That would make the whole encryption Thing useless. You could simply encrypt by Password and still the only protection is the shared secret witch is statically encoded.
If you get to know this secret then your can easily generate your own pair of public and private key. Spoof the license server and use your own private key to generate the signature. Then you would just use your own public key.
The Private Public key encryption literally makes no sense at all as your can simply replace it with your own keys.
The only protection is the secret that your proparbly share across all installations.
The only way signatures can be trustworthy verified is to not allow the user to change/replace the public key.
All licensing can be circumvented. Replacing keys with your own keys is not simple, most people do not have the expertise to do that and to spoof a license server. And, none of that can be done without decoding the files first. Files must be decoded for that. (in the case of Blesta, the 3 license files) Reverse engineering the code for ANY software product allows for nulling the software. It's much easier to null it than to spoof a license server, so nobody is going to do that unless for research.
If you find a way to prevent piracy 100%, let me know privately and let's become billionaires together.
We have circumvented 2 of our competitors (one ryhmes with wimps and the other thinks they are an executive) without decoding. None of the techniques required to circumvent their licensing work on Blesta.. and once the code is reversed engineered, it's trivial to null - any software.
Martin got a reaction from activa in Licensing Addon Question