WO2022252466A1

WO2022252466A1 - Application authorization method, computing device, and storage medium

Info

Publication number: WO2022252466A1
Application number: PCT/CN2021/124292
Authority: WO
Inventors: 曹军
Original assignee: 统信软件技术有限公司
Priority date: 2021-06-04
Filing date: 2021-10-18
Publication date: 2022-12-08
Also published as: CN113254887A

Abstract

An application authorization method, a computing device, and a storage medium. The application authorization method is executed in the computing device, and comprises: extracting at least one piece of authorization information prestored in a computing device, the authorization information comprising: at least one piece of first hardware encryption information, an authorization serial number of an application, and a first check value (402); parsing the authorization information to determine whether the authorization information is correct (404); when it is determined that the authorization information is correct, obtaining different hardware information related to a preset matching rule of the computing device (406); respectively encrypting the different hardware information to generate different second hardware encryption information (408); and matching the second hardware encryption information with the first hardware encryption information, and when the preset matching rule is satisfied, the authorization succeeding (410).

Description

Application program authorization method, computing device and storage medium

technical field

The present invention relates to the field of computer technology, in particular to an application program authorization method, a computing device and a storage medium.

Background technique

With the continuous development of computer technology, new computer software (that is, application programs) is also continuously iteratively developed. At the same time, the problem of computer software authorization is becoming more and more prominent. For paid software manufacturers, if the software is cracked and spread, it will bring huge losses to the company. Therefore, the authorization issue is also an issue that software companies must pay attention to.

Contents of the invention

In view of the above problems, the present invention is proposed to provide an application authorization method, computing device, and storage medium that overcome the above problems or at least partially solve the above problems.

According to one aspect of the present invention, there is provided a method for authorizing an application, which is executed in a computing device. The method includes: extracting at least one authorization information pre-stored in the computing device, the authorization information including at least one first hardware encryption information, an application The authorization serial number and the first check value of the program; the authorization information is analyzed to determine whether the authorization information is correct; when the authorization information is determined to be correct, each hardware information related to the preset matching rules of the computing device is obtained; each hardware information is separately performing encryption to generate each second hardware encrypted information; matching the second hardware encrypted information with the first hardware encrypted information, and when the preset matching rule is met, the authorization is successful.

Optionally, in the application program authorization method according to the present invention, the authorization information is written into the BIOS chip of the computing device by means of burning.

Optionally, in the application program authorization method according to the present invention, a step of generating authorization information is also included, including: respectively encrypting at least one piece of hardware information in the computing device to generate respective first hardware encryption information; obtaining the application The authorization serial number of the program; based on the verification value generation algorithm, each first hardware encryption information and the authorization serial number of the application program are encoded to generate the first verification value.

Optionally, in the application program authorization method according to the present invention, the step of parsing the authorization information to determine whether the authorization information is correct includes: parsing the authorization information to obtain the first hardware encryption information, the authorization serial number of the application program, and the second A check value; encode the first hardware encryption information obtained by parsing and the authorization serial number of the application program through a check value generation algorithm to generate a second check value; determine whether the first check value and the second check value the same; if the first check value is the same as the second check value, it is judged whether the authorization serial number of the application program is legal; if the authorization serial number of the application program is legal, it is confirmed that the authorization information is correct.

Optionally, in the application program authorization method according to the present invention, when it is determined that the authorization information is correct, the step of acquiring hardware information related to the preset matching rules of the computing device includes: acquiring each hardware information corresponding to the first hardware encryption information. Hardware identification; acquiring hardware information related to each hardware identification in the current computing device.

Optionally, in the application program authorization method according to the present invention, the encryption algorithm is SHA256; the check value generation algorithm is a cyclic redundancy check algorithm.

Optionally, in the application program authorization method according to the present invention, the authorization information generation method further includes: performing structural processing on the first hardware encryption algorithm, the application program authorization serial number and the first check value.

Optionally, in the application authorization method according to the present invention, the second hardware encryption information is matched with the first hardware encryption information, and when the preset matching rule is satisfied, the step of authorization success includes: encrypting the second hardware The information is matched with the first hardware encrypted information, and when the matching degree reaches a preset threshold, the authorization is successful.

According to yet another aspect of the present invention, there is provided a computing device comprising: at least one processor; and a memory storing program instructions, wherein the program instructions are configured to be executed by the at least one processor, the The program instructions described above include instructions for performing the methods described above.

According to still another aspect of the present invention, a readable storage medium storing program instructions is provided, and when the program instructions are read and executed by a computing device, the computing device is made to execute the above method.

The scheme of the present invention adopts the method of binding the hardware information and the software authorization serial number to solve the problem of unlimited proliferation of the authorization serial number, thereby reducing the loss of the software manufacturer and strengthening the support for the genuine software, and, in this scheme, the hardware The information and software authorization serial number are burned in the BIOS, so that the authorization verification process can still be completed normally even when offline.

This solution also proposes a hardware information matching rule. When the user replaces some hardware, the authorization verification process can still be completed normally, thus providing the user with a certain degree of freedom and improving the user experience. At the same time, it strengthens the software provider’s interest protection.

The above description is only an overview of the technical solution of the present invention. In order to better understand the technical means of the present invention, it can be implemented according to the contents of the description, and in order to make the above and other purposes, features and advantages of the present invention more obvious and understandable , the specific embodiments of the present invention are enumerated below.

Description of drawings

Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiment. The drawings are only for the purpose of illustrating a preferred embodiment and are not to be considered as limiting the invention. Also throughout the drawings, the same reference numerals are used to designate the same components. In the attached picture:

Fig. 1 shows the flow chart of using the software authorization serial number to bind hardware information in the prior art to perform software authorization;

FIG. 2 shows a schematic diagram of a computing device 200 according to one embodiment of the present invention;

FIG. 3 shows a flowchart of a method 300 for generating authorization information and burning it into a computing device in an application authorization method according to an embodiment of the present invention;

Fig. 4 shows a flow chart of an authorization information verification method 400 in an application program authorization method according to an embodiment of the present invention.

Detailed ways

Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

Currently popular computer software (application programs) generally use software authorization serial numbers or software authorization serial numbers bound to computer hardware information and other authorization methods for authorization activation. When using the method of binding hardware information, the main components of the computer (such as motherboard, CPU, disk, memory, network card, graphics card, sound card, etc.) The form is saved in the computing device. FIG. 1 shows a flow chart of software authorization in the prior art by using a software authorization serial number to bind hardware information. As shown in Figure 1, the specific process of software authorization in the prior art is as follows:

Read the authorization file information of the client machine, and determine whether the authorization file exists.

If the authorization file does not exist, the authorization fails.

If the authorization file exists, read the authorization file information of the gram-short machine, and determine whether there is a network connection during the process.

If it is determined that there is a network connection, the verification of the authorization information is completed through the authorization server.

When it is judged that there is no network connection, read the authorization status when the software was opened last time locally as the verification result (for example, if the last authorization verification was successful, this time the default authorization was successful; if the last authorization verification failed, this time continuation of the result of an authorization failure). Or directly determine that the authorization failed. When the software is opened every time, it is compared with the authorization information stored in the authorization server, and then the authorization server sends the authorization verification result of the client software, but when the software authorization server is offline or cannot be connected, the software authorization verification cannot be completed. In turn, it may continue to continue the authorization status when the software was opened last time or return the result of authorization verification failure.

For the authorization methods provided above, the following problems inevitably exist:

1) Due to some circumstances, the authorization verification cannot be performed due to disconnection from the Internet, and thus the authorization cannot be obtained.

2) Only the serial number authorization is performed without binding hardware information; resulting in the unlimited proliferation of authorization once the serial number is leaked; or in order to solve the diffusion of the serial number and lead to authorization proliferation, and then require the need to be connected to the Internet, which leads to the problem of defect 1 Appear.

3) Binding a single hardware information solves the problem of authorization proliferation caused by only serial number authorization; but it will introduce the following problems

a. Due to non-standard hardware, individual hardware information is invalid, thus forming an invalid binding.

b. Once the hardware is replaced, the authorization will become invalid.

4) The hardware information is fully bound, which reduces the probability of invalid binding, but introduces new problems: the increase of users and the replacement of individual hardware lead to the invalidation of authorization, which in turn leads to a decrease in user experience, damage to user interests, and after-sales services of software manufacturers. Issues such as increasing investment.

5) Use computer files to record authorization status and authorization information, which may lead to authorization diffusion due to file diffusion; or file binding hardware information, but authorization invalidation due to user replacement of individual hardware.

In order to solve the above existing problems in the prior art, in the embodiment of the present invention, a new application program (software) authorization method is proposed, the method is divided into two stages, wherein, the first stage is the (Computing equipment) During the production process of the manufacturer, the complete machine manufacturer reads the effective value of the hardware information required in the matching rule according to the preset hardware information matching rules (such as: motherboard, BIOS, hard disk, cpu, network card, memory, N pieces of hardware information such as graphics card, sound card, etc.), and encrypt the effective values of the read hardware information one by one; bind all the encrypted ciphertexts generated after encryption with the authorization serial number of the application program, and calculate and generate a checksum value, so that the final authorization information is generated, and the final authorization information is written into the BIOS. It should be pointed out that, in the computing device, a piece of authorization information may be pre-configured and arranged, where a piece of authorization information corresponds to the authorization of an application program, and will not be listed here.

The second stage is the stage of verifying the authorization information. The software first reads the authorization information stored in the BIOS, extracts all the hardware information ciphertext and authorization serial number from the read authorization information to calculate the verification value, and calculates the verification value and authorization Compare the verification values in the information, if the two verification values are the same, then verify whether the read authorization serial number is legal and valid; if it is a legal authorization serial number, finally read all the hardware on the machine within the matching rule range The information is encrypted and calculated one by one, and the encrypted ciphertext and the hardware information ciphertext read in the BIOS are matched according to the matching rules to meet the matching rules (for example: there are 7 hardware information in the matching range, and 5 or more hardware information are satisfied. If the information ciphertext is the same, the match is successful), then the authorization verification is considered successful.

Both stages of the application program authorization method provided in this embodiment are executed in the computing device. FIG. 2 shows a block diagram of a computing device 200 according to one embodiment of the present invention. As shown in FIG. 2 , in a basic configuration 202 , computing device 200 typically includes system memory 206 and one or more processors 204 . A memory bus 208 may be used for communication between the processor 204 and the system memory 206 .

Depending on the desired configuration, processor 204 may be any type of processing including, but not limited to, a microprocessor (μP), microcontroller (μC), digital information processor (DSP), or any combination thereof. Processor 204 may include one or more levels of cache such as L1 cache 210 and L2 cache 212 , processor core 214 and registers 216 . Exemplary processor core 214 may include an arithmetic logic unit (ALU), a floating point unit (FPU), a digital signal processing core (DSP core), or any combination thereof. An example memory controller 218 may be used with the processor 204 or, in some implementations, the memory controller 218 may be an internal part of the processor 204 .

Depending on the desired configuration, system memory 206 may be any type of memory including, but not limited to: volatile memory (such as RAM), non-volatile memory (such as ROM, flash memory, etc.), or any combination thereof. System memory 206 may include operating system 220 , one or more applications 222 , and program data 224 . The application 222 is actually a plurality of program instructions, which are used to instruct the processor 204 to perform corresponding operations. In some implementations, applications 222 may be arranged to execute instructions on an operating system with program data 224 by one or more processors 204 . The operating system 220 may be, for example, Linux, Windows, etc., which includes program instructions for handling basic system services and performing hardware-dependent tasks. The application 222 includes program instructions for realizing various user-desired functions. The application 222 may be, for example, a browser, instant messaging software, software development tools (such as an integrated development environment IDE, a compiler, etc.), but is not limited thereto. When the application 222 is installed in the computing device 200, a driver module may be added to the operating system 220.

When the computing device 200 starts to run, the processor 204 reads program instructions of the operating system 220 from the memory 206 and executes them. The application 222 runs on the operating system 220, and utilizes the interface provided by the operating system 220 and the underlying hardware to realize various user-desired functions. When the user starts the application 222 , the application 222 is loaded into the memory 206 , and the processor 204 reads and executes the program instructions of the application 222 from the memory 206 .

Computing device 200 also includes storage device 232 , which includes removable storage 236 and non-removable storage 238 , both of which are connected to storage interface bus 234 .

Computing device 200 may also include interface bus 240 to facilitate communication from various interface devices (eg, output devices 242 , peripheral interfaces 244 , and communication devices 246 ) to base configuration 202 via bus/interface controller 230 . Example output devices 242 include a graphics processing unit 248 and an audio processing unit 250 . They may be configured to facilitate communication with various external devices such as a display or speakers via one or more A/V ports 252 . Example peripherals interfaces 244 may include serial interface controller 254 and parallel interface controller 256, which may be configured to facilitate communication via one or more I/O ports 258 and input devices such as (e.g., keyboard, mouse, pen) , voice input device, touch input device) or other peripherals (such as printers, scanners, etc.) to communicate with external devices such as. The example communication device 246 may include a network controller 260 , which may be arranged to facilitate communication with one or more other computing devices 262 over a network communication link via one or more communication ports 264 .

A network communication link may be one example of a communication medium. Communication media typically embodies computer readable instructions, data structures, program modules in a modulated data signal such as a carrier wave or other transport mechanism and may include any information delivery media. A "modulated data signal" may be a signal that has one or more of its data sets or changes thereof in such a manner as to encode information in the signal. By way of non-limiting example, communication media may include wired media such as a wired or dedicated-line network, and various wireless media such as acoustic, radio frequency (RF), microwave, infrared (IR) or other wireless media. The term computer readable media as used herein may include both storage media and communication media.

Computing device 200 also includes a storage interface bus 234 coupled to bus/interface controller 230 . The storage interface bus 234 is connected to the storage device 232, and the storage device 232 is suitable for data storage. Exemplary storage devices 232 may include removable storage 236 (eg, CD, DVD, USB stick, removable hard disk, etc.) and non-removable storage 238 (eg, hard disk drive HDD, etc.).

In the computing device 200 according to the present invention, the application 222 includes a plurality of program instructions for performing the method 300 or the method 400 . The application authorization method of the present invention includes a method for generating authorization information in the aforementioned first phase and burning it into a computing device (corresponding to method 300) and a method for verifying authorization information in the aforementioned second phase (corresponding to method 400) ), which are introduced separately below.

Fig. 3 shows a flow chart of a method 300 for generating authorization information and burning it into a computing device in an application authorization method according to an embodiment of the present invention. The method 300 is suitable for execution in a computing device, such as the aforementioned computing device 200 .

As shown in FIG. 3 , the purpose of the method 300 is to generate authorization information and burn it into the computing device. The method 300 begins with step S302.

In step S302, at least one piece of hardware information in the computing device is respectively encrypted to generate respective first hardware encrypted information. As mentioned above, the computing equipment includes multiple hardware (such as: motherboard, BIOS, hard disk, cpu, network card, memory, graphics card, sound card, etc.), and the staff needs to set the The range of matching degree of hardware information, that is, which hardware is selected as the hardware information to be bound. In other words, what hardware information needs to be encrypted needs to be stored in the computing device.

Exemplarily, the validity and reliability of the hard disk is higher than that of the sound card, and the information of the hard disk is preferentially selected as the binding information. The reliability and validity can be determined by referring to the user replacement ratio or the number of times in the historical data compared between the two.

In a specific example, the following hardware information matching degree range may be referred to:

a. Hard disk information + CPU information + memory information + BIOS information + motherboard information + network card information;

b. Hard disk 1 information + hard disk 2 information + motherboard information + network card 1 information + network card 2 information;

c. Motherboard information + BIOS information + CPU information + memory information.

Wherein, a, b, and c respectively represent a range of hardware information matching degree.

After the range of matching degree of hardware information is determined, the hardware information of all hardware in the selected range of matching degree of hardware information is read out, and an encryption algorithm is used to encrypt all hardware information within the matching range of hardware information one by one. Preferably, the SHA256 encryption algorithm can be used, but of course it is not limited thereto, and other hash encryption algorithms such as MD5, or encryption algorithms such as RSA and DSA can also be used.

Continuing the previous example, taking SHA256 as an example, after encrypting the hardware in the matching degree of each hardware information, it can be expressed as:

a ₁ .SHA256(hard disk information)+SHA256(CPU information)+SHA256(memory information)+SHA256(BIOS information)+SHA256(main board information)+SHA256(network card information);

b _1. SHA256 (hard disk 1 information) + SHA256 (hard disk 2 information) + SHA256 (mainboard information) + SHA256 (network card 1 information) + SHA256 (network card 2 information);

c ₁ .SHA256(mainboard information)+SHA256(BIOS information)+SHA256(CPU information)+SHA256(memory information).

Wherein, a ₁ , b ₁ , and c ₁ respectively include multiple pieces of hardware encryption information.

It should be noted that the hardware information needs to be able to uniquely specify the hardware. For example, if the hardware is a motherboard, the motherboard information can be the serial number of the motherboard; if the hardware is a CPU, the CPU information can be the CPU serial number; if the motherboard is a network card, then the network card The information may be a network card MAC or the like.

In step S304, the authorization serial number of the application is obtained. The license serial number of the application program is provided by the software manufacturer.

In step 306, based on the verification value generation algorithm, each first hardware encryption information and the authorization serial number of the application program are encoded to generate a first verification value. Specifically, the check value generating algorithm may adopt a cyclic redundancy check algorithm (CRC), but of course it is not limited thereto.

In a specific example, the hardware encryption information a ₁ in the above example is encoded with the authorization serial number of the application program for the following description:

Check value (a ₁ + authorization serial number of the application) = CRC [SHA256 (hard disk information) + SHA256 (CPU information) + SHA256 (memory information) + SHA256 (BIOS information) + SHA256 (main board information) + SHA256 (network card information) + the authorization serial number of the application].

In this example, a complete authorization information (a ₁ ) can be expressed as:

Of course, in order to further improve the stability and diversity of authorization, for the same application, multiple authorization information can also be generated as an alternative to ensure that authorization verification can still be completed normally when some hardware is replaced. process. For example, using the method in this example, authorization information (b ₁ ) and authorization information (c ₁ ) corresponding to the aforementioned hardware encryption information b ₁ and c ₁ are generated respectively.

In step 308, the generated authorization information is written into the BIOS (Basic Input Output System) chip of the computing device by burning. Multiple authorization information can be burned in the BIOS chip, for example, authorization information (a ₁ ), authorization information (b ₁ ) and authorization information (c ₁ ), or only one authorization information can be burned, which is not limited here.

Based on the above content, it can be seen that the authorization information is actually a long array, which is not convenient for storage and analysis. Therefore, before the authorization information is burned into the BIOS chip, the method 300 also includes:

Structural processing is performed on the first hardware encryption algorithm, the authorization serial number of the application program and the first check value. A structure is formed by forming the first hardware encryption algorithm, the authorization serial number of the application program and the first check value. Specifically, related algorithms can be used for structured processing, for example:

After the authorization information is structured, on the one hand, it can facilitate the burning of the authorization information, and on the other hand, it can improve the confidentiality of the authorization information.

Alternatively, the authorization information can also be burned into the BIOS chip in the form of a table, for example as follows:

字段名称Field Name	字段长度(字节)field length (bytes)
硬盘加密信息Hard disk encryption information	3232
CPU加密信息CPU encryption information	3232
主板加密信息Motherboard encrypted information	3232
应用程序授权序列号Application License Serial Number	1616
校验值Check value	44

The above completes the process of generating and burning authorization information in the first stage of the application program authorization method provided by this embodiment.

Fig. 4 shows a flow chart of an authorization information verification method 400 in an application program authorization method according to an embodiment of the present invention. The method 400 is suitable for execution in a computing device, such as the aforementioned computing device 200 .

As shown in FIG. 4 , the purpose of the method 400 is to verify the authorization information, starting from step S402. In step S402, at least one authorization information pre-stored in the computing device is extracted, the authorization information includes at least one first hardware encryption information, The authorization serial number and the first check value of the application program. The authorization information is pre-burned into the BIOS chip of the computing device, and its generation process and burning process correspond to the above-mentioned method 300, which will not be repeated here.

In step S404, the authorization information is analyzed to determine whether the authorization information is correct.

Specifically, the authorization information is analyzed, and the first hardware encryption information, the authorization serial number of the application program, and the first check value are respectively obtained; the first hardware encryption information and the authorization serial number of the application program are encoded by a check value generation algorithm, Generate a second check value; judge whether the first check value is the same as the second check value; if the first check value is the same as the second check value, then judge whether the authorization serial number of the application is legal; if the application If the authorization serial number of the program is legal, then confirm that the authorization information is correct. Correspondingly, when the first check value is not the same as the second check value or the application is invalid after being authorized, the authorization fails.

It should be noted that the verification value generation algorithm adopted when generating the second verification value should be the same as the verification value generation algorithm adopted in the aforementioned step S306.

In a specific example, to determine whether the authorization serial number of the application is legal, you can query the rules of the software manufacturer corresponding to the application when generating the authorization serial number. For example, the authorization serial numbers generated by the software manufacturer are all numbers, and If there are non-numbers (for example, letters) in the license serial number of the obtained application, it means that the software serial number of the application is illegal; or, the license serial number generated by the software manufacturer is 11 digits, and the obtained application If the authorization serial number of the program is more or less than 11, it means that the software serial number of the application program is illegal, etc., which is not limited in this embodiment.

It should also be noted that if the authorization information is structured when it is generated, it is necessary to destructure the authorization information during parsing, that is, use an algorithm that is inverse to the structural algorithm to process the authorization information.

In step S406, when it is determined that the authorization information is correct, each piece of hardware information related to the preset matching rule of the computing device is acquired.

Specifically, each hardware identification corresponding to the first hardware encryption information is acquired; and each hardware information related to each hardware identification in the current computing device is acquired. The hardware identification can be understood as a hardware name, in other words, which hardware is encrypted in the first hardware encryption information is obtained, and then the hardware information of these hardware configured in the computing device is checked. The hardware information can be obtained through documents such as the instruction manual of the computing device, or can be obtained by viewing the attributes of the computing device, which is not limited in this embodiment.

In a specific example, the preset matching rule may be: the range of matching hardware information corresponding to the first hardware encryption information is 7 pieces of hardware, then the current computing device satisfies the matching of 5 or more pieces of hardware information corresponding to the first hardware encryption information The hardware in the hardware information range can be the same, or the matching range is 5 hardware, and 3 or more hardware information can be the same, etc.

In step S408, the hardware information is respectively encrypted to generate second hardware encrypted information.

It should be noted that the encryption algorithm used when generating the second hardware-encrypted information should be the same as that used when generating the first hardware-encrypted information.

In step S410, the second hardware encrypted information is matched with the first hardware encrypted information, and when the preset matching rule is met, the authorization is successful. Specifically, the second hardware encryption information is matched with the first hardware encryption information, and when the matching degree reaches a preset threshold, the authorization is successful. For example, the first hardware encryption information corresponds to 7 pieces of hardware encryption information, if the 5 pieces of hardware encryption information corresponding to the second hardware encryption information are the same as those in the first hardware encryption information, the authorization is successful; otherwise, the authorization fails.

The various techniques described herein can be implemented in conjunction with hardware or software, or a combination thereof. Thus, the method and device of the present invention, or certain aspects or parts of the method and device of the present invention may be embedded in a tangible medium, such as a removable hard disk, USB flash drive, floppy disk, CD-ROM or any other machine-readable storage medium In the form of program code (ie, instructions) in a machine such as a computer, when the program is loaded into a machine such as a computer and executed by the machine, the machine becomes an apparatus for practicing the invention.

In the case of program code execution on a programmable computer, the computing device generally includes a processor, a storage medium readable by the processor (including volatile and non-volatile memory and/or storage elements), at least one input device, and at least one output device. Wherein, the memory is configured to store program code; the processor is configured to execute the method of the present invention according to instructions in the program code stored in the memory.

Readable media include, by way of example and not limitation, readable storage media and communication media. Readable storage media store information such as computer readable instructions, data structures, program modules or other data. Communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. Combinations of any of the above are also included within the scope of readable media.

In the description provided herein, the algorithms and displays are not inherently related to any particular computer, virtual system, or other device. Various general-purpose systems can also be used with examples of the invention. The structure required to construct such a system is apparent from the above description. Furthermore, the present invention is not specific to any particular programming language. It should be understood that various programming languages can be used to implement the contents of the present invention described herein, and the above description of specific languages is for disclosing preferred embodiments of the present invention.

In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure the understanding of this description.

Similarly, it should be appreciated that in the foregoing description of exemplary embodiments of the invention, in order to streamline this disclosure and to facilitate an understanding of one or more of the various inventive aspects, various features of the invention are sometimes grouped together in a single embodiment, figure, or its description. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention.

Those skilled in the art will understand that the modules or units or components of the devices in the examples disclosed herein may be arranged in the device as described in this embodiment, or alternatively may be located in a different location than the device in this example. in one or more devices. The modules in the preceding examples may be combined into one module or furthermore may be divided into a plurality of sub-modules.

Those skilled in the art can understand that the modules in the device in the embodiment can be adaptively changed and arranged in one or more devices different from the embodiment. Modules or units or components in the embodiments may be combined into one module or unit or component, and furthermore may be divided into a plurality of sub-modules or sub-units or sub-assemblies. All features disclosed in this specification (including accompanying claims, abstract and drawings) and any method or method so disclosed may be used in any combination, except that at least some of such features and/or processes or units are mutually exclusive. All processes or units of equipment are combined. Each feature disclosed in this specification (including accompanying claims, abstract and drawings), may be replaced by alternative features serving the same, equivalent or similar purpose, unless expressly stated otherwise.

Furthermore, those skilled in the art will understand that although some embodiments described herein include some features included in other embodiments but not others, combinations of features from different embodiments are meant to be within the scope of the invention. and form different embodiments. For example, in the following claims, any of the claimed embodiments may be used in any combination.

Furthermore, some of the described embodiments are described herein as a method or combination of method elements that may be implemented by a processor of a computer system or by other means for performing the described function. Thus, a processor with the necessary instructions for carrying out the described method or element of a method forms a means for carrying out the method or element of a method. Furthermore, elements described herein of an apparatus embodiment are examples of means for carrying out the function performed by the element for the purpose of carrying out the invention.

As used herein, unless otherwise specified, the use of ordinal numbers "first," "second," "third," etc. to describe generic objects merely means referring to different instances of similar objects and is not intended to imply such The described objects must have a given order temporally, spatially, sequentially or in any other way.

While the invention has been described in terms of a limited number of embodiments, it will be apparent to a person skilled in the art having the benefit of the above description that other embodiments are conceivable within the scope of the invention thus described. In addition, it should be noted that the language used in the specification has been chosen primarily for the purpose of readability and instruction rather than to explain or define the inventive subject matter. Accordingly, many modifications and alterations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the appended claims. The disclosure of the present invention is intended to be illustrative rather than restrictive with respect to the scope of the present invention, which is defined by the appended claims.

Claims

A method for authorizing an application program, executed in a computing device, the method comprising:

Extracting at least one authorization information pre-stored in the computing device, the authorization information including at least one first hardware encryption information, the authorization serial number of the application program, and a first check value;

Parsing the authorization information to determine whether the authorization information is correct;

When it is determined that the authorization information is correct, acquiring each piece of hardware information related to the preset matching rule of the computing device;

Encrypting each of the hardware information respectively to generate each second hardware encrypted information;

The second hardware encrypted information is matched with the first hardware encrypted information, and when the preset matching rule is met, the authorization is successful.
The method according to claim 1, wherein the authorization information is written into the BIOS chip of the computing device by means of burning.
The method of claim 1, further comprising the step of generating said authorization information, comprising:

Encrypting at least one piece of hardware information in the computing device respectively to generate respective first hardware encryption information;

Obtain an authorization serial number for said application;

Encoding each of the first hardware encryption information and the authorization serial number of the application program based on a check value generating algorithm to generate the first check value.
The method according to claim 1 or 3, wherein the step of parsing the authorization information to determine whether the authorization information is correct comprises:

Analyzing the authorization information to obtain the first hardware encryption information, the authorization serial number of the application program, and the first check value respectively;

Encoding the first hardware encryption information obtained through analysis and the authorization serial number of the application program through a check value generating algorithm to generate a second check value;

judging whether the first check value is the same as the second check value;

If the first check value is the same as the second check value, then determine whether the authorization serial number of the application is legal;

If the authorization serial number of the application program is legal, it is confirmed that the authorization information is correct.
The method according to claim 1, wherein when the authorization information is determined to be correct, the step of obtaining hardware information related to the preset matching rules of the computing device comprises:

Acquiring hardware identifiers corresponding to the first hardware encryption information;

Acquire hardware information related to each hardware identifier in the current computing device.
The method according to claim 3, wherein, the encryption algorithm is SHA256; the verification value generation algorithm is a cyclic redundancy check algorithm.
The method according to claim 3, wherein the method for generating authorization information further comprises:

Structural processing is performed on the first hardware encryption information, the authorization serial number of the application program, and the first check value.
The method according to claim 1, wherein the preset matching rules include:

When the matching degree reaches the preset threshold, the authorization is successful.
A computing device comprising:

at least one processor; and

A memory storing program instructions, wherein the program instructions are configured to be executed by the at least one processor, the program instructions comprising instructions for performing the method according to any one of claims 1-8 .
A readable storage medium storing program instructions, when the program instructions are read and executed by a computing device, the computing device is made to execute the method according to any one of claims 1-8.