RE: Using C++ MD5 hash for software verification & licence files
The last few days I've been searching the net for ideas about building in some sort of software protection/security schema within a development for educational but perhaps more importantly to understand good & bad security coding/practises do's & don’t s when it comes to software development.
There is quite a bit of documentation out there & opinions & recommendations do vary considerably on what’s the best practises in C++, so can quiet easily render confusion.
In brief I've been thinking on the lines of
1. End user registers via website, the system then creates an encrypted licence file containing information specific to that user, to which the user places within a licence folder/dir.
2. Within this encrypted licence file it contains a MD5 hash or check sum of the original software to which the software compares its own MD5 hash against the original when it first loads.
The program can then decide whether to challenge the user to the authenticity of the software [or has it been tampered with].
Using such a encrypted licence file, only the software would know how to open the licence file using a built-in algorithm. Also it ensures the software consults the file to obtain other pieces of data in order to function properly.
Does any of you have any views/thoughts on the above method?. Any help would be greatly appreciated.