Thanks for the reply Goetz, appreciated! I believe with signing the license
information (correct me if I am wrong), I have to provide the actually
license info/data (in plain clear text) along with the data generated during
the signing process. The problem with this approach is, that providing the
license info in clear text I think will make it little more tempting &
almost all the softwares that I have used, don't supply license info in
clear text. Even though I agree the customer should know what is in the
license information thats why my software will display info about it, after
reading the license data but how this license info is interpreted &
transformed from one form to another should be left to the software vendor.
Regards,
Usman.
From: Goetz Babin-Ebell <[EMAIL PROTECTED]>
Reply-To: openssl-users@openssl.org
To: openssl-users@openssl.org
Subject: Re: EVP Envelope & PKI Confusion...
Date: Tue, 03 Apr 2007 17:50:21 +0200
MIME-Version: 1.0
X-Sender: Goetz Babin-Ebell <[EMAIL PROTECTED]>
Received: from mmx1.engelschall.com ([195.30.6.154]) by
bay0-mc7-f7.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Tue, 3
Apr 2007 08:52:22 -0700
Received: by mmx1.engelschall.com (Postfix)id D1BA956418; Tue, 3 Apr 2007
17:51:14 +0200 (CEST)
Received: from master.openssl.org (master.openssl.org [195.30.6.166])by
mmx1.engelschall.com (Postfix) with ESMTP id B4C1056413for
<[EMAIL PROTECTED]>; Tue, 3 Apr 2007 17:51:14 +0200
(CEST)
Received: by master.openssl.org (Postfix)id 184FE1AC6145; Tue, 3 Apr 2007
17:51:14 +0200 (CEST)
Received: by master.openssl.org (Postfix, from userid 29101)id
D61111AC6103; Tue, 3 Apr 2007 17:51:13 +0200 (CEST)
Received: from webmail.hansenet.de (mail04.hansenet.de [213.191.73.12])by
master.openssl.org (Postfix) with ESMTP id 34DFF1AC60A0for
<openssl-users@openssl.org>; Tue, 3 Apr 2007 17:50:59 +0200 (CEST)
Received: from mail.shomitefo.de (80.171.107.171) by webmail.hansenet.de
(7.2.074) (authenticated as goetz%shomitefo.de) id 4600BA1E006236DD
for openssl-users@openssl.org; Tue, 3 Apr 2007 17:50:23 +0200
Received: from hal64.shomitefo.de ([192.168.1.91])by mail.shomitefo.de with
esmtp (Exim 4.50)id 1HYlH4-0001AE-4J; Tue, 03 Apr 2007 17:50:22 +0200
X-Message-Info:
txF49lGdW418YJutn6vSQ1bBDeUxNwnxvie2IqhPf50JnsfNrIWfxVRxl2UuB8Bi
Delivered-To: openssl-users-l@master.openssl.org
X-Original-To: openssl-users@openssl.org
Delivered-To: openssl-users@openssl.org
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.8.0.10)
Gecko/20070221 Thunderbird/1.5.0.10 Mnenhy/0.7.5.666
References: <[EMAIL PROTECTED]>
X-Enigmail-Version: 0.94.2.0
Precedence: bulk
X-List-Manager: OpenSSL Majordomo [version 1.94.5]
X-List-Name: openssl-users
Return-Path: [EMAIL PROTECTED]
X-OriginalArrivalTime: 03 Apr 2007 15:52:23.0193 (UTC)
FILETIME=[11B04890:01C77608]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello Usman,
Usman Riaz schrieb:
> Thanks for the reply Jean-Claude, appreciated! Actually the whole
senario is
> like this. I have a software that I am selling to the customers. I want
to
> encrypt the information (license info) with my private key, and the
software
> will contain (embedded/hardcoded) public key (the way I would like to
do) and
> with that key the software will be able to decrypt the lincese
information. I
> dont want to use symetric encoding/decoding, then its too easy to
findout the
> key and generate a new license using that key even without hex editing.
So that
> was the reason looking into PKI. I'd higly appreciate if anyone could
comment if
> there is a better way to do what I am trying to achieve.
I think you don't want to encrypt your license information,
but you want to sign it.
Signing is the operation that protects your data against manipulation.
Encryption is the operation that protects your data against unauthorized
reading.
There is no need to protect the license info against the customer:
he should know which entity may use it on which systems...
But you want to protect it against unauthorized manipulation
(including forged licenses).
Bye
Goetz
- --
DMCA: The greed of the few outweights the freedom of the many
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGEne92iGqZUF3qPYRAijwAJ9NkpBzlyoe+L+J+cr4C/K8DTDMfQCcCZ7m
LHsXGhDFeYsY8tr9YVtQ+Nc=
=7KDS
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now!
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
