473,320 Members | 1,950 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Where to store application expiration date in a trial app

Hello,

I would like to store application expiration date in a file and store that
file in a secure place, so the application can access the file for all the
users on that computer.

IsolatedStorage is a good technique but it is for the each user only and is
not machine level. Registry is not good because the user may not have access
permission. Application directory is not good because the file could be
deleted and so the application trial mode does not work. So what directory
is good or does windows has an API to store a file or data?

--
Mike
Jun 9 '06 #1
10 6788
You could always encrypt it and store it in the config file. That will
ensure that the user can't change it or delete it. Just make sure that the
production version also requires an entry so it can't just be deleted.

--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:
Hello,

I would like to store application expiration date in a file and store that
file in a secure place, so the application can access the file for all the
users on that computer.

IsolatedStorage is a good technique but it is for the each user only and is
not machine level. Registry is not good because the user may not have access
permission. Application directory is not good because the file could be
deleted and so the application trial mode does not work. So what directory
is good or does windows has an API to store a file or data?

--
Mike

Jun 9 '06 #2
Application Config File? That is an xml file. The user could uninstall the
application, remove the file and then install the app.
--
Mike
"Jeffrey Hornby" wrote:
You could always encrypt it and store it in the config file. That will
ensure that the user can't change it or delete it. Just make sure that the
production version also requires an entry so it can't just be deleted.

--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:
Hello,

I would like to store application expiration date in a file and store that
file in a secure place, so the application can access the file for all the
users on that computer.

IsolatedStorage is a good technique but it is for the each user only and is
not machine level. Registry is not good because the user may not have access
permission. Application directory is not good because the file could be
deleted and so the application trial mode does not work. So what directory
is good or does windows has an API to store a file or data?

--
Mike

Jun 9 '06 #3
But since your production code needs the application configuration file to be
there with a particular entry that can only be added to the file by your code
(because its encrypted using a key that only you know). If they just delete
the app.config, then this entry also gets deleted.
--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:
Application Config File? That is an xml file. The user could uninstall the
application, remove the file and then install the app.
--
Mike
"Jeffrey Hornby" wrote:
You could always encrypt it and store it in the config file. That will
ensure that the user can't change it or delete it. Just make sure that the
production version also requires an entry so it can't just be deleted.

--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:
Hello,

I would like to store application expiration date in a file and store that
file in a secure place, so the application can access the file for all the
users on that computer.

IsolatedStorage is a good technique but it is for the each user only and is
not machine level. Registry is not good because the user may not have access
permission. Application directory is not good because the file could be
deleted and so the application trial mode does not work. So what directory
is good or does windows has an API to store a file or data?

--
Mike

Jun 9 '06 #4
Hello,

Thanks for help.

It sounds interesting, but could you elaborate more on this issues? What is
the Entry? How to write this entry in the app.config file? I thought
app.config is readonly.
--
Mike
"Jeffrey Hornby" wrote:
But since your production code needs the application configuration file to be
there with a particular entry that can only be added to the file by your code
(because its encrypted using a key that only you know). If they just delete
the app.config, then this entry also gets deleted.
--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:
Application Config File? That is an xml file. The user could uninstall the
application, remove the file and then install the app.
--
Mike
"Jeffrey Hornby" wrote:
You could always encrypt it and store it in the config file. That will
ensure that the user can't change it or delete it. Just make sure that the
production version also requires an entry so it can't just be deleted.

--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:

> Hello,
>
> I would like to store application expiration date in a file and store that
> file in a secure place, so the application can access the file for all the
> users on that computer.
>
> IsolatedStorage is a good technique but it is for the each user only and is
> not machine level. Registry is not good because the user may not have access
> permission. Application directory is not good because the file could be
> deleted and so the application trial mode does not work. So what directory
> is good or does windows has an API to store a file or data?
>
> --
> Mike

Jun 9 '06 #5
So create a custom config file. It doesn't even have to be a proper config
file, it could jsut be a smal text file. The point is it has to be there for
your application to run at all.

If the contents are a date then you check if the date is in the past or in
the future. If it's in the past you tell them to register and stop them from
goign any further.

If the contents are something other than a date, you check that its whatever
you encrypt for a production install. If it is then you let them continue.
If its not then they've messed with the file somehow and you make them
re-register or re-install or whatever it is they have to do to prove that
they have a production copy.

The reason you encrypt it is to make sure that they don't just go in and
change the date manually.

You might also want to encrypt some machine specific information into the
file like the MAC address to ensure that these files can't be carried from
one machine to another.
--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:
Hello,

Thanks for help.

It sounds interesting, but could you elaborate more on this issues? What is
the Entry? How to write this entry in the app.config file? I thought
app.config is readonly.
--
Mike
"Jeffrey Hornby" wrote:
But since your production code needs the application configuration file to be
there with a particular entry that can only be added to the file by your code
(because its encrypted using a key that only you know). If they just delete
the app.config, then this entry also gets deleted.
--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:
Application Config File? That is an xml file. The user could uninstall the
application, remove the file and then install the app.
--
Mike
"Jeffrey Hornby" wrote:

> You could always encrypt it and store it in the config file. That will
> ensure that the user can't change it or delete it. Just make sure that the
> production version also requires an entry so it can't just be deleted.
>
> --
> Jeffrey Hornby
> Hornby Consulting, Inc.
>
>
>
> "Mike9900" wrote:
>
> > Hello,
> >
> > I would like to store application expiration date in a file and store that
> > file in a secure place, so the application can access the file for all the
> > users on that computer.
> >
> > IsolatedStorage is a good technique but it is for the each user only and is
> > not machine level. Registry is not good because the user may not have access
> > permission. Application directory is not good because the file could be
> > deleted and so the application trial mode does not work. So what directory
> > is good or does windows has an API to store a file or data?
> >
> > --
> > Mike

Jun 9 '06 #6
I'd encrypt it and store it directly in the assembly, say in the
assemblyconfiguration attribute.
Peter

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com


"Mike9900" wrote:
Hello,

I would like to store application expiration date in a file and store that
file in a secure place, so the application can access the file for all the
users on that computer.

IsolatedStorage is a good technique but it is for the each user only and is
not machine level. Registry is not good because the user may not have access
permission. Application directory is not good because the file could be
deleted and so the application trial mode does not work. So what directory
is good or does windows has an API to store a file or data?

--
Mike

Jun 9 '06 #7
Thanks for the help.

It is hard to understand your point, I am sorry.

I wanted the application to run for 30 days, for example in trial, and then
expire. But your suggestion is hard to know how to do this.

--
Mike
"Jeffrey Hornby" wrote:
So create a custom config file. It doesn't even have to be a proper config
file, it could jsut be a smal text file. The point is it has to be there for
your application to run at all.

If the contents are a date then you check if the date is in the past or in
the future. If it's in the past you tell them to register and stop them from
goign any further.

If the contents are something other than a date, you check that its whatever
you encrypt for a production install. If it is then you let them continue.
If its not then they've messed with the file somehow and you make them
re-register or re-install or whatever it is they have to do to prove that
they have a production copy.

The reason you encrypt it is to make sure that they don't just go in and
change the date manually.

You might also want to encrypt some machine specific information into the
file like the MAC address to ensure that these files can't be carried from
one machine to another.
--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:
Hello,

Thanks for help.

It sounds interesting, but could you elaborate more on this issues? What is
the Entry? How to write this entry in the app.config file? I thought
app.config is readonly.
--
Mike
"Jeffrey Hornby" wrote:
But since your production code needs the application configuration file to be
there with a particular entry that can only be added to the file by your code
(because its encrypted using a key that only you know). If they just delete
the app.config, then this entry also gets deleted.
--
Jeffrey Hornby
Hornby Consulting, Inc.

"Mike9900" wrote:

> Application Config File? That is an xml file. The user could uninstall the
> application, remove the file and then install the app.
> --
> Mike
>
>
> "Jeffrey Hornby" wrote:
>
> > You could always encrypt it and store it in the config file. That will
> > ensure that the user can't change it or delete it. Just make sure that the
> > production version also requires an entry so it can't just be deleted.
> >
> > --
> > Jeffrey Hornby
> > Hornby Consulting, Inc.
> >
> >
> >
> > "Mike9900" wrote:
> >
> > > Hello,
> > >
> > > I would like to store application expiration date in a file and store that
> > > file in a secure place, so the application can access the file for all the
> > > users on that computer.
> > >
> > > IsolatedStorage is a good technique but it is for the each user only and is
> > > not machine level. Registry is not good because the user may not have access
> > > permission. Application directory is not good because the file could be
> > > deleted and so the application trial mode does not work. So what directory
> > > is good or does windows has an API to store a file or data?
> > >
> > > --
> > > Mike

Jun 9 '06 #8
Mike,
here is a "greatly simplified" example of how you could do this. Be aware,
this is NOT SECURE from decompilation!:

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Reflection ;

[assembly: AssemblyConfiguration("06/10/2006")]
[assembly: AssemblyVersion("1.0.0.0")]
namespace AssemblyConfigurationTest
{
public class WebForm1 : System.Web.UI.Page
{
DateTime ExpirationDate;

private void Page_Load(object sender, System.EventArgs e)
{
Assembly asm = Assembly.GetExecutingAssembly();
int asmHash = asm.FullName.GetHashCode();
object[] objArray=asm.GetCustomAttributes(false) ;
int hash ;
foreach (object obj in objArray)
{
AssemblyConfigurationAttribute conf =
obj as AssemblyConfigurationAttribute;
if (conf != null)
{
hash = conf.Configuration.GetHashCode();
if(hash !=-579392602 || asmHash!=-258347722)
throw new InvalidOperationException("Assembly Has been Altered! Bad,
Bad!");
this.ExpirationDate=Convert.ToDateTime(conf.Config uration) ;
}
}
Response.Write("This Trial Version Expires: "
+this.ExpirationDate.ToString());
}

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com


"Mike9900" wrote:
Hello,

I would like to store application expiration date in a file and store that
file in a secure place, so the application can access the file for all the
users on that computer.

IsolatedStorage is a good technique but it is for the each user only and is
not machine level. Registry is not good because the user may not have access
permission. Application directory is not good because the file could be
deleted and so the application trial mode does not work. So what directory
is good or does windows has an API to store a file or data?

--
Mike

Jun 9 '06 #9
I wanted a secure place such as registry to store the date/time expiration of
the software. For example, if the software expires in 30 days, each day the
user starts the program it increments the date and stores that date in a
file, it may encrypt it as well. So where is the most secure place to store
that file, also the user must have access right to that place.

Is there a better way for licensing software, or is there a good component I
can buy?
--
Mike
"Peter Bromberg [C# MVP]" wrote:
Mike,
here is a "greatly simplified" example of how you could do this. Be aware,
this is NOT SECURE from decompilation!:

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Reflection ;

[assembly: AssemblyConfiguration("06/10/2006")]
[assembly: AssemblyVersion("1.0.0.0")]
namespace AssemblyConfigurationTest
{
public class WebForm1 : System.Web.UI.Page
{
DateTime ExpirationDate;

private void Page_Load(object sender, System.EventArgs e)
{
Assembly asm = Assembly.GetExecutingAssembly();
int asmHash = asm.FullName.GetHashCode();
object[] objArray=asm.GetCustomAttributes(false) ;
int hash ;
foreach (object obj in objArray)
{
AssemblyConfigurationAttribute conf =
obj as AssemblyConfigurationAttribute;
if (conf != null)
{
hash = conf.Configuration.GetHashCode();
if(hash !=-579392602 || asmHash!=-258347722)
throw new InvalidOperationException("Assembly Has been Altered! Bad,
Bad!");
this.ExpirationDate=Convert.ToDateTime(conf.Config uration) ;
}
}
Response.Write("This Trial Version Expires: "
+this.ExpirationDate.ToString());
}

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com


"Mike9900" wrote:
Hello,

I would like to store application expiration date in a file and store that
file in a secure place, so the application can access the file for all the
users on that computer.

IsolatedStorage is a good technique but it is for the each user only and is
not machine level. Registry is not good because the user may not have access
permission. Application directory is not good because the file could be
deleted and so the application trial mode does not work. So what directory
is good or does windows has an API to store a file or data?

--
Mike

Jun 10 '06 #10
You say "Such as the Registry" making the assumption that it is a "secure
place". It is not. Anybody can use Regedit to search and modify the registry
on their own machine. Isolated storage would probably be a potential choice.
You have methods in .NET framework to access this. DPAPI is another choice,
including encryption.

If you are looking for a commercial solution, there are a number of them
available. I'd start my search at some place like ComponentSource.com.

Peter
--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com


"Mike9900" wrote:
I wanted a secure place such as registry to store the date/time expiration of
the software. For example, if the software expires in 30 days, each day the
user starts the program it increments the date and stores that date in a
file, it may encrypt it as well. So where is the most secure place to store
that file, also the user must have access right to that place.

Is there a better way for licensing software, or is there a good component I
can buy?
--
Mike
"Peter Bromberg [C# MVP]" wrote:
Mike,
here is a "greatly simplified" example of how you could do this. Be aware,
this is NOT SECURE from decompilation!:

using System;
using System.Collections;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Web;
using System.Web.SessionState;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.HtmlControls;
using System.Reflection ;

[assembly: AssemblyConfiguration("06/10/2006")]
[assembly: AssemblyVersion("1.0.0.0")]
namespace AssemblyConfigurationTest
{
public class WebForm1 : System.Web.UI.Page
{
DateTime ExpirationDate;

private void Page_Load(object sender, System.EventArgs e)
{
Assembly asm = Assembly.GetExecutingAssembly();
int asmHash = asm.FullName.GetHashCode();
object[] objArray=asm.GetCustomAttributes(false) ;
int hash ;
foreach (object obj in objArray)
{
AssemblyConfigurationAttribute conf =
obj as AssemblyConfigurationAttribute;
if (conf != null)
{
hash = conf.Configuration.GetHashCode();
if(hash !=-579392602 || asmHash!=-258347722)
throw new InvalidOperationException("Assembly Has been Altered! Bad,
Bad!");
this.ExpirationDate=Convert.ToDateTime(conf.Config uration) ;
}
}
Response.Write("This Trial Version Expires: "
+this.ExpirationDate.ToString());
}

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com


"Mike9900" wrote:
Hello,

I would like to store application expiration date in a file and store that
file in a secure place, so the application can access the file for all the
users on that computer.

IsolatedStorage is a good technique but it is for the each user only and is
not machine level. Registry is not good because the user may not have access
permission. Application directory is not good because the file could be
deleted and so the application trial mode does not work. So what directory
is good or does windows has an API to store a file or data?

--
Mike

Jun 11 '06 #11

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: John Luongs | last post by:
If I want to set the Java application for a trial period, say 30 days from the download date, how can I do? Thanks very much.
0
by: Rock | last post by:
Hi,all: I have find a example to set expiration date of word permission object, but it was using VBA code. Dim objUserPerm As Office.UserPermission Set objUserPerm =...
3
by: Martin | last post by:
Dear fellow ASP.NET programmer, I stared using forms authentication and temporarily used a <credentials> tag in web.config. After I got it working I realized this wasn't really practical. I...
2
by: Bill Borg | last post by:
Hello all, I am working on forms authentication and trying to understand: what's the relationship between the cookie expiration and the ticket expiration? I create a cookie and I add an...
2
by: Jeff Bowman | last post by:
Here's the code: Private Sub SetCookie(ByVal tcEmail As String) Dim loCookie As New HttpCookie("Email") loCookie.Value = Utils.StringToBase64(tcEmail) loCookie.Expires = Now.AddYears(10)...
9
by: Mike Reed | last post by:
I must be having a "senile" day! I cannot recall, nor get to work, code to read a cookie's expiration date/time in an ASP page/VBScript. What am I missing? *** Sent via Developersdex...
1
by: rdemyan via AccessMonster.com | last post by:
I'm trying to implement a licensing scheme. There are three types of licenses: Trial - good for 30 to 60 days Interim - good for 1 year Fully Paid - no expiration Everything is working fine...
3
by: dave | last post by:
I need to compute an expiration date based on the number of hours, days, or months purchased. The expiration date needs to be expressed in minutes something like '1260481600'. How can I get the...
7
by: cmrchs | last post by:
Hi, In Windows Vista: where does asp.net write its cookies? I use HttpCookie objCookie = new HttpCookie("nameCookie"); in Win2000 (and later) they used to be in C:\Documents and...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.