License files, which are typically issued by SOLO Server during activation, contain all of the license data or parameters needed by your application. This includes data such as the type of license being issued (i.e. time-limited, non-expiring, volume, etc...), expiration dates, what application features or modules may be used, what system is authorized to use the license, etc... This also contains additional data about the customer for whom the license is registered, information for obtaining technical support from your company, and any custom string or XML formatted data that you may optionally use to include additional, customized data in the license.
Protection PLUS 5 SDK license files are formatted using Extensible Markup Language (XML). XML is a free and open standard which simply specifies how data may be encoded or formatted in a manner that does not limit the size or exact format. The primary benefits of using XML include: it is widely supported in nearly all industries, operating systems, and software development frameworks; it makes it possible to extend upon the license file format without breaking compatibility; and it allows you more flexibility and power to use highly customized data. The XML license files are also encrypted and digitally signed to prevent unauthorized access and manipulation. The actual content stored in the license file is defined by the license file schema.
Read-only license files are license files which must be encrypted and signed by SOLO Server. The advantage to these license files is that they are digitally signed with key data that is only partially known to your application. This means your application has enough of the key to confirm SOLO Server issued the file, but lacks the data needed to create these files. The benefit is that, since the key is not known to your application, it becomes difficult for hackers to compromise this key and write their own license files for your application. The drawback is that, since SOLO Server must issue these license files, Internet connectivity is required (either directly, or from another computer).
Some environments, including ones like remote locations (such as in a field or on the road), do not offer any Internet connectivity. Meanwhile, others are highly restrictive with Internet connectivity (often places such as hospitals, government and military offices, etc...). In these types of environments, it can be difficult or impractical to require Internet connectivity. Additionally, there might be other reasons why your application would need to be able to write to its license files freely as well (depending on your licensing requirements). In these situations, it is possible to use writable license files, which are license files that are encrypted and signed by your application (read more about license files). Although this means all key data needed to write license files is known to your application (which is less secure than using read-only licenses issued by SOLO Server), this affords you extra flexibility when needed.
Keep in mind that you need to make the best choices about what type of license file your application should use, and when it should use it. Our sample applications show you how you can use read-only licenses, writable licenses, and even a hybrid of both.
Out-of-the-box, Protection PLUS 5 SDK APIs support storing your application's license files on disk, in the Windows Registry, or in an image file. However, these same APIs also support loading and manipulating the files from memory, which affords you the flexibility of storing it where ever it suits your application. For example, you could store this in your application's database, embed it in other files, etc.
Applications which should be licensed independently need to use separate license file locations.
Additionally, keep in mind that permissions is always something you should consider when selecting your license file locations. Please read more about deploying applications protected with PLUSManaged and PLUSNative (as appropriate for your application) for more information.
In addition to file and registry storage, Protection PLUS 5 SDK supports storing and hiding the license file XML within image files using steganography.
The steganography feature is presently a beta, and changes may be applied which could require minor source code modifications to be made in order to use a future release. Please keep in mind that your testing should be very thorough. Also, use your own images distributed with your application such as a splash screen image. Do not use an existing image such as the desktop wallpaper since another product could share that license location.
Consider the following when using the steganography feature:
Aliases are simply hidden copies of the license file. These should always be used with writable license files, as they help prevent users from doing things like back-dating their system and restoring old copies of license files. When using writable licenses files, these are especially important to use when issuing time-limited licenses (such as evaluation/trial or periodic/lease licenses), and when allowing transfer and deactivation of licenses.
Since these are simply copies of the license file, permissions is something you should also consider when selecting your alias locations. Please read more about deploying applications protected withPLUSManaged and PLUSNative (as appropriate for your application) for more information.
Alias files may also use the steganography feature for storage in a supported image format.