1.2.0
Copyright © 2007, SafeNet, Inc.
All rights reserved.
All attempts have been made to make the information in this document complete and accurate. SafeNet, Inc. is
not responsible for any direct or indirect damages or loss of business resulting from inaccuracies or omissions.
The specifications contained in this document are subject to change without notice.
SafeNet, Sentinel, Sentinel V-Clock, and the Business Layer APIs are either registered trademarks or trademarks
of SafeNet, Inc. Microsoft, Windows, Windows 95, Windows 98, Windows ME, Windows NT, Windows 2000, Win
dows XP, Windows Server 2003, Windows Vista and Internet Explorer are either trademarks or registered trademarks of Microsoft Corporation in the United States and other countries. Java is a trademark of Sun
Microsystems, Inc. in the United States and other countries. Linux is a trademark of Linus Torvalds, in the United
States and other countries. Mac and the Mac logo are trademarks of Apple Computer, Inc., registered in the U.S.
and other
countries. All other trademarks are the property of their respective owners.
The Sentinel Keys SDK makes use of certain third-party software. Please refer to Acknowledgments.pdf under
the Manuals directory for details.
CONFIDENTIAL INFORMATION
The Sentinel Keys SDK is designed to protect your software applications from unauthorized use. It is in your best
interest to protect the information herein from access by unauthorized individuals.
Part Number 002266-001, Revision F
Software versions 1.2.0
-
Revision Action/Change Date
A 1.0.0 release for Windows 32-bit platforms November 2005
B 1.0.2 release for Linux platforms May 2006
C 1.0.2 release for Windows 32-bit and x64 platforms August 2006
D 1.0.2 release for Macintosh platforms September 2006
E 1.0.3 release for Windows Vista 32-bit and x64 platforms March 2007
F 1.2.0 release for Windows 32-bit and x64 platforms December 2007
ii Sentinel Hardware Keys Developer’s Guide
Certifications
European Community Directive Conformance Statement
Sentinel Hardware Keys are in conformity with the protection requirements of EC
Council Directive 89/336/EEC. Conformity is declared to the following applicable stan
dards for electro-magnetic compatibility immunity and susceptibility; CISPR22 and
IEC801. This product satisfies the CLASS B limits of EN 55022.
ISO 9001:2000 Certification
SafeNet Irvine, California, U.S.A and Rotterdam, The Netherlands facilities are
certified to the latest, globally-recognized ISO 9001:2000 standard. The
certificate number is: CERT-02982-2003-AQ-HOU-RAB Rev 3.
WEEE and RoHS Compliance
Sentinel Hardware Keys are environment-friendly and comply to Waste Electrical and Electronic Equipment (WEEE) and
Restriction of Hazardous Substances (RoHS) standards.
The WEEE symbol indicates that the electronic devices
included with this product package must not be disposed of
with other non-electrical waste. It is the responsibility of
your organization to dispose of your electronic waste by
handing it over to a designated collection point for the recy
cling of waste electrical and electronic equipment (WEEE).
-
-
Sentinel Hardware Keys Developer’s Guide iii
Mac OS X Universal Logo Compliance
The Sentinel Hardware Keys SDK is designed for the Macintosh operating
system (Mac OS X) and runs natively on both PowerPC- and Intel-based
computers from Apple.
USB 2.0 Compliance
Sentinel Hardware Keys comply to the USB 2.0 standards.
WHQL Certification
The Sentinel System Driver (for Windows) is certified by Windows Hardware Quality Lab (WHQL) for
Windows 2000, Windows XP (32-bit and x64), Win
dows Server 2003 (32-bit and x64), and Windows
Vista (32-bit and x64).
-
Ready for Red Hat Linux
The Sentinel Hardware Keys SDK is supported on Red Hat Linux.
This logo is a registered trademark of Red Hat, Inc.
iv Sentinel Hardware Keys Developer’s Guide
FCC Compliance
Sentinel Hardware Keys have passed the FCC Self-authorization process of Computers and Computer
Peripherals. FCC Part 15 Class B Specifications.
C
F
C
FCC Notice to Users
This equipment has been tested and found to comply with the limits for a class B digital device, pursuant to part
15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a
residential installation. This equipment generates, uses and can radiate radio frequency energy and if not
installed and used in accordance with the instructions, may cause harmful interference to radio communications.
However, there is no guarantee that interference will not occur in a particular installation. If this equipment
does cause harmful interference to radio or television reception, which can be determined by turning the equip
ment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
■ Reorient or relocate the receiving antenna.
■ Increase the separation between the equipment and receiver.
■ Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
■ Consult the dealer or an experienced radio/TV technician for help.
In order to maintain compliance with FCC regulations, shielded cables must be used with this equipment. Operation with non-approved equipment or unshielded cables is likely to result in interference to radio and TV
reception. The user is cautioned that changes and modifications made to the equipment without the approval
of manufacturer could void the user's authority to operate this equipment.
-
Sentinel Hardware Keys Developer’s Guide v
vi Sentinel Hardware Keys Developer’s Guide
Table Of Contents
Table Of Contents ........................................................................... vii
Preface ............................................................................................ xiii
Where to Find Information?........................................................................................xiii
Conventions Used in This Guide..................................................................................xiv
Technical Support ........................................................................................................ xv
SafeNet Sales Offices...................................................................................................xvii
Export Considerations ...............................................................................................xviii
We Welcome Your Comments ..................................................................................xviii
Part 1: Sentinel Key Basics.................................... 1
Chapter 1 – Introduction .................................................................. 3
Software Piracy Hurts Your Business.............................................................................3
Sentinel Keys Protect Against Software Piracy..............................................................4
License Models to Increase Your Revenue .....................................................................6
Sentinel Keys Offer Sophisticated Protection..................................................................7
Frequently Asked Questions.........................................................................................14
Chapter 2 – Sentinel Keys SDK Components ................................ 17
Overview ......................................................................................................................17
Sentinel System Driver .................................................................................................19
Sentinel Keys Toolkit....................................................................................................21
Command-Line Shell Utility .........................................................................................24
Sentinel Hardware Keys Developer’s Guide vii
Contents
Key Programming APIs............................................................................................... 24
Developer Key.............................................................................................................. 25
Compiler Interfaces ..................................................................................................... 27
License Manager (Stand-alone)................................................................................... 28
Distributor Key ............................................................................................................ 29
Sentinel Keys ............................................................................................................... 29
Sentinel Keys Server.................................................................................................... 33
Sentinel Keys License Monitor..................................................................................... 35
Sentinel Protection Installer........................................................................................ 37
Configuration Files ...................................................................................................... 38
Remote Update Options............................................................................................... 38
Frequently Asked Questions........................................................................................ 38
Chapter 3 – Planning Application Protection and
Licensing Strategy......................................................................... 41
About Features, Templates, and Groups ..................................................................... 41
Planning Application Protection and Licensing Strategy........................................... 50
Frequently Asked Questions........................................................................................ 58
Part 2: Designing and
Implementing Protection ................................. 63
Chapter 4 – Protecting Applications Using Shell .......................... 65
Add Shell Feature Dialog Box...................................................................................... 66
Adding Files................................................................................................................. 66
Providing Licensing Settings....................................................................................... 67
Providing Networking Settings ................................................................................... 69
Providing Security Settings......................................................................................... 71
Customizing Error Messages........................................................................................ 73
Customizing Shell Error Message Title ........................................................................ 73
Changing File Encryption Settings.............................................................................. 74
Applying Shell Protection............................................................................................ 76
Shell Protection Using the Command-Line Utility....................................................... 78
What’s Next? ............................................................................................................... 81
viii Sentinel Hardware Keys Developer’s Guide
Contents
Frequently Asked Questions.........................................................................................83
Chapter 5 – Protecting Applications Using API............................. 91
Steps to Protect Applications Using API.......................................................................91
Adding API Features ....................................................................................................95
What’s Next? ............................................................................................................. 114
Frequently Asked Questions...................................................................................... 116
Chapter 6 – Secure Remote Updates............................................ 119
Secure Remote Update .............................................................................................. 119
Secure Remote Feature/License Update .................................................................... 120
Secure Remote New License Addition....................................................................... 127
Remote Update Codes................................................................................................ 131
Remote Update Methods............................................................................................ 132
About Remote Update Actions.................................................................................. 136
Generating Update Codes .......................................................................................... 140
Frequently Asked Questions...................................................................................... 142
Chapter 7 – Implementing Secure Licensing............................... 145
Vulnerability Assessment - Basic Types of Attacks ................................................... 146
Tips and Tricks .......................................................................................................... 149
Frequently Asked Questions...................................................................................... 159
Part 3: Grouping Licenses and
Programming Hardware Keys ......................... 161
Chapter 8 – License Grouping ...................................................... 163
Why Create Groups?.................................................................................................. 163
Creating New Groups ................................................................................................ 165
Loading Groups ......................................................................................................... 166
Duplicating Groups ................................................................................................... 166
Removing Groups...................................................................................................... 167
Sending Group Files to Distributors........................................................................... 167
Sentinel Hardware Keys Developer’s Guide ix
Contents
Viewing Group Layouts.............................................................................................168
Modifying Default Feature Instances.........................................................................169
Creating New Feature Instances ............................................................................... 169
Add Templates to Groups .......................................................................................... 170
Remove Templates From Groups .............................................................................. 170
Export-File Manager..................................................................................................171
Locking/Unlocking Groups .......................................................................................172
Frequently Asked Questions......................................................................................173
Chapter 9 – Programming Sentinel Hardware Keys................... 179
Programming Sentinel Keys using Sentinel Keys Toolkit .........................................179
Programming Sentinel Keys using the Key Programming APIs............................... 184
Frequently Asked Questions......................................................................................188
Part 4: Distributing Protected Applications .... 195
Chapter 10 – Redistributables for Customers and Distributors 197
Checklist for Customers And Distributors ................................................................. 197
Deploying Sentinel System Driver ............................................................................. 199
Deploying Sentinel Keys Server................................................................................. 201
Deploying (Client) Configuration File........................................................................ 201
Deploying Secure Update Utility................................................................................ 202
Deploying Secure Update Wizard (Windows Only)...................................................204
Deploying Sentinel Data Protection Driver (Windows Only) .................................... 209
Deploying Stand-alone License Manager.................................................................. 211
Deploying System Administrator’s Help.................................................................... 213
Frequently Asked Questions......................................................................................214
Appendix A – Troubleshooting .................................................... 219
Problems and Solutions............................................................................................. 219
x Sentinel Hardware Keys Developer’s Guide
Contents
Appendix B – Glossary .................................................................. 235
A................................................................................................................................ 235
B ................................................................................................................................ 236
C ................................................................................................................................ 237
D ................................................................................................................................ 238
E................................................................................................................................. 239
F................................................................................................................................. 241
G ................................................................................................................................ 242
H................................................................................................................................ 243
K ................................................................................................................................ 244
L................................................................................................................................. 244
M ............................................................................................................................... 246
N................................................................................................................................ 246
P ................................................................................................................................ 246
Q ................................................................................................................................ 247
R ................................................................................................................................ 247
S................................................................................................................................. 248
U ................................................................................................................................ 252
W............................................................................................................................... 253
Appendix C – Sentinel Keys Hardware Specifications ............... 255
Appendix D – Migration from SuperPro and UltraPro ............... 257
Stage 1 - Distribute Sentinel Dual Hardware Keys.................................................... 257
Stage 2 - Design New Protection Strategy................................................................. 259
Index .............................................................................................. 261
Sentinel Hardware Keys Developer’s Guide xi
Contents
xii Sentinel Hardware Keys Developer’s Guide
Preface
Thank you for choosing Sentinel Hardware Keys—the state-of-the-art USB
tokens with advanced cryptographic capabilities. Using Sentinel Keys, you
can:
■ Protect your intellectual property from piracy.
■ Implement different license models for different customers.
■ Secure your product revenue.
Where to Find Information?
The Sentinel Keys SDK documentation is for the following users:
You Could Be a... Recommended
Manager or New User
You want to understand the product
installation, features and benefits
Application Programmer
You want to plan, design, and implement the
application protection.
References
❑ Release notes
❑ Part I of this guide
❑ Sentinel Keys Toolkit Help
❑ Part I and Part II of this
guide
❑ Business Layer API Help
Sentinel Key Programmer
You want to program Sentinel Keys for your
customers.
Sentinel Hardware Keys Developer’s Guide xiii
❑ Sentinel Keys Toolkit Help
❑ Part III of this guide
Conventions Used in This Guide
You Could Be a... Recommended
Builder
You want to prepare the protected application
for release, including deploying the
redistributables.
References
❑ Part IV of the guide
❑ Sentinel Protection
Installer Help (for
Windows only)
Sales Distributors
You want to program Sentinel Keys for your
customers.
Customers and Helpdesk
For users who want to learn how to use the
hardware key and the redistributables, like the
Sentinel System Driver, Sentinel Keys Server,
configuration file.
Conventions Used in This Guide
Please note the following conventions used in this guide:
Convention Meaning
Courier Denotes syntax, prompts and code examples. Bold Courier
type represents characters that you type; for example:
logon.
Bold Lettering Words in boldface type represent keystrokes, menu items,
window names or fields.
Italic Lettering Words in italic type represent file names and directory
names; it is also used for emphasis.
Denotes a warning. This icon flags any potential pitfalls
that we think that you may need to be careful of.
❑ Help included with the
License Manager application
❑ System Administrator’s
Help
❑ FAQs included in the Sen-
tinel Keys Toolkit Help
<OS drive> The root drive on your system where your operating
system is installed.
xiv Sentinel Hardware Keys Developer’s Guide
Technical Support
Convention Meaning
<installdir> The path where the software, in context, is installed.
For example, the default <installdir> for Sentinel Keys SDK
is as follows:
❑ On Windows 32-bit: <OS Drive>:\Program Files\SafeNet
Sentinel\Sentinel Keys\<version>
❑ On Windows x64: <OS Drive>:\Program
Files(x86)\SafeNet Sentinel\Sentinel Keys\<version>
❑ On Linux: /opt/safenet_sentinel/sentinel_keys/
<version>
❑ On Macintosh: /Applications/safenet_sentinel/
sentinel_keys/<version>
<Personal folder> The default path for the Personal folder on Windows
2000/XP (32-bit and x64)/Server 2003 (32-bit and x64)
systems is: <OS Drive>:\Documents and Settings\user
name.
The default path for the Personal folder on Windows Vista
(32-bit and x64) systems is: <OS Drive>:\Users\user name.
<Home Directory> Refers to the default user's directory on Linux and
Macintosh.
Technical Support
If you have questions, need additional assistance, or encounter a problem,
please contact Technical Support using the information given below:
Technical Support Contact Information
Customer Connection Center (C3)
http://c3.safenet-inc.com
Online support system to get quick answers for your queries. It also provides you
direct access to SafeNet knowledge base.
Sentinel Integration Center (C3)
http://www.safenet-inc.com/support/ic/iclogin.asp
Provides the information you need to successfully integrate Sentinel products
with your solutions.
Sentinel Hardware Keys Developer’s Guide xv
Technical Support
Technical Support Contact Information (Continued)
Americas
Internet http://www.safenet-inc.com/support/index.asp
E-mail support@safenet-inc.com
United States
Telephone (800) 545-6608, (410) 931-7520
Europe
E-mail support@safenet-inc.com
France
Telephone 0825 341000
Germany
Telephone 01803 7246269
United Kingdom
Telephone +44 (0) 1276 608000, +1 410 931-7520 (Intl)
Pacific Rim
E-mail support@safenet-inc.com
Australia and New Zealand
Telephone +1 410 931-7520 (Intl)
China
Telephone (86) 10 8851 9191
India
Telephone +1 410 931-7520 (Intl)
Taiwan and Southeast Asia
Telephone (886) 2 27353736, +1 410 931-7520 (Intl)
xvi Sentinel Hardware Keys Developer’s Guide
SafeNet Sales Offices
For more information about SafeNet products and offerings, contact the
sales offices located in the following countries:
SafeNet Sales Offices
Australia
+61 3 9882 8322
Finland
+358 20 500 7800
Hong Kong
+852 3157 7111
Korea
+82 31 705 8212
Singapore
+65 6297 6196
U.S. (Massachusetts)
+1 978.539.4800
U.S. (Irvine, California)
+1 949.450.7300
Brazil
+55 11 6121 6455
France
+33 1 41 43 29 00
India
+91-11-32980377 / 30980641
Mexico
+52 55 5575 1441
Tai wan
886-2-27353736
U.S. (New Jersey)
+1 201.333.3400
U.S. (San Jose, California)
+ (408) 452 7651
China
+86 10 88519191
Germany
+49 1803 7246269
Japan (Tokyo)
+ 81 45 6405733
Netherlands
+31 73 658 1900
UK (Camberley)
+44 0 1276 608000
U.S. (Virginia)
+1 703.279.4500
U.S. (Torrance, California)
+1 310.533.8100
Tip: Please visit http://www.safenet-inc.com/support/index.asp for the most up-
to-date information about Sentinel Keys, downloads, FAQs, and technical
notes.
Sentinel Hardware Keys Developer’s Guide xvii
We Welcome Your Comments
Export Considerations
We offer products that are based on encryption technology. The Bureau of
Industry and Security (BIS) in the U.S. Department of Commerce adminis
ters the export controls on our commercial encryption products.
Rules governing exports of encryption can be found in the Export Administration Regulations (EAR), 15 CFR Parts 730-774, which implements the
Export Administration Act (“EAA” 50 U.S.C. App. 2401 et seq.).
An Important Note
BIS requires that each entity exporting products be familiar with and comply with their obligations described in the Export Administration
Regulations. Please note that the regulations are subject to change. We rec
ommend that you obtain your own legal advice when attempting to export
any product that uses encryption. In addition, some countries may restrict
certain levels of encryption imported into their country. We recommend
consulting legal counsel in the appropriate country or the applicable gov
ernmental agencies in the particular country.
-
-
-
We Welcome Your Comments
To help us improve future versions of the documentation, we want to know
about any corrections, clarifications or further information you would find
useful. When you contact us, please include the following information:
■ The title and version of the guide you are referring to.
■ The version of the software you are using.
■ Your name, company name, job title, phone number, and e-mail
address.
Send us e-mail at: techsupport@safenet-inc.com
xviii Sentinel Hardware Keys Developer’s Guide
Part 1
Sentinel Key Basics
❑ Software piracy problem and its solution
❑ Sentinel Keys SDK components
❑ Planning application protection and licensing
strategy
Chapter 1
Introduction
In this chapter we will assess how software piracy threatens your profits and
understand how Sentinel Hardware Keys (also referred as “Sentinel Keys”)
can curb widespread piracy and add value to your software distribution.
Software Piracy Hurts Your Business
Software piracy hurts the bottom-line of your business. Every year a huge
share of revenue is lost due to piracy—affecting your profits and subse
quently the product research and development prospects.
Software piracy can occur in many forms, varying from malicious counterfeiting to unintended violations of the license agreement by users who may
be unaware they are doing so (for example, more than permissible number
of users using the application concurrently, unreported installations, and
exchange of software disks among peers).
-
Software licensing not only effectively secures against piracy but can also
enhances product versatility with flexible licensing models. You can use
new avenues to distribute your applications and ultimately improve your
return-on-investment. Moreover, software protection must be simple to
implement, so that your schedules are not burdened with lengthy training
and licensing implementation. Read on to know how Sentinel Keys can do
all this and much more!
Sentinel Hardware Keys Developer’s Guide 3
Chapter 1 – Introduction
Sentinel Keys Protect Against Software Piracy
Sentinel Keys provide hardware token-based licensing to your software
application(s). These also provide better market penetration through easyto-implement licensing models, such as demos, lease, and network licenses.
This section briefly explains the process of protecting your application and
describes how the protected application will behave when your customers
run it.
In order to protect your application, you first need to design the protection
strategy in the Sentinel Keys Toolkit (referred as Toolkit hereafter). The
Toolkit is the main application using, which you will do everything from
preparing a protection strategy to programming hardware keys.
Note: You may also program your Sentinel Keys using the Key Programming APIs.
Please refer to the section
gramming APIs” .
The Toolkit provides two basic methods to protect your applications:
“Programming Sentinel Keys using the Key Pro-
■ Shell Protection: The method in which protective wrappers are put
1
around the application
quickly and easily. For more details, see
Chapter 4, “Protecting Applications Using Shell,” on page 65.
■ API Protection: The method in which you insert the Business Layer
API functions into your application's source code. For more details,
see
Chapter 5, “Protecting Applications Using API,” on page 91.
Whatever method you choose, the outcome will be a protected application,
different from the original application. The protected application is depen
dent on the Sentinel Key for execution. It will check for the presence of the
Sentinel Key in order to run successfully. If the operation is successful, the
application is allowed to run. If it fails, such as when the correct Sentinel
Key is not attached or has been tampered with, access to the application is
denied. Since the application can be programmed to check for the Sentinel
1. Available only on Windows and can be used for protecting Windows 32-bit and 64-bit executables and DLLs.
4 Sentinel Hardware Keys Developer’s Guide
Sentinel Keys Protect Against Software Piracy
Key periodically, it is impossible to remove it while the application is running. As a result, the protected application is allowed to run only when the
stipulated licensing conditions are met. For example, the users may be able
to freely copy your application, but will not be able to execute it beyond the
number of users allowed.
You can see the diagram below to understand the typical behavior on the
customer site when the correct Sentinel Key is attached or not.
Note: The Secure Communication Tunnel (term used in the diagram below) is
explained on page 15.
Licensing Behavior on Application Run-time
Sentinel Hardware Keys Developer’s Guide 5
Chapter 1 – Introduction
License Models to Increase Your Revenue
Sentinel Keys provide the most advanced hardware-based protection
against software piracy. For software vendors and developers, it opens a new
world of opportunities by preventing illegal copying and distribution of their
proprietary applications. It also provides better market penetration by
increasing the product usage/trial rate among the potential customers. A
few examples are described below. Using Sentinel Keys, you can:
■ Lease the protected application for certain period. Later, your
customers may want to extend the lease or convert it to a perpetual
license.
To lease your applications, you can choose from RTC-based Sentinel
TM
Keys or non-RTC tokens with Sentinel V-Clock
RTC-based Sentinel Keys contain an internal real-time clock to track
the exact date and time of the leased applications. The real clock keeps
track of time independent of the system clock—providing the best
solution against time tampering attacks.
.
The non-RTC tokens with Sentinel V-Clock also allow reliable and
secure distribution of time-limited applications. These do not require
an on-board battery to detect time tampering.
■ Sell demo versions of the protected application. These can be
upgraded to full-versions whenever desired.
■ Provide stand-alone and network
2
licenses for individual customers
and enterprise-level set-ups.
■ Protect multiple applications with a single Sentinel Key.
■ Activate and renew applications/features, increase lease/demo limits,
add new licenses and convert to full versions remotely (such as, using
an e-mail).
2. Also known as concurrent or floating licenses.
6 Sentinel Hardware Keys Developer’s Guide
Sentinel Keys Offer Sophisticated Protection
Sentinel Keys Offer Sophisticated Protection
This section provides a summary of the main features of Sentinel Keys SDK,
which make it the most reliable and chosen solution to protect your intellec
tual property and copyrights.
Hardware Key with Cutting-edge Security Technology
Sentinel Keys use the cutting-edge technology for superior security. Here are
the major highlights of the hardware key:
■ Contains the ECC algorithm for digital signing and verification,
providing data authentication, confidentiality, integrity, and nonrepudiation.
■ Contains the 128-bit AES algorithm for block encryption/decryption
and query-response protection.
■ Provides secure communication using the Secure Communication
Tunnel. The tunnel is an end-to-end secured session between the client
and the Sentinel Key. The communication packets are encrypted
using the AES algorithm, for which the session key is generated using
ECC-based key exchange (ECKAS-DH1).
-
■ Allows random generation of ECC and AES keys. Unlimited number of
keys can be generated.
■ Uses chip-on-board (COB) technology for better performance, high
reliability, and greater protection against reverse engineering.
■ Uses mirroring and self-correction for higher reliability against
memory corruption.
■ Has the in-built capability to write-once in the field. It means that
ignoring the access rights, the data can be modified at run-time only
once. Hence, it prevents unauthorized revisions of the data contained
in the Sentinel Key.
■ Supports universal binaries for compatibility with PowerPC and Intel-
based Macintosh systems.
Sentinel Hardware Keys Developer’s Guide 7
Chapter 1 – Introduction
End-to-End Secure Communication Tunnel
■ USB 2.0 compliant, full-speed for bulk transfer.
■ 16-bit RISC MCU for high performance.
■ WHQL certified Sentinel System Driver for Windows 2000, XP (32-bit
and x64), and Server 2003 (32-bit and x64) compatibility.
Role-enforcement Using Hardware Keys
The Toolkit application is used to prepare important and confidential license
policies. Hence, it is important to restrict the unauthorized access to the
Toolkit. To control this, you are provided with a developer key, a hardware
key to authenticate developers. Other users, who do not have the developer
key, might be able to access the Toolkit, but will not be able to do any produc
tive tasks (such as, prototyping the protection strategies). Also, once you
have programmed Sentinel Keys for your customers, other developers can
not program or update them using their developer keys.
8 Sentinel Hardware Keys Developer’s Guide
-
-
Sentinel Keys Offer Sophisticated Protection
Similarly, your sales distributors require a distributor key (the hardware key
you specifically program for each distributor) to program Sentinel Keys for
your customers
Innovative Licensing Models for Market Penetration
Sentinel Keys not only secure unauthorized usage of your software, but also
provide options to package your software differently to suit different price or
feature categories. Using Sentinel Keys, you can:
■ Easily create demos, time-limited, and executions-limited software
packages.
■ Distribute stand-alone licenses, typically used by home users and
individuals.
■ Distribute floating licenses, typically used in enterprises.
■ Lease your software for certain time periods.
■ Allow license sharing for each seat
■ Allow terminal clients.
3
user.
Robust Protection Options
The Sentinel Keys SDK provides robust methods to protect applications. It
has options to quickly protect your applications (using the Shell and Quick
Shell) and ways to implement intensive and controlled protection strategies
(using API protection). Here are the quick highlights of these methods:
■ The Shell
executables and DLLs. It is capable of protecting against debugging,
disassembling, reverse-engineering, and memory dumping attacks.
The Quick Shell is a variant of the Shell and offers basic protection. It
3.A seat represents a user name and MAC address combination.
4.An automatic method of protecting Windows executables and DLLs. It does not require
source code of your application.
Sentinel Hardware Keys Developer’s Guide 9
4
provides automatic and faster protection for Windows
Chapter 1 – Introduction
is typically used for getting started with the Toolkit and protecting
applications.
Note: The Shell and Quick Shell options are available only on Windows and can
be used for protecting Windows 32-bit and 64-bit executables and DLLs.
❑ Sentinel Keys Command-Line Shelling - Shell protection using
■ Under the API protection, you call the Business Layer API functions
into your application source code. These functions let you implement
both basic and advanced protection, There are functions for
encrypting\decrypting data using 128-bit AES, digitally
signing\verifying data using ECC, reading and writing data into the
key memory (such as, integers, Boolean, string, and raw data).
command-line options not only saves your time but also enables
you to execute Sentinel Shell protection from batch files without
going through the Sentinel Keys Toolkit screens.
The Sentinel Keys Command-Line Shell Utility is also referred to as
CMDShell.exe. The utility is a console-based program that protects
executables and DLLs using the Shell method via command-line.
For more information, please refer to the section
“Command-Line
Shell Utility” .
For a quick look at the Business Layer API functions, see the diagram
below. The Business Layer API Help contains details on using each
API function. You can launch it from the Help menu of the Toolkit,
browse in the Help directory of the compiler interfaces.
10 Sentinel Hardware Keys Developer’s Guide
Sentinel Keys Offer Sophisticated Protection
The Business Layer API Functions
Smart and Flexible (One-time) Implementations
The Toolkit5 is based on the architecture that divides the complete licensing
process as per the different roles seen in real-life. Typically, the license
designing and implementation part is done by the developers, while the
license management and hardware key programming is handled by market
ing and administration personnel, involved in license fulfillment.
5.The Toolkit is a Java application. It is used for preparing the application protection strategy
and programming hardware keys for your customers and distributors.
Sentinel Hardware Keys Developer’s Guide 11
-
Chapter 1 – Introduction
The stand-alone License Manager application is also available for your distributors using which they can program Sentinel Keys. The number of
licenses sold by them can be traced using the distributor key count. The
count can be updated remotely.
Note: If desired, your Sentinel Key vendors can program Sentinel Keys in bulk for
you. See the option described page 182.
Convenient Licensing for Your Customers
Sentinel Keys are ultimately deployed on your customer's site to allow
authorized access to your protected applications. The following features
ensure that the licensing process is enforced without being inconvenient:
■ Easy-to-carry, small, and durable tokens.
■ Hardware-based licenses unaffected by application crashes/
uninstallations.
■ Self-guided license installation/updates using the Secure Update
Wizard (for Windows only).
■ Remote license installation, addition and updates (via e-mail and file).
■ License tracking and client information using a Web browser-based
monitoring tool. The same tool provides an option to system
administrators for canceling licenses.
■ Multi-protocol support (TCP/IP, IPX, and NetBEUI for Windows and
TCP/IP for Linux and Macintosh).
■ XML-based configuration files for network application users and
Sentinel Keys Server.
Support for Different Types of Programming
Environments
Sentinel Hardware Keys offer different interfaces for programming that
enable a quick implementation of your protection strategy.
12 Sentinel Hardware Keys Developer’s Guide
Loading...