软件许可证密钥和激活 [英] Software license key and activation
问题描述
我想请教您有关软件注册码意见。我和我的朋友正在建设中的C#应用程序,我们希望在某个时候把它卖掉。我知道有100%盗版软件免费没有这样的事。但至少,我们希望收到来自老实人购买请求,并使它有点硬的非电脑的人来破解它。我们怎样才能做到这一点?我有一个理论,请让我知道你对我的理论的看法。
我要在小数字说话,所以我们会让这个不太复杂。
一旦我们与该应用程序完成后,产生100个不同的许可证密钥。有一个服务器在等待XML请求时,服务器将包含100个不同的密钥的文本文件,接下来将在文本文件
<每个许可证密钥相关的激活码p>例如:
azsx5-edsd5-sdsd5-rtwer(键),aabbaavv(激活码)。
这是安装应用程序将需要提供许可证密钥的计算机和激活它。在激活过程中,应用程序将生成基于计算机的MAC地址的代码,然后它会以XML格式发送它们,服务器将接收XML,并保存在一个文本文件中的许可证密钥和激活代码(就像上面的例子),如果其它的用户使用相同的密钥的方式,我的服务器将检测到许可密钥已具有相关联的激活代码。我不知道如何使软件知道在启动时,它已经被激活。很显然,我不会在安装目录中的文件保存,因此应用程序会读取它,知道被激活(他们只需要复制该文件)。也许保存在其他文件夹中的文件?如Windows / SYSTEM32?
我知道MAC地址可以由用户进行更改,但一个正常的非计算机的人不知道该怎么做。他/她可能甚至不知道MAC地址是什么。反正我的逻辑有道理??
感谢您的帮助。
理想的简单的系统是采取电脑(CPU ID,MAC地址,硬盘序列号等),散列它的一些标识,将其发送到授权服务器。有授权服务器与私用密钥(如RSA密钥或一些类似的非对称密钥)签名的散列。然后,您可以在计算机上保存的许可证。
要测试许可,您的软件应重新计算哈希值,并验证它在许可文件的签署哈希值匹配(和验证该签名对应于许可证服务器(通过嵌入与应用程序的公共密钥。)
这样一个简单的系统,可以容易地以多种方式打破,如欺骗标识符或替换与一个攻击者具有用于私钥公钥,但应为您的目的工作。
I would like to ask for your opinion about software registration keys. Me and my friend are building an application in C# and we would like to sell it at some point. I know there is no such thing as 100% pirate free software. But at least we would like to receive purchase requests from honest people, and make it a little hard for non-computer people to crack it. How can we do that? I have a "theory", please let me know your opinion about my theory.
I’m going to talk in small numbers so we would make this less complicated.
Once we’re done with the application, generate 100 different license keys. Have a server waiting for xml request, the server will contain a text file with the 100 different keys, there will be an associated activation code next to each license key in the text file
e.g. azsx5-edsd5-sdsd5-rtwer (key) , aabbaavv (activation code).
The computer that installs the application will need to provide the license key and activate it. During the activation, the application will generate a code based on the MAC address of the computer, and then it will send them in xml format, the server will receive the xml and save the license key and activation code in a text file(just like the example above), that way if other user uses the same key, my server will detect that the license key already has an associated activation code. I’m not sure how to make the software know at startup, that it is already activated. Obviously I would not save a file in the installation directory so the application will read it and know is activated (they would just need to copy that file). Maybe save a file in other folder? Like windows/system32?
I know MAC address can be changed by the user, but a normal non-computer person will not know how to do it. He/she may not even know what a MAC address is. Anyways does my logic make sense??
Thanks for your help.
The ideal "simple" system is to take some identifier of the computer (CPU id, Mac Address, HDD serial number, etc), hash it, send it to your authorization server. Have the authorization server sign the hash with a private key (like an RSA key or some similar asymmetric key). You can then save the license on the computer.
To test the license, your software should recompute the hash and verify that it matches the signed hash in the license file (and verify that the signature corresponds to license server (via the public key that is embedded with your application.)
Such a simple system can be easily broken in a number of ways, such as spoofing the identifier or replacing the public key with one that the attacker has the private key for, but should work for your purposes.
这篇关于软件许可证密钥和激活的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
