Generating / Validating License Key for C# Server Control [closed]

问题

Closed. This question is off-topic. It is not currently accepting answers.

---

Want to improve this question? Update the question so it's on-topic for Stack Overflow.

Closed 4 years ago.

I've found a couple of posts suggesting proprietary solutions that do what I'm looking for. I'm hoping someone has a tutorial they can pass along.. Anyways - here's what I need:

I have a server control that is built for Sitefinity. It's compiled into a DLL. When someone purchases the control, I'd like to generate a license file (.txt / .lic) that contains a key specific to their site URL / hostname. The license file should support multiple URLs/hostnames - in case they need it to work on their dev and production sites.

When someone tries to load up the control without having the proper license file - it will just spit out a "Not licensed" message.

Any thoughts? I've looked at Microsoft's page on Server Control Licensing - and it was way over my head. It also licensed by Machine. I'd like to license by URL/hostname.

回答1:

I cannot provide you an answer based on an existing framework. Here my solution

1. Basic idea: Use signatures like in emails. The signed data are the authorized URLs.
2. Create a public / private key pair using regular asymmetric cryptography (enough tutorials available).
3. Embed the public key in your compiled DLL.
4. When the control is rendered, load the license file, verify its signature using the embedded public key, verify the current accessing url against the provided urls found in the license file (which are protected by the signature).
5. On Success: Let it flow
6. On Failure: Add your message to output.
7. (For performance: Cache the authorization token in application data memory)
8. (For protection of the mechansim: apply a code obfuscator on the assembly)

Additional you need a tool to create the licenses using the private key (which is not part of the distributed assembly but just this tool.

Update: As I see you biggest concern is the creation of the license key:

1. Create a Windows Forms application
2. Create a text box which allows multiple lines
3. Each line can have one URL accepted.
4. Take all lines as text, using a StreamWriter (based on CryptoStream based on FileStream).
5. The CryptoStream uses the private key which was created before.
6. The FileStream is open to the license file you want to distribute.

Hope that helps!

回答2:

You can use one of the existing open source solutions to generate and validate license files:

• Rhino Licensing
• Portable.Licensing

Boths tools allow you to store additional data to the license file -> in your case the allowed domain names.

Using the Portable.Licensing solution you can use product features or additional license data to add the allowed domain names:

var license = License.New()  
    //... other options
    .WithProductFeatures(new Dictionary<string, string>  
                              {  
                                  {"example.com", "yes"},  
                                  {"domain.tld", "yes"}
                              })  
    // ... other options
    .CreateAndSignWithPrivateKey(privateKey, passPhrase);

To verify the domain:

if (license.ProductFeatures.Contains("domain.tld"))
    // ...

DISCLAIMER: i'm the author of the Portable.Licensing open source project

来源：https://stackoverflow.com/questions/7867670/generating-validating-license-key-for-c-sharp-server-control