com.verhas.licensor

Class License

java.lang.Object

com.verhas.licensor.License

Direct Known Subclasses:

ExtendedLicense

public class License
extends Object

A License object is (key,value) pair set that can be interpreted arbitrary. There is no special meaning how to handle these. The License object however can be electronically signed and saved into a file and loaded and verified.

You can use a License object for two purposes:

• Create a new license from pure text properties file, from a string or build it up programmatically and then sign and save it to a file.
• Load an encoded license, verify it and then query features.

License files in clear text are simple properties text files. Electronic signature and coding is applied using the format PGP. The library used to handle encryption is BouncyCastle.

Author:

Peter Verhas

Field Summary

Fields

Modifier and Type	Field and Description
protected Properties	licenseProperties

Constructor Summary

Constructors

Constructor and Description
License()

Method Summary

Modifier and Type	Method and Description
byte[]	calculatePublicKeyRingDigest() Calculate the SHA512 digest of the public key ring that is used to decode the license.
void	dumpLicense(File file) Dump the license as clear text into the file.
void	dumpLicense(OutputStream os) Dump the license as clear text into the output stream.
void	dumpLicense(String fileName) Dump the license as clear text into a file.
String	dumpPublicKeyRingDigest() Dump the public key ring digest as a Java code fragment.
String	encodeLicense(String keyPassPhraseString) Encode the currently loaded/created license.
static String	fromResource(String resourceName)
Long	getDecodeKeyId() Get the key id that was used to decode the license.
String	getFeature(String key) Get a license feature.
String	getLicenseString() Get the license as clear text.
boolean	isVerified() Check if the license was verified.
License	loadKey(File fin, String userId) Load the secret key to be used to encrypt a license.
License	loadKey(InputStream inputStream, String userId) Load the secret key to be used to encrypt the license.
License	loadKey(String fn, String keyId) Load the secret key to be used to encrypt a license.
License	loadKeyRing(File file, byte[] digest) Load a key ring from a file.
License	loadKeyRing(InputStream in, byte[] digest) Load a key ring from an input stream that can be used to verify a license.
License	loadKeyRing(String fileName, byte[] digest) Load a key ring from a file.
void	loadKeyRingFromResource(String resourceName, byte[] digest) Load a key ring from a resource file (a file that is packaged into the JAR file).
void	setFeature(String key, String value) Set a license feature.
void	setHashAlgorithm(int hashAlgorithm) Set the hash algorithm to use to sign the license.
License	setLicense(File file) Set the license values from a clear text file.
void	setLicense(InputStream is) Set the license values from an input stream.
void	setLicense(String licenseString) Set the license from clear text format.
void	setLicenseEncoded(File file) Open an encoded license file.
void	setLicenseEncoded(InputStream inputStream) Open an encoded license from input stream, decode and load it.
License	setLicenseEncoded(String licenseStringEncoded) Open an encoded license from the string literal.
void	setLicenseEncodedFromFile(File file) Deprecated.
License	setLicenseEncodedFromFile(String fileName) Open an encoded license from a file.
License	setLicenseEncodedFromResource(String resourceName) Open an encoded license from a Java resource.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

licenseProperties

protected Properties licenseProperties

Constructor Detail

License

public License()

Method Detail

setFeature

public void setFeature(String key,
                       String value)

Set a license feature.

Parameters:

key - the name of the feature

value - the string value of the feature

getFeature

public String getFeature(String key)

Get a license feature.

Parameters:

key - the name of the feature.

Returns:

the value of the feature as String

setLicense

public void setLicense(InputStream is)
                throws IOException

Set the license values from an input stream. The stream has to contain properties.

Parameters:

is - the input stream to read the properties values from

Throws:

IOException - when the input stream can not be read

setLicense

public License setLicense(File file)
                   throws IOException

Set the license values from a clear text file. The file has to be a properties file.

Parameters:

file - the file to read the license data.

Returns:

this

Throws:

IOException - when the file can not be read

setLicense

public void setLicense(String licenseString)
                throws IOException

Set the license from clear text format. This text should be a properties format file.

Parameters:

licenseString - the properties content.

Throws:

IOException - when the string is badly formatter and therefore the license can not be loaded from the string

getLicenseString

public String getLicenseString()

Get the license as clear text. The license has the format that is usual for properties files.

Returns:

the license as clear text

dumpLicense

public void dumpLicense(String fileName)
                 throws IOException

Dump the license as clear text into a file.

Parameters:

fileName - the name of the file to dump the license into.

Throws:

IOException - when there is an error writing the file

dumpLicense

public void dumpLicense(File file)
                 throws IOException

Dump the license as clear text into the file.

Parameters:

file - the file to write the license text.

Throws:

IOException - when there is an error writing the file

dumpLicense

public void dumpLicense(OutputStream os)
                 throws IOException

Dump the license as clear text into the output stream.

Parameters:

os - the output stream.

Throws:

IOException

isVerified

public boolean isVerified()

Check if the license was verified. A license verification checks the electronic signature. If this method returns false, your application program should not believe the rights the license may declare.

Returns:

true if the license was verified.

setHashAlgorithm

public void setHashAlgorithm(int hashAlgorithm)

Set the hash algorithm to use to sign the license. The default value is SHA512.

Call to this method is needed only when encoding license and only when the default algorithm is not appropriate for some reason or if the caller wants to ensure that the default algorithm is used even when a later version of this library is used.

The default algorithm may change in future versions of this class. Note that the default algorithm was SHA1 prior to version 1.0.4

Parameters:

hashAlgorithm - the hash algorithm, a constant from the class org.bouncycastle.openpgp.PGPUtil. For more information on this class visit Bouncy Castle

loadKey

public License loadKey(String fn,
                       String keyId)
                throws IOException,
                       org.bouncycastle.openpgp.PGPException

Load the secret key to be used to encrypt a license.

Parameters:

fn - the name of the file that contains the key rings.

keyId - the id of the key to be used.

Returns:

this

Throws:

IOException

org.bouncycastle.openpgp.PGPException

loadKeyRingFromResource

public void loadKeyRingFromResource(String resourceName,
                                    byte[] digest)
                             throws IOException

Load a key ring from a resource file (a file that is packaged into the JAR file). This method invokes loadKeyRing(InputStream in, byte[] digest).

Parameters:

resourceName - the name of the file inside the JAR file with full path.

digest - the SHA512 digest of the key ring.

Throws:

IOException

loadKeyRing

public License loadKeyRing(String fileName,
                           byte[] digest)
                    throws FileNotFoundException,
                           IOException

Load a key ring from a file. This method invokes loadKeyRing(InputStream in, byte[] digest).

Parameters:

fileName - the name of the file

digest - the SHA512 digest of the ring

Throws:

IOException

FileNotFoundException

loadKeyRing

public License loadKeyRing(File file,
                           byte[] digest)
                    throws FileNotFoundException,
                           IOException

Load a key ring from a file. This method invokes loadKeyRing(InputStream in, byte[] digest).

Parameters:

file - the file

digest - the SHA512 digest of the ring

Throws:

IOException

FileNotFoundException

loadKeyRing

public License loadKeyRing(InputStream in,
                           byte[] digest)
                    throws IOException

Load a key ring from an input stream that can be used to verify a license. The key ring can only be loaded if the it is a proper PGP key ring and the SHA512 digest of the key ring matches the parameter 'digest'. This is a simple mechanism to avoid someone to replace the key ring and have a spoof license to be verified.

Parameters:

in - the input stream where the key ring comes from.

digest - the digest of the key ring. If this parameter is null then the key ring is loaded no matter of its checksum.

Throws:

IOException

IllegalArgumentException - when the digest does not match the supplied digest. This means that the JAR file containing the key ring was tampered and the key ring is not the same as the one packaged by the developer. In this case using the key ring is useless to check the authenticity of the license and because of this the key ring is not loaded in such a case.

calculatePublicKeyRingDigest

public byte[] calculatePublicKeyRingDigest()

Calculate the SHA512 digest of the public key ring that is used to decode the license.

Returns:

the digest as a byte array.

dumpPublicKeyRingDigest

public String dumpPublicKeyRingDigest()

Dump the public key ring digest as a Java code fragment. You can copy this string into your licensed code that calls loadKeyRing to protect the code from key ring replacement.

Returns:

the Java program code fragment as string.

loadKey

public License loadKey(File fin,
                       String userId)
                throws IOException,
                       org.bouncycastle.openpgp.PGPException

Load the secret key to be used to encrypt a license. This is a complimentary method that calls loadKey(InputStream in, String userId).

Parameters:

fin - the file that contains the key ring.

userId - the user id of the key to be used.

Returns:

this

Throws:

IOException

org.bouncycastle.openpgp.PGPException

loadKey

public License loadKey(InputStream inputStream,
                       String userId)
                throws IOException,
                       org.bouncycastle.openpgp.PGPException

Load the secret key to be used to encrypt the license. After the key is loaded it can be used to encrypt license files.

Parameters:

inputStream - input stream of the file containing the key rings

userId - the user id of the key. If this parameter is null then the first key on the key ring appropriate to sign will be used.

Returns:

this

Throws:

IOException

org.bouncycastle.openpgp.PGPException

encodeLicense

public String encodeLicense(String keyPassPhraseString)
                     throws IOException,
                            NoSuchAlgorithmException,
                            NoSuchProviderException,
                            org.bouncycastle.openpgp.PGPException,
                            SignatureException

Encode the currently loaded/created license.

Parameters:

keyPassPhraseString - the pass phrase to the signing key that was loaded.

Returns:

the license encoded as ascii string.

Throws:

IOException

NoSuchAlgorithmException

NoSuchProviderException

org.bouncycastle.openpgp.PGPException

SignatureException

setLicenseEncoded

public License setLicenseEncoded(String licenseStringEncoded)
                          throws UnsupportedEncodingException,
                                 IOException,
                                 org.bouncycastle.openpgp.PGPException

Open an encoded license from the string literal.

Parameters:

licenseStringEncoded - the license encoded in string format.

Returns:

this

Throws:

org.bouncycastle.openpgp.PGPException

IOException

UnsupportedEncodingException

setLicenseEncodedFromResource

public License setLicenseEncodedFromResource(String resourceName)
                                      throws IOException,
                                             org.bouncycastle.openpgp.PGPException

Open an encoded license from a Java resource. Use this method when the license is inside the JAR file of the shipped code.

Parameters:

resourceName - the name of the resource that contains the license.

Returns:

this

Throws:

org.bouncycastle.openpgp.PGPException

IOException

setLicenseEncodedFromFile

public License setLicenseEncodedFromFile(String fileName)
                                  throws FileNotFoundException,
                                         IOException,
                                         org.bouncycastle.openpgp.PGPException

Open an encoded license from a file.

Parameters:

fileName - the name of the file containing the encoded license.

Returns:

this

Throws:

org.bouncycastle.openpgp.PGPException

IOException

FileNotFoundException

setLicenseEncodedFromFile

@Deprecated
public void setLicenseEncodedFromFile(File file)
                                           throws FileNotFoundException,
                                                  IOException,
                                                  org.bouncycastle.openpgp.PGPException

Deprecated.

Deprecated. Use setLicenseEncoded(File file).

Parameters:

file -

Throws:

org.bouncycastle.openpgp.PGPException

IOException

FileNotFoundException

setLicenseEncoded

public void setLicenseEncoded(File file)
                       throws FileNotFoundException,
                              IOException,
                              org.bouncycastle.openpgp.PGPException

Open an encoded license file.

Parameters:

file - the file where the encoded license is.

Throws:

org.bouncycastle.openpgp.PGPException

IOException

FileNotFoundException

getDecodeKeyId

public Long getDecodeKeyId()

Get the key id that was used to decode the license. The protected code may need this id to check the key security level. The protection may store different keys in different location. For example the key to generate expiring demo licenses may be stored on the public server to let it automatically generate demo keys.

The key used to generate commercial licenses is stored in a bunker, deep down under the ground between steel walls.

In such a situation the protected program will not accept a commercial non expiring license (that could have been stolen) signed by the demo license key.

Returns:

the key id.

setLicenseEncoded

public void setLicenseEncoded(InputStream inputStream)
                       throws IOException,
                              org.bouncycastle.openpgp.PGPException

Open an encoded license from input stream, decode and load it. If the file can not be loaded or is not signed properly then the method isVerified() will return false.

Otherwise the license is loaded and can be used.

Parameters:

inputStream -

Throws:

IOException

org.bouncycastle.openpgp.PGPException

fromResource

public static String fromResource(String resourceName)