certificates for authenticity, authentification or both
TRANSCRIPT
![Page 1: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/1.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 1
Certificates for Authenticity,Authentification or both?
Wolfgang Voelker | Director Product [email protected]
Ruediger Kuegler | Security [email protected]
CertificatesSpeaker 3
![Page 2: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/2.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 2
What are Certificates?
![Page 3: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/3.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 3
Send
er
Sending a Signed Message
Data
Data
Signature
CalculateHash
CalculateSignature
PrivateKey
Data
Signature
CalculateHash
VerifySignature
PublicKey
Recip
ient
Yes No
![Page 4: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/4.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 4
The Challenge!
How do I know that the public key is genuine?
![Page 5: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/5.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 5
The Solution
Certificates(Public Key Certificate, X.509)
![Page 6: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/6.jpg)
03.05.2023 6
A Certificate
Certificates for authenticity, authentification or both?
Confirms the owner of a public key Identity:
Person
Company
IT-system (i.e. server)
Signed by issuer Attributes
Certificate
Issued for:Common name (CN): Wolfgang Voelker
Company (O): WIBU-SYSTEMS AG
Business unit (OU): WOPS
Serial number: 1be10001000220613…
Public key: 0x15, 0x3c, 0xd0, 0x26, 0xd6, 0x71, 0xfa, 0xae, 0x20, 0xa6, 0x15, 0x58, 0xea, 0x3d, 0xdd, 0x36, 0x89, …
Issued by:Common name (CN): Root
Company (O): WIBU-SYSTEMS AG
..
Valid until: 31.12.2015
![Page 7: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/7.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 7
The next Challenge!
How do I know that the certificate is genuine?
![Page 8: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/8.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 8
The next Solution
The certificate is signed by the issuer.
(Validation through the public key of the issuer)
![Page 9: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/9.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 9
The… Challenge!
…?
![Page 10: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/10.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 10
The final Solution
I already know a root certificate from a certification authority.
(Root Certificate / Certificate Authority)
![Page 11: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/11.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 11
Examples of Root Certificates
![Page 12: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/12.jpg)
03.05.2023 Zertifikate für Authentizität, Authentifizierung oder beides? 12
Certificate Hierarchy
Root Certificate
CN: Root
Certificate
CN: Inter 2
Certificate
CN: Wolfgang
Certificate
CN: Daniel
Certificate
CN: Marc
Certificate
CN: Christian
Certificate
CN: Ruediger
Certificate
CN: Stefan
Certificate
CN: Inter 1
Certificate
CN: Inter 3
![Page 13: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/13.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 13
Self-signed Certificates
Self-signed No Root-Certificate Usually not accepted
Users have to trust the certificate manually
Certificate
Issued for:Common name (CN): Ruediger Kuegler
Company (O): WIBU-SYSTEMS AG
Business unit (OU): Professional Services
Serial number: 1be10001000220613…
Public key: 0x15, 0x3c, 0xd0, 0x26, 0xd6, 0x71, 0xfa, 0xae, 0x20, 0xa6, 0x15, 0x58, 0xea, 0x3d, 0xdd, 0x36, 0x89, …
Issued by:Common Name (CN): Ruediger Kuegler
Company (O): WIBU-SYSTEMS AG
..
Valid until: 31.12.2015
![Page 14: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/14.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 14
Blacklists
CRL (Certificate Revocation List) Includes invalid certificates (certificate revocation) Online enquiry possible, Online Certificate Status Protocol (OCSP)
![Page 15: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/15.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 15
Use Cases
![Page 16: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/16.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 16
Use Cases
Server Certificates Client Certificates E-Mail Certificates / VPN Certificates OPC UA Certificates Authenticode Code integrity of software …
![Page 17: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/17.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 17
Server Certificates
![Page 18: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/18.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 18
Clie
nt
Server Certificate
ServerPrivate
Key
Serv
er
Root Certificate
CN: Root
https
Certificate
CN: wibu.com
Client verifies the identityof the server
![Page 19: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/19.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 19
Server Certificate – Secure Connection
![Page 20: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/20.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 20
Server Configuration…
SSLEngine onSSLCertificateKeyFile "c:/cert/my_private_key.pem"SSLCertificateFile "c:/cert/the_cert_I_got_from_verisign.crt"
![Page 21: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/21.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 21
… Server Configuration
SSLEngine on Activates SSL, SSL mode must be enabled
SSLCertificateKeyFile „c:/cert/my_private_key.pem“ Private Key
SSLCertificateFile „c:/cert/the_cert_I_got_from_verisign.crt “ Certificate
![Page 22: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/22.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 22
Client Certificates
![Page 23: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/23.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 23
Clie
nt
Client Certificate
ServerPrivate
Key
Serv
er
Root Certificate
CN: Root
https
Certificate
CN: wibu.com
Client verifies the identityof the server
ClientPrivate
Key
Certificate
CN: user
Root Certificate
CN: Wibu Root
Server verifies the identityof the client
![Page 24: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/24.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 24
Server Configuration for Client Certificates
SSLEngine onSSLCertificateKeyFile "c:/cert/my_private_key.pem"SSLCertificateFile "c:/cert/the_cert_I_got_from_verisign.crt"SSLCACertificateFile "c:/cert/my_own_ca_root_cert.crt"SSLVerifyClient requireSSLVerifyDepth 10SSLRequire %{SSL_CLIENT_S_DN_CN} eq "[email protected]"SSLOptions +StdEnvVars
![Page 25: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/25.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 25
… Server Configuration for the Client Certificate
SSLCACertificateFile „c:/cert/my_own_ca_root_cert.crt“ Certificate Authority (CA) for Client Certificates
SSLVerifyClient require Client Certificate required
SSLRequire %{SSL_CLIENT_S_DN_CN} eq [email protected] Example of a validation
SSLOptions +StdEnvVars Transmission of the parameters to PHP / Application
![Page 26: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/26.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 26
Issuance of a Client Certificate (recommended)
Client: Generate the key pair
Generate the Certificate Signing Request (CSR)
Send the CSR to a CA
CA / Server: Generate a certificate
Send the certificate to a client
Client: Import the certificate
![Page 27: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/27.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 27
Creation of a Client Certificate (easy)
CA / Server: Generate the key pair
Generate the certificate
Export the private key
Send certificate + private key to a client
Client: Import the certificate
Import the private key
![Page 28: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/28.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 28
Certificate / Private Key Storage
![Page 29: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/29.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 29
Saving Private Keys
File on the file system (PEM file with key) Certificate Storage
PKCS#11
Microsoft CSP (Crypto Service Provider)
Physical medium On a disk
In a token
![Page 30: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/30.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 30
PKCS#11 / Microsoft CSP
PKCS#11 Microsoft CSP
CmDongle
Internet ExplorerOutlookFirefox OpenVPN
My Application
![Page 31: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/31.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 31
Example with a Token: CSSI Middleware
![Page 32: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/32.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 32
Authenticode
![Page 33: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/33.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 33
Motivation: the Application
Signed Application
![Page 34: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/34.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 34
Started Application
![Page 35: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/35.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 35
Motivation: the Patch
![Page 36: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/36.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 36
Motivation: the Question
Is the application still runnig?
![Page 37: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/37.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 37
Started Application (with invalid signature)
![Page 38: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/38.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 38
Is the application still runnig?
The scary answer:
YES
![Page 39: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/39.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 39
Summary
Microsoft Windows starts any application Without signature
With valid signature
With invalid signature
On-board tools are not suitable for copy / integrity protection
![Page 40: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/40.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 40
Yes, but…
Yes, but…
![Page 41: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/41.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 41
Software Check
Signature validation Valid / Invalid?
Who has signed?
When was the application signed?
Reaction in case of invalid signature Exit (hiding the calls?)
„Wrong calculation“ !?
![Page 42: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/42.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 42
Started Application (with Authenticode check via API)
![Page 43: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/43.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 43
Started Application (Patched)
![Page 44: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/44.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 44
The Vulnerability
Own Software
WINTRUST.DLL
![Page 45: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/45.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 45
The Vulnerability
A well known and documented Windows API verifies the signature !? Attacks:
Patching WINTRUST.DLL
Hooking function with standard tools
Overwriting functions in the dll at runtime from the patched application
![Page 46: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/46.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 46
Overwrite at runtime
...fake[0] := $31;fake[1] := $C0;fake[2] := $C3;lib := LoadLibrary('WINTRUST.DLL');p := GetProcAddress(lib, 'WinVerifyTrust');VirtualProtect(p, 3, PAGE_EXECUTE_READWRITE, old);move(fake, p^, 3);VirtualProtect(p, 3, old, old);...
![Page 47: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/47.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 47
Started Application (Patched + Code Inject)
![Page 48: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/48.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 48
Conclusion: Authenticode
Certificates provide security only if the validation occurs in a trusted environment
Authenticode = Protect the user from viruses Authenticode ≠ Protection against piracy
![Page 49: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/49.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 49
Code Signature with AxProtector
![Page 50: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/50.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 50
Protection Suite
Wibu-Systems Protection Suite
Automatic Proctection(IP Protection)
Anti-Debug Methods
UsedCodeMeter Variant
IndividualEncryption of Functions
Integrity Protection(Tamper Protection)
Authenticity of Software(Secure Loader / Authenticity)
Java SEJava EE
EmbeddedOperating System
.NETPC (Windows,Linux, OS X)
CodeMeterRuntime
CodeMeterRuntime
CodeMeterRuntime
CodeMeter Embedded
CodeMeter Embedded
IxProtector
AxProtector
AxProtector .NET
AxProtector Java
AxProtector CmE
ExProtector
![Page 51: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/51.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 51
Functions of Protection Suite
Software authenticity (Secure Load) Prevention of the execution of non-validated software
Integrity Protection (Tamper Protection) Detection of changes (in memory!) and reaction
Automatic Protection (IP Protection) Protection against reverse engineering and piracy
Anti-Debug Methods Individual Encryption of Functions
Encryption at method level
![Page 52: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/52.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 52
AxProtector
Protected ApplicationCompiled Application
Header
AxEngine(Security Engine + Public Key)
AxProtector
EncryptedCode Section
EncryptedData Section
EncryptedResource Section
Header
Data Section
Resource Section
Code Section
Signature
Private KeyPublic Key
![Page 53: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/53.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 53
Self-Check
Executable
Signature
Check Signature
(Hash, Public Key, Signature)
Calculate Hash of the Executable
Error
Yes
No
AxEngine(Security Engine + Public Key)
![Page 54: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/54.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 54
Check of another Module
Executable Dynamic Link Library
AxEngine(Security Engine + Public Key)
Signature
AxEngine(Security Engine + Public Key)
Signature
exe - exe
exe - dll
dll - dll
dll - exe
![Page 55: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/55.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 55
AxProtector
[WIBU-SYSTEMS Control File]...
[Commandline]...-cav...
[CheckCodeIntegrity Dlls]Image1 = ShowHex.dll...
Check of other
modules
SelfCheck
![Page 56: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/56.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 56
ExProtector
ExProtector = Protection of executable files on embedded operating systems
Integration of the "AxEngine" as ExEngine in the loader of the operating system / boot loader
Use of signatures and certificates Rights Management: Who can sign the applications?
![Page 57: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/57.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 57
Usage of certificates within CodeMeter
![Page 58: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/58.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 58
Secure Firmware Update
There is a Wibu root certificate There are production certificates, derived from the root certificate Each CmDongle gets the public root key during production Firmware update is signed with a production certificate Old firmware checks the update (signature and certificate) before it applies
the new firmware into the CmDongle
![Page 59: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/59.jpg)
03.05.2023 Certificates for authenticity, authentification or both? 59
CodeMeter Universal Firm Code
Licenses are signed by the vendor Licenses consist of a certificate and an encrypted part The license certificate can contain an authorization for license transfer In case of transfer, the original certificate is sent through and a new
certificate of the issuing CmContainer is generated With CodeMeter, everything is done transparently in the background
![Page 60: Certificates for Authenticity, Authentification or both](https://reader036.vdocuments.net/reader036/viewer/2022062503/58727ba81a28abc7068b54bf/html5/thumbnails/60.jpg)
Deutschland: +49-721-931720
USA: +1-425-7756900
China: +86-21-55661790
http://www.wibu.com
Germany: +49-721-931720
USA: +1-425-7756900
China: +86-21-55661790
http://www.wibu.com
03.05.2023 Certificates for authenticity, authentification or both? 60
Thank you for your attentionVielen Dank für Ihre Aufmerksamkeit