A Python library to create TrueLicense license files.
Project description
TrueLicense compatible license manager for Python
This package supports managing licenses one the format used by the Java package TrueLicense. Only the version 1 format is supported.
Please see the TrueLicense home page for an exhaustive reference of the license format, or Quick license format description below.
Quick license format description
A license has a validity window in time, an issuer, a holder and various meta data.
It is signed by the holder, and the signature can be verified using the issuer certificate.
The license file is also encrypted with a key derived from a password.
Quick library reference
The main class exported by truepy is truepy.License.
To generate a new license, use the class method truepy.License.issue.
To load a license from a file or stream, use the class method truepy.License.load.
To save a license to a file or stream, use the method truepy.License.store.
To verify the signature of a license, use the method truepy.License.verify.
To read license information, use the truepy.License.license_data attribute; this is of the type truepy.LicenseData.
Loading and storing licenses requires only the license password; these operations do not perform signing and signature verification.
Issuing a new license requires the private key of the issuer certificate.
Verifying a license signature requires the issuer certificate.
Quick application reference
Please run the application with python -m truepy -h for more information.
Usage
This section describes how to configure a system to use truepy.
Configuration includes installing truepy, generating an issuer certificate, generating licenses and validating licenses.
Installation
To install truepy, run the following command:
pip install truepy
Generating an issuer certificate
This functionality in not included in truepy. The recommended tool to use is OpenSSL. To issue a certificate and generate a private key, run the following command:
openssl req -x509 \
-newkey rsa:4096 \
-keyout key.pem \
-out certificate.pem \
-days $VALIDITY
This will prompt you for a password to protect the private key, and some other information to be included in the certificate.
The most important pieces of information are the password, which you will need later, and the $VALIDITY. The command line argument -days passed to OpenSSL determines how many days the certificate will be valid. Be sure not to set a too low value, as you will ne be able to use the certificate after this number of days have passed.
Issuing licenses
Once you have a certificate and a private key, you can start issuing licenses. The code below shows the minimum steps required:
from cryptography.hazmat import backends
from cryptography.hazmat.primitives import serialization
from truepy import LicenseData, License
# Load the certificate
with open('certificate.pem', 'r') as f:
certificate = f.read()
# Load the private key
with open('key.pem', 'b') as f:
key = serialization.load_pem_private_key(
f.read(),
password='MySecretPassword',
backend=backends.default_backend())
# Issue the license
license = License.issue(
CERTIFICATE,
key(),
license_data=LicenseData(
'2016-10-01T00:00:00',
'2020-10-01T00:00:00'))
# Store the license
with open('license.key', 'wb') as f:
license.store(f, b'LicensePassword')
Please note the second parameter to License.store. It is a password used to derive an encryption key to encrypt the final license data. It is not secret, as it will need to be available to the application verifying the license.
Validating licenses
To validate a license, you will need the certificate used in the step above, as well as the password used to encrypt the final license data. The code below shows the minimum steps required:
from truepy import License
# Load the certificate
with open('certificate.pem', 'r') as f:
certificate = f.read()
# Load the license
with open('license.key', 'rb') as f:
license = License.load(f, b'LicensePassword')
# Verify the license; this will raise License.InvalidSignatureException if
# the signature is incorrect
license.verify(certificate)
Release Notes
2.0.2 - Corrected handling of DSA keys
Corrected bug in reading of DSA keys.
Updated documentation.
2.0.1 - Corrected documentation
Changed declared type of parameter to License.issue.
2.0 - No dependency on OpenSSL
Changed certificate and signature verification routines to use cryptography instead of pyOpenSSL.
This changes all methods that take a certificate or a key as parameter.
1.0.1 - License Data Bugfix
Changed truepy.LicenseData.information to info to be compatible with TrueLicense.
1.0 - Initial Release
Support for basic license operations for TrueLicense version 1 licenses
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
