Wednesday, July 12, 2006

JLicense, a bad license library

JLicense is a free Java license library, it supports to create and validate license keys. The license key will be store in license.lic which contains some information like licensor, licensee, expire date,... also you can add more information you need, they called "feature".

As I guess, JLicense will encrypt the information you gave into a signature which also is stored in license.lic. When program runs, JLicense will decrypt the signature and compare it with the information. If they match, program will run. Ofcourse, you can do more validating by using "feature"s.

But when I try to generate new DSA key (seems JLicense uses symmetric algorithm to encrypt data) then create new license, it will invalid (when you download JLicense, it already contained a DSA key, with this one you can create valid licenses). Another problem is I don't understand why JLicense need license.lic in classpath before it creates a new license.

In JLicense web site, they advertise "You can also write your own class, such as a Servlet, to create the license file more dynamically based on user input data." but the example demonstrates how to create license awfully, I still don't know how to create a valid license (from my source code).

These things I found in JLicense v2.7

No comments: