a "vairable"

I am building something taht a client has paid for a specific amount of license for, so in our code we have a number represnting that...but if they purchase more license we need to update taht number.
Is there a better way of doing this other than resend the client another DLL?
Please adivse of another way, but it needs to be secure and in a way so the client wont figure it out so they wont increase the license number.

Please advise.
solraccheffyAsked:
Who is Participating?
 
jackiechen858Connect With a Mentor Commented:
I think it don't need to be so complex.  you can just samply use a md5 method
to do it.

using System.Text;
using System.Security.Cryptography;

            public static string GetLicenseString (int nlicenseNumber  )
            {
                  string strMDAppend = "xzkale2sx789ASw";
                  string strMD = nlicenseNumber.ToString() + strMDAppend;


                  UTF8Encoding encoder =new UTF8Encoding();

                  MD5CryptoServiceProvider md5 =  new MD5CryptoServiceProvider();
                  byte[] result =md5.ComputeHash( encoder.GetBytes(strMD) );
                  string strResult="";
                  for ( int i=0;i<16;i++ )
                  {
                        strResult += result[i].ToString("X00");
                  }
                  return strResult;
            }

using the above function, you can get a unique string for any number.
save the number and the string into a file. and when you load the dll,
call the same function to generate a new string for the same number.
the two strings should be same.  it used MD5 algorithm to generate
a 16 bytes array for a string. If the input strings are different, the output
arrays will "almost for sure"( 1/ (2^(8*16) )  )  be different. and the
good thing is even if the input string only has little difference, the output
arrays will be totally mess, so it's impossible to reversely get the string
from the array. So if the user can't get the strMDAppend "xzkale2sx789ASw",
he can't generate the string.




0
 
CallandorCommented:
You could construct a key that incorporates the number of licenses allowed, then have the program read the key and calculate how many licenses that key represents.  The encryption algorithm to create the key needs to be sophisticated enough (perhaps involving large prime numbers) to prevent breaking and will only allow the program to work if a valid key is provided.
0
 
solraccheffyAuthor Commented:
That is kind of what I am looking for....I have that thought but not sure on how to go about implementing it.
please advise.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
CallandorCommented:
Have you taken a look at how PGP is implemented?  There is a public key and a private key, and though you don't need a public and private key, you could code the public key to decrypt what you send that's encrypted with the private key.  This could include how many licenses, and the program could reject any answer outside a range.  The client would only see an encrypted license key, which the program would decrypt and figure out how many licenses they have.  They would not be able to change the license key without knowing what the private key was.
0
 
solraccheffyAuthor Commented:
Makes sense, where can I get an example on how to do this, step by step?
0
 
CallandorCommented:
Take a look at http://www.pgpi.org/
0
 
jackiechen858Commented:
the bad thing about the sample solution is if they trace the dll and find the
strMDAppend , then you are screwed :-( but if they can trace the binary
code, I guess they can do everything.
0
All Courses

From novice to tech pro — start learning today.