I want to start these articles with a small disclaimer: This project is only meant for teaching purposes, this is not the most secure way to handle licenses in your installer. Ideally this must be handled from the application itself, not the MSI. Use at your own risk, I will not be held responsible for any “breaches” in your installers.
From my point of view, the best way to validate your product is to implement a check directly into the application and add the registration to be online. That way, you are sure that all the licenses you provide are secure on a database and breaches are less likely to occur.
With this out of the way, lets start with part 1 of this series. In this part, we must consider how we are going to create license keys. These keys will later be checked during installation from a DLL custom action. I already wrote two articles on how to create DLL custom action in C#, and how to pass arguments for your DLL custom actions inside an MSI.
When generating licenses you must consider what kind of license keys you want to use. Do you want to use the classic 15 key license keys? Do you want to use the more modern 12 digit license keys? Do you want them to be separated in multiple parts?
For this example, I went ahead an created a license key composed of two parts:
Part 1: We generate a random 9 digit number and we use the ISBN-10 check digit algoritm to add a check digit control. This will result in the first 10 digits of the license key.
Part 2: We generate a random date in 2021 and convert it to UNIX timestamp
The result should look something like this:
Again, i repeat myself, this is not the most secure license in the world, and for a professional cracker, it won’t take long to understand what each part means and create licenses by himself.
The program to create this type of license keys it’s not actually that difficult, all that I did is create a C# Windows Forms app, add two buttons, a read-only textbox and a non-read-only textbox in which you can specify how many license keys you want generated.
Using the second method, the license keys will be written in a text file near the executable.
The resulted application looks something like this:
I won’t go through the whole code, this can be found on my GitHub page here along side with the compiled executable.