CN113868604B - Software authorization method, system, device and computer readable storage medium - Google Patents
Software authorization method, system, device and computer readable storage mediumInfo
- Publication number
- CN113868604B CN113868604B CN202111022779.3A CN202111022779A CN113868604B CN 113868604 B CN113868604 B CN 113868604B CN 202111022779 A CN202111022779 A CN 202111022779A CN 113868604 B CN113868604 B CN 113868604B
- Authority
- CN
- China
- Prior art keywords
- data
- authorization
- verification
- software
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
本发明公开了一种软件授权方法、系统、装置及计算机可读存储介质。该方法包括:获取与待授权软件对应的终端设备的机器码数据;根据机器码数据生成授权文件;将授权文件根据预设的发送方式发送至终端设备;在终端设备上,对授权文件进行验证处理,得到验证结果;根据验证结果,对待授权软件进行授权。通过该方法的实施例:能够通过预设的发送方式,将授权证书发送到终端设备,从而对终端设备上的待授权软件进行授权。
The present invention discloses a software authorization method, system, device, and computer-readable storage medium. The method includes: obtaining machine code data of a terminal device corresponding to the software to be authorized; generating an authorization file based on the machine code data; sending the authorization file to the terminal device using a preset sending method; verifying the authorization file on the terminal device to obtain a verification result; and authorizing the software to be authorized based on the verification result. Embodiments of this method enable the authorization certificate to be sent to the terminal device using a preset sending method, thereby authorizing the software to be authorized on the terminal device.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a software authorization method, system, device, and computer readable storage medium.
Background
Software developers need to release or install software into the environment of users for use after completing the software development, and software development companies need to make restrictions on their use, such as including use time, use authority, etc., for software delivered to users, so as to avoid misuse of the software.
At present, some companies pay more and more attention to the problem of network security, the network does not support external connection, and software is generally used in an intranet, so that the software cannot be authorized in an internet mode.
In the related art, the networking online authorization mode is that a user installs a system and then carries out registration authorization through a network, the registration mode needs to carry out authorization only by networking terminal equipment, and when the terminal equipment is not connected with an external network, the authorization cannot be carried out.
In the related art, the USB dongle authorization mode refers to the lib library of the manufacturer of the authorization algorithm, inquires the USB equipment of the manufacturer, the authorized lib library can communicate with the USB, and a chip built in the USB informs whether the authorization is successful or not, but the hardware cost of the USB dongle is higher, and the built-in authorization algorithm also charges, so that the cost in the authorization process is too high.
Disclosure of Invention
The present invention aims to solve at least one of the technical problems existing in the prior art. Therefore, the invention provides a software authorization method, a system, a device and a computer readable storage medium, which can send an authorization certificate to terminal equipment through a preset sending mode, thereby authorizing the software to be authorized on the terminal equipment.
According to an embodiment of the first aspect of the present application, a software authorization method includes:
Acquiring machine code data of terminal equipment corresponding to software to be authorized;
Generating an authorization file according to the machine code data;
Transmitting the authorization file to the terminal equipment according to a preset transmission mode;
on the terminal equipment, verifying the authorization file to obtain a verification result;
And authorizing the software to be authorized according to the verification result.
The software authorization method according to the embodiment of the invention has at least the following beneficial effects:
The method comprises the steps of obtaining machine code data of terminal equipment corresponding to software to be authorized, generating an authorization file according to the machine code data, sending the authorization file to the terminal equipment according to a preset sending mode, verifying the authorization file on the terminal equipment to obtain a verification result, authorizing the software to be authorized according to the verification result, and sending an authorization certificate to the terminal equipment through the preset sending mode so as to authorize the software to be authorized on the terminal equipment.
According to some embodiments of the application, there is provided:
acquiring parameter data of software to be authorized;
Preprocessing parameter data and machine code data to obtain authorization certificate data;
And encrypting the authorization certificate data according to a preset encryption function to obtain an authorization file.
According to some embodiments of the application, there is provided:
acquiring preset key data;
combining the key data and the authorization certificate data to obtain data to be encrypted;
and encrypting the data to be encrypted according to the encryption function to obtain the authorization file.
According to some embodiments of the application, there is provided:
Acquiring a preset decryption function;
Decrypting the authorization file according to the decryption function to obtain authorization certificate data;
acquiring verification data of software to be authorized;
and carrying out verification processing on the authorization certificate data according to the verification data to obtain a verification result.
According to some embodiments of the application, there is provided:
combining the key data and the authorization file to obtain data to be decrypted;
and carrying out decryption processing on the data to be decrypted according to the decryption function to obtain the authorization certificate data.
According to some embodiments of the application, there is provided:
The verification data at least comprises one of verification file path data, verification machine code data, verification name data and verification authorization validity period data;
the verification result at least comprises one of a first result, a second result, a third result and a fourth result;
Performing verification processing on the authorization certificate data according to the verification data to obtain a verification result, wherein the verification result comprises the following steps:
performing first verification processing on the authorization certificate data according to the verification file path data to obtain a first result;
If the first result is that the verification is successful, performing second verification processing on the authorization certificate data according to the verification machine code data to obtain a second result;
if the second result is that the verification is successful, performing third verification processing on the authorization certificate data according to the verification name data to obtain a third result;
and if the third result is that the verification is successful, performing fourth verification processing on the authorization credential data according to the verification authorization validity period data to obtain a fourth result.
According to some embodiments of the application, there is provided:
and if the fourth result is verified successfully, authorizing the software to be authorized.
A software authorization system according to an embodiment of the second aspect of the present application includes:
the acquisition module is used for acquiring the machine code data of the terminal equipment corresponding to the software to be authorized;
the generation module is used for generating an authorization file according to the machine code data;
The sending module is used for sending the authorization file to the terminal equipment according to a preset sending mode;
The verification module is used for verifying the authorization file on the terminal equipment to obtain a verification result;
and the authorization module is used for authorizing the software to be authorized according to the verification result.
A software authorization apparatus according to an embodiment of the third aspect of the present application includes:
A processor;
a memory for storing an executable program;
the software authorizing means is adapted to implement the software authorizing method as the first aspect of the invention when said executable program is executed by said processor.
The computer-readable storage medium according to the embodiment of the fourth aspect of the present application stores executable instructions executable by a computer to cause the computer to perform the software authorization method as the first aspect of the present application.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The invention is further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a schematic flow chart of a software authorization method according to the present invention;
FIG. 2 is a flowchart illustrating a software authorization method according to an embodiment of the present invention in step S200;
Fig. 3 is a schematic flowchart of step S230 in the software authorization method according to the present invention;
FIG. 4 is a flowchart illustrating a software authorization method according to an embodiment of the present invention in step S400;
FIG. 5 is a flowchart illustrating a software authorization method according to an embodiment of the present invention in step S420;
Fig. 6 is a schematic flowchart of step S440 in the software authorization method according to the present invention.
Detailed Description
Embodiments of the present invention are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the invention.
In the description of the present invention, it should be understood that references to orientation descriptions such as upper, lower, front, rear, left, right, etc. are based on the orientation or positional relationship shown in the drawings, are merely for convenience of description of the present invention and to simplify the description, and do not indicate or imply that the apparatus or elements referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus should not be construed as limiting the present invention.
In the description of the present invention, the meaning of a number is one or more, the meaning of a number is two or more, and greater than, less than, exceeding, etc. are understood to exclude the present number, and the meaning of a number is understood to include the present number. The description of the first and second is for the purpose of distinguishing between technical features only and should not be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated.
In the description of the present invention, unless explicitly defined otherwise, terms such as arrangement, installation, connection, etc. should be construed broadly and the specific meaning of the terms in the present invention can be reasonably determined by a person skilled in the art in combination with the specific contents of the technical scheme.
In the description of the present invention, the descriptions of the terms "one embodiment," "some embodiments," "illustrative embodiments," "examples," "specific examples," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
First, several nouns involved in the present application are parsed:
Machine code data, also called machine instruction code data, is a set of binary data used to control the operations and operand addresses that a computer should do.
Authorization document refers to a self-protection mode adopted by development companies for preventing piracy of some application software. Sometimes some software expires, and an authorization file must be used if it is still available.
And in the symmetric encryption algorithm, the data sender processes the plaintext data and the key data together through an encryption function of the encryption algorithm, so that the plaintext data and the key data become complex ciphertext data to be sent out. After receiving the ciphertext data, if the data receiver wants to read the original plaintext data, the data receiver needs to decrypt the ciphertext data by using the encryption key and the inverse algorithm of the same algorithm, so that the ciphertext data can be restored into readable plaintext data.
The key data is a character string composed of numbers, letters or special symbols, and is used for controlling the encryption and decryption processes of the data.
Fig. 1 is a schematic flow chart of an implementation of a software authorization method according to an embodiment of the present application, where the software authorization method may include, but is not limited to, steps S100 to S500.
S100, acquiring machine code data of terminal equipment corresponding to software to be authorized;
S200, generating an authorization file according to the machine code data;
S300, transmitting the authorization file to the terminal equipment according to a preset transmission mode;
s400, verifying the authorization file on the terminal equipment to obtain a verification result;
s500, authorizing the software to be authorized according to the verification result.
In step S100 of some embodiments, machine code data of a terminal device corresponding to software to be authorized is obtained, and if a software developer needs to perform authorization management on the software to be authorized of a user, the machine code data of the terminal device to be installed of the software to be authorized needs to be obtained at the user side first and used for sending to the software developer, so as to generate an authorization file.
In step S200 of some embodiments, the authorization file is generated according to the machine code data, specifically, at the end of the software developer, the parameter data of the software to be authorized is obtained first, then the parameter data and the machine code data are preprocessed to obtain the authorization certificate data, and then the authorization certificate data is encrypted according to a preset encryption function to obtain the authorization file.
In some embodiments, referring to fig. 2, step S200 may include, but is not limited to, steps S210 to S230.
S210, acquiring parameter data of software to be authorized;
s220, preprocessing the parameter data and the machine code data to obtain authorization certificate data;
s230, encrypting the authorization certificate data according to a preset encryption function to obtain an authorization file.
In step S210 of some embodiments, parameter data of the software to be authorized is obtained, the parameter data including at least one of an authorization valid period, a name of the software to be authorized, whether permanent, applicant, rights group ID, registration code, content decoding.
In step S220 of some embodiments, the parameter data and the machine code data are preprocessed to obtain the authorization certificate data, that is, the authorization certificate data is obtained by combining the machine code data of the terminal device corresponding to the software to be authorized, which is obtained from the user side by the software developer, with the parameter data obtained in step S210.
In step S230 of some embodiments, the authorization credential data is encrypted according to a preset encryption function to obtain an authorization file.
Optionally, the application adopts an advanced encryption standard symmetric encryption algorithm, and an encryption function of the algorithm is set as E, and the authorization certificate data obtained in the step S220 is encrypted through the encryption function to obtain an authorization file.
In some embodiments, referring to fig. 3, step S230 may include, but is not limited to, steps S231 to S233.
S231, acquiring preset key data;
s232, combining the key data and the authorization certificate data to obtain data to be encrypted;
S233, encrypting the data to be encrypted according to the encryption function to obtain an authorization file.
In step S231 of some embodiments, preset key data is acquired, and the key data is set to K.
In step S232 of some embodiments, the key data and the authorization credential data are combined to obtain data to be encrypted.
Optionally, the authorization credential data is plaintext data P, and the key data obtained in step S231 and the authorization credential data obtained in step S220 are combined to obtain the data to be encrypted.
In step S233 of some embodiments, the data to be encrypted is encrypted according to the encryption function, to obtain an authorization file.
Optionally, the data to be encrypted obtained in step S232 is encrypted according to the encryption function preset in step S230 to obtain an authorization file, where the authorization file is ciphertext data obtained through encryption, and the authorization file is defined as C.
Further, the formula is as follows, c=e (K, P), where C is an authorization file, E (X) is an encryption function, X is a dependent variable of the encryption function, K is key data, and P is authorization credential data.
In step S300 of some embodiments, the authorization file is sent to the terminal device according to a preset sending manner, where the sending manner includes at least one of mail, a third party communication tool, QQ, weChat, and the like.
Optionally, the authorization file is obtained in step S230, and the software developer sends the authorization file to the user side in the above sending manner, and after the user side receives the authorization file, the user side decrypts the authorization file to obtain the authorization certificate data, and copies the authorization certificate data to the corresponding terminal device in the manner of the usb disk.
In step S400 of some embodiments, authentication processing is performed on the authorization file on the terminal device to obtain an authentication result, wherein the authentication result is specifically that a preset decryption function is firstly obtained, the authorization file is decrypted according to the decryption function to obtain authorization credential data, then authentication data of software to be authorized is obtained, and the authorization credential data is subjected to authentication processing according to the authentication data to obtain the authentication result.
Optionally, the verification data comprises at least one of verification file path data, verification machine code data, verification name data, verification authorization valid period data.
Optionally, the verification result at least comprises one of a first result, a second result, a third result and a fourth result.
Further, the verification file path data is data in which the authorization certificate data is stored under the same file directory path as the software to be authorized in advance, and then the verification is performed, and whether the file directory path of the authorization certificate is the same as the file directory path of the software to be authorized or not.
Further, the verification machine code data is data for verifying whether the machine code data in the authorization credential data is identical to the machine code data on the terminal device where the software to be authorized exists.
Further, the verification name data is data for verifying whether the software name data in the authorization credential data is identical to the name data of the software to be authorized.
Further, the verification authorization valid period data is data for verifying whether the valid period in the verification authorization certificate data and the log record time when the software to be authorized is used are still within the authorization valid period.
In some embodiments, referring to fig. 4, step S400 may include, but is not limited to, steps S410 through S440.
S410, acquiring a preset decryption function;
S420, decrypting the authorization file according to the decryption function to obtain authorization certificate data;
s430, acquiring verification data of the software to be authorized;
S440, verifying the authorization certificate data according to the verification data to obtain a verification result.
In step S410 of some embodiments, a preset decryption function is obtained.
Optionally, the application adopts an advanced encryption standard symmetric encryption algorithm, and the decryption function of the algorithm is set as D.
In step S420 of some embodiments, the authorization file is decrypted according to the decryption function to obtain authorization credential data, and the authorization file obtained in step S300 is decrypted according to the decryption function obtained in step S410 to obtain authorization credential data.
Further, the formula is represented by p=d (K, C), where P is the authorization credential data, D (Y) is the decryption function, Y is the dependent variable of the decryption function, K is the key data, and C is the authorization file.
In step S430 of some embodiments, verification data of the software to be authorized is obtained, wherein the verification data at least comprises one of verification file path data, verification machine code data, verification name data, verification authorization valid period data, and is used for performing verification processing on the authorization credential data in step S420.
In step S440 of some embodiments, authentication processing is performed on the authorization credential data according to the authentication data to obtain an authentication result, specifically, first authentication processing is performed on the authorization credential data according to the authentication file path data to obtain a first result, if the first result is successful in authentication, second authentication processing is performed on the authorization credential data according to the authentication machine code data to obtain a second result, if the second result is successful in authentication, third authentication processing is performed on the authorization credential data according to the authentication name data to obtain a third result, and if the third result is successful in authentication, fourth authentication processing is performed on the authorization credential data according to the authentication authorization validity period data to obtain a fourth result.
In some embodiments, referring to fig. 5, step S420 may include, but is not limited to, steps S421 to S422.
S421, combining the key data and the authorization file to obtain data to be decrypted;
S422, decrypting the data to be decrypted according to the decryption function to obtain the authorization certificate data.
In step S421 of some embodiments, the key data and the authorization file are combined to obtain the data to be decrypted, specifically, the key data in step S231 and the authorization file obtained in step S300 are combined to obtain the file to be decrypted.
In step S422 of some embodiments, the data to be decrypted is decrypted according to the decryption function to obtain the authorization credential data, and the data to be decrypted obtained in step S421 is decrypted according to the decryption function obtained in step S410 to obtain the authorization credential data.
Alternatively, the formula may be expressed as p=d (K, C), where P is the authorization credential data, D (Y) is the decryption function, Y is the dependent variable of the decryption function, K is the key data, and C is the authorization file.
In some embodiments, referring to fig. 6, step S440 includes, but is not limited to, at least one of steps S441 to S444.
S441, performing first verification processing on the authorization certificate data according to the verification file path data to obtain a first result;
S442, if the first result is that the verification is successful, performing a second verification process on the authorization credential data according to the verification machine code data to obtain a second result;
s443, if the second result is that the verification is successful, performing third verification processing on the authorization certificate data according to the verification name data to obtain a third result;
And S444, if the third result is that the verification is successful, performing fourth verification processing on the authorization credential data according to the verification authorization validity period data to obtain a fourth result.
In step S441 of some embodiments, the first verification process is performed on the authorization credential data according to the verification file path data to obtain a first result, the first verification process is performed on the authorization credential data obtained in step S420 according to the verification file path data of the software to be authorized, whether the file directory path of the verification authorization credential data is identical to the file directory path of the software to be authorized, if the file directory path of the authorization credential data is identical to the file directory path of the software to be authorized, prompt information that the verification of the first result is successful is obtained, and if the first result is that the verification is successful, step S442 is executed.
Optionally, verifying whether the file directory path of the authorization certificate data is the same as the file directory path of the software to be authorized, if the file directory path of the authorization certificate data is different from the file directory path of the software to be authorized, obtaining a prompt message that the first result is verification failure, and exiting the software authorization method flow.
In step S442 of some embodiments, if the first result is verification success, performing a second verification process on the authorization credential data according to the verification machine code data to obtain a second result, verifying the machine code data of the authorization credential data obtained in step S420 according to the verification machine code data, determining whether the machine code data in the authorization credential data is identical to the verification machine code data, if so, obtaining a prompt message that the second result is verification success, and if the second result is verification success, executing step S443.
Optionally, if the machine code data and the verification machine code data in the authorization certificate data are different, obtaining a prompt message that the second result is verification failure, and exiting the software authorization method flow.
In step S443 of some embodiments, if the second result is that the verification is successful, performing a third verification process on the authorization credential data according to the verification name data to obtain a third result, if the verification success prompt information of the second result is obtained in step S442, determining whether the software name in the authorization credential data is the same as the software name in the verification name data, if so, obtaining the prompt information that the verification of the third result is successful, and executing step S444.
Optionally, if the software name in the authorization certificate data and the software name in the verification name data are different, a prompt message that the verification is failed is obtained as a third result, and the software authorization method flow of the application is exited.
In step S444 of some embodiments, if the third result is that the verification is successful, performing a fourth verification process on the authorization credential data according to the verification authorization valid period data to obtain a fourth result, obtaining the log time of the software to be authorized, performing a fourth verification process on the generation time of the authorization credential data according to the verification authorization valid period data, that is, the generation time of the authorization credential data must be earlier than the time of the local log record of the software to be authorized, if the generation time of the authorization credential is earlier than the time of the local log record of the software to be authorized, obtaining the prompt information that the fourth result is successful in verification, and executing step S500.
Optionally, if the generation time of the authorization certificate data is later than the local log record time of the software to be authorized, the time of the local terminal equipment is tampered, the authorization is not performed, the prompt information that the fourth result is verification failure is obtained, and the software authorization method flow of the application is exited.
In step S500 of some embodiments, authorizing the software to be authorized according to the verification result may include:
If the fourth result is successful in verification, the software to be authorized is authorized, that is, the fourth result in step S444 is the prompt information of successful verification, and the software to be authorized is authorized.
In some embodiments, if the software to be authorized is authorized, the last time when the software to be authorized is used is still required to be recorded, and compared with the authorization validity period in the authorization certificate data, if the time exceeds the authorization validity period, the software to be authorized is not allowed to be used, and authorization needs to be requested again.
In some embodiments, if the software to be authorized is authorized, the users using the software to be authorized are managed in groups according to the authorization ID in the authorization certificate data, for example, the users in group X only have the authorization right to use the function of the software to be authorized a, the users in group Y only have the authorization right to use the function of the software to be authorized B, and only the IDs of the users are filled in the corresponding groups, so that the users can enjoy the authorization right of the corresponding functions.
In some embodiments, the software to be authorized may be a battery management system to perform the software authorization method of the present application.
In some embodiments, the software authorization system comprises an acquisition module, a generation module, a transmission module, a verification module and an authorization module, wherein the acquisition module is used for acquiring machine code data of terminal equipment corresponding to software to be authorized, the generation module is used for generating an authorization file according to the machine code data, the transmission module is used for transmitting the authorization file to the terminal equipment according to a preset transmission mode, the verification module is used for verifying the authorization file on the terminal equipment to obtain a verification result, and the authorization module is used for authorizing the software to be authorized according to the verification result.
In some embodiments, a software authorization apparatus includes a processor and a memory, wherein the memory is to store an executable program that when executed performs a software authorization method as described above.
In some embodiments, the computer-readable storage medium stores executable instructions that are executable by a computer.
The memory, as a non-transitory computer readable storage medium, may be used to store non-transitory software programs as well as non-transitory computer executable programs. In addition, the memory may include high-speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory remotely located relative to the processor, the remote memory being connectable to the processor through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The embodiments described in the embodiments of the present disclosure are for more clearly describing the technical solutions of the embodiments of the present disclosure, and do not constitute a limitation on the technical solutions provided by the embodiments of the present disclosure, and as those skilled in the art can know that, with the evolution of technology and the appearance of new application scenarios, the technical solutions provided by the embodiments of the present disclosure are equally applicable to similar technical problems.
In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied in essence or a part contributing to the prior art or all or part of the technical solution in the form of a software product stored in a storage medium, including multiple instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. The storage medium includes various media capable of storing programs, such as a U disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory RAM), a magnetic disk, or an optical disk.
Preferred embodiments of the disclosed embodiments are described above with reference to the accompanying drawings, and thus do not limit the scope of the claims of the disclosed embodiments. Any modifications, equivalent substitutions and improvements made by those skilled in the art without departing from the scope and spirit of the embodiments of the present disclosure shall fall within the scope of the claims of the embodiments of the present disclosure.
Claims (5)
1. A method of software authorization, comprising:
Acquiring machine code data of terminal equipment corresponding to software to be authorized;
generating an authorization file according to the machine code data, wherein the generating the authorization file according to the machine code data comprises the steps of obtaining parameter data of the software to be authorized, wherein the parameter data comprises an authorization validity period, a name of the software to be authorized, whether the software to be authorized is permanent, an applicant, an authority group ID, a registration code and content decoding, preprocessing the parameter data and the machine code data to obtain authorization certificate data, obtaining preset key data, combining the key data and the authorization certificate data to obtain data to be encrypted, and encrypting the data to be encrypted according to a preset encryption function to obtain the authorization file;
transmitting the authorization file to the terminal equipment according to a preset transmission mode;
The method comprises the steps of obtaining a preset decryption function, decrypting the authorization file according to the decryption function to obtain the authorization certificate data, obtaining the verification data of the software to be authorized, verifying the authorization certificate data according to the verification data to obtain the verification result, wherein the verification data comprises verification file path data, verification machine code data, verification name data and verification authorization validity period data, the verification result comprises a first result, a second result, a third result and a fourth result, the verification process is performed on the authorization certificate data according to the verification data to obtain the verification result, the first result is used for indicating whether a file directory of the authorization certificate data and a file directory of the software to be authorized are identical or not, if the verification result is successful, the second result is the verification result, the second result is used for indicating whether the authorization certificate data is successful, and the second result is used for verifying the authorization certificate data according to the verification result;
And authorizing the software to be authorized according to the verification result, wherein the authorizing the software to be authorized comprises authorizing the software to be authorized if the fourth result is verified successfully.
2. The software authorization method according to claim 1, wherein the decrypting the authorization file according to the decryption function to obtain the authorization credential data includes:
combining the key data and the authorization file to obtain data to be decrypted;
and carrying out decryption processing on the data to be decrypted according to the decryption function to obtain the authorization certificate data.
3. A software authorization system, comprising:
the acquisition module is used for acquiring the machine code data of the terminal equipment corresponding to the software to be authorized;
The generation module is used for generating an authorization file according to the machine code data, wherein the generation module is used for generating the authorization file according to the machine code data and comprises the steps of acquiring parameter data of the software to be authorized, wherein the parameter data comprises an authorization validity period, a name of the software to be authorized, whether the name is permanent or not, an applicant, an authority group ID (identity), a registration code and content decoding, preprocessing the parameter data and the machine code data to obtain authorization certificate data, acquiring preset key data, combining the key data and the authorization certificate data to obtain data to be encrypted, and encrypting the data to be encrypted according to a preset encryption function to obtain the authorization file;
the sending module is used for sending the authorization file to the terminal equipment according to a preset sending mode;
The verification module is used for carrying out verification processing on the authorization file on the terminal equipment to obtain a verification result, carrying out verification processing on the authorization file on the terminal equipment to obtain the verification result, wherein the verification result comprises a first result, a second result, a third result and a fourth result, the authorization certificate data is subjected to verification processing according to the verification data to obtain the verification result, the first result is obtained by carrying out first verification processing on the authorization certificate data according to the verification file path data, the verification data of the software to be authorized is obtained, the first result is used for indicating whether a file directory path of the authorization certificate data and the software to be authorized are subjected to verification processing according to the verification data to obtain the verification result, if the first result is the verification result which is used for indicating whether the verification of the authorization certificate data is successful, the second result is obtained by carrying out verification processing on the authorization certificate data according to the verification name data, and the third result is obtained by carrying out verification processing on the authorization certificate data according to the verification result which is successful, obtaining the fourth result;
and the authorization module is used for authorizing the software to be authorized according to the verification result, and the authorizing the software to be authorized according to the verification result comprises authorizing the software to be authorized if the fourth result is verified successfully.
4. A software authorization device, comprising:
A processor;
a memory for storing an executable program;
When the executable program is executed by the processor, the software authorizing means is caused to implement the software authorizing method as claimed in any one of claims 1 to 2.
5. A computer readable storage medium storing executable instructions executable by a computer to cause the computer to perform the software authorisation method as claimed in any one of claims 1 to 2.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111022779.3A CN113868604B (en) | 2021-09-01 | 2021-09-01 | Software authorization method, system, device and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111022779.3A CN113868604B (en) | 2021-09-01 | 2021-09-01 | Software authorization method, system, device and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113868604A CN113868604A (en) | 2021-12-31 |
| CN113868604B true CN113868604B (en) | 2025-08-12 |
Family
ID=78989131
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111022779.3A Active CN113868604B (en) | 2021-09-01 | 2021-09-01 | Software authorization method, system, device and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113868604B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114912080B (en) * | 2022-04-21 | 2024-07-16 | 健帆生物科技集团股份有限公司 | Registration code generation method, control method, terminal device and storage medium |
| CN116070178B (en) * | 2023-04-06 | 2023-07-14 | 恒银金融科技股份有限公司 | Software authorization method and system based on mobile terminal code scanning |
| CN117077184B (en) * | 2023-10-17 | 2024-01-30 | 西安热工研究院有限公司 | Method, system, equipment and medium for authorizing and keeping secret of upper computer software of DCS (distributed control system) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103312513A (en) * | 2013-06-19 | 2013-09-18 | 北京华胜天成科技股份有限公司 | Method and system for verifying use authorization in distributed environment |
| CN110096849A (en) * | 2019-04-02 | 2019-08-06 | 深圳市中博科创信息技术有限公司 | A kind of License authorization and authentication method, device, equipment and readable storage medium storing program for executing |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4194772B2 (en) * | 2001-07-05 | 2008-12-10 | ヤフー株式会社 | Software use authentication method, software use authentication program, recording medium recording the software use authentication program, data used in the software use authentication method, and recording medium recording the data |
| CN101237353B (en) * | 2007-09-07 | 2011-10-05 | 北京飞天诚信科技有限公司 | A method and system for monitoring mobile storage device based on USBKEY |
| CN110674475B (en) * | 2019-09-29 | 2022-04-22 | 北京可信华泰信息技术有限公司 | Authorization control method and device and trusted computing terminal |
-
2021
- 2021-09-01 CN CN202111022779.3A patent/CN113868604B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103312513A (en) * | 2013-06-19 | 2013-09-18 | 北京华胜天成科技股份有限公司 | Method and system for verifying use authorization in distributed environment |
| CN110096849A (en) * | 2019-04-02 | 2019-08-06 | 深圳市中博科创信息技术有限公司 | A kind of License authorization and authentication method, device, equipment and readable storage medium storing program for executing |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113868604A (en) | 2021-12-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101254209B1 (en) | Apparatus and method for moving and copying right objects between device and portable storage device | |
| JP6921066B2 (en) | Methods and devices to achieve session identifier synchronization | |
| JP4366037B2 (en) | System and method for controlling and exercising access rights to encrypted media | |
| US8660964B2 (en) | Secure device licensing | |
| US8336105B2 (en) | Method and devices for the control of the usage of content | |
| CN113868604B (en) | Software authorization method, system, device and computer readable storage medium | |
| CN101872399B (en) | Dynamic digital copyright protection method based on dual identity authentication | |
| US8181266B2 (en) | Method for moving a rights object between devices and a method and device for using a content object based on the moving method and device | |
| KR100945650B1 (en) | Digital cable system and method for protecting security module program | |
| US20010014157A1 (en) | Method and system for distributing programs using tamper resistant processor | |
| JP2009516243A (en) | SRM digital copyright management method and apparatus | |
| WO2005116859A1 (en) | Method and apparatus for transmitting rights object information between device and portable storage | |
| JP2009530917A (en) | A federated digital rights management mechanism including a trusted system | |
| KR101452708B1 (en) | CE device management server, method for issuing DRM key using CE device management server, and computer readable medium | |
| CN103067333A (en) | Method for verifying set top box access identity and authentication server | |
| US8214644B2 (en) | Method for installing rights object for content in memory card | |
| JP2002203068A (en) | Content distribution system, copyright protection system, and content receiving terminal | |
| CN112417385A (en) | Safety control method and system | |
| CN101771680B (en) | Method for writing data to smart card, system and remote writing-card terminal | |
| CN110661817A (en) | Resource access method and device and service gateway | |
| CN113676478B (en) | Data processing method and related equipment | |
| JPH11355268A (en) | Device and method for information processing, information processing system and providing medium | |
| CN114143777B (en) | Certificate key downloading method and system of internet of things terminal based on SIM card | |
| KR101241413B1 (en) | Apparatus and method for moving and copying right objects between device and portable storage device | |
| KR100382880B1 (en) | Authentication system and method using one-time password mechanism |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |