I want to start these articles with a small disclaimer: This project is only meant for teaching purposes, this is not the most secure way to handle licenses in your installer. Ideally this must be handled from the application itself, not the MSI. Use at your own risk, I will not be held responsible for any “breaches” in your installers.
From my point of view, the best way to validate your product is to implement a check directly into the application and add the registration to be online. That way, you are sure that all the licenses you provide are secure on a database and breaches are less likely to occur.
In the first part we had a look on how a license generator app might look like. The algorithm, license type, generation type (online/offline) is up to your choice.
In this article, we will have a short look on how to create a .DLL that decrypts the license key and tells the MSI if it’s ok to continue with the installation or not.
I already wrote two articles on how to create DLL custom action in C#, and how to pass arguments for your DLL custom actions inside an MSI, so I won’t go through all the steps.
What I did in the decrypt DLL is actually quite simple, I get the license key from the MSI by using the session[“CustomActionData”]:
string data = session["CustomActionData"];
Next, I need to split the license key into two parts:
string[] tokens = data.Split('-');
The first part of the key will go through the ISBN-10 check digit algoritm:
string dataMinus1 = tokens[0].Remove(tokens[0].Length - 1, 1); string testfirstline = AddCheckDigit(dataMinus1); if (String.Equals(testfirstline, tokens[0])) { firstVariable = true; }
The second part of the key will be converted to double and converted to a readable DateTime. If the resulted DateTime is somewhere in 2021, it means the second part is also correct:
double doubleVal = Convert.ToDouble(tokens[1]); Random rnd = new Random(); int month = rnd.Next(1, 364); DateTime dt = new DateTime(2021, 1, 1); DateTime newDate = dt.AddDays(month); System.DateTime dtDateTime = new DateTime(1970, 1, 1); dtDateTime = newDate.AddMilliseconds(doubleVal).ToLocalTime(); int year = dtDateTime.Year; int year2 = 2021; if (String.Equals(year, year2)) { secondVariable = true; }
At the end, if both variables are correctly detected, the installation will continue, otherwise a message box will appear for the user and inform him to input a correct license key:
if (firstVariable && secondVariable) { return ActionResult.Success; } else { MessageBox.Show("Please input a correct License KEY", "Wrong License"); return ActionResult.Failure; }
The code for the decrypt DLL can be found on my GitHub page along side with the created DLL.
In the next article we will have a look at the process of creating a license key, implement the custom action and the license key in the MSI and see if it runs.