global.namespace.truelicense.api.package-info Maven / Gradle / Ivy
/*
* Copyright (C) 2005 - 2019 Schlichtherle IT Services.
* All rights reserved. Use is subject to license terms.
*/
/**
* Provides life cycle management for license keys.
* License keys are small binary objects which can be stored in a file, a preferences node, the heap or any custom
* implementation of the {@link global.namespace.fun.io.api.Store} interface.
* License keys pass the following life cycle phases as defined by the interfaces
* {@link global.namespace.truelicense.api.VendorLicenseManager} and {@link global.namespace.truelicense.api.ConsumerLicenseManager}:
*
* - {@linkplain global.namespace.truelicense.api.VendorLicenseManager#generateKeyFrom generation},
*
- {@linkplain global.namespace.truelicense.api.ConsumerLicenseManager#install installation},
*
- {@linkplain global.namespace.truelicense.api.ConsumerLicenseManager#load loading},
*
- {@linkplain global.namespace.truelicense.api.ConsumerLicenseManager#verify verification} and
*
- {@linkplain global.namespace.truelicense.api.ConsumerLicenseManager#uninstall uninstallation}
*
*
* A license bean is an instance of the {@link global.namespace.truelicense.api.License} class.
* This class follows the Java Bean pattern and defines common properties for the license management subject, issue
* date, issuer, holder, consumer type/amount, validity period and custom data.
* These properties get {@linkplain global.namespace.truelicense.api.LicenseInitialization#initialize initialized} and
* {@linkplain global.namespace.truelicense.api.LicenseValidation#validate validated} whenever a license key gets generated.
* They also get validated whenever a license key gets installed or verified.
*
* A license key gets generated from a license bean by applying the following function composition:
*
* {@code encrypt(compress(encode(sign(encode(validate(initialize(duplicate(bean))))))))}
*
*
* When installing or verifying a license key, a duplicate of the original license bean gets derived by applying the
* following (almost inverse) function composition (note that there is no initialization and hence no duplication
* required):
*
* {@code validate(decode(authenticate(decode(decompress(decrypt(key))))))}
*
*
* The validation step is skipped when a license key is just viewed.
* Encryption is done via JCA with a configurable password based encryption algorithm.
* Authentication is done via JCA with a configurable keystore type and signature algorithm.
* Encoding is done with {@link java.beans.XMLEncoder} for simple, schema-less, yet resilient long term archival.
*
* TrueLicense 3 retains full compatibility with TrueLicense 1 ({@code V1}) and TrueLicense 2 ({@code V2/*}) format
* license keys.
*
* Applications use an instance of the interface {@link global.namespace.truelicense.api.LicenseManagementContextBuilder} as their
* starting point for configuring a {@link global.namespace.truelicense.api.LicenseManagementContext} and subsequently one or more
* {@link global.namespace.truelicense.api.ConsumerLicenseManager} or {@link global.namespace.truelicense.api.VendorLicenseManager} instances.
*
* For security, passwords are represented as an instance of the {@link global.namespace.truelicense.api.passwd.PasswordProtection}
* interface.
* Other security critical strings (algorithms, paths, etc.) are annotatable with
* {@code @global.namespace.truelicense.obfuscate.Obfuscate} and processible with the TrueLicense Maven Plugin for
* simple, reliable obfuscation of constant string values in the byte code for license applications.
*
* Warning:
* To protect against reverse engineering and modification of your application, it is strictly necessary to generally
* process all byte code which is comprised in your deployment unit with a tool for byte code obfuscation.
* TrueLicense does not provide general byte code obfuscation because there exist good quality third party tools, e.g.
* ProGuard.
*/
package global.namespace.truelicense.api;