RockyGuard

Documentation · Quick start

Quick start

End-to-end integration in five concrete steps. The full version, including the per-platform CMake link line and the CRT-variant caveat for Windows Debug builds, is in the shipped Customer Documentation Sec 2.3.

Step 1 — Generate your keypair (one time)

Run the keypair generator on a secure machine. Keep private.pem SECRET; embed public.pem in your application. 

tools/license_keygen --private private.pem --public public.pem

Step 2 — Create an end-user license

Requires the vendor_license.json file your library vendor sent you. Pass the end user's hardware fingerprint via --fingerprint-value (they get it by running rg_fingerprint on their own machine). 

tools/license_create \
  --vendor-license vendor_license.json \
  --key private.pem \
  --id "LIC-001" \
  --licensee "Customer Name" \
  --product "YourApp" \
  --expires "2027-12-31T23:59:59Z" \
  --fingerprint-value "<end user's fingerprint>" \
  --feature "pro_feature"

Step 3 — Embed your public key in your application

Paste the contents of public.pem into a static C++ string constant. This is what the verifier uses to confirm the license signature is yours. 

static constexpr char PUBLIC_KEY[] = R"(-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEA...your public key bytes...
-----END PUBLIC KEY-----)";

Step 4 — Verify on the customer's machine

Five lines. Load the license, check the hardware match, optionally check feature flags. Every uncertain state returns a documented LicenseStatus. 

#include <rockyguard/rockyguard.h>

int main() {
    rockyguard::LicenseVerifier verifier(PUBLIC_KEY);
    auto result = verifier.load("license.json");
    if (!result) { std::cerr << result.message << "\n"; return 1; }
    if (!verifier.check_node_locked()) { return 1; }

    if (verifier.check_feature("pro_feature")) {
        // gated functionality
    }
    // licensed and running
}

Step 5 — Link against the library

Static linking is recommended. The shipped librockyguard.a / rockyguard.lib contains the RockyGuard code only; OpenSSL is bundled in the deps/ directory and must be linked explicitly. Full per-platform link line: 

# Windows static (CMake):
target_link_libraries(your_app PRIVATE
    ${ROCKYGUARD}/lib/static/rockyguard.lib
    ${ROCKYGUARD}/deps/lib/libssl.lib
    ${ROCKYGUARD}/deps/lib/libcrypto.lib
    ws2_32 crypt32 iphlpapi ole32 oleaut32 wbemuuid)

# Linux static (CMake):
target_link_libraries(your_app PRIVATE
    ${ROCKYGUARD}/lib/static/librockyguard.a
    ${ROCKYGUARD}/deps/lib/libssl.a
    ${ROCKYGUARD}/deps/lib/libcrypto.a
    pthread dl)

On Windows, a Debug-CRT build of the library is shipped in v1.2.1; for v1.2.0, build your consumer project in Release mode. Full caveat in the shipped docs.

That is the complete v1.0 integration story. Adversarial probes (wrong key, stripped signature, past-date license, wrong-machine license) and the floating-license setup are covered in Customer Documentation Sections 4 and 5.

Ready to start?

30-day Premium trial, no credit card.

Request a trial license Browse docs