image-20210810103357261-16285628389561.png
1.生成机器码
机器码生成规则:MD5(CPU序列号 + 主板序列号 + 硬盘序列号)
import os
import hashlib
def generate_machine_code(self):
"""
生成机器码
MD5(CPU序列号 + 主板序列号 + 硬盘序列号)
:return machine_code: 机器码
"""
# 获取CPU序列号
cpu_id = os.popen("dmidecode -t 4 | grep ID").readline().replace('\tID:', '') \
.replace('\n', '').replace(' ', '').upper()
# 获取主板序列号
board_id = os.popen("dmidecode -s system-serial-number").readline().replace('\n', '') \
.replace(' ', '').upper()
# 获取硬盘序列号
disk_id = os.popen('fdisk -l | grep identifier').readline().replace('Disk identifier:', '') \
.replace('\n', '').replace(' ', '').upper()
if disk_id =='': # 不能用None来判断
print("English disk_id is None,search for chinese")
disk_id = os.popen("fdisk -l | grep 磁盘标识符").readline().replace('磁盘标识符:', '').replace('\n', '').replace(' ', '').upper() # 注意冒号也要改为中文
# 拼接硬件序列号
machine_id = cpu_id + board_id + disk_id
# 硬件信息转MD5码,生成机器码
m = hashlib.md5()
m.update(machine_id.encode())
machine_code = m.hexdigest()
return machine_code
序列号样式:
cpu_id= 57060500FFFBEBBF
board_id= 4TPJJ33
disk_id= 5AF82805-4ACD-4E30-B242-1403A4499C3C
md5+encode后,machine_code为
aec8bd44dbd341e9d1e855b59e645724
问题1: cpu_id跟board_id无法获得
RUN apt-get install -y dmidecode
问题2: disk_id无法获得
由于容器或者宿主机有可能被汉化,故获取硬盘序列号的搜索可能为中文,如下:
root@photo_qa:/dev# fdisk -l
Disk /dev/sda:3.7 TiB,4000225165312 字节,7812939776 个扇区
单元:扇区 / 1 * 512 = 512 字节
扇区大小(逻辑/物理):512 字节 / 512 字节
I/O 大小(最小/最佳):512 字节 / 512 字节
磁盘标签类型:gpt
磁盘标识符:5AF82805-4ACD-4E30-B242-1403A4499C3C
设备 起点 末尾 扇区 大小 类型
/dev/sda1 2048 4095 2048 1M BIOS 启动
/dev/sda2 4096 2101247 2097152 1G Microsoft 基本数据
/dev/sda3 2101248 7812937727 7810836480 3.7T Linux LVM
- 此容器的identifier已经汉化为标识符,
- 如果英文没结果,得用if disk_id =='': 不能用None来判断
- 注意冒号也汉化了,所以也要改为中文的:
2.生成公私钥
from Crypto import Random
from Crypto.PublicKey import RSA # 注意Crypto安装为: pip install pycrypto==2.6.1
# 生成私钥
random_generator = Random.new().read
rsa = RSA.generate(3072, random_generator)
private_key = rsa.exportKey()
print(private_key)
# 生成公钥
public_key = rsa.publickey().exportKey()
print(public_key)
私钥:
b'-----BEGIN RSA PRIVATE KEY-----\nMIIG5AIBAAKCAYEA0kDu0ucQ11QfRyN8ujqaINBJjBL5oafpw6//kynAnP+x5sdi\nCUilGYfGVgbR5EbVvOpoYy+hBOSb1ugpx8khT4OUEVH8Sc0uQTwb37AqD6aGkGtm\n7K6NHssgduxqZ7GsuftZYXqS+7jPLvNyd1SvIVdmqTSTSYlXJlS7PuLJxjhM8/rD\nl5zFl8L4VIC+kRbR6M1BHQmc8/+cddKzJwNdcSdSDHQ54ZEReTCDYW2pg8Bxro+k\nORdkMrKE4nHwCttZBI3QtQxxV+NXX0jdAsSAOSi9eW/J7Xb2K3nKgSIhpcaK321n\nLdZy4j+xwagSO2Lx21LoLVoKsrs8YESs+UEbCIXOR5KAFu0b/9Vpfm9fSq81oc2/\nrjlVsDRsmUjR3hJLQdJHg6T2eLbIwhiSRsSkpXt2EGmXJiafEizf6uKa1hmzef9Q\nfoNVx39YlNuQEre08EcZnkwhe3cvhoyT7NgeRLvg/BP4dzV2jWmsd8DlopBzD5nB\nHv3C28qzLXxNiPsfAgMBAAECggGAPjnBdOG19kSLTT6Pd35Ih1Wdrrse7l0Hrka0\nWRWOT+jM+gQgW6cIVdn9NRCnpevg7hxh8Jj0CsKt7JihZON93E6Qz993z0/OVLg5\nd6ZnjGI4iR2ARKQUV/y+CvRFOZM4D4L4HQVt4tn7V2XthquleTSoyYMp5CWliU6i\nbCYqmWOoQr0AjipzwEqPvFKuE7qxPTkiADoMHZqU77oAE5fHW+nLOqxbRQruJPPa\nrkcKWFfoTUVt0Qe/O9HhyjL2XAA2etawxm2Oa0eFtgzxeXZgZL3fRJ4DGc/Z/elR\ncM7yhH8anbkU30VpoeCQVXhnMh2zMlDlT6zvjiPB7eQ3NfcWxa0UIlIZapeNAnrG\nBG/Yrc4dmyj/139LfnSoup4l/nBNUzC5P/kmMA2US36Wkg/+GFnG5Jo6twe/6ixI\n+5Y5ii1FSI56dMN6JG/hugnyb23HKWxPE6DKV73gIkPtFE5bKTfevQzly774CDKW\nnQzE68/T17mQeHHBvZ538b6nofxhAoHBAN7gYFxG9ydRzQUFE4HJEZwkg0QdEwSd\n7B6GyaDIRYezcexqZCWMuKqe7jJWMsmlI8XCZARJ+vuGZUCtsG7eA5UfNC2F+gPh\nTQ4KqveLvQ8mP4sAeRmInrI935a2Yy2ma3AJpsWpCkcmDpf2c+YG2zh5FAAVEOzz\nZCxi3obnRfeuGSJWPHO9bjaqcwcH1IsD2SvB5+NqHxmu8nI/lhdtdKOaODpzaCF0\n5sM9iUkL+3FlqXowelgKepMNkh3Gh29tnQKBwQDxgE4EAXDIAo9mbN4P2IKv1Y6X\n+pq4PO3IRdir+U7LUwsNrUrT/cwSOHc+vu/vieQL5uSOL+gUSr/EOijOaKASk+2u\n5k3W2QaCnB7IEM+dKvE3E9/+qPekXnYAURCaDx4foN4vg11Q7aQHkVRFusaEgScC\nHRllx2KS2LGDqzpBUeYvEJF91t2xv6URFAekNW87oaTSlttcIVtvKLr+Lm5mVNFK\nURIYV5v/Ca2qupcxDTolrgMe+2JEaCmO9ojMDOsCgcEAkAvqm5lOIf6PiGAIhIhk\ntksu/7Xe1cwPkIdDB4SI07TZu5fjlBVIQRYpEyV8+7Cc1zLVG6SI70mkZVIcxvr8\ny8N4ILgHp7xU5e9lIksRbRomVXt/yU3wa3jr6meE4DtAExBZ1kRznRpusi6aJ6Bk\nzTIMCCWVY9/G7Z0U/5G4OeUu329m8NMMyY4OfAvGhfZ9xPc1HVk4MoxMrCSGqCuZ\nCCgjkTuHoKACiUtbUHfLEjZHe+6bFA3pvOM3fcETRaRNAoHBAJYnnFpJOwJg9SBO\nGFPp3nfNZHeCTai32XBoXSuwOxmYbIr4cEoWx0ec7CeLOEvLhIsR6JGvn7DeORWc\nw7pyuvRSHbpdX5ByJ+YVg94I9c1W4dvI88C29iKwyNWxkYz4UVaBAySvnNmwqAg8\niBVC6COC2eoqhZwOuG9tZBHl6LasYV5qAswnSHg4HD3eIlIrFxoQixaUzZce9mbL\nAFkCLYpaujZm6cVQ06FjNyOsGE1bWAgNhctBqfu2eAB3sN6OOQKBwB72AxlA/q1n\n81H6UfyQfNh3qjQnlRgJt2WPIYbf7Ig/prWpbM0pbXmnH5ozmQrdyoChEp/bz0+v\nOwsKGp553fib68BZoUZv+gI/jxxMs5IL6XMp6oi6m5fxRxiI0hTdg7HeYiC8HWZz\nan0X+xzX3j3Oj4TrmtlJgOXPyMtokwBy8BnblOFSt2H79jYpbKI4UFQZvi0/MII9\n6+ETnXBgtHr1aUJXi+4X6J8ymlh34/34fItBc9OMn4d4zBNMxYsKnw==\n-----END RSA PRIVATE KEY-----'
公钥:
b'-----BEGIN PUBLIC KEY-----\nMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEA0kDu0ucQ11QfRyN8ujqa\nINBJjBL5oafpw6//kynAnP+x5sdiCUilGYfGVgbR5EbVvOpoYy+hBOSb1ugpx8kh\nT4OUEVH8Sc0uQTwb37AqD6aGkGtm7K6NHssgduxqZ7GsuftZYXqS+7jPLvNyd1Sv\nIVdmqTSTSYlXJlS7PuLJxjhM8/rDl5zFl8L4VIC+kRbR6M1BHQmc8/+cddKzJwNd\ncSdSDHQ54ZEReTCDYW2pg8Bxro+kORdkMrKE4nHwCttZBI3QtQxxV+NXX0jdAsSA\nOSi9eW/J7Xb2K3nKgSIhpcaK321nLdZy4j+xwagSO2Lx21LoLVoKsrs8YESs+UEb\nCIXOR5KAFu0b/9Vpfm9fSq81oc2/rjlVsDRsmUjR3hJLQdJHg6T2eLbIwhiSRsSk\npXt2EGmXJiafEizf6uKa1hmzef9QfoNVx39YlNuQEre08EcZnkwhe3cvhoyT7Nge\nRLvg/BP4dzV2jWmsd8DlopBzD5nBHv3C28qzLXxNiPsfAgMBAAE=\n-----END PUBLIC KEY-----'
3.生成注册码
注册码生成规则:RSA(机器码),使用公钥进行加密,私钥进行解密校验
import base64
from Crypto.Cipher import PKCS1_OAEP
from Crypto.PublicKey import RSA
def rsa_encrypt(message, public_key):
"""
校验RSA加密 使用公钥进行加密
:param message: 需要加密的信息
:param public_key: 公钥
:return encryption_text: 加密后的信息
"""
cipher = PKCS1_OAEP.new(RSA.importKey(public_key))
encryption_text = base64.b64encode(cipher.encrypt(message.encode())).decode()
return encryption_text
if __name__ == '__main__':
public_key = '''-----BEGIN PUBLIC KEY-----\nMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAy7AOgjAoWNFbP680sh8C\nODk/F5YV2E5EWG/HMJPyVVzW5r0hN+fQ5vxyik+6n+7dYDxBAzhWF7DyASQ6rRjM\nrG2my6win8tzwM+zddykfcxt75Vav05XvN/G+G12QZq8GK+TfbNyrjw7ol1+cOPe\nSHFwnuWzL9DltrH1I0VRp5pEhLamYxLJL4TRsKVk/gVKoj3cCo3CO6e0m9OamcLS\neDcinmIjWYg3z14Yrq5e7KmNTFgelZM9o0cFixr7r5MdWU+vQYxmkc2bNRBFOuDW\nBrbLK9j+XHzdt2ANqv9qLWVnUSBZh8pecx86TNQjjZ8Zi0S52XsOmpl6Bc1uyocu\nBIkmQ2N47VEFdwydo7p3ZD/BcJAU4rCz+at33WNdZRkQQIg2ATJqw+TF97zEHFFL\n5VfMWxUgLUTfaZnebxW6JH4ZK3HAxNU1sOZlZ3SCix4bi4+XghAFQ12YyczS7Sp7\nczzEkT7ESf8whUy2MDaCGnnGaofYYyYTpX3aFWAy2raNAgMBAAE=\n-----END PUBLIC KEY-----''
machine_code = "70097b94a3ecaf54e9f83b78c40055f1"
license = rsa_encrypt(machine_code, public_key)
print(license)
4.注册码验证
设置环境变量文件model.env,在文件中配置已经生成好的注册码
# License 配置
LICENSE_VALUE=oEZJv5IHpkn9AdEDHV5Wy5VZbOql6Mkrqjj4O6XXLjMo3ajdaw0ADPatfIo/NjOwTB0oOhBklQSTUxik1TS3RRaM/mdI6U8HfAZqcGRNSNGCS//ruJSkXJXkSeFloENDgZIMQkFJm2cGvX9NkqnoXbtmAA9WvOtLiAPxH76ANamaSgx8kgSYyapkeWMk1FinZ9UvS1u1IyQ4S3WThNOkadovbu4wzZmhWqXkIJDbksnkauI34cgKK2fcOSlscLY5/gRGUMs8CCdSyorj/thmVdSwpkTXYc1GwAmndZosJnUIvb64IL2VKDte4lPexvPo1Lp66TDwR2DhCuK2445cX2d9UXNAknU+tNr6PRAa0zCyzzL61LNYe9Gw/0eV8uxLPBw8W+uyHU28c3RrFDU9v70kZTngwFbKJLGnikdNYzDu1XWcfRAEnQ5hH1ial8vfF7NmlUaM9etl4pf3HrhU5qygfr5vL4Ex1k2dFjagINIEvYdfClSRFmpMwbKH4J+7
运行代码hardware_license.py,进行注册码验证
# -*- coding: utf-8 -*-
"""
@File : hardware_license.py
@Description : 硬件license加密验证
@Author: Candice Zhang
@Contact : zhangyao3622@163.com
@Time : 2021/3/14 上午11:31
@IDE: PyCharm Community Edition
@REFERENCE:
"""
import os
import hashlib
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_OAEP
import base64
class HardwareLicense(object):
"""
硬件加密,生成机器注册码
"""
def generate_machine_code(self):
"""
生成机器码 需要安装 RUN apt-get install -y dmidecode
MD5(CPU序列号 + 主板序列号 + 硬盘序列号)
:return machine_code: 机器码
"""
# 获取CPU序列号
cpu_id = os.popen("dmidecode -t 4 | grep ID").readline().replace('\tID:', '') \
.replace('\n', '').replace(' ', '').upper()
# 获取主板序列号
board_id = os.popen("dmidecode -s system-serial-number").readline().replace('\n', '') \
.replace(' ', '').upper()
# 获取硬盘序列号
disk_id = os.popen('fdisk -l | grep identifier').readline().replace('Disk identifier:', '') \
.replace('\n', '').replace(' ', '').upper()
# 拼接硬件序列号
machine_id = cpu_id + board_id + disk_id
# 硬件信息转MD5码,生成机器码
m = hashlib.md5()
m.update(machine_id.encode())
machine_code = m.hexdigest()
return machine_code
def rsa_encrypt(self, message, public_key):
"""
校验RSA加密 使用公钥进行加密
:param message: 需要加密的信息
:param public_key: 公钥
:return encryption_text: 加密后的信息
"""
cipher = PKCS1_OAEP.new(RSA.importKey(public_key))
encryption_text = base64.b64encode(cipher.encrypt(message.encode())).decode()
return encryption_text
def rsa_decrypt(self, license_value, private_key):
"""
校验RSA加密 使用私钥进行解密
:param license_value: 需要解密的信息
:param private_key: 私钥
:return decrypt_text: 解密后的信息
"""
cipher = PKCS1_OAEP.new(RSA.importKey(private_key))
decrypt_text = cipher.decrypt(base64.b64decode(license_value)).decode('utf-8')
return decrypt_text
def registration_code_verification(self):
"""
注册码核验
从环境变量中获取LICENCE_VALUE,用私钥解密,获取x1,将x1和机器码进行比对;
:return verification_result: 核验结果
"""
private_key = '''-----BEGIN RSA PRIVATE KEY-----\nMIIG4wIBAAKCAYEAy7AOgjAoWNFbP680sh8CODk/F5YV2E5EWG/HMJPyVVzW5r0h\nN+fQ5vxyik+6n+7dYDxBAzhWF7DyASQ6rRjMrG2my6win8tzwM+zddykfcxt75Va\nv05XvN/G+G12QZq8GK+TfbNyrjw7ol1+cOPeSHFwnuWzL9DltrH1I0VRp5pEhLam\nYxLJL4TRsKVk/gVKoj3cCo3CO6e0m9OamcLSeDcinmIjWYg3z14Yrq5e7KmNTFge\nlZM9o0cFixr7r5MdWU+vQYxmkc2bNRBFOuDWBrbLK9j+XHzdt2ANqv9qLWVnUSBZ\nh8pecx86TNQjjZ8Zi0S52XsOmpl6Bc1uyocuBIkmQ2N47VEFdwydo7p3ZD/BcJAU\n4rCz+at33WNdZRkQQIg2ATJqw+TF97zEHFFL5VfMWxUgLUTfaZnebxW6JH4ZK3HA\nxNU1sOZlZ3SCix4bi4+XghAFQ12YyczS7Sp7czzEkT7ESf8whUy2MDaCGnnGaofY\nYyYTpX3aFWAy2raNAgMBAAECggGAFzZCiQKM7oY5NFo2kp/nBFo9vuXbKnHM5xkh\n5X7OrHyuftAJ05Gm5FPbh7iLR4OUlc14CTJn2T5QbeHfj+9WD8ZVLju5HGW2lL/2\nrxVMZ4ue8aEfHNMEO6FyzsfGpLZJ/jQwBjCnfoSdtSSbbqkBIVdQIsOBdo8DRp0k\nFvdk1UlGyqr37i1rYO9taAiJKEuZFEEhbNB31I2JjwJ/yUsC6jE6UDtV1POpjIeo\nH2v+pFC0KgGWxqvnZ86FqrMSAJGun+sHu+Je0v5jHQtq+2kAK8z2kFJS85/BOtFD\nry8XobN8O3nf2MifmPCf7HJ3Llg5rdsSjuCswlonc/nnk7uJXXHsF9yerw34tADj\nYzzhWLdsqZwxtptPxQJxp1Haff1IFgauKQ3THpAMZleSyeItaFuCS2dyIYQH5Skl\ndUstztXyDH8m9jed2kogL9cJ8hcmi2FIs6T3veI3ei8JvmXVx4iIMH/3+oGQJ1cf\nJF4kw7QaFg2R09n6Lfi1SciXI5DxAoHBANiUMRL1lIFbHvV92GAb1oV8SesAWJdo\nPt4RkHaZ7iTKWGk+WukY04SVxVA6hp4QDF3HEknHNozz1bEbNSI3PsIAJdjKyNTD\ny1ZcYJpVaexaU4ecsXOqRcfsIK7X0lzjwbk8d86HDDMnuAkh3q726d4A2BdiDXUK\nKU1yf4KOgPY7w5vQpo1QARs889es3itRw+gfrGIjidFJVZ3BSazh4hmXYZllxTjs\nD5JyWd8U2NqkLnBSRjrSu45Dj2z3ToQQWQKBwQDwwy7VPeXqW55kDyAHJF8yWhQ1\nHDLfxoZSKyYtJ4jcQ5W4QDY6uYzvUVUkAW9AKkIdv7obaKbqduCRmD2/uEEUl/8j\nbfFJDHkCn8WcOsBkfGhoQvO7Fekv+Y4RX/dJAAUlu8n/mMSc3e15pt8jhVtPIuYc\nZHCW3zpys9orhnLaDFn3uPpcUHemv/bvj125abRtD+eqRzw56s8LQiAOaEyow7bg\nvURKYosxxtK6a+sZ7aEW/zGv0DK2jWwc3vracVUCgcB8zSBeQX+a7uwvIJ5/+2qp\nrw5VSfTDAsI/azWo8ljFgIhj1RfD/JdeboOuEJukF7FYlK9YLmCj5pp8HSaIGfej\nCTzF6UzDNjRFBqRwKsoH9aDuo3+qHDNr2giXWCyTdHcci9ip/S4tiDTHpmnQvt3T\nHP9osgr5J6rXQyRxEjcELTox3pErGzAYBw6oeKfppItUhnPqdXokTLL2XfxbkCqe\n/pmyMG/utjDe/eAF6dhwXW2ZMf/gQ7DqcMoES5pGBbkCgcAtdUzkall81GuljM2J\nS67FvQhPttFMOxmlbgw5Pluy6vfb4BPdJqebkAm5UKQGw3PUVhz3i9zoLCXel5Yh\nGtL+5mv/7oQ+PKKkgjI3e0hUMMEt3mZSjqKGsmHGmg4AtIZER56uKdQFoklyTLWY\n6VcCLB6ygaxYcDGC8r5gtXP+A5MBGOX8hBzzWQ9wz+rsVS8B4JznI6gVb2ZEQ+n1\njm/a9YkUCehY+x44+cdT94heTuW5h9mDzpWkrjMZiGho0jkCgcEAjD9VHoFbSp/3\nxfptUnH8PJTSuCexgQ+XSIdustOcmwMBHMi7p1YQ7l/j8BJiwQngd7/Ym9sO3N6f\nPStHQXsIe3//U4qRqtFm31P3RyxM/ZZvCxW7dbaoTQ/eLG9KE1e8niQcaMv00C9x\nOZssZ7iYpIRFEdO6W0tBLsQrHO2Ociu3rg00riewIDO5u1BvigeNAdTn5j/dPNjb\nTbIr8RVdkCYS0mhDQ7XM4F7RyBztJh/YfxzYt+ks+rSTGrCieat3\n-----END RSA PRIVATE KEY-----
'''
license_value = os.environ.get("LICENSE_VALUE") #获取注册码
machine_code = self.generate_machine_code() # 从系统中生成机器码
registration_code = self.rsa_decrypt(license_value, private_key) #注册码解密
if registration_code == machine_code:
result = True #校验通过
else:
result = False #校验失败
return result
if __name__ == '__main__':
hl = HardwareLicense()
result = hl.registration_code_verification()
print(result)
5.Docker镜像启动引入环境变量文件
在启动docker镜像时,引入环境变量文件"--env-file /etc/envfile/model.env ", 此地址为宿主机地址
docker run --name name \
--hostname hostname \
-tid \
--restart=on-failure:10 \
--privileged \
--env-file /etc/envfile/model.env \
-p 10001:5000 \
name:v1.0.0
--privileged 必须要有,不然获取不到cpu_id跟board_id,这两个信息在dev/mem中,没有此命令,将不创建此文件
网友评论