Skip navigation links
TrueLicense 3.2.0

Package net.truelicense.api

Provides life cycle management for license keys.

See: Description

Package net.truelicense.api Description

Provides life cycle management for license keys. License keys are small binary objects which can be stored in a file, a preferences node, the heap or any custom implementation of the Store interface. License keys pass the following life cycle phases as defined by the interfaces VendorLicenseManager and ConsumerLicenseManager:
  1. generation,
  2. installation,
  3. loading,
  4. verification and
  5. uninstallation

A license bean is an instance of the License class. This class follows the Java Bean pattern and defines common properties for the license management subject, issue date, issuer, holder, consumer type/amount, validity period and custom data. These properties get initialized and validated whenever a license key gets generated. They also get validated whenever a license key gets installed or verified.

A license key gets generated from a license bean by applying the following function composition:

  encrypt(compress(encode(sign(encode(validate(initialize(duplicate(bean))))))))
 

When installing or verifying a license key, a duplicate of the original license bean gets derived by applying the following (almost inverse) function composition (note that there is no initialization and hence no duplication required):

  validate(decode(authenticate(decode(decompress(decrypt(key))))))
 

The validation step is skipped when a license key is just viewed. Encryption is done via JCA with a configurable password based encryption algorithm. Authentication is done via JCA with a configurable key store type and signature algorithm. Encoding is done with XMLEncoder for simple, schema-less, yet resilient long term archival.

TrueLicense 3 retains full compatibility with TrueLicense 1 (V1) and TrueLicense 2 (V2/*) format license keys.

Applications use an instance of the interface LicenseApplicationContext as their starting point for configuring a LicenseManagementContext and subsequently one or more ConsumerLicenseManager or VendorLicenseManager instances.

For security, passwords are represented as an instance of the PasswordProtection interface. Other security critical strings (algorithms, paths, etc.) are annotatable with @net.truelicense.obfuscate.Obfuscate and processible with the TrueLicense Maven Plugin for simple, reliable obfuscation of constant string values in the byte code for license applications.

Warning: To protect against reverse engineering and modification of your application, it is strictly necessary to generally process all byte code which is comprised in your deployment unit with a tool for byte code obfuscation. TrueLicense does not provide general byte code obfuscation because there exist good quality third party tools, e.g. ProGuard.

Author:
Christian Schlichtherle
Skip navigation links
TrueLicense 3.2.0

Copyright © 2005–2018 Schlichtherle IT Services. All rights reserved.