jmsmith86
Level 2

Practical uses for acquired license?

Jump to solution

I am only just getting started with FlexNet Embedded, so pardon me and my basic question here. I've gone through the entire user guide. Correct me if I'm wrong, but there seems to be little mention on how properly use the license once it is obtained. A simple branch in code seems too insecure to me which could easily be bypassed.

My product has several dynamically linked objects. I'd like each feature within the license file to "unlock" one of these objects. I get the feeling that I should be encrypting these files somehow and decrypting them using the obtained license. How do I do that in a secure way in order to prevent the user from touching the decrypted binaries? Does the trusted storage come into play here?

1 Solution
jberthold
Revenera Moderator Revenera Moderator
Revenera Moderator

Hi @jmsmith86 ,

Yes, FlexNet Embedded license rights are most commonly stored in "trusted storage" which consists of encrypted files either on disk or in-memory.  The FlexNet Embedded licensing API is responsible for the correct behavior and enforcement of licensing operations in numerous ways:

• Digital signatures ensure that licenses are authentic and cannot be modified.
• APIs support only legitimate licensing operations.
• Start and expiry dates are enforced.
• Any license stored in a Trusted Storage license source is protected against modification.

Additionally, the FNE XT kits support what is called TRA or Trusted Applications.  TRA provides various defense mechanisms and technologies to aid developers in obscuring their license sensitive code, thereby protecting the code against both static and dynamic analyses.  

Thanks,

Jim

View solution in original post

1 Reply
jberthold
Revenera Moderator Revenera Moderator
Revenera Moderator

Hi @jmsmith86 ,

Yes, FlexNet Embedded license rights are most commonly stored in "trusted storage" which consists of encrypted files either on disk or in-memory.  The FlexNet Embedded licensing API is responsible for the correct behavior and enforcement of licensing operations in numerous ways:

• Digital signatures ensure that licenses are authentic and cannot be modified.
• APIs support only legitimate licensing operations.
• Start and expiry dates are enforced.
• Any license stored in a Trusted Storage license source is protected against modification.

Additionally, the FNE XT kits support what is called TRA or Trusted Applications.  TRA provides various defense mechanisms and technologies to aid developers in obscuring their license sensitive code, thereby protecting the code against both static and dynamic analyses.  

Thanks,

Jim