Skip to main content

Crate oxo_license

Crate oxo_license 

Source
Expand description

Generic dual-license runtime verification library for Traitome Rust projects.

§Overview

oxo-license provides an Ed25519-based license verification system that can be embedded into any Rust application. It supports:

  • Any number of license types (e.g., "academic", "commercial", "enterprise")
  • Shared key infrastructure — all Traitome products use the same signing key pair
  • Offline verification — no network calls required at runtime
  • Configurable discovery — customize env var names and platform config dirs

§Architecture

 Issuer (offline tool)              Application (runtime)
 ──────────────────────             ─────────────────────
 LicensePayload ──┐                 license.json ──▶ LicenseFile
 SigningKey (Ed25519)               │                     │
     │                             │                     ▼
     └──▶ serde_json::to_vec ──▶  sign ──▶   verify_license_with_key
                                            (EMBEDDED_PUBLIC_KEY_BASE64)

§Quick Start

use oxo_license::{LicenseConfig, load_and_verify};

// Define your project's license configuration
static MY_CONFIG: LicenseConfig = LicenseConfig {
    schema_version: "my-app-license-v1",
    public_key_base64: "BASE64_ENCODED_32_BYTE_PUBLIC_KEY",
    license_env_var: "MY_APP_LICENSE",
    app_qualifier: "io",
    app_org: "myorg",
    app_name: "my-app",
    license_filename: "license.json",
};

// Verify a license at runtime
fn check_license(path: Option<&std::path::Path>) -> Result<(), oxo_license::LicenseError> {
    load_and_verify(path, &MY_CONFIG)?;
    Ok(())
}

§License Schema

A signed license file is a JSON object with these fields:

{
  "schema": "my-app-license-v1",
  "license_id": "550e8400-e29b-41d4-a716-446655440000",
  "issued_to_org": "Acme University",
  "contact_email": "research@acme.edu",
  "license_type": "academic",
  "scope": "org",
  "perpetual": true,
  "issued_at": "2025-01-01",
  "signature": "BASE64_ENCODED_64_BYTE_ED25519_SIGNATURE"
}

Field order in the JSON object is the canonical wire format — the signature covers serde_json::to_vec(&payload) with fields in the order they are declared in LicensePayload.

Structs§

LicenseConfig
Project-specific configuration for the license system.
LicenseFile
Full on-disk license file: payload fields flattened + Ed25519 signature.
LicensePayload
The payload that is signed by the license issuer.

Enums§

LicenseError
Errors returned by the license verification subsystem.

Functions§

find_license_path
Find the license file path using the priority chain:
load_and_verify
Load a license file from disk and verify its signature.
verify_license
Verify a LicenseFile against the public key embedded in config.
verify_license_with_key
Verify a LicenseFile against an arbitrary Base64-encoded public key.