


#Openssl licensing cracker#
Otherwise a software cracker or reverse engineer would be able to generate licences for your software. It must not be present in your software (a popular mistake, by the way). It's important not to share your RSA private key with user. % openssl dgst -verify pubkey.pem -keyform PEM -sha256 -signature -binary licence.txtĬhange a byte in licence.txt, and it will not be verified. Your software at customer's/users' side should check/verify this license. UFxYKBoqkioI/dAyRpLdxeQ5vswGK+DRZw4bEmSbSj1TmzEiWfZeuSh9DehGj6KpoBLNJZIKojWY Kp/SMbrdR9LaN/i圓JFHFRGzku/RCrUJcwqzMnZKDyR0R+mztWZCgXqwSUg8圜Qib/zqHEHChJRt MSX97Fn0bJ8rKFSZKfoB6Kj3wSH0V5OMM2nAqKUYt9HO8ZWjPuJrYb+Fmvwr8IkjiI0EV1OOR3m5 Well, the can be converted to base64, to be less intimidating:į2OUNTRNCQzehQOgqbsZZ4kSrQulY+bVouQeyB9v17zm0eqxhjIC3FHl05ChKcGmlAKyRI6xTB7G You can pass your customer a license: license.txt +. Hence, RSA-2048 can encrypt/sign only data smaller than 2048 bits or 256 bytes.Īnd the file is usually hashed using SHA256 or other algorithm.Īnd the hash is then signed/verified by RSA.Īfter openssl's command execution, a 256-byte binary file is created. RSA encrypts/sign small pieces of data, smaller that it's key's length. In fact, this is important thing to keep in your mind. What's with "dgst" (digest) and "sha256" in command-line? % openssl dgst -sign keypair.pem -keyform PEM -sha256 -out licence.txt Sign this text file with your RSA private key: % openssl rsa -in keypair.pem -pubout -out pubkey.pem Sign=HYsXD1kNhT5wQtZonYi5OwIRMJe9x9wfUIa7m9pGZNKM/wufQ6uk4iq9xOc2JPV0HURYMG+/Oim9Fa7GftCgPNRei9mvnJEswIW450d3HbjJ9Pl7qk161jmzhpqci35dwOXjHhDcX0Qje0FvawxSEV81txwUrdGUnTHQoLTIOBkdzFjDfSEz8UzbJuya9BS6+AqEF+1D8tdXvBvcqf5JktAe6N4/T3sUhXPu5nhUMET3iPLHtOqjmWjDuL2k0RVfH6YiSEKRY065h+HLAS/W97Qbj/bRH5dkXt3ZFLYjdYDKqkm2vzLPnQBvYo/8TLYUMOhdlkA4pHaLgPVguvMquw=
#Openssl licensing serial#
You saw this many times: a license file with a name, serial number, features supported and some code.Īnd some info of a computer that license is connected to, like MAC address.
