Instead of checking a license key with the server each time the application launches, there is an option to perform the validation once and later use a temporary file. In this article, we are to look at how this can be done with SKGL Extension API. Later on, a short overview will be given of how this procedure can be accomplished on any other platform.
There are many ways offline key validation can be configured. We can, for example, require the application to check the license key with the server (online key validation) periodically, i.e. once a month. However, it’s not required, we can do it only once or not at all, provided that we can supply an activation file to the end user computer (using Activation Form).
A great way of reducing the number of requests to the server is by keeping a local copy of the license information and then periodically check if something has changed. To achieve this, we are going to store license information as a signed file (by the server), then check the signature to ensure that the user has not changed any properties. Let’s specify our aim:
Goal: Check the license with the server each month (30 days). Ensure that the license is locked to the current computer.
public void OfflineKeyValidationWithPeriodicTimeCheck()
var RSAPublicKey = "<RSAKeyValue><Modulus>sGbvxwdlDbqFXOMlVUnAF5ew0t0WpPW7rFpI5jHQOFkht/326dvh7t74RYeMpjy357NljouhpTLA3a6idnn4j6c3jmPWBkjZndGsPL4Bqm+fwE48nKpGPjkj4q/yzT4tHXBTyvaBjA8bVoCTnu+LiC4XEaLZRThGzIn5KQXKCigg6tQRy0GXE13XYFVz/x1mjFbT9/7dS8p85n8BuwlY5JvuBIQkKhuCNFfrUxBWyu87CFnXWjIupCD2VO/GbxaCvzrRjLZjAngLCMtZbYBALksqGPgTUN7ZM24XbPWyLtKPaXF2i4XRR9u6eTj5BfnLbKAU5PIVfjIS+vNYYogteQ==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";
var keyInfo = new KeyInformation().LoadFromFile("c:\\test\\license2.txt");
if (keyInfo.HasValidSignature(RSAPublicKey, 3)
// the signature is correct so
// the program can now launch
string key = "";
key = keyInfo.Key; // the license key is stored in the activation file.
key = "MJAWL-ITPVZ-LKGAN-DLJDN"; // if we are here, ask the user about the key
var machineCode = SKGL.SKM.getMachineCode(SKGL.SKM.getSHA1);
keyInfo = SKGL.SKM.KeyActivation("3", "2", "751963", key, machineCode, secure: true, signMid: true, signDate: true);
// the signature is correct and the key is valid.
// save to file.
// the program can now launch
// failure. close the program.
Keep in mind
- Ensure that you have the latest RSA public key, in order to validate the signature. You can find it here.
- During Key Activation/Validation, please ensure that the signDate = true , so that the server signs the activation date.
- Ensure that you have read/write permission in the folder where the activation file will be stored. If the folder is not accessible, the whole point of offline key validation will be missed because the application will check the license with the server each time it starts.
- Ensure that you use hardware/machine locking. If you don’t compare the machine code that the license is associated with and the end user computer’s, the user can copy the license file and use it on other devices. Therefore, don’t forget IsOnRightMachine() !
- The user will not need to enter the key once 30 days have passed. A good idea would be to allow users to change the license at any time (in case they’ve upgraded to a different one).
- Since the KeyInformation object will not be updated, the TimeLeft will not be updated, please use DaysLeft method to find the number of days that are remaining (for time limited licenses).
Offline Activation (without Internet)
In some cases, when computers don’t have access to the Internet, it is meaningless to attempt to send a request to the server. Therefore, we can use the activation file only, without contacting the server. This is achieved by replacing HasValidSignature(RSAPublicKey, 30) with HasValidSignature(RSAPublicKey) . It can also be useful to consider to increase the time interval from one month (30 days) to a year (365 days). In this case, the user will still be forced to update the license file periodically, but not as often.
Some values where omitted in the examples above. You can access a working implementation (C# and VB.NET) at OfflineKeyValidationExample (on GitHub).
There are two ways to include the code into your application. The easiest way is to press the get the code icon on the product page, shown below.
This will allow you to see the same code that was described in the last section with all variables pre-configured. If you would like to perform these steps manually (the hard way), there are two kinds of values you will need:
- Your public key: you can find it by going to https://serialkeymanager.com/User/Security.
- Product information: this can be obtained at https://serialkeymanager.com/Ext/Val