Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Implementing licensing checking library [closed]

I am working on a small cross platform product for Windows and Mac written in C++/Obj-C. I have been asked to implement a licensing module for the same. This task is part of a very ambitious project to introduce licensing for all our products. At the end of it, we will have a complete licensing scheme where we will be able to sell licenses to our customers which support yearly renewals, license levels, etc. My problem is that I do not know the first thing about implementing license checkers. Can any one point me to some how-to's for the same? Are there any open source licensing modules around that I can study?

like image 590
341008 Avatar asked Feb 08 '11 14:02

341008


1 Answers

I use a system of Partial Key Verification (PKV), and I've implemented this in C# with a PHP generator. Google will come up with various hits, explanations, and implementations; but Brandon Staggs wrote a good overview (albeit in Delphi!), here:

http://www.brandonstaggs.com/2007/07/26/implementing-a-partial-serial-number-verification-system-in-delphi/

PKV works by encoding certain information (license type, serial number product, date, etc) in the key along with a hash of the user name, and hashes of the encoded information. Much of the key actually consists of multiple one char hashes. The idea is that you only check a subset of these hashes. The exact subset that issued can be changed over time for some security and to protect against certain kinds of reverse engineering.

I would also encrypt the key to help obfuscate what each char in the license means. Otherwise someone with multiple keys might determine certain char positions mean certain things ("oh, chars 3-4 are the serial number"). This might be a chink in your armour!

Any license system you develop is going to be imperfect. It will be crackable, and if your products are popular, will be cracked. However there's a strong argument that a license system exists to keep the honest people honest, and produce enough hurdles for the slightly dishonest people - but not so many hurdles that it becomes too much of an inconvenience (eg. I'm generally against hardware locking). Those who do hack your system probably weren't going to pay for it anyway.

like image 168
winwaed Avatar answered Oct 02 '22 16:10

winwaed