Creating an Offline Authentication Method?
-
@Casmat I've been working on a system for 2 years now that is finally in public beta. To put it lightly, it's a real pain.
If you want something that works right out of the box and is easy to implement, I recommend HISE Activate. https://activate.hise.dev/
Putting effort into a system that only feels like a proper solution will just add overhead to your designs with little to no benefit.
Just my opinion. -
@Casmat we used to use a simple offline -dont-call-home authorisation system, here's what we found:
Any simple algorithm(visible in HISE Script) will be easy for the pirates to build a key-gen(your worst case hacked scenario) but...
if you have a simple algo, that is applied to an RSA decryprted key then you at least have a system that forces the hacker to mess-with-your-code to get a pirate version out.
HISE Development for hire.
www.channelrobot.com -
@Casmat Because you're using expansions you can lock the expansion to the user's system so they can't share it.
https://docs.hise.audio/scripting/scripting-api/expansionhandler/index.html#encodewithcredentials
-
@Lindon if the code is closed source, would it still be necessary to have the Rsa encoding?
-
@Casmat said in Creating an Offline Authentication Method?:
@Lindon if the code is closed source, would it still be necessary to have the Rsa encoding?
the licensing model you use is up to you - but it doenst make the code inside the compiled plugin any more or any less available to pirates...open source of course offers them the source code anyway.
HISE Development for hire.
www.channelrobot.com -
@Lindon ahh I see! Could you describe the process further on how I would create the algorithm and I apply it to rsa?
-
@Casmat said in Creating an Offline Authentication Method?:
@Lindon ahh I see! Could you describe the process further on how I would create the algorithm and I apply it to rsa?
well you generate a string - and then test it for certain values - anything you like really...
say: a 30 character string where:
Character 3 = "A"
Character 17 = "f"
Character 27 = "n"
All other characters = some random characternow you can have thousands of strings that all comply with this criteria.
Generate a private and a public key in HISE - use the private key to RSA encode each string...
now you have thousands of encrypted strings... give your customers one of these for each purchase of your product
- add an authorisation process in your plugin that accepts one of these encrypted strings, decrypts it with the public key and validates the result matches your criteria.
HISE Development for hire.
www.channelrobot.com -
@Lindon Helpful, thanks a lot!
-
@Lindon said in Creating an Offline Authentication Method?:
Thank you! I’m working on implementing something similar based on this post.
Do I first need to create a set number of licenses (e.g., 4000) and then encrypt them all? Or is there a way to create a pattern that meets specific criteria, as you mentioned, without creating each string?
How do I encrypt all the strings? I assume it's with encryptWithRSA, but how should be done?
-
@bendurso said in Creating an Offline Authentication Method?:
@Lindon said in Creating an Offline Authentication Method?:
Thank you! I’m working on implementing something similar based on this post.
Do I first need to create a set number of licenses (e.g., 4000) and then encrypt them all? Or is there a way to create a pattern that meets specific criteria, as you mentioned, without creating each string?
How do I encrypt all the strings? I assume it's with encryptWithRSA, but how should be done?
Well when I use this method I wrote a HISE application that:
- allows me to enter a public and a private key and a project name
- allows me to define my characters and positions
- generates a user entered number of strings that comply with 2 above
- encodes these strings using the private key,
- tests they all decode correctly
- Writes the encoded strings to a text file
- Records the project data into a recallable json file....
I suggest you do the same....
