007172526A - Information processing system and information processing method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a program execution method allowing execution of a program in a state where an intermediate code is encrypted when executing the program by use of a virtual machine that is execution environment for executing the intermediate code such as a Java bytecode. <P>SOLUTION: This program execution method has: a step wherein a control means acquires the intermediate code of an execution target, and decides whether the intermediate code is encrypted or not; a step for interpreting and executing the intermediate code according to a fixed intermediate code interpretation method when it is decided that the intermediate code is not encrypted; and a step for interpreting and executing the intermediate code according to the fixed intermediate code interpretation method after performing decryption processing of the intermediate code when it is decided that the intermediate code is encrypted. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an information processing system and an information processing method for executing a program, and more particularly to an information processing technique for executing an intermediate code program.

  Depending on the form of executing the program, the program language is roughly divided into the following two. That is, a language that is distributed and executed in a native code state corresponding to a platform to be executed (OS, environment, setting, etc.), and a language that is distributed and executed in an intermediate code state independent of the platform.

  Typical examples of the former are VB and C language. In the case of a programming language such as VB, when a source code is compiled, it is converted into a binary native code (object code) through an intermediate code used in the compiler. Since the final distribution is binary (machine language) that enumerates CPU instructions in units of steps, it is almost impossible to restore the source code, and the possibility of source code theft is small.

  A typical example of the latter is Java (registered trademark). Source code written in Java is converted into intermediate code called Java bytecode during compilation. Software is distributed in the form of intermediate code. At the time of execution, it is converted into native code corresponding to the platform to be executed by software called a Java virtual machine and executed. Since differences between platforms are absorbed by the Java virtual machine, a Java program (intermediate code) that operates on the virtual machine is characterized in that it does not have to be aware of the difference between platforms.

  However, the intermediate code generated by the Java compiler is in a binary format, but is not converted into machine language binary (native code) depending on the OS. Since the intermediate code, which is the final distribution, has a one-to-one data structure with the source code, the source code can be easily restored by decompilation. As a result, the source code that is a development asset may be stolen.

Therefore, a method using an obfuscation tool such as ProGuard or an encryption tool such as JLicenser is known (Non-Patent Documents 1 and 2) when it is desired to prevent the source code from leaking due to the reverse compilation of the intermediate code. The obfuscation tool hangs the decompiler by replacing variable names and function names with random character strings or by mixing illegal instructions that are not executed. An encryption tool is one in which decompilation is impossible by distributing an intermediate code in an encrypted state.
“ProGuard”, [online], [searched on December 26, 2005], Internet <URL: http://proguard.sourceforge.net/> “Daikin System Design Office”, [online], [Search on December 26, 2005], Internet <URL: http://www.ogane.com/>

  However, the obfuscation tool only makes it difficult to read the intermediate code, and there is no change in the logic itself, so it is possible to analyze the intermediate code. Even if the intermediate code is encrypted using an encryption tool, it is necessary to decrypt all intermediate codes necessary for program execution before executing the program. In the middle of this, it is possible to decompile the decrypted intermediate code, and it is difficult to completely prevent the decompilation. In addition, since the encrypted intermediate code is distributed and decrypted in advance before execution, dedicated attached software is required to execute the system.

  In view of such circumstances, the present invention enables execution of a program with the intermediate code encrypted when the program is executed using a virtual machine which is an execution environment for executing intermediate code such as Java bytecode. The object is to realize a program execution method.

  In order to solve the above problem, a program execution method of the present invention is a program execution method for interpreting and executing an intermediate code program obtained by converting a source code described in a predetermined program language in a control means, the control means comprising: Get the intermediate code to be executed, determine whether the intermediate code is encrypted, and interpret the intermediate code according to the default intermediate code interpretation method when it is determined that the intermediate code is not encrypted And, when it is determined that the intermediate code is encrypted, the intermediate code is decrypted and the intermediate code is interpreted and executed in accordance with a predetermined intermediate code interpretation method.

  At this time, it is preferable that the control means performs a decoding process on the main storage means directly read / written by the control means.

  The control means determines whether or not the intermediate code is encrypted based on whether or not the data indicating that the acquired intermediate code is encrypted is included in the intermediate code. And preferred.

  More preferably, the control means switches the decryption method used when performing the decryption process according to the encryption method of the acquired intermediate code.

  The program execution system according to the present invention includes an acquisition means for acquiring an intermediate code obtained by converting a source code described in a predetermined program language, and the intermediate code is encrypted in the acquired intermediate code. Encryption determining means for determining whether or not the data indicating is included, and decryption for decrypting the intermediate code on the main storage device when the encryption determining means determines that the intermediate code is encrypted Means and processing means for interpreting and executing the intermediate code or the decoded intermediate code. In the present invention, the “system” includes a substantial device and a virtual device.

  The program execution system preferably further includes switching means for switching the decoding method of the decoding means. Preferably, the switching unit switches the decoding method of the decoding unit by loading a class for executing a decoding process individually determined for each decoding method.

  In the program of the present invention, an intermediate code acquired by a virtual machine is encrypted in a computer including a virtual machine (virtual machine) for interpreting and executing an intermediate code converted from a source code described in a predetermined programming language. A step of detecting whether or not the acquired intermediate code is not encrypted, a step of passing the acquired intermediate code to the virtual machine, and a detection that the acquired intermediate code is encrypted. Then, the obtained intermediate code is decrypted and the decrypted one is passed to the virtual machine.

  Moreover, the program of this invention makes a computer perform each step of the program execution method of this invention, It is characterized by the above-mentioned. The program of the present invention can be installed or loaded on a computer through various recording media such as an optical disk such as a CD-ROM, a magnetic disk, or a semiconductor memory, or via a communication network.

  In the invention, “means” does not simply mean a physical means, but includes a case where the function of the means is realized by software. Further, the function of one means may be realized by two or more physical means, or the functions of two or more means may be realized by one physical means.

  In the present invention, unless otherwise specified, the “intermediate code” is binary-format execution code that does not depend on a specific platform (OS, environment, settings, etc.), and is executed after being converted into native code by a virtual machine. It is what is done. Specifically, for example, a Java byte code that is an execution code generated by a Java compiler is applicable.

  In the present invention, the “virtual machine” is software that converts an intermediate code into a native code of the platform and executes it. The intermediate code is in a unique format independent of the platform when distributed, and cannot be executed as it is. For this reason, software for converting to a platform-specific format (native code) is prepared and executed while converting. It is the virtual machine that performs this conversion and execution. Specifically, for example, it corresponds to a Java virtual machine that executes a Java bytecode by converting it into a native code of the platform.

  “Platform” refers to the type, environment, settings, hardware type, and the like of the OS that is the basis for operating application software. “Java” is a programming language.

  According to the present invention, it is possible to realize a program execution method capable of executing a program with the intermediate code encrypted. Since the intermediate code can be distributed in an encrypted form and does not have to be decrypted in advance before execution, it is possible to prevent the source code from leaking due to decompilation. In addition, the program execution method according to the present invention does not require a special application other than the virtual machine that executes the intermediate code, and thus is more versatile than the conventional encryption tool. Furthermore, since the decryption method can be changed as appropriate during program execution, it is possible to perform arbitrary encryption for each intermediate code. In the conventional encryption tool, all intermediate codes can be decrypted if the license key necessary for decryption is known. However, according to the present invention, different encryption methods can be employed for each intermediate code. Therefore, there is an effect that the risk that the intermediate code is decrypted and the source code is leaked by decompilation can be suppressed more than when a single encryption method is used.

  Hereinafter, embodiments of the present invention will be specifically described with reference to the drawings.

  FIG. 1 is an example of a control block diagram showing a configuration of a processing apparatus 10 that implements a program execution method according to the present invention. The processing device 10 includes a control unit 12 that performs overall control of processing and operations of the entire processing device 10 with respect to program execution, a main storage unit 14 that temporarily stores information as a work area of the control unit 12, and processing of the control unit 12 A storage unit 16 for reading that stores various information necessary for operation in advance, and an input / output unit 18 that inputs and outputs various types of information (including communication) from the outside of the processing apparatus 10 regarding the execution of the program are provided. The main storage means 14 is read / written directly by the control means 12.

  Specific examples of the processing apparatus 10 include a dedicated or general-purpose computer or a microcomputer. For example, a general-purpose personal computer has a CPU as the control means 12, a main storage device such as a RAM as the main storage means 14, a ROM as the read storage means 16, and an input / output (I / O) as the input / output means 18. An interface is provided, and these are connected by a bus.

  The processing device 10 may be configured by a single computer or may be configured by a plurality of computers distributed on a network. The CPU as the control means 12 is a predetermined program stored in the main storage means 14 such as a RAM, a predetermined program stored in the reading storage means 16 such as a ROM, or the external (external) via the input / output means 18. By executing a predetermined program read from a storage device, a computer on a network, etc., the processing device 10 is caused to function as various function realizing means.

  FIG. 2 is an example of a functional block diagram showing main functional configurations of the control means 12 and the main storage means 14. The control means 12 includes an intermediate code processing means 20, an intermediate code acquisition means 22, an encryption determination means 24, a decryption means 26, and a decryption method switching means 28, and functions as a virtual machine. . The main storage unit 14 includes an execution intermediate code storage area 30 and a decryption work area 32. The intermediate code processing unit 20 and the intermediate code acquisition unit 22 are functional units that are originally provided in the virtual machine.

  The intermediate code processing means 20 has a function of converting the intermediate code into the native code of the platform and executing it. The intermediate code processing means 20 interprets the intermediate code stored in the execution intermediate code storage area 30 of the main storage means 14 and converts it into the intermediate code. The predetermined process described is executed.

  The intermediate code acquisition unit 22 has a function of acquiring an intermediate code and storing it in the execution intermediate code storage area 30 of the main storage unit 14 when executing the program. At this time, individual intermediate codes necessary for program execution are sequentially read only for those necessary during program execution. There are intermediate codes related to the main program and individual codes necessary for program execution divided into file units. The intermediate code acquisition unit 22 sequentially acquires the intermediate code stored in the reading storage unit 16 such as a ROM or the intermediate code stored outside the processing apparatus 10 as necessary. When acquiring an intermediate code from the outside of the processing apparatus 10, the intermediate code is acquired via an input / output unit 18 from an external storage device or a computer on a network.

  The encryption determination unit 24 has a function of determining whether or not the intermediate code is encrypted when the intermediate code processing unit 20 executes the intermediate code stored in the execution intermediate code storage area 30. Preferably, a predetermined tag (identifier) indicating that the intermediate code is encrypted is attached to the head of the encrypted intermediate code, and the intermediate code processing means 20 is stored in the main storage means 14. At the first stage of interpreting and executing the intermediate code stored in the execution intermediate code storage area 30, it is confirmed whether or not a predetermined tag is added to the head of the intermediate code to be executed, and the predetermined tag is added. When it is determined that the intermediate code is encrypted, it is determined that the intermediate code is an unencrypted normal intermediate code when a predetermined tag is not added. Further, after the intermediate code acquisition unit 22 acquires the intermediate code, the intermediate code processing unit 20 determines whether or not the intermediate code is encrypted before the intermediate code processing unit 20 starts interpreting and executing the intermediate code. 24 may judge.

  When the encryption determination unit 24 determines that the intermediate code stored in the execution intermediate code storage area 30 is encrypted, the decryption unit 26 encrypts the intermediate code. The intermediate code (hereinafter referred to as “encrypted intermediate code”) is decrypted into a normal intermediate code that can be processed by the intermediate code processing means 20 by a predetermined method. Preferably, the decryption means 26 performs decryption processing of the intermediate code using the decryption work area 32 of the main storage means 14 and decrypts the encrypted intermediate code stored in the execution intermediate code storage area 30. Replace with the normal form of intermediate code. Further, after the decryption process of the encrypted intermediate code is completed, the intermediate code processing means 20 may be controlled to interpret and execute the intermediate code stored in the decryption work area 32.

  The decoding method switching unit 28 has a function of switching the decoding processing method of the decoding unit 26. In the present invention, a bit inversion method, a bit shift method, a public key encryption method, a common key encryption method, and other arbitrary methods can be applied as a method for encrypting and decrypting an intermediate code. Therefore, the decryption means 26 needs to perform a decryption process according to the encryption method of the encrypted intermediate code. Therefore, it is preferable that the decryption method switching unit 28 switches the decryption method of the decryption unit 26 in advance according to the encryption method of the encryption intermediate code to be executed.

  For example, in the case of Java, the switching of the decoding method is preferably realized by using a class loader provided as standard in Java. The class loader is an object for loading a class into a memory (main storage means 14), and a necessary class (module) can be dynamically loaded and / or linked during execution of a program. It is a function. In the present invention, classes for causing the control unit 12 to function as the encryption determination unit 24 and the decryption unit 26 are prepared in advance for each encryption method. Then, before acquiring the encryption intermediate code, the class corresponding to the encryption method is loaded by the class loader, and the decryption method (decryption means 26) is switched.

  The execution intermediate code storage area 30 is a temporary storage area for storing the intermediate code acquired by the intermediate code acquisition means 22 and the encrypted intermediate code, and for storing the intermediate code executed by the intermediate code processing means 20. . The intermediate code stored in the execution intermediate code storage area 30 is preferably deleted after the processing based on the intermediate code is completed. The execution intermediate code storage area 30 does not mean a specific area that is physically or logically fixed on the main storage means 14, but simply stores intermediate code that the intermediate code processing means 20 intends to interpret and execute. Refers to the area that has been

  The decryption work area 32 is a work area for temporarily storing data being processed when the decryption means 26 performs the decryption process of the encrypted intermediate code. The decryption work area 32 does not mean a specific area physically or logically fixed on the main storage unit 14.

  Next, a program execution process according to the present invention realized by the processing device 10 will be described. First, a process for converting an intermediate code into an encrypted intermediate code will be described, and then a program execution process using the encrypted intermediate code will be described.

  FIG. 3 is a flowchart showing a procedure of processing for converting the intermediate code to be executed into the encrypted intermediate code. Specifically, the intermediate code is read, and after performing an arbitrary encryption process, information indicating that it is an encrypted intermediate code is embedded and output. Here, for example, as an encryption method to be used, an encryption method in which all the information of the intermediate code is inverted in bit units is used.

  First, the intermediate code file of the input source to be encrypted is opened (S50), and then the intermediate code file of the output destination that is the encryption result is opened (S52). Next, information indicating that the intermediate code is encrypted (hereinafter referred to as “encryption tag”) is written in the output file (S54). Here, the encryption tag is information added to the beginning of the encrypted intermediate code. If the encryption tag is added to the beginning of the intermediate code, the intermediate code must be encrypted. Means. What information is used as an encryption tag is set in advance for each encryption method.

  Next, it is determined whether or not the processing has been completed up to the last intermediate code of the input source file (S56). If it is not the end of the file, an intermediate code is input (S58), and the input intermediate code bit is inverted (S60). An intermediate code bit-inverted is written in the output destination file (S62). The processing from S56 to S60 is repeated until the end of the input file, and bit inversion is performed on the entire intermediate code of the file. When it is determined in S56 that the file is the last one, the input intermediate code file is closed (S64). Then, the output intermediate code file is closed (S66). In this way, an encrypted intermediate code in which the intermediate code is encrypted and the encryption tag is added to the head of the file is generated.

  FIG. 4 is a flowchart showing a processing procedure for decrypting and executing the encrypted intermediate code. Specifically, it is checked whether the input intermediate code is an encrypted intermediate code, and if it is an encrypted intermediate code, a decryption process is executed. Here, for example, as an encryption method to be used, an encryption method in which all the information of the intermediate code is inverted in bit units is used.

  First, it is confirmed whether or not predetermined information, that is, an encryption tag, is embedded at the head of the intermediate code that is read into the memory (execution intermediate code storage area 30) by the virtual machine. (S70). When the encryption tag is embedded, the intermediate code is encrypted, so that the decryption process is performed. In the decryption process, first, a work area (decryption work area 32) for performing the decryption process is initialized (S72), and the read direction of the intermediate code to be executed is the last direction of the intermediate code by the size of the encryption tag. (S74).

  Thereafter, it is determined whether or not the processing has been completed up to the last intermediate code (S76). When it is not the end of the intermediate code, the intermediate code to be executed (encrypted intermediate code) is input (S78), the bit of the input intermediate code is inverted (S80), and the intermediate code is bit-inverted to the decryption work area Is written (S82). In this way, the processing of S76 to S82 is repeated until the end of the input file, and bit inversion is performed on the entire intermediate code of the file.

  When it is determined that the intermediate code to be executed is the last, the intermediate code to be executed (encrypted intermediate code) stored in the memory is replaced with the intermediate code obtained by the decryption process (S84). If the encryption tag cannot be found at the beginning of the execution target intermediate code read by the virtual machine, it can be determined that the intermediate code is a normal intermediate code that has not been encrypted. Do not add. Thus, if not encrypted, the intermediate code is executed as it is, and if it is an encrypted intermediate code, the intermediate code is executed after being converted into a decrypted normal intermediate code.

  Here, when interpreting and executing the encrypted intermediate code, a virtual machine that interprets and executes the decryption process after an encrypted intermediate code that cannot be executed by a predetermined interpretation method can be considered. However, if the encryption method that can be decrypted is constant and cannot be changed, if the encryption of a certain encrypted intermediate code is decrypted, all other encrypted intermediate codes may also be decrypted. Therefore, preferably, information indicating that the intermediate code is encrypted is embedded at the beginning of the execution-target intermediate code encrypted in an arbitrary format, and the beginning of the intermediate code is embedded in the virtual machine that executes the program. In the case of the read and encrypted intermediate code, the intermediate code decryption method is executed using any intermediate code decryption method registered during the execution of the program, and the decrypted intermediate code is stored in the default code. It is desirable to execute with an intermediate code interpretation method.

  FIG. 5 and FIG. 6 are flowcharts showing a processing procedure for the virtual machine to execute the program.

  FIG. 5 is a flowchart showing a procedure of processing in which the virtual machine executes the intermediate code serving as the main program. First, the intermediate code acquisition means 22 reads the intermediate code as the main program into the memory (execution intermediate code storage area 30) (S90). Then, the intermediate code interpretation processing of FIG. 6 is executed for the read intermediate code (S92). Interpretation processing of the intermediate code serving as the main program ends and execution of the program by the virtual machine also ends.

  FIG. 6 is a flowchart illustrating a procedure of processing in which the virtual machine interprets and executes the intermediate code. First, the intermediate code processing means 20 determines whether the processing has been completed up to the end of the intermediate code (S100). When it is not the end of the intermediate code, it is determined whether the intermediate code instruction being interpreted is a change instruction for the intermediate code decoding process (S102). For example, the determination process can be realized depending on whether or not a class for performing a decoding process corresponding to a predetermined decoding method needs to be read. As a result of the determination, if it is not an intermediate code decoding process change instruction, it is determined whether or not the intermediate code instruction being interpreted is an external intermediate code read instruction (S104). If it is not an external intermediate code read instruction, the intermediate code processing means 20 performs a predetermined intermediate code execution process based on the intermediate code stored in the memory (S106).

  When it is determined in S102 that the intermediate code instruction being interpreted is an intermediate code decoding process change instruction, the decoding method switching unit 28 changes the intermediate code decoding method used by the virtual machine to the change The decoding method is changed to that specified by the instruction (S108). For example, the decoding method is switched from the bit inversion method to the bit shift method. This switching process is performed by, for example, preparing a class for executing a decryption process individually determined for each decryption method and loading a class according to the encryption method of the intermediate code to be acquired. ,realizable.

  When it is determined in S104 that the instruction is a read instruction for an external intermediate code, the intermediate code designated by the read instruction is acquired from the outside via the input / output means 18 and stored in the memory (execution intermediate code storage area 30). (S110). Thereafter, the encryption determination unit 24 determines whether the external intermediate code is encrypted, that is, whether an encryption tag is added to the head (S112). When the encryption tag is added, since the external intermediate code is encrypted, the decryption means 26 performs decryption processing (S114). The decryption process may be performed as illustrated in FIG. In this way, the virtual machine performs a predetermined decryption process on the acquired intermediate code as necessary to make a format that can be interpreted by the virtual machine, and the intermediate code processing means 20 interprets and executes the intermediate code. (S116). In this way, the processes of S100 to S106 are repeated until the end of the intermediate code, and the entire intermediate code is interpreted and executed.

  As described above in detail, according to the present invention, when executing a program including an encrypted intermediate code, the program is executed without previously decrypting all the encrypted intermediate codes necessary for executing the program. be able to. The encrypted intermediate code is decrypted only when the intermediate code is read and executed. The decrypted intermediate code is only expanded in the main storage means at the time of execution of the intermediate code, and is not expanded in the memory or the like before or after execution, so a third party obtains the decoded intermediate code It becomes extremely difficult to do. This makes it possible to prevent decompilation of intermediate code.

  Note that the steps can be executed in any order or in parallel as long as the processing contents do not contradict each other.

  The present invention is not limited to the above-described embodiment, and can be implemented in various other forms without departing from the gist of the present invention. For this reason, the said embodiment is only a mere illustration in all points, and is not interpreted limitedly.

  For example, the program execution method according to the present invention is not limited to Java. The program execution method according to the present invention can be applied to a type of program language in which an intermediate code is read and executed by a virtual machine.

It is an example of the control block diagram which shows the structure of the processing apparatus 10 which implements the program execution method which concerns on this invention. 2 is an example of a functional block diagram illustrating a main functional configuration of a processing device 10. FIG. It is a flowchart which shows the procedure of the process which converts an intermediate code into an encryption intermediate code. It is a flowchart which shows the procedure of the process which decodes and performs an encryption intermediate code. It is a flowchart which shows the procedure of the process in which the virtual machine performs the intermediate code used as the main program. It is a flowchart which shows the procedure of the process which a virtual machine interprets and performs an intermediate code.

Explanation of symbols

DESCRIPTION OF SYMBOLS 10 Processing apparatus 12 Control means 14 Main memory means 16 Reading memory means 18 Input / output means

Claims (10)

A method of interpreting and executing an intermediate code program obtained by converting a source code described in a predetermined program language in a control means,
The control means obtaining an intermediate code to be executed and determining whether the intermediate code is encrypted;
The control means interpreting and executing the intermediate code according to a predetermined intermediate code interpretation method when determining that the intermediate code is not encrypted;
The control means, when it is determined that the intermediate code is encrypted, after performing a decoding process of the intermediate code, interpreting and executing the intermediate code according to a predetermined intermediate code interpretation method;
A program execution method comprising:   2. The program execution method according to claim 1, wherein the control means performs the decryption processing on a main storage means directly read / written by the control means.   The control means determines whether the intermediate code is encrypted based on whether data indicating that the acquired intermediate code is encrypted is included in the intermediate code. 3. The program execution method according to claim 1, wherein the program is executed.   4. The program execution method according to claim 1, wherein the control unit switches a decryption method for performing the decryption process according to an encryption method of the acquired intermediate code. 5. . Obtaining means for obtaining intermediate code obtained by converting source code described in a predetermined programming language;
Encryption determination means for determining whether or not the acquired intermediate code includes data indicating that the intermediate code is encrypted;
Decryption means for decrypting the intermediate code on a main storage device when the encryption determination means determines that the intermediate code is encrypted;
Processing means for interpreting and executing the intermediate code or the decoded intermediate code;
A program execution system comprising: Switching means for switching the decoding method of the decoding means;
The program execution system according to claim 5, further comprising:   The said switching means switches the decoding system of the said decoding means by loading the class for performing the decoding process defined separately for every decoding system, The decoding system of Claim 6 characterized by the above-mentioned. Program execution system. A computer having a virtual machine for interpreting and executing intermediate code obtained by converting source code described in a predetermined programming language;
Detecting whether the intermediate code acquired by the virtual machine is encrypted;
Passing the acquired intermediate code to the virtual machine when it is detected that the acquired intermediate code is not encrypted;
When it is detected that the acquired intermediate code is encrypted, decrypting the acquired intermediate code and passing the decrypted one to the virtual machine;
A program for running   A program for causing a computer to execute the program execution method according to claim 1. A program for causing a computer to execute the program execution method according to any one of claims 1 to 4, or a computer-readable recording medium on which the program according to claim 8 is recorded.

Images