CodeMeter is a very powerful software security device that comes in several form factors, the most commonly delivered being USB. The "dongles" use AES and a very secure chip that is capable of utilizing variable modes of encryption for added security. Most often associated with software protection, CodeMeter is also a product that can be purchased to take advantage of purchasing licenses software over the internet. Programs encrypted with CodeMeter (or to be more accurate, a utility called "AxProtector") cannot be cracked. CodeMeter sticks themselves can be set to shut down when hack attempts are detected.

The latter issue should be well noted. Though Blackbird itself is never encrypted, it can use the CodeMeter runtime via the API to encrypt and decrypt messages through the device itself. It should also be noted that CodeMeter is an expanding product, and the full capabilities of this technology are not yet fully exploited by Blackbird. This will change over time.

If you are using software that is protected by CodeMeter, chances are that you have a CodeMeter device, or "CodeMeter Stick" if it's a USB device. You can use the existing license entries in the CodeMeter stick to encrypt and decrypt messages. Note that if you are not a licensor of CodeMeter-encrypted products, you cannot create a fully secure license. Only licensors having a special device called a "Firm Security Box" (FSB) can create licenses in a CodeMeter device. Therefore if using an existing license that is used to decrypt protected software that is widely distributed, anyone with that license entry will be able to decrypt that message. This is not considered poor security, just a feature of CodeMeter (future development will get around this, however). Licensors can specifically tailor a license entry in a CodeMeter stick if they want to. What use is it then? Well some software publishers might want to have messages online that only their licenses users can see. Some organizations might use CodeMeter solely for the encryption of their intellectual property and are using CodeMeter to that end, including Blackbird of a similar program.

If you, as a simple end user want to use CodeMeter to protect information with Blackbird, you have two options: 1. Become a licensor and get an FSB to create your own licenses in the CodeMeter sticks of others who you want to decrypt the data and make their own using the same license (that you can decrypt) or 2. Use the "public" license entry. The first option is well covered and there exists an entire infrastructure of software and technical support for those who become licensors or publishers using CodeMeter.

For the second case, if you have a CodeMeter stick that you purchased personally for downloading protected software and you don't want to use the existing licenses, you can create a "public" license entry by using Firm Code 0. Every CodeMeter License Entry is configured as such: a Firm Code and a Product Code seperated by a ":". The Firm Code belongs to the publisher or licensor, and the Product Code is whatever they assign when they create a license. So the Acme company might have a Firm Code of 1234 and if they protect some software with their FSB, they might assign a Product Code of 5678. The license entry in the CodeMeter stick needed to decrypt their software (or messages) would look like 1234:5678.

If you are already using a CodeMeter stick, then it's a good chance you already have the CodeMeter runtime installed on your PC. Normally (though not always the case) to use a CodeMeter stick there is a runtime installed that the protected program uses to communicate with the CodeMeter stick when it's time to decrypt and decrypt data and code. If you have a CodeMeter stick but no runtime, you can freely download the runtime at the WIBU SYSTEMS website. Make sure you choose the right runtime for your system.

Now suppose you have the CodeMeter stick and a working runtime and you don't want to use an existing license entry. First make sure there is an existing CodeMeter runtime installed. You should see a tray icon on the lower right (it's this way mainly for Windows and Linux. Look for CodeMeter in Apps for MacX systems). Click on that tray icon. You should see this.

Of course every CodeMeter stick has it's own Serial Number, and there are different types, some have memory and act as a storage drive, others don't (the latter are "bulk" CodeMeter sticks not intended to be sold to individuals but issued with protected software by publishers). If the CodeMeter stick is plugged in and there is no information on it appearing, there could be something wrong. As an end user of CodeMeter, you can get free tech support. Tech support can be reached via email in the USA and Europe. In the USA you can also call 1-800-6-GO-WIBU ext.31.

If you click on the WebAdmin in the lower left of the CodeMeter Control Center, a web browser is called up that interfaces with the Web-based adminstration of the CodeMeter runtime. Be advised that only in certain cases should you mess around with the settings in WebAdmin!

It is possible to program a CodeMeter stick without an FSB, yet there are drawbacks. You do not have a Firm Code, and must use 0, and you must use a Product Code greater than 1000. (The first 1000 are reserved). The problem with this is that anyone can create a matching license entry. Future versions of Blackbird will have improvements to this to make non-Firm Item licenses more secure. Check back here or keep checking the news page of this website for that update. Currently, a CodeMeter Software Developers Kit is still needed to program a user license entry and the SDK is only available for licensors and publishers, but there is also an upcoming tool for Blackbird users to get around this issue.

Now let's get down to how to use it. For this demonstration, we can presume a CodeMeter stick has a License Entry of "10:777" in it. Firm Code 10 is a common test Firm Code used by those who are running tests with the SDK. Here is what that license entry looks like in the Content->Licenses section in WebAdmin:

Assuming there is a browser already for a web page having use of the Blackbird Applet, you can right-click the applet to bring up the menu:

If you do not see that menu option, it means there is no CodeMeter runtime installed OR you don't have your CodeMeter stick plugged in. One way to check this is to look at the Java Console. This console is showing a CodeMeter Runtime in place (as the version numbner of it is given) but there is no indication of a CodeMeter stick.

So assuming that all is well at this point, selecting the "Use CodeMeter" menu item will cause a window to appear that allows you to encrypt text with the CodeMeter Stick. You enter the desired Firm Code and Product Code in the desired fields, and put your plain text in the upper text area box, and when you have those three fields entered, press the button labeled "Generate Encryption Entry".

This is an updated panel from the original CodeMeter implementation of Blackbird. Previously there was no identifier and initialization vector. What is an initialization vector? The Initialization Vector is a typical fixture of an encryption mode called "Cypher Block Chaining". In this mode, each block of text affected by the previous block of cypher text bytes with logic operations. However with what do we do that to the first block to be encrypted? This is what the Initialization Vector is used for, the logic operation on the first block of text. Of course the CodeMeter encryption operation will work without setting the vector, in that case it is all 0. However such an encrypted entry will be decrypted by any CodeMeter stick having the same license entry that encrypted it. The use of an initialization vector is almost like a password in that it propagates through the entire encryption and decryption cycle, so that the vector values, of which there are 16 bytes (the panel will pad the vector if it fall short of that), must be the same for both encryption and decryption.

The initialization vector is somewhat like a password and can be used as such, but the heart of the security relies on the key derived from the License Entry in the CodeMeter stick. The identifier is another layer of customization. Each identifier, which can be anything such as a persons name or an organization label, gets an initialization vector attached to it.

Notice the entry of identifier and vector values (max 16 alphanumeric characters) in addition to the CodeMeter License Entry.

While the source of the HTML page will look like this and the identifier becomes part of the entry it is important not to forget what the initialization vector was. Indeed it acts very much like a password and if you are trying to keep information away from holders of other matching licenses (such as if you were playing a game encrypted by CodeMeter and did not want rival teams to see what you and your teammates are planning on an online forum) then use the same rules for your vector as you would for passwords.

Normally the encrypted entry is to find its way into a web page through a form perhaps. Without information regarding known identifiers and their vectors, the entry will not be decrypted on page load.

What the CodeMeter encryption system needs is the identifier and related vector. To enter this data, right-click the applet and select the "Enter Initialization Vector" menu item.

This calls up the panel for entering the identifier and vector values:

Hitting return with focus in the vector entry will initiate assignement of these values in the applet, and then trigger the decryption subroutines. Note that if your vector is wrong, the decryption will be incorrect. If the CodeMeter stick does not have the License Entry that the encryption entry of the web page calls for, the output will show an Error 200. Otherwise the decryption will be a success as seen here:

And that is how you use CodeMeter in Blackbird. CodeMeter is an ever expanding product, with new features and abilities added with newer versions. The full power of this system is yet to be utilized.