Cryptography in mgpy is not a marketing add-on. Signed offline activation, secret handling and supply-chain protection require modern primitives and clear key flows.
Key points
- CLI: On Windows the examples use the recommended
py -3.12 -m <module> ...form (for examplepy -3.12 -m manifestguard ...). On Linux/macOS this usually maps topython3.12 -m .... - MD5, SHA1 and hand-rolled encryption paths should not appear in new solutions.
- Signatures, tokens and key material must be handled separately from debug and test artifacts.
- Crypto decisions should be documented and re-checked against operational reality regularly.
Recommended mgpy workflow
- Inventory old hashing and signing paths and replace them in prioritized steps.
- Include keys and activation files in the security and release checks.
- Do not silently tolerate insecure legacy paths; remove them through explicit migration decisions.
Quick start
invoke security-scan
py -3.12 -m manifestguard license device-hash
py -3.12 -m manifestguard license status