Expand description
Generic dual-license runtime verification library for Traitome Rust projects.
§Overview
oxo-license provides an Ed25519-based license verification system that
can be embedded into any Rust application. It supports:
- Any number of license types (e.g.,
"academic","commercial","enterprise") - Shared key infrastructure — all Traitome products use the same signing key pair
- Offline verification — no network calls required at runtime
- Configurable discovery — customize env var names and platform config dirs
§Architecture
Issuer (offline tool) Application (runtime)
────────────────────── ─────────────────────
LicensePayload ──┐ license.json ──▶ LicenseFile
SigningKey (Ed25519) │ │
│ │ ▼
└──▶ serde_json::to_vec ──▶ sign ──▶ verify_license_with_key
(EMBEDDED_PUBLIC_KEY_BASE64)§Quick Start
use oxo_license::{LicenseConfig, load_and_verify};
// Define your project's license configuration
static MY_CONFIG: LicenseConfig = LicenseConfig {
schema_version: "my-app-license-v1",
public_key_base64: "BASE64_ENCODED_32_BYTE_PUBLIC_KEY",
license_env_var: "MY_APP_LICENSE",
app_qualifier: "io",
app_org: "myorg",
app_name: "my-app",
license_filename: "license.json",
};
// Verify a license at runtime
fn check_license(path: Option<&std::path::Path>) -> Result<(), oxo_license::LicenseError> {
load_and_verify(path, &MY_CONFIG)?;
Ok(())
}§License Schema
A signed license file is a JSON object with these fields:
{
"schema": "my-app-license-v1",
"license_id": "550e8400-e29b-41d4-a716-446655440000",
"issued_to_org": "Acme University",
"contact_email": "research@acme.edu",
"license_type": "academic",
"scope": "org",
"perpetual": true,
"issued_at": "2025-01-01",
"signature": "BASE64_ENCODED_64_BYTE_ED25519_SIGNATURE"
}Field order in the JSON object is the canonical wire format — the
signature covers serde_json::to_vec(&payload) with fields in the order
they are declared in LicensePayload.
Structs§
- License
Config - Project-specific configuration for the license system.
- License
File - Full on-disk license file: payload fields flattened + Ed25519
signature. - License
Payload - The payload that is signed by the license issuer.
Enums§
- License
Error - Errors returned by the license verification subsystem.
Functions§
- find_
license_ path - Find the license file path using the priority chain:
- load_
and_ verify - Load a license file from disk and verify its signature.
- verify_
license - Verify a
LicenseFileagainst the public key embedded inconfig. - verify_
license_ with_ key - Verify a
LicenseFileagainst an arbitrary Base64-encoded public key.