An example implementation of cryptographically validating license keys using RSA cryptography for offline licensing.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Example Cryptographic Verification

This is an example of cryptographically validating license keys using your Keygen account's public key. You can find your public key within your account's settings page.

Cryptographically validating encrypted and signed licenses can be used to implement offline licensing, as well as adding additional security to your licensing model. All that is needed to cryptographically validate a license is your account's RSA public key.

The license's policy must implement one of the following schemes:

  • RSA_2048_PKCS1_SIGN
  • RSA_2048_JWT_RS256

Running the example

First up, add an environment variable containing your public key:

# Your Keygen account's public key (make sure it is *exact* - newlines and all)
export KEYGEN_PUBLIC_KEY=$(printf %b \
  '-----BEGIN PUBLIC KEY-----\n' \
  'zdL8BgMFM7p7+FGEGuH1I0KBaMcB/RZZSUu4yTBMu0pJw2EWzr3CrOOiXQI3+6bA\n' \
  'efK41Ml6OwZB3tchqGmpuAsCEwEAaQ==\n' \
  '-----END PUBLIC KEY-----')

You can either run each line above within your terminal session before starting the app, or you can add the above contents to your ~/.bashrc file and then run source ~/.bashrc after saving the file.

Next, install dependencies with yarn:


Then run the script, passing in the key as well as the scheme:

yarn start --scheme RSA_2048_PKCS1_PSS_SIGN --key SOME_LICENSE_KEY_HERE

How a given license key is validated will depend on the scheme. Please review the code for a more thorough overview of how each scheme is validated. Be sure to copy your public key correctly - your keys will fail validation if it is copied incorrectly. You can find your public key in your account's settings.


Reach out at if you have any questions or concerns!