Public and Private Keys

Parent Previous Next

Public and Private Keys.

The SCRAMBLECODE compiler uses an RSA key pair to seal the compiled bytecode. The key pair consists of a public key part and a private key part. The public key part is embedded into your VM DLL. The public key is used for safe-load authentication of the bytecode to ensure it is untampered and originates from you.


The private key part is a secret key that should never be known by anyone outside your organization. It is used by the compiler to create a signature for the bytecode, and the calculated signature is deployed as an integrated part of the bytecode.


The keys used by the compiler are for signing and authentication only. They are not usable for encryption.


Key Pairs and Signatures.

SCRAMBLECODE is deployed with a set of keys which are only relevant for evaluation purposes.


However, once you purchase a copy of the solution and receive a license serial number, you are able to generate your own keys. Each purchased serial number refers to a certain type of license, which gives you access to generate a certain number of key pairs as set forth in the list of features for each product version. Each created pair contains a private key and the associated public key.


SCRAMBLECODE can manage key pairs based on the RSA technology using either 2048, 3072, 4096 or 8192 bits. Furthermore when creating the signature the compiler can make use of the hash algorithms MD5, SHA1, SHA256, SHA384 and SHA512.


File Storage.

You can generate your keys in the IDE in a completely safe setup - without any connection to the Internet. This is done automatically when you create or update your LicenseID, which results in 2 simple text files:


Only the file LicenseID.txt is later used for registration of your acquired license, which means your public keys will become a locked part of your license.


The file PrivateKey.txt must be kept safe and protected at all time. This file is not part of the registration process and should never be made available to anyone outside your organization.


PLEASE NOTICE:

If you loose a private key, no one can help you. It can't be reconstructed.