Loading...

XML

Word

Printable

Details

Type: Task
Resolution: Done
Priority: P2: Important
Fix Version/s: 3.0.0
Affects Version/s: 2.3
Component/s: General
Labels:
- 3.0
- itdevops

Description

The (unified) license key should not be a plain-text file, which could be edited by the users. It needs to be secured so that the content is not easily changed by the users.

Evaluate the following design:

use private keys to encrypt/decrypt the license key
Qt Account generates unique encrypt/decrypt keys to the Qt Account, per user
- The user's license key(s) are encrypted by this personal key by the back-end
the Daemon downloads the decrypt key during the Qt Account Login
- in pure offline scenarios, the user can manually put the decrypt key in place on the local file system
  - e.g. CI usage
the Daemon decrypts the key(s) in memory only
the Daemon provides an API towards the client application integration points (CIP) to query license features

Attachments

Issue Links

is required for

QLS-414 Roll-out plan for minimal workable solution for Squish 8.1

Open

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Zheng Zeng

Reporter:: Iikka Eklund

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 22 Aug '23 07:22

Updated:: 04 Jan '24 10:50

Resolved:: 04 Jan '24 10:50

Time Tracking

Estimated:

Remaining:

Logged:

Not Specified

Gerrit Reviews

There are no open Gerrit changes