Product Activation on Linux

Question

2.67/5 (3 votes)

See more:

Q. Is there any open source library which can be used on Linux for Licensing & Product Activation related stuff? If No, then is there any near by alternative?

Detailed Q. : The Licensing scheme is as follows:
1. A unique Serial No./Product Key is assigned to user
2. A public key (pgp) or a literal code is included inside of the app.
3. The user installs the application using Product Key
4. The user now needs to activate his application, by choosing the activate option
5. A unique Hardware Hash is generated for the user's machine (say using MD5 or SHA1), which is sent to the activation server together with the Product Key. The application contacts a web service at our hosting location.
6. The Activation Server verifies the Product key. Then identifies whether it’s a first time activation or re-activation.
7. The activation server uses RSA to encrypt the activation related information and form an activation code, which is sent back to the application on user’s side.
8. The Application will verify the activation code by decrypting it with the Public Key included in it, and activate the application on positive verification.
9. The Application periodically checks for any updates to the hardware and if re-activation is required.
10. Maintain a database of issued Product Keys & corresponding activation information.
11. Ensure that further new releases of the product have different Public Key each time and also some slight changes in the activation code verification procedure, so as to reduce chances of product being cracked.
12. License Expiry Information can also be integrated into the activation code. Expiry Date should be periodically checked while the program is running or on start-up. System Time modification should be identified.

Will be making it sure that the Serial key is not used by more than intended number of users/machines, in which case I will be revoking the key.

I know very well that there isnt a full proof anti-piracy solution, if microsoft windows activation can be cracked than anything can be.
I just want a decent enough anti-piracy solution with the requirements i mentioned above.
Providing ease to user is not my priority as user wont ever be required to install the application himself.
I am very much motivated by the anti piracy system used by the Kaspersky Internet Security.

Any suggestions to the desired Anti-Piracy System are most welcome.
Thanks in advance ...

Posted 25-May-11 19:51pm

abhinav11

Updated 30-May-11 2:42am

v4

Add a Solution

Comments

Sergey Alexandrovich Kryukov 26-May-11 1:53am

In a free word of Linux..? I don't know what to say...
--SA

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Emilio Garavaglia · Accepted Answer · 2011-05-25T22:01:00

Think a little bit about you requirement on the user side:
- you are not the owner of the user computer and ...
- the use may want to change / modify / replace his own computer without asking a permission to whatever software vendor he may have in touch with (they can be hundredths ...) and ...
- you sell you license to the "user" (who signed a contract) not to his computer (that's just a machine, and it is not subject of "positive right")

As a user I have (at least in my country) the full right to make whatever number of copies or my own "personal use". What you are required to be granted by me is that it is just "me" (and "just one instance of me", or -more in general- a "number of instances of me" less than the number of licenses I own) using your app. The computer I'm actually using is not your business.

That said, you have probably better not to bind your license to an hardware or a piece of it, but to implement a (sort of) "login" mechanism the "user" (as a person) is required to do, allowing the application to work only if the number of "contemporary login" of a user stays into the number of licenses the user acquired. While doing that, consider also the "unreliability" of the Internet (you cannot "pretend a logoff": a machine can crash and be rebooted or the network may be "not in service" when your app is closed) so implement also an expiration and renew of the login, allowing a "grace period": if I have 10 licenses, and the token renewal proces is 10 minutes, give me the right to reach ... 12 logged session into a "grace period" of 5 minutes).

If you plan to sell your app also to companies, consider also a way to supply a "license manager" to the company as well: It could be they want (and in certain countries this is their own legal right) to manage themselves their own internal users, without giving you their own individual internal credentials. After all, you have to be granted only to their "number", not "personal identity".