We use cookies to give you the best experience on our website. If you continue to browse, then you agree to our privacy policy and cookie policy. Image for the cookie policy date
WEBINAR  Visualize Customer Survey Reports Using Our React 3D Circular Charts Control —Thursday, May 02, 10:00 A.M. ET REGISTER NOW
close icon
  1. Home
  2. Forum
  3. Others
  4. Clear text license keys and GitHub

Clear text license keys and GitHub

I may be missing the point here.

I am writing an open source Xamarin Forms project that will use the SfListView component.

As I understand it, I initialise the licensing with my key in clear text, code taken from how-to-generate-syncfusion-license-key
  //Register Syncfusion license
  Syncfusion.Licensing.SyncfusionLicenseProvider.RegisterLicense("YOUR LICENSE KEY");

When I post this to GitHub, surely everyone can see my license key?

My current solution is to pull the "YOUR LICENSE KEY" string from a file outside the GitHub source tree.
Doh! That's never going to work - I'm muddling up compile time and run time.

PS: I have seen this post: best-technique-to-securing-license-key but it doesn't seem to provide a solution today.

7 Replies
VN Vadivel Natarajan Syncfusion Team February 6, 2019 10:24 AM UTC

Hi Alan, 

Thanks for contacting Syncfusion support.  

Please refer the following Knowledge base article link to register the Syncfusion license without hardcoded in application.  


Please let us know if this helps you.  

Regards, 
Vadivel Natarajan  


AL Alan February 6, 2019 03:36 PM UTC

OK, I can't get this to work

As my Android app launches I get this message
Syncfusion License 
The included Syncfusion license is invalid. Please refer to this help topic(https://help.syncfusion.com/es/licensing/invalid/) for more information. 

I'm building using VS2017 Community edition 15.9.4 on Win 10

I am using your instructions at https://www.syncfusion.com/kb/9179/syncfusion-license-register-without-hardcoded
  • I've put my Syncfusion licence key into a system environment variable.
  • I've put the pre and post build events into the project that wants to register the licence.  The events point to App.xaml.cs
  • I've put the registration code into App.xaml.cs ; this is the line
          Syncfusion.Licensing.SyncfusionLicenseProvider.RegisterLicense("##SyncfusionLicense##");

  • I repeat the process for the Android project, with the registration code in OnCreate() in MainActivity.cs
  • (I'm not building an iOS project)

If I turn VS2017 build output up to diagnostics (the highest) I can see that SyncfusionLicenseRegister.bat is being called correctly twice (pre- and post-build) but I can't see any output.

If I use DOS, go to the correct directory and run
SyncfusionLicenseRegister.bat PreBuild App.xaml.cs
I can see that the correct licence code has been inserted into App.xaml.cs
If I then run
SyncfusionLicenseRegister.bat PostBuild App.xaml.cs
I can see that the relevant line in App.xaml.cs now again holds the dummy key: "##SyncfusionLicense##"


PS: I suggest also that when creating the post-build event, you select "Run the post-build event - always". The default is " - on successful build"
This ensures that the licence key doesn't remain in the source code if the build fails, from where it might be pushed up to Github or some other public location.
Of course no dev would ever commit broken code, but it's worth checking.


PPS: With the approach above, you are still embedding the licence key in the code. I suspect someone with some intelligence could probably extract it.
I suggest it would be better to tie the licence key to something specific about the app.
Maybe with signed apps you could have a small program that takes the app signature and the licence key and then produces some kind of hash value that can be stored with the app.
This program would be run once by the developer after the app is signed.
At runtime, the Syncfusion license validator would read the hash value and the app signature and only validate the licence if correct.
This way, only the hash value would be embedded in the app and would be useless to any other application / licence combination


VN Vadivel Natarajan Syncfusion Team February 11, 2019 12:44 PM UTC

Hi Alan,

We have created a support incident under your directtrac account. Please follow up the support incident for further updates.

https://www.syncfusion.com/support/directtrac/incidents

Regards,
Vadivel Natarajan

PH Phil June 27, 2020 04:58 PM UTC

I haven't tried this but it's one possible solution

1) put the license key in a text file 'SyncfusionLicense.txt' which is part of the project (like the Syncfusion sample code).

2) register the license with code appropriate for your platform - this is from the Blazor sample code

            if (File.Exists(System.IO.Directory.GetCurrentDirectory() + "/SyncfusionLicense.txt"))
            {
                string licenseKey = System.IO.File.ReadAllText(System.IO.Directory.GetCurrentDirectory() + "/SyncfusionLicense.txt");
                SyncfusionLicenseProvider.RegisterLicense(licenseKey);
            }

3) exclude that file from source control using .gitignore.

You may want to check the Xamarin forms sample code.

CH Christopher Hirudayasamy Syncfusion Team June 29, 2020 08:55 AM UTC

Hi Phil,

Thanks for the update.

If you are using the Trial installer or NuGet packages, then you should generate and register the corresponding version platform license key in your application.

To generate license key: https://help.syncfusion.com/common/essential-studio/licensing/license-key#how-to-generate-syncfusion-license-key

To register the license key: https://help.syncfusion.com/common/essential-studio/licensing/license-key#how-to-register-the-syncfusion-license-key  

Please let us know if you have any issue regarding license key generation and registration.

Regards,
Christopher H.

PH Phil June 29, 2020 01:25 PM UTC

Chris,

you misunderstood me.  I have a license key, that's not what the OP was asking.  He was asking how he/we can store open source code on GitHub that uses your controls without making the license key visible to the world.  I was trying to give him a possible way of doing that.

Phil

CH Christopher Hirudayasamy Syncfusion Team June 30, 2020 12:27 PM UTC

Hi Phil,

This is also one of the way to generate and register the license key. Thanks for your suggestion.

Regards,
Christopher H. 


Loader.
Live Chat Icon For mobile
Up arrow icon