JP4989418B2 - Program conversion apparatus, program, and program conversion method - Google Patents

Description

  The present invention relates to a program conversion apparatus for converting a program.

When a program is distributed to users and installed on a computer owned by the user, the user may perform reverse engineering, such as disassembling the program. The user can use the reverse engineering result to invalidate the function that restricts the use of the program by entering a password, for example, to illegally use the program, or to know the secret algorithm used by the program. There is a possibility of obtaining and plagiarizing.
In order to prevent this, there is a technique for converting a program so that the operation of the program is intentionally complicated to improve tamper resistance and cannot be easily reverse engineered.
Japanese National Patent Publication No. 11-514767 JP-A-9-282156 JP 2002-244911 A JP 2003-337629 A JP 2004-185064 A Japanese Patent Laid-Open No. 2004-246637 JP 2005-85188 A JP 2005-135265 A

However, a program converted by a conventional program conversion technique may not necessarily have high tamper resistance. For example, obfuscated information may be easily collected by setting a breakpoint at a specific address.
The present invention has been made, for example, in order to solve the above-described problems, and obtains a program conversion apparatus that can generate a program that cannot be easily reverse engineered while performing the same operation as the original program. For the purpose.

The program conversion apparatus according to the present invention includes:
Processing device for processing information, target program input device, branch instruction extraction device, branch destination acquisition device, branch destination table generation device, modified branch instruction generation device, branch instruction change device, converted program output Having a device,
The target program input device uses the processing device to input a program to be converted into a target program,
The branch instruction extraction device analyzes the target program input by the target program input device using the processing device, extracts a branch instruction instructing a branch, and sets it as a branch instruction before change.
The branch destination acquisition device acquires information indicating the branch destination of the branch indicated by the branch instruction before change extracted by the branch instruction extraction device using the processing device, and sets the branch destination information before change as
The branch destination table generation device generates a branch destination table using the processing device based on the pre-change branch destination information acquired by the branch destination acquisition device,
The modified branch instruction generation device uses the processing device to branch a branch destination calculation instruction for instructing calculation of information representing a branch destination, and a branch represented by information calculated by executing the branch destination calculation instruction. A branch instruction after change including a branch instruction for instructing a branch to a destination is generated based on the branch destination table generated by the branch destination table generation device;
In the branch instruction change device, the change branch instruction generation device generates the pre-change branch instruction extracted by the branch instruction extraction device from the target program input by the target program input device using the processing device. Replace with branch instruction after change
The converted program output device outputs, as the converted program, a target program in which the branch instruction changing device has replaced the branch instruction using the processing device.

  According to the program conversion device of the present invention, the branch instruction change device replaces the pre-change branch instruction extracted by the branch instruction extraction device with the post-change branch instruction generated by the change branch instruction generation device. There is an effect that it is possible to generate a converted program that is more difficult to reverse engineer than the target program while operating.

Embodiment 1 FIG.
The first embodiment will be described with reference to FIGS.

  FIG. 1 is a system configuration diagram showing an example of the overall configuration of a program distribution system using the program conversion apparatus 100 in this embodiment.

The program creator creates a program in the production system. The created program is distributed to the user system. The program user causes the computer 300 to execute the program in the user side system.
However, if the created program is distributed as it is, the user can use it for illegal use, such as deciphering the program by reverse engineering or invalidating the password check function, or obtain the secret algorithm used in the program. There is a possibility.
Therefore, in the program distribution system in this embodiment, the program 410 (hereinafter referred to as “target program”) produced is converted by the program conversion apparatus 100 and the same operation is performed (hereinafter referred to as “converted program”). And the generated converted program 420 is distributed. The converted program 420 is obfuscated so that it cannot be easily reverse engineered.

FIG. 2 is a diagram showing an example of the appearance of the program conversion apparatus 100 in this embodiment.
The program conversion apparatus 100 includes a system unit 910, a display device 901 having a CRT (Cathode / Ray / Tube) or LCD (liquid crystal) display screen, a keyboard 902 (Key / Board: K / B), a mouse 903, and an FDD904 (Flexible). (Disk / Drive), compact disk device 905 (CDD), printer device 906, scanner device 907, and other hardware resources, which are connected by a cable or a signal line.
The system unit 910 is a computer, and is connected to the facsimile machine 932 and the telephone 931 via a cable, and is connected to the Internet 940 via a local area network 942 (LAN) and a gateway 941.

FIG. 3 is a diagram showing an example of hardware resources of the program conversion apparatus 100 in this embodiment.
The program conversion apparatus 100 includes a CPU 911 (also referred to as a central processing unit, a central processing unit, a processing unit, an arithmetic unit, a microprocessor, a microcomputer, and a processor) that executes a program. The CPU 911 is connected to a ROM 913, a RAM 914, a communication device 915, a display device 901, a keyboard 902, a mouse 903, an FDD 904, a CDD 905, a printer device 906, a scanner device 907, and a magnetic disk device 920 via a bus 912, and the hardware thereof. Control the device. Instead of the magnetic disk device 920, a storage device such as an optical disk device or a memory card read / write device may be used.
The RAM 914 is an example of a volatile memory. The storage media of the ROM 913, the FDD 904, the CDD 905, and the magnetic disk device 920 are an example of a nonvolatile memory. These are examples of a storage device or a storage unit.
A communication device 915, a keyboard 902, a scanner device 907, an FDD 904, and the like are examples of an input unit and an input device.
Further, the communication device 915, the display device 901, the printer device 906, and the like are examples of an output unit and an output device.

The communication device 915 is connected to a facsimile machine 932, a telephone 931, a LAN 942, and the like. The communication device 915 is not limited to the LAN 942, and may be connected to the Internet 940, a WAN (wide area network) such as ISDN, or the like. When connected to a WAN such as the Internet 940 or ISDN, the gateway 941 is unnecessary.
The magnetic disk device 920 stores an operating system 921 (OS), a window system 922, a program group 923, and a file group 924. The programs in the program group 923 are executed by the CPU 911, the operating system 921, and the window system 922.

The program group 923 stores programs that execute functions described as “˜units” in the description of the embodiments described below. The program is read and executed by the CPU 911.
The file group 924 includes information, data, signal values, variable values, and parameters that are described as “determination results of”, “calculation results of”, and “processing results of” in the description of the embodiments described below. Are stored as items of “˜file” and “˜database”. The “˜file” and “˜database” are stored in a recording medium such as a disk or a memory. Information, data, signal values, variable values, and parameters stored in a storage medium such as a disk or memory are read out to the main memory or cache memory by the CPU 911 via a read / write circuit, and extracted, searched, referenced, compared, Used for CPU operations such as calculation, calculation, processing, output, printing, and display. Information, data, signal values, variable values, and parameters are temporarily stored in the main memory, cache memory, and buffer memory during the CPU operations of extraction, search, reference, comparison, operation, calculation, processing, output, printing, and display. Is remembered.
In addition, the arrows in the flowcharts described in the following description of the embodiments mainly indicate input / output of data and signals. The data and signal values are the RAM 914 memory, the FDD 904 flexible disk, the CDD 905 compact disk, and the magnetic field. The data is recorded on a recording medium such as a magnetic disk of the disk device 920, another optical disk, a mini disk, and a DVD (Digital Versatile Disk). Data and signals are transmitted online via a bus 912, signal lines, cables, or other transmission media.

  In the description of the embodiments described below, what is described as “to part” may be “to circuit”, “to device”, and “to device”, and “to step” and “to”. “Procedure” and “˜Process” may be used. That is, what is described as “˜unit” may be realized by firmware stored in the ROM 913. Alternatively, it may be implemented only by software, or only by hardware such as elements, devices, substrates, and wirings, by a combination of software and hardware, or by a combination of firmware. Firmware and software are stored as programs in a recording medium such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a mini disk, and a DVD. The program is read by the CPU 911 and executed by the CPU 911. That is, the program causes the computer to function as “to part” described below. Alternatively, the procedure or method of “to part” described below is executed by a computer.

FIG. 4 is a block configuration diagram showing an example of a functional block configuration of the program conversion apparatus 100 in this embodiment.
Note that each functional block of the program conversion apparatus 100 may be realized by the computer executing the program as described above, or one or a plurality of functional blocks exist as physically independent devices, As a whole, a system that functions as the program conversion apparatus 100 may be configured.

  The program conversion device 100 includes a target program input device 110, a target program storage device 120, a branch instruction extraction device 130, a branch destination acquisition device 133, a branch destination table generation device 140, a changed branch instruction generation device 151, a branch instruction change device 152, It has a branch destination insertion device 161, a converted program storage device 180, and a converted program output device 191.

The target program input device 110 is a device that inputs a target program 410 to be converted.
The target program input device 110 includes a program name input device 111, a program acquisition device 112, a type determination device 113, a compilation device 114, and an assembly device 115.

The program name input device 111 uses an input device such as the keyboard 902 to acquire the target program input device 110 for acquiring the target program 410, such as the file name, path name, and URI (Uniform Resource Identifier) of the target program 410. Enter information about the origin.
The program acquisition device 112 uses the processing device such as the CPU 911 to acquire the target program 410 from the acquisition source represented by the input information based on the information input by the program name input device 111.
The type determination device 113 determines the type of the target program 410 acquired by the program acquisition device 112 using a processing device such as the CPU 911.
Here, the type of the target program 410 refers to whether the target program 410 is source code described in a high-level language such as C language, source code described in a low-level language such as assembly language, machine language, or the like. The distinction of whether the code is an executable code.

As a result of the determination by the type determination device 113, when the target program 410 is a source code described in C language or the like, the compiling device 114 compiles the target program 410 using a processing device such as the CPU 911 and executes the execution format. Generate code for
As a result of the determination by the type determination device 113, when the target program 410 is source code described in an assembly language or the like, the assembly device 115 assembles the target program 410 using a processing device such as the CPU 911, and executes the execution format. Generate code for

The target program storage device 120 stores the execution format code as the target program 415 using a storage device such as the magnetic disk device 920.
That is, as a result of the determination by the type determination device 113, when the target program 410 is a source code such as C language, the target program storage device 120 stores the execution format code generated by the compiling device 114 as the target program 415. As a result of the determination by the type determination device 113, when the target program 410 is a source code such as an assembly language, the target program storage device 120 stores the execution format code generated by the assembly device 115 as the target program 415. As a result of the determination by the type determination device 113, when the target program 410 is an executable code, the target program storage device 120 stores the target program 410 acquired by the program acquisition device 112 as the target program 415.

The branch instruction extraction device 130 is a device that analyzes the target program 415 stored in the target program storage device 120 and extracts a branch instruction that instructs a branch.
The branch instruction extraction device 130 includes a disassembly device 131 and a branch instruction determination device 132.

The disassembly device 131 uses a processing device such as the CPU 911 to disassemble the target program 415 stored in the target program storage device 120 to generate assembly code.
The branch instruction determination device 132 uses a processing device such as the CPU 911 to determine whether or not the instruction is a branch instruction based on the assembly code generated by the disassembly device 131.
Here, the branch instruction is an instruction for instructing a branch, such as an unconditional jump, a conditional jump, or a subroutine call.
Note that the branch instruction determination device 132 may determine that all branch instructions included in the target program 415 are branch instructions, or may determine that only some branch instructions are branch instructions. When it is determined that only some branch instructions are branch instructions, the branch instruction determination device 132 may select an instruction that is determined to be a branch instruction depending on the type of branch instruction, or processing before and after the branch instruction. By analyzing the above, it may be determined that only branch instructions that have little influence on the execution speed are branch instructions.

  The branch instruction extraction device 130 extracts an instruction (hereinafter referred to as “pre-change branch instruction”) that the branch instruction determination device 132 determines to be a branch instruction.

  The branch destination acquisition device 133 uses a processing device such as the CPU 911 to call the absolute address of the branch destination of the branch indicated by the branch instruction before change extracted by the branch instruction extraction device 130 (hereinafter referred to as “pre-change branch destination address”). ) To get. Depending on the type of branch instruction, there are an instruction in which the branch destination address is indicated by an absolute address and an instruction in which a relative address is indicated. If the branch destination address is a branch instruction indicated by an absolute address, the branch destination acquisition device 133 acquires the indicated absolute address. When the branch destination address is a branch instruction indicated by a relative address, the branch destination acquisition device 133 calculates the absolute address of the branch destination based on the address of the branch instruction and the indicated relative address.

The branch destination table generation device 140 is a device that generates a branch destination table.
The branch destination table is a table in which branch destinations of branches designated by branch instructions are collected. Note that the branch destination absolute address may change due to the branch instruction changing device 152 (to be described later) changing the branch instruction. Therefore, the branch destination table generating device 140 may change the post-change branch destination address based on the pre-change branch destination address. The absolute address of the branch destination (hereinafter referred to as “the post-change branch destination address”) is calculated, and a branch destination table is generated from the calculated post-change branch destination address.
The branch destination table generation device 140 includes a branch destination storage area determination device 141, a pre-change branch destination storage device 142, an address correspondence storage device 143, a branch destination determination device 144, and a branch destination storage device 145.

The branch destination storage device 145 stores the branch destination table using a storage device such as the magnetic disk device 920.
The branch destination table stored in the branch destination storage device 145 is inserted after the data portion of the target program 415 by the branch destination insertion device 161 described later. The converted program 420 generated by the program conversion apparatus 100 includes a branch destination table.

The branch destination storage area determination device 141 calculates the start address of the branch destination table included in the converted program 420 using a processing device such as the CPU 911. The branch destination storage area determination device 141 uses a processing device such as the CPU 911 to acquire the address of the end of the data part of the target program 415 based on the result of the disassembly by the disassembly device 131, and based on the acquired address Thus, the start address of the branch destination table included in the converted program 420 is calculated.
In addition, the branch destination storage area determination device 141 uses a processing device such as the CPU 911 to store the branch destination address after change corresponding to the branch instruction before change extracted by the branch instruction extraction device 130 and stored in the target program 415. Decide where to store in the table.
For example, the branch destination storage area determination device 141 may store the changed branch destination addresses in the branch destination table in the order in which the branch instructions appear, or may store them in the ascending order of the changed branch destination addresses. . Or you may store in the order with predetermined | prescribed regularity, and may store in a random order.
The branch destination storage area determination device 141 uses a processing device such as the CPU 911 to convert based on the calculated start address of the branch destination table and the determined storage location (hereinafter referred to as “branch destination storage location”). In the branch destination table included in the completed program 420, the address of the storage area (hereinafter referred to as "branch destination storage address") in which the post-change branch destination address corresponding to the pre-change branch instruction extracted by the branch instruction extraction device 130 is stored. ) Is calculated.

The pre-change branch destination storage device 142 stores the pre-change branch destination address acquired by the branch destination acquisition device 133 using a storage device such as the magnetic disk device 920.
The address correspondence storage device 143 uses a processing device such as the CPU 911 to change the address before the branch instruction is changed and the branch instruction based on the change result of the branch instruction change device 152 described later changing the branch instruction. The correspondence relationship with the subsequent address is calculated, and information representing the calculated correspondence relationship is stored.
The branch destination determination device 144 uses a processing device such as the CPU 911 to store the pre-change branch destination address stored in the pre-change branch destination storage device 142 based on the information indicating the address correspondence stored in the address correspondence storage device 143. The post-change branch destination address corresponding to is calculated.
The branch destination storage device 145 uses a storage device such as the magnetic disk device 920 to determine the changed branch destination address calculated by the branch destination determination device 144 by the branch destination storage area determination device 141 in the branch destination table. Store in the branch destination storage location.

The changed branch instruction generation device 151 uses the processing device such as the CPU 911 to generate a changed branch instruction.
The post-change branch instruction is an instruction (or instruction group) that replaces the pre-change branch instruction extracted by the branch instruction extraction device 130 from the target program 415. The length (number of bytes) of the post-change branch instruction is not necessarily the same as the length of the pre-change branch instruction.
The post-change branch instruction is an instruction for referring to the branch destination storage address and branching to the branch destination address stored in the branch destination storage address. The changed branch instruction generation device 151 uses a processing device such as the CPU 911 to generate a post-change branch instruction that refers to the branch destination storage address based on the branch destination storage address calculated by the branch destination storage area determination device 141.
The branch instruction changing device 152 uses a processing device such as the CPU 911 to change the branch instruction before change extracted by the branch instruction extracting device 130 out of the target program 415 stored in the target program storage device 120, to the changed branch instruction generating device 151. Replace with the modified branch instruction generated by.

  The branch destination insertion device 161 uses the processing device such as the CPU 911 to generate the branch destination table generation device 140 in the target program 415 in which the branch instruction change device 152 changes the branch instruction from the branch instruction before change to the branch instruction after change. Insert the branch destination table. As described above, the branch destination insertion device 161 inserts the branch destination table after the data portion of the target program 415.

The converted program storage device 180 uses the storage device such as the magnetic disk device 920 to store the target program 415 into which the branch destination insertion device 161 has inserted the branch destination table as the converted program 420.
The converted program output device 191 outputs the converted program 420 stored in the converted program storage device 180 using a processing device such as the CPU 911.

  FIG. 5 is a diagram showing an example of the post-change branch instruction generated by the change branch instruction generation device 151 in this embodiment.

  The branch instruction extracted from the target program 415 by the branch instruction extraction device 130 includes, for example, an operation code 501 representing a conditional relative branch that instructs to branch to the branch destination relative address represented by the operand 502 when a predetermined condition is satisfied. The branch instruction 511 having the operation code 501 indicating a conditional absolute branch that instructs to branch to the branch destination absolute address represented by the operand 502 when a predetermined condition is satisfied, or the operand 502 regardless of the condition. A branch instruction 513 having an operation code 501 indicating an unconditional relative branch for instructing branching to the branch destination relative address to be represented, and an unconditional absolute branch for supporting branching to the branch destination absolute address represented by the operand 502 regardless of the condition Branch instruction 5 having an opcode 501 representing 4, a subroutine starting from the subroutine relative address represented by the operand 502, a subroutine instruction 515 indicating a subroutine relative call indicating that the subroutine returns to the next instruction when execution of the subroutine is completed, and the subroutine absolute represented by the operand 502 For example, there is a branch instruction 516 representing a subroutine absolute call for instructing to return to the next instruction when execution of the subroutine starting from the address is completed.

  The change branch instruction generation device 151 uses a processing device such as the CPU 911 to generate a post-change opcode corresponding to the type of pre-change branch instruction extracted by the branch instruction extraction device 130. For example, when the branch instruction is a branch instruction 511 or 512 that represents a conditional relative branch or a conditional absolute branch, the modified branch instruction generation device 151 generates a modified opcode that represents a conditional relative branch. If the branch instruction 513 or 514 represents an unconditional relative branch or unconditional absolute branch, a modified opcode representing an unconditional relative branch is generated, and the branch instruction is a branch instruction 515 representing a subroutine relative call or subroutine absolute call. , 516, a modified opcode representing a subroutine relative call is generated. In other words, the modified branch instruction generation device 151 generates a post-change operation code that indicates the same type of branch as the operation code 501 of the branch instruction.

  The changed branch instruction generation device 151 generates the changed branch instruction 520 using a processing device such as the CPU 911. The post-change branch instruction 520 includes, for example, three instructions 521 to 523. The operand part of instruction 521 represents the relative address of instruction 523. The opcode portion of instruction 522 represents an unconditional relative branch, and the operand portion of instruction 522 represents the relative address of the next instruction 531. The opcode part of the instruction 523 acquires data stored at the address indicated by the operand regardless of the condition (branch destination calculation instruction), and branches the acquired data as a branch destination address to the branch destination address (branch instruction). Indicates an unconditional indirect branch to indicate.

The change branch instruction generation device 151 uses the processing device such as the CPU 911 as the generated operation code after change as the operation code portion of the instruction 521.
The change branch instruction generation device 151 uses the branch destination storage address calculated by the branch destination storage area determination device 141 as the operand part of the instruction 523 using a processing device such as the CPU 911.

The operation when the computer 300 executes the post-change branch instruction 520 generated by the change branch instruction generation device 151 is as follows.
In the branch step S711, the computer 300 determines whether or not to branch according to the same condition as the branch condition of the pre-change branch instruction extracted by the branch instruction extraction device 130 according to the instruction of the instruction 521. As a result of the determination, if the branch is taken, the process proceeds to a branch destination calculation step S718. When not branching, it progresses to unconditional branch process S712.
In the unconditional branch step S712, the computer 300 branches unconditionally to the next instruction 531 according to the instruction of the instruction 522.
In the branch destination calculation step S718, the computer 300 acquires the branch destination absolute address stored in the branch destination storage address according to the instruction of the instruction 523.
In the indirect branching step S719, the computer 300 branches unconditionally to the branch destination absolute address acquired in the branch destination calculating step S718 according to the instruction of the instruction 523.

  That is, the post-change branch instruction 520 is an instruction for instructing the same operation as the pre-change branch instruction extracted by the branch instruction extraction device 130, but the branch destination is obtained by referring to the branch destination table. Even when disassembling, it is not easy to know where the branch is, and reverse engineering is difficult.

  FIG. 6 is a diagram illustrating an example of a state in which the branch destination table generation device 140 in this embodiment generates a branch destination table.

  The pre-change branch destination storage device 142 stores the pre-change branch destination table 610 using a storage device such as the magnetic disk device 920. The pre-change branch destination table 610 is a table in which the pre-change branch destination addresses 611 are arranged in the order determined by the branch destination storage area determining device 141. In this example, there are three pre-change branch instructions extracted by the branch instruction extraction device 130, and the pre-change branch destination table 610 includes three pre-change branch destination addresses 611 corresponding thereto.

The address correspondence storage device 143 stores the address correspondence table 620 using a storage device such as the magnetic disk device 920. The address correspondence table 620 represents a correspondence relationship between the address before the change and the address after the change. For example, a set of the address 621 before the change and the offset 622 is arranged. In this example, there are three pre-change branch instructions extracted by the branch instruction extraction device 130, and the address correspondence table 620 includes a set of three pre-change addresses 621 and an offset 622 correspondingly.
The pre-change address 621 represents the address of the branch instruction before the change (hereinafter referred to as “pre-change branch source address”).
The offset 622 represents the difference between the address before the change and the address after the change.
In this example, in the first row of the address correspondence table 620, as a result of replacing the branch instruction at the address “00000012” with a post-change branch instruction that is 8 bytes longer than the branch instruction, the address before the change is larger than “00000012”. In this case, the address obtained by adding “8” to the address before change becomes the address after change. Similarly, the second line of the address correspondence table 620 adds “16” to the address before change when the address before change is larger than “00000034” as a result of replacing the branch instruction at address “00000034”. This shows that the address becomes the changed address.

The branch destination determination device 144 uses a processing device such as the CPU 911 based on the pre-change branch destination table 610 stored in the pre-change branch destination storage device 142 and the address correspondence table 620 stored in the address correspondence storage device 143. Then, the post-change branch destination address 631 is calculated.
The branch destination storage device 145 stores the branch destination table 630 using a storage device such as the magnetic disk device 920. The branch destination table 630 is an array of post-change branch destination addresses 631 calculated by the branch destination determination device 144 in the order determined by the branch destination storage area determination device 141.

  For example, when the pre-change branch destination address 611 is “00000020”, the branch destination determining apparatus 144 refers to the address correspondence table 620 and satisfies “00000012” <“00000020” ≦ “00000034”, so that the corresponding offset 622 “8” is acquired, and the post-change branch destination address 631 “000000208” is calculated in addition to the pre-change branch destination address 611 “00000020”. Further, when the branch destination address 611 before change is “00000006”, the branch destination determination apparatus 144 refers to the address correspondence table 620, and “00000006” ≦ “00000012”. Therefore, the branch destination address 611 “before change” “00000006” is used as the post-change branch destination address 631.

  Next, the flow of processing will be described.

FIG. 7 is a flowchart showing an example of the flow of a program conversion process in which the program conversion apparatus 100 in this embodiment converts the target program 415 to generate the converted program 420.
Note that the converted program storage device 180 initializes the converted program 420 using a processing device such as the CPU 911 before starting the program conversion processing, and uses a storage device such as the magnetic disk device 920 to empty the converted program storage device 180. The converted program 420 is stored.

  In the disassembly step S812, the disassembly device 131 inputs the target program 415 stored in the target program storage device 120 in order from the beginning using a processing device such as the CPU 911. The disassembling device 131 disassembles the input target program 415 using a processing device such as the CPU 911, and generates assembly code line by line. The disassembly device 131 outputs the generated assembly code using a processing device such as the CPU 911.

In the branch instruction determination step S814, the branch instruction determination device 132 inputs the assembly code generated by the disassembly device 131 in the disassembly step S812 using a processing device such as the CPU 911. The branch instruction determination device 132 uses a processing device such as the CPU 911 to determine whether or not the input assembly code is a branch instruction.
If it is determined that the instruction is a branch instruction, the process proceeds to a branch destination acquisition step S815.
If it is determined that the instruction is not a branch instruction, the process proceeds to instruction output step S837.

  In the branch destination acquisition step S815, the branch destination acquisition device 133 uses the processing device such as the CPU 911 to input the assembly code determined by the branch instruction determination device 132 as a branch instruction in the branch instruction determination step S814. The branch destination acquisition device 133 uses a processing device such as the CPU 911 to acquire the pre-change branch destination address based on the input assembly code. The branch destination acquisition device 133 outputs the acquired pre-change branch destination address using a processing device such as the CPU 911.

  In the branch destination storage area determination step S818, the branch destination storage area determination device 141 determines a branch destination storage position and calculates a branch destination storage address using a processing device such as the CPU 911. The branch destination storage area determination device 141 outputs the determined branch destination storage position and the calculated branch destination storage address using a processing device such as the CPU 911.

  In the pre-change branch destination storage step S819, the pre-change branch destination storage device 142 uses the processing device such as the CPU 911 and the pre-change branch destination address output from the branch destination acquisition device 133 in the branch destination acquisition step S815 and the branch destination. The branch destination storage position output from the branch destination storage area determination device 141 in the storage area determination step S818 is input. The pre-change branch destination storage device 142 stores the input pre-change branch destination address in the input branch destination storage position in the pre-change branch destination table 610 using a storage device such as the magnetic disk device 920.

  In the modified branch instruction generation step S834, the modified branch instruction generation device 151 uses the processing device such as the CPU 911 to branch the assembly code output by the disassembly device 131 in the disassembly step S812 and the branch destination storage area determination step S818. The branch destination storage address output by the destination storage area determination device 141 is input. The changed branch instruction generation device 151 uses a processing device such as the CPU 911 to generate the changed branch instruction 520 based on the input assembly code and the branch destination storage address. The changed branch instruction generation device 151 outputs the generated changed branch instruction 520 using a processing device such as the CPU 911.

In the change branch instruction output step S835, the branch instruction change device 152 inputs the post-change branch instruction 520 output from the change branch instruction generation device 151 in the change branch instruction generation step S834 using a processing device such as the CPU 911. The branch instruction changing device 152 uses the processing device such as the CPU 911 to add and write the input changed branch instruction 520 to the end of the converted program 420 stored in the converted program storage device 180.
The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the post-change branch instruction 520 is added.
Thereafter, the process proceeds to the address correspondence storage step S838.

In the instruction output step S837, the branch instruction changing device 152 uses the processing device such as the CPU 911, among the target programs 415 stored in the target program storage device 120, the branch instruction determining device 132 uses the branch instruction in the branch instruction determining step S814. The part corresponding to the assembly code determined to be not is input. The branch instruction change device 152 uses the processing device such as the CPU 911 to add and write the input portion to the end of the converted program 420 stored in the converted program storage device 180.
The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the original instruction is added.

  In the address correspondence storage step S838, the address correspondence storage device 143 uses the processing device such as the CPU 911 to output the number of bytes corresponding to the assembly code generated by the disassembly device 131 in the disassembly step S812 and the changed branch instruction output. The number of bytes written by the branch instruction change unit 152 in step S835 or instruction output step S837 is input. The address correspondence storage device 143 uses a processing device such as the CPU 911 to determine whether or not the two input byte numbers are the same. The address correspondence storage device 143 uses a processing device such as the CPU 911 to obtain the difference between the two when the input two byte numbers are not the same. The address correspondence storage device 143 uses the processing device such as the CPU 911 to add the obtained difference to the current offset. The address correspondence storage device 143 stores the pre-change address 621 and the offset 622 in the address correspondence table 620 using a storage device such as the magnetic disk device 920.

In the repetition step S839, the disassembly device 131 determines whether or not the disassembly has been completed up to the end of the target program 415 using a processing device such as the CPU 911.
When it is determined that the disassembly is completed to the end, the process proceeds to the post-change branch destination determination step S841.
When it is determined that the disassembly is not finished yet, the processing from the disassembly step S812 is repeated.

  In the post-change branch destination determination step S841, the branch destination determination device 144 uses the processing device such as the CPU 911 and the address correspondence table 620 stored in the address correspondence storage device 143 in the address correspondence storage step S838 and the pre-change branch destination storage. In step S819, the pre-change branch destination table 610 stored in the pre-change branch destination storage device 142 is input. The branch destination determining device 144 uses a processing device such as the CPU 911 and based on the input address correspondence table 620, the post-change branch corresponding to each of the pre-change branch destination addresses 611 included in the input pre-change branch destination table 610. The destination address 631 is calculated. The branch destination determination device 144 outputs the calculated post-change branch destination address 631.

  In the post-change branch destination storage step S842, the branch destination storage device 145 uses the processing device such as the CPU 911 to change the branch destination storage position output by the branch destination storage region determination device 141 in the branch destination storage region determination step S818 and the change. The post-change branch destination address 631 output from the branch destination determination device 144 in the post-branch destination determination step S841 is input. The branch destination storage device 145 stores the input post-change branch destination address 631 at the input branch destination storage position in the branch destination table 630 using a storage device such as the magnetic disk device 920.

In the branch destination table insertion step S844, the branch destination insertion device 161 uses the processing device such as the CPU 911 to input the branch destination table 630 stored in the branch destination storage device 145 in the post-change branch destination storage step S842. The branch destination insertion device 161 uses the processing device such as the CPU 911 to add and write the input branch destination table 630 to the end of the converted program 420 stored in the converted program storage device 180.
The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the branch destination table 630 has been added.

In the changed program output step S862, the converted program output device 191 inputs the converted program 420 stored in the converted program storage device 180 in the branch destination table insertion step S844 using a processing device such as the CPU 911. The converted program output device 191 outputs the input converted program 420 using a processing device such as the CPU 911.
Thereafter, the program conversion process ends.

The program conversion device 100 (program conversion system, program conversion method) in this embodiment includes a processing device (CPU 911) for processing information, a target program input device 110, a branch instruction extraction device 130, and a branch destination acquisition device 133. A branch destination table generation device 140, a changed branch instruction generation device 151, a branch instruction change device 152, and a converted program output device 191.
The target program input device 110 uses the processing device (CPU 911) to input a program to be converted (target program 410) to be a target program 415.
The branch instruction extraction unit 130 analyzes the target program 415 input by the target program input unit 110 using the processing unit (CPU 911), extracts a branch instruction instructing a branch, It is characterized by doing.
The branch destination acquisition device 133 uses the processing device (CPU 911) to obtain information (pre-change branch destination address 611) indicating the branch destination of the branch indicated by the pre-change branch instruction extracted by the branch instruction extraction device 130. It is acquired and used as pre-change branch destination information.
The branch destination table generation device 140 uses the processing device (CPU 911) to generate the branch destination table 630 based on the pre-change branch destination information (pre-change branch destination address 611) acquired by the branch destination acquisition device 133. It is characterized by generating.
The modified branch instruction generation device 151 uses the processing device (CPU 911) to execute a branch destination calculation instruction that instructs to calculate information (branch destination absolute address) indicating a branch destination and the branch destination calculation instruction. And generating a post-change branch instruction 520 including a branch instruction for instructing a branch to the branch destination represented by the information calculated as described above based on the branch destination table 630 generated by the branch destination table generation device 140. Features.
The branch instruction change device 152 uses the processing device (CPU 911) to change the branch instruction before change extracted by the branch instruction extractor 130 from the target program 415 input by the target program input device 110. The changed branch instruction 520 generated by the branch instruction generation device 151 is replaced.
The converted program output device 191 uses the processing device (CPU 911) to output the target program 415 in which the branch instruction change device 152 has replaced the branch instruction as a converted program 420.

  According to the program conversion device 100 in this embodiment, the branch instruction change device 152 replaces the branch instruction before change extracted by the branch instruction extraction device 130 with the branch instruction after change generated by the change branch instruction generation device 151. Thus, the converted program 420 that is more difficult to reverse engineer than the target program 415 while performing the same operation as the target program 415 can be generated.

  Since the post-change branch instruction in the converted program 420 is inserted into the target program 415 at the position where the pre-change branch instruction was, a breakpoint or the like is set at a specific position in the converted program 420. However, the information about the branch destination address cannot be collected, and there is an effect that the difficulty of reverse engineering increases.

The program conversion apparatus 100 further includes a branch destination insertion apparatus 161.
The branch destination insertion device 161 uses the processing device (CPU 911) to insert the branch destination table 630 generated by the branch destination table generation device 140 into the target program 415 input by the target program input device 110. It is characterized by.
The modified branch instruction generation device 151 uses the processing device (CPU 911) to refer to the branch destination table 630 inserted by the branch destination insertion device 161 as the branch destination calculation instruction (branch destination information) (branch destination). A command for acquiring a destination address is generated.

As described above, the program conversion apparatus 100 according to this embodiment can be realized by causing a computer to execute a program that causes the computer to function as the program conversion apparatus 100.
As the program conversion apparatus 100 (program conversion system, program conversion method) in this embodiment, according to a program that causes a computer to function, a converted program that has the same operation as the target program 415 and is more difficult to reverse engineer than the target program 415 The program conversion apparatus 100 that can generate the program 420 can be realized.

The program conversion method in which the program conversion apparatus 100 in this embodiment converts the target program 415 is characterized by the following points.
The processing device (CPU 911) inputs a program to be converted and sets it as a target program 415.
The processing device (CPU 911) analyzes the input target program 415, extracts a branch instruction instructing a branch, and sets it as a branch instruction before change.
The processing device (CPU 911) acquires information (a branch destination address before the change) indicating the branch destination of the branch indicated by the extracted branch instruction before the change, and uses it as the branch destination information before the change.
The processing device (CPU 911) generates the branch destination table 630 based on the acquired pre-change branch destination information.
The processing device (CPU 911) instructs a branch to a branch destination that is calculated by executing the branch destination calculation instruction and a branch destination calculation instruction that instructs to calculate information indicating the branch destination. A post-change branch instruction including a branch instruction is generated based on the generated branch destination table 630.
The processing device (CPU 911) replaces the extracted pre-change branch instruction in the input target program 415 with the generated post-change branch instruction.
The processing device (CPU 911) outputs the target program in which the branch instruction is replaced as a converted program.

  According to the program conversion method in this embodiment, there is an effect that it is possible to generate a converted program 420 that is more difficult to reverse engineer than the target program 415 while performing the same operation as the target program 415.

  In this embodiment, only the branch instruction is changed. However, when post-processing (for example, restoration of a saved register) is necessary after branching, the branch destination instruction may be changed. .

The program conversion apparatus 100 (program conversion method) described above is
A program conversion method for converting a program and controlling execution,
A branch instruction in the execution program (target program 415) is searched, and for each branch instruction, the newly calculated branch destination address (changed branch destination address) is stored in the data section table (branch destination table 630). The instruction is replaced so that the original instruction branches to the address (branch address after change) obtained from the data table (branch destination table 630), and the operation of the changed execution program (converted program 420) is changed. It changes so that it may become the same operation | movement as an execution program (target program 415).

The program conversion apparatus 100 in this embodiment replaces the pre-change branch instruction with a post-change branch instruction that instructs to branch to the calculated branch destination by calculating the branch destination with reference to the branch destination table 630. A configuration (hereinafter referred to as “Comparative Example 1”) in which the branch instruction before change is limited to a subroutine call and the branch instruction before change is replaced with a subroutine call that branches by calculating a branch destination is also conceivable.
Hereinafter, the program conversion apparatus 100 in this embodiment is compared with the comparative example 1.
In Comparative Example 1, since the calculation of the address of the originally intended subroutine is performed in the software (subroutine) added to the program, the correspondence between the caller address and the callee address before replacing the subroutine call is collected and before the replacement. It is easy to restore the program.
For example, the software added by the debugger restores the address of the originally intended subroutine, sets a breakpoint at the instruction that calls the subroutine, and stops the program immediately before executing this instruction. Since the call source address is stored in the stack as a return destination for the added program call, it is easy to collect the correspondence between the call source address and the call destination address before replacing the subroutine call.
Also, a patch that collects the correspondence between the caller address and the callee address before replacing the subroutine call instead of setting a breakpoint in the debugger for the instruction that calls the intended subroutine in the software added to the program You can collect the correspondence of this address without using the debugger.
Furthermore, once the correspondence between the call source address and the callee address of the original program before substituting the subroutine call is collected, if the original program is the same, all code parts of the program that changed the subroutine call are the same Therefore, it is possible to create and distribute a patch that restores the original program before replacing the subroutine call.

On the other hand, the program conversion apparatus 100 in this embodiment uses the address of the data part (branch destination table 630) for the branch instruction in the program without directly specifying the branch destination address in the operand of the branch instruction. For those who try to analyze the program (reverse engineering) by rewriting to branch, the logic of the program cannot be analyzed by referring only to the code part, and it is necessary to refer to the data part instead of the code part Thus, since the analysis load increases, it is possible to limit the analysis of the program.
In addition, branch instructions in a program can be directly branched from each branch instruction using the branch destination address stored in the data section without executing the instruction at the specific address. Since it is not possible to collect the correspondence between the caller's address and the callee's original address before conversion by applying breakpoints or applying patches using the debugger, information necessary for program analysis can be collected. Collecting automatically can be prevented.
This can restrict program analysis and unauthorized use.

Embodiment 2. FIG.
The second embodiment will be described with reference to FIGS.

FIG. 8 is a block configuration diagram showing an example of a functional block configuration of the program conversion apparatus 100 in this embodiment.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion apparatus 100 demonstrated in Embodiment 1, and description is abbreviate | omitted here.

The target program input device 110 further includes a disassembly device 116.
The disassembly device 116 uses a processing device such as the CPU 911 to disassemble the executable code to generate assembly code. That is, as a result of the determination by the type determination device 113, when the target program 410 is a source code such as C language, the disassembly device 116 disassembles the executable code generated by the compiling device 114. As a result of the determination by the type determination device 113, when the target program 410 is a source code such as an assembly language, the disassembly device 116 disassembles the executable code generated by the assembly device 115. As a result of the determination by the type determination device 113, when the target program 410 is an executable code, the target program storage device 120 disassembles the target program 410 acquired by the program acquisition device 112.
The target program storage device 120 stores the assembly code generated by the disassembly device 116 as the target program 416.

Since the target program 416 stored in the target program storage device 120 is an assembly code, the branch instruction extraction device 130 does not have the disassembly device 131.
Further, the branch destination table generation device 140 does not need to consider the change of the branch destination address before and after the change, and therefore has the branch destination storage device 142 before the change, the address correspondence storage device 143, and the branch destination determination device 144. No.

The program conversion device 100 further includes an assembly device 171.
The assembling device 171 uses a processing device such as the CPU 911 to assemble the target program 416 into which the branch destination inserting device 161 has inserted the branch destination table 630, and generates an executable code.
The converted program storage device 180 stores the execution format code generated by the assembling device 171 as the converted program 420 using a storage device such as the magnetic disk device 920.

  That is, the program conversion apparatus 100 according to the first embodiment performs program conversion processing at the code level of the execution format, whereas the program conversion apparatus 100 according to this embodiment performs program conversion processing at the assembly code level. Is different.

FIG. 9 is a diagram for explaining processing in which the branch instruction changing device 152 in this embodiment changes a branch instruction.
The disassembly device 116 generates pre-conversion assembly code 640 (target program 416) in which labels (in this example, “L0001” to “L0015”, etc.) are attached to each row. A label does not necessarily have to be attached to every line, but at least a line that is a branch destination is always attached with a label.
The pre-conversion assembly code 640 generated by the disassembly device 116 is stored in the target program storage device 120, and the branch instruction extraction device 130 is input line by line using a processing device such as the CPU 911.

  The branch instruction extraction device 130 extracts a branch instruction from the input pre-conversion assembly code 640 using a processing device such as the CPU 911 and sets it as a branch instruction before change. For example, if the mnemonic of the input pre-conversion assembly code 640 is “jmp”, “jnz”, “call” or the like, the branch instruction extraction device 130 determines that it is a branch instruction and extracts it. In this example, the branch instruction extraction device 130 extracts three lines “L0001: jmp L0010”, “L0007: jnz L0005”, and “L0012: call L0002” as the branch instruction before change.

  The branch destination acquisition device 133 uses a processing device such as the CPU 911 to label the branch destination of the branch indicated by the branch instruction before change from the branch instruction before change extracted by the branch instruction extraction device 130 (hereinafter referred to as “branch destination label”). ").). In this example, the branch destination acquisition apparatus 133 acquires three branch destination labels 632 “L0010”, “L0005”, and “L0002”.

  The branch destination storage device 145 uses a storage device such as the magnetic disk device 920 to determine the branch destination label 632 acquired by the branch destination acquisition device 133 in the branch destination table 630 by the branch destination storage area determination device 141. Store in the branch destination storage location. In this example, it is assumed that the branch destination storage area determination device 141 determines that the branch destination label 632 is stored in the order in which the branch instruction before change appears in the assembly code 640 before conversion. The branch destination storage device 145 stores the branch destination labels 632 acquired by the branch destination acquisition device 133 in the order of “L0010”, “L0005”, and “L0002”.

  The branch instruction changing device 152 uses a processing device such as the CPU 911 to branch the pre-change branch instruction extracted by the branch instruction extracting device 130 in the pre-conversion assembly code 640 generated by the changed branch instruction generating device 151. The changed portion 651 is replaced with an instruction.

  The branch destination insertion device 161 converts the branch destination table 630 stored in the branch destination storage device 145 into an assembly code format by using a processing device such as the CPU 911. The branch destination insertion device 161 uses the processing device such as the CPU 911 to add the branch destination table 630 converted into the assembly code format as the addition portion 652 to the change portion 651 in which the branch instruction change device 152 replaced the branch instruction. Thus, the converted assembly code 650 is obtained.

FIG. 10 is a flowchart showing an example of the flow of program conversion processing in which the program conversion apparatus 100 in this embodiment converts the target program 416 to generate the converted program 420.
The assembler 171 initializes the converted assembly code 650 by using a processing device such as the CPU 911 in advance before starting the program conversion process, generates an empty converted assembly code 650, and the magnetic disk device 920. This is stored using a storage device such as

  In the instruction acquisition step S813, the branch instruction determination device 132 acquires an assembly code line by line from the pre-conversion assembly code 640 stored in the target program storage device 120 using a processing device such as the CPU 911.

In the branch instruction determination step S814, the branch instruction determination device 132 determines whether the assembly code acquired in the instruction acquisition step S813 is a branch instruction using a processing device such as the CPU 911.
If it is determined that the instruction is a branch instruction, the process proceeds to a branch destination acquisition step S815.
If it is determined that the instruction is not a branch instruction, the process proceeds to instruction output step S837.

  In the branch destination acquisition step S815, the branch destination acquisition device 133 inputs an assembly code determined to be a branch instruction in the branch instruction determination step S814 using a processing device such as the CPU 911. The branch destination acquisition device 133 uses a processing device such as the CPU 911 to acquire the branch destination label 632 based on the input assembly code. The branch destination acquisition device 133 outputs the acquired branch destination label 632 using a processing device such as the CPU 911.

  In the branch destination storage area determination step S818, the branch destination storage area determination device 141 determines a branch destination storage position and calculates a branch destination storage address using a processing device such as the CPU 911. The branch destination storage area determining device 141 outputs the determined branch destination storage position and the calculated branch destination storage address.

  In the branch destination label storage step S820, the branch destination storage device 145 uses the storage device such as the magnetic disk device 920 to store the branch destination label acquired by the branch destination acquisition device 133 in the branch destination acquisition step S815. Among them, the branch destination storage area is stored in the branch destination storage position output by the branch destination storage area determining device 141 in step S818.

  In the change branch instruction generation step S834, the change branch instruction generation device 151 uses a processing device such as the CPU 911 and the branch instruction before change that the branch instruction determination device 132 has determined as a branch instruction in the branch instruction determination step S814. The branch destination storage address output from the branch destination storage area determination device 141 in the branch destination storage area determination step S818 is input. The changed branch instruction generation device 151 uses a processing device such as the CPU 911 to generate a post-change branch instruction based on the input pre-change branch instruction and the input branch destination storage address. The changed branch instruction generation device 151 outputs the generated changed branch instruction using a processing device such as the CPU 911.

In the change branch instruction output step S835, the branch instruction change device 152 inputs the post-change branch instruction output from the change branch instruction generation device 151 in the change branch instruction generation step S834 using a processing device such as the CPU 911. The branch instruction change device 152 adds and writes the input changed branch instruction to the end of the converted assembly code 650 stored in the assembly device 171 using a processing device such as the CPU 911. The assembling device 171 uses a storage device such as the magnetic disk device 920 to store the converted assembly code 650 to which the post-change branch instruction is added.
Then, it progresses to repetition process S839.

  In the instruction output step S837, the branch instruction change device 152 inputs an assembly code determined by the branch instruction determination device 132 that the branch instruction determination device 132 is not a branch instruction in the branch instruction determination step S814 using a processing device such as the CPU 911. The branch instruction changing device 152 uses the processing device such as the CPU 911 to add and write the input assembly code to the end of the converted assembly code 650 stored in the assembling device 171. The assembling device 171 stores the converted assembly code 650 to which the original assembly code is added, using a storage device such as the magnetic disk device 920.

In the repetition step S839, the branch instruction determination device 132 determines whether or not all the pre-conversion assembly codes 640 stored in the target program storage device 120 have been acquired.
If it is determined that all the pre-conversion assembly codes 640 have been acquired, the process proceeds to the branch destination table insertion step S844.
If it is determined that the acquisition has not been completed, the processing from the instruction acquisition step S813 is repeated.

  In the branch destination table insertion step S844, the branch destination insertion device 161 inputs the branch destination table 630 stored in the branch destination storage device 145 in the branch destination label storage step S820 using a processing device such as the CPU 911. The branch destination insertion device 161 converts the input branch destination table 630 into an assembly code format using a processing device such as the CPU 911. The branch destination insertion device 161 uses a processing device such as the CPU 911 to add and write the converted branch destination table 630 to the end of the converted assembly code 650 stored in the assembly device 171. The assembly device 171 stores the converted assembly code 650 to which the branch destination table 630 is added, using a storage device such as the magnetic disk device 920.

  In the assembling step S861, the assembling device 171 assembles the stored converted assembly code 650 using a processing device such as the CPU 911 to generate an executable code. The assembling device 171 outputs the generated executable code using a processing device such as the CPU 911. The converted program storage device 180 stores the execution format code output from the assembly device 171 as the converted program 420 using a storage device such as the magnetic disk device 920.

In the changed program output step S862, the converted program output device 191 inputs the converted program 420 stored in the converted program storage device 180 in the assembly step S861 using a processing device such as the CPU 911. The converted program output device 191 outputs the input converted program 420 using a processing device such as the CPU 911.
Thereafter, the program conversion process ends.

The program conversion apparatus 100 (program conversion system, program conversion method) in this embodiment further includes an assembly apparatus 171.
The target program input device 110 inputs the target program 416 in an assembly code format as the target program using the processing device (CPU 911).
The assembler 171 uses the processing unit (CPU 911) to assemble the target program 416 in which the branch instruction change unit 152 has changed the branch instruction, generates an executable code, and forms the converted program 420. It is characterized by that.
The converted program output device 191 outputs the converted program 420 generated by the assembly device 171 using the processing device (CPU 911).

  According to the program conversion apparatus 100 in this embodiment, even if the length of the branch instruction before change and the length of the branch instruction after change are different, it is not necessary to consider the change of the address. The processing of the device 140 can be simplified, and the load of program conversion processing can be reduced.

Embodiment 3 FIG.
A third embodiment will be described with reference to FIGS.

FIG. 11 is a block configuration diagram showing an example of a functional block configuration of the program conversion apparatus 100 in this embodiment.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion apparatus 100 demonstrated in Embodiment 1, and description is abbreviate | omitted here.

The branch destination table generation device 140 includes a branch source acquisition device 146 and a pre-change branch source storage device 148 instead of the address correspondence storage device 143.
Based on the branch instruction before change extracted by the branch instruction extraction device 130 using a processing device such as the CPU 911, the branch source acquisition apparatus 146 uses the address of the branch instruction before change in the target program 415 before change (hereinafter referred to as “before change”). Called "branch source address").

The pre-change branch source storage device 148 uses a storage device such as the magnetic disk device 920 to store the pre-change branch source address acquired by the branch source acquisition device 146 in the pre-change branch source table.
Note that the pre-change branch destination table and the pre-change branch source table may be one table. In that case, the two may be distinguished by providing a flag for distinguishing between the branch destination and the branch source.

The branch instruction changing device 152 uses a processing device such as the CPU 911 to acquire instructions corresponding to one line of assembly code one by one from the target program 415 stored in the target program storage device 120.
Using the processing device such as the CPU 911, the changed branch instruction generation device 151 uses the address of the instruction acquired by the branch instruction change device 152 (before the change) in the before-change branch source address stored in the before-change branch source storage device 148. If there is an address that coincides with (address), a post-change branch instruction is generated based on the branch destination storage address calculated by the branch destination storage area determination device 141.
The branch instruction change device 152 replaces the original instruction (pre-change branch instruction) with the post-change branch instruction generated by the change branch instruction generation device 151 using a processing device such as the CPU 911.

The branch destination determination device 144 uses the processing device such as the CPU 911, and if the pre-change branch destination address stored in the pre-change branch destination storage device 142 has an address that matches the pre-change address, The corresponding changed address is calculated.
The branch destination storage device 145 uses the processing device such as the CPU 911 to correspond the changed address calculated by the branch destination determination device 144 to the storage area determined by the branch destination storage region determination device 141 in the branch destination table 630. Is stored as a post-change branch destination address.

FIGS. 12 and 13 are flowcharts showing an example of the flow of program conversion processing in which the program conversion apparatus 100 according to this embodiment converts the target program 415 to generate the converted program 420.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion process demonstrated in Embodiment 1. FIG.
The converted program storage device 180 initializes the converted program 420 using a processing device such as the CPU 911 in advance before starting the program conversion processing, generates an empty converted program 420, and generates a magnetic disk device. The data is stored using a storage device such as 920.

  In the disassembling step S812, the disassembling device 131 uses a processing device such as the CPU 911 to disassemble the target program 415 stored in the target program storage device 120 in order from the beginning, and generates assembly code line by line. Output.

In the branch instruction determination step S814, the branch instruction determination device 132 uses the processing device such as the CPU 911 to input the assembly code generated by the disassembly device 131 in the disassembly step S812, and determines whether the instruction is a branch instruction. To do.
If it is determined that the instruction is a branch instruction, the process proceeds to a branch destination acquisition step S815.
If it is determined that the instruction is not a branch instruction, the process proceeds to the repetition step S822.

  In the branch destination acquisition step S815, the branch destination acquisition device 133 uses a processing device such as the CPU 911, based on the assembly code determined by the branch instruction determination device 132 as a branch instruction in the branch instruction determination step S814, before the change. Get branch destination address and output.

  In the branch source acquisition step S816, the branch source acquisition device 146 uses a processing device such as the CPU 911 to acquire the address of the assembly code determined by the branch instruction determination device 132 as a branch instruction in the branch instruction determination step S814. The pre-change branch source address. The branch source acquisition device 146 outputs the acquired pre-change branch source address using a processing device such as the CPU 911.

  In the branch destination storage area determination step S818, the branch destination storage area determination device 141 uses a processing device such as the CPU 911 to determine a branch destination storage position, calculate a branch destination storage address, and determine the determined branch destination storage position. And the calculated branch destination storage address are output.

  In the pre-change branch destination storage step S819, the pre-change branch destination storage device 142 inputs the pre-change branch destination address output from the branch destination acquisition device 133 in the branch destination acquisition step S815 using a processing device such as the CPU 911. The pre-change branch destination storage device 142 stores the input pre-change branch destination address in the pre-change branch destination table 610 using a storage device such as the magnetic disk device 920.

  In the pre-change branch source storage step S821, the pre-change branch source storage device 148 inputs the pre-change branch source address output by the branch source acquisition device 146 in the branch source acquisition step S816 using a processing device such as the CPU 911. The pre-change branch source storage device 148 stores the input pre-change branch source address in the pre-change branch source table using a storage device such as the magnetic disk device 920.

In the repetition step S822, the disassembly device 131 determines whether or not the disassembly has been completed to the end of the target program 415 using a processing device such as the CPU 911.
If it is determined that the disassembly is completed to the end, the process proceeds to the instruction acquisition step S831.
When it is determined that the disassembly is not finished yet, the processing from the disassembly step S812 is repeated.

  In the instruction acquisition step S831, the branch instruction change device 152 uses a processing device such as the CPU 911 to acquire an execution format code corresponding to one line of assembly code from the target program 415 stored in the target program storage device 120. .

In the branch destination determination step S832, the branch destination determination device 144 uses the processing device such as the CPU 911 in the pre-change branch destination table 610 stored in the pre-change branch destination storage device 142 in the pre-change branch destination storage step S819. Then, it is determined whether or not the same address as the address of the code in the execution format acquired by the branch instruction change device 152 is stored in the instruction acquisition step S831.
If it is determined that the same address is stored, the process proceeds to the post-change branch destination determination step S841.
When it is determined that the same address is not stored, the process proceeds to the branch source determination step S833.
In order to increase the execution speed of the branch destination determination step S832, the branch destination determination device 144 may sort the pre-change branch destination table 610 in advance and arrange them in the order of the pre-change branch destination addresses.

  In the post-change branch destination determination step S841, the branch destination determination device 144 acquires the post-change branch destination address using a processing device such as the CPU 911. The branch destination determination device 144 counts the number of bytes of the execution format code output from the branch instruction change device 152 in advance, for example, and thereby determines the address of the execution format code output next from the branch instruction change device 152. Calculate and obtain the calculated address as the post-change branch destination address. The branch destination determination device 144 outputs the acquired post-change branch destination address using a processing device such as the CPU 911.

  In the post-change branch destination storage step S842, the branch destination storage device 145 uses the processing device such as the CPU 911, the post-change branch destination address output from the branch destination determination device 144 in the post-change branch destination determination step S841, and the branch destination. The branch destination storage position output from the branch destination storage area determination device 141 in the storage area determination step S818 is input. The branch destination storage device 145 uses a storage device such as the magnetic disk device 920 to store the input post-change branch destination address in the input branch destination storage position in the branch destination table 630.

In the branch source determination step S833, the changed branch instruction generation device 151 uses a processing device such as the CPU 911 in the pre-change branch source table stored in the pre-change branch source storage device 148 in the pre-change branch source storage step S821. Then, it is determined whether or not the same address as the address of the code in the execution format acquired by the branch instruction change device 152 is stored in the instruction acquisition step S831.
If it is determined that the same address is stored, the process advances to a modified branch instruction generation step S834.
If it is determined that the same address is not stored, the process proceeds to the instruction output step S837.

  In the modified branch instruction generation step S834, the modified branch instruction generation device 151 uses the processing device such as the CPU 911 and the execution format code acquired by the branch instruction change device 152 in the instruction acquisition step S831 and the branch destination storage area determination step. In S818, the branch destination storage address output by the branch destination storage area determination device 141 is input. The changed branch instruction generation device 151 uses a processing device such as the CPU 911 to generate the changed branch instruction 520 based on the input execution format code and the branch destination storage address. The changed branch instruction generation device 151 outputs the generated changed branch instruction 520 using a processing device such as the CPU 911.

In the changed branch instruction output step S835, the branch instruction change device 152 inputs the converted branch instruction 520 output from the changed branch instruction generation device 151 in the changed branch instruction generation step S834 using a processing device such as the CPU 911, and converts it. Is added to the end of the converted program 420 stored in the stored program storage device 180. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the post-change branch instruction 520 is added.
Then, it progresses to repetition process S839.

  In the instruction output step S837, the branch instruction change device 152 uses the processing device such as the CPU 911 to end the code of the execution format acquired in the instruction acquisition step S831 with the last of the converted program 420 stored in the converted program storage device 180. Add to and write. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the executable code is added.

In the repetition step S839, the branch instruction changing device 152 determines whether or not the execution format code has been acquired from the target program 415 to the end using a processing device such as the CPU 911.
If it is determined that it has been acquired to the end, the process proceeds to the branch destination table insertion step S844.
If it is determined that the acquisition has not yet been completed, the processing from the instruction acquisition step S831 is repeated.

  In the branch destination table insertion step S844, the branch destination insertion device 161 uses the processing device such as the CPU 911 to input the branch destination table 630 stored in the branch destination storage device 145 in the post-change branch destination storage step S842, and has been converted. It is additionally written at the end of the converted program 420 stored in the program storage device 180. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the branch destination table 630 has been added.

In the changed program output step S862, the converted program output device 191 inputs the converted program 420 stored in the converted program storage device 180 in the branch destination table insertion step S844 using a processing device such as the CPU 911. The converted program output device 191 outputs the input converted program 420 using a processing device such as the CPU 911.
Thereafter, the program conversion process ends.

FIG. 14 shows a pre-change branch destination table 610 stored in the pre-change branch destination storage device 142, a pre-change branch source table 670 stored in the pre-change branch source storage device 148, and a branch destination storage device 145 in this embodiment. It is a figure which shows an example with the branch destination table 630 memorize | stored.
In this example, the pre-change branch destination table 610 and the pre-change branch source table 670 are one table, and the address type 612 distinguishes between the branch destination and the branch source. If the address type 612 is “S”, it indicates that it is the pre-change branch source address 671, and if the address type 612 is “D”, it indicates that it is the pre-change branch destination address 611.
The branch direction 613 distinguishes whether a branch is a forward branch (a branch destination address is larger than a branch source address) or a backward branch (a branch destination address is smaller than a branch source address), and “+” indicates a forward branch. "-" Indicates a backward branch.
The branch number 614 is a number assigned to each branch instruction by the branch destination storage area determination device 141 and indicates the storage position of the post-change branch destination address 631 in the branch destination table 630.
This example shows a state at the stage where the loop from the disassembly process S812 to the repetition process S822 is completed. For this reason, the post-change branch destination address 631 has not yet been calculated.

FIG. 15 shows a pre-change branch destination table 610 stored in the pre-change branch destination storage device 142, a pre-change branch source table 670 stored in the pre-change branch source storage device 148, and a branch destination storage device 145 in this embodiment. It is a figure which shows another example with the branch destination table 630 which memorize | stores.
This example shows a state at the stage where the loop from the instruction acquisition step S831 to the repetition step S839 is completed. The branch destination determination table 144 arranges the branch destination table 610 and the branch source table 670 before the change in advance in the ascending order of the branch destination table 610 and the branch source table 670 before the change, and the branch destination determination step S832. In addition, the processing speed of the branch source determination step S833 is increased.

The branch destination table generation device 140 in this embodiment uses the processing device (CPU 911) to obtain information (pre-change branch source address) indicating the position of the branch instruction extracted by the branch instruction extraction device 130. The branch source information before change is used.
The branch instruction changing device 152 uses the processing device (CPU 911) to change the instruction generated by the changed branch instruction generating device 151 at the position indicated by the pre-change branch source information acquired by the branch destination table generating device 140. It is characterized by being replaced with a post-branch instruction.

  According to the program conversion apparatus 100 in this embodiment, the instruction at the position represented by the pre-change branch source information acquired by the branch destination table generation apparatus 140 is replaced with the post-change branch instruction by the branch instruction change apparatus 152. Thus, there is no need to store the correspondence between the addresses and the addresses after the change, and the capacity of the storage device can be reduced.

Embodiment 4 FIG.
The fourth embodiment will be described with reference to FIGS.

FIG. 16 is a block configuration diagram showing an example of a functional block configuration of the program conversion apparatus 100 in this embodiment.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion apparatus 100 demonstrated in Embodiment 3, and description is abbreviate | omitted here.

  The program conversion apparatus 100 includes a branch destination read area insertion device 164 instead of the branch destination insertion device 161, and further includes a branch destination writing device 192, a branch destination read instruction storage device 162, and a branch destination read instruction insertion device 163. Have

The branch destination read area inserting device 164 uses a processing device such as the CPU 911 to read the branch destination table 630 generated by the branch destination table generating device 140 into the target program 415 whose branch instruction changing device 152 has changed the branch instruction. (Hereinafter referred to as “branch destination read area”).
The converted program storage device 180 stores the target program 415 into which the branch destination reading area inserting device 164 has inserted the branch destination reading area as the converted program 420.
The branch destination table 630 is read into the branch destination reading area when the computer 300 executes the converted program 420.

The branch destination writing device 192 writes the branch destination table generated by the branch destination table generation device 140 using a processing device such as the CPU 911 and stores it in a storage device such as the magnetic disk device 920 (hereinafter “branch destination file”). Is called).
The branch destination file generated by the branch destination writing device 192 is distributed together with the converted program 420, for example. The computer 300 stores the distributed branch destination file in the same folder as the converted program 420 using a magnetic disk device.

The branch destination read instruction storage device 162 stores a branch destination read instruction using a storage device such as the magnetic disk device 920. The branch destination read instruction reads the branch destination file generated by the branch destination writing device 192, acquires the branch destination table, and reads the branch destination read by the branch destination read area insertion device 164 inserted. It is a command (group) instructing reading into the area.
The branch destination read instruction insertion device 163 reads the branch destination at the head of the target program 415 stored in the target program storage device 120 (the position of the first instruction executed when the computer 300 executes the converted program 420). The branch destination read instruction stored in the instruction storage device 162 is inserted.

FIG. 17 is a flowchart showing an example of the operation flow when the computer 300 executes the branch destination read instruction inserted by the branch destination read instruction insertion device 163 in this embodiment.
The branch destination read instruction is executed first when the computer 300 executes the converted program 420.

In the file open step S723, the computer 300 opens the branch destination file according to the instruction of the branch destination read instruction. If the branch destination file fails to open, such as when the branch destination file does not exist, the process proceeds to error display step S729. If the branch destination file is successfully opened, the process proceeds to the table reading step S724.
In the table reading step S724, the computer 300 reads the branch destination table from the branch destination file opened in the file opening step S723 into the branch destination reading area according to the instruction of the branch destination reading instruction.
In the file closing step S725, the computer 300 closes the branch destination file opened in the file opening step S723 according to the instruction of the branch destination reading instruction.
Thereafter, the process proceeds to the next instruction (the instruction that would have been executed first if the branch destination read instruction was not inserted).
In the error display step S729, the computer 300 displays an error message indicating that the reading of the branch destination file has failed in response to the instruction of the branch destination reading instruction.
Thereafter, the execution of the converted program 420 is stopped and abnormally terminated.

FIG. 18 is a flowchart showing another example of the flow of operations when the computer 300 executes a branch destination read instruction inserted by the branch destination read instruction insertion device 163 in this embodiment.
In this example, the branch destination file is not distributed with the converted program 420 but is downloaded from a server device (hereinafter referred to as “branch destination server”) when the converted program 420 is executed.

In the server connection step S721, the computer 300 connects to the branch destination server via a network such as the Internet in accordance with a branch destination read instruction. If the connection fails, the process proceeds to error display step S729. If the connection is successful, the process proceeds to the download step S722.
In the download step S722, the computer 300 downloads the branch destination file from the branch destination server connected in the server connection step S721 according to the instruction of the branch destination read instruction. When the branch destination server requests a user ID (Identifier), a password, or the like in order to confirm whether the computer 300 has the right to download the branch destination file, the computer 300 uses an input device such as a keyboard. The user ID or the like may be input, and the input user ID or the like may be transmitted to the branch destination server.
If the download has failed, the process proceeds to error display step S729. If the download is successful, the process proceeds to the file opening process S723.
Since the processing of the file open process S723 to the file close process S25 and the error display process S29 is the same as that described with reference to FIG. 17, the description thereof is omitted here.
After the file closing step S25, the process proceeds to the deleting step S726.
In the deletion step S726, the computer 300 deletes the branch destination file downloaded in the download step S722 according to the instruction of the branch destination read instruction.
Thereafter, the process proceeds to the next instruction.

FIG. 19 is a schematic diagram showing an example of the structure of a converted program 420 generated by the program conversion apparatus 100 according to this embodiment.
The converted program 420 has three parts: a branch destination read instruction 661, a post-change target program 662, and a branch destination read area 663.
The branch destination read instruction 661 is inserted by the branch destination read instruction insertion device 163.
The post-change target program 662 is obtained by changing the branch instruction of the target program 415 by the branch instruction changing device 152.
The branch destination read area 663 is inserted by the branch destination read area insertion device 164.

  As described above, when the computer 300 executes the branch destination read instruction 661, the branch destination table 630 is read into the branch destination read area 663. When the computer 300 executes the post-change branch instruction included in the post-change target program 662, the branch destination address is calculated with reference to the read branch destination table 630, and the branch is made to the calculated branch destination address.

FIG. 20 is a flowchart showing an example of the flow of program conversion processing in which the program conversion apparatus 100 in this embodiment converts the target program 415 to generate the converted program 420.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion process demonstrated in Embodiment 3, and description is abbreviate | omitted here.

In the branch destination read instruction insertion step S805, the branch destination read instruction insertion device 163 inputs the branch destination read instruction 661 stored in the branch destination read instruction storage device 162 using a processing device such as the CPU 911. The branch destination read instruction insertion device 163 writes the input branch destination read instruction 661 at the head of the converted program 420 using a processing device such as the CPU 911. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 in which the branch destination read instruction 661 is written.
Thereafter, the process proceeds to the disassembly process S812.

If it is determined in the repetition step S839 that the branch instruction determination device 132 has acquired all the pre-conversion assembly code 640, the process proceeds to the branch destination read area insertion step S845.
In the branch destination read area insertion step S845, the branch destination read area insertion device 164 uses the processing device such as the CPU 911 to input the branch destination table 630 stored in the branch destination storage device 145 in the post-change branch destination storage step S842. . The branch destination read area insertion device 164 calculates the size of an area necessary for reading the input branch destination table 630 using a processing device such as the CPU 911. The branch destination read area inserting device 164 uses a processing device such as the CPU 911 to add the branch destination read area 663 having the calculated size to the end of the converted program 420 stored in the converted program storage device 180. Write. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the branch destination read area 663 is added.

  In the changed program output step S862, the converted program output device 191 uses the processing device such as the CPU 911 to input the converted program 420 stored in the converted program storage device 180 in the branch destination read area insertion step S845, The input converted program 420 is output.

In the branch destination writing step S863, the branch destination writing device 192 inputs the branch destination table 630 stored in the branch destination storage device 145 in the post-change branch destination storage step S842 using a processing device such as the CPU 911. The branch destination writing device 192 uses a processing device such as the CPU 911 to output the input branch destination table 630 and generate a branch destination file.
Thereafter, the program conversion process ends.

The program conversion apparatus 100 (program conversion system, program conversion method) in this embodiment further includes a branch destination writing apparatus 192 and a branch destination read instruction insertion apparatus 163.
The branch destination writing device 192 uses the processing device (CPU 911) to write the branch destination table 630 generated by the branch destination table generation device 140 and generate a branch destination file.
The branch destination read instruction insertion device 163 uses the processing device (CPU 911) to instruct to read the branch destination file generated by the branch destination writing device 192 and acquire the branch destination table 630. The read command 661 is inserted into the target program 415 input by the target program input device 110.
The modified branch instruction generation device 151 is obtained by executing the branch destination read instruction 661 inserted by the branch destination read instruction insertion device 163 as the branch destination calculation instruction using the processing device (CPU 911). An instruction for calculating information representing a branch destination is generated with reference to the branch destination table 630.

  According to the program conversion apparatus 100 in this embodiment, the converted program 420 including the post-change branch instruction for branching with reference to the branch destination table and the branch destination file including the branch destination table are separate files. Even if the program 420 alone is reverse-engineered, the branch destination of the post-change branch instruction cannot be known, and the reverse engineering becomes more difficult.

  The branch destination read instruction insertion device 163 uses the processor (CPU 911) to download the branch destination file generated by the branch destination writing device 192 as the branch destination read instruction 661 via the Internet. Is inserted into the target program 415 input by the target program input device 110.

  According to the program conversion apparatus 100 in this embodiment, when the computer 300 executes the converted program 420, the branch destination file is downloaded via the Internet. Therefore, it is necessary to distribute the branch destination file together with the converted program 420. Absent. In addition, if the user is authenticated with a user ID or a password when the branch destination file is downloaded, an illegal user cannot obtain the branch destination file, so that reverse engineering becomes more difficult.

  In this embodiment, the modification based on the program conversion apparatus 100 described in the third embodiment has been described. However, based on the program conversion apparatus 100 described in the first or second embodiment. The same modifications as those described in this embodiment may be made.

The program conversion apparatus 100 (program conversion method) described above is
The branch destination address table (branch destination table 630) is written to a file (branch destination file) different from the execution file (converted program 420), and the file (branch destination file) at the start of execution of the program (converted program 420) The execution program (target program 415) is changed so that a code (branch destination read instruction 661) for loading a branch destination address table (branch destination table 630) into the data portion is executed.

The program conversion apparatus 100 (program conversion method) described above is
A file of branch destination addresses (branch destination table 630) written to a file (branch destination file) different from the execution file (converted program 420) and placed on the network at the start of program (converted program 420) execution The execution program (target program 415) is changed so that the code (branch destination read instruction 661) for loading the branch destination address table (branch destination table 630) from the (branch destination file) to the data portion is executed. And

Embodiment 5 FIG.
The fifth embodiment will be described with reference to FIGS.

FIG. 21 is a block configuration diagram showing an example of a functional block configuration of the program conversion apparatus 100 in this embodiment.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion apparatus 100 demonstrated in Embodiment 3, and description is abbreviate | omitted here.

The program conversion apparatus 100 further includes a password input device 154, an authentication generation device 156, an authentication storage device 157, an authentication acquisition command generation device 158, an authentication acquisition command insertion device 159, a branch destination restoration command storage device 165, and a branch destination restoration command insertion. Device 166.
The branch destination table generation device 140 further includes a branch destination disturbance device 149.

  The password input device 154 inputs a password using an input device such as a keyboard 902. The password input by the password input device 154 is the same as the password that is input to authenticate whether the user has the authority to execute the converted program 420 when the computer 300 executes the converted program 420.

The authentication generation device 156 generates authentication information and verification information based on the password input by the password input device 154 using a processing device such as the CPU 911.
The authentication information is information used to disturb a branch destination disturbing device 149 branch destination table described later. When the computer 300 executes the converted program 420, authentication information is generated from the password input by the computer 300, and the branch destination table is restored using the generated authentication information. If the password entered by the computer 300 is not correct, the authentication information generated from the incorrect password is also incorrect, so that the branch destination table cannot be restored correctly. For this reason, the converted program 420 cannot be executed.
The verification information is information for verifying that the authentication information is correct. If the converted program 420 is executed using a branch destination table restored (incorrect) with incorrect authentication information, the converted program 420 may run unexpectedly, such as runaway. Therefore, before restoring the branch destination table, the verification information verifies that the authentication information is correct, and prevents the converted program 420 from operating unexpectedly.

Based on the password input by the password input device 154, the authentication generation device 156 generates authentication information and verification information using a hash function such as SHA (Secure Hash Algorithm) -2, for example. The authentication information and the verification information are information uniquely generated from the password, and conversely, it is virtually impossible to guess the password from the authentication information and the verification information. Further, the authentication information and the verification information are different from each other, and it is virtually impossible to guess the authentication information from the verification information.
For example, the authentication generation device 156 adds predetermined data to the password, and hashes the password with the predetermined data added to generate authentication information. Also, the authentication generation device 156 generates verification information by adding data different from the data used for generating the authentication information to the password and hashing the password with the different data added. Any one of the authentication information and the verification information may be hashed as it is without adding data.
Alternatively, the authentication generation device 156 may generate authentication information by hashing the password, and may generate verification information by hashing the generated authentication information.
However, on the contrary, the method in which the authentication generation device 156 generates the verification information by hashing the password and generates the authentication information by hashing the generated verification information can infer the authentication information from the verification information. It is not preferable.

  The authentication storage device 157 stores authentication information and verification information generated by the authentication generation device 156 using a storage device such as the magnetic disk device 920.

The branch destination disturbance device 149 uses a processing device such as the CPU 911 to disturb the branch destination table 630 stored in the branch destination storage device 145 based on the authentication information stored in the authentication storage device 157. The disturbance of the branch destination table 630 means that the correct branch destination table 630 cannot be restored unless the correct authentication information is known, and may be called encryption of the branch destination table 630.
The branch destination table 630 disturbed by the branch destination disturbing device 149 (hereinafter referred to as “disturbed branch destination table”) is stored again by the branch destination storage device 145 using a storage device such as the magnetic disk device 920.

The authentication acquisition command generation device 158 generates an authentication acquisition command using a processing device such as the CPU 911. The authentication acquisition command is a command (group) instructing to acquire authentication information. The authentication acquisition command generated by the authentication acquisition command generation device 158 includes a password acquisition command, an authentication calculation command, a verification calculation command, and a verification command. The password acquisition command is a command (group) instructing to acquire a password. The authentication calculation command is a command (group) that instructs to calculate authentication information based on a password acquired by executing a password acquisition command. The verification calculation command is a command (group) instructing to calculate verification information based on a password acquired by executing a password acquisition command. The verification command is a command (group) for instructing whether or not the verification information calculated by executing the verification calculation command is correct, and is based on the verification information stored in the authentication storage device 157. And the authentication acquisition command generation device 158 generates.
The authentication acquisition command insertion device 159 uses a processing device such as the CPU 911 to start the target program 415 stored in the target program storage device 120 (the first command executed when the computer 300 executes the converted program 420). ), The authentication acquisition command generated by the authentication acquisition command generation device 158 is inserted.

The branch destination restoration instruction storage device 165 stores a branch destination restoration instruction using a storage device such as the magnetic disk device 920. The branch destination restoration instruction is an instruction to restore the branch destination table 630 from the disturbance branch destination table based on the authentication information acquired by the computer 300 executing the authentication acquisition instruction inserted by the authentication acquisition instruction insertion device 159. It is an instruction (group) to do.
The branch destination restoration command insertion device 166 uses a processing device such as the CPU 911 to place the authentication acquisition command of the target program 415 into which the authentication acquisition command insertion device 159 has inserted the authentication acquisition command (the position of the command to be executed). The branch destination restoration instruction stored in the branch destination restoration instruction storage device 165 is inserted.

FIG. 22 is a diagram illustrating an example of the structure of the converted program 420 generated by the program conversion apparatus 100 according to this embodiment.
The converted program 420 has four parts: an authentication acquisition instruction 664, a branch destination restoration instruction 665, a post-change target program 662, and a disturbance branch destination table 666.
The authentication acquisition command 664 is inserted by the authentication acquisition command insertion device 159.
The branch destination restoration instruction 665 is inserted by the branch destination restoration instruction insertion device 166.
The post-change target program 662 is obtained by changing the branch instruction of the target program 415 stored in the target program storage device 120 to the post-change branch instruction by the branch instruction change device 152.
The disturbance branch destination table 666 is obtained by inserting the disturbance branch destination table disturbed by the branch destination disturbance device 149 into the branch destination insertion device 161.
In this example, the branch destination disturbing device 149 uses a processing device such as the CPU 911 and is based on the authentication information stored in the authentication storage device 157 and is less than 0 and less than n (n is a post-change included in the branch destination table 630). The number k of the branch destination addresses 631) is calculated, and the first to kth post-change branch destination addresses 631 and the (k + 1) th to nth changes in the branch destination table 630 are calculated based on the calculated integer k. The branch destination table 630 is disturbed by exchanging the post branch destination address 631, and a disturbed branch destination table is generated.

FIG. 23 shows an operation flow when the computer 300 executes the authentication acquisition instruction 664 inserted by the authentication acquisition instruction insertion apparatus 159 and the branch destination restoration instruction 665 inserted by the branch destination restoration instruction insertion apparatus 166 in this embodiment. It is a flowchart figure which shows an example.
The authentication acquisition command is executed first when the computer 300 executes the converted program 420. The branch destination restoration instruction is executed next to the authentication acquisition instruction when the computer 300 executes the converted program 420.

In the password input step S <b> 731, the computer 300 inputs a password in accordance with the password acquisition command in the authentication acquisition command 664.
In the authentication generation step S733, the computer 300 generates authentication information based on the password input in the password input step S731 according to the instruction of the authentication calculation command in the authentication acquisition command 664.
In the verification generation step S734, the computer 300 generates verification information based on the password input in the password input step S731 according to the instruction of the verification calculation command in the authentication acquisition command 664.
In the verification step S735, the computer 300 verifies whether the verification information generated in the verification generation step S734 matches the predetermined verification information according to the instruction of the verification command in the authentication acquisition command 664. The predetermined verification information is embedded in the verification command by the authentication acquisition command generation device 158. If the verification information matches, the verification is successful and the process proceeds to the shift calculation step S741. If the verification information does not match, the process proceeds to error display step S739 as verification failure.
In the error display step S739, the computer 300 displays an error message according to the instruction of the authentication acquisition command 664. Thereafter, the execution of the converted program 420 is stopped and abnormally terminated.

In the shift calculation step S741, the computer 300 calculates an integer k based on the authentication information generated in the authentication generation step S733 according to the instruction of the branch destination restoration instruction 665. For example, the computer 300 obtains the number n of the post-change branch destination addresses 631 included in the branch destination table, regards the authentication information as an unsigned integer, calculates the remainder divided by the obtained number n, and calculates the remainder Is an integer k.
In the shift step S742, the computer 300, in accordance with the instruction of the branch destination restoration instruction 665, includes the first to (n−k) -th post-change branch destination addresses among the post-change branch destination addresses 631 included in the disturbed branch destination table 666. The branch destination table 630 is restored by replacing the 631 with the (n−k + 1) -th to n-th post-change branch destination addresses 631.
Thereafter, the process proceeds to the next instruction.

A person who intends to illegally use the converted program 420 avoids the verification step S735 by applying a patch to the converted program 420, and performs the processing after the shift calculation step S741 even if the verification information does not match. There is a possibility that the converted program 420 may be modified. By this modification, the computer 300 can be processed after the shift calculation step S741 without knowing the correct password.
However, if the correct password is not input in the password input step S731, the authentication information generated in the authentication generation step S733 is also incorrect, so that the branch destination table 630 is not correctly restored. Therefore, when the post-change branch instruction included in the converted program 420 is executed, it is not possible to branch to the correct branch destination, so that an unauthorized user cannot use the converted program 420.

  Since the verification information is embedded in the verification command, an unauthorized user can know the verification information by reverse-engineering the converted program 420 by, for example, disassembling it. However, since the password and authentication information are not embedded in the converted program 420, an unauthorized user cannot know the authentication information. Therefore, an unauthorized user cannot restore a correct branch destination table.

FIG. 24 is a flowchart showing an example of the flow of a program conversion process in which the program conversion apparatus 100 according to this embodiment converts the target program 415 to generate the converted program 420.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion process demonstrated in Embodiment 3, and description is abbreviate | omitted here.

In the password input step S801, the password input device 154 inputs a password using an input device such as a keyboard 902. The password input device 154 outputs the input password using a processing device such as the CPU 911.
In the authentication generation step S802, the authentication generation device 156 inputs the password output by the password input device 154 in the password input step S801 using a processing device such as the CPU 911. The authentication generation device 156 uses a processing device such as the CPU 911 to generate authentication information and verification information based on the input password. The authentication generation device 156 outputs the generated authentication information and verification information using a processing device such as the CPU 911.
The authentication storage device 157 inputs the authentication information and the verification information output from the authentication generation device 156 using a processing device such as the CPU 911. The authentication storage device 157 stores the input authentication information and verification information using a storage device such as the magnetic disk device 920.

In the authentication acquisition command generation step S803, the authentication acquisition command generation device 158 uses a processing device such as the CPU 911 to generate a verification command based on the verification information stored in the authentication storage device 157 in the authentication generation step S802. The authentication acquisition command generation device 158 generates an authentication acquisition command including the generated verification command using a processing device such as the CPU 911. The authentication acquisition command generation device 158 outputs the generated authentication acquisition command using a processing device such as the CPU 911.
In the authentication acquisition command insertion step S804, the authentication acquisition command insertion device 159 inputs the authentication acquisition command generated by the authentication acquisition command generation device 158 in the authentication acquisition command generation step S803 using a processing device such as the CPU 911. The authentication acquisition command insertion device 159 writes the input authentication acquisition command at the top of the converted program 420 using a processing device such as the CPU 911. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 in which the authentication acquisition command is written.

In the branch destination restoration instruction insertion step S806, the branch destination restoration instruction insertion device 166 inputs the branch destination restoration instruction stored in the branch destination restoration instruction storage device 165 using a processing device such as the CPU 911. The branch destination restoration instruction insertion device 166 adds and writes the input branch destination restoration instruction to the end of the converted program 420 stored in the converted program storage device 180 by using a processing device such as the CPU 911. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the branch destination restoration instruction is added.
Thereafter, the process proceeds to the disassembly process S812.

In the repetition step S839, when the branch instruction determination device 132 determines that all the pre-conversion assembly code 640 has been acquired, the process proceeds to the branch destination table disturbance step S843.
In the branch destination table disturbing step S843, the branch destination disturbing device 149 uses a processing device such as the CPU 911 and the branch destination table 630 stored in the branch destination storing device 145 in the post-change branch destination storing step S842, and the authentication generation step S802. The authentication information stored in the authentication storage device 157 is input. The branch destination disturbing device 149 uses a processing device such as the CPU 911 to disturb the input branch destination table 630 based on the input authentication information to generate a disturbed branch destination table. The branch destination disturbance device 149 outputs the generated disturbance branch destination table using a processing device such as the CPU 911.
The branch destination storage device 145 inputs the disturbance branch destination table output from the branch destination disturbance device 149 using a processing device such as the CPU 911. The branch destination storage device 145 stores the input disturbance branch destination table using a storage device such as the magnetic disk device 920.

  In the branch destination table insertion step S844, the branch destination insertion device 161 inputs the disturbance branch destination table stored in the branch destination storage device 145 in the branch destination table disturbance step S843 by using a processing device such as the CPU 911. The branch destination insertion device 161 uses the processing device such as the CPU 911 to add and write the input disturbance branch destination table to the end of the converted program 420 stored in the converted program storage device 180. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the disturbance branch destination table is added.

In the changed program output step S862, the converted program output device 191 uses the processing device such as the CPU 911 to input the converted program 420 stored in the converted program storage device 180 in the branch destination table insertion step S844. The converted program 420 is output.
Thereafter, the program conversion process ends.

  FIG. 25 is a flowchart showing an example of a detailed flow of processing in the branch destination table disturbing step S843 in which the branch destination disturbing device 149 disturbs the branch destination table 630 in this embodiment.

In the shift calculation step S843a, the branch destination disturbing device 149 inputs the branch destination table 630 stored in the branch destination storage device 145 in the post-change branch destination storage step S842 using a processing device such as the CPU 911. The branch destination disturbing device 149 calculates the number n of post-change branch destination addresses 631 included in the branch destination table 630 based on the input branch destination table 630 using a processing device such as the CPU 911.
The branch destination disturbance device 149 uses the processing device such as the CPU 911 to input the authentication information stored in the authentication storage device 157 in the authentication generation step S802. The branch destination disturbing device 149 uses a processing device such as the CPU 911 to calculate the remainder obtained by dividing the number of input authentication information regarded as an unsigned integer by the number n, and set it as an integer k.

  In the shift step S843b, the branch destination disturbing device 149 uses the processing device such as the CPU 911, based on the integer k calculated in the shift calculation step S843a, of the branch destination table 630 input in the shift calculation step S843a. The disturbed branch destination table is generated by switching the ˜k-th post-change branch destination address 631 and the (k + 1) -th to n-th post-change branch destination address 631. The branch destination disturbance device 149 outputs the generated disturbance branch destination table using a processing device such as the CPU 911.

The program conversion device 100 (program conversion system, program conversion method) in this embodiment further includes a storage device (magnetic disk device 920) for storing information, an authentication storage device 157, an authentication acquisition command insertion device 159, And a branch destination restoration instruction insertion device 166.
The authentication storage device 157 stores authentication information for authenticating whether or not there is an authority to execute the target program, using the storage device (magnetic disk device 920).
The branch destination table generation device 140 generates the branch destination table 630 based on the pre-change branch destination information (pre-change branch destination address) acquired by the branch destination acquisition device 133 using the processing device (CPU 911). The generated branch destination table 630 is disturbed based on the authentication information stored in the authentication storage device 157.
The authentication acquisition command insertion device 159 uses the processing device (CPU 911) to insert an authentication acquisition command 664 for instructing acquisition of authentication information into the target program 415 input by the target program input device 110. It is characterized by.
The branch destination restoration command insertion device 166 uses the processing device (CPU 911) to execute the branch destination based on the authentication information acquired by executing the authentication acquisition command 664 inserted by the authentication acquisition command insertion device 159. A branch destination restoration instruction 665 for instructing restoration of the table 630 is inserted into the target program 415 input by the target program input device 110.

  According to the program conversion device 100 in this embodiment, the branch destination table generation device 140 (branch destination disturbing device 149) disturbs the branch destination table 630 based on the authentication information stored in the authentication storage device 157. In order to correctly restore the branched branch destination table (disturbed branch destination table), it is necessary to acquire the same authentication information as the authentication information stored in the authentication storage device 157, and the reverse engineering becomes more difficult. .

  The authentication acquisition command insertion device 159 in this embodiment uses the processing device (CPU 911) to execute, as the authentication acquisition command 664, a password input command for inputting a password and the password input command. An authentication calculation command for instructing to calculate authentication information based on the password input by the user is inserted into the target program 415 input by the target program input device 110.

  According to the program conversion apparatus 100 in this embodiment, when the computer 300 executes the converted program 420, the authentication is performed by executing the authentication calculation command based on the password input by executing the password input command. Since the information is calculated, the correct authentication information cannot be calculated unless the correct password is input, and the correct branch destination table 630 cannot be restored, so that the reverse engineering becomes more difficult.

The branch destination table generation device 140 (branch destination disturbance device 149) in this embodiment is
Using the processing device (CPU 911), the number n of post-change branch destination information (post-change branch destination address 631) included in the generated branch destination table 630 is calculated.
Using the processing device (CPU 911), based on the authentication information stored in the authentication storage device 157, an integer k of 0 or more and less than the calculated number n is calculated,
Based on the calculated integer k using the processing device (CPU 911), the first to kth post-change branch destination information (post-change branch destination address 631) in the branch destination table 630, and (k + 1) By replacing post-change branch destination information (post-change branch destination address 631) from the n-th to the n-th,
The branch destination table 630 is disturbed.

  According to the program conversion apparatus 100 in this embodiment, the post-change branch destination information (the post-change branch) in the branch destination table 630 based on the integer k uniquely generated from the authentication information and the number of post-change branch destination information. Since the branch destination table 630 is disturbed by changing the order of the destination addresses 631), the branch destination table 630 can be restored by simple processing, and the time required for starting the original processing of the converted program 420 can be shortened. There is an effect.

  In this embodiment, the modification based on the program conversion apparatus 100 described in the third embodiment has been described. However, the program conversion apparatus described in the first, second, or fourth embodiment. Based on 100, a modification similar to the modification described in this embodiment may be made.

The program conversion apparatus 100 (program conversion method) described above is
Stores the actual branch destination address (post-change branch destination information) from the position where a value (integer k) uniquely generated from the password is added as an offset from the head of the table (branch destination table 630), to the end of the table After storing, the actual branch destination address (post-change branch destination information) is stored from the top of the table, and the branch source instruction (pre-change branch instruction) is acquired from the data section table (branch destination table 630). The instruction is replaced so that a value (integer k) uniquely obtained from the password is acquired from the position after adding the offset from the head of the table (branch destination table 630).

  According to the program conversion apparatus 100 (program conversion method) described above, the branch instruction in the program (target program 415) can be used without specifying the branch destination address directly in the operand of the branch instruction, In addition to rewriting to branch using the destination table 630), the entries in the branch address table (branch destination table 630) are further shifted by a number uniquely determined from the password, and moved so as to become a correct entry at the time of execution. Thus, if the password is not known, the program cannot be executed correctly. As a result, unauthorized use of the program can be prevented.

Embodiment 6 FIG.
The sixth embodiment will be described with reference to FIGS.
In this embodiment, another example of the disturbance method of the branch destination table 630 will be described.

  Since the functional block configuration of the program conversion apparatus 100 in this embodiment is the same as that described in the fifth embodiment, description thereof is omitted here.

FIG. 26 is a diagram showing an example of the structure of the converted program 420 generated by the program conversion apparatus 100 according to this embodiment.
In addition, the same code | symbol is attached | subjected about the part which is common in the converted program demonstrated in Embodiment 5, and description is abbreviate | omitted here.

The branch destination disturbing device 149 sets the authentication information stored in the authentication storage device 157 to an initial value (seed, seed) of a random number (pseudorandom number) using a processing device such as the CPU 911.
The branch destination disturbing device 149 uses a processing device such as the CPU 911 to change a random number having the same bit length as the post-change branch destination address 631 corresponding to each post-change branch destination address 631 included in the branch destination table 630. The same number as the number n of the post-branch destination addresses 631 is generated.
The branch destination disturbing device 149 calculates the exclusive OR of the changed branch destination address 631 included in the branch destination table 630 and the generated random number using a processing device such as the CPU 911, and the disturbing branch destination information 633. To do. For example, the branch destination disturbing device 149 calculates an exclusive OR of the first changed branch destination address 631 included in the branch destination table 630 and the first random number among the generated random numbers. As the disturbing branch destination information 633, an exclusive OR of the second changed branch destination address 631 included in the branch destination table 630 and the second random number among the generated random numbers is calculated, and the second disturbing branch is calculated. The destination information 633 is used. In the same manner, the branch destination disturbing device 149 calculates up to the n-th disturbing branch destination information 633, and calculates a total of n disturbing branch destination information 633.
The branch destination storage device 145 uses a storage device such as the magnetic disk device 920 to store the n pieces of disturbed branch destination information 633 calculated by the branch destination disturber 149 as a disturbed branch destination table.

  Since the series of random numbers (random number sequence) generated by the branch destination disturbing device 149 is a pseudo-random number, if the initial values are equal, the branch destination disturbing device 149 generates the same random number sequence, and if the initial values are different, the branch destination The disturbance device 149 generates a different random number sequence. Since the initial value of the random number is the authentication information stored in the authentication storage device 157, the branch destination disturbance device 149 has disturbed the branch destination table 630 based on the authentication information stored in the authentication storage device 157.

FIG. 27 shows the flow of operations when the computer 300 executes the authentication acquisition command 664 inserted by the authentication acquisition command insertion device 159 and the branch destination restoration command 665 inserted by the branch destination restoration command insertion device 166 in this embodiment. It is a flowchart figure which shows an example.
Note that portions common to the authentication acquisition instruction 664 and the branch destination restoration instruction 665 described in the fifth embodiment are denoted by the same reference numerals, and description thereof is omitted here.

If the verification is successful in the verification step S735, the process proceeds to a random number initial value setting step S751.
In the random number initial value setting step S751, the computer 300 sets the authentication information generated in the authentication generation step S733 to the initial value of the random number according to the instruction of the branch destination restoration instruction.
In the disturbance branch destination information acquisition step S752, the computer 300 acquires the disturbance branch destination information 633 one by one in order from the beginning of the disturbance branch destination table 666 according to the instruction of the branch destination restoration instruction.
In the random number generation step S753, the computer 300 generates a random number according to the instruction of the branch destination restoration instruction.
In the branch destination restoration step S754, the computer 300 performs an exclusive OR operation between the disturbed branch destination information acquired in the disturbed branch destination information acquisition step S752 and the random number generated in the random number generation step S753 according to the instruction of the branch destination restoration instruction. The branch destination table 630 is restored using the calculated exclusive OR as the post-change branch destination address.
In the repetition step S755, the computer 300 determines whether or not all the disturbed branch destination information 633 has been acquired from the disturbed branch destination table 666 in the disturbed branch destination information acquisition step S752 according to the instruction of the branch destination restoration instruction. If it is determined that all disturbing branch destination information 633 has been acquired, the process proceeds to the next instruction. If it is determined that there is disturbing branch destination information 633 that has not yet been acquired, the processing from the disturbing branch destination information acquisition step S752 is repeated.

  The random number generated by the computer 300 in the random number generation step S753 is the same pseudo-random number as the random number generated by the branch destination disturbing device 149. If the initial values are equal, the same random number sequence as the random number sequence generated by the branch destination disturbing device 149 is obtained. Generated. Therefore, if the authentication information generated in the authentication generation step S733 and the authentication information stored in the authentication storage device 157 are equal, the branch destination table 630 can be correctly restored.

  FIG. 28 is a flowchart showing an example of a detailed flow of the branch destination table disturbing step S843 in which the branch destination disturbing device 149 disturbs the branch destination table 630 in this embodiment.

In the random number initial value setting step 843d, the branch destination disturbing device 149 inputs the authentication information stored in the authentication storage device 157 using a processing device such as the CPU 911. The branch destination disturbance device 149 uses the processing device such as the CPU 911 to set the input authentication information as an initial value of a random number.
In the branch destination acquisition step S843e, the branch destination disturbing device 149 uses the processing device such as the CPU 911, after the change in order from the beginning of the branch destination table 630 stored in the branch destination storage device 145 in the post-change branch destination storage step S842. One branch destination address 631 is acquired.
In the random number generation step S843f, the branch destination disturbing device 149 generates a random number using a processing device such as the CPU 911.
In the exclusive OR calculation step S843g, the branch destination disturbing device 149 uses the processing device such as the CPU 911 and the changed branch destination address 631 acquired in the branch destination acquisition step S843e and the random number generated in the random number generation step S843f. The exclusive OR of is calculated.
In the disturbed branch destination storage step S843i, the branch destination storage device 145 uses the processing device such as the CPU 911 to calculate the exclusive OR calculated by the branch destination disturber 149 in the exclusive OR calculation step S843g as the disturbed branch destination information. As 633, it is stored in the disturbance branch destination table.
In the repetition step S843j, the branch destination disturbing device 149 determines whether or not all post-change branch destination addresses 631 have been acquired from the branch destination table 630 in the branch destination acquisition step S843e using a processing device such as the CPU 911. If it is determined that all post-change branch destination addresses 631 have been acquired, the branch destination table disturbing step S843 is terminated. If it is determined that there is a post-change branch destination address 631 that has not yet been acquired, the processing from the branch destination acquisition step S843e is repeated.

The branch destination disturbing device 149 described in the fifth embodiment disturbs the branch destination table 630 by changing the order of the branch destination address 631 after the change. Although the address of the branch source instruction to be branched is not known, it is possible to know from which address the branch destination process starts. Therefore, there is a possibility that the branch source can be clarified by analyzing the contents of the branch destination process.
On the other hand, the branch destination disturbance device 149 described in this embodiment disturbs the branch destination table 630 by calculating the exclusive OR of the post-change branch destination address 631 and the random number. If you don't know it, you don't know from which address the branch process starts. Therefore, the contents of the branch destination process cannot be analyzed.

The branch destination table generation device 140 (branch destination disturbance device 149) in this embodiment is
Using the processing device (CPU 911), the authentication information stored in the authentication storage device 157 is set to the initial value of the random number,
Using the processing device (CPU 911), generate random numbers corresponding to the post-change branch destination information (post-change branch destination address 631) included in the branch destination table 630,
Using the processing device (CPU 911), an exclusive OR of the post-change branch destination information (post-change branch destination address 631) included in the branch destination table 630 and the generated random number is calculated, and the disturbance branch destination Information 633,
By using the processing device (CPU 911) as a branch destination table (disturbance branch destination table), the calculated disturbance branch destination information 633
The branch destination table 630 is disturbed.

  According to the program conversion apparatus 100 in this embodiment, the branch destination table generating apparatus 140 (branch destination disturbing apparatus 149) calculates the exclusive OR of the post-change branch destination information and the random number, so that the branch destination table is calculated. Since 630 is disturbed, if the authentication information is not known, it is not only possible to know the correspondence between the branch source and the branch destination, but it is also impossible to know the start position of the branch destination processing, making reverse engineering even more difficult Has the effect of becoming.

  In this embodiment, the modification based on the program conversion apparatus 100 described in the third embodiment has been described. However, the program conversion apparatus described in the first, second, or fourth embodiment. Based on 100, a modification similar to the modification described in this embodiment may be made.

The program conversion apparatus 100 (program conversion method) described above is
Stores a table (disturbed branch destination table) composed of disturbed branch destination information obtained by taking an exclusive OR of a random number sequence uniquely generated from the password and each changed branch destination information of the branch destination table 630, and stores a program (conversion) Code for creating the branch destination table 630 in the data part by taking the exclusive OR of the random number sequence uniquely generated from the password at the start of execution of the completed program 420) and each disturbance branch destination information of the table (disturbance branch destination table) The execution program (target program 415) is changed so that (branch destination restoration instruction 665) is executed.

  According to the program conversion apparatus 100 (program conversion method) described above, the branch instruction in the program (target program 415) is used by using the address of the data portion without directly specifying the branch destination address in the operand of the branch instruction. In addition to rewriting to branch, the table is composed of disturbed branch destination information obtained by exclusive ORing a random number sequence uniquely generated from the password and each branch destination information after the change in the branch destination table 630 (disturbed branch destination) Table) is stored in the output program (converted program 420), and a random number sequence uniquely generated from the password at the start of execution of the program (converted program 420) and each disturbance branch destination of the table (disturbance branch destination table) Code for creating the branch destination table 630 by taking the exclusive OR with the information (branch destination restoration instruction 6 5) By changing the output program (converted program 420) as it is executed, if know the password, can be prevented can be programmed correctly. This can prevent unauthorized use of the program.

Embodiment 7 FIG.
The seventh embodiment will be described with reference to FIGS.
In this embodiment, another example of the authentication information acquisition method and another example of the disturbance method of the branch destination table 630 will be described.

FIG. 29 is a block configuration diagram showing an example of a functional block configuration of the program conversion apparatus 100 in this embodiment.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion apparatus 100 demonstrated in Embodiment 3, and description is abbreviate | omitted here.

The program conversion apparatus 100 further includes a device information acquisition device 155, an authentication generation device 156, an authentication storage device 157, an authentication acquisition command generation device 158, and an authentication acquisition command insertion device 159.
The authentication generation device 156, the authentication storage device 157, the authentication acquisition command generation device 158, and the authentication acquisition command insertion device 159 are the same as those described in the fifth embodiment.

The device information acquisition device 155 acquires device information included in the computer 300 that permits execution of the converted program 420 using a processing device such as the CPU 911. The device information is specific to the computer 300, such as the CPU ID information of the computer 300, the MAC (Media Access Control address) address of the LAN card, or the mobile phone number if the computer 300 is a mobile phone. It is information.
For example, when the user intends to install the converted program 420 on the computer 300, the user first downloads the installer program. When the computer 300 executes the installer program, the computer 300 acquires device information of the computer 300 according to an instruction of the installer program, and transmits the acquired device information to the program conversion device 100 via a network such as the Internet. To do. The device information acquisition device 155 acquires device information of the computer 300 by receiving the device information transmitted by the computer 300. Thereafter, the converted program 420 generated by the program conversion apparatus 100 is transmitted to the computer 300, and the computer 300 receives the converted program 420 transmitted by the program conversion apparatus 100 according to the instruction of the installer program, and receives the computer 300. To install.

  The authentication generation device 156 generates authentication information and verification information based on the device information acquired by the device information acquisition device 155 using a processing device such as the CPU 911.

That is, in this embodiment, authentication information (and verification information) is generated based on the device information of the computer 300 instead of the password in the fifth and sixth embodiments. As a result, only the computer 300 that is permitted to execute the converted program 420 can execute the converted program 420.
The program conversion device 100 further includes the password input device 154 described in the fifth embodiment, and the authentication generation device 156 uses the processing device such as the CPU 911 and the password input by the password input device 154, and Authentication information (and verification information) may be generated based on the device information acquired by the device information acquisition device 155. Then, only the user who knows the password can execute the converted program 420 only by the computer 300 permitted to execute the converted program 420.

  The changed branch instruction generation device 151 uses a processing device such as the CPU 911 to branch after the change based on the branch destination storage address calculated by the branch destination storage area determination device 141 and the authentication information stored in the authentication storage device 157. Generate instructions.

  The program conversion apparatus 100 in this embodiment changes the branching table 630 by disturbing the branch instruction referring to the branching table 630 instead of disturbing the branching table 630 based on the authentication information. The correspondence between the branch instruction and the post-change branch destination address 631 is made unknown.

FIG. 30 is a flowchart showing an example of the flow of operations when the computer 300 executes the authentication acquisition command inserted by the authentication acquisition command insertion device 159 in this embodiment.
Note that portions common to the authentication acquisition command 664 described in the fifth embodiment are denoted by the same reference numerals, and description thereof is omitted here.
The authentication acquisition command includes a device information acquisition command, an authentication calculation command, a verification calculation command, and a verification command.

In the device information acquisition step S732, the computer 300 acquires the device information that the computer 300 has in response to an instruction of the device information acquisition command.
In the authentication generation step S733, the computer 300 generates authentication information based on the device information acquired in the device information acquisition step S732 according to an instruction of the authentication calculation command.
In the verification generation step S734, the computer 300 generates verification information based on the device information acquired in the device information acquisition step S732 according to the instruction of the verification calculation instruction.
In the verification step S735, the computer 300 verifies whether the verification information generated in the verification generation step S734 matches the predetermined verification information in accordance with the instruction of the verification command. If the verification information matches, the verification is successful and the process proceeds to the next command. If the verification information does not match, the process proceeds to error display step S739 as verification failure.

FIG. 31 is a diagram illustrating an example of the post-change branch instruction 520 generated by the change branch instruction generation device 151 according to this embodiment.
The modified branch instruction generation device 151 stores the template 540 using a storage device such as the magnetic disk device 920.
In the template 540, the changed portion of the changed branch instruction 520 generated by the changed branch instruction generation device 151 is left blank. The template 540 has three blanks 541, 542, and 543.
A blank field 541 is a blank field in which an operation code after change is to be entered, and the changed branch instruction generation device 151 stores an operation code (an operation code after change) of a branch instruction that branches under the same condition based on the type of branch instruction before change and the branch condition. It is generated and inserted into the blank 541.
A blank 542 is a blank in which an address for storing the authentication information generated in the authentication generation step S733 (hereinafter referred to as “authentication information storage address”) is to be entered, and the changed branch instruction generation device 151 is based on the target program 415. The authentication information storage address is determined and inserted into the blank field 542.
A blank 543 is a blank in which the disturbance storage address is to be entered. The disturbance storage address is a disturbance of the branch destination storage address based on the authentication information. For example, the disturbance storage address is an exclusive OR of the authentication information and the branch destination storage address. Based on the authentication information stored in the authentication storage device 157, the changed branch instruction generation device 151 disturbs the branch destination storage address calculated by the branch destination storage area determination device 141, calculates the disturbance storage address, and enters the blank 543. insert.
The changed branch instruction generation device 151 generates a changed branch instruction 520 by filling all the blanks 541 to 543 of the template 540 using a processing device such as the CPU 911.

  The operation flow when the computer 300 executes the post-change branch instruction 520 generated by the change branch instruction generation device 151 is as follows.

In the branch step S711, the computer 300 determines whether or not to branch according to the same condition as the branch condition of the branch instruction before the change according to the instruction of the branch instruction after the change. When it determines with branching, it progresses to authentication information acquisition process S713. When it determines with not branching, it progresses to unconditional branch process S712.
In the unconditional branch step S712, the computer 300 branches unconditionally to the next instruction in accordance with the instruction of the changed branch instruction.
In the authentication information acquisition step S713, the computer 300 acquires authentication information from the authentication information storage address according to the instruction of the post-change branch instruction.
In the branch destination storage address calculation step S714, the computer 300 performs an exclusive OR operation between the disturbance storage address embedded in the post-change branch instruction and the authentication information acquired in the authentication information acquisition step S713 according to the instruction of the post-change branch instruction. Is calculated as a branch destination storage address.
In the branch destination calculation step S718, the computer 300 acquires the branch destination absolute address from the branch destination storage address calculated in the branch destination storage address calculation step S714 according to the instruction of the changed branch instruction.
In the indirect branch step S719, the computer 300 branches unconditionally to the branch destination absolute address acquired in the branch destination calculation step S718 according to the instruction of the post-change branch instruction.

  FIG. 32 is a flowchart showing an example of a detailed processing flow of the modified branch instruction generation step S834 in which the modified branch instruction generation device 151 in this embodiment generates a post-change branch instruction.

  In the template acquisition step S834a, the changed branch instruction generation device 151 acquires the template 540 stored in the storage device such as the magnetic disk device 920 using a processing device such as the CPU 911.

In the post-change operation code generation step S834b, the changed branch instruction generation device 151 inputs the code acquired by the branch instruction change device 152 in the instruction acquisition step S831 using a processing device such as the CPU 911. The change branch instruction generation device 151 uses a processing device such as the CPU 911 to generate an operation code of a branch instruction that branches under the same condition as the branch instruction (pre-change branch instruction) represented by the input code, and sets the changed operation code .
In the post-change operation code insertion step S834c, the change branch instruction generation device 151 uses the processing device such as the CPU 911 to store the post-change operation code generated in the post-change operation code generation step S834b in the blank of the template 540 acquired in the template acquisition step S834a. 541 is inserted.

In the authentication information storage address acquisition step S834d, the changed branch instruction generation device 151 acquires the authentication information storage address using a processing device such as the CPU 911.
In the authentication information storage address insertion step S834e, the change branch instruction generation device 151 uses the processing device such as the CPU 911 to acquire the authentication information storage address acquired in the authentication information storage address acquisition step S834d in the template acquisition step S834a. It inserts in the blank 542 of 540.

In the authentication information acquisition step S834f, the change branch instruction generation device 151 uses the processing device such as the CPU 911 to input the authentication information stored in the authentication storage device 157 in the authentication generation step S802.
In the branch destination storage address acquisition step S834g, the changed branch instruction generation device 151 inputs the branch destination storage address output by the branch destination storage area determination device 141 in the branch destination storage area determination step S818 using a processing device such as the CPU 911. To do.
In the disturbance storage address calculation step S834h, the changed branch instruction generation device 151 uses a processing device such as the CPU 911 to store the authentication information input in the authentication information acquisition step S834f and the branch destination storage input in the branch destination storage address acquisition step S834g. An exclusive OR with the address is calculated and used as the disturbance storage address.
In the disturbed storage address insertion step S834i, the changed branch instruction generation device 151 uses the processing device such as the CPU 911 to replace the disturbed storage address calculated in the disturbed storage address calculation step S834h with the blank of the template 540 acquired in the template acquisition step S834a. 543 is inserted.
In the post-change branch instruction output step S8341, the change branch instruction generation device 151 outputs the template 540 filled with blanks as the post-change branch instruction 520 using a processing device such as the CPU 911.

The program conversion apparatus 100 (program conversion system, program conversion method) in this embodiment further includes a storage device (magnetic disk device 920) for storing information, an authentication storage device 157, and an authentication acquisition command insertion device 159. It is characterized by having.
The authentication storage device 157 stores authentication information for authenticating whether or not there is an authority to execute the target program 415 using the storage device (magnetic disk device 920).
The authentication acquisition command insertion device 159 uses the processing device (CPU 911) to insert an authentication acquisition command 664 for instructing acquisition of authentication information into the target program 415 input by the target program input device 110. It is characterized by.
The change branch instruction generation device 151 uses the processing device (CPU 911) to obtain authentication information acquired by executing the authentication acquisition command 664 inserted by the authentication acquisition command insertion device 159 as the branch destination calculation instruction. And the branch destination table 630 is referred to, and an instruction for calculating information representing the branch destination (post-change branch destination address) is generated based on the authentication information stored in the authentication storage device 157. .

  According to the program conversion apparatus 100 in this embodiment, the post-change branch destination information is calculated based on the authentication information when the post-change branch instruction is executed. Therefore, if the authentication information is not known, the branch destination is not known, and reverse The effect is that engineering becomes more difficult.

  The modified branch instruction generation device 151 in this embodiment is obtained by executing the authentication acquisition instruction 664 inserted by the authentication acquisition instruction insertion device 159 as the branch destination calculation instruction using the processing device (CPU 911). A branch destination storage position calculation instruction for instructing calculation of a position (branch destination storage address) of information representing a branch destination in the branch destination table 630 based on the authentication information to be executed, and the branch destination storage position calculation instruction A branch destination acquisition command for instructing to acquire information (a branch destination address after change) representing the branch destination with reference to the branch destination table 630 based on the position calculated by the authentication storage device 157 Is generated based on the authentication information stored.

  According to the program conversion apparatus 100 in this embodiment, the correspondence relationship between the branch source and the branch destination is disturbed using the authentication information, and the disturbed correspondence relationship is restored using the authentication information when the post-change branch instruction is executed. Therefore, even if the execution of the converted program 420 is interrupted in the middle, the correspondence relationship between the branch source and the branch destination cannot be known, and the reverse engineering becomes more difficult.

  The authentication acquisition command insertion device 159 in this embodiment uses the processing device (CPU 911) to instruct acquisition of device information included in the computer 300 that executes the converted program 420 as the authentication acquisition command 664. A target program in which the target program input device 110 inputs a device information acquisition command and an authentication calculation command that instructs to calculate authentication information based on device information acquired by executing the device information acquisition command It inserts in 415, It is characterized by the above-mentioned.

  According to the program conversion device 100 in this embodiment, the authentication acquisition command insertion device 159 inserts the authentication acquisition command 664 for calculating the authentication information based on the device information into the target program 415, so that the converted program 420 is executed. This is advantageous in that it can be permitted only to a specific computer 300.

  Note that the authentication information acquisition method and the branch destination disturbance method described in this embodiment are independent of each other. For example, the authentication information acquisition method according to this embodiment may be combined with the branch destination disturbance method described in the fifth or sixth embodiment, or the authentication information acquisition described in the fifth embodiment. The method may be combined with the branch destination disturbance method in this embodiment.

For example, the program conversion apparatus 100 (program conversion method)
Exclusive OR of a random number sequence uniquely generated from a number (device information) unique to the hardware (computer 300) executing the program (converted program 420) and each changed branch destination information in the branch destination table 630 A table (disturbed branch destination table) made up of disturbed branch destination information taken is stored, and is specific to the hardware (computer 300) that executes the program (converted program 420) at the start of execution of the program (converted program 420). A code (branch destination restoration instruction 665) that creates a branch destination table 630 in the data portion by taking an exclusive OR of a random number sequence uniquely generated from the number and each disturbed branch destination information of the table (disturbed branch destination table) The execution program may be changed so as to be executed.

  According to the program conversion device 100 (program conversion method) in this embodiment, the unique value (device information) of the device (computer 300) to be used, for example, the CPU ID and the individual address of the communication board (the MAC address of the LAN card) When the output program (converted program 420) is generated, code (device information) is input in place of the password and added to the code part of the output program when the mobile phone) is known in advance. (Authentication acquisition command 664) is added so that the device's unique value (device information) is acquired from the device (computer 300) at the time of execution, so that the output program (converted program 420) has a predetermined unique value (device information). (Computer 300) can not be executed other than this, the program It is possible to prevent the unauthorized use of the arm.

Embodiment 8 FIG.
An eighth embodiment will be described with reference to FIGS.

FIG. 33 is a block configuration diagram showing an example of a functional block configuration of the program conversion apparatus 100 in this embodiment.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion apparatus 100 demonstrated in Embodiment 3, and description is abbreviate | omitted here.

The program conversion apparatus 100 further includes a password input device 154, an authentication generation device 156, an authentication storage device 157, an authentication acquisition command generation device 158, an authentication acquisition command insertion device 159, a branch instruction temporary change device 167, and a branch source storage device 168. Have.
The password input device 154, the authentication generation device 156, the authentication storage device 157, the authentication acquisition command generation device 158, and the authentication acquisition command insertion device 159 are the same as those described in the fifth embodiment.

The branch instruction temporary change device 167 replaces the pre-change branch instruction extracted by the branch instruction extraction device 130 with a template 540 using a processing device such as the CPU 911.
Using the storage device such as the magnetic disk device 920, the branch source storage device 168 stores the start address of the template 540 replaced by the branch instruction temporary change device 167 as the changed branch source address in the changed branch source table. .

  The branch destination disturbing device 149 uses a processing device such as the CPU 911 to disturb the post-change branch destination address stored in the branch destination table 630 by the branch destination storage device 145 based on the authentication information stored in the authentication storage device 157. Thus, the branch destination table 630 is disturbed by using the disturbance branch destination information.

The changed branch instruction generation device 151 generates the changed branch instruction 520 using a processing device such as the CPU 911.
The branch instruction change unit 152 generates a changed branch instruction by using the processing unit such as the CPU 911, based on the post-change branch source address stored in the branch source storage unit 168, and the template 540 replaced by the branch instruction temporary change unit 167. The changed branch instruction 520 generated by the device 151 is replaced.

  The changed branch instruction generation device 151 embeds the disturbed branch destination information disturbed by the branch destination disturber 149 in the changed branch instruction 520. Therefore, it is not necessary to insert the branch destination table 630 or the branch destination read instruction 661 into the target program 415.

  FIG. 34 is a diagram showing an example of the post-change branch instruction 520 generated by the change branch instruction generation device 151 in this embodiment.

The branch instruction temporary change device 167 stores the template 540 using a storage device such as the magnetic disk device 920. The changed branch instruction generation device 151 generates the changed branch instruction 520 by filling in the blanks 541 to 544 of the template 540 inserted by the branch instruction temporary change device 167 into the target program 415.
Blanks 541 and 542 are the same as those described in the seventh embodiment.
A blank field 544 is a blank field into which disturbed branch destination information is to be entered, and the changed branch instruction generation device 151 acquires disturbed branch destination information from the branch destination table 630 disturbed by the branch destination disturber 149 and inserts the disturbed branch destination information into the blank field 544. .

  The operation flow when the computer 300 executes the post-change branch instruction 520 generated by the change branch instruction generation device 151 is as follows.

In the branch step S711, the computer 300 determines whether or not to branch according to the same condition as the branch condition of the branch instruction before the change according to the instruction of the branch instruction after the change. When it determines with branching, it progresses to authentication information acquisition process S713. When it determines with not branching, it progresses to unconditional branch process S712.
In the unconditional branch step S712, the computer 300 branches unconditionally to the next instruction in accordance with the instruction of the changed branch instruction.
In the authentication information acquisition step S713, the computer 300 acquires authentication information from the authentication information storage address according to the instruction of the post-change branch instruction.
In the branch destination calculation step S717, the computer 300 performs an exclusive OR operation between the disturbance branch destination information embedded in the post-change branch instruction and the authentication information acquired in the authentication information acquisition step S713 according to the instruction of the post-change branch instruction. Calculate to be the branch destination absolute address.
In the indirect branch step S719, the computer 300 unconditionally branches to the branch destination absolute address calculated in the branch destination calculation step S717 according to the instruction of the changed branch instruction.

FIG. 35 is a flowchart showing an example of the flow of program conversion processing in which the program conversion apparatus 100 in this embodiment converts the target program 415 to generate the converted program 420.
In addition, the same code | symbol is attached | subjected about the part which is common in the program conversion process demonstrated in Embodiment 3, and description is abbreviate | omitted here.

In the password input step S801, the password input device 154 inputs a password using an input device such as a keyboard 902, and outputs the input password using a processing device such as a CPU 911.
In the authentication generation step S802, the authentication generation device 156 uses the processing device such as the CPU 911 to input the password output by the password input device 154 in the password input step S801, and the authentication information and the verification information based on the input password. And the generated authentication information and verification information are output.
The authentication storage device 157 uses the processing device such as the CPU 911 to input the authentication information and verification information output from the authentication generation device 156, and uses the storage device such as the magnetic disk device 920 to input the authentication information and verification. Memorize information.

In the authentication acquisition command generation step S803, the authentication acquisition command generation device 158 generates and generates a verification command based on the verification information stored in the authentication storage device 157 in the authentication generation step S802 using a processing device such as the CPU 911. The authentication acquisition command including the verification command is generated, and the generated authentication acquisition command is output.
In the authentication acquisition command insertion step S804, the authentication acquisition command insertion device 159 uses the processing device such as the CPU 911 to input and input the authentication acquisition command generated by the authentication acquisition command generation device 158 in the authentication acquisition command generation step S803. An authentication acquisition command is written at the top of the converted program 420. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 in which the authentication acquisition command is written.
Thereafter, the process proceeds to the disassembly process S812.

In the branch source determination step S833, the change branch instruction generation device 151 changes the branch instruction in the instruction acquisition step S831 in the branch source table before change stored in the branch source storage device 148 before change in the branch source storage step S821 before change. If it is determined that the same address as the address of the executable code acquired by the device 152 is stored, the process proceeds to a template output step S836.
If it is determined that the same address is not stored, the process proceeds to the instruction output step S837.

In the template output step S836, the branch instruction temporary change device 167 adds and writes the template 540 to the end of the converted program 420 stored in the converted program storage device 180 by using a processing device such as the CPU 911. The converted program storage device 180 stores the converted program 420 to which the template 540 is added.
The branch source storage device 168 calculates the start address of the template 540 added by the branch instruction temporary change device 167 using a processing device such as the CPU 911 and sets it as the post-change branch source address. The branch source storage device 168 stores the calculated post-change branch source address in the post-change branch source table using a storage device such as the magnetic disk device 920.

  In the instruction output step S837, the branch instruction temporary change device 167 uses the processing device such as the CPU 911 to execute the code of the execution program acquired in the instruction acquisition step S831, and store the converted program 420 stored in the converted program storage device 180. Add and write at the end. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the executable code is added.

In the repetition step S839, when the branch instruction changing device 152 determines that the execution format code has been acquired from the target program 415 to the end, the process proceeds to the branch destination table disturbance step S843.
If it is determined that the acquisition has not yet been completed, the processing from the instruction acquisition step S831 is repeated.

In the branch destination table disturbing step S843, the branch destination disturbing device 149 uses a processing device such as the CPU 911 and the branch destination table 630 stored in the branch destination storing device 145 in the post-change branch destination storing step S842, and the authentication generation step S802. And the authentication information stored in the authentication storage device 157 is input, the input branch destination table 630 is disturbed based on the input authentication information, a disturbance branch destination table is generated, and the generated disturbance branch destination table is output. To do.
The branch destination storage device 145 inputs the disturbance branch destination table output from the branch destination disturbance device 149 using a processing device such as the CPU 911 and stores the input disturbance branch destination table.

In the disturbed branch destination acquisition step S851, the changed branch instruction generation device 151 uses the processing device such as the CPU 911 to disturb in order from the beginning of the disturbed branch destination table stored in the branch destination storage device 145 in the branch destination table disturbing step S843. Get branch destination information one by one.
In the modified branch instruction generation step S852, the modified branch instruction generation device 151 uses the processing device such as the CPU 911 to generate the post-change branch instruction 520 based on the disturbed branch destination information acquired in the disturbed branch destination acquisition step S851. . The changed branch instruction generation device 151 outputs the generated changed branch instruction 520 using a processing device such as the CPU 911.
In the branch instruction change step S853, the branch instruction change device 152 acquires the post-change branch source address from the post-change branch source table stored in the branch source storage device 168 using a processing device such as the CPU 911. The branch instruction change device 152 inputs the post-change branch instruction 520 output from the change branch instruction generation device 151 in the change branch instruction generation step S852 using a processing device such as the CPU 911. The branch instruction changing device 152 uses the processing device such as the CPU 911 to store the template 540 that the branch instruction temporary changing device 167 wrote in the converted program 420 in the template output step S836 based on the acquired post-change branch source address. Replace with the changed branch instruction 520 entered. The converted program storage device 180 stores the replaced converted program 420 using a storage device such as the magnetic disk device 920.
In the repetition step S854, the changed branch instruction generation device 151 determines whether or not the disturbance branch destination information has been acquired from the disturbance branch destination table to the end in the disturbance branch destination acquisition step S851.
When it determines with having acquired to the last, it progresses to changed program output process S862.
When it is determined that the acquisition has not been completed yet, the processing from the disturbance branch destination acquisition step S851 is repeated.

In the changed program output step S862, the converted program output device 191 uses the processing device such as the CPU 911 to input and input the converted program 420 stored in the converted program storage device 180 in the branch instruction changing step S853. The converted program 420 is output.
Thereafter, the program conversion process ends.

FIG. 36 is a flowchart showing an example of detailed processing flow of the template output step S836 in which the branch instruction temporary change device 167 outputs the template 540 in this embodiment.
In the template acquisition step S836a, the branch instruction temporary change device 167 acquires the template 540 stored in the storage device such as the magnetic disk device 920 using a processing device such as the CPU 911.
In the temporary output step S836b, the branch instruction temporary change device 167 uses the processing device such as the CPU 911 to add the template 540 acquired in the template acquisition step S836a to the end of the converted program 420 stored in the converted program storage device 180. Add and write. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the template 540 is added.
In the branch source storage step 836c, the branch source storage device 168 calculates the start address of the template 540 added by the branch instruction temporary change device 167 in the temporary output step S836b using a processing device such as the CPU 911, and the post-change branch source Address. The branch source storage device 168 calculates the post-change branch source address by, for example, counting the number of bytes of the code written by the branch instruction temporary change device 167 in advance.
The branch source storage device 168 stores the calculated post-change branch source address in the post-change branch source table using a storage device such as the magnetic disk device 920.

  FIG. 37 is a flowchart showing an example of detailed processing flow of the branch destination table disturbing step S843 in which the branch destination disturbing device 149 disturbs the branch destination table 630 in this embodiment.

In the authentication information acquisition step S843c, the branch destination disturbance device 149 acquires the authentication information stored in the authentication storage device 157 in the authentication generation step S802 using a processing device such as the CPU 911.
In the branch destination acquisition step S843e, the branch destination disturbing device 149 uses the processing device such as the CPU 911, after the change in order from the beginning of the branch destination table 630 stored in the branch destination storage device 145 in the post-change branch destination storage step S842. Get branch destination addresses one by one.
In the exclusive OR calculation step S843h, the branch destination disturbing device 149 uses the processing device such as the CPU 911, the authentication information acquired in the authentication information acquisition step S843c, and the changed branch destination address acquired in the branch destination acquisition step S843e. Is obtained as disturbance branch destination information.
In the disturbance branch storage step S843i, the branch destination storage device 145 stores the disturbance branch destination information calculated by the branch destination disturbance device 149 in the disturbance branch destination table.
In the repetition step S843j, the branch destination disturbing device 149 determines whether or not the post-change branch destination address has been acquired from the branch destination table 630 in the branch destination acquisition step S843e by using a processing device such as the CPU 911.
When it determines with having acquired to the last, branch destination table disturbance process S843 is complete | finished.
If it is determined that the acquisition has not been completed yet, the processing from the branch destination acquisition step S843e is repeated.

FIG. 38 is a flowchart showing an example of a detailed process flow of the modified branch instruction generation step S852 in which the modified branch instruction generation device 151 generates the post-change branch instruction 520 in this embodiment.
Note that portions common to the modified branch instruction generation step S834 described in the seventh embodiment are denoted by the same reference numerals, and description thereof is omitted here.

In the disturbed branch destination acquisition step S834j, the modified branch instruction generation device 151 uses the processing device such as the CPU 911 to acquire disturbed branch destination information from the disturbed branch destination table stored in the branch destination storage device 145 in the disturbed branch storage step S843i. To do.
In the disturbed branch destination insertion step S834k, the changed branch instruction generation device 151 uses the processing device such as the CPU 911 to insert the disturbed branch destination information acquired in the disturbed branch destination acquisition step S834j into the blank 544 of the template 540.
In the post-change branch instruction output step S8341, the change branch instruction generation device 151 outputs the template 540 filled with blanks as the post-change branch instruction 520 using a processing device such as the CPU 911.

FIG. 39 is a diagram showing another example of the post-change branch instruction 520 generated by the changed branch instruction generation device 151 in this embodiment.
The template 540 further has blanks 545 and 546.
A blank 545 and a blank 546 are blanks in which addresses of temporary areas in which the branch destination absolute addresses are temporarily stored are stored. The change branch instruction generation device 151 uses a processing device such as the CPU 911 to store the temporary areas. The address is inserted into the blank field 545 and the blank field 546.

The operation when the computer 300 executes the post-change branch instruction 520 generated by the change branch instruction generation device 151 is different from the example of FIG. 34 in the following points.
In the indirect branch step S719, the computer 300 stores the branch destination absolute address calculated in the branch destination calculation step S717 in the temporary area according to the instruction of the post-change branch instruction.
The computer 300 unconditionally branches to the branch destination absolute address stored in the temporary area according to the instruction of the post-change branch instruction.

FIG. 40 is a diagram showing still another example of the post-change branch instruction 520 generated by the changed branch instruction generation device 151 in this embodiment.
This example is an example in which post-processing such as restoring the saved register after the computer 300 branches according to the instruction of the branch instruction after the change is necessary.
When branch post-processing is necessary, the branch instruction temporary change device 167 inserts the post-processing instruction 550 into the branch destination using a processing device such as the CPU 911.

The operation flow when the computer 300 executes the post-processing instruction 550 inserted by the branch instruction temporary change device 167 is as follows.
When the branch is not performed by the post-change branch instruction but is executed sequentially from the previous instruction, the computer 300 executes the unconditional branch step S761. In the unconditional branch step S761, the computer 300 branches unconditionally to the next instruction according to the instruction of the post-processing instruction 550.
When the branch is made by the post-change branch instruction, the computer 300 executes a post-branch processing step S762. In the branch post-processing step S762, the computer 300 performs a predetermined post-branch process in accordance with an instruction of the post-processing instruction 550.

FIG. 41 is a flowchart showing another example of the flow of program conversion processing in which the program conversion apparatus 100 in this embodiment converts the target program 415 to generate the converted program 420.
Note that portions common to the program conversion processing described in FIG. 35 are denoted by the same reference numerals, and description thereof is omitted here.

In the branch destination determination step S832, the branch destination determination device 144 stores the same address as the code of the execution format acquired by the branch instruction change device 152 in the instruction acquisition step S831 in the pre-change branch destination table 610. If it is determined that there is, the process proceeds to a post-processing command output step S840.
In the post-processing instruction output step S840, the branch instruction temporary change device 167 acquires the post-processing instruction 550 stored in the storage device such as the magnetic disk device 920 using a processing device such as the CPU 911. The branch instruction temporary change device 167 uses the processing device such as the CPU 911 to add and write the acquired post-processing instruction 550 to the end of the converted program 420 stored in the converted program storage device 180. The converted program storage device 180 uses a storage device such as the magnetic disk device 920 to store the converted program 420 to which the post-processing instruction 550 is added.
Thereafter, the process proceeds to the post-change branch destination determination step S841.

  As described above, when post-processing is necessary after branching, the branch instruction temporary change device 167 inserts the post-processing instruction 550 at the branch destination. Since the post-processing instruction 550 may shift from the previous instruction as it is rather than by branching, the post-processing instruction 550 is preceded by an unconditional instruction that instructs an unconditional branch to the next instruction. A branch instruction is provided, and then a branch post-processing instruction for instructing necessary post-processing is provided. The branch destination storage area determination device 141 calculates a post-change branch destination address so that the post-change branch instruction branches to the post-branch processing instruction, and the branch destination storage device 145 stores the branch destination storage device 145 in the branch destination table 630.

The program conversion apparatus 100 (program conversion system, program conversion method) in this embodiment further includes a storage device (magnetic disk device 920) for storing information, an authentication storage device 157, and an authentication acquisition command insertion device 159. It is characterized by having.
The authentication storage device 157 stores authentication information for authenticating whether or not there is an authority to execute the target program 415 using the storage device (magnetic disk device 920).
The branch destination table generation device 140 uses the processing device (CPU 911), based on the pre-change branch destination information (pre-change branch destination address) acquired by the branch destination acquisition device 133, in the converted program 420. The information representing the branch destination of the branch is calculated and used as the post-change branch destination information (the post-change branch destination address), and the calculated post-change branch destination information is disturbed based on the authentication information stored in the authentication storage device 157. Then, disturbed branch destination information is generated, and a branch destination table (disturbed branch destination table) is generated based on the generated disturbed branch destination information.
The authentication acquisition command insertion device 159 uses the processing device (CPU 911) to insert an authentication acquisition command instructing acquisition of authentication information into the target program 415 input by the target program input device 110. Features.
The modified branch instruction generation device 151 uses the processing device (CPU 911) to obtain the disturbed branch destination information with reference to the branch destination table (disturbed branch destination table) generated by the branch destination table generation device 140, The branch destination calculation instruction includes the acquired disturbed branch destination information, and information representing the branch destination based on the authentication information acquired by executing the authentication acquisition instruction and the disturbed branch destination information (branch destination) An instruction for calculating (absolute address) is generated.

  According to the program conversion apparatus 100 in this embodiment, since the post-change branch instruction 520 generated by the change branch instruction generation apparatus 151 includes disturbed branch destination information, the branch destination table 630 is referred to when the converted program 420 is executed. If it is not necessary and the authentication information is not known, the branch destination absolute address cannot be restored from the disturbing branch destination information, so that the reverse engineering becomes more difficult.

The program conversion apparatus 100 (program conversion method) described above is
A branch instruction in the execution program (target program 415) is searched, and for each branch instruction, an area for storing an address (changed branch destination information) is secured in the code part of the program, and a newly calculated branch is stored in this area. Store the destination address (branch destination information after change), replace the instruction so that the branch source instruction (branch instruction before change) branches to the address (branch destination information after change) obtained from the area in the code part, and after the change The execution program (converted program 420) is changed so as to have the same operation as the execution program (target program 415) before the change.

The program conversion apparatus 100 (program conversion method) described above is
A value (disturbed branch destination information) obtained by taking a logical exclusive sum (exclusive OR) of a newly calculated branch destination address (post-change branch destination information) and a value uniquely generated from the password (authentication information) A value (authentication information) that is stored in the code part of the program (converted program 420), uniquely generated from the password at the start of execution of the program (converted program 420), and stored in the code part (disturbed branch) The execution program (target program 415) is changed so that the branch instruction is executed using the logical exclusive sum (exclusive OR) of the value (authentication information) uniquely generated from the destination information and the password as the branch destination address. It is characterized by doing.

  According to the program conversion apparatus 100 (program conversion method) described above, the branch instruction in the program (target program 415) is stored in the code part without directly specifying the branch destination address in the operand of the branch instruction. Rewriting to branch using (changed branch destination information) increases the analysis load. Furthermore, the branch destination address (the post-change branch destination information) is stored in the code part in a state (disturbed branch destination information) obtained by taking a password hash value (authentication information) and a logical exclusive OR (exclusive OR), Since the program is executed while calculating the original branch destination using the password at the time of execution, the program cannot be executed correctly unless the password is known. This can prevent unauthorized use of the program.

  In this embodiment, as in the case of the program conversion apparatus 100 described in the fifth embodiment, the case where the authentication information is generated based on the input password has been described. However, the program conversion apparatus 100 described in the seventh embodiment. Similarly to the above, the authentication information may be generated based on the device information that the computer 300 has.

That is, the program conversion apparatus 100 (program conversion method)
A value (authentication information) uniquely generated from a newly calculated branch destination address (post-change branch destination information) and a number (device information) unique to the hardware (computer 300) that executes the program (converted program 420) Is stored in the code part of the program (converted program 420), and the program (converted program 420) is started at the start of execution of the program (converted program 420). A value (authentication information) uniquely generated from a number (device information) unique to the hardware (computer 300) executing the converted program 420), and the value (disturbance branch destination information) stored in the code part A branch instruction is executed using a logical exclusive sum (exclusive OR) with a value uniquely generated from the password (disturbed branch destination information) as the branch destination address. It may be characterized in that changing the executable program (object program 415) as.

  In this case, when the eigenvalue (device information) of the device (computer 300) to be used, for example, the CPU ID or the individual address of the communication board (the MAC address of the LAN card or the phone number of the mobile phone) is known beforehand. When the output program (converted program 420) is generated, these (device information) are input instead of the password, and the code (authentication acquisition command 664) added to the code part of the output program (converted program 420) is executed at the time of execution. Since it adds so that the eigenvalue (apparatus information) of an apparatus may be acquired from (computer 300), it is possible to execute the output program (converted program 420) other than the apparatus (computer 300) having a predetermined eigenvalue (apparatus information). As a result, unauthorized use of the program can be prevented.

1 is a system configuration diagram illustrating an example of an overall configuration of a program distribution system using a program conversion device 100 according to Embodiment 1. FIG. FIG. 3 is a diagram illustrating an example of an appearance of a program conversion apparatus 100 according to the first embodiment. FIG. 3 is a diagram illustrating an example of hardware resources of the program conversion apparatus 100 according to the first embodiment. FIG. 3 is a block configuration diagram showing an example of a functional block configuration of the program conversion apparatus 100 according to the first embodiment. FIG. 6 is a diagram illustrating an example of a post-change branch instruction generated by the changed branch instruction generation device 151 according to the first embodiment. The figure which shows an example of a mode that the branch destination table production | generation apparatus 140 in Embodiment 1 produces | generates a branch destination table. The flowchart figure which shows an example of the flow of the program conversion process in which the program conversion apparatus 100 in Embodiment 1 converts the object program 415, and produces | generates the converted program 420. FIG. 6 is a block configuration diagram illustrating an example of a functional block configuration of a program conversion apparatus 100 according to a second embodiment. The figure for demonstrating the process in which the branch instruction change apparatus 152 in Embodiment 2 changes a branch instruction. The flowchart figure which shows an example of the flow of the program conversion process in which the program conversion apparatus 100 in Embodiment 2 converts the object program 416, and produces | generates the converted program 420. FIG. 10 is a block configuration diagram illustrating an example of a functional block configuration of a program conversion apparatus 100 according to a third embodiment. The flowchart figure which shows an example of the flow of the program conversion process in which the program conversion apparatus 100 in Embodiment 3 converts the object program 415 and produces | generates the converted program 420 (the first half). The flowchart figure (latter half) which shows an example of the flow of the program conversion process in which the program conversion apparatus 100 in Embodiment 3 converts the object program 415 and produces | generates the converted program 420. The branch destination table 610 before change stored in the branch destination storage device 142 before change in Embodiment 3, the branch source table 670 before change stored in the branch source storage device 148 before change, and the branch stored in the branch destination storage device 145 The figure which shows an example with the destination table 630. FIG. The branch destination table 610 before change stored in the branch destination storage device 142 before change in Embodiment 3, the branch source table 670 before change stored in the branch source storage device 148 before change, and the branch stored in the branch destination storage device 145 The figure which shows another example with the destination table 630. FIG. FIG. 10 is a block configuration diagram illustrating an example of a functional block configuration of a program conversion apparatus 100 according to a fourth embodiment. The flowchart figure which shows an example of the flow of operation | movement when the computer 300 executes the branch destination read instruction inserted by the branch destination read instruction insertion device 163 in the fourth embodiment. FIG. 15 is a flowchart showing another example of the operation flow when the computer 300 executes a branch destination read instruction inserted by the branch destination read instruction insertion device 163 according to the fourth embodiment. The schematic diagram which shows an example of the structure of the converted program 420 which the program conversion apparatus 100 in Embodiment 4 produces | generates. The flowchart figure which shows an example of the flow of the program conversion process in which the program conversion apparatus 100 in Embodiment 4 converts the object program 415, and produces | generates the converted program 420. FIG. 10 is a block configuration diagram illustrating an example of a functional block configuration of a program conversion apparatus 100 according to a fifth embodiment. The figure which shows an example of the structure of the converted program 420 which the program conversion apparatus 100 in Embodiment 5 produces | generates. An example of an operation flow when the computer 300 executes the authentication acquisition command 664 inserted by the authentication acquisition command insertion device 159 and the branch destination restoration command 665 inserted by the branch destination restoration command insertion device 166 according to the fifth embodiment is shown. FIG. The flowchart figure which shows an example of the flow of the program conversion process in which the program conversion apparatus 100 in Embodiment 5 converts the object program 415, and produces | generates the converted program 420. The flowchart figure which shows an example of the detailed flow of the process of branch destination table disturbance process S843 in which the branch destination disturbance apparatus 149 in Embodiment 5 disturbs the branch destination table 630. The figure which shows an example of the structure of the converted program 420 which the program conversion apparatus 100 in Embodiment 6 produces | generates. An example of the flow of operations when the computer 300 executes the authentication acquisition instruction 664 inserted by the authentication acquisition instruction insertion apparatus 159 and the branch destination restoration instruction 665 inserted by the branch destination restoration instruction insertion apparatus 166 in the sixth embodiment is shown. FIG. The flowchart figure which shows an example of the detailed flow of the process of branch destination table disturbance process S843 in which the branch destination disturbance apparatus 149 in Embodiment 6 disturbs the branch destination table 630. FIG. 18 is a block configuration diagram illustrating an example of a functional block configuration of a program conversion apparatus 100 according to a seventh embodiment. FIG. 25 is a flowchart showing an example of an operation flow when the computer 300 executes an authentication acquisition command inserted by the authentication acquisition command insertion device 159 according to the seventh embodiment. FIG. 20 is a diagram illustrating an example of a post-change branch instruction 520 generated by the changed branch instruction generation device 151 according to the seventh embodiment. FIG. 18 is a flowchart showing an example of a detailed process flow of a modified branch instruction generation step S834 in which the modified branch instruction generation device 151 according to the seventh embodiment generates a post-change branch instruction. FIG. 20 is a block configuration diagram illustrating an example of a functional block configuration of a program conversion apparatus 100 according to an eighth embodiment. FIG. 20 is a diagram illustrating an example of a post-change branch instruction 520 generated by the changed branch instruction generation device 151 according to the eighth embodiment. FIG. 19 is a flowchart showing an example of the flow of a program conversion process in which the program conversion apparatus 100 in the eighth embodiment converts a target program 415 to generate a converted program 420. The flowchart figure which shows an example of the detailed process flow of template output process S836 in which the branch instruction temporary change apparatus 167 in Embodiment 8 outputs the template 540. The flowchart figure which shows an example of the flow of a detailed process of branch destination table disturbance process S843 in which the branch destination disturbance apparatus 149 in Embodiment 8 disturbs the branch destination table 630. The flowchart figure which shows an example of the detailed process flow of change branch instruction generation process S852 in which the change branch instruction generation apparatus 151 in Embodiment 8 produces | generates the post-change branch instruction 520. FIG. 25 shows another example of a post-change branch instruction 520 generated by the changed branch instruction generation device 151 according to the eighth embodiment. FIG. 25 shows still another example of the post-change branch instruction 520 generated by the changed branch instruction generation device 151 according to the eighth embodiment. FIG. 25 is a flowchart showing another example of the flow of a program conversion process in which the program conversion apparatus 100 in the eighth embodiment converts the target program 415 to generate a converted program 420.

Explanation of symbols

  100 program conversion device, 110 target program input device, 111 program name input device, 112 program acquisition device, 113 type determination device, 114 compilation device, 115,171 assembly device, 116 disassembly device, 120 target program storage device, 130 branch Instruction extraction device 131 Disassembly device 132 Branch instruction determination device 133 Branch destination acquisition device 140 Branch destination table generation device 141 Branch destination storage area determination device 142 Pre-change branch destination storage device 143 Address correspondence storage device 144 Branch destination determination device, 145 Branch destination storage device, 146 Branch source acquisition device, 148 Branch source storage device before change, 149 Branch destination disturbance device, 151 Change branch instruction generation device, 152 Branch instruction change device, 154 Password input Device, 155 device information acquisition device, 156 authentication generation device, 157 authentication storage device, 158 authentication acquisition command generation device, 159 authentication acquisition command insertion device, 161 branch destination insertion device, 162 branch destination read command storage device, 163 branch destination read Instruction insertion device, 164 Branch destination read area insertion device, 165 Branch destination restoration instruction storage device, 166 Branch destination restoration instruction insertion device, 167 Branch instruction temporary change device, 168 Branch source storage device, 180 Converted program storage device, 191 conversion Completed program output device, 192 branch destination writing device, 300 computer, 410, 415, 416 target program, 420 converted program, 501 opcode, 502 operand, 511-516 branch instruction, 520 post-change branch instruction, 521-523 instruction 531 Next instruction, 40 Template, 541 to 546 Blank, 550 Post-processing instruction, 610 Branch destination table before change, 611 Branch destination address before change, 612 Address type, 613 Branch direction, 614 Branch number, 620 Address correspondence table, 621 Address before change, 622 Offset, 630 Branch destination table, 631 Changed branch destination address, 632 Branch destination label, 633 Disturbed branch destination information, 640 Assembly code before conversion, 650 Converted assembly code, 651 Changed part, 652 Added part, 661 Branch destination read instruction , 662 Target program after change, 663 Branch destination read area, 664 Authentication acquisition instruction, 665 Branch destination restore instruction, 666 Disturbed branch destination table, 670 Branch source table before change, 671 Branch source address before change, 901 Display device, 902 Keyboard, 903 mouse, 904 FDD, 905 CDD, 906 printer device, 907 scanner device, 910 system unit, 911 CPU, 912 bus, 913 ROM, 914 RAM, 915 communication device, 920 magnetic disk device, 921 OS, 922 window system , 923 program group, 924 file group, 931 telephone, 932 facsimile machine, 940 Internet, 941 gateway, 942 LAN.

Claims (11)

Processing device for processing information, target program input device, branch instruction extraction device, branch destination acquisition device, branch destination table generation device, modified branch instruction generation device, branch instruction change device, converted program output Having a device,
The target program input device uses the processing device to input a program to be converted into a target program,
The branch instruction extraction device analyzes the target program input by the target program input device using the processing device, extracts a branch instruction instructing a branch, and sets it as a branch instruction before change.
The branch destination acquisition device acquires information indicating the branch destination of the branch indicated by the branch instruction before change extracted by the branch instruction extraction device using the processing device, and sets the branch destination information before change as
The branch destination table generation device generates a branch destination table using the processing device based on the pre-change branch destination information acquired by the branch destination acquisition device,
The modified branch instruction generation device uses the processing device to branch a branch destination calculation instruction for instructing calculation of information representing a branch destination, and a branch represented by information calculated by executing the branch destination calculation instruction. A branch instruction after change including a branch instruction for instructing a branch to a destination is generated based on the branch destination table generated by the branch destination table generation device;
In the branch instruction change device, the change branch instruction generation device generates the pre-change branch instruction extracted by the branch instruction extraction device from the target program input by the target program input device using the processing device. Replace with branch instruction after change
The converted program output device outputs a target program in which the branch instruction change device has replaced a branch instruction as a converted program, using the processing device. The program conversion device further includes a branch destination insertion device,
The branch destination insertion device uses the processing device to insert the branch destination table generated by the branch destination table generation device into the target program input by the target program input device,
The modified branch instruction generation device generates an instruction for calculating information representing a branch destination by referring to the branch destination table inserted by the branch destination insertion device as the branch destination calculation instruction using the processing device. The program conversion apparatus according to claim 1. The program conversion device further includes a branch destination writing device and a branch destination read instruction insertion device,
The branch destination writing device uses the processing device to write the branch destination table generated by the branch destination table generation device to generate a branch destination file.
The branch destination read instruction insertion device uses the processing device to read a branch destination read instruction that instructs to read the branch destination file generated by the branch destination writing device and acquire the branch destination table. Insert it into the target program entered by the program input device,
The modified branch instruction generation device refers to a branch destination table obtained by executing the branch destination read instruction inserted by the branch destination read instruction insertion device as the branch destination calculation instruction using the processing device. The program conversion apparatus according to claim 1, wherein an instruction for calculating information indicating a branch destination is generated. The branch destination read instruction insertion device uses the processing device to instruct the branch destination file generated by the branch destination writing device as an instruction to download via the Internet as the branch destination read instruction. 4. The program conversion apparatus according to claim 3, wherein the program conversion apparatus is inserted into the target program input by the target program input apparatus. The program conversion device further includes a storage device for storing information, an authentication storage device, and an authentication acquisition command insertion device,
The authentication storage device uses the storage device to store authentication information for authenticating whether or not there is an authority to execute the target program,
The authentication acquisition command insertion device uses the processing device to insert an authentication acquisition command instructing to acquire authentication information into the target program input by the target program input device,
The modified branch instruction generation device uses the processing device to obtain authentication information acquired by executing the authentication acquisition instruction inserted by the authentication acquisition instruction insertion device as the branch destination calculation instruction, and the branch destination table. 5. The program conversion according to claim 1, wherein an instruction for calculating information representing a branch destination with reference to is generated based on authentication information stored in the authentication storage device. apparatus. The program conversion device further includes a storage device for storing information, an authentication storage device, an authentication acquisition command insertion device, and a branch destination restoration command insertion device,
The authentication storage device uses the storage device to store authentication information for authenticating whether or not there is an authority to execute the target program,
The branch destination table generation device generates a branch destination table based on the pre-change branch destination information acquired by the branch destination acquisition device using the processing device, and based on the authentication information stored in the authentication storage device. Disturb the generated branch destination table,
The authentication acquisition command insertion device uses the processing device to insert an authentication acquisition command instructing to acquire authentication information into the target program input by the target program input device,
The branch destination restoration command insertion device restores the branch destination table based on authentication information acquired by executing the authentication acquisition command inserted by the authentication acquisition command insertion device using the processing device. 5. The program conversion apparatus according to claim 1, wherein a branch destination restoration instruction to be instructed is inserted into a target program input by the target program input apparatus. The authentication acquisition command insertion device uses the processing device as the authentication acquisition command based on a password input command for inputting a password and a password input by executing the password input command. 7. The program conversion apparatus according to claim 5, wherein an authentication calculation command for instructing to calculate authentication information is inserted into a target program input by the target program input apparatus. The authentication acquisition command insertion device uses, as the authentication acquisition command, the device information acquisition command for instructing acquisition of device information included in a computer that executes the converted program, and the device information acquisition command. 6. An authentication calculation command for instructing calculation of authentication information based on device information acquired by executing the command is inserted into the target program input by the target program input device. The program conversion apparatus according to claim 6. The program conversion device further includes a storage device for storing information, an authentication storage device, and an authentication acquisition command insertion device,
The authentication storage device uses the storage device to store authentication information for authenticating whether or not there is an authority to execute the target program,
The branch destination table generation device uses the processing device to calculate information representing the branch destination of the branch in the converted program based on the pre-change branch destination information acquired by the branch destination acquisition device, and Based on the authentication information stored in the authentication storage device as post-branch destination information, the calculated post-change branch destination information is disturbed to generate disturbed branch destination information, and the branch is made based on the generated disturbed branch destination information. Generate the destination table,
The authentication acquisition command insertion device uses the processing device to insert an authentication acquisition command instructing to acquire authentication information into the target program input by the target program input device,
The modified branch instruction generation device acquires disturbed branch destination information with reference to the branch destination table generated by the branch destination table generation device using the processing device, and acquires the disturbed branch acquired as the branch destination calculation instruction. A command for calculating information representing a branch destination is generated based on the authentication information including the destination information and acquired by executing the authentication acquisition command and the disturbance branch destination information. The program conversion apparatus according to 1.   A program that causes a computer to function as the program conversion apparatus according to claim 1. In a program conversion method in which a computer having a processing device for processing information converts a target program,
The processing device inputs a program to be converted into a target program,
The above processing device analyzes the input target program, extracts a branch instruction instructing a branch, and sets it as a branch instruction before change,
The processing device acquires information indicating the branch destination of the branch indicated by the extracted pre-change branch instruction, and sets it as pre-change branch destination information,
The processing device generates a branch destination table based on the acquired pre-change branch destination information,
A branch destination calculation instruction for instructing the processor to calculate information representing the branch destination; a branch instruction for instructing a branch to the branch destination represented by the information calculated by executing the branch destination calculation instruction; Generate a post-change branch instruction that includes, based on the generated branch destination table,
The above processing device replaces the extracted pre-change branch instruction in the input target program with the generated post-change branch instruction,
A program conversion method, wherein the processing device outputs a target program in which a branch instruction is replaced as a converted program.

Images