Sentinel Hardware Keys Developer's Guide - Customer Connection ...

More documents

Recommendations

Info

Chapter 7 – Implementing Secure Licensing Contents Glossary Index Troubleshooting SFNTVerify Operation 178 Sentinel Hardware Keys Developer’s Guide You may even sign part of your application data (such as constants) and verify its integrity before you use it. You can implement a similar signature verification scheme for your digital content (such as, text files and images) and store the 42-bit signature as raw data in the Sentinel Key memory. Decentralize Your Security Checks Decentralizing the security checks throughout the code is a good practice. This requires each place in the code to be modified in order for the application to run without the key. Restricting them to a few places can lead to easy detection and elimination subsequently. Given below are more tips: Use In-line Functions in Place of a Centralized Function Creating a single function call that checks the key and then making function calls throughout the code does not decentralize. Instead, only the security check function must be modified to operate without the key. Use Many Different Security Checks If you use the same security check in many places of the code, then you can find each check by searching for patterns. Tip: Place the security checks in hard-to-trace operations. For example, if you scatter you check throughout a series of database operations, it can be extremely time consuming to trace the calls.
Scatter the Security Checks Tips and Tricks Contents Glossary Index Troubleshooting Security checks typically consist of multiple steps: calling the key, evaluating the returned value, and acting on the evaluation results. Instead of putting the entire strategy at one place in your code, you should disperse the check all over to make the relation between them not obvious. A security check is harder to break if its code components are physically separated into different sections of the application instead of being located together. Use Multiple Threads to Your Advantage If the work of an individual security check happens over multiple threads, then tracing through the operation can be complicated. This makes debugging the code very difficult. Use Returned Values as Variables One effective technique to hide security checks in a high-level language is to use returned values to control application flow. With this method, a value returned by the key becomes a logical pointer or selection key to the next execution step or subroutine. This makes analysis of your code more difficult. Another way to use a returned value is to add it to the value of a variable so the sum is the desired value of the variable. If the variable is used in other parts of the code, then that code is dependent on the call to the hardware key. For example, suppose that at some point in your application you want a variable to contain the floating value 13.0. Assume that one of the query strings you send to the key returns the decimal number 12,345. Set the floating variable to -12,332.0. Send the query. Add the response to the variable. Sentinel Hardware Keys Developer’s Guide 179
Page 2 and 3:
Copyright © 2009, SafeNet, Inc. Al
Page 4 and 5:
Certifications European Community D
Page 6 and 7:
FCC Compliance FC Sentinel Hardware
Page 8 and 9:
Contents Sentinel Keys Server .....
Page 10 and 11:
Contents Sending Group Files to Dis
Page 12 and 13:
Contents xii Sentinel Hardware Keys
Page 14 and 15:
Conventions Used in This Guide You
Page 16 and 17:
Technical Support Technical Support
Page 18 and 19:
We Welcome Your Comments Export Con
Page 21 and 22:
Chapter 1 Introduction In this chap
Page 23 and 24:
Sentinel Keys Protect Against Softw
Page 25 and 26:
Sentinel Keys Offer Sophisticated P
Page 27 and 28:
Sentinel Keys Offer Sophisticated P
Page 29 and 30:
The Business Layer API Functions Se
Page 31 and 32:
Programming Utility Sentinel Keys T
Page 33 and 34:
Frequently Asked Questions Contents
Page 35 and 36:
Page 37 and 38:
Chapter 2 Sentinel Hardware Keys SD
Page 39 and 40:
Compiler Interfaces Sentinel Keys L
Page 41 and 42:
Distributor Key Distributor Key Con
Page 43 and 44:
Sentinel Keys Contents Glossary Ind
Page 45 and 46:
Sentinel Keys Contents Glossary Ind
Page 47 and 48:
Sentinel Keys Server Contents Gloss
Page 49 and 50:
Sentinel System Driver Sentinel Sys
Page 51 and 52:
Backward-compatibility Information
Page 53 and 54:
Command-Line CodeCover Utility Cont
Page 55 and 56:
Key Programming APIs Contents Gloss
Page 57 and 58:
GCC a For Linux Compiler/Environmen
Page 59 and 60:
Sentinel Keys License Monitor Conte
Page 61 and 62:
Sentinel Protection Installer Conte
Page 63 and 64:
Secure Update API Frequently Asked
Page 65 and 66:
authentication.) Frequently Asked Q
Page 67 and 68:
Page 69 and 70:
Chapter 3 Planning Application Prot
Page 71 and 72:
About Features, Templates, and Grou
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
Planning Application Protection and
Page 81 and 82:
Page 83 and 84:
Enabling License Sharing Planning A
Page 85 and 86:
Page 87 and 88:
Page 89 and 90:
Page 91:
Part 2 Designing and Implementing P
Page 94 and 95:
Chapter 4 - Protecting Applications
Page 96 and 97:
Page 98 and 99:
Page 100 and 101:
Page 102 and 103:
Page 104 and 105:
Page 106 and 107:
Page 108 and 109:
Page 110 and 111:
Page 112 and 113:
Page 114 and 115:
Page 116 and 117:
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147: Chapter 5 - Protecting Applications
Page 156 and 157: Chapter 6 - Secure Remote Updates C
Page 186 and 187: Chapter 7 - Implementing Secure Lic
Page 205 and 206: Chapter 8 License Grouping This cha
Page 207 and 208: Creating New Groups To create a new
Page 209 and 210: Duplicating Groups Sending Group Fi
Page 211 and 212: Creating New Feature Instances Cont
Page 213 and 214: Export-File Manager Export-File Man
Page 215 and 216: For a Loaded Group Frequently Asked
Page 217 and 218: Update Existing Licensing Values Fr
Page 219 and 220: Stand-alone License Manager Frequen
Page 221 and 222: Chapter 9 Programming Sentinel Hard
Page 223 and 224: Programming Sentinel Keys using Sen
Page 225 and 226: To create an .wps file: Programming
Page 227 and 228: Programming Sentinel Keys using the
Page 229 and 230: Programming Sentinel Keys using the
Page 231 and 232: Frequently Asked Questions Contents
Page 233 and 234: Utility/Executable developed out of
Page 239: Part 4 Distributing Protected Appli
Page 242 and 243: Chapter 10 - Redistributables for C
Page 244 and 245: Chapter 10 - Redistributables for C
Page 246 and 247:
Chapter 10 - Redistributables for C
Page 248 and 249:
Page 250 and 251:
Page 252 and 253:
Page 254 and 255:
Page 256 and 257:
Page 258 and 259:
Page 260 and 261:
Page 262 and 263:
Appendix A - Troubleshooting Conten
Page 264 and 265:
Page 266 and 267:
Page 268 and 269:
Page 270 and 271:
Page 272 and 273:
Page 274 and 275:
Page 276 and 277:
Appendix B - Glossary Contents Glos
Page 278 and 279:
Page 280 and 281:
Page 282 and 283:
Page 284 and 285:
Page 286 and 287:
Page 288 and 289:
Page 290 and 291:
Page 292 and 293:
Page 294 and 295:
Page 296 and 297:
Appendix C - Sentinel Keys Hardware
Page 298 and 299:
Appendix D - Migration from SuperPr
Page 300 and 301:
Appendix D - Migration from SuperPr
Page 302 and 303:
Index Contents Glossary Index Troub
Page 304:
Index Contents Glossary Index Troub
show all

Sentinel Hardware Keys Developer's Guide - Customer Connection ...

Create successful ePaper yourself

Delete template?

Save as template?