WebPlayer License File

Discussion in 'Commercial Work' started by JeffAU, May 12, 2012.

  1. JeffAU

    JeffAU

    Member

    Joined:
    Mar 22, 2009
    Messages:
    387
    Hi all,

    I have a web player which I'd like to allow others to use - as long as they have a valid license file which I would issue to them.

    I'd like my web player to

    1) read the license file from the local folder

    var www : WWW = new WWW (pathtolicensefile);

    2) grab the text from the file

    WWW.text

    www.thisdomainname.com
    licenseowner@domain.com
    AFEJUTRDWS1KLA3QSCF3TG6JI24OLM5

    3) check the current domain name and make sure it matches the domain in the license

    WWW.url

    4) Process an MD5 using the domain and email plus a few unknown vars e.g. domain+"//"+xtravars+"\\"+email and if the generated MD5 matches the (AFEJUTRDWS1KLA3QSCF3TG6JI24OLM5) MD5 from the file then we allow the web player to run - otherwise we throw a license error.

    5) I'd also need an admin app for generating license files to send to clients.

    I have done this sort of thing in other languages but not in javascript within Unity. Has anyone done this before and may be able to assist? Its a project for schools and I don't have much of a budget but I could certainly send a few PayPal dollars if someone could assist.


    Thanks


    JeffAU
  2. JeffAU

    JeffAU

    Member

    Joined:
    Mar 22, 2009
    Messages:
    387
    Anyone happy to look at this one?

    I do need it quite urgently and I can provide payment.

    Infact, I can do most of it - just the MD5 javascripting would be a great help.

    Thanks


    Jeff
  3. appels

    appels

    Member

    Joined:
    Jun 25, 2010
    Messages:
    2,676
  4. JeffAU

    JeffAU

    Member

    Joined:
    Mar 22, 2009
    Messages:
    387
    Thanks appels - I tried Google and yes I agree it's quite a useful tool ;-) The issue I have is one of time which is why I offered the old fashion trading method of payment for a person who is able to use tools such as Google and help with the script.

    I think $50 to $100 would be a reasonable price - any thoughts of what this script should cost to create?

    I'll keep this out there until next weekend - if no takers I'll do it myself :)

    Seriously appels, thanks for the link - I'll certainly use that page for reference if I end up doing it myself next weekend - thanks.
  5. Dabeh

    Dabeh

    Member

    Joined:
    Oct 26, 2011
    Messages:
    1,530
    If you are serious about security, _NEVER_ cheap out on it. This would take a couple minutes to crack. But it's a school project..in which case I hope it wasn't you that was meant to write it ;)
  6. pislar

    pislar

    Member

    Joined:
    Sep 3, 2009
    Messages:
    213
    Hy..This looked intresting and I am realy bored so I wrote a few lines on it ;)

    Code (csharp):
    1.  
    2. using UnityEngine;
    3. using System.Collections;
    4. using System.IO;
    5.  
    6. public enum state
    7.     {
    8.         Valid,
    9.         Invalid,
    10.         LicenseNotFound,
    11.         ErrorOcurred
    12.     }
    13.  
    14.  
    15. public class licenseValidation
    16.  
    17.     {
    18.         internal struct License
    19.             {
    20.             public string domain;
    21.             public string email;
    22.             public string md5;
    23.             };
    24.        
    25.         public string pathToLicense { get; set;}
    26.         public bool isDone {get {return _isDone;}}
    27.         public state validState {get {return _validState;}}
    28.         public string domainValidUrl {set { _domainValidUrl= value;}}
    29.         private string _domainValidUrl ;
    30.         private state _validState;
    31.         private bool _isDone=false;
    32.         internal  License license;
    33.        
    34.        
    35.         public IEnumerator validateApp(bool checkDomain)
    36.             {
    37.             string phpDomain="";
    38.                
    39.             WWW www = new WWW(pathToLicense);
    40.             yield return null;
    41.            
    42.             if(checkDomain)
    43.                 {
    44.                     www= new WWW(_domainValidUrl);
    45.                     yield return null;
    46.                     if(www.error==null)
    47.                          phpDomain= getDomain (www.text);
    48.                     else
    49.                         checkDomain=false;
    50.                 }
    51.                
    52.             try
    53.                 {
    54.                 if(www.error!=null)
    55.                     {
    56.                     string licenseRaw=www.text;
    57.                     string[] licenseInfo= licenseRaw.Split("/"[0]);
    58.                     license.domain=licenseInfo[0]; license.email=licenseInfo[1]; license.md5=licenseInfo[2];
    59.                        
    60.                     if(getDomain(www.url)!=license.domain)
    61.                         {
    62.                         _validState = state.Invalid;
    63.                         }
    64.                     else
    65.                         {
    66.                         if(checkDomain)
    67.                             {
    68.                             if(phpDomain==license.domain)
    69.                                 {
    70.                                 if(Md5Sum("CryproService"+license.domain+"a46ls43"+license.email)==license.md5)
    71.                                     {
    72.                                     _validState = state.Valid
    73.                                     }
    74.                                 else _validState = state.Invalid;
    75.                                 }
    76.                             else _validState = state.Invalid;
    77.                             }
    78.                         else if(Md5Sum("CryproService"+license.domain+"a46ls43"+license.email)==license.md5)
    79.                             {
    80.                             _validState = state.Valid
    81.                             }
    82.                         }
    83.                     }
    84.                 else
    85.                     {
    86.                         _validState=state.LicenseNotFound;
    87.                     }
    88.                 }
    89.             catch
    90.                 {
    91.                 _validState = state.ErrorOcurred;
    92.                 }
    93.             _isDone=true;
    94.             }
    95.                        
    96.         internal string getDomain(string url)
    97.                 {
    98.                 string[] urlRaw=url.Split("/"[0]);
    99.                 int i=0;
    100.                 for(i=0;i<urlRaw.Length;i++)
    101.                     {
    102.                     urlRaw[i]=urlRaw[i].ToLower();
    103.                     if(urlRaw[i].IndexOf("www")!=-1)
    104.                             return urlRaw[i];
    105.                     }
    106.                 return "";
    107.                 }
    108.        
    109.         internal  string Md5Sum(string strToEncrypt)
    110.             {
    111.                 System.Text.UTF8Encoding ue = new System.Text.UTF8Encoding();
    112.                 byte[] bytes = ue.GetBytes(strToEncrypt);
    113.  
    114.                 System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
    115.                 byte[] hashBytes = md5.ComputeHash(bytes);
    116.  
    117.                 string hashstring = "";
    118.  
    119.                 for (int i = 0; i < hashBytes.Length; i++)
    120.                     {
    121.                         hashstring += System.Convert.ToString(hashBytes[i], 16).PadLeft(2, '0');
    122.                     }
    123.  
    124.                 return hashstring.PadLeft(32, '0');
    125.             }
    126.            
    127.     }
    128.  
    129.  
    130.  
    Simple Call Example
    Code (csharp):
    1.  
    2. using UnityEngine;
    3. using System.Collections;
    4.  
    5. public class simpleCall : MonoBehaviour
    6. {
    7.  licenseValidation validation= new licenseValidation();
    8.    
    9.     void Start ()
    10.     {
    11.     StartCoroutine(validation.validateApp(false));
    12.     StartCoroutine(waitForComplete());
    13.     }
    14.    
    15.     public IEnumerator waitForComplete ()
    16.         {
    17.         while(validation.isDone==false)
    18.             {
    19.             yield return null
    20.             }
    21.    
    22.             if(validation.validState==0)
    23.                 {
    24.                 //handle is Valid
    25.                     }
    26.             else
    27.                 {
    28.                     //.....
    29.                     }
    30.         }
    31. }
    32.  
    PHP Code to get domain of aplication nothing guarantees us that license and app are on same domain must call validateApp with "true" and set "domainValidUrl" before with path to where the php is hosted
    Code (csharp):
    1.  
    2. <?php
    3. echo $_SERVER['HTTP_REFERER'];
    4. ?>
    5.  

    EDIT : Note the I havent tested this
  7. JeffAU

    JeffAU

    Member

    Joined:
    Mar 22, 2009
    Messages:
    387
    Wow amazing work!!

    Thanks so much for the time you have spent here.

    Currently the php script would need to be placed somewhere on the server however a hard coded domain could be returned to match the license.

    Could we simply parse www.url to get the domain of the server running the app?

    Ok I'll start testing :)

    A big thanks for this. I'll be sure to pay you beyond what I have suggested above.

    Cheers


    Jeff
  8. pislar

    pislar

    Member

    Joined:
    Sep 3, 2009
    Messages:
    213
    Hy Jeff
    So when you use www.url it returns the url twaords you are pointing , so the URL to the license in our case as we are are loading the license file in that instruction..but nothing asures us that the hosting place of the app is same as we do not check it..So I wrote the php which returns us the url by the page which called the PHP , So in other words we check for domain of the app if it coincides with the one of the license and with the one specified in the license. Also you have to be the one hosting the php file.
  9. JeffAU

    JeffAU

    Member

    Joined:
    Mar 22, 2009
    Messages:
    387
    Ah understood - so is there a function to simply get the domain which is currently hosting the app? The issue is that multiple schools would host this webplayer app on their websites. The app needs to be the same for all schools without any customisation other than providing each with a unique license file. Some may be running php, some asp or jsp etc.

    So if our web player can internally check the domain which is used to run the app, grab the license locally (in the same folder where the app is located) and check that the domains match.
  10. JeffAU

    JeffAU

    Member

    Joined:
    Mar 22, 2009
    Messages:
    387
  11. pislar

    pislar

    Member

    Joined:
    Sep 3, 2009
    Messages:
    213
    Hy Jeff..Yeah I reminded of that as well here are updated scipts they also tested this time they work :) also with a editor scipt for createing the license files

    Code (csharp):
    1.  
    2. using UnityEngine;
    3. using System.Collections;
    4. using System.IO;
    5. using System;
    6.  
    7.  
    8. public class licenseValidation
    9.  
    10.     {
    11.         public enum state
    12.             {
    13.                 Valid,
    14.                 Invalid,
    15.                 LicenseNotFound,
    16.                 ErrorOcurred,
    17.                 NotComplete
    18.             }
    19.  
    20.        
    21.         internal struct License
    22.             {
    23.             public string domain;
    24.             public string email;
    25.             public string md5;
    26.             };
    27.        
    28.         public string pathToLicense { get; set;}
    29.         public bool isDone {get {return _isDone;}}
    30.         public state validState {get {return _validState; }}
    31.         private state _validState=state.NotComplete;
    32.         private bool _isDone=false;
    33.         internal  License license;
    34.        
    35.        
    36.         public IEnumerator validateApp(bool checkDomain)
    37.             {
    38.             string absoluteDomain="";
    39.            
    40.                
    41.             WWW www = new WWW(pathToLicense);
    42.             yield return null;
    43.            
    44.             if(checkDomain)
    45.                 {
    46.                 absoluteDomain= getDomain (Application.absoluteURL);
    47.                 }
    48.             try
    49.                 {
    50.                 if(www.error==null)
    51.                     {
    52.                     string licenseRaw=www.text;
    53.                     string[] licenseInfo= licenseRaw.Split("#"[0]);
    54.                     license.domain=licenseInfo[0]; license.email=licenseInfo[1]; license.md5=licenseInfo[2];
    55.                     license.domain.Replace("  ", ""); license.email=license.email.Substring(2); license.md5=license.md5.Substring(2,32);
    56.                     string localMd5= Md5Sum("CryproService"+license.domain+"a46ls43"+license.email);
    57.                        
    58.                     if(getDomain(www.url)!=license.domain)
    59.                         {
    60.                         Debug.Log(getDomain(www.url) +":" + license.domain);
    61.                         _validState = state.Invalid;
    62.                         }
    63.                     else
    64.                         {
    65.                         if(checkDomain)
    66.                             {
    67.                             if(absoluteDomain==license.domain)
    68.                                 {
    69.                                 if(localMd5==license.md5)
    70.                                     {
    71.                                     _validState = state.Valid
    72.                                     }
    73.                                 else _validState = state.Invalid;
    74.                                 }
    75.                             else _validState = state.Invalid;
    76.                             }
    77.                         else if(localMd5==license.md5)
    78.                             {
    79.                             _validState = state.Valid
    80.                             }
    81.                         else
    82.                             {
    83.                                 _validState = state.Invalid;   
    84.                             }
    85.        
    86.                         }
    87.                     }
    88.                 else
    89.                     {
    90.                         _validState=state.LicenseNotFound;
    91.                     }
    92.                 }
    93.             catch
    94.                 {
    95.                 _validState = state.ErrorOcurred;
    96.                 }
    97.             _isDone=true;
    98.             }
    99.                        
    100.         internal string getDomain(string url)
    101.                 {
    102.                 string[] urlRaw=url.Split("/"[0]);
    103.                 int i=0;
    104.                 for(i=0;i<urlRaw.Length;i++)
    105.                     {
    106.                     urlRaw[i]=urlRaw[i].ToLower();
    107.                     if(urlRaw[i].IndexOf("www")!=-1)
    108.                             return urlRaw[i];
    109.                     }
    110.                 return "";
    111.                 }
    112.        
    113.         internal  string Md5Sum(string strToEncrypt)
    114.             {
    115.                 System.Text.UTF8Encoding ue = new System.Text.UTF8Encoding();
    116.                 byte[] bytes = ue.GetBytes(strToEncrypt);
    117.  
    118.                 System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
    119.                 byte[] hashBytes = md5.ComputeHash(bytes);
    120.  
    121.                 string hashstring = "";
    122.  
    123.                 for (int i = 0; i < hashBytes.Length; i++)
    124.                     {
    125.                         hashstring += System.Convert.ToString(hashBytes[i], 16).PadLeft(2, '0');
    126.                     }
    127.  
    128.                 return hashstring.PadLeft(32, '0');
    129.             }
    130.            
    131.     }
    132.  
    133.  
    134.  

    Simple Call Test

    Code (csharp):
    1.  
    2. using UnityEngine;
    3. using System.Collections;
    4.  
    5. public class simpleCall : MonoBehaviour
    6. {
    7.  licenseValidation validation= new licenseValidation();
    8.    
    9.     void Start ()
    10.     {
    11.     validation.pathToLicense=@"linkToLicense";
    12.     StartCoroutine(validation.validateApp(false));
    13.     StartCoroutine(waitForComplete());
    14.     }
    15.    
    16.     public IEnumerator waitForComplete ()
    17.         {
    18.         while(validation.isDone==false)
    19.             {
    20.             yield return null
    21.             }
    22.    
    23.             if(validation.validState==0)
    24.                 {
    25.                 //handle is Valid
    26.                     Debug.Log("Valid");
    27.                     }
    28.             else
    29.                 {
    30.                     //.....
    31.                     Debug.Log(""+validation.validState);
    32.                     }
    33.         }
    34. }
    35.  
    36.  

    Editor

    Code (csharp):
    1.  
    2. using UnityEngine;
    3. using UnityEditor;
    4. using System.IO;
    5. public class licenseEdit : EditorWindow
    6.     {
    7.         public string licenseName="";
    8.         public string licenseDomain="";
    9.         public string licenseEmail="";
    10.         public string licenseExtension="";
    11.        
    12.         [MenuItem ("Window/License Editor")]
    13.         static void Init () {
    14.             licenseEdit window = (licenseEdit)EditorWindow.GetWindow (typeof (licenseEdit));
    15.         }
    16.        
    17.         void OnGUI ()
    18.         {
    19.             GUILayout.Label ("License Editor", EditorStyles.boldLabel);
    20.             licenseName = EditorGUILayout.TextField ("License Name:", licenseName);
    21.             licenseDomain = EditorGUILayout.TextField ("Domain:", licenseDomain);
    22.             licenseEmail = EditorGUILayout.TextField ("Email:", licenseEmail);
    23.             licenseExtension = EditorGUILayout.TextField ("File Extension:", licenseExtension);
    24.             if(GUILayout.Button("Generate License"))
    25.                 {
    26.                 saveLicense()
    27.                 }
    28.            
    29.         }
    30.        
    31.         public  string Md5Sum(string strToEncrypt)
    32.             {
    33.                 System.Text.UTF8Encoding ue = new System.Text.UTF8Encoding();
    34.                 byte[] bytes = ue.GetBytes(strToEncrypt);
    35.  
    36.                 System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
    37.                 byte[] hashBytes = md5.ComputeHash(bytes);
    38.  
    39.                 string hashstring = "";
    40.  
    41.                 for (int i = 0; i < hashBytes.Length; i++)
    42.                     {
    43.                         hashstring += System.Convert.ToString(hashBytes[i], 16).PadLeft(2, '0');
    44.                     }
    45.  
    46.                 return hashstring.PadLeft(32, '0');
    47.             }
    48.            
    49.         public void saveLicense()
    50.                 {
    51.                 string workingPath=Application.dataPath;
    52.                 workingPath+="/Licenses/"+licenseName+"."+licenseExtension;
    53.                 StreamWriter sr= new StreamWriter(workingPath,true);
    54.                 sr.WriteLine(licenseDomain+"#");
    55.                 sr.WriteLine(licenseEmail+"#");
    56.                 sr.WriteLine(Md5Sum("CryproService"+licenseDomain+"a46ls43"+licenseEmail));
    57.                 sr.Close();
    58.                 }
    59.            
    60.         }
    61.  
    Last edited: May 14, 2012
  12. JeffAU

    JeffAU

    Member

    Joined:
    Mar 22, 2009
    Messages:
    387
    Wonderful work.

    I'll run some tests now.

    Please PM me with your PayPal email address and I'll send some funds.

    Many thanks again.

    JeffAU