JLM is a software license product that is secure enough to "keep honest customers honest", and provides a software vendor with the necessary tools to create, validate and manage software licenses. License Security Overview
JLM software licenses have the following properties:Symmetric encryption is used to secure the vendor-specific license data. Digital signatures bind a license to a particular software product. A message digest of the encrypted, signed license may be used by the vendor as a unique identifier to match a customer to a license. Installation
The JLM product is packaged as a .zip file. Simply unzip jlm
jlm/
RELEASE.txt
bin/
KeyTool
LicenseTool
SystemTest
db/
... ( a convenient directory for license key databases )
docs/
MANUAL.txt
...
lib/
jlm-manager.jar
jlm-product.jar
Currently, the only aspect of the JLM that can be configured is the location of the jlm.log file. This log file is used to log the KeyTool create and remove operations, and the LicenseTool create operation. The default is to create a jlm.log file in the directory that the KeyTool or LicenseTool are run from. To explicitly set the full path of the jlm.log file so that it is always in the same place, modify the following line in lib/log4j.properties:
Change: log4j.appender.A1.File=jlm.log
To: log4j.appender.A1.File=<your-preferred-path>/jlm.log
"The JavaTM Cryptography Extension (JCE) is a set of packages that provide a framework and implementations for encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms. Support for encryption includes symmetric, asymmetric, block, and stream ciphers. The software also supports secure streams and sealed objects.
JCE is designed so that other qualified cryptography libraries can be plugged in as service providers, and new algorithms can be added seamlessly. (Qualified providers aresigned by a trusted entity.) "
The JCE 1.2.1 is an exportable version of the JCE. This version is recommended as it is exportable outside of the US and Canada, and provides the basic algorithms necessary to support JLM.
The JCE must be installed on your applications CLASSPATH. The JLM will dynamically add the JCE as a cryptographic provider when it is called to validate and decrypt a license file.
Do NOT install JCE as an installed extension. This pevents the JCE from encrypting objects thar are NOT part of the Java core class libraries. Adding JCE1.2.1 as a Cryptographic Provider
Before using the JLM from your software product, you must add the SunJCE as a cryptographic provider during startup of your software. Dynamically adding SUN's JCE as a Provider
The jtools.crypto.DefaultCryptoProvider class should be used to install the SunJCE as a crypto provider. Simply construct an instance of this class before using any of the other JLM classes.
public DefaultCryptoProvider() ;
You must run KeyTool to create an empty key database.
For example:
$KeyTool makedb --db=mykeydb --pwd=mypassword
A license key must be created for generating license files and subsequently validating and decrypting license files.
$KeyTool create --key=mykey --db=mykeydb --pwd=mypassword
Now you must export the public-key and encryption-key in a format suitable for embedding in your Java source code.
$KeyTool exportJava --key=mykey --db=mykeydb --pwd=mypassword --out=mykey.txtEmbedding Keys in your Java Code At this point, the file mykey.txt should look like the following:
private String publicKeyStr="......" ; private String encryptionKeyStr="......" ;
Copy this text and paste it into your Java source code for use in calling the SoftwareLicense class described below.
The LicenseTool is used to generate software licenses based on a license key. The input file is the license data file for a particular customer/installation of your product. The output file that is generated by the create command will be used as input to your software product during the license validation and decryption process.
$LicenseTool create --key=mykey --db=mydb --pwd=mypassword --in=mydata.txt
--out=mylicense.dat
The class SoftwareLicense is used by a vendor's software to read, validate and decrypt a software license file.
The fully qualified class name is:
jtools.jlm.model.SoftwareLicense
The lib/jtools.jar must be on your CLASSPATH.
A factory method is provided for creating an instance of SoftwareLicense from a license file on disk:
public static SoftwareLicense createSoftwareLicense
(
String publicKeyStr,
String encryptionKeyStr,
String licenseFile
)
throws IOException
Once an instance of SoftwareLicense has been successfully constructed, you may retrieve the decrypted license data by calling:
public byte[] getLicenseData() ;
For convenience to those vendors that store their license data as text, the following method is supplied.
public String getLicenseDataString() ;
Additionally, if the contents of a license is text in the format of a Java properties file, following method is supplied:
public Properties getLicenseDataProperties() ;
If a NoSuchAlgorithmException is thrown when constructing a SoftwareLicense, then the JCE is not installed properly.
If an InvalidSignatureException is thrown, then the signature on the software license file is invalid. This indicates that the license has been tampered with.
KeyTool is a command-line program that manages one or more secure databases of product license keys. Each database is secured by a vendor supplied password.
The following services are provided:KeyTool logs all activity in $JTOOLS_HOME/etc/KeyTool.log
KeyTool Usage:makedb --db=--pwd= create --key= --db= --pwd= view --key= --db= --pwd= remove --key= --db= --pwd= exportTest --key= --db= --pwd= --out= exportJava --key= --db= --pwd= --out=
| --key | The name of a license key. Typically some variation on the name of the product that the key will be used to generate licenses for. This name should be unique and will be used identify a particular key in the create, view, remove and export operations. |
| --db | The name of the database where the key should be stored. | --pwd | The name of the password that provides access to the specified database. | --out | The path of a file where the exported key data will be written by the export command. |
LicenseTool is a command-line program that creates and validates software licenses.
The following services are provided:
| create | Read a data file containing license data and create a new software license file using the specified license key. | |
| view | View the decrypted license data contained within a signed, encrypted software license file. | |
| validate | Validate the signature contained within a software license file using the specified license key. |
LicenseTool logs all activity in $JTOOLS_HOME/etc/LicenseTool.log
LicenseTool Usage:create --key=--db= --pwd= --in= --out= view --key= --db= --pwd= --in= validate --key= --db= --pwd= --in= xvalidate --xkeys= --in=
| --key | The name of a license key. Typically some variation on the name of the product that the key will be used to generate licenses for. This name should be unique and will be used identify a particular key in the create, view, remove and export operations. | |
| --db | The name of the database that contains the license key 'key' | |
| --pwd | The name of the password that provides access to the specified database. | --in | The path to an existing license data file when used with the create command. When used with the view or validate/xvalidate commands, --in specifies a software license file. |
| --out | The path where a software license file should be created. | |
| --xkeys | The path to the text file generated using the KeyTool exportTest command. |
Technical Support & Contact Information:
Rowland Smith
rowland@webperformanceinc.com
919-395-8393