cancel
Showing results for 
Search instead for 
Did you mean: 
EN
cancel
Showing results for 
Search instead for 
Did you mean: 
BenjiDev
Enthusiast

Preventing sharing of commercial GDL objects

 

An author of a GDL object might want to sell it while also preventing buyers from sharing it with others. How is it done?

A GDL object cannot make HTTP requests and, to my knowledge, does not have access to any crypto libraries.

 

I have some ideas, but there may exist simpler solutions already:

 

The GDL author creates a C++ Add-On and sets up a license server. The sole purpose of the Add-On is to communicate with the license server, since the GDL object itself cannot make HTTP requests.

 

The flow:

  1. A GDL object is placed, and the Add-On gets notified through ACAPI_Notify_CatchNewElement.
  2. The Add-On queries the license server using:

    • a unique ID for the GDL object (essentially a product ID)
    • the Graphisoft user ID

    The server responds with a signed license (for example containing expiry date etc.). The important part is that the license is signed with the license server’s private key (for example using RSA).

  3. The Add-On writes the license as a string parameter into the GDL object.
  4. The GDL object verifies the license signature internally using the public key of the license server, validates the contents of the license, and disables itself (for example by not drawing any geometry) if the signature or contents are invalid.

Since a GDL object can be password protected, a user would not be able to simply remove the license check from the script itself. And you cannot easily edit the GDL code outside of ArchiCAD either.

 

The problem is step 4.

How would you realistically verify RSA signatures inside a GDL object? It does not seem very feasible to implement RSA verification manually in GDL.

The simpler alternative would be to let the C++ Add-On perform the license validation and then simply write an is_valid parameter into the GDL object. However, that seems insecure because someone could create a fake Add-On that just writes is_valid = true without checking any license.

 

Operating system used: Windows

24 Replies 24

How about if the licensing macro should be called with some string parameter & a secret string would cause  end param1...paramx, but otherwise it would just end?

I've also thought about this. I don't think it solves the issue.
The attacker can replace the macro first, to see how its called and as a second step set up an object to call the original macro with the spoofed parameters.

Automating Archicad with Add-Ons, GDL-Objects & Python Archi-XT.com
Davor P
Advocate

I thought I was being clever with a random string for both returned parameter name and its value. My returned param wasn't bool - it was a long string. Does that not obfuscate somewhat?

www.vktrs.co
Davor P
Advocate

Just did a quick test spoofing the macro and it gives away the value. So the "key" in transit is not safe. What options are there, besides a stupid long list of rotating keys on a clock and you hope no one will bother changing it daily?

What if instead you use an addon that builds the gsm. Have source xml stored on your server and inject the company ID into each object on download?

www.vktrs.co

Yes exactly, injecting the User/company ID into every single object is the only "pure" GDL way I can think of for now that seems safe to me.

Automating Archicad with Add-Ons, GDL-Objects & Python Archi-XT.com

Didn't find the answer?

Check other topics in this Forum

Back to Forum

Read the latest accepted solutions!

Accepted Solutions

Start a new conversation!