Hive Authentication Services - Microsoft .NET apps integration

avatar

More and more applications integrate HiveAuth as an authentication method.

The major advantage of this integration is that it makes your application usable by all users with a Hive account, both on desktop and mobile.

In addition, HiveAuth avoids users having to provide their private key, which reinforces the feeling of trust in your application.

Using HiveAuth with Microsoft .NET

Several users have contacted me for advice on integrating HiveAuth into their applications developed with Microsoft.NET languages. One of them was @nathansenn. He already made the HiveAuth integration into @dbuzz but now wanted to be able to use it with Unity, a real-time 3D development platform for building 2D and 3D applications, like games and simulations, using .NET and the C# programming language.

It goes without saying that having the possibility for players to authenticate themselves in their favorite games using only their Hive username, without having to provide a password, would be a revolution in the gaming industry and a serious booster for the recognition of our platform.

Although integrating HiveAuth is really child's play thanks to its extensive technical documentation, one of the developers who contacted me encountered a major difficulty: the difference in the encryption process between certain programming languages.

Cross-development-language Encryption can be tricky

TLDR; HiveAuth relies heavily on encryption to secure its protocol. The method used to encrypt data in JavaScript (the programming language used by HiveAuth and Keychain) did not have a .NET equivalent.

To perform encryption/decryption, HiveAuth relies on the AES encryption specification and uses two functions from the CryptoJS library:

const encrypted = CryptoJS.AES.encrypt(message, password);
and
const decrypted = CryptoJS.AES.decrypt(encrypted, password);

Pretty simple, isn't it?

Not quite, because to perform encryption AES does not require a password, but an encryption key (key) AND an initialization vector (iv). You can read more about it on this page.

However, as you can see in the code above, CryptoJS does not use a key/IV pair but a simple "password". The trick is that CryptoJs derives a 32-byte long encryption key for AES-256 and a 16-byte long initialization vector (iv) from the "password", then encrypts the "Message" using this key and iv. So, technically speaking, the "password" is not really a password or encryption key but rather a seed.

And the problems arise when you realize that the .NET encryption libraries don't provide similar functionality!

So I had to dig into the articles on cryptography and the internet to learn more, understand how it works and recreate a library in C# that reproduces the behavior of the library in JavaScript.

This work will not have been useless because hardly had I finished my friend @brianoflondon contacted me, facing the same problem in his work of integrating HiveAuth into one of his projects written in Python.

.NET HiveAuth integration is (now) really easy

If you are a .NET developer, you can now use a "CryptoJS" class I created that you can easily integrate into your own projects. You can then do the following, just like JavaScript developers

string encrypted = CryptoJS.Encrypt(message, password);
and
string decrypted = CryptoJS.Decrypt(encrypted, password);

To facilitate the work of .NET developers, I provide them with an example of HiveAuth integration in a very simple C# Windows Application project.

The CryptoJS.cs class and demo project are open-source and available on Github.
The project contains a (very) simple app with just a login form:

After entering your username and clicking on the button, it will display a QR code that you can scan with Keychain Mobile

You just have to open Keychain, scan the code and approve the authentication request. Keychain will then display an approval form where you can accept or decline the authentication request:

If you approve the authentication, Keychain will confirm it and send the authentication approval to the application.

The application then receives this confirmation with a session token that will allow it to later interact with the HiveAuth node to send transaction requests.

Thanks to this concise example, it will only be easier for any .NET developer to integrate HiveAuth as an authentication method in their applications.

Source code, documentation and support

As mentioned at the beginning of the article, the source code for this sample, as well as other sample codes and libraries you can use to make your job easier, is available on Github.

The HAS documentation has been updated with references to this new example.

Finally, if you need help integrating HiveAuth into your (d)Apps, support is provided on discord


Check out my apps and services


Vote for me as a witness



0
0
0.000
12 comments
avatar

pixresteemer_incognito_angel_mini.png
Bang, I did it again... I just rehived your post!
Week 138 of my contest just started...you can now check the winners of the previous week!
10

0
0
0.000
avatar

.NET is solved. Thank you so much. I wish I could have something handy for Dart code.
At the moment, in order to integrate HAS, I am bridging Dart <=> Javascript code.
It's working & that's what I've illustrated in my these demos

0
0
0.000
avatar

I saw your video, but I don't know enough about flutter and dart, and if it would require similar encryption/decryption tool to bypass the bridge you put in place.

0
0
0.000
avatar

Thanks for the development! A Auth. inside Unity brings a huge step forward to have a secure and smoothly way to sign in - In Games made in Unity or other Desktop-Applications!

Thanks - Great Job!

0
0
0.000
avatar

Thank you @louis88. Hopefully this encourages more developers to use our blockchain as a means of authentication.

0
0
0.000