Uli's Web Site

Other Sites:	Stories Pix Abi 2000 Stargate: Resurgence
Lost?	Site Map!

blog

	Blog Topics

	Archive

15 Most Recent [RSS]

	Less work through Xcode and shell scripts 2011-12-16 @600

	iTunesCantComplain released 2011-10-28 @954

	Dennis Ritchie deceased 2011-10-13 @359

	Thank you, Steve. 2011-10-06 @374

	Cocoa Text System everywhere... 2011-03-27 @788

	Blog migration 2011-01-29 @520

	All you need to know about the Mac keyboard 2010-08-09 @488

	Review: Sherlock 2010-07-31 @978

	Playing with Objective C on Debian 2010-05-08 @456

	Fruit vs. Obst 2010-05-08 @439

	Mixed-language ambiguity 2010-04-15 @994

	Uli's 12:07 AM Law 2010-04-12 @881

	Uli's 1:24 AM Law 2010-04-12 @874

	Uli's 6:28 AM Law 2010-04-12 @869

	Uli's 3:57 PM Law 2010-04-12 @867

More...

Nice article on serial numbers

Just stumbled across a neat (and, admittedly, old) article that explains how to use the OpenSSL library from code as a way of implementing licensing for an application you write.

OpenSSL keys aren't quite suitable for use as serial numbers (because a 1024-bit key is 128 characters long, and users wouldn't want to type that), but if you have a license URL scheme or a license file implementation, they'll do just fine. You just use your private key to encrypt some data about the license (i.e. user name, number of seats, expiration date), and the app can extract that using the public key. And factoring a private 1024-bit key currently still takes too long to be worthwhile.

This doesn't make your app un-crackable, but will keep key generators off the web. People will need binary patches to remove the licensing code or replace the public key. And whoever is stupid enough to use a binary patch from some shady web site is punished enough already, because they prolly also have lots of viruses and exploits on their machine anyway...

Reader Comments: (RSS Feed)
Kishor Patel writes:
Great pointer. Thanks very much.
Or E-Mail Uli privately.