Modern License Key Verification Design: Transition RSA‑512 ==> Ed25519

[RealRaven2000]

Modern License Verification: RSA → Ed25519 Migration

Background:
Current licenses: <product>-<email>:<expiry>;<RSA_encrypted_blob>

• Verified by decrypting the encrypted part and comparing to the readable payload.
• Checks expiry and Thunderbird identity.
• Problem: RSA‑512 is insecure; private key can be derived → old licenses are forgeable.

Proposed Solution:

• Switch to Ed25519 signatures.
• Keep payload format unchanged (<product>-<email>:<expiry>;<signature>).
• Verification steps:
  1. Split at ;
  2. Verify signature over the readable part
  3. Check expiry and email

Migration Strategy:

1. Dual verification: Ed25519 preferred, fallback to RSA‑512 for legacy licenses.
2. Issue new licenses with Ed25519 only.
3. Gradually phase out RSA‑512 by prompting users to exchange old keys.

Local License Generator Requirements:

• Standalone script for generating licenses locally.
• Fast enough for Fastspring’s execution limits (<10s).
• Uses Ed25519 signing for deterministic, secure output.
• No external dependencies.

Add-on Integration:

• New ed25519.mjs.js module handles verification.
• Licenser.mjs.js updated to use Ed25519 while keeping RSA fallback temporarily.
• Fully open-source; only the public key is shipped.

Benefits:

• Secure, modern cryptography.
• Short, fixed-size signatures (~88 chars Base64).
• Backwards-compatible migration.
• Fast local generation, minimal impact on existing workflow.

[RealRaven2000]

Boilerplate code:

1. Local license generator (make-ed25519-license.js)

import fs from 'fs';
import { generateKeyPairSync, sign } from 'crypto';

// Load or generate keys
const keyFile = './ed25519-keys.json';
let keys;

if (fs.existsSync(keyFile)) {
  keys = JSON.parse(fs.readFileSync(keyFile, 'utf-8'));
} else {
  const { publicKey, privateKey } = generateKeyPairSync('ed25519');
  keys = {
    publicKey: publicKey.export({ type: 'spki', format: 'der' }).toString('base64'),
    privateKey: privateKey.export({ type: 'pkcs8', format: 'der' }).toString('base64')
  };
  fs.writeFileSync(keyFile, JSON.stringify(keys, null, 2));
  console.log('Generated new keypair.');
}

// Helper to sign license payload
function signLicense(payload) {
  const privateKey = cryptoKeyFromBase64(keys.privateKey, 'pkcs8');
  const sig = sign(null, Buffer.from(payload), privateKey);
  return sig.toString('base64url');
}

// Convert base64 DER string to Node Crypto KeyObject
function cryptoKeyFromBase64(base64, type) {
  const der = Buffer.from(base64, 'base64');
  return crypto.createPrivateKey({ key: der, format: 'der', type });
}

// Example usage
const licensePayload = 'QI-thunderbirddaily67@gmail.com:2026-10-30';
const signature = signLicense(licensePayload);

console.log(`${licensePayload};${signature}`);

Notes:

• Stores a persistent keypair in ed25519-keys.json.
• Fast enough for Fastspring (<1ms signing).
• Produces license strings in your existing format.

2. Verification module for add-ons (ed25519.mjs.js)

// In the add-on
export async function verify(licensePayload, signatureBase64, publicKeyBase64) {
  const sig = Uint8Array.from(atob(signatureBase64), c => c.charCodeAt(0));
  const pubKeyBytes = Uint8Array.from(atob(publicKeyBase64), c => c.charCodeAt(0));

  const key = await crypto.subtle.importKey(
    "spki",
    pubKeyBytes,
    { name: "Ed25519", namedCurve: "Ed25519" },
    true,
    ["verify"]
  );

  const encoder = new TextEncoder();
  return crypto.subtle.verify("Ed25519", key, sig, encoder.encode(licensePayload));
}

[RealRaven2000]

Fastspring Deployment & Backwards Compatibility Strategy

Deployment of Ed25519 License Script:

• The signing script runs locally in Node.js on trusted machines for manual license issuance (e.g., domain keys).
• For automatic Fastspring license delivery, we plan to use a pre-compiled, minimal Ed25519 signing script:
  • Pure JavaScript using standard libraries only
  • Small footprint (<8 KB)
  • Fast execution (<10 seconds) to meet Fastspring’s script runtime limits
• Fastspring does not execute Node.js; it only executes the compiled JS snippet to generate license strings on-demand.

Backward Compatibility Considerations:

• New licenses use Ed25519 signatures; old licenses remain RSA-signed until phased out.
• The Add-on detects the license format:
  • RSA → use existing RSA verification logic
  • Ed25519 → use new WebCrypto verifier
• This ensures users with older Add-on versions can still validate their old licenses.

Support Notes & Renewal Logic:

• Human-readable expiry remains part of the payload for renewal pricing.
• Add-on rejects any tampered licenses (changed email or expiry) automatically.