The dddInfraApps.pas
unit publishes the following
ECCAuthorize
function and type:
type TECCAuthorize = (eaSuccess, eaInvalidSecret, eaMissingUnlockFile, eaInvalidUnlockFile, eaInvalidJson);
function ECCAuthorize(aContent: TObject; aSecretDays: integer; const aSecretPass, aDPAPI, aDecryptSalt, aAppLockPublic64: RawUTF8; const aSearchFolder: TFileName = ''; aSecretInfo: PECCCertificateSigned = nil; aLocalFile: PFileName = nil): TECCAuthorize;
This function will use several asymmetric key sets:
- A main key set, named e.g.
applock.public
andapplock.private
, shared for all users of the system; - Several user-specific key sets, named e.g.
userhost.public
anduserhost.secret
, one for eachuser
and associated computerhost
name.
When the ECCAuthorize
function is executed, it will search for
a local userhost.unlock
file, named after the current logged user
and the computer host name. Of course, the first time the application is
launched for this user, there will be no such file. It will create two local
userhost.public
and userhost.secret
files and return
eaMissingUnlockFile
.
The main key set will be used to digitally sign the
unlock
file.
User-specific key sets will be used to encrypt the
unlock
file.
Please check for updated information in our online documentation!
Feedback is welcome in our forum, as usual.