Tag: software licensing solution

Automating offline activations

Many times your customers may have either restricted internet access or no internet access at all. Although Cryptolens is a cloud-based licensing solution, you can still use it to protect offline devices. In this post, we cover three ways internet access can be restricted and how license key verification can be performed.

Periodic internet access

If your users are connected to the internet on a regular basis, we can cache the response from the “Activate” method each time we are able to contact the server. If, at some point, internet connection would not be present, we would fallback on a cached version of the license object.

When using this approach, it’s important to define how long time your users can be offline. There is a field called “SignDate” in the license key object, which is the time when the response was signed by the server (i.e. the last time you successfully called Activate). So, if you only want to allow your users to be offline for 30 days, you can compare the current date with the “SignDate”.

License server (re-routing)

If your users have certain devices that have no direct internet access, one option is to use a license server, which will re-route all requests through a server hosted by the user. Only the server has internet access.

There is currently a Windows version of the server, freely available on GitHub.

Air gap (no internet)

If the devices have no internet access at all, we can use a similar idea that was described in periodic internet access, with the only difference that we always fallback on the license file.

In Cryptolens, there are three ways you can create such a file:

In the dashboard

Next to each license key, there is a yellow button which can be used to create license files:

Using activation forms

Activation forms allow your customers to download activation files themselves.

Using the API

If you want to automate license file creation, you can either call the Activate method using one of our client APIs or call the Web API directly (eg. using curl).

Floating licenses in Java

Floating licenses makes it easier for your customers to switch between machines that actively run your software, without having to deactivate them first. For instance, you can constrain the number of concurrent users to 10, but still allow the software to be installed on eg. 100 computers.

In Cryptolens, floating licensing works by letting your app to regularly poll the server to check if the number of concurrent users has been exceeded, which can be accomplished with the code snippet below:

import io.cryptolens.methods.*;
import io.cryptolens.models.*;

public static void main(String args[]) {
    String RSAPubKey = "RSA Public Key";
    String auth = "Access token";

    LicenseKey license = Key.Activate(auth, RSAPubKey, new ActivateModel(3349, "MTMPW-VZERP-JZVNZ-SCPZM", Helpers.GetMachineCode(), 300, 1));
    if (license == null || !Helpers.IsOnRightMachine(license, true, true)) {
        System.out.println("The license does not work.");
    } else {
        System.out.println("The license is valid!");
        System.out.println("It will expire: " + license.Expires);
    }
}

Normally, if the app stops polling the server, that user will be automatically deactivated within the specified period of time. However, if you want to deactivate it instantly, you can use the code below:

import io.cryptolens.methods.*;
import io.cryptolens.models.*;

public static void main(String args[]) {
    String auth = "";

    boolean result = Key.Deactivate(auth, new DeactivateModel(3349, "MTMPW-VZERP-JZVNZ-SCPZM", Helpers.GetMachineCode(), true));
    if (result == true) {
        System.out.println("Deactivation successful.");
    } else {
        System.out.println("Deactivation failed.");
    }
}

To see all the required parameters, please check out the GitHub repo of the Java client. Should you have any questions, please feel free to reach out.

Protect Java code with software licensing

Today, we have released an update to the Java client API that allows you to easily verify license keys. You can read more about how to add it to your project in the GitHub repo. Below is an example of the code that you can use in your application.

import io.cryptolens.Cryptolens;
import io.cryptolens.Helpers;
import io.cryptolens.LicenseKey;

public class Main {

    public static void main(String[] args) {
        String RSAPubKey = "<RSAKeyValue><Modulus>sGbvxwdlDbqFXOMlVUnAF5ew0t0WpPW7rFpI5jHQOFkht/326dvh7t74RYeMpjy357NljouhpTLA3a6idnn4j6c3jmPWBkjZndGsPL4Bqm+fwE48nKpGPjkj4q/yzT4tHXBTyvaBjA8bVoCTnu+LiC4XEaLZRThGzIn5KQXKCigg6tQRy0GXE13XYFVz/x1mjFbT9/7dS8p85n8BuwlY5JvuBIQkKhuCNFfrUxBWyu87CFnXWjIupCD2VO/GbxaCvzrRjLZjAngLCMtZbYBALksqGPgTUN7ZM24XbPWyLtKPaXF2i4XRR9u6eTj5BfnLbKAU5PIVfjIS+vNYYogteQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";

        Cryptolens cryptolens = Cryptolens.getDefault();
        cryptolens.setRSAPublicKey(RSAPubKey);

        Cryptolens.ActivateResponse response =
                cryptolens.activate( "WyIyNTk1IiwidVVrQm94OGlYS3pHZlhTc0x6Rm9mN1piektrT0FSd0REaFZ0ZXZJMSJd"
                        , 3349
                        , "ICVLD-VVSZR-ZTICT-YKGXL"
                        , Helpers.GetMachineCode()
                );

        if (!response.successful()) {
            System.out.println("Failed to activate!");
            Cryptolens.ActivateServerError er = response.getServerError();
            Exception ex = response.getException();

            if (er != null) {
                System.out.println("Server error: " + er);
            }

            if (ex != null) {
                ex.printStackTrace(System.out);
            }

            return;
        }

        LicenseKey licenseKey = response.getLicenseKey();

        System.out.println("Activation was successful!");
        System.out.println(licenseKey.getKey());
        System.out.println(licenseKey.getF1());
    }
}

Python code for software licensing

Today, we released a library for license key verification in Python, freely available on GitHub. The code below checks license validity with the server (performing all the necessary cryptographic checks under the hood). Please run “pip install licensing” before running the code below.

from licensing.helpers import Helpers
from licensing.models import Response, RSAPublicKey
from licensing.methods import Key

pubKey = "<RSAKeyValue><Modulus>sGbvxwdlDbqFXOMlVUnAF5ew0t0WpPW7rFpI5jHQOFkht/326dvh7t74RYeMpjy357NljouhpTLA3a6idnn4j6c3jmPWBkjZndGsPL4Bqm+fwE48nKpGPjkj4q/yzT4tHXBTyvaBjA8bVoCTnu+LiC4XEaLZRThGzIn5KQXKCigg6tQRy0GXE13XYFVz/x1mjFbT9/7dS8p85n8BuwlY5JvuBIQkKhuCNFfrUxBWyu87CFnXWjIupCD2VO/GbxaCvzrRjLZjAngLCMtZbYBALksqGPgTUN7ZM24XbPWyLtKPaXF2i4XRR9u6eTj5BfnLbKAU5PIVfjIS+vNYYogteQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>"

res = Key.activate(token="WyIyNTU1IiwiRjdZZTB4RmtuTVcrQlNqcSszbmFMMHB3aWFJTlBsWW1Mbm9raVFyRyJd",\
                   rsa_pub_key=pubKey,\
                   product_id=3349, key="ICVLD-VVSZR-ZTICT-YKGXL", machine_code="test")

if res[0] == None:
    print("An error occured: {0}".format(res[1]))
else:
    print("Success")

You can find more information the parameters, etc here.

AutoCAD plugin software licensing

AutoCAD® is a powerful computer-aided design (CAD) software. It’s also quite extensible since anyone can easily create plug-ins. In this post, we briefly summarise several tips on how to securely license and sell your AutoCAD plug-ins.

Creating the plugin

If you are about to create a new AutoCAD plug-in, we would recommend to review the following tutorial provided by Autodesk.

Adding software licensing

Assuming you have Visual Studio 2017 open, you can add a simple key verification mechanism as described below:

  1. Right click on your project in the Solution Explorer and click on Manage NuGet Packages.
  2. Search for Cryptolens.Licensing and install it.
  3. Add the code-snippet form this page in the code where the plugin loads for the first time.

Selling the plug-in

One way to sell AutoCAD plug-ins is by publishing them in the Autodesk App Store, where a basic licensing mechanism is already provided. The problem with this approach is that the licensing models available are quite limited (eg. you can only charge your customers once for the plug-in and they will be able to use it in perpetuity). For instance, selling your plug-in as a service (subscription model) is not supported.

A better approach is to still publish your plug-in in the Autodesk App Store and set it to be a free app. You can then ask your customers to get a separate license key to be able to unlock all features.

You can read more about various ways of selling your software in our help pages. I would also recommend to check out the available licensing models.

If you have any questions, please feel free to reach out!

License server for software licensing

One of the problems experienced by software vendors when selling to large customers is that some of their machines that will be running the software do not have direct internet access.

Although it is still possible to use offline activation, having an active connection to Cryptolens makes things much easier for both you as the software vendor and your customers.

To solve this, we can use a license server that will re-route all the license verification requests from the computers in the network to Cryptolens, as shown below:

If you have already implemented key verification in your application, the license server can be set up quite quickly in two steps:

  1. Install the license server as described here.
  2. In the Key.Activate method, add LicenseServerUrl parameter and set it to point to the license server (the IP and port of are shown in step 1).

Overdraft software licensing

Several months ago, we introduced support for floating licenses, which, in simple terms, is a way to permit a certain number of concurrent end users at a time.

Overdraft license is a way to allow your users to temporarily exceed the upper bound of the number of concurrent licenses to take into account for potential peak usages. Once this occurs, a special event is going to be registered so that you can increase the limit in the next billing cycle.

In .NET, this can be implemented as follows (below, we allow the users to exceed the upper bound by one more concurrent license):

var auth = "{access token with permission to access the activate method}";
var result = Key.Activate(token: auth, parameters: new ActivateModel()
{
    Key = licenseKey,
    ProductId = 3349,
    Sign = true,
    MachineCode = Helpers.GetMachineCode(),
    FloatingTimeInterval = 100, // needed for floating licenses
    MaxOverdraft = 1            // needed to allow overdraft
});

if(Helpers.IsOnRightMachine(res2.LicenseKey, isFloatingLicense: true, allowOverdraft: true))
{
    // everything OK!
}

You can read more about this on our help pages.

Recurring Payments with Stripe combined with Software Licensing

A popular licensing model amongst software vendors is subscription-based licensing. It is generally seen as a smaller risk for the customer than traditional one-time payments (eg. which normally require a large commitment), but at the same time it provides recurring revenues for the software vendor.

You can get started with recurring payments by visit our help pages.

Features

Recurring payments are implemented as a part of the customer portal. Thanks to this update, customers can not only manage their existing licenses but also subscribe for new ones.

Everything related to payments, plans and subscriptions is managed by Stripe, so if you’re already using Stripe, it’s quite easy to get started with the new recurring payments feature. If you do not have Stripe, it’s quite easy to get started. A tutorial can be found here.

In addition to recurring payments, the customer portal makes it possible to use user account authentication, described in the previous article.

Screenshots

Example when the customer has subscribed to a new plan:

The new license will show up on the home page of the customer:

Reviewing a license key and the subscription it is associated with:

Software licensing for PHP applications

We recently added support for key verification in PHP, available on GitHub. Below is the sample code that can be included into your application.

<?php
require_once('Cryptolens.php');

$activate = cryptolens_activate(
      // Access token
      'WyI0NjUiLCJBWTBGTlQwZm9WV0FyVnZzMEV1Mm9LOHJmRDZ1SjF0Vk52WTU0VzB2Il0='
      // Product Id
    , 3646
      // License Key
    , 'MPDWY-PQAOW-FKSCH-SGAAU'
      // Machine code
    , '289jf2afs3'
    );

// $activate is now a boolean indicating if the activation attempt was successful or not

?>

The repository contains all the necessary information to get the code to work (eg.. finding access tokens)

Usage-based (pay per use) software licensing in .NET

Many software vendors nowadays move away from one-time payments to other licensing models. One such example is the usage-based model. By doing so helps lowering the barrier of entry for new customers, as they no longer need to commit to the product long term, which is usually the case with one-time payments. If you already have a subscription model, supporting usage-based payments can help you to monetise a group of users who would otherwise not buy the product.

You can read the entire tutorial here.

Getting started

In Cryptolens, usage-based licensing can be implemented using data objects, aka custom variables. We can use these variables to record how often features are used and keep track of any usage credits that a customer has purchased. There are two ways of billing customers:

  • Upfront payment: customers need to purchase usage credits in advance.
  • Based on actual usage: customers pay for the actual usage in the end of the billing period.

Charging based on actual usage

If you choose to charge your customers based on actual usage, we can simply use the code below:

var auth = "Access token with AddDataObject, ListDataObject and IncrementIntValue permission. Please also set KeyLock value to '-1'";
var licenseKey = "LZKZU-MPJEW-TARNP-UHDBQ";

var result = Data.ListDataObjects(auth, new ListDataObjectsToKeyModel 
{
    Contains = "usagecount",
    Key = licenseKey,
    ProductId = 3349 
});

var obj = result.DataObjects.Get("usagecount");

if (obj == null)
{
    // make sure to create it in case it does not exist.
    Data.AddDataObject(auth, new AddDataObjectToKeyModel { Key = licenseKey, ProductId = 3349, Name = "usagecount", IntValue = 1 });

    if(res == null || res.Result == ResultType.Error)
    {
        Console.WriteLine("Could not create new data object. Terminate." + res.Message);
    }
}
else
{
    var res = obj.IncrementIntValue(auth, 1, licenseKey: new LicenseKey { Key = licenseKey, ProductId = 3349 });

    if (res == false) 
    {
        Console.WriteLine("We could not update the data object. Terminate.");
    }
}

Upfront payments

If you instead want to charge your users upfront, we need to create the data objects when creating the license. If you are using payment forms, we can set up two requests, one creating a new license and another creating a new data object (inspired by this tutorial), as the result from key creation will be “piped” into data object creation request. You can then have another payment form that allows users to refill their credits, in which case the custom field can be used.

You can use the code below to verify if the limit was reached inside your application:

var auth = "Access token with AddDataObject, ListDataObject and IncrementIntValue permission. Please also set KeyLock value to '-1'";
var licenseKey = "LZKZU-MPJEW-TARNP-UHDBQ";

var result = Data.ListDataObjects(auth, new ListDataObjectsToKeyModel { Contains = "usagecount", Key = licenseKey, ProductId = 3349 });
var obj = result.DataObjects.Get("usagecount");

var res = obj.DecrementIntValue(auth, decrementValue: 1, enableBound:true, lowerBound: 0, licenseKey: new LicenseKey { Key = licenseKey, ProductId = 3349 });

if (!res)
{
    Console.WriteLine("Could not decrement the data object. The limit was reached.");
}