Do you want to make your own program to do this? Because you can probably use Globetrotter's license management software for free so long as you meet certain requirements. Which you probably do. The point at which you have to start paying to use it (commercially) is based on your revenues, and last time I checked your company has to be making $1 million or more in annual revenues to have to pay for it. FlexLM is a suite of commercial tools for adding license management to your software. Pretty much anything you can think of in terms of licensing and distribution models is already available by using their libraries.
It's usually better to integrate an existing licensing scheme than roll your own. If you really want to do it relatively securely, then you could do something like this: a) decide on the features of the licensing scheme, this is usually a decision on the different fields. Typical fields include: i) product name ii) version number (major.minor.build) iii) license type, this is usually a bitmask with bits set for individual product features that are enabled/disabled iv) expiration date for trial licenses (this is vulnerable to the attacker changing the date on the computer) or number of days remaining (this is vulnerable to an attacker reinstalling with the same license) v) license string.
Sep 16, 1999 An Universal utility to crack FLEXLM protected warez including PTC. Abel7, CAD-UL. The most exciting thing is you can generate your own code on your particular applications. Is a really great tools that allow everyone to generate a valid FlexLM license. How can do it? Using various trick and back door inside FlexLM DLL's. Tracking And Analyzing FLEXlm License Usage Via The Web Joshua Parsell Aerojet [email protected] 703-754-5360. 16 FLEXlm-licensed applications served over 16 ports on 3 different servers. Inform decisions about additional license purchases.
This may be identical from license to license, or it may contain the name of the company for which the license is issued, or the name of the consulting company or channel partner. This is useful if somebody posts a license key on Usenet. Vi) any other information that's germane to your program b) generate a private key/public key pair using some suitably strong cryptographic algorithm. Any off the shelf implementation of asymetric key crypto will work. C) write a simple GUI program that you can distribute to sales folks that allows the input of the relevant fields from (a), and has the private key embedded in it.
The program should generate a textual license by encrypting the license data with the private key (this is the reverse of normal asymetric crypto), and then mapping the binary data to text using something like base 64 encoding. D) embed in your application your public key.
This key is then used to decrypt the license that the user provides, if it decrypts to something sane (such as the product name matches up correctly), then enable the features that the license enables. This above scheme requires the delivery of a license file, as the encrypted data will likely be larger than can be transcribed into an install program.
It doesn't protect against the binary being modified (usually replacing the license check with a noop or an unconditional jump), nor against in memory program modification (via a debugger or more malicious program). It's very, very difficult to protect yourself against a determined malicious attacker who's trying to crack your licensing scheme, as your code is essentially running on a machine that it can't trust.
The best defense is probably using a secure license server with a token system similar to kerberos, where the token is used to authenticate valid use of the software, but not many users will consent to something so onerous. There's a ton of other schemes, some more secure (involving a license server on the internet for example) and some less secure (using no crypto and just a single static license string). Quote: You are almost guaranteed to spend more money fixing the problem than the problem actually cost you in the first place. I disagree with Thanatos' Law of Piracy. Putting in a simple scheme can take a couple of days to implement, including some device to generate license keys. At the bare minimum, this will prevent casual copying from one person to another.
Most people don't go and download cracked versions so a basic scheme will keep honest people honest. The cost of this can be relatively small, especially if you automate the license key generation online.