使用 RSA 保护许可证文件 [英] Using RSA to protect license files

问题描述

我想使用 RSA 来保护应用程序中的许可证文件.思路如下:

I want to use RSA to protect license files in an application. The idea is as follows:

1. 创建许可文件(纯文本).
2. 创建一个 RSA 密钥对.
3. 使用公钥加密许可文件.
4. 将私钥放入应用程序的二进制文件中.
5. 然后应用程序可以解码许可文件并开始运行.

问题是我必须随我的应用程序一起提供私钥.如果我将公钥保密，会不会有问题?

The thing is that I have to ship the private key with my application. Is that a problem if I keep the public key secret?

如果没有，还有什么其他好的(足够的)方案来创建许可证文件系统?

If not, what other good (enough) schemes exist to create a license-file system?

推荐答案

可以从私钥恢复公钥，因此将私钥嵌入到应用程序中与同时发布私钥和公钥一样好明文中的密钥(以从二进制文件中破解私钥的努力为模).

It is possible to recover a public key from a private key, so having the private key embedded in the application would be as good as publishing both the private and public keys in cleartext (modulo the effort of hacking the private key out of the binary).

在这些情况下，许多人会求助于混淆.其他解决方案可能是硬件令牌、网络身份验证或现成的许可证管理系统.

Many people resort to obfuscation in these situations. Other solutions would be a hardware token, network authentication, or an off-the-shelf license management system.

这可能会提供一些关于其他人如何使用公钥加密来创建许可证文件系统的想法:http://www.codeproject.com/Articles/203840/RSA-License-Protection

This might provide some ideas about how other people are using public-key cryptography to create license file systems: http://www.codeproject.com/Articles/203840/RSA-License-Protection

这篇关于使用 RSA 保护许可证文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！