Nadav Har'El wrote: > On Sun, Aug 17, 2003, Oren Gozlan wrote about "License creator source": > >>I'm not sure that this is the place.. But ... > > > Indeed, it probably isn't. > Asking such a question on linux-il is almost like asking "how do I cook > steak" on a vegetarians' mailing list - even if people know, they are not > likely to want to admit it :) > > >>I'm looking for a starter source to build a license key that will be >>expired after 30 days. > >
What about freedom of information? What if he wants to know this for other purposes than the ones you so readily assumed (e.g. just learn)? Generally, off the top of my head - what you have to do is to write a text like: "Valid until YYYY-MM-DD HH:MM:SS" digest this (e.g. MD5) and sign the digest with a private key on your private machine. The license file will look like: Valid until YYYY-MM-DD HH:MM:SS <signed digest of the above> Provide the protected program with this file and a public key (possibly compiled and hidden in the program's binary). The "protected" program will have to read all the lines not including the signed digest, digest it too (e.g. MD5 again), decrypt the <signed digest of the above> using the public key which comes with it and compare the two. If they are the same then the license file is probably valid. You can find asymmetric keys encryption implementations on the net. The program can probably be attacked in several ways, one way I can think of right now is to replace the public key in the program so it matches the attacker's invented private key. Another is that the code which checks the license will be skipped altogether. (Don't worry about the GPL comment sent by someone - there is probably also non-GPL code floating around). --Amos "This is my vegetarian day - I eat only vegetarian animals". ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
