[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Software Licencing on AS/400

Posted on 2004-10-25
Medium Priority
Last Modified: 2008-02-01
Hi ,
I am currently developing software which I would like to be able to licence to various companies. This is been developed on an IBM AS/400 V5R2 operating system.  The software in question is bar-code scanning software and will run on bar-code scanners using 5250 emulation. It is been developed using RPG/400. I would like the ability to be able to supply software which would be licenced to a company for a specific period of time and/or for a max number of users. The type of control that I am trying to achieve is as follows:

1. If the max users were exceeded on any given day then the additional users would be prevented from using the software

2. A warning message would be displayed n days prior to expiry. If the expiry date of the software licence has been exceeded then the users would be prevented from using the software from that date forward.

3. Upon renewal of software licence the user would key in a password and the application would again become available.
4. Some form of encryption would prevent the user from bypassing the security.
I have heard that GENLICKEY is available as part of SM-1 however the AS/400 I am developing on does not have SM-1 installed.

Is there any other avenue open to me to achieve the above.  If so could you please point me in the right direction. The solution should be enough to encourage users to renew the licence upon expiry but it does not have to be completely crack proof. (if there is such a thing!!)
Appreciate any help I can get on this subject
Pat Clarke
Question by:pclarkeirl
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 16

Accepted Solution

theo kouwenhoven earned 300 total points
ID: 12412267
Hi  pclarkeirl,

I'm not sure, but developing software for limmed number of concurent users is very rare on the AS/400.
Normally the licence fee is calculated related to the machine model DSPSYSVAL SYSVAL(QMODEL)
The security you can arrange by the serial number DSPSYSVAL SYSVAL(QSRLNBR)  

We created some software a while ago that calculate a licence end date. I dont remember exactly, but as follows.

If the licence is ended or almost ended.
   The check was build in 3 diferent parts:

A function is  Generating a key and pop-up a screen with:
 - Model number
 - Serial number
 - Licence key
      This key was calculated from the last part of a timestamp (seconds and miliseconds) , modelnumber and serial number (numeric part only)

To get a new key the user have to supplie you with the Model Nbr, Serial Number and the key.

Now you enter this key and a new key will be generated by
   putting the new date model number and serial number in a string and add this to the old licence key.


Model : 820
Serilal : 123456B
Timestamp :  2004-10-26-17-22-35-123456

820 * 123456 = 101233920 + 35123456 = 136357376
 so the Generated key = 136 357 376  or 0001-3635-7376

This key entered in your system + the Model and serial number will generate a new key
Model + serial + new_licensedate:   82012345 + 20051231 = 102063576
  102063576 + 136357376  <= customers generated key:

Your licence key = 238-420-952
At customer site: 238420952 - 136357376 = 102063576 - 82012345 = 20053112 New Licence date.

Because every time the customer starts his application, his key is diferent, so your key is diferent.
because the Serila and Model is included, the key can not be used on other machines.

I didn't mention some little details, because this is more or less qualified information,
but you can add some extra values to the key's.

The new date can be stored in a binary or packed field in a normal date format or in a calculated date format
eg. xxx days after a specific date  
Store 2130 to indicate 2004-10-31 this day is 2130 days after 2000-01-01

LVL 14

Assisted Solution

daveslater earned 200 total points
ID: 12412509
First you must make up a key. This must include the following:

Serial Number (7 bytes)
Model (3 bytes)
Expiry Date (8 bytes)

Total length = 18 bytes this could be stored in a data area

Next to encrypt it.

What I would do is create Cross Reference constants in the program.

ENCRYPTED = ‘mNbvcXZasDFghJKL0192837465qWertYuiOp”

Then when reading the password use offsets to move round the encrypted string so that the same characters have different values

And remember to compile with an option that do not allow source to be viewed.

Here is a simple program to do the job

d Input           s             37    Inz(                                
d                                     'ABCDEFGHIJKLMNOPQRSTUVWEXY-        
d                                      1234567890')                      
d Encry           s             37    Inz(                                
d                                     'mNbvcXZasDFghJKL0192837465-        
d                                      qWertYuiOp')                      
dI1               s             10i 0                                    
dI2               s             10i 0                                    
dI3               s             10i 0 Inz(%size(Key))                    
dI4               s             10i 0 Inz(%size(Input))                  
D Key             DS                                                      
DQserial                         7    Inz('S4412SS')                      
DQModel                          3    Inz('890')                          
DDate                            8    inz('20041201')                    
D EnKey           s                   Like(Key)                          
D Keyz            s                   Like(Key)                          
c                   For       I1 = 1 to I3                                    
c                   Eval      I2 = %scan(%subst(Key : I1 : 1) : Input)        
c                                  + I1                                        
c                   If        I2 > I4                                          
c                   eval      i2 = i2 - i4                                    
c                   endif                                                      
c                   eval      %subst(enKey:i1:1) = %subst(Encry:i2:1)          
c                   EndFor                                                    
 ** decript                                                                    
c                   For       I1 = 1 to I3                                    
c                   Eval      I2 = %scan(%subst(EnKey : I1 : 1) : Encry)      
c                                  - I1                                        
c                   If        I2 < 1                                          
c                   eval      i2 = i2 + i4                                    
c                   endif                                                      
c                   eval      %subst(Keyz:i1:1) = %subst(Input:i2:1)          
c                   EndFor                                                    
c                   seton                                        lr            

LVL 16

Expert Comment

by:theo kouwenhoven
ID: 12415121
Hi  Dave, pclarkeirl,

Real encryption is not only changing the characters to other characters by replace them on character value, but also on place in the string.

In Daves example is the result of the key : S4412SS89020041201 => 9rrqw99iopwpprqwpq
same character resultate in the same replacement.

By using the same encription string as Daves example and some simple extra encription, the result of the same input will be:
S4412SS89020041201 => 2Yutu65XaDbghaXa0s

This is a very simple example, you probably solve this encription within minutes, but you can make it as complex as you can think of.

But encrypting isn't always what you want, the more encryption you put in, the more dificult it will be by trouble shooting and support.
LVL 14

Expert Comment

ID: 12419391
Hi Murphy
Encryption can be broken like you have said. When I want big security I put in a two byte offset field that is split (say byte 1 at position 15 and byte 2 at position 7). These two fields are first decrypted against the standard encrypted table. These then point to an array element that populated the actual encrypted data. I also put random characters that are inserted into the key at specific points.

The resulting encryption is virtually impossible to hack as there is no consistency between any keys. The only way to do it is de-compile the program and check out the logic.

When you sell to some one you will have a supplier table – I hold the encryption key used on this table.

Again it is how secure you want it to be and how much effort you want to put in.

Author Comment

ID: 12419824
Hi Dave,Murphy,
thanks to both of you for some great information. It has certainly given me the start that I needed to develop a licence key system. I can see also that I could if necessary incorporate a Max users value into the same concept. I might come back to you further down the line if I hit any problems.

all the best


Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Desired Skill Set for Microsoft Dynamics CRM Technical Resources – Part III
WooCommerce is becoming the most powerful e-commerce plugin for Wordpress. And why not. The platform comprises of numerous core plugins that may come in handy, powerful options to make your website development task much easier.
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question