Getting Started

This topic describes the necessary steps and provides some high-level guidance on how to integrate licensing into your application.

The Using Protection PLUS in .NET Applications webinar provides a video walk-through of using theInstant PLUS Wizard and the PLUSManaged API with SOLO Server.

Define Licensing Requirements

Before beginning source code integration, it is important to define the application's licensing requirements. Several questions are listed below, which you may ask to help develop a list of requirements.

Basic Requirements

What types of licenses may be issued? Some examples include:
- Trial, Evaluation, or Shareware (see the Trial Licensing topic for more details)
- Periodic, Lease, or Subscription
- Full, or Non-Expiring
For each type of license which may be issued, should the license expire, and if so, why and when should this occur? Here are some arbitrary examples:
- Trial licenses should expire after 30 days.
- Trial licenses should expire after 10 uses, or 7 days, whichever occurs first.
- Subscriptions may be purchased, which last 90 days. After 90 days, a subscription renewal may be purchased to extend the license subscription an additional 90 days.
How reliable is Internet connectivity for your users? Contributing factors which can impact this includes (but is not limited to):
- Internet connection speed and quality. Mobile, dial-up, and satellite connections may be slower or less reliable than other types of connections.
- Personal firewall software, which may block individual applications, and require users to occasionally configure an exception.
- Network firewall configurations may be configured with very restrictive policy.
- Proxy servers sometimes require additional configuration by the end-user, and may also be configured with very restrictive policy.
Will activation be supported or required? If so...
- Will Internet connectivity be required on the system being activated.
- If Internet connectivity is not available on the system being activated, is it practical to use another system which has Internet access to activate the target system? (This is possible to do by transferring files via removable media, like a USB drive.)
- If Internet connectivity is not available, how else should users be able to activate? (For example, telephone, fax, etc...)

Advanced Requirements

Will your application allow users to deactivate or transfer activated licenses? (This is only supported when activation is used, and works best with Internet connectivity.)
Will status checking, or phoning-home, be supported or required? (This should be required if users are allowed to deactivate or transfer activated licenses.)
- How often will your application try to perform status checking?
- How often will your application require status checking?
Does your application have modules and/or features that need to be licensed as well? If so...
- Does each share the application's license? If so, do they only need to be toggled (enabled/disabled) conditionally?
- Does each instead have its own license (meaning these questions should be asked separately for each applicable module or feature)?
Does your application consist of a suite of applications? (This can be similar to the modules and/or features decribed above.)
Does your application run in a networked environment, where a group or groups of users share a single license?
Does your application need to support pay-per-use restrictions, and require reactivation after each use or several uses?

Application Characteristics

Is the application a .NET/managed application (written with C# or VB.NET), or an application written in native code (such as C/C++).
What is the nature of the application which needs to be licensed? For example, is it a standard Windows GUI application, component, service, web application, etc...?
How critical is security and integrity of the license?
How critical is the availability of your application to its users? This can impact decisions on how or when to prompt and/or lock-out users when license validation fails.

Select an API

Instant PLUS

PLUSManaged is a robust API, which is also relatively simple to use. However, Instant PLUS is an alternative which provides a wizard-based interface, and requires little to no source code changes. You should consider Instant PLUS under the following conditions:

The application is a standard Windows GUI application (or is not a service or web application, and is not a component that should not show Windows GUI dialogs).
The application does not have many or any requirements which would require a customized implementation (such as network licensing).
The application is a native application (written in C/C++), a .NET/managed application, or consists of a mix of both native and managed code.
The application licensing dialogs do not need to be customized, and do not need to display UNICODE characters.

PLUSManaged

If Instant PLUS does not suit your needs as decribed above, or if you simply prefer more control and/or a purely managed .NET implementation, PLUSManaged is the best choice. PLUSManaged has two License implementations to choose from. Based on your licensing requirements, you may apply the implementations below for specific license types, applications, etc...

License

The License class in PLUSManaged is strongly recommended, as it provides the highest level of security. This is because it uses the RSA algorithm with a key pair, and only has partial information for one of the keys in the pair. Consequently, the License File can only be issued by SOLO Server, and essentially makes your License File read-only to your application. Of course, it is possible to use SOLO Server web services to update license fields, and have your application retrieve an updated License File from SOLO Server.

WritableLicense

The WritableLicense class in PLUSManaged is derived from the License implementation; however, it is able to digitally sign and write the License Files itself without communicating with SOLO Server directly. While this reduces security to some degree (because the key data is known to your application), it provides extra flexibility for situations where your application needs to write to the License File directly without requiring communication with SOLO Server. Examples of situations where this is appropriate includes (but is not limited to):

Allowing your application to automatically start a fresh trial/evaluation period the first time it is run.
Tracking custom data inside your License File which could not easily or securely be kept elsewhere (such as a database or custom application/configuration specific file).
Allowing for manual (i.e. telephone) activations through Protection PLUS 4 compatible Trigger Codes.

Review and Test the Samples

Before you commit to integrating the code into your application directly, you should review and test the samples that best suit your need. If you have any advanced requirements not shown by the examples, you should try integrating them into the samples first. Additionally, if there is anything in the samples you find to be unclear or unexpected, or if you are not sure which samples you should evaluate, we encourage you to contact us.

Please refer to the Instant PLUS manual for its samples. Otherwise, please refer to the samples overview for additional details on PLUSManaged samples. You can also refer to the topic on Evaluating and Testing with SOLO Server for details on how to test the samples with the Protection PLUS 5 .NET Edition evaluation.

Integrate

Once you have gone through all of the above exercises, and you have purchased Protection PLUS 5 .NET Edition, the next step is to integrate the code into your application. If you are using SOLO Server, review the topic on Using PLUSManaged with your own SOLO Server or Instant SOLO Server account.

As always, be sure to test thoroughly, and contact us if you need additional guidance.

Obfuscate

The PLUSManaged.dll library included in this package is obfuscated and strong-named, and we strongly recommend you at least obfuscate your application as well. Obfuscation provides further protection for your application by helping prevent reverse engineering (and thereby preventing cracked versions of your software from being released). This also further protects your investment by preventing theft of your intellectual property.

It is possible to obfuscate your application in a manner which embeds PLUSManaged into your assembly; however, you will not be able to re-obfuscate or modify the strong named PLUSManaged library (as doing so would rename public symbols and render it unusable). For increased security, it is possible to inject or merge the library into your assembly where it is cross-obfuscated and all public symbols are renamed. If you are interested in doing this level of obfuscation please contact us for more information.