OverviewExamples
sDecryptedString = Crypto.BlowfishDecryptString(sEncryptedString, sKey);
Decrypts the string 'sEncryptedString' using the key stored in 'sKey' and stores the decrypted string in the variable 'sDecryptedString'.
-- Initialize Registration/Access variables
bRegistrationRequired = true;
bAllowAccess = false;
-- Initialize registry action variables
nMainKey = HKEY_CURRENT_USER;
sSubKey = "SOFTWARE\\Your_Product\\Registration";
sUserNameValue = "UserName";
sSerialValue = "Serial";
sMD5CheckValue = "CheckKey";
sRegisterKeyValue = "RegKey";
bAutoExpand = true;
-- if the user's registration info was stored in the Windows Registry
-- (in the form of blowfish-encrypted strings), decrypt it
if Registry.DoesKeyExist(nMainKey, sSubKey) then
-- Key exists, pull values from registry
sUserName = Registry.GetValue(nMainKey, sSubKey, sUserNameValue, bAutoExpand);
sSerial = Registry.GetValue(nMainKey, sSubKey, sSerialValue, bAutoExpand);
sMD5Check = Registry.GetValue(nMainKey, sSubKey, sMD5CheckValue, bAutoExpand);
sRegisterKey = Registry.GetValue(nMainKey, sSubKey, sRegisterKeyValue, bAutoExpand);
if (sUserName ~= "") and (sSerial ~= "") and (sMD5Check) and (sRegisterKey ~= "") then
-- All four values are present, perform check
sUserNameDecrypted = Crypto.BlowfishDecryptString(sUserName, sRegisterKey);
sSerialDecrypted = Crypto.BlowfishDecryptString(sSerial, sRegisterKey);
if (Crypto.MD5DigestFromString(sUserNameDecrypted) .. Crypto.MD5DigestFromString(sSerialDecrypted)) == sMD5Check then
-- MD5 check passed, we don't need to register
bRegistrationRequired = false;
-- allow access
bAccessAllowed = true;
end
end
end
if bRegistrationRequired then
-- Registration is required
sUserName = Dialog.Input("UserName", "Please enter your username:");
if sUserName ~= "CANCEL" and sUserName ~= "" then
-- User didn't press cancel, get serial
sSerial = Dialog.Input("UserName", "Please enter your serial number:");
if sSerial ~= "CANCEL" and sSerial ~= "" then
-- user didn't press cancel, continue.
-- get install date time in format JULIANsecondsMINUTEShours
sInstallDateTime = System.GetDate(DATE_FMT_JULIAN) .. System.GetTime(TIME_FMT_SEC) ..System.GetTime(TIME_FMT_MIN) .. System.GetTime(TIME_FMT_HOUR);
-- Generate HTTP Submit variables
sURL = "http://www.yourdomain.com/register_app.php"
tSubmitTable = {user = sUserName, serial = sSerial, installed = sInstallDateTime};
nMethod = SUBMITWEB_POST;
nTimeout = 20;
nPort = 80;
tAuth = nil;
tProxy = nil;
-- Submit to web (structure of returned string: UserNameMD5SerialMD5::Key)
sReturnedData = HTTP.Submit(sURL, tSubmitTable, nMethod, nTimeout, nPort, tAuthData, tProxyData);
if sReturnedData == "-1" or sReturnedData == "" then
-- An error occured, deny access
bAccessAllowed = false;
else
-- No error occured, cut apart string
nDelimiterPosition = String.Find(sReturnedData, "::", 1, false);
-- Get everything before the ::
sMD5Check = String.Mid(sReturnedData, 1, nDelimiterPosition - 1);
-- Get everything after the ::
sKey = String.Mid(sReturnedData, nDelimiterPosition + 2, -1);
-- Assign the registry values
Registry.SetValue(nMainKey, sSubKey, sUserNameValue, Crypto.BlowfishEncryptString(sUserName, sKey), REG_SZ);
Registry.SetValue(nMainKey, sSubKey, sSerialValue, Crypto.BlowfishEncryptString(sSerial, sKey), REG_SZ);
Registry.SetValue(nMainKey, sSubKey, sMD5CheckValue, sMD5Check, REG_SZ);
Registry.SetValue(nMainKey, sSubKey, sRegisterKeyValue, sKey, REG_SZ);
-- set register variable to false (so the user isn't prompted to enter info again)
bRegistrationRequired = false;
-- display thank-you message
Dialog.Message("SUCCESS!", "Thank-you for registering. Enjoy the product!");
-- allow access
bAccessAllowed = true;
end
else
-- Cancel was pressed, deny access
bAccessAllowed = false;
end
else
-- Cancel was pressed, deny access
bAccessAllowed = false;
end
end
if not bAccessAllowed then
Dialog.Message("ERROR", "Invalid registration information provided.", MB_OK, MB_ICONSTOP);
Application.Exit();
end
Reads information from the registry and decrypts it. If the information does not exist, the above script will interact with a web-based php script (http://www.yourdomain.com/register_app.php) to verify a serial number. For this example, the following php script will function:
<?
// Check for post data
if ($_POST)
{
// Initialize user array in format "Username"=>"Serial"
$user_array = array(
"John Doe"=>"abc-def-ghi",
"Jane Smith"=>"123-456-789"
);
// Get info from post variables
$user = $_POST['user'];
$serial = $_POST['serial'];
$installed = $_POST['installed'];
// Step through the user array
foreach($user_array as $username=>$serialnumber)
{
// Compare current item to the posted information
if(($user==$username) AND ($serial==$serialnumber))
{
// The current user matched, return info and exit
echo md5($user).md5($serial).'::'.$installed;
exit;
}
}
// If this script makes it this far, nothing matched, return error code
echo -1;
}
else
{
// no post data was sent, return error code
echo -1;
}
?>
Note: The above php script must be hosted on a PHP-enabled web host, and be called from your application using either an HTTP.Submit or an HTTP.SubmitSecure action.
See also: Related Actions