When we make the system-level framework, we should consider the copyright of the system to a certain extent. It cannot be used in any environment by a random person, so we need to make an authorization mechanism for our system. Only after uploading the LIC file we issue and passing the verification, can it be used normally.
1. Introduction to smart-License
Smart-license is an open source project used for security hardening. It mainly serves non-open source products, commercial software, paid software with trial function, etc., and provides authorization system for software use.
1. License: Import the authorization file generated by smart License to the software product to be authorized.
2. Source data, basic data that needs to be processed by the License. For example, use the configuration file of the software product as the source data and obtain a smart-license authorization file to generate a license file.
3. Source License file. When a License is generated, a file is created to record the source data, authorization time, expiration time, and key peer information. The License file is owned by the software authorizer. If a License file is lost, the customer can regenerate the License file based on the License source file.
2. What is license
License is translated into license. Understood as an agreement or copyright notice, the consequences of breach of the agreement are commercial disputes. Using the analogy of original works, WHEN I publish this article, I declare that I am original. If others want to reprint this article, they need my permission, otherwise it will violate my rights and interests. Of course, article copyright and software copyright is not the same, do not do too much comparison.
Applicable scenarios:
- Non-open source products, commercial software, paid software.
- Each customer has an exclusive License.
- A software distribution package provides different service capabilities based on different licenses.
- Limit the validity period of software licensing
The product features
- Open source, fully open code, License generation principle is transparent.
- Easy to use, provides binary packages, directly generate licenses based on the command line.
- Security: The generated License file is tamper-proof to some extent, which is difficult to crack.
- Security hardening: Preprocesses License source data in asymmetric encryption mode to prevent License forgery.
3. License operation process
4. License application process
5. Retrieve the License
6. Way of use
Download the smart-license.tar.gz package and decompress it.
Go to the bin directory and run the following command, for example,./license.sh 1d HelloWorld.
1D: indicates that the authorization period is 1 day. That is, the License will expire one day later. The supported validity period formats include: H, 1H :1 hour; 2H :2 hours d, 1d:1 day 10D :10 days y, 1y:1 year; 2Y :2 years HelloWorld: indicates the content of the license to be encrypted. In actual scenarios, you can use licenses to authorize different product functions and validity periods, for example,./ licensing. sh 1y Features_1 :on; features_2:off; If the license file to be authorized is a file, run the same command, for example,./license.sh 1y config.properties
TXT and the License source file source. TXT are generated in the current directory. Note: License. TXT is an authorization file provided to customers. Source.txt, on the other hand, is held by the software provider and contains an encrypted private key that needs to be kept safe
7. Project integration
-
Introducing Maven dependencies
<dependency> <groupId>org.smartboot.license</groupId> <artifactId>license-client</artifactId> <version>1.03.</version> </dependency> Copy the code -
Load the License. If the License has expired, an exception is triggered.
public class LicenseTest { public static void main(String[] args) throws Exception { File file=new File("license.txt"); License license = new License(); LicenseEntity licenseEntity=license.loadLicense(file); System.out.println(newString(licenseEntity.getData())); }}Copy the code -
Obtain licenseEntity and start the software using the licenseEntity configuration.
-
Restore license
- Go to the bin directory and run the following command, for example,./license_revert.sh source.txt.
- After the command is successfully executed, the License file license_REVERt.txt is generated in the current directory.
Easy to use, a few lines of code to check in the launcher method, can also be added to the interceptor.
A simple and convenient authorization, just the above steps can be integrated into the boot project to go!
So with that said, let’s go back to the code
1. Generate machine code
The first thing we need to do is to limit the uniqueness of the environment in which the software is deployed. Here we use Macadderss. Of course, you can also change the CPU sequence number
private static String getMac(a) {
try {
Enumeration<NetworkInterface> el = NetworkInterface
.getNetworkInterfaces();
while (el.hasMoreElements()) {
byte[] mac = el.nextElement().getHardwareAddress();
if (mac == null)
continue;
String hexstr = bytesToHexString(mac);
return getSplitString(hexstr, "-".2).toUpperCase(); }}catch (Exception exception) {
exception.printStackTrace();
}
return null;
}
public static String getMachineCode(a) throws Exception{
Set<String> result = new HashSet<>();
String mac = getMac();
result.add(mac);
Properties props = System.getProperties();
String javaVersion = props.getProperty("java.version");
result.add(javaVersion);
String javaVMVersion = props.getProperty("java.vm.version");
result.add(javaVMVersion);
String osVersion = props.getProperty("os.version");
result.add(osVersion);
String code = Encrpt.GetMD5Code(result.toString());
return getSplitString(code, "-".4);
}
Copy the codeWhat you do here is take the machine code, mix it with the Java version, JVM, and operating system parameters, and perform an MD5 operation
2. Generate lic files
The authorization certificate mainly contains three elements: machine code, whether the identification is permanently valid, and certificate validity. We’ll write this data to text and encrypt it. Look at the code that generates the certificate:
public static void getLicense(String isNoTimeLimit, String licenseLimit, String machineCode, String licensePath, String priavateKeyPath) throws Exception{
String[] liccontent = {
"[email protected]"."LICENSENAME=YBLOG use certificate",
MessageFormat.format("LICENSETYPE={0}",isNoTimeLimit),
MessageFormat.format("EXPIREDAY={0}",licenseLimit), // The date is in yyyY-MM-DD format
MessageFormat.format("MACHINECODE={0}",machineCode),
""
};
// Mix the lic content to sign and write the content
StringBuilder sign = new StringBuilder();
for(String item:liccontent){
sign.append(item+"yblog");
}
liccontent[5] = MessageFormat.format("LICENSESIGN={0}",Encrpt.GetMD5Code(sign.toString()));
FileUtil.createFileAndWriteLines(licensePath,liccontent);
// Replace the whole of the written content with encryption
String filecontent =FileUtil.readFileToString(licensePath);
String encrptfilecontent = Encrpt.EncriptWRSA_Pri(filecontent,priavateKeyPath);
File file = new File(licensePath);
file.delete();
FileUtil.createFile(licensePath,encrptfilecontent);
Copy the codeFinally, in the verification of LIC, we will register an interceptor in the system. If the system does not pass the authentication, it will automatically jump to the LIC file upload interface. Springboot receives the file differently from conventional Java, using the MultipartFile object, it will get the array of uploaded files and operate.
We can verify the machine code and authorization time of LIC file through the built-in public key of the system to determine whether the system can be accessed normally.