hi list,
are there any infos around how CP does sign the 4.1 licenses? I can
imagine they calculate some hash over the address|hostid, the product
name and the certificate key. Afterwards this hash is encrypted with
some private key, base64 encoded and sent to the customer as a
signature called license string.
During 'fw putlic' the signature is validated using one of the builtin
public keys.
Does anybody know something about the hashing and encrypting
algorithm. A misguided individual could think about launching
'fw putlic' from within a debugger and tracing through the function
calls, which probably can be considered in most countries as
prohibited re-engineering. In theory, knowing the algorithms
it probably will be easy to construct a license generator.
At least some disgruntled CP employee (like Dr. Watson from MS who
programmed all the bugs into Windows) could be able to to do so.
In the last few weeks we've received a couple of 4.1 licenses which
didn't install. At least in one case we proved that the license
string (something like aGys3bqaP-q8V8ouJ4i-X9dQvvHtQ-KcJylSXbu)
was transferred manually with a typo. It sucks getting shipped
licenses which don't work!
Not to mention our reseller wasn't very helpful unless we informed
them we're not going to pay anything before the licenses do work ;-)
They still believe we're too stupid to enter the 'fw putlic' command.
Olaf
--
Olaf Selke, [EMAIL PROTECTED], voice +49 5241 80-7069
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
