Design pattern for limiting access to a single document for free license?
-
Hello!
I have a document-based app and am trying to figure out how to securely restrict the user to creating and editing a single document. I will disable the built-in file browser, open/save as actions, and handling of QEvent.FileOpen for QApplication. The idea is for the app to simply open up the last saved state of a single document and automatically save to the document from the "Save" action.
Does anyone have any idea how to do this securely? Simply storing a default file path in the app data dir will allow the user to simply move and replace the file to edit multiple documents. I can't think of a way to encrypt the file without exposing an encryption key in the app binary. Or maybe some combination of encryption and last time stamp to invalidate a file that is swapped out? I don't know.
Thoughts? Thanks!
-Patrick
-
Hello!
I have a document-based app and am trying to figure out how to securely restrict the user to creating and editing a single document. I will disable the built-in file browser, open/save as actions, and handling of QEvent.FileOpen for QApplication. The idea is for the app to simply open up the last saved state of a single document and automatically save to the document from the "Save" action.
Does anyone have any idea how to do this securely? Simply storing a default file path in the app data dir will allow the user to simply move and replace the file to edit multiple documents. I can't think of a way to encrypt the file without exposing an encryption key in the app binary. Or maybe some combination of encryption and last time stamp to invalidate a file that is swapped out? I don't know.
Thoughts? Thanks!
-Patrick
@patrickkidd said in Design pattern for limiting access to a single document for free license?:
I can't think of a way to encrypt the file without exposing an encryption key in the app binary.
Off the top of my head, you can hash the contents (e.g.
md5) and use a random number (or something akin) to get an encryption key that'd be "unique" for the saved file. Then you can store that encryption key and use it to decrypt the file when loading. Swapping the file would produce gibberish as the key won't match. However, bear in mind any programmer with half-decent debugging skills is going to reverse engineer that in an hour or so.
