CN113378206B - Software authorization encryption method, software authorization decryption method, device and system - Google Patents

Software authorization encryption method, software authorization decryption method, device and system Download PDF

Info

Publication number
CN113378206B
CN113378206B CN202110776416.2A CN202110776416A CN113378206B CN 113378206 B CN113378206 B CN 113378206B CN 202110776416 A CN202110776416 A CN 202110776416A CN 113378206 B CN113378206 B CN 113378206B
Authority
CN
China
Prior art keywords
array
file
encryption
decryption
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110776416.2A
Other languages
Chinese (zh)
Other versions
CN113378206A (en
Inventor
李龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ccx Credit Technology Co ltd
Original Assignee
Ccx Credit Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ccx Credit Technology Co ltd filed Critical Ccx Credit Technology Co ltd
Priority to CN202110776416.2A priority Critical patent/CN113378206B/en
Publication of CN113378206A publication Critical patent/CN113378206A/en
Application granted granted Critical
Publication of CN113378206B publication Critical patent/CN113378206B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention provides a software authorization encryption method, a decryption method, a device and a system, wherein the software authorization encryption method comprises the following steps: acquiring related information of a target server and generating an authorization verification code; converting the file to be encrypted into a first file array and preprocessing to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted; converting the authorization verification code into an encryption key array; for each subfile array to be encrypted, performing exclusive OR operation on elements in the subfile array to be encrypted and elements in the encryption key array to obtain a first encryption subfile array; generating a permutation encryption array based on the encryption key array; for each first encryption sub-file array, carrying out replacement encryption on the first encryption sub-file array by using a replacement encryption array to obtain a second encryption sub-file array; and obtaining the encrypted file based on the preprocessed identification codes and the second encrypted subfile arrays. The embodiment of the invention can increase the security of software authorization encryption.

Description

Software authorization encryption method, software authorization decryption method, device and system
Technical Field
The present invention relates to the field of encryption and decryption technologies, and in particular, to a software authorization encryption method, a software authorization decryption device, and a software authorization decryption system.
Background
With the popularization and rapid development of internet technology, software-authorized encryption technology is gradually and comprehensively combined with internet technology. The authorization encryption is the encryption and protection of the authorized content by the pointer so as to achieve the aim of ensuring the security of the distributed software, and aims to obtain the authorized user to use the software product in the specified authority.
The software developer can meet the demands of software sales digitization, security and manageability through a software authorization encryption technology. In the related art, the method for authorizing and encrypting the software comprises the following steps: and generating a pseudo code for editing the target software code, namely modifying the business code of the target software, so that the target software code is not easy to identify by users beyond authorization, and the security of the target software code is improved. However, as the code cracking technology and the code decompiling capability are stronger and stronger, the software authorization code module is easy to tamper, so that the software of a developer cannot be managed according to the initial expectation, and even risks such as random copying of the software, leakage of the software source code and the like exist.
Disclosure of Invention
The embodiment of the invention aims to provide a software authorization encryption method, a software authorization decryption device and a software authorization decryption system so as to increase the security of software authorization encryption and prevent software codes from being tampered. The specific technical scheme is as follows:
in a first aspect, an embodiment of the present invention provides a software authorization encryption method, where the method includes:
acquiring related information of a target server, and generating an authorization verification code based on the related information, wherein the related information is information for identifying the target server, and the target server is a binding server;
converting a file to be encrypted into a first file array, and preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted;
converting the authorization verification code into an encryption key array with a preset length;
performing exclusive-or operation on the elements in the subfile array to be encrypted and the elements in the encryption key array aiming at each subfile array to be encrypted to obtain a first encrypted subfile array after exclusive-or encryption;
generating a permutation encryption array based on the encryption key array;
performing substitution encryption on the first encryption subfile array by using the substitution encryption array aiming at each first encryption subfile array to obtain a second encryption subfile array subjected to substitution encryption;
And obtaining an encrypted file based on the preprocessed identification codes and the second encrypted subfile arrays.
Optionally, the related information includes: the main board number, the IP address and the MAC address of the target server;
the step of obtaining the related information of the target server and generating the authorization verification code based on the related information comprises the following steps:
generating an authorization verification code using the following expression:
key=randomuuid+md5 (motherboard number+ip address+mac address+key)
The key represents an authorization verification code, the random UUID is a 32-bit random string generation function, and md5 (main board number+IP address+MAC address+key) is used for generating a string with 32 bits bound with the main board number, IP address, MAC address and random key of the target server, and the key is a preset random key.
Optionally, the step of generating a permutation encryption array based on the encryption key array includes:
determining the number of elements corresponding to each key subarray when the encryption key array is divided into a plurality of key subarrays based on the values of elements in the encryption key array;
taking the remainder of each element and the number in the encryption key array, and de-duplicating each remainder to obtain a new encryption key array;
And when the number of the elements in the new encryption key array is smaller than the number, based on the last element in the new encryption key array, the elements of the new encryption key array are complemented to the number in a sequential increasing mode, so that the replacement encryption array is obtained.
Optionally, the step of performing permutation encryption on the first encrypted subfile array by using the permutation encryption array for each first encrypted subfile array to obtain a second encrypted subfile array after permutation encryption includes:
grouping the first encrypted sub-file arrays based on the number for each first encrypted sub-file array to obtain a plurality of third encrypted sub-file arrays;
based on the values of the elements in the replacement encryption array, carrying out position replacement reordering on the elements in each third encryption subfile array to obtain a plurality of fourth encryption subfile arrays;
and replacing and splicing the rows and columns of the matrix formed by the fourth encryption subfile arrays to obtain a replaced and encrypted second encryption subfile array.
Optionally, the step of preprocessing the first file array to obtain a preprocessed identification code and a plurality of subfile arrays to be encrypted includes:
Subtracting one by one the first 8-bit identification code of the first file array to obtain a preprocessed identification code, dividing each 128-bit element after the 8 th bit of the first file array into a group to be determined as a subfile array to be encrypted, and determining subfile arrays less than 128 bits as subfile arrays without encryption;
the step of obtaining the encrypted file based on the preprocessed identification code and each second encrypted sub-file array comprises the following steps:
and splicing the preprocessed identification codes, the second encryption sub-file arrays and the encryption-unnecessary sub-file arrays to obtain an encryption file.
In a second aspect, an embodiment of the present invention provides a method for decrypting software authorization, where the method includes:
acquiring an authorization verification code and each sub-file array to be decrypted, wherein the sub-file array to be decrypted is obtained by preprocessing a file to be decrypted;
acquiring related information of a target server, and generating a decryption key based on the related information, wherein the related information is information for identifying the target server, and the target server is a binding server;
judging whether the authorization verification code is matched with the decryption key or not;
Under the condition that the authorization verification code is matched with the decryption key, converting the decryption key into a decryption key array with a preset length;
generating a permutation decryption array based on the decryption key array;
performing replacement decryption on the sub-file arrays to be decrypted by using the replacement decryption array aiming at each sub-file array to be decrypted to obtain a replaced and decrypted sub-file array;
and performing exclusive-or operation on the elements in the decryption subfile array and the elements in the decryption key array aiming at each decryption subfile array to obtain an exclusive-or decrypted target decryption subfile array.
In a third aspect, an embodiment of the present invention provides a software-authorized encryption device, including:
the first generation unit is used for acquiring related information of a target server and generating an authorization verification code based on the related information, wherein the related information is information for identifying the target server, and the target server is a binding server;
the preprocessing unit is used for converting the file to be encrypted into a first file array, and preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted;
The first conversion unit is used for converting the authorization verification code into an encryption key array with a preset length;
the first encryption unit is used for carrying out exclusive-or operation on the elements in the subfile array to be encrypted and the elements in the encryption key array aiming at each subfile array to be encrypted to obtain a first encrypted subfile array after exclusive-or encryption;
a second generation unit configured to generate a permutation encryption array based on the encryption key array;
the second encryption unit is used for carrying out replacement encryption on the first encryption sub-file arrays by utilizing the replacement encryption arrays aiming at each first encryption sub-file array to obtain replaced and encrypted second encryption sub-file arrays;
and the third encryption unit is used for obtaining an encrypted file based on the preprocessed identification codes and the second encryption sub-file arrays.
In a fourth aspect, an embodiment of the present invention provides a software-authorized decryption apparatus, including:
the acquisition unit is used for acquiring the authorization verification code and each sub-file array to be decrypted, wherein the sub-file array to be decrypted is obtained by preprocessing the file to be decrypted;
a third generating unit, configured to obtain related information of a target server, and generate a decryption key based on the related information, where the related information is information for identifying the target server, and the target server is a binding server;
The judging unit is used for judging whether the authorization verification code is matched with the decryption key or not;
the second conversion unit is used for converting the decryption key into a decryption key array with a preset length under the condition that the judgment unit judges that the authorization verification code is matched with the decryption key;
a fourth generation unit, configured to generate a permutation decryption array based on the decryption key array;
the first decryption unit is used for carrying out replacement decryption on the sub-file arrays to be decrypted by utilizing the replacement decryption array aiming at each sub-file array to be decrypted to obtain a replaced and decrypted sub-file array;
and the second decryption unit is used for carrying out exclusive-or operation on the elements in the decryption subfile array and the elements in the decryption key array aiming at each decryption subfile array to obtain an exclusive-or decrypted target decryption subfile array.
In a fifth aspect, embodiments of the present invention provide a software-authorized encryption and decryption system, the system comprising: the system comprises an encryption module, a class loader and a decryption module, wherein the class loader comprises a decryption processor;
the encryption module is used for acquiring related information of a target server and generating an authorization verification code based on the related information, wherein the related information is information for identifying the target server, and the target server is a binding server; converting a file to be encrypted into a first file array, and preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted; converting the authorization verification code into an encryption key array with a preset length; performing exclusive-or operation on the elements in the subfile array to be encrypted and the elements in the encryption key array aiming at each subfile array to be encrypted to obtain a first encrypted subfile array after exclusive-or encryption; generating a permutation encryption array based on the encryption key array; performing substitution encryption on the first encryption subfile array by using the substitution encryption array aiming at each first encryption subfile array to obtain a second encryption subfile array subjected to substitution encryption; obtaining an encrypted file based on the preprocessed identification code and each second encrypted subfile array, and sending the encrypted file and the authorization verification code to the decryption processor;
The decryption processor is configured to receive the encrypted file and the authorization verification code sent by the encryption module, determine whether the encrypted file needs to be decrypted, and determine the encrypted file as a file to be decrypted when the encrypted file needs to be decrypted; transmitting each sub-file array to be decrypted and the authorization verification code in a second file array corresponding to the file to be decrypted to the decryption module, wherein the sub-file array to be decrypted is obtained by preprocessing the file to be decrypted;
the decryption module is used for receiving the authorization verification code and each subfile array to be decrypted, which are sent by the decryption processor; acquiring relevant information of a target server, generating a decryption key based on the relevant information, and judging whether the authorization verification code is matched with the decryption key or not; under the condition that the authorization verification code is matched with the decryption key, converting the decryption key into a decryption key array with a preset length; generating a permutation decryption array based on the decryption key array; performing replacement decryption on the sub-file arrays to be decrypted by using the replacement decryption array aiming at each sub-file array to be decrypted to obtain a replaced and decrypted sub-file array; performing exclusive-or operation on the elements in the decryption subfile array and the elements in the decryption key array aiming at each decryption subfile array to obtain an exclusive-or decrypted target decryption subfile array, and sending each target decryption subfile array to the decryption processor;
The decryption processor is configured to receive each target decryption sub-file array sent by the decryption module, and obtain a decryption file based on each target decryption sub-file array.
Optionally, the decryption processor is specifically configured to:
converting the encrypted file into a target file array, judging whether the first 8 bit identification codes of the target file array are consistent with the target identification codes, determining that the encrypted file needs to be decrypted under the condition of inconsistent, and determining the encrypted file as a file to be decrypted;
converting the file to be decrypted into a second file array, adding one first 8 bit identification code of the second file array one by one to obtain a to-be-processed identification code, dividing every 128 bits of elements after the 8 th bit of the second file array into a group to be determined as a sub-file array to be decrypted, determining sub-file arrays less than 128 bits as sub-file arrays not to be decrypted, and transmitting the sub-file array to be decrypted to the decryption module;
and splicing the identification code to be processed, the received target decryption sub-file arrays and the decryption-unnecessary sub-file arrays to obtain a decryption file.
The embodiment of the invention has the beneficial effects that:
according to the software authorization encryption method, device and system, the authorization check code is generated based on the related information of the bound target server, the binding of the encryption key and the authorization server is achieved, the plurality of sub-file arrays to be encrypted after preprocessing the files to be encrypted are encrypted one by one, the service codes of the files to be encrypted are not modified in the encryption process, so that the encrypted file service codes cannot be tampered, the encryption safety is improved, and the software codes are prevented from being tampered. The decryption process corresponds to the encryption process, and the modification of the file service code to be decrypted is not involved in the decryption process, so that the risks of tampering and leakage of the file service code to be decrypted are avoided.
Of course, it is not necessary for any one product or method of practicing the invention to achieve all of the advantages set forth above at the same time.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the invention, and other embodiments may be obtained according to these drawings to those skilled in the art.
Fig. 1 is a schematic flow chart of a software authorization encryption method according to an embodiment of the present application;
fig. 2 is a flow chart of a software authorization decryption method according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a software authorization encryption and decryption process according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a software authorization encryption device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a software authorization decryption device according to an embodiment of the present application;
FIG. 6 is a schematic diagram of a software authorization encryption and decryption system according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of another electronic device according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. Based on the embodiments of the present application, all other embodiments obtained by the person skilled in the art based on the present application are included in the scope of protection of the present application.
In order to solve the problem of the existing software authorization encryption, the embodiment of the invention provides a software authorization encryption method, which comprises the following steps:
acquiring related information of a target server, and generating an authorization verification code based on the related information, wherein the related information is information for identifying the target server, and the target server is a binding server; converting a file to be encrypted into a first file array, and preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted; converting the authorization verification code into an encryption key array with a preset length; performing exclusive-or operation on the elements in the subfile array to be encrypted and the elements in the encryption key array aiming at each subfile array to be encrypted to obtain a first encrypted subfile array after exclusive-or encryption; generating a permutation encryption array based on the encryption key array; performing substitution encryption on the first encryption subfile array by using the substitution encryption array aiming at each first encryption subfile array to obtain a second encryption subfile array subjected to substitution encryption; and obtaining an encrypted file based on the preprocessed identification codes and the second encrypted subfile arrays.
According to the software authorization encryption method provided by the embodiment of the invention, the authorization check code is generated based on the related information of the bound target server, so that the binding of the encryption key and the authorization server is realized, the encryption of a plurality of sub-file arrays to be encrypted after the pretreatment of the files to be encrypted is realized one by one, the service codes of the files to be encrypted are not modified in the encryption process, the encrypted file service codes cannot be tampered, the encryption safety is improved, and the software codes are prevented from being tampered.
The following describes a software authorization encryption method provided by the embodiment of the invention in detail:
the software authorization encryption method provided by the embodiment of the invention can be applied to an electronic equipment encryption system based on a Java system environment, or an encryption tool such as an encryption program or a C/S (client/server) end, for example, the encryption tool can be used when software is deployed at a server end in the Java system environment. The encryption method may be an encryption method based on JDK (Java Development Kit) software development components.
As shown in fig. 1, fig. 1 is a flow chart of a software authorization encryption method according to an embodiment of the present invention, where the method may include:
s101, acquiring relevant information of a target server, and generating an authorization verification code based on the relevant information.
The related information is information for identifying a target server, and the target server is a binding server.
When encrypting the software, a target server, i.e. a server to which the software is to be deployed, i.e. a server to which the software is bound, may acquire relevant information of the target server, where the relevant information may include: the target server's motherboard number, IP address (Internet Protocol Address ), MAC address (Media Access Control Address, physical address), etc., further generates an authorization verification code based on the relevant information.
As an optional implementation process of the embodiment of the present invention, the implementation process of obtaining the related information of the target server and generating the authorization verification code based on the related information may include:
generating an authorization verification code using the following expression:
key=randomuuid+md5 (motherboard number+ip address+mac address+key)
The key represents an authorization verification code, the random UUID is a 32-bit random string generation function, and md5 (main board number+IP address+MAC address+key) is used for generating a string with 32 bits bound with the main board number, IP address, MAC address and random key of the target server, and the key is a preset random key.
For example, the generated authorization verification code is a 64-bit string, the first 32 bits are a random string generated by a random uuid function, and the last 32 bits are a string generated by md5 (motherboard number+ip address+mac address+key) and bound to the motherboard number, IP address, MAC address and random key of the target server, where the key may be set by a developer according to actual requirements.
S102, converting the file to be encrypted into a first file array, and preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted.
Preferably, the file to be encrypted may be a class file, and further may be automatically converted into a byte file array when the class file is read in JDK environment, where the first 8 bits of byte data of the Java class file are fixed characters, which may be called an identifier.
As an optional implementation manner of the embodiment of the present invention, the implementation process of preprocessing the first file array to obtain the preprocessed identification code and the plurality of sub-file arrays to be encrypted may include:
subtracting one by one the first 8-bit identification code of the first file array to obtain a preprocessed identification code, dividing elements after the 8 th bit of the first file array into a group every 128 bits to be determined as a subfile array to be encrypted, and determining subfile arrays with less than 128 bits as subfile arrays without encryption.
Subtracting 1 from each first 8 bits of the identification code of the first file array to obtain a preprocessed identification code, wherein the preprocessed identification code is not subjected to encryption processing. For the elements after the 8 th bit of the first file array, every 128 bits are divided into one group, and the group is determined as a subfile array to be encrypted, encryption processing is performed on the subfile array file [ ] which can be expressed as 1×128 dimensions, and the subfile array formed by the elements which are less than 128 bits in the follow-up sequence is determined as a subfile array which does not need encryption processing.
S103, the authorization verification code is converted into an encryption key array with a preset length.
The generated authorization verification code is a 64-bit character string, and each character in the authorization verification code is converted into an ASCII code to obtain a 64-bit encryption key array. Illustratively, the encryption key array may be represented as key [ ], sized 1×64.
S104, for each sub-file array to be encrypted, performing exclusive OR operation on the elements in the sub-file array to be encrypted and the elements in the encryption key array to obtain a first encrypted sub-file array after exclusive OR encryption.
For each subfile array to be encrypted, the size of the subfile array to be encrypted is 1×128, and the size of the encryption key array is 1×64, so that each bit of the first 64 elements in the subfile array to be encrypted can be subjected to an exclusive-or algorithm with the elements in the encryption key array, and each bit of the last 64 elements also corresponds to the elements in the encryption key array to be subjected to an exclusive-or algorithm, thereby obtaining the first encrypted subfile array after exclusive-or encryption.
Illustratively, the sub-file array to be encrypted is represented as file [ ], the encryption key array is represented as key [ ], the first encrypted sub-file array after exclusive-or encryption is represented as xor file [ ], the xor algorithm is represented as xor, and then the method comprises the following steps of
xorfile[0]=file[0]^key[0]
xorfile[1]=file[1]^key[1]
xorfile[2]=file[2]^key[2]
...
xorfile[64]=file[64]^key[0]
xorfile[65]=file[65]^key[1]
..
xorfile[127]=file[127]^key[63]
S105, generating a replacement encryption array based on the encryption key array.
And cutting the sizes of all the elements in the encryption key array and the encryption key array to generate a replacement encryption array, and further performing conversion encryption on the first encrypted subfile array after exclusive-or encryption by using the replacement encryption array.
S106, for each first encryption sub-file array, performing replacement encryption on the first encryption sub-file array by using the replacement encryption array to obtain a replaced and encrypted second encryption sub-file array.
S107, obtaining an encrypted file based on the preprocessed identification codes and the second encrypted subfile arrays.
As an optional implementation method of the embodiment of the present invention, the implementation process for obtaining the encrypted file based on the preprocessed identification code and each second encrypted sub-file array may include:
and splicing the preprocessed identification codes, the second encryption subfile arrays and the encryption-unnecessary subfile arrays to obtain the encryption file.
After obtaining the second encrypted sub-file array after the replacement encryption, the preprocessed identification codes, the second encrypted sub-file arrays and the sub-file arrays without encryption are spliced in sequence to obtain the encrypted file.
According to the software authorization encryption method provided by the embodiment of the invention, the authorization check code is generated based on the related information of the bound target server, so that the binding of the encryption key and the authorization server is realized, the encryption of a plurality of sub-file arrays to be encrypted after the pretreatment of the files to be encrypted is realized one by one, the service codes of the files to be encrypted are not modified in the encryption process, the encrypted file service codes cannot be tampered, the encryption safety is improved, and the software codes are prevented from being tampered.
As an optional implementation manner of the embodiment of the present invention, the step S105, based on the encryption key array, may include:
step one, based on the value of each element in the encryption key array, determining the number of the corresponding elements of each key subarray when the encryption key array is divided into a plurality of key subarrays.
For example, the following expression may be used to determine the number of elements corresponding to each key subarray when dividing the encryption key array into a plurality of key subarrays:
Wherein groupNum is the number of the corresponding elements of each key sub-array when dividing the encryption key array into a plurality of key sub-arrays, key [ ] represents the encryption key array, key [ n ] represents the nth element of the encryption key array, groupNum takes the nearest value in [32, 16,8,4 ]. Correspondingly, the number of packets corresponding to the encryption key array is n=128/groupNum.
And step two, taking the remainder of each element and the number in the encryption key array, and de-duplicating each remainder to obtain a new encryption key array.
Illustratively, groupNum is 16 and the encryption key array key [ ] is: [48,99,99,102,56,97,100,53,55,51,99,101,52,49,53,50,57,100,102,50,102,101,49,52,52,56,52,97,50,56,51,54,54,53,97,50,102,98,50,56,98,101,98,57,98,98,54,99,53,57,52,99,55,48,57,56,57,99,99,49,55,100,97,51] taking the remainder of each element in the encryption key array and the number, taking 16 for the corresponding element when the remainder is 0, and obtaining the array after taking the remainder as follows: [16,3,3,6,8,1,4,5,7,3,3,5,4,1,5,2,9,4,6,2,6,5,1,4,4,8,4,1,2,8,3,6,6,5,1,2,6,2,2,8,2,5,2,9,2,2,6,3,5,9,4,3,7,9,8,9,3,3,1,7,4,1,3,3]. Further, the remainder is de-duplicated to obtain a new encryption key array as follows: [16,3,6,8,1,4,5,7,2,9].
And thirdly, when the number of elements in the new encryption key array is less than the number, based on the last element in the new encryption key array, supplementing the elements of the new encryption key array to the number in a sequential increasing mode to obtain a replacement encryption array.
The new encryption key array is: [16,3,6,8,1,4,5,7,2,9] the number of elements in the new encryption key array is less than groupNum (16), and based on the last element 9 in the new encryption key array, the elements of the new encryption key array are padded to 16 in a sequential increasing manner, so as to obtain a permuted encryption array, namely: [16,3,6,8,1,4,5,7,2,9,10,11,12,13,14,15].
Optionally, when the number of elements in the new encryption key array is not less than the number, the number of elements in the new encryption key array may be selected to obtain the permutation encryption array.
As an optional implementation manner of the embodiment of the present invention, the step S106, for each first encrypted sub-file array, performs permutation encryption on the first encrypted sub-file array by using a permutation encryption array, so as to obtain a implementation process of a second encrypted sub-file array after permutation encryption, may include:
Step 1, grouping the first encrypted sub-file arrays based on the number to obtain a plurality of third encrypted sub-file arrays for each first encrypted sub-file array.
And grouping each first encryption subfile array according to the number of the elements in the third encryption subfile array after grouping according to the number of the first encryption subfile arrays.
Illustratively, the first encrypted subfile array may be represented as:
[116,53,112,63,81,57,94,64,108,78,12,71,13,1,26,63,89,30,106,7,89,94,58,1,102,96,60,6,12,82,7,18,2,7,3,5,105,102,89,15,9,94,10,30,64,58,86,91,69,7,79,12,95,113,84,80,79,84,84,109,66,122,3,47,90,5,22,9,88,48,59,107,3,88,51,23,92,84,87,90,6,8,67,81,76,97,14,118,59,100,15,110,123,85,119,10,102,107,24,55,106,44,60,63,89,58,0,13,37,105,110,71,98,105,31,92,67,86,4,95,118,0,27,82,84,48,92,1]
grouping the first encrypted subfile array based on the number, wherein the number of the groups is m=128/16=8, namely, the first encrypted subfile array is divided into 8 third encrypted subfile arrays, which are respectively expressed as:
[116,53,112,63,81,57,94,64,108,78,12,71,13,1,26,63]
[89,30,106,7,89,94,58,1,102,96,60,6,12,82,7,18]
[2,7,3,5,105,102,89,15,9,94,10,30,64,58,86,91]
[69,7,79,12,95,113,84,80,79,84,84,109,66,122,3,47]
[90,5,22,9,88,48,59,107,3,88,51,23,92,84,87,90]
[6,8,67,81,76,97,14,118,59,100,15,110,123,85,119,10]
[102,107,24,55,106,44,60,63,89,58,0,13,37,105,110,71]
[98,105,31,92,67,86,4,95,118,0,27,82,84,48,92,1]
and 2, based on the values of the elements in the replacement encryption array, carrying out position replacement reordering on the elements in each third encryption subfile array to obtain a plurality of fourth encryption subfile arrays.
The permuted encryption array is expressed as: [16,3,6,8,1,4,5,7,2,9,10,11,12,13,14,15] the elements in each third encrypted subfile array are reordered for position permutation based on the values of the elements in the permuted encrypted array. For example, if the first element in the permutation encryption array is 16, the 16 th element in each third encryption subfile array is rearranged at the 1 st position, and if the second element in the permutation encryption array is 3, the 3 rd element in each third encryption subfile array is rearranged at the 2 nd position, and so on, the position permutation rearrangement is performed on each element in each third encryption subfile array, so as to obtain a plurality of fourth encryption subfile arrays. The reordered fourth encrypted subfile array may be expressed as:
[81,108,53,57,94,112,64,63,78,12,71,13,1,26,63,116]
[89,102,30,94,58,106,1,7,96,60,6,12,82,7,18,89]
[105,9,7,102,89,3,15,5,94,10,30,64,58,86,91,2]
[95,79,7,113,84,79,80,12,84,84,109,66,122,3,47,69]
[88,3,5,48,59,22,107,9,88,51,23,92,84,87,90,90]
[76,59,8,97,14,67,118,81,100,15,110,123,85,119,10,6]
[106,89,107,44,60,24,63,55,58,0,13,37,105,110,71,102]
[67,118,105,86,4,31,95,92,0,27,82,84,48,92,1,98,]
And 3, replacing and splicing rows and columns of the matrix formed by the fourth encryption subfile arrays to obtain a replaced and encrypted second encryption subfile array.
The above 8 fourth encryption subfile arrays of 1×16 form an 8×16 matrix, and the rows and columns of the 8×16 matrix are further permuted, and the resulting array may be expressed as:
[81,89,105,95,88,76,106,67]
[108,102,9,79,3,59,89,118]
[53,30,7,7,5,8,107,105]
[57,94,102,113,48,97,44,86]
[94,58,89,84,59,14,60,4]
[112,106,3,79,22,67,24,31]
[64,1,15,80,107,118,63,95]
[63,7,5,12,9,81,55,92]
[78,96,94,84,88,100,58,0]
[12,60,10,84,51,15,0,27]
[71,6,30,109,23,110,13,82]
[13,12,64,66,92,123,37,84]
[1,82,58,122,84,85,105,48]
[26,7,86,3,87,119,110,92]
[63,18,91,47,90,10,71,1]
[116,89,2,69,90,6,102,98]
further, the last element of the previous array in each array obtained after the above-mentioned line and column replacement is spliced with the first element of the next array, so as to obtain a second encrypted subfile array after the replacement encryption, which can be expressed as:
[81,89,105,95,88,76,106,67,108,102,9,79,3,59,89,118,53,30,7,7,5,8,107,105,57,94,102,113,48,97,44,86,94,58,89,84,59,14,60,4,112,106,3,79,22,67,24,31,64,1,15,80,107,118,63,95,63,7,5,12,9,81,55,92,78,96,94,84,88,100,58,0,12,60,10,84,51,15,0,27,71,6,30,109,23,110,13,82,13,12,64,66,92,123,37,84,1,82,58,122,84,85,105,48,26,7,86,3,87,119,110,92,63,18,91,47,90,10,71,1,116,89,2,69,90,6,102,98]
according to the software authorization encryption method provided by the embodiment of the invention, the authorization check code is generated based on the related information of the bound target server, so that the binding of the encryption key and the authorization server is realized, the encryption of a plurality of sub-file arrays to be encrypted after the pretreatment of the files to be encrypted is realized one by one, the service codes of the files to be encrypted are not modified in the encryption process, the encrypted file service codes cannot be tampered, the encryption safety is improved, and the software codes are prevented from being tampered.
Fig. 2 is a schematic flow chart of a software authorization decryption method according to an embodiment of the present invention.
The software authorization decryption method provided by the embodiment of the invention can be applied to decryption tools in a JDK environment based on a Java software system. The decryption can be performed through the C++ decryption execution tool, and the encrypted class file is difficult to crack due to the characteristic that the C++ shell program is not easy to decompile, so that the security of software authorization encryption is improved. Based on the characteristic that the C++ shell program is not easy to decompile, a decryption processor can be added in a class loader of the JDK, and then when software authorizes decryption, a decryption execution tool is triggered by the decryption processor to decrypt the sub-file array to be decrypted.
The software authorization decryption method provided by the embodiment of the invention can comprise the following steps:
s201, acquiring an authorization verification code and each sub-file array to be decrypted.
The decryption executing tool may receive the authorization verification code and each sub-file array to be decrypted sent by the decryption processor, where the authorization verification code is generated by the encryption tool in the process of software authorization encryption, the sub-file array to be decrypted is obtained after preprocessing a file to be decrypted, and the preprocessing of the file to be decrypted may be executed by the decryption processor, where the processing process corresponds to the process of converting the file to be encrypted into the first file array and preprocessing the first file array in the process of software authorization encryption.
Specifically, the file to be decrypted is converted into a second file array, the first 8 bit identification codes of the second file array are processed one by one to obtain the identification codes to be processed, elements after the 8 th bit of the second file array are divided into a group every 128 bits to be determined as a sub-file array to be decrypted, and sub-file arrays with less than 128 bits are determined as sub-file arrays without decryption.
S202, relevant information of the target server is acquired, and a decryption key is generated based on the relevant information.
The related information is information for identifying a target server, and the target server is a binding server;
the implementation of this process may refer to the specific implementation process of step S101, and the embodiments of the present invention are not described herein again.
S203, judging whether the authorization verification code and the decryption key are matched.
The authorization verification code and the decryption key are 64-bit character strings, wherein the last 32 bits are character strings which are generated through md5 (main board number+IP address+MAC address+key) and are bound with the main board number, IP address, MAC address and random key of the target server. Therefore, whether the authorization verification code and the decryption key are identical in 32 bits or not can be judged, if so, the authorization verification code and the decryption key are matched, subsequent decryption processing can be performed, if not, the decryption program cannot be executed, and the decryption process is ended.
S204, under the condition that the authorization verification code and the decryption key are matched, the decryption key is converted into a decryption key array with a preset length.
And under the condition that the authorization verification code and the decryption key are matched, the subsequent decryption processing can be performed, and then the decryption key is converted into a decryption key array with a preset length. Specifically, the implementation process of converting the decryption key into the decryption key array with the preset length may refer to the specific implementation process of step S103, which is not described herein.
S205, based on the decryption key array, a permutation decryption array is generated.
The implementation of this process may refer to the specific implementation process of generating the permutation encryption array based on the encryption key array in the step S105, which is not described herein. Illustratively, generating the permute decryption array is: [16,3,6,8,1,4,5,7,2,9,10,11,12,13,14,15].
S206, for each sub-file array to be decrypted, performing replacement decryption on the sub-file array to be decrypted by using the replacement decryption array to obtain a replaced and decrypted sub-file array.
Illustratively, the array of subfiles to be decrypted (i.e., the encrypted second encrypted subfile array described above) may be expressed as:
[81,89,105,95,88,76,106,67,108,102,9,79,3,59,89,118,53,30,7,7,5,8,107,105,57,94,102,113,48,97,44,86,94,58,89,84,59,14,60,4,112,106,3,79,22,67,24,31,64,1,15,80,107,118,63,95,63,7,5,12,9,81,55,92,78,96,94,84,88,100,58,0,12,60,10,84,51,15,0,27,71,6,30,109,23,110,13,82,13,12,64,66,92,123,37,84,1,82,58,122,84,85,105,48,26,7,86,3,87,119,110,92,63,18,91,47,90,10,71,1,116,89,2,69,90,6,102,98]
As an optional implementation manner of the embodiment of the present invention, step S206 uses a permuted decryption array to perform permuted decryption on each sub-file array to be decrypted, so as to obtain a realization process of the permuted decrypted sub-file array, which may include:
and a step a of grouping the sub-file arrays to be decrypted based on the determined target number of corresponding elements of each decryption key sub-array when the decryption key arrays are divided into a plurality of decryption key sub-arrays, so as to obtain a target number of first sub-file arrays to be decrypted.
For example, when the number of the target elements corresponding to each decryption key sub-array is 16 when the decryption key array is divided into a plurality of decryption key sub-arrays, the sub-file array to be decrypted is divided into 16 first sub-file arrays to be decrypted, as follows:
[81,89,105,95,88,76,106,67]
[108,102,9,79,3,59,89,118]
[53,30,7,7,5,8,107,105]
[57,94,102,113,48,97,44,86]
[94,58,89,84,59,14,60,4]
[112,106,3,79,22,67,24,31]
[64,1,15,80,107,118,63,95]
[63,7,5,12,9,81,55,92]
[78,96,94,84,88,100,58,0]
[12,60,10,84,51,15,0,27]
[71,6,30,109,23,110,13,82]
[13,12,64,66,92,123,37,84]
[1,82,58,122,84,85,105,48]
[26,7,86,3,87,119,110,92]
[63,18,91,47,90,10,71,1]
[116,89,2,69,90,6,102,98]
and b, replacing rows and columns of the matrix formed by the first subfile arrays to be decrypted to obtain a plurality of second subfile arrays to be decrypted.
The 16 first subfile arrays to be decrypted of 1×8 are formed into a matrix of 16×8, and rows and columns of the matrix of 16×8 are further replaced, so that 8 second subfile arrays to be decrypted of 1×16 are obtained, which can be expressed as:
[81,108,53,57,94,112,64,63,78,12,71,13,1,26,63,116]
[89,102,30,94,58,106,1,7,96,60,6,12,82,7,18,89]
[105,9,7,102,89,3,15,5,94,10,30,64,58,86,91,2]
[95,79,7,113,84,79,80,12,84,84,109,66,122,3,47,69]
[88,3,5,48,59,22,107,9,88,51,23,92,84,87,90,90]
[76,59,8,97,14,67,118,81,100,15,110,123,85,119,10,6]
[106,89,107,44,60,24,63,55,58,0,13,37,105,110,71,102]
[67,118,105,86,4,31,95,92,0,27,82,84,48,92,1,98,]
And c, based on the values of the elements in the replacement decryption array, carrying out position replacement reordering on the elements in each second subfile array to be decrypted, and obtaining a plurality of third subfile arrays to be decrypted.
The permute decryption array is expressed as: [16,3,6,8,1,4,5,7,2,9,10,11,12,13,14,15], the reordered third sub-file array to be decrypted may be expressed as:
[116,53,112,63,81,57,94,64,108,78,12,71,13,1,26,63]
[89,30,106,7,89,94,58,1,102,96,60,6,12,82,7,18]
[2,7,3,5,105,102,89,15,9,94,10,30,64,58,86,91]
[69,7,79,12,95,113,84,80,79,84,84,109,66,122,3,47]
[90,5,22,9,88,48,59,107,3,88,51,23,92,84,87,90]
[6,8,67,81,76,97,14,118,59,100,15,110,123,85,119,10]
[102,107,24,55,106,44,60,63,89,58,0,13,37,105,110,71]
[98,105,31,92,67,86,4,95,118,0,27,82,84,48,92,1]
and d, performing splicing treatment on the plurality of third sub-file arrays to be decrypted to obtain the decrypted sub-file arrays after replacement decryption.
Permuting the decrypted array of decrypted subfiles may be expressed as:
[116,53,112,63,81,57,94,64,108,78,12,71,13,1,26,63,89,30,106,7,89,94,58,1,102,96,60,6,12,82,7,18,2,7,3,5,105,102,89,15,9,94,10,30,64,58,86,91,69,7,79,12,95,113,84,80,79,84,84,109,66,122,3,47,90,5,22,9,88,48,59,107,3,88,51,23,92,84,87,90,6,8,67,81,76,97,14,118,59,100,15,110,123,85,119,10,102,107,24,55,106,44,60,63,89,58,0,13,37,105,110,71,98,105,31,92,67,86,4,95,118,0,27,82,84,48,92,1]
referring to fig. 2, S207 performs an exclusive-or operation on the elements in the decryption subfile array and the elements in the decryption key array for each decryption subfile array, to obtain a target decryption subfile array after exclusive-or decryption.
The implementation of this process may refer to the above step S104, and the exclusive-or operation is performed on the elements in the to-be-encrypted sub-file array and the elements in the encryption key array for each to-be-encrypted sub-file array, so as to obtain a specific implementation process of the first encrypted sub-file array after the exclusive-or encryption, which is not described herein in detail in the embodiments of the present invention.
According to the software authorization decryption method provided by the embodiment of the invention, the decryption secret key is generated based on the related information of the bound target server, the binding of the decryption secret key and the authorization server is realized, the decryption secret key and the authorization verification code are further matched, the decryption is realized one by one on the multiple sub-file arrays to be decrypted after preprocessing the files to be decrypted under the condition that the matching is successful, the service codes of the files to be decrypted are not modified in the decryption process, so that the encrypted file service codes cannot be tampered, the encryption security is improved, the software code is prevented from being tampered, and the risks of tampering and leakage of the service codes of the files to be decrypted are avoided.
As shown in fig. 3, fig. 3 is a schematic flow chart of encryption and decryption authorized by software according to an embodiment of the present invention. In the JDK environment, an encryption tool is used for encrypting an original class file by adopting the software authorization encryption method to obtain an encrypted class file, the encrypted class file is sent to a class loader, a decryption processor in the class loader calls a C++ decryption execution file (namely the decryption execution tool) to decrypt the encrypted class file by adopting the software authorization decryption method, a decrypted result is returned to the decryption processor, and then the data loading area of the JDK finishes loading decrypted data.
Corresponding to the software authorization encryption method, the embodiment of the invention also provides a software authorization encryption device. Fig. 4 is a schematic structural diagram of a software authorization encryption device according to an embodiment of the present invention, where the device may include:
a first generating unit 301, configured to obtain related information of a target server, and generate an authorization verification code based on the related information, where the related information is information for identifying the target server, and the target server is a binding server;
the preprocessing unit 302 is configured to convert a file to be encrypted into a first file array, and preprocess the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted;
A first conversion unit 303, configured to convert the authorization verification code into an encryption key array with a preset length;
a first encryption unit 304, configured to perform an exclusive-or operation on the elements in the to-be-encrypted sub-file array and the elements in the encryption key array for each to-be-encrypted sub-file array, to obtain an exclusive-or encrypted first encrypted sub-file array;
a second generation unit 305 for generating a permutation encryption array based on the encryption key array;
a second encryption unit 306, configured to, for each first encrypted sub-file array, perform permutation encryption on the first encrypted sub-file array by using the permutation encryption array to obtain a permuted encrypted second encrypted sub-file array;
the third encryption unit 307 is configured to obtain an encrypted file based on the preprocessed identification code and each second encrypted sub-file array.
According to the software authorization encryption device provided by the embodiment of the invention, the authorization check code is generated based on the related information of the bound target server, so that the binding of the encryption key and the authorization server is realized, the encryption of a plurality of sub-file arrays to be encrypted after the pretreatment of the files to be encrypted is realized one by one, the service codes of the files to be encrypted are not modified in the encryption process, the encrypted file service codes cannot be tampered, the encryption security is improved, and the software codes are prevented from being tampered.
Optionally, the above related information includes: the main board number, the IP address and the MAC address of the target server; the first generating unit 301 is specifically configured to: generating an authorization verification code using the following expression:
key=randomuuid+md5 (motherboard number+ip address+mac address+key)
The key represents an authorization verification code, the random UUID is a 32-bit random string generation function, and md5 (main board number+IP address+MAC address+key) is used for generating a string with 32 bits bound with the main board number, IP address, MAC address and random key of the target server, and the key is a preset random key.
Optionally, the second generating unit 305 is specifically configured to:
determining the number of elements corresponding to each key subarray when the encryption key array is divided into a plurality of key subarrays based on the values of elements in the encryption key array; taking remainder of each element and number in the encryption key array, and performing deduplication on each remainder to obtain a new encryption key array; when the number of elements in the new encryption key array is less than the number, the elements of the new encryption key array are padded to a plurality of elements in a sequential increasing mode based on the last element in the new encryption key array, so that a replacement encryption array is obtained.
Optionally, the second encryption unit 306 is specifically configured to:
grouping the first encrypted sub-file arrays based on the number for each first encrypted sub-file array to obtain a plurality of third encrypted sub-file arrays; based on the values of the elements in the replacement encryption array, carrying out position replacement reordering on the elements in each third encryption subfile array to obtain a plurality of fourth encryption subfile arrays; and replacing and splicing the rows and columns of the matrix formed by the fourth encryption subfile arrays to obtain a replaced and encrypted second encryption subfile array.
Optionally, the preprocessing unit 302 is specifically configured to: subtracting one by one the first 8-bit identification code of the first file array to obtain a preprocessed identification code, dividing each 128-bit element after the 8 th bit of the first file array into a group to be determined as a subfile array to be encrypted, and determining subfile arrays less than 128-bit as subfile arrays without encryption;
the third encryption unit 307 is specifically configured to: and splicing the preprocessed identification codes, the second encryption subfile arrays and the encryption-unnecessary subfile arrays to obtain the encryption file.
Corresponding to the software authorization decryption method, the embodiment of the invention also provides a software authorization decryption device. Fig. 5 is a schematic structural diagram of a software authorization decryption device according to an embodiment of the present invention, where the device may include:
The obtaining unit 401 is configured to obtain the authorization verification code and each sub-file array to be decrypted, where the sub-file array to be decrypted is obtained by preprocessing a file to be decrypted;
a third generating unit 402, configured to obtain related information of a target server, and generate a decryption key based on the related information, where the related information is information for identifying the target server, and the target server is a binding server;
a judging unit 403, configured to judge whether the authorization verification key and the decryption key are matched;
a second conversion unit 404, configured to convert the decryption key into a decryption key array with a preset length when the judgment unit 403 judges that the authorization verification code and the decryption key are matched;
a fourth generating unit 405, configured to generate a permutation decryption array based on the decryption key array;
a first decryption unit 406, configured to perform permutation decryption on the sub-file arrays to be decrypted by using the permutation decryption array for each sub-file array to be decrypted, to obtain a permuted decrypted sub-file array;
the second decryption unit 407 is configured to perform an exclusive-or operation on the elements in the decryption subfile array and the elements in the decryption key array for each decryption subfile array, so as to obtain a target decryption subfile array after exclusive-or decryption.
According to the software authorization decryption device provided by the embodiment of the invention, the decryption secret key is generated based on the related information of the bound target server, the binding of the decryption secret key and the authorization server is realized, the decryption secret key and the authorization verification code are further matched, the decryption is realized one by one on the multiple sub-file arrays to be decrypted after preprocessing the files to be decrypted under the condition that the matching is successful, the service codes of the files to be decrypted are not modified in the decryption process, so that the encrypted file service codes cannot be tampered, the encryption security is improved, the software code is prevented from being tampered, and the risks of tampering and leakage of the service codes of the files to be decrypted are avoided.
Optionally, the fourth generating unit 405 is specifically configured to:
determining a target number of elements corresponding to each decryption key sub-array when the decryption key array is divided into a plurality of decryption key sub-arrays based on values of elements in the decryption key array; taking remainder of each element and target number in the decryption key array, and performing deduplication on each remainder to obtain a new decryption key array; and when the number of the elements in the new decryption key array is less than the target number, based on the last element in the new decryption key array, supplementing the elements of the new decryption key array to the target number in a sequential increasing mode to obtain the replacement decryption array.
Optionally, the first decryption unit 406 is specifically configured to:
aiming at each sub-file array to be decrypted, grouping the sub-file arrays to be decrypted based on the determined target number of elements corresponding to each decryption key sub-array when dividing the decryption key array into a plurality of decryption key sub-arrays to obtain a target number of first sub-file arrays to be decrypted; replacing rows and columns of the matrix formed by the first sub-file arrays to be decrypted to obtain a plurality of second sub-file arrays to be decrypted; based on the values of the elements in the replacement decryption array, carrying out position replacement reordering on the elements in each second subfile array to be decrypted to obtain a plurality of third subfile arrays to be decrypted; and performing splicing treatment on the plurality of third sub-file arrays to be decrypted to obtain the decrypted sub-file arrays after replacement decryption.
Corresponding to the software authorization encryption method and the software authorization decryption method, the embodiment of the invention also provides a software authorization encryption and decryption system. Fig. 6 is a schematic structural diagram of a software authorization encryption and decryption system according to an embodiment of the present invention, where the system 500 may include: an encryption module 501, a class loader 502 and a decryption module 503, the class loader 502 including a decryption processor 504;
The encryption module 501 is configured to obtain related information of a target server, and generate an authorization verification code based on the related information, where the related information is information for identifying the target server, and the target server is a binding server; converting the file to be encrypted into a first file array, and preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted; converting the authorization verification code into an encryption key array with a preset length; for each subfile array to be encrypted, performing exclusive-or operation on elements in the subfile array to be encrypted and elements in the encryption key array to obtain a first encrypted subfile array after exclusive-or encryption; generating a permutation encryption array based on the encryption key array; performing substitution encryption on the first encryption subfile array by using a substitution encryption array aiming at each first encryption subfile array to obtain a second encryption subfile array subjected to substitution encryption; based on the preprocessed identification code and each second encrypted sub-file array, obtaining an encrypted file, and sending the encrypted file and the authorization verification code to the decryption processor 504;
a decryption processor 504, configured to receive the encrypted file and the authorization verification code sent by the encryption module 501, determine whether the encrypted file needs to be decrypted, and determine the encrypted file as a file to be decrypted when the encrypted file needs to be decrypted; and sending each sub-file array to be decrypted and the authorization verification code in the second file array corresponding to the file to be decrypted to the decryption module 503, wherein the sub-file array to be decrypted is obtained by preprocessing the file to be decrypted;
A decryption module 503, configured to receive the authorization verification code and each sub-file array to be decrypted sent by the decryption processor 504; acquiring relevant information of a target server, generating a decryption key based on the relevant information, and judging whether the authorization verification code and the decryption key are matched; under the condition that the authorization verification key and the decryption key are matched, converting the decryption key into a decryption key array with a preset length; generating a permutation decryption array based on the decryption key array; for each sub-file array to be decrypted, performing replacement decryption on the sub-file array to be decrypted by using the replacement decryption array to obtain a replaced and decrypted decryption sub-file array; for each decryption subfile array, performing exclusive OR operation on the elements in the decryption subfile array and the elements in the decryption key array to obtain an exclusive OR decrypted target decryption subfile array, and sending each target decryption subfile array to the decryption processor 504;
the decryption processor 504 is configured to receive each target decryption sub-file array sent by the decryption module 503, and obtain a decrypted file based on each target decryption sub-file array.
According to the software authorization encryption and decryption system provided by the embodiment of the invention, the authorization check code is generated based on the related information of the bound target server, so that the binding of the encryption key and the authorization server is realized, the encryption of a plurality of sub-file arrays to be encrypted after the pretreatment of the files to be encrypted is realized one by one, the service codes of the files to be encrypted are not modified in the encryption process, the encrypted file service codes cannot be tampered, the encryption security is improved, and the software codes are prevented from being tampered. Because of the characteristic that the C++ shell program is not easy to decompile, the encrypted class file is difficult to crack, and the security of software authorization encryption is improved. Based on the characteristic that the C++ shell program is not easy to decompile, a decryption processor is added in a class loader of the JDK, and further when software authorizes decryption, a decryption execution tool is triggered by the decryption processor to decrypt the sub-file array to be decrypted, the decryption process corresponds to the encryption process, modification of the file service code to be decrypted is not involved in the decryption process, and the risks of tampering and leakage of the file service code to be decrypted are avoided.
Optionally, the decryption processor 504 is specifically configured to:
converting the encrypted file into a target file array, judging whether the first 8 bit identification codes of the target file array are consistent with the target identification codes, determining that the encrypted file needs to be decrypted under the condition of inconsistent, and determining the encrypted file as the file to be decrypted;
converting the file to be decrypted into a second file array, adding one to the first 8 bit identification codes of the second file array one by one to obtain the identification codes to be processed, dividing the elements after the 8 th bit of the second file array into a group of sub-file arrays to be decrypted every 128 bits, determining sub-file arrays with less than 128 bits as sub-file arrays without decryption, and transmitting the sub-file arrays to be decrypted to a decryption module;
and splicing the identification code to be processed, the received target decryption sub-file arrays and the decryption sub-file arrays not required to be decrypted to obtain the decryption file.
The embodiment of the present invention further provides an electronic device, as shown in fig. 7, including a processor 601, a communication interface 602, a memory 603, and a communication bus 604, where the processor 601, the communication interface 602, and the memory 603 perform communication with each other through the communication bus 604,
A memory 603 for storing a computer program;
the processor 601 is configured to implement the steps of a software authorization encryption method shown in fig. 1 and achieve the same technical effects when executing the program stored in the memory 603.
The embodiment of the present invention also provides another electronic device, as shown in fig. 8, including a processor 701, a communication interface 702, a memory 703 and a communication bus 704, where the processor 701, the communication interface 702, the memory 703 complete communication with each other through the communication bus 704,
a memory 703 for storing a computer program;
the processor 701 is configured to implement the steps of a software authorization decryption method shown in fig. 2 and achieve the same technical effects when executing the program stored in the memory 703.
The communication bus mentioned by the above server device may be a PCI (Peripheral Component Interconnect, peripheral component interconnect standard) bus or an EISA (Extended Industry Standard Architecture ) bus, or the like. The communication bus may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.
The communication interface is used for communication between the electronic device and other devices.
The Memory may include RAM (Random Access Memory ) or NVM (Non-Volatile Memory), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a CPU (Central Processing Unit ), NP (Network Processor, network processor), etc.; but also DSP (Digital Signal Processing, digital signal processor), ASIC (Application Specific Integrated Circuit ), FPGA (Field-Programmable Gate Array, field programmable gate array) or other programmable logic device, discrete gate or transistor logic device, discrete hardware components.
In still another embodiment of the present invention, a computer readable storage medium is provided, where a computer program is stored, where the computer program when executed by a processor implements the steps of any one of the software authorized encryption or decryption methods described above, and achieves the same technical effects.
In yet another embodiment of the present invention, a computer program product containing instructions that, when run on a computer, cause the computer to perform the steps of any of the software-authorized encryption or decryption methods of the above embodiments is also provided, and achieve the same technical effects.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present invention, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, DSL (Digital Subscriber Line, digital subscriber line)) or wireless (e.g., infrared, wireless, microwave, etc.) means. The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy Disk, a hard Disk, a magnetic tape), an optical medium (e.g., a DVD (Digital Versatile Disc, digital versatile Disk)), or a semiconductor medium (e.g., an SSD (Solid State Disk)), or the like.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for the apparatus/system/electronic device embodiments, the description is relatively simple as it is substantially similar to the method embodiments, as relevant points are found in the partial description of the method embodiments.
The foregoing description is only of the preferred embodiments of the present invention and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention are included in the protection scope of the present invention.

Claims (9)

1. A method for software-authorized encryption, the method comprising:
acquiring related information of a target server, and generating an authorization verification code based on the related information, wherein the related information is information for identifying the target server, and the target server is a binding server;
converting a file to be encrypted into a first file array, and preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted;
converting the authorization verification code into an encryption key array with a preset length;
performing exclusive-or operation on the elements in the subfile array to be encrypted and the elements in the encryption key array aiming at each subfile array to be encrypted to obtain a first encrypted subfile array after exclusive-or encryption;
generating a permutation encryption array based on the encryption key array;
performing substitution encryption on the first encryption subfile array by using the substitution encryption array aiming at each first encryption subfile array to obtain a second encryption subfile array subjected to substitution encryption;
Obtaining an encrypted file based on the preprocessed identification code and each second encrypted subfile array;
the step of generating a permuted encryption array based on the encryption key array includes: determining the number of elements corresponding to each key subarray when the encryption key array is divided into a plurality of key subarrays based on the values of elements in the encryption key array; taking the remainder of each element and the number in the encryption key array, and de-duplicating each remainder to obtain a new encryption key array; when the number of elements in the new encryption key array is smaller than the number, based on the last element in the new encryption key array, the elements of the new encryption key array are complemented to the number in a sequential increasing mode, so that a replacement encryption array is obtained;
wherein the number of elements corresponding to each key subarray when the encryption key array is divided into a plurality of key subarrays is determined using the following expression:
the groupNum is the number of the corresponding elements of each key sub-array when the encryption key array is divided into a plurality of key sub-arrays, the key [ ] represents the encryption key array, the key [ n ] represents the nth element of the encryption key array, and the groupNum takes the nearest value in [32, 16,8,4 ];
The step of preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted comprises the following steps: subtracting the first 8-bit identification codes of the first file array one by one to obtain preprocessed identification codes, dividing elements after the 8 th bit of the first file array into a group every 128 bits to be determined as a subfile array to be encrypted, and determining subfile arrays less than 128 bits as subfile arrays without encryption.
2. The method of claim 1, wherein the related information comprises: the main board number, the IP address and the MAC address of the target server;
the step of obtaining the related information of the target server and generating the authorization verification code based on the related information comprises the following steps:
generating an authorization verification code using the following expression:
key=randomuuid+md5 (motherboard number+ip address+mac address+key)
The key represents an authorization verification code, the random UUID is a 32-bit random string generation function, and md5 (main board number+IP address+MAC address+key) is used for generating a string with 32 bits bound with the main board number, IP address, MAC address and random key of the target server, and the key is a preset random key.
3. The method of claim 1, wherein the step of performing, for each first encrypted subfile array, permutation encryption on the first encrypted subfile array using the permutation encryption array to obtain a permuted encrypted second encrypted subfile array comprises:
grouping the first encrypted sub-file arrays based on the number for each first encrypted sub-file array to obtain a plurality of third encrypted sub-file arrays;
based on the values of the elements in the replacement encryption array, carrying out position replacement reordering on the elements in each third encryption subfile array to obtain a plurality of fourth encryption subfile arrays;
and replacing and splicing the rows and columns of the matrix formed by the fourth encryption subfile arrays to obtain a replaced and encrypted second encryption subfile array.
4. The method of claim 1, wherein the step of obtaining an encrypted file based on the preprocessed identification code and the second encrypted sub-file arrays comprises:
and splicing the preprocessed identification codes, the second encryption sub-file arrays and the encryption-unnecessary sub-file arrays to obtain an encryption file.
5. A software-authorized decryption method for decrypting an encrypted file obtained by the software-authorized encryption method according to claim 1, the method comprising:
acquiring an authorization verification code and each sub-file array to be decrypted, wherein the sub-file array to be decrypted is obtained by preprocessing a file to be decrypted;
acquiring related information of a target server, and generating a decryption key based on the related information, wherein the related information is information for identifying the target server, and the target server is a binding server;
judging whether the authorization verification code is matched with the decryption key or not;
under the condition that the authorization verification code is matched with the decryption key, converting the decryption key into a decryption key array with a preset length;
generating a permutation decryption array based on the decryption key array;
performing replacement decryption on the sub-file arrays to be decrypted by using the replacement decryption array aiming at each sub-file array to be decrypted to obtain a replaced and decrypted sub-file array;
and performing exclusive-or operation on the elements in the decryption subfile array and the elements in the decryption key array aiming at each decryption subfile array to obtain an exclusive-or decrypted target decryption subfile array.
6. A software-authorized encryption device, the device comprising:
the first generation unit is used for acquiring related information of a target server and generating an authorization verification code based on the related information, wherein the related information is information for identifying the target server, and the target server is a binding server;
the preprocessing unit is used for converting the file to be encrypted into a first file array, and preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted;
the first conversion unit is used for converting the authorization verification code into an encryption key array with a preset length;
the first encryption unit is used for carrying out exclusive-or operation on the elements in the subfile array to be encrypted and the elements in the encryption key array aiming at each subfile array to be encrypted to obtain a first encrypted subfile array after exclusive-or encryption;
a second generation unit configured to generate a permutation encryption array based on the encryption key array;
the second encryption unit is used for carrying out replacement encryption on the first encryption sub-file arrays by utilizing the replacement encryption arrays aiming at each first encryption sub-file array to obtain replaced and encrypted second encryption sub-file arrays;
The third encryption unit is used for obtaining an encrypted file based on the preprocessed identification codes and the second encryption sub-file arrays;
the second generating unit is specifically configured to determine, based on values of elements in the encryption key array, a number of elements corresponding to each key subarray when the encryption key array is divided into a plurality of key subarrays; taking the remainder of each element and the number in the encryption key array, and de-duplicating each remainder to obtain a new encryption key array; when the number of elements in the new encryption key array is smaller than the number, based on the last element in the new encryption key array, the elements of the new encryption key array are complemented to the number in a sequential increasing mode, so that a replacement encryption array is obtained; wherein the number of elements corresponding to each key subarray when the encryption key array is divided into a plurality of key subarrays is determined using the following expression:
the groupNum is the number of the corresponding elements of each key sub-array when the encryption key array is divided into a plurality of key sub-arrays, the key [ ] represents the encryption key array, the key [ n ] represents the nth element of the encryption key array, and the groupNum takes the nearest value in [32, 16,8,4 ];
The preprocessing unit is specifically configured to subtract one first 8 bits of the identification code of the first file array one by one to obtain a preprocessed identification code, divide each 128 bits of elements after the 8 th bit of the first file array into a group to be determined as an array of subfiles to be encrypted, and determine an array of subfiles less than 128 bits as an array of subfiles without encryption.
7. A software-authorized decryption device for decrypting an encrypted file obtained by the software-authorized encryption device according to claim 6, the device comprising:
the acquisition unit is used for acquiring the authorization verification code and each sub-file array to be decrypted, wherein the sub-file array to be decrypted is obtained by preprocessing the file to be decrypted;
a third generating unit, configured to obtain related information of a target server, and generate a decryption key based on the related information, where the related information is information for identifying the target server, and the target server is a binding server;
the judging unit is used for judging whether the authorization verification code is matched with the decryption key or not;
the second conversion unit is used for converting the decryption key into a decryption key array with a preset length under the condition that the judgment unit judges that the authorization verification code is matched with the decryption key;
A fourth generation unit, configured to generate a permutation decryption array based on the decryption key array;
the first decryption unit is used for carrying out replacement decryption on the sub-file arrays to be decrypted by utilizing the replacement decryption array aiming at each sub-file array to be decrypted to obtain a replaced and decrypted sub-file array;
and the second decryption unit is used for carrying out exclusive-or operation on the elements in the decryption subfile array and the elements in the decryption key array aiming at each decryption subfile array to obtain an exclusive-or decrypted target decryption subfile array.
8. A software-authorized encryption and decryption system, the system comprising: the system comprises an encryption module, a class loader and a decryption module, wherein the class loader comprises a decryption processor;
the encryption module is used for acquiring related information of a target server and generating an authorization verification code based on the related information, wherein the related information is information for identifying the target server, and the target server is a binding server; converting a file to be encrypted into a first file array, and preprocessing the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted; converting the authorization verification code into an encryption key array with a preset length; performing exclusive-or operation on the elements in the subfile array to be encrypted and the elements in the encryption key array aiming at each subfile array to be encrypted to obtain a first encrypted subfile array after exclusive-or encryption; generating a permutation encryption array based on the encryption key array; performing substitution encryption on the first encryption subfile array by using the substitution encryption array aiming at each first encryption subfile array to obtain a second encryption subfile array subjected to substitution encryption; obtaining an encrypted file based on the preprocessed identification code and each second encrypted subfile array, and sending the encrypted file and the authorization verification code to the decryption processor;
The generating a permuted encryption array based on the encryption key array includes: determining the number of elements corresponding to each key subarray when the encryption key array is divided into a plurality of key subarrays based on the values of elements in the encryption key array; taking the remainder of each element and the number in the encryption key array, and de-duplicating each remainder to obtain a new encryption key array; when the number of elements in the new encryption key array is smaller than the number, based on the last element in the new encryption key array, the elements of the new encryption key array are complemented to the number in a sequential increasing mode, so that a replacement encryption array is obtained; wherein the number of elements corresponding to each key subarray when the encryption key array is divided into a plurality of key subarrays is determined using the following expression:
the groupNum is the number of the corresponding elements of each key sub-array when the encryption key array is divided into a plurality of key sub-arrays, the key [ ] represents the encryption key array, the key [ n ] represents the nth element of the encryption key array, and the groupNum takes the nearest value in [32, 16,8,4 ];
the preprocessing of the first file array to obtain a preprocessed identification code and a plurality of sub-file arrays to be encrypted includes: subtracting one by one the first 8-bit identification code of the first file array to obtain a preprocessed identification code, dividing each 128-bit element after the 8 th bit of the first file array into a group to be determined as a subfile array to be encrypted, and determining subfile arrays less than 128 bits as subfile arrays without encryption;
The decryption processor is configured to receive the encrypted file and the authorization verification code sent by the encryption module, determine whether the encrypted file needs to be decrypted, and determine the encrypted file as a file to be decrypted when the encrypted file needs to be decrypted; transmitting each sub-file array to be decrypted and the authorization verification code in a second file array corresponding to the file to be decrypted to the decryption module, wherein the sub-file array to be decrypted is obtained by preprocessing the file to be decrypted;
the decryption module is used for receiving the authorization verification code and each subfile array to be decrypted, which are sent by the decryption processor; acquiring relevant information of a target server, generating a decryption key based on the relevant information, and judging whether the authorization verification code is matched with the decryption key or not; under the condition that the authorization verification code is matched with the decryption key, converting the decryption key into a decryption key array with a preset length; generating a permutation decryption array based on the decryption key array; performing replacement decryption on the sub-file arrays to be decrypted by using the replacement decryption array aiming at each sub-file array to be decrypted to obtain a replaced and decrypted sub-file array; performing exclusive-or operation on the elements in the decryption subfile array and the elements in the decryption key array aiming at each decryption subfile array to obtain an exclusive-or decrypted target decryption subfile array, and sending each target decryption subfile array to the decryption processor;
The decryption processor is configured to receive each target decryption sub-file array sent by the decryption module, and obtain a decryption file based on each target decryption sub-file array.
9. The system according to claim 8, wherein the decryption processor is specifically configured to:
converting the encrypted file into a target file array, judging whether the first 8 bit identification codes of the target file array are consistent with the target identification codes, determining that the encrypted file needs to be decrypted under the condition of inconsistent, and determining the encrypted file as a file to be decrypted;
converting the file to be decrypted into a second file array, adding one first 8 bit identification code of the second file array one by one to obtain a to-be-processed identification code, dividing every 128 bits of elements after the 8 th bit of the second file array into a group to be determined as a sub-file array to be decrypted, determining sub-file arrays less than 128 bits as sub-file arrays not to be decrypted, and transmitting the sub-file array to be decrypted to the decryption module;
and splicing the identification code to be processed, the received target decryption sub-file arrays and the decryption-unnecessary sub-file arrays to obtain a decryption file.
CN202110776416.2A 2021-07-09 2021-07-09 Software authorization encryption method, software authorization decryption method, device and system Active CN113378206B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110776416.2A CN113378206B (en) 2021-07-09 2021-07-09 Software authorization encryption method, software authorization decryption method, device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110776416.2A CN113378206B (en) 2021-07-09 2021-07-09 Software authorization encryption method, software authorization decryption method, device and system

Publications (2)

Publication Number Publication Date
CN113378206A CN113378206A (en) 2021-09-10
CN113378206B true CN113378206B (en) 2023-11-28

Family

ID=77581463

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110776416.2A Active CN113378206B (en) 2021-07-09 2021-07-09 Software authorization encryption method, software authorization decryption method, device and system

Country Status (1)

Country Link
CN (1) CN113378206B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115208626B (en) * 2022-06-02 2023-12-01 北京交大微联科技有限公司 Communication method and device based on secure communication ciphertext transmission in railway signal system
CN117077184B (en) * 2023-10-17 2024-01-30 西安热工研究院有限公司 Method, system, equipment and medium for authorizing and keeping secret of upper computer software of DCS (distributed control system)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009103364A1 (en) * 2008-02-22 2009-08-27 Fachhochschule Schmalkalden Method for the access-related or communication-related random encryption and decryption of data
WO2015179640A1 (en) * 2014-05-22 2015-11-26 Alibaba Group Holding Limited Method, apparatus, and system for providing a security check
CN110768786A (en) * 2019-10-29 2020-02-07 上海交通大学 Information segmentation encryption and decryption combination system and method based on AES algorithm
CN110866226A (en) * 2019-11-15 2020-03-06 中博信息技术研究院有限公司 JAVA application software copyright protection method based on encryption technology
WO2020244070A1 (en) * 2019-06-06 2020-12-10 平安科技(深圳)有限公司 Digital information encryption method and apparatus, computer device, and storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8037295B2 (en) * 2008-04-15 2011-10-11 Authenex, Inc. Hardware-bonded credential manager method and system
US10193872B2 (en) * 2015-08-12 2019-01-29 Cyphyx, Llc System and methods for dynamically and randomly encrypting and decrypting data

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009103364A1 (en) * 2008-02-22 2009-08-27 Fachhochschule Schmalkalden Method for the access-related or communication-related random encryption and decryption of data
WO2015179640A1 (en) * 2014-05-22 2015-11-26 Alibaba Group Holding Limited Method, apparatus, and system for providing a security check
WO2020244070A1 (en) * 2019-06-06 2020-12-10 平安科技(深圳)有限公司 Digital information encryption method and apparatus, computer device, and storage medium
CN110768786A (en) * 2019-10-29 2020-02-07 上海交通大学 Information segmentation encryption and decryption combination system and method based on AES algorithm
CN110866226A (en) * 2019-11-15 2020-03-06 中博信息技术研究院有限公司 JAVA application software copyright protection method based on encryption technology

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Software Encryption and Software Authorization Management Based on Sentinel;Jinzhu Wang;《 IOP Conference Series: Earth and Environmental Science》;全文 *
一种基于硬件特征和动态许可证的服务器端软件授权认证模型;高博;《计算机工程与科学》;第35卷(第2期);第56-61段 *

Also Published As

Publication number Publication date
CN113378206A (en) 2021-09-10

Similar Documents

Publication Publication Date Title
TWI557589B (en) Secure software product identifier for product validation and activation
US8694467B2 (en) Random number based data integrity verification method and system for distributed cloud storage
US10284372B2 (en) Method and system for secure management of computer applications
US7770021B2 (en) Authenticating software using protected master key
CN113378206B (en) Software authorization encryption method, software authorization decryption method, device and system
CN111475824B (en) Data access method, device, equipment and storage medium
US8959659B2 (en) Software authorization system and method
CN110278115B (en) Hot update method and device
CN106919810B (en) Registration code generation method and device and software registration method and device
CN112469036B (en) Message encryption and decryption method and device, mobile terminal and storage medium
CN112883361B (en) Function jump method and device of application program, computer equipment and storage medium
CN110084599B (en) Key processing method, device, equipment and storage medium
CN108075888B (en) Dynamic URL generation method and device, storage medium and electronic equipment
US11695740B2 (en) Anonymization method and apparatus, device, and storage medium
KR102244290B1 (en) Encryption communication apparatus that supports secure communication between a data transmitting apparatus and a data receiving apparatus, and the operating method thereof
US7599492B1 (en) Fast cryptographic key recovery system and method
US20200044838A1 (en) Data encryption method and system using device authentication key
CN115242485A (en) Data encryption or decryption method, system, electronic equipment and storage medium
CN111865869A (en) Registration and authentication method and device based on random mapping, medium and electronic equipment
CN111984989B (en) Method, device, system and medium for self-checking publishing and accessing URL
US10892890B2 (en) Hash offset based key version embedding
CN107330340B (en) File encryption method, file encryption equipment, file decryption method, file decryption equipment and storage medium
CN109145645B (en) Method for protecting short message verification code in android mobile phone
CN111859408A (en) File encryption and decryption method and device, electronic equipment and readable storage medium
US11568070B2 (en) Secure access control processes

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant